Edit tour

Windows Analysis Report
North Cheshire Holdings Ltd.pdf

Overview

General Information

Sample name:North Cheshire Holdings Ltd.pdf
Analysis ID:1439494
MD5:b72bca2b4d3f036fa750f51d5e7e47d3
SHA1:da5709cd70c71f0a7bfcc5aafeb0d51cd546f9b7
SHA256:82983f17612216321613d38a92616f31e82ec6edad441fe45fabd49e86ac1e5b
Infos:

Detection

Score:21
Range:0 - 100
Whitelisted:false
Confidence:60%

Signatures

Suspicious PDF detected (based on various text indicators)
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Analysis Advice

Some HTTP requests failed (404). It is likely that the sample will exhibit less behavior.
No malicious behavior found, analyze the document also on other version of Office / Acrobat
  • System is w10x64
  • Acrobat.exe (PID: 7504 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\North Cheshire Holdings Ltd.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 7688 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 7900 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2092 --field-trial-handle=1728,i,2678301701838385624,16601363831338403521,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
  • chrome.exe (PID: 8716 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 8892 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1968,i,15698752634780464909,2133048994524742333,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Snort rule has matched

Click to jump to signature section

Show All Signature Results

Phishing

barindex
Source: Adobe Acrobat PDFOCR Text: Paul Hayes shared a folder with you. You have received 3 document(s) for your review. This message was sent to you to securely. Date created: 09/05/2024 08:30 AM Size 18.2 MB. Expiryl 13/05/2024 Ref: Proposal from North Cheshire Holdings Ltd To view documents Click View and Print Online
Source: https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6HTTP Parser: No favicon
Source: https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 23.221.246.93:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.221.246.93:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.4:49772 version: TLS 1.2
Source: Joe Sandbox ViewIP Address: 13.107.246.51 13.107.246.51
Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
Source: Joe Sandbox ViewIP Address: 13.107.213.51 13.107.213.51
Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.221.246.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.219.48.155
Source: unknownTCP traffic detected without corresponding DNS query: 23.219.48.155
Source: unknownTCP traffic detected without corresponding DNS query: 23.219.48.155
Source: unknownTCP traffic detected without corresponding DNS query: 23.219.48.155
Source: unknownTCP traffic detected without corresponding DNS query: 23.219.48.155
Source: unknownTCP traffic detected without corresponding DNS query: 23.219.48.155
Source: unknownTCP traffic detected without corresponding DNS query: 23.219.48.155
Source: unknownTCP traffic detected without corresponding DNS query: 23.219.48.155
Source: unknownTCP traffic detected without corresponding DNS query: 23.219.48.155
Source: unknownTCP traffic detected without corresponding DNS query: 23.219.48.155
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /onboarding/smskillreader.txt HTTP/1.1Host: armmf.adobe.comConnection: keep-aliveAccept-Language: en-US,en;q=0.9User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ReaderServices/23.6.20320 Chrome/105.0.0.0 Safari/537.36Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brIf-None-Match: "78-5faa31cce96da"If-Modified-Since: Mon, 01 May 2023 15:02:33 GMT
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Y49FkgBSOF+mCl+&MD=lYe4Z8or HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6 HTTP/1.1Host: assets-oce.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /oce/FormLoader/FormLoader.bundle.js HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://assets-oce.mkt.dynamics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/forms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6 HTTP/1.1Host: assets-oce.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: text/plainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /oce/FormLoader/public/locales/en-us/translation.json HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://assets-oce.mkt.dynamics.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://assets-oce.mkt.dynamics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: assets-oce.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /oce/FormLoader/public/locales/en-us/translation.json HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/images/285269d1-5c0d-ef11-9f89-6045bd401296?ts=638507845797957844 HTTP/1.1Host: assets-oce.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/forms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6 HTTP/1.1Host: assets-oce.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/images/285269d1-5c0d-ef11-9f89-6045bd401296?ts=638507845797957844 HTTP/1.1Host: assets-oce.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/v1.0/orgs/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/landingpageforms/forms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6/visits HTTP/1.1Host: public-oce.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Y49FkgBSOF+mCl+&MD=lYe4Z8or HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficDNS traffic detected: DNS query: assets-oce.mkt.dynamics.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: public-oce.mkt.dynamics.com
Source: unknownHTTP traffic detected: POST /api/v1.0/orgs/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/landingpageforms/forms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6/visits HTTP/1.1Host: public-oce.mkt.dynamics.comConnection: keep-aliveContent-Length: 153sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonContent-Type: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://assets-oce.mkt.dynamics.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 10 May 2024 09:51:13 GMTContent-Type: text/htmlContent-Length: 548Connection: closeStrict-Transport-Security: max-age=2592000; preloadx-azure-ref: 20240510T095112Z-17cb6678898xmcnz87s7quths4000000042g000000001qa0x-fd-int-roxy-purgeid: 69757193X-Cache: TCP_MISS
Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Fri, 10 May 2024 09:51:17 GMTContent-Length: 0Connection: closex-ms-trace-id: 8c868caa707503178ec6b94e57117a53Strict-Transport-Security: max-age=2592000; preload
Source: chromecache_196.8.drString found in binary or memory: https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/forms/2f424f2
Source: chromecache_199.8.dr, chromecache_195.8.drString found in binary or memory: https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/images/285269
Source: North Cheshire Holdings Ltd.pdfString found in binary or memory: https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standalonefor
Source: chromecache_196.8.drString found in binary or memory: https://cxppusa1formui01cdnsa01-endpoint.azureedge.net/oce/FormLoader/FormLoader.bundle.js
Source: chromecache_199.8.dr, chromecache_195.8.drString found in binary or memory: https://m8w.liptowni.com/zv3hup8U/
Source: chromecache_196.8.drString found in binary or memory: https://public-oce.mkt.dynamics.com/api/v1.0/orgs/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/landingpagefo
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownHTTPS traffic detected: 23.221.246.93:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.221.246.93:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.4:49772 version: TLS 1.2
Source: classification engineClassification label: sus21.phis.winPDF@40/59@10/7
Source: North Cheshire Holdings Ltd.pdfInitial sample: https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journalJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-05-10 11-50-44-351.logJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\North Cheshire Holdings Ltd.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2092 --field-trial-handle=1728,i,2678301701838385624,16601363831338403521,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1968,i,15698752634780464909,2133048994524742333,262144 /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2092 --field-trial-handle=1728,i,2678301701838385624,16601363831338403521,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1968,i,15698752634780464909,2133048994524742333,262144 /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: North Cheshire Holdings Ltd.pdfInitial sample: PDF keyword /JS count = 0
Source: North Cheshire Holdings Ltd.pdfInitial sample: PDF keyword /JavaScript count = 0
Source: A9govfqk_1g1pqqj_5uo.tmp.0.drInitial sample: PDF keyword /JS count = 0
Source: A9govfqk_1g1pqqj_5uo.tmp.0.drInitial sample: PDF keyword /JavaScript count = 0
Source: North Cheshire Holdings Ltd.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
Source: North Cheshire Holdings Ltd.pdfInitial sample: PDF keyword obj count = 58
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Spearphishing Link
Windows Management InstrumentationPath Interception1
Process Injection
1
Masquerading
OS Credential Dumping1
System Information Discovery
Remote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1439494 Sample: North Cheshire Holdings Ltd.pdf Startdate: 10/05/2024 Architecture: WINDOWS Score: 21 32 Suspicious PDF detected (based on various text indicators) 2->32 7 chrome.exe 1 2->7         started        10 Acrobat.exe 20 78 2->10         started        process3 dnsIp4 22 192.168.2.4, 138, 443, 49253 unknown unknown 7->22 24 239.255.255.250 unknown Reserved 7->24 12 chrome.exe 7->12         started        15 AcroCEF.exe 105 10->15         started        process5 dnsIp6 26 13.107.213.51, 443, 49757 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 12->26 28 part-0023.t-0009.t-msedge.net 13.107.246.51, 443, 49748, 49749 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 12->28 30 6 other IPs or domains 12->30 17 AcroCEF.exe 2 15->17         started        process7 dnsIp8 20 23.219.48.155, 443, 49740 EPMTelecomunicacionesSAESPCO United States 17->20

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
No Antivirus matches
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
part-0023.t-0009.t-msedge.net0%VirustotalBrowse
SourceDetectionScannerLabelLink
https://m8w.liptowni.com/zv3hup8U/0%Avira URL Cloudsafe

Download Network PCAP: filteredfull

NameIPActiveMaliciousAntivirus DetectionReputation
prdia888eau0aks.mkt.dynamics.com
20.70.221.64
truefalse
    high
    part-0023.t-0009.t-msedge.net
    13.107.246.51
    truefalseunknown
    www.google.com
    172.217.4.68
    truefalse
      high
      public-oce.mkt.dynamics.com
      unknown
      unknownfalse
        high
        assets-oce.mkt.dynamics.com
        unknown
        unknownfalse
          high
          NameMaliciousAntivirus DetectionReputation
          https://public-oce.mkt.dynamics.com/api/v1.0/orgs/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/landingpageforms/forms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6/visitsfalse
            high
            https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/forms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6false
              high
              https://assets-oce.mkt.dynamics.com/favicon.icofalse
                high
                https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/images/285269d1-5c0d-ef11-9f89-6045bd401296?ts=638507845797957844false
                  high
                  https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6false
                    high
                    NameSourceMaliciousAntivirus DetectionReputation
                    https://m8w.liptowni.com/zv3hup8U/chromecache_199.8.dr, chromecache_195.8.drfalse
                    • Avira URL Cloud: safe
                    unknown
                    https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/images/285269chromecache_199.8.dr, chromecache_195.8.drfalse
                      high
                      https://public-oce.mkt.dynamics.com/api/v1.0/orgs/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/landingpagefochromecache_196.8.drfalse
                        high
                        https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforNorth Cheshire Holdings Ltd.pdffalse
                          high
                          https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/forms/2f424f2chromecache_196.8.drfalse
                            high
                            • No. of IPs < 25%
                            • 25% < No. of IPs < 50%
                            • 50% < No. of IPs < 75%
                            • 75% < No. of IPs
                            IPDomainCountryFlagASNASN NameMalicious
                            13.107.246.51
                            part-0023.t-0009.t-msedge.netUnited States
                            8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                            23.219.48.155
                            unknownUnited States
                            13489EPMTelecomunicacionesSAESPCOfalse
                            239.255.255.250
                            unknownReserved
                            unknownunknownfalse
                            13.107.213.51
                            unknownUnited States
                            8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                            172.217.4.68
                            www.google.comUnited States
                            15169GOOGLEUSfalse
                            20.70.221.64
                            prdia888eau0aks.mkt.dynamics.comUnited States
                            8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                            IP
                            192.168.2.4
                            Joe Sandbox version:40.0.0 Tourmaline
                            Analysis ID:1439494
                            Start date and time:2024-05-10 11:49:55 +02:00
                            Joe Sandbox product:CloudBasic
                            Overall analysis duration:0h 5m 34s
                            Hypervisor based Inspection enabled:false
                            Report type:full
                            Cookbook file name:defaultwindowspdfcookbook.jbs
                            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                            Number of analysed new started processes analysed:14
                            Number of new started drivers analysed:0
                            Number of existing processes analysed:0
                            Number of existing drivers analysed:0
                            Number of injected processes analysed:0
                            Technologies:
                            • HCA enabled
                            • EGA enabled
                            • AMSI enabled
                            Analysis Mode:default
                            Analysis stop reason:Timeout
                            Sample name:North Cheshire Holdings Ltd.pdf
                            Detection:SUS
                            Classification:sus21.phis.winPDF@40/59@10/7
                            EGA Information:Failed
                            HCA Information:
                            • Successful, ratio: 100%
                            • Number of executed functions: 0
                            • Number of non-executed functions: 0
                            Cookbook Comments:
                            • Found application associated with file extension: .pdf
                            • Found PDF document
                            • Close Viewer
                            • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, WmiPrvSE.exe, svchost.exe
                            • Excluded IPs from analysis (whitelisted): 104.122.47.18, 54.227.187.23, 52.5.13.197, 23.22.254.206, 52.202.204.11, 23.220.206.57, 23.220.206.48, 162.159.61.3, 172.64.41.3, 199.232.214.172, 192.229.211.108, 142.250.191.163, 172.217.2.46, 142.250.111.84, 34.104.35.123, 142.250.191.202, 142.250.191.138, 172.217.0.170, 142.250.191.106, 142.250.191.234, 172.217.5.10, 142.250.191.170, 142.250.191.131, 23.55.220.138, 23.55.220.153, 172.217.4.46
                            • Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, cxppoce1xsasjote5vpge.trafficmanager.net, slscr.update.microsoft.com, assets-mkt-oce.azureedge.net, clientservices.googleapis.com, acroipm2.adobe.com, clients2.google.com, ocsp.digicert.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, update.googleapis.com, assets-mkt-oce.afd.azureedge.net, optimizationguide-pa.googleapis.com, clients1.google.com, fs.microsoft.com, accounts.google.com, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com, p13n.adobe.io, fe3cr.delivery.mp.microsoft.com, edgedl.me.gvt1.com, azureedge-t-prod.trafficmanager.net, cxppusa1formui01cdnsa01-endpoint.azureedge.net, clients.l.google.com, geo2.adobe.com, cxppusa1formui01cdnsa01-endpoint.afd.azureedge.net
                            • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                            • Not all processes where analyzed, report is missing behavior information
                            • Report size getting too big, too many NtSetInformationFile calls found.
                            No simulations
                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                            13.107.246.5120240506_120821.xlsGet hashmaliciousUnknownBrowse
                              INQUIRY#46789-MAY562024.xla.xlsxGet hashmaliciousUnknownBrowse
                                z1Pedido-Faturado-NF-938731.cmdGet hashmaliciousUnknownBrowse
                                  Undelivered Messages.htmGet hashmaliciousHTMLPhisherBrowse
                                    l51PXKBLfJ.xlsGet hashmaliciousUnknownBrowse
                                      https://techssupport.z13.web.core.windows.net/Wi0n0MntyEr00170887/index.htmlGet hashmaliciousTechSupportScamBrowse
                                        https://plannexcg.com/plannex_tool_3/Get hashmaliciousUnknownBrowse
                                          phish_alert_sp2_2.0.0.0 - 2024-04-30T152233.880.emlGet hashmaliciousHTMLPhisherBrowse
                                            https://bing.com///////////////////////////ck/a?!&&p=9800195a72dfec27JmltdHM9MTcxNDM0ODgwMCZpZ3VpZD0yOWFmMGU4ZS02MTgwLTY4NDUtMWIwOC0xYWJkNjBhYTY5MGImaW5zaWQ9NTIxNg&ptn=3&ver=2&hsh=3&fclid=29af0e8e-6180-6845-1b08-1abd60aa690b&psq=https%3A%2F%2F9dcare.com.au&u=a1aHR0cHM6Ly93d3cuOWRjYXJlLmNvbS5hdS9hYm91dC11cy8Get hashmaliciousHTMLPhisherBrowse
                                              https://cloudflare-ipfs.com/ipfs/QmbhC4yNHxbesHuqL3USBWmLSYPNT2dCWjS4ff4aRXvqFvGet hashmaliciousHTMLPhisherBrowse
                                                239.255.255.250https://urlz.fr/qBEkGet hashmaliciousUnknownBrowse
                                                  https://launchappsonedrivemicro.softr.app/Get hashmaliciousUnknownBrowse
                                                    http://app.interactsh.com/Get hashmaliciousUnknownBrowse
                                                      _Olaf Koenig-Scan from Xerox Multi.........rtfGet hashmaliciousUnknownBrowse
                                                        _Olaf Koenig-Scan from Xerox Multi.........rtfGet hashmaliciousUnknownBrowse
                                                          https://online.kellycancian.com.br/Get hashmaliciousUnknownBrowse
                                                            http://omnatuor.comGet hashmaliciousUnknownBrowse
                                                              http://eurovisionsongcontest.nlGet hashmaliciousUnknownBrowse
                                                                z1Pedido-Faturado-NF-938731.cmdGet hashmaliciousUnknownBrowse
                                                                  Undelivered Messages.htmGet hashmaliciousHTMLPhisherBrowse
                                                                    23.219.48.155https://www.dropbox.com/scl/fi/5r8uxa49x6mxtzyj6eule/pdf.zip?rlkey=bgar34hwvlq9j03y0pskhparp&dl=1Get hashmaliciousUnknownBrowse
                                                                      13.107.213.51Pepsico LLC Company Profile.xlsGet hashmaliciousUnknownBrowse
                                                                        55678_70USD.xlsGet hashmaliciousUnknownBrowse
                                                                          Undelivered Messages.htmGet hashmaliciousHTMLPhisherBrowse
                                                                            https://techssupport.z13.web.core.windows.net/Wi0n0MntyEr00170887/index.htmlGet hashmaliciousTechSupportScamBrowse
                                                                              https://bing.com///////////////////////////ck/a?!&&p=9800195a72dfec27JmltdHM9MTcxNDM0ODgwMCZpZ3VpZD0yOWFmMGU4ZS02MTgwLTY4NDUtMWIwOC0xYWJkNjBhYTY5MGImaW5zaWQ9NTIxNg&ptn=3&ver=2&hsh=3&fclid=29af0e8e-6180-6845-1b08-1abd60aa690b&psq=https%3A%2F%2F9dcare.com.au&u=a1aHR0cHM6Ly93d3cuOWRjYXJlLmNvbS5hdS9hYm91dC11cy8Get hashmaliciousHTMLPhisherBrowse
                                                                                https://cloudflare-ipfs.com/ipfs/QmbhC4yNHxbesHuqL3USBWmLSYPNT2dCWjS4ff4aRXvqFvGet hashmaliciousHTMLPhisherBrowse
                                                                                  https://infos.misterspex.com/u/nrd.php?p=3UzLDCVKiF_4240_7137468_1_11&ems_l=7807954&i=1&d=NDkzMzgwMTkz%7CM1V6TERDVktpRg%3D%3D%7COTg4OWE5OGIxODQ0NDA4NjE%3D%7CMTAyNTIyMTIwNzk%3D%7CODIwNDgwMTNiYTBkM2ZjZmVlMThiOTMxNzk2NDJhYTliZTNlNjdhNjVjNGNjMWE3NzM4Yzk1ZWJjZDU0NWJhOQ%3D%3D%7CMjAyNA%3D%3D%7CMDQ%3D%7CMjk%3D%7C&_esuh=_11_5d3c63ac95c71e355005e04eb9764bdb01e0f938d0ca4322faadf23f7b62251fGet hashmaliciousUnknownBrowse
                                                                                    https://equitifyllc-my.sharepoint.com/personal/vicbaker_equitify_us/_layouts/15/onedrive.aspx?id=/personal/vicbaker_equitify_us/Documents/Attachments-JoAnn%20Clark/View%20and%20Print%20Online%20.pdf&parent=/personal/vicbaker_equitify_us/Documents/Attachments-JoAnn%20Clark&ga=1&LOF=1Get hashmaliciousUnknownBrowse
                                                                                      https://login.portal.docdealproposal.top/viewGet hashmaliciousHTMLPhisherBrowse
                                                                                        comand#U0103 de achizi#U021bie.xla.xlsxGet hashmaliciousUnknownBrowse
                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                          part-0023.t-0009.t-msedge.net20240506_120821.xlsGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.246.51
                                                                                          Pepsico LLC Company Profile.xlsGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.213.51
                                                                                          INQUIRY#46789-MAY562024.xla.xlsxGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.246.51
                                                                                          55678_70USD.xlsGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.213.51
                                                                                          z1Pedido-Faturado-NF-938731.cmdGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.246.51
                                                                                          Undelivered Messages.htmGet hashmaliciousHTMLPhisherBrowse
                                                                                          • 13.107.213.51
                                                                                          l51PXKBLfJ.xlsGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.246.51
                                                                                          https://techssupport.z13.web.core.windows.net/Wi0n0MntyEr00170887/index.htmlGet hashmaliciousTechSupportScamBrowse
                                                                                          • 13.107.213.51
                                                                                          Alliance Bank Central Texas Open Benefits Enrollment.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                          • 13.107.213.51
                                                                                          https://operantbiz-my.sharepoint.com/:b:/g/personal/barry_operantsystems_com/EUqGyitkDWdOsrOXl4MRFSUBF3FzlrVfxabSW6W0osCoGg?e=BBhMgxGet hashmaliciousHTMLPhisherBrowse
                                                                                          • 13.107.246.51
                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                          MICROSOFT-CORP-MSN-AS-BLOCKUS20240506_120821.xlsGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.246.51
                                                                                          cert.zipGet hashmaliciousUnknownBrowse
                                                                                          • 204.79.197.237
                                                                                          Pepsico LLC Company Profile.xlsGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.213.51
                                                                                          INQUIRY#46789-MAY562024.xla.xlsxGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.246.51
                                                                                          narud#U017ebenicu 018BH2024.exeGet hashmaliciousFormBookBrowse
                                                                                          • 52.175.15.40
                                                                                          payment_0045k.xlsGet hashmaliciousRemcos, DBatLoader, PrivateLoaderBrowse
                                                                                          • 13.107.137.11
                                                                                          WS89wB6DGK.exeGet hashmaliciousMars Stealer, PrivateLoader, PureLog Stealer, Stealc, Vidar, zgRATBrowse
                                                                                          • 20.157.87.45
                                                                                          55678_70USD.xlsGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.213.51
                                                                                          z1Pedido-Faturado-NF-938731.cmdGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.246.51
                                                                                          Undelivered Messages.htmGet hashmaliciousHTMLPhisherBrowse
                                                                                          • 13.107.213.51
                                                                                          EPMTelecomunicacionesSAESPCOi7b3uBlM8k.elfGet hashmaliciousMiraiBrowse
                                                                                          • 190.29.50.131
                                                                                          wKSArWip5q.elfGet hashmaliciousUnknownBrowse
                                                                                          • 181.130.167.193
                                                                                          vniiXJivdo.elfGet hashmaliciousMiraiBrowse
                                                                                          • 190.248.105.41
                                                                                          Gb5Zd5Ird3.elfGet hashmaliciousMiraiBrowse
                                                                                          • 181.136.190.145
                                                                                          L7ktf7FKJB.elfGet hashmaliciousMiraiBrowse
                                                                                          • 190.128.48.79
                                                                                          arm7.elfGet hashmaliciousMiraiBrowse
                                                                                          • 201.184.65.16
                                                                                          qvrnc9NLPc.elfGet hashmaliciousMiraiBrowse
                                                                                          • 190.29.97.160
                                                                                          boRjYLTN4s.exeGet hashmaliciousAsyncRAT, PureLog StealerBrowse
                                                                                          • 181.131.217.222
                                                                                          922BE71C9F402C2FCFAB676571265D4F659DD9EACD877.exeGet hashmaliciousAsyncRAT, PureLog StealerBrowse
                                                                                          • 181.131.217.222
                                                                                          uXUrccWxXO.elfGet hashmaliciousUnknownBrowse
                                                                                          • 201.233.213.94
                                                                                          MICROSOFT-CORP-MSN-AS-BLOCKUS20240506_120821.xlsGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.246.51
                                                                                          cert.zipGet hashmaliciousUnknownBrowse
                                                                                          • 204.79.197.237
                                                                                          Pepsico LLC Company Profile.xlsGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.213.51
                                                                                          INQUIRY#46789-MAY562024.xla.xlsxGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.246.51
                                                                                          narud#U017ebenicu 018BH2024.exeGet hashmaliciousFormBookBrowse
                                                                                          • 52.175.15.40
                                                                                          payment_0045k.xlsGet hashmaliciousRemcos, DBatLoader, PrivateLoaderBrowse
                                                                                          • 13.107.137.11
                                                                                          WS89wB6DGK.exeGet hashmaliciousMars Stealer, PrivateLoader, PureLog Stealer, Stealc, Vidar, zgRATBrowse
                                                                                          • 20.157.87.45
                                                                                          55678_70USD.xlsGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.213.51
                                                                                          z1Pedido-Faturado-NF-938731.cmdGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.246.51
                                                                                          Undelivered Messages.htmGet hashmaliciousHTMLPhisherBrowse
                                                                                          • 13.107.213.51
                                                                                          MICROSOFT-CORP-MSN-AS-BLOCKUS20240506_120821.xlsGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.246.51
                                                                                          cert.zipGet hashmaliciousUnknownBrowse
                                                                                          • 204.79.197.237
                                                                                          Pepsico LLC Company Profile.xlsGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.213.51
                                                                                          INQUIRY#46789-MAY562024.xla.xlsxGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.246.51
                                                                                          narud#U017ebenicu 018BH2024.exeGet hashmaliciousFormBookBrowse
                                                                                          • 52.175.15.40
                                                                                          payment_0045k.xlsGet hashmaliciousRemcos, DBatLoader, PrivateLoaderBrowse
                                                                                          • 13.107.137.11
                                                                                          WS89wB6DGK.exeGet hashmaliciousMars Stealer, PrivateLoader, PureLog Stealer, Stealc, Vidar, zgRATBrowse
                                                                                          • 20.157.87.45
                                                                                          55678_70USD.xlsGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.213.51
                                                                                          z1Pedido-Faturado-NF-938731.cmdGet hashmaliciousUnknownBrowse
                                                                                          • 13.107.246.51
                                                                                          Undelivered Messages.htmGet hashmaliciousHTMLPhisherBrowse
                                                                                          • 13.107.213.51
                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                          28a2c9bd18a11de089ef85a160da29e4http://app.interactsh.com/Get hashmaliciousUnknownBrowse
                                                                                          • 40.127.169.103
                                                                                          • 23.221.246.93
                                                                                          _Olaf Koenig-Scan from Xerox Multi.........rtfGet hashmaliciousUnknownBrowse
                                                                                          • 40.127.169.103
                                                                                          • 23.221.246.93
                                                                                          http://omnatuor.comGet hashmaliciousUnknownBrowse
                                                                                          • 40.127.169.103
                                                                                          • 23.221.246.93
                                                                                          z1Pedido-Faturado-NF-938731.cmdGet hashmaliciousUnknownBrowse
                                                                                          • 40.127.169.103
                                                                                          • 23.221.246.93
                                                                                          Undelivered Messages.htmGet hashmaliciousHTMLPhisherBrowse
                                                                                          • 40.127.169.103
                                                                                          • 23.221.246.93
                                                                                          https://1drv.ms/u/s!AvRvEmgJ5d9kgly3z-uh2_ANgH5hGet hashmaliciousUnknownBrowse
                                                                                          • 40.127.169.103
                                                                                          • 23.221.246.93
                                                                                          https://1drv.ms/u/s!AvRvEmgJ5d9kgly3z-uh2_ANgH5hGet hashmaliciousUnknownBrowse
                                                                                          • 40.127.169.103
                                                                                          • 23.221.246.93
                                                                                          https://neoparts.com.br/dayo/e0qi/Wk4tTE9HQGNkd2UuY29tLnR3$?utp=consumer&Get hashmaliciousUnknownBrowse
                                                                                          • 40.127.169.103
                                                                                          • 23.221.246.93
                                                                                          https://1drv.ms/u/s!AvRvEmgJ5d9kgly3z-uh2_ANgH5hGet hashmaliciousUnknownBrowse
                                                                                          • 40.127.169.103
                                                                                          • 23.221.246.93
                                                                                          securedoc_20240509T112530.htmlGet hashmaliciousUnknownBrowse
                                                                                          • 40.127.169.103
                                                                                          • 23.221.246.93
                                                                                          No context
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          File Type:ASCII text
                                                                                          Category:dropped
                                                                                          Size (bytes):292
                                                                                          Entropy (8bit):5.1651136914859235
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:Dt7uSN9+q2Pwkn2nKuAl9OmbnIFUt86t7uSNJZmw+6t7uz9VkwOwkn2nKuAl9Omt:Dt7v4vYfHAahFUt86t7vJ/+6t7cD5JfC
                                                                                          MD5:B052EBF6B75C79C9E6FAF0DB14E1BD3F
                                                                                          SHA1:F70AB7420A89F3F69A7D20838E9C0881714A439C
                                                                                          SHA-256:85C03018E222EC025537190F4D3BC477BBCC6468A016A0CF3B70F65F789B94FD
                                                                                          SHA-512:4A8E78A30BEEEF5179BA739D72A5025984CCB3A8304ECE461C6AE6CA545B95F6FE26F8272E44014E92B2D0FC179DF3FBC6610FB4EC5EA2083132D5A6ACE4BBAC
                                                                                          Malicious:false
                                                                                          Reputation:low
                                                                                          Preview:2024/05/10-11:50:42.116 1e28 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/05/10-11:50:42.116 1e28 Recovering log #3.2024/05/10-11:50:42.117 1e28 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          File Type:ASCII text
                                                                                          Category:dropped
                                                                                          Size (bytes):292
                                                                                          Entropy (8bit):5.1651136914859235
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:Dt7uSN9+q2Pwkn2nKuAl9OmbnIFUt86t7uSNJZmw+6t7uz9VkwOwkn2nKuAl9Omt:Dt7v4vYfHAahFUt86t7vJ/+6t7cD5JfC
                                                                                          MD5:B052EBF6B75C79C9E6FAF0DB14E1BD3F
                                                                                          SHA1:F70AB7420A89F3F69A7D20838E9C0881714A439C
                                                                                          SHA-256:85C03018E222EC025537190F4D3BC477BBCC6468A016A0CF3B70F65F789B94FD
                                                                                          SHA-512:4A8E78A30BEEEF5179BA739D72A5025984CCB3A8304ECE461C6AE6CA545B95F6FE26F8272E44014E92B2D0FC179DF3FBC6610FB4EC5EA2083132D5A6ACE4BBAC
                                                                                          Malicious:false
                                                                                          Reputation:low
                                                                                          Preview:2024/05/10-11:50:42.116 1e28 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/05/10-11:50:42.116 1e28 Recovering log #3.2024/05/10-11:50:42.117 1e28 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          File Type:ASCII text
                                                                                          Category:dropped
                                                                                          Size (bytes):336
                                                                                          Entropy (8bit):5.192236523828763
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:Dt7uft+q2Pwkn2nKuAl9Ombzo2jMGIFUt86t7u65Zmw+6t7uvVkwOwkn2nKuAl97:Dt7TvYfHAa8uFUt86t7R/+6t7M5JfHAv
                                                                                          MD5:D2FDAE3BFE6A73BE8BE6D9D43A4991AA
                                                                                          SHA1:A3F416D9A6B0C6545519B624819E10499E64B9ED
                                                                                          SHA-256:9E86EBF876F8B6B7B872A4CDB3818D122736539D5CB94F7D2F682D6D549AA3D1
                                                                                          SHA-512:ABDBE77862C1B8BCAD3B4AF8FFB6D5BB6C51CC2B05E0778ACE0600C3AD26382D1A2CFC0D433F4832EB885196C24DDD1293CF5882DFDFFDAED8ABF03242469F00
                                                                                          Malicious:false
                                                                                          Reputation:low
                                                                                          Preview:2024/05/10-11:50:42.174 1f28 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/05/10-11:50:42.175 1f28 Recovering log #3.2024/05/10-11:50:42.176 1f28 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          File Type:ASCII text
                                                                                          Category:dropped
                                                                                          Size (bytes):336
                                                                                          Entropy (8bit):5.192236523828763
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:Dt7uft+q2Pwkn2nKuAl9Ombzo2jMGIFUt86t7u65Zmw+6t7uvVkwOwkn2nKuAl97:Dt7TvYfHAa8uFUt86t7R/+6t7M5JfHAv
                                                                                          MD5:D2FDAE3BFE6A73BE8BE6D9D43A4991AA
                                                                                          SHA1:A3F416D9A6B0C6545519B624819E10499E64B9ED
                                                                                          SHA-256:9E86EBF876F8B6B7B872A4CDB3818D122736539D5CB94F7D2F682D6D549AA3D1
                                                                                          SHA-512:ABDBE77862C1B8BCAD3B4AF8FFB6D5BB6C51CC2B05E0778ACE0600C3AD26382D1A2CFC0D433F4832EB885196C24DDD1293CF5882DFDFFDAED8ABF03242469F00
                                                                                          Malicious:false
                                                                                          Reputation:low
                                                                                          Preview:2024/05/10-11:50:42.174 1f28 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/05/10-11:50:42.175 1f28 Recovering log #3.2024/05/10-11:50:42.176 1f28 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):475
                                                                                          Entropy (8bit):4.968694759048396
                                                                                          Encrypted:false
                                                                                          SSDEEP:12:YH/um3RA8sqZcOQBsBdOg2HsAcaq3QYiubInP7E4T3y:Y2sRdsGdMH83QYhbG7nby
                                                                                          MD5:A68FA6C54B1175C186ABFFDFBB7B4644
                                                                                          SHA1:A3CA0049C1DE574A2D3D7AF5C305CB03AB7777D9
                                                                                          SHA-256:4C7D56165FA60ECE79F7C925D85A59E5E5E42DDF9DFC508E16CAF671F542B675
                                                                                          SHA-512:55147172157354A8C55895AD37DCAA141C295BEBBF22EB0E83E98225A55131B257F0C7ECBA3E5EBF3546EE34A9ADA689E731F1EFED8351B21512E26E092E2E2F
                                                                                          Malicious:false
                                                                                          Reputation:low
                                                                                          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13359894654071001","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":113147},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.4","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):475
                                                                                          Entropy (8bit):4.968694759048396
                                                                                          Encrypted:false
                                                                                          SSDEEP:12:YH/um3RA8sqZcOQBsBdOg2HsAcaq3QYiubInP7E4T3y:Y2sRdsGdMH83QYhbG7nby
                                                                                          MD5:A68FA6C54B1175C186ABFFDFBB7B4644
                                                                                          SHA1:A3CA0049C1DE574A2D3D7AF5C305CB03AB7777D9
                                                                                          SHA-256:4C7D56165FA60ECE79F7C925D85A59E5E5E42DDF9DFC508E16CAF671F542B675
                                                                                          SHA-512:55147172157354A8C55895AD37DCAA141C295BEBBF22EB0E83E98225A55131B257F0C7ECBA3E5EBF3546EE34A9ADA689E731F1EFED8351B21512E26E092E2E2F
                                                                                          Malicious:false
                                                                                          Reputation:low
                                                                                          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13359894654071001","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":113147},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.4","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          File Type:data
                                                                                          Category:dropped
                                                                                          Size (bytes):4730
                                                                                          Entropy (8bit):5.25561968158519
                                                                                          Encrypted:false
                                                                                          SSDEEP:96:etJCV4FAsszrNamjTN/2rjYMta02fDtehgO7BtTgo7Gr9yTfUZ:etJCV4FiN/jTN/2r8Mta02fEhgO73goA
                                                                                          MD5:53F593634B366F2CFE26E9AD946B856D
                                                                                          SHA1:7512375940A79D995228313ED2D59A32FF555259
                                                                                          SHA-256:B50F4E06B55A9B2BD1E6F86C297137147A40895F42305E4A5EF052BEC059F906
                                                                                          SHA-512:6F0FB78E98134962835CD5FF7C721BD2CE868AE9638D4AC290666B6C5E65D51CC2E39193FC4753400B7D46F30DFB5CC9829CD131EA51068FCEC327F65B6B3E78
                                                                                          Malicious:false
                                                                                          Reputation:low
                                                                                          Preview:*...#................version.1..namespace-['O.o................next-map-id.1.Pnamespace-158f4913_074a_4bdf_b463_eb784cc805b4-https://rna-resource.acrobat.com/.0>...r................next-map-id.2.Snamespace-fd2db5bd_ef7e_4124_bfa7_f036ce1d74e5-https://rna-v2-resource.acrobat.com/.1O..r................next-map-id.3.Snamespace-cd5be8d1_42d2_481d_ac0e_f904ae470bda-https://rna-v2-resource.acrobat.com/.2.\.o................next-map-id.4.Pnamespace-6070ce43_6a74_4d0a_9cb8_0db6c3126811-https://rna-resource.acrobat.com/.3....^...............Pnamespace-158f4913_074a_4bdf_b463_eb784cc805b4-https://rna-resource.acrobat.com/..|.^...............Pnamespace-6070ce43_6a74_4d0a_9cb8_0db6c3126811-https://rna-resource.acrobat.com/n..Fa...............Snamespace-fd2db5bd_ef7e_4124_bfa7_f036ce1d74e5-https://rna-v2-resource.acrobat.com/DQ..a...............Snamespace-cd5be8d1_42d2_481d_ac0e_f904ae470bda-https://rna-v2-resource.acrobat.com/i.`do................next-map-id.5.Pnamespace-de635bf2_6773_4d83_ad16_
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          File Type:ASCII text
                                                                                          Category:dropped
                                                                                          Size (bytes):324
                                                                                          Entropy (8bit):5.231549419060917
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:Dt7sfJ+q2Pwkn2nKuAl9OmbzNMxIFUt86t7s/Zmw+6t7s/VkwOwkn2nKuAl9Ombg:Dt7sfEvYfHAa8jFUt86t7s//+6t7st51
                                                                                          MD5:2EB2BAB0B057F5F9290B70B2D6D6C77B
                                                                                          SHA1:3F38A445FA46F7B52C055770C25525B40B42723F
                                                                                          SHA-256:D20F8893335AAB4F1FF9E55118C1B9241EDD1C0FE239DDBC3EE7B3ACF2A7ACE8
                                                                                          SHA-512:70A03DBED233E462BEB345BE68528253928767651E466613273B1D0AF9312BA4CC458947FB514FFEC0618590BAE8B1BEE56614C7011E029D0CCA7CF1D45C9C9A
                                                                                          Malicious:false
                                                                                          Reputation:low
                                                                                          Preview:2024/05/10-11:50:42.367 1f28 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/05/10-11:50:42.369 1f28 Recovering log #3.2024/05/10-11:50:42.369 1f28 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          File Type:ASCII text
                                                                                          Category:dropped
                                                                                          Size (bytes):324
                                                                                          Entropy (8bit):5.231549419060917
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:Dt7sfJ+q2Pwkn2nKuAl9OmbzNMxIFUt86t7s/Zmw+6t7s/VkwOwkn2nKuAl9Ombg:Dt7sfEvYfHAa8jFUt86t7s//+6t7st51
                                                                                          MD5:2EB2BAB0B057F5F9290B70B2D6D6C77B
                                                                                          SHA1:3F38A445FA46F7B52C055770C25525B40B42723F
                                                                                          SHA-256:D20F8893335AAB4F1FF9E55118C1B9241EDD1C0FE239DDBC3EE7B3ACF2A7ACE8
                                                                                          SHA-512:70A03DBED233E462BEB345BE68528253928767651E466613273B1D0AF9312BA4CC458947FB514FFEC0618590BAE8B1BEE56614C7011E029D0CCA7CF1D45C9C9A
                                                                                          Malicious:false
                                                                                          Reputation:low
                                                                                          Preview:2024/05/10-11:50:42.367 1f28 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/05/10-11:50:42.369 1f28 Recovering log #3.2024/05/10-11:50:42.369 1f28 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
                                                                                          Category:dropped
                                                                                          Size (bytes):71190
                                                                                          Entropy (8bit):0.5853630661806756
                                                                                          Encrypted:false
                                                                                          SSDEEP:96:HUFSDZ0rdWfan6fS4aQ4JRqgT10D0yXElXmJ6/Asl:HUsadWyn6fS1Q4TqcSD0yX0m8Dl
                                                                                          MD5:7414D244549851CF24F0BF30F72B67AD
                                                                                          SHA1:965E3E3BA0E581F9A2584C9E1EBE694A72D9A592
                                                                                          SHA-256:9A11854724B390777FD7522D1605BC88BB766FAD301C5B5401815DED1C893272
                                                                                          SHA-512:44FA5EE6C514BD34017FF77BF335688876860A082F4BABB3E8BB5ED49A822E700F2704F1A450DFB8BE51EFC1FA430FF54982586198E6841FC2638B6DD8E9A324
                                                                                          Malicious:false
                                                                                          Preview:BM........6...(...u...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 15, database pages 21, cookie 0x5, schema 4, UTF-8, version-valid-for 15
                                                                                          Category:dropped
                                                                                          Size (bytes):86016
                                                                                          Entropy (8bit):4.4449771807549645
                                                                                          Encrypted:false
                                                                                          SSDEEP:384:yezci5tHiBA7aDQPsknQ0UNCFOa14ocOUw6zyFzqFkdZ+EUTTcdUZ5yDQhJL:rss3OazzU89UTTgUL
                                                                                          MD5:E4BA1576A91CA53CE992F9D82A95700F
                                                                                          SHA1:015D8C64EE063214CA2FE647AF2473F71DE1244F
                                                                                          SHA-256:6FD1D7AFC4BC996B20879942C8C441167E9242D98AA539962D2EB792EC341857
                                                                                          SHA-512:A26503E91CA640BF35CDCA7F49FB8C5A33BD7851B48E47C740BDECDA7B34FB46CC20CC79DB21B8D42EC5AC1E83595C9F1247ACE5A706C38D1936C30BFB481BB9
                                                                                          Malicious:false
                                                                                          Preview:SQLite format 3......@ ..........................................................................c.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:SQLite Rollback Journal
                                                                                          Category:dropped
                                                                                          Size (bytes):8720
                                                                                          Entropy (8bit):3.7748717159624467
                                                                                          Encrypted:false
                                                                                          SSDEEP:48:7Mpp/E2ioyVBCioy9oWoy1Cwoy1ExKOioy1noy1AYoy1Wioy1hioybioyDoy1noq:7WpjuBCFLjXKQm9b9IVXEBodRBkr
                                                                                          MD5:0DDF36287BCD77074996DAADD7D4889D
                                                                                          SHA1:3842FDF98458F9103985EEA31312FA87DDB21E9A
                                                                                          SHA-256:C3EFF4BAE547EC45B92C28A787218C91D7DA045B334481E433428F98C6A60919
                                                                                          SHA-512:05378784132B53BCAB189013C086AD6D4A993C56E6DB24F5380F3CF6DEAF1C9C62925D8BFD61EE504FAAF48428B6DF12E1D3AB99694B2CF0568F340633B3C19C
                                                                                          Malicious:false
                                                                                          Preview:.... .c......FH................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................T...[...b...r...t...}.....L..............................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:PostScript document text
                                                                                          Category:dropped
                                                                                          Size (bytes):185099
                                                                                          Entropy (8bit):5.182478651346149
                                                                                          Encrypted:false
                                                                                          SSDEEP:1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC
                                                                                          MD5:94185C5850C26B3C6FC24ABC385CDA58
                                                                                          SHA1:42F042285037B0C35BC4226D387F88C770AB5CAA
                                                                                          SHA-256:1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
                                                                                          SHA-512:652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344
                                                                                          Malicious:false
                                                                                          Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Reg.FamilyName:Agency FB.StyleName:Regular.MenuName:Agency FB.StyleBits:0.WeightClass:400.WidthClass:3.AngleClass:0.FullName:Agency FB.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB.FileLength:58920.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Bold.FamilyName:Agency FB.StyleName:Bold.MenuName:Agency FB.StyleBits:2.WeightClass:700.WidthClass:3.AngleClass:0.FullName:Agency FB Bold.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB Bold.FileLength:60656.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB Bold.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Algerian.FamilyName:Algerian.StyleName:Regular.MenuName:Algerian.StyleBits:0.We
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:PostScript document text
                                                                                          Category:dropped
                                                                                          Size (bytes):185099
                                                                                          Entropy (8bit):5.182478651346149
                                                                                          Encrypted:false
                                                                                          SSDEEP:1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC
                                                                                          MD5:94185C5850C26B3C6FC24ABC385CDA58
                                                                                          SHA1:42F042285037B0C35BC4226D387F88C770AB5CAA
                                                                                          SHA-256:1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
                                                                                          SHA-512:652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344
                                                                                          Malicious:false
                                                                                          Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Reg.FamilyName:Agency FB.StyleName:Regular.MenuName:Agency FB.StyleBits:0.WeightClass:400.WidthClass:3.AngleClass:0.FullName:Agency FB.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB.FileLength:58920.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Bold.FamilyName:Agency FB.StyleName:Bold.MenuName:Agency FB.StyleBits:2.WeightClass:700.WidthClass:3.AngleClass:0.FullName:Agency FB Bold.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB Bold.FileLength:60656.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB Bold.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Algerian.FamilyName:Algerian.StyleName:Regular.MenuName:Algerian.StyleBits:0.We
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:data
                                                                                          Category:dropped
                                                                                          Size (bytes):243196
                                                                                          Entropy (8bit):3.3450692389394283
                                                                                          Encrypted:false
                                                                                          SSDEEP:1536:vKPCPiyzDtrh1cK3XEivK7VK/3AYvYwgqErRo+RQn:yPClJ/3AYvYwghFo+RQn
                                                                                          MD5:F5567C4FF4AB049B696D3BE0DD72A793
                                                                                          SHA1:EBEADDE9FF0AF2C201A5F7CC747C9EA61CFA6916
                                                                                          SHA-256:D8DBFE71873929825A420F73821F3FF0254D51984FAAA82E1B89D31188F77C04
                                                                                          SHA-512:E769735991E5B1331E259608854D00CDA4F3E92285FDC500158CBD09CBCCEAD8A387F78256A43919B13EBE70C995D19242377C315B0CCBBD4F813251608C1D56
                                                                                          Malicious:false
                                                                                          Preview:Adobe Acrobat Reader (64-bit) 23.6.20320....?A12_AV2_Search_18px.............................................................................................................KKK KKK.KKK.KKK.KKK.KKK.KKK@........................................KKK`KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.............................KKKPKKK.KKK.KKK.KKK.........KKKPKKK.KKK.KKK.........................KKK.KKK.KKK.KKK0....................KKK.KKK.KKK.KKK`....................KKK`KKK.KKK.............................KKK@KKK.KKK.....................KKK.KKK.KKK0................................KKK.KKK.....................KKK.KKK.....................................KKK.KKK.....................KKK.KKK.KKK0................................KKK.KKK.....................KKK`KKK.KKK.............................KKK@KKK.KKK.....................KKK.KKK.KKK.KKK@....................KKK.KKK.KKK.KKK`........................KKKPKKK.KKK.KKK.KKK.........KKKPKKK.KKK.KKK.KKK.............................KKK`KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):295
                                                                                          Entropy (8bit):5.3644610752381094
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:YEQXJ2HXISnDhccW9n9VoZcg1vRcR0Y38DoAvJM3g98kUwPeUkwRe9:YvXKXRlMhEZc0vAnGMbLUkee9
                                                                                          MD5:ADC66E723A2D4BF76A957FB6A5240810
                                                                                          SHA1:936B5C280E6EAB6BBD423F7966ADA4ABFAE12354
                                                                                          SHA-256:38F5F22A56E7531427AC45E3AA02831836027D41FB1F5A222BC426575F74731F
                                                                                          SHA-512:1C34B24AB1B1892DD0A71D75874CC5A288C97F8FF8EF3E9FB13BFB47CDBF6D50F78A0AA04195F5A56E48E2F1E6F8D145E36AF478200799B8D4C3B510AD1EEE6E
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"ACROBAT_READER_MASTER_SURFACEID","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):294
                                                                                          Entropy (8bit):5.312930775035804
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:YEQXJ2HXISnDhccW9n9VoZcg1vRcR0Y38DoAvJfBoTfXpnrPeUkwRe9:YvXKXRlMhEZc0vAnGWTfXcUkee9
                                                                                          MD5:9A52FDEFE7A45227DC8E9C6325353AA6
                                                                                          SHA1:53CCA30B64A099D5B15538871CA158C7778AAD56
                                                                                          SHA-256:A518DBDB50E885E78AF66E0F7837F0ACF1E47A394706988D8396DF2CC039EC10
                                                                                          SHA-512:9B440DF83D143B346A6439549E02F258F1C61286D25A2A0A4A40D70A3E23995E751BC6536FC9EFA395149C9F89C56577D3B664500E7298405916CED648D3D36D
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"DC_FirstMile_Home_View_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):294
                                                                                          Entropy (8bit):5.291600837460028
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:YEQXJ2HXISnDhccW9n9VoZcg1vRcR0Y38DoAvJfBD2G6UpnrPeUkwRe9:YvXKXRlMhEZc0vAnGR22cUkee9
                                                                                          MD5:1D4180BFC54E138BF43FC97A14FE8F5E
                                                                                          SHA1:B968AD449C88FB222C682A8F73DEAEC257F1C658
                                                                                          SHA-256:AEE00E57B186322B78EA8FC8DE385FF743ADDD67A0CD53F1B56998CFF051281B
                                                                                          SHA-512:4D3F8FCD4CC3EF6369CDDB726F8A56E8038F9D7F304C3E81EAC8076C530C58B9D79389B18A9315ED7371909063952F87086A849140E9AE0A8B56C5ED3340FAA9
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"DC_FirstMile_Right_Sec_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):285
                                                                                          Entropy (8bit):5.351510096834002
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:YEQXJ2HXISnDhccW9n9VoZcg1vRcR0Y38DoAvJfPmwrPeUkwRe9:YvXKXRlMhEZc0vAnGH56Ukee9
                                                                                          MD5:6F1D3839C36D7E8BA505AE55D9FEDCC0
                                                                                          SHA1:8ABA8001327AE0A5AFB94DE86D40F68859894021
                                                                                          SHA-256:6794946CE53D95AE4E1CA5E9612B1D5374C51B3F1F5FEB7990BF34FCB086B564
                                                                                          SHA-512:BEC2A3E0B1B0ADB23FA47C66927DEA621279F040E7D7DCD99EC3518586A20C330D607E6E24CB7A42E305F60437367859112528AE2E305738CDF98A444FC896D8
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"DC_READER_LAUNCH_CARD","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):292
                                                                                          Entropy (8bit):5.308651661312492
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:YEQXJ2HXISnDhccW9n9VoZcg1vRcR0Y38DoAvJfJWCtMdPeUkwRe9:YvXKXRlMhEZc0vAnGBS8Ukee9
                                                                                          MD5:624028A8D8A84531BA0EC1747D273278
                                                                                          SHA1:7998FD1BF58940C1BD191151561779087A47EB10
                                                                                          SHA-256:D11D3D3AA18623DA3377F4EA425FF77CD9FEABFEB1CA7A48DF7B4CF55D11BBB9
                                                                                          SHA-512:70F462EF8A82185069B6BBB72F23D2F82B4E90C7451719C7D244EDF69C210F38DF378D21EA732D55E5D452DBF5132F75884EA83DE13C5BE1779504D417AE3924
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"DC_Reader_Convert_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):289
                                                                                          Entropy (8bit):5.295609978526266
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:YEQXJ2HXISnDhccW9n9VoZcg1vRcR0Y38DoAvJf8dPeUkwRe9:YvXKXRlMhEZc0vAnGU8Ukee9
                                                                                          MD5:9605865858E2DB87E88C6A1CF5C297D8
                                                                                          SHA1:ECDA8529B38502BEEBF52BCEAF1061E7A94BCD66
                                                                                          SHA-256:B0C4AB659DCBA1BA5DF3E6142E3BA537FEE6EA9F2AB1D915A2971C659AEC1B8D
                                                                                          SHA-512:C001D5BF669C5E301610E582517CD1979E96979F75F64402FC441214103212DC6D8088C4552938AF4BF263D9B1B8CE35453E3423557E86C884DC559B357177A0
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):292
                                                                                          Entropy (8bit):5.29871193405274
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:YEQXJ2HXISnDhccW9n9VoZcg1vRcR0Y38DoAvJfQ1rPeUkwRe9:YvXKXRlMhEZc0vAnGY16Ukee9
                                                                                          MD5:1B0E9337E569C54FD4485642FD4CB76B
                                                                                          SHA1:75276DEB35458C1C42F150DC5E9BFA69FF86E327
                                                                                          SHA-256:84CA15451EBDB4A74DE1ED107EF3AD36ECA7D8770C4658F0A0F3D2C306E2467E
                                                                                          SHA-512:B7A7E79A8EEC8F3373BB5A0BA2148DBDE709A702A333D9921320A4D98844D581E9F256752304A20C8CD0C5906F53CBD346CB5E7B805AD5D1DE7269BCCD7B8670
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):289
                                                                                          Entropy (8bit):5.305367510152905
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:YEQXJ2HXISnDhccW9n9VoZcg1vRcR0Y38DoAvJfFldPeUkwRe9:YvXKXRlMhEZc0vAnGz8Ukee9
                                                                                          MD5:3B5118700946206392D4E4C8AFCA018E
                                                                                          SHA1:C996286FA959E67054DF61760B7037B5D8FE1446
                                                                                          SHA-256:04A59A2C1E5851E3C6716A8FBC9604B58A4D085BFA4615273D9041D8BA029F63
                                                                                          SHA-512:E06293F541D8800384ADE153DC1D8FB58B3CB74C7613FDFFAACEF03905EEE58E4893879AB71CB4CCBEDE51C99D031519F799A1F93C9B1E062B96F665974E2101
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"DC_Reader_Edit_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):1372
                                                                                          Entropy (8bit):5.735467442372677
                                                                                          Encrypted:false
                                                                                          SSDEEP:24:Yv6XRlgEzv0KLgENRcbrZbq00iCCBrwJo++ns8ct4mFJNrQ:YvOl/MEgigrNt0wSJn+ns8cvFJhQ
                                                                                          MD5:1FB26EC24C7411F61A71F2B675B78F26
                                                                                          SHA1:739F79AF47B7E85F54138FABDDAD22C54475B08A
                                                                                          SHA-256:00BCEBBEE08ED438A625614B4190196A701882CF7D0743802EBCB1BD18F29AA7
                                                                                          SHA-512:318AD540FD68320307F295550112DCB2B16927C2AC8FB2794610E7B82F661BB7C0F5DD8BD499813ED294D7DAADACC5EE28738FDD7455793C9220555A65F63685
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"DC_Reader_Home_LHP_Trial_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Home_LHP_Trial_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"79887_247329ActionBlock_0","campaignId":79887,"containerId":"1","controlGroupId":"","treatmentId":"acc56846-d570-4500-a26e-7f8cf2b4acad","variationId":"247329"},"containerId":1,"containerLabel":"JSON for DC_Reader_Home_LHP_Trial_Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJUcnkgQWNyb2JhdCBQcm8ifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNSIsImZvbnRfc3R5bGUiOiIwIn0sImRlc2NyaXB0aW9uX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTMiLCJmb250X3N0eWxlIjoiLTEifSwidGl0bGUiOiJGcmVlIDctZGF5IHRyaWFsIiwiZGVzY3JpcHRpb24iOiJHZXQgdW5saW1pdGVkIGFjY2VzcyB0byBwcmVtaXVtIFBERiBhbmQgZS1zaWduaW5nIHRvb2xzLiIsImJ
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):289
                                                                                          Entropy (8bit):5.301814769884197
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:YEQXJ2HXISnDhccW9n9VoZcg1vRcR0Y38DoAvJfYdPeUkwRe9:YvXKXRlMhEZc0vAnGg8Ukee9
                                                                                          MD5:73AE2F082A7A11E79D88D790C5AB9629
                                                                                          SHA1:58356111DC7C8126E812BCC1F5472343406DB0C0
                                                                                          SHA-256:D4768F6A205D0E5F91EEE6E04D2EFF14EA6CEE0F3AD508F315AFD87FC523D776
                                                                                          SHA-512:E7A553D87C943927665DA5DC4AF7062F7F6BF389296201CD18DACCC90B95FE053E8447880BF7983EA08459BDD765B799534AFC608DA97B458939FD06209A80B3
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"DC_Reader_More_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):1395
                                                                                          Entropy (8bit):5.771395896949813
                                                                                          Encrypted:false
                                                                                          SSDEEP:24:Yv6XRlgEzvbrLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJNTQ:YvOl/DHgDv3W2aYQfgB5OUupHrQ9FJ1Q
                                                                                          MD5:3B55B032E613C820A75DD52EBEA1C08C
                                                                                          SHA1:F6414DD42D2D75C98844E8704A80874C30424C08
                                                                                          SHA-256:351325AD7FB6CB59A54FDA6A63B787B28E13424435B3B643FBB6066AA1378589
                                                                                          SHA-512:FDC2F299D792BA568AB05CFBB37445FD2D01E5F9467DFE529AFF9E7A9E1EB79E2E6DD6D4EB2BB43C16CD54BC0A5BF4673238A5B89010185013DD2CC7782CAE97
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"DC_Reader_RHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_RHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"57802_176003ActionBlock_0","campaignId":57802,"containerId":"1","controlGroupId":"","treatmentId":"d0374f2d-08b2-49b9-9500-3392758c9e2e","variationId":"176003"},"containerId":1,"containerLabel":"JSON for Reader DC RHP Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctRGF5IFRyaWFsIiwiZ29fdXJsIjoiaHR0cHM6Ly9hY3JvYmF0LmFkb2JlLmNvbS9wcm94eS9wcmljaW5nL3VzL2VuL3NpZ24tZnJlZS10cmlhbC5odG1sP3RyYWNraW5naWQ9UEMxUFFMUVQmbXY9aW4tcHJvZHVjdCZtdjI9cmVhZGVyIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjEyIiwiZm9udF9zdHlsZSI6IjMifSwidGl0
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):291
                                                                                          Entropy (8bit):5.285349394912808
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:YEQXJ2HXISnDhccW9n9VoZcg1vRcR0Y38DoAvJfbPtdPeUkwRe9:YvXKXRlMhEZc0vAnGDV8Ukee9
                                                                                          MD5:9610FCEA703FD3D3EDB7234DECB4BE26
                                                                                          SHA1:58B59555985815F1A74463D5C8BE2D9CE832761A
                                                                                          SHA-256:209A03ED001076A6685831121FD660BBF0D4ECE8EF49C92FF1AD07396C1ED7DE
                                                                                          SHA-512:FB9266AE6D4C5146948AF710D5A9CB9422C5D7A231D1F221028DDD9B5B342C3E655E0FD45AAEB599232FA9ACC303BD7D41AB1781C88FA9BC424B906F6BA6CA75
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"DC_Reader_RHP_Intent_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):287
                                                                                          Entropy (8bit):5.2897115860632224
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:YEQXJ2HXISnDhccW9n9VoZcg1vRcR0Y38DoAvJf21rPeUkwRe9:YvXKXRlMhEZc0vAnG+16Ukee9
                                                                                          MD5:9556210DDCBA3B5798DE9D7DCD3A601F
                                                                                          SHA1:000EA471E3E24E80A802745CF47FC4C541C304F1
                                                                                          SHA-256:DFF55C6BCDE62B50FF229AABB3D0188FF81E2E808FBFF9FC17BD44F73060BFF4
                                                                                          SHA-512:2501DB4E9933EA3CF4FB53AC9057768F16203C052F7DDA09267BD1F5E3553965A3AF214CF41CF637D83AAA12B3414DFD9A9DEAFE1F6EAB721BD977F4970A3B47
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"DC_Reader_RHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):289
                                                                                          Entropy (8bit):5.309190235727512
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:YEQXJ2HXISnDhccW9n9VoZcg1vRcR0Y38DoAvJfbpatdPeUkwRe9:YvXKXRlMhEZc0vAnGVat8Ukee9
                                                                                          MD5:F2A6F25E7045443D86FB00F13282A332
                                                                                          SHA1:51F906D02C4A926035D107935295CA0AE7D32C9A
                                                                                          SHA-256:DF74D12E12D04466F4941360C6846C5C8A23FC9E02D5DD1F76BFE3A4517A207C
                                                                                          SHA-512:02058A562CC41935FDFC0534926DF178D61AF5B994C171EBC1EE7053A39D74AC237BDD8C8DD4E77E716A24A583339C1EB5BE40E3415E33918A0FF08384FCAD99
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"DC_Reader_Sign_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):286
                                                                                          Entropy (8bit):5.266219707179238
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:YEQXJ2HXISnDhccW9n9VoZcg1vRcR0Y38DoAvJfshHHrPeUkwRe9:YvXKXRlMhEZc0vAnGUUUkee9
                                                                                          MD5:964FC74458CFCF4BDECDDC0727DDF14D
                                                                                          SHA1:94B7F80C556CF5FA6CE67F7269D1216F045C9C40
                                                                                          SHA-256:755FF9F2109C48DAD814F0DDA1DA1CD6B10A09999856F368A182B67EF6A13FE5
                                                                                          SHA-512:51F1DF8C717B91D4D0BAD1B36E7FB1BE4D7F96480ED8936E87F291162FBD085D35575218DD0542E8368E92F3A2ACB541A836F9DF1A736C5C82B078265B88053A
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"DC_Reader_Upsell_Cards","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):782
                                                                                          Entropy (8bit):5.363700704711613
                                                                                          Encrypted:false
                                                                                          SSDEEP:12:YvXKXRlMhEZc0vAnGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWfQ:Yv6XRlgEzvi168CgEXX5kcIfANhmQ
                                                                                          MD5:6CB69D43B9520E473D53650ED549D209
                                                                                          SHA1:1B3595A17664C3A71C8487243796E013DE6CC187
                                                                                          SHA-256:D198E921AD18D22DCC6135E1A01502573784CC4771317BBB5F8D0FC464C4763C
                                                                                          SHA-512:95CCEEE398454B69AEBD93A644F8C159E21C7A8A126374BBEE84F94BD2EB9604F3E8AFA6C04CEC078C8D4072D27077B8E604DF99B4BEC1387B97F1323088B587
                                                                                          Malicious:false
                                                                                          Preview:{"analyticsData":{"responseGUID":"c5d279c5-85ee-4a38-bdee-b3590c200136","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1715509232129,"statusCode":200,"surfaceID":"Edit_InApp_Aug2020","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"Edit_InApp_Aug2020"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"20360_57769ActionBlock_0","campaignId":20360,"containerId":"1","controlGroupId":"","treatmentId":"3c07988a-9c54-409d-9d06-53885c9f21ec","variationId":"57769"},"containerId":1,"containerLabel":"JSON for switching in-app test","content":{"data":"eyJ1cHNlbGxleHBlcmltZW50Ijp7InRlc3RpZCI6IjEiLCJjb2hvcnQiOiJicm93c2VyIn19","dataType":"application\/json","encodingScheme":true},"endDTS":1735804679000,"startDTS":1715334647165}}}}
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:data
                                                                                          Category:dropped
                                                                                          Size (bytes):4
                                                                                          Entropy (8bit):0.8112781244591328
                                                                                          Encrypted:false
                                                                                          SSDEEP:3:e:e
                                                                                          MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                                                                                          SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                                                                                          SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                                                                                          SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                                                                                          Malicious:false
                                                                                          Preview:....
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):2814
                                                                                          Entropy (8bit):5.135336768725029
                                                                                          Encrypted:false
                                                                                          SSDEEP:24:YCLsTqAuLldCdJNNe6PaQsKaa4HOays6WYc64Oxms9Qi3Dj4xU3yj0StzjZsegul:YCqk4J7e6Y642EmlEhPw4JvVungh9b
                                                                                          MD5:CC56AF9D7EC1C96D8E1871FA4549A62B
                                                                                          SHA1:727153470EEDD75BC95BA9B5501EBCA7D293D489
                                                                                          SHA-256:A88A45EE0C9213905EA5D8F82AB7C39B83387B85AE83BC2BBCBE61F04817CDDD
                                                                                          SHA-512:31DD11DB04B4287EE2778A4773D9DABEBDF417DDE49B1F49A5D3544EF34C3CFFD35EC51F9C8E47B20B0EE8E43452F5C6F628FD4D1F969D4E0EAD0C8A978A7C2E
                                                                                          Malicious:false
                                                                                          Preview:{"all":[{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"734b892beff8e80dcceb324f5ac99776","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":289,"ts":1715334646000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"8ee9176ccb32a972e88fce106bcaf83e","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":1372,"ts":1715334646000},{"id":"DC_Reader_RHP_Banner","info":{"dg":"fcdb745f7a4e2e5ec693fe3a70af3aec","sid":"DC_Reader_RHP_Banner"},"mimeType":"file","size":1395,"ts":1715334646000},{"id":"Edit_InApp_Aug2020","info":{"dg":"3a82d6279f464cae6ceb2ddee240eaa2","sid":"Edit_InApp_Aug2020"},"mimeType":"file","size":782,"ts":1715334646000},{"id":"DC_Reader_Disc_LHP_Retention","info":{"dg":"c5b871699f8e66e6b4d2179ff4e16e45","sid":"DC_Reader_Disc_LHP_Retention"},"mimeType":"file","size":292,"ts":1715334646000},{"id":"DC_Reader_More_LHP_Banner","info":{"dg":"cd8d2fc0576ae188a6430653dcfdf017","sid":"DC_Reader_More_LHP_Banner"},"mimeType":"file","size":289,"ts":1715334646000},
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 25, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 25
                                                                                          Category:dropped
                                                                                          Size (bytes):12288
                                                                                          Entropy (8bit):1.1880031388769297
                                                                                          Encrypted:false
                                                                                          SSDEEP:48:TGufl2GL7msEHUUUUUUUUzCSvR9H9vxFGiDIAEkGVvpHk:lNVmswUUUUUUUUzC+FGSItzk
                                                                                          MD5:5CA46F5AE7098E844BFEE2429312A92E
                                                                                          SHA1:E7BA354D16CF79E1DA80D524A851306C57DB9925
                                                                                          SHA-256:A83420FBF5E7608B35B68F2CBC6C9E23295BAF07ECAB46C77BDBCD4878529C97
                                                                                          SHA-512:40F11817853851EC62AE4A34617A73858BE020667178911A5C5EC29D8BCC757A0CBF42E54F4682CF32C8A88D17EB155E97E3479552800F8D38DBC0B066DA392D
                                                                                          Malicious:false
                                                                                          Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:SQLite Rollback Journal
                                                                                          Category:dropped
                                                                                          Size (bytes):8720
                                                                                          Entropy (8bit):1.6058251360749858
                                                                                          Encrypted:false
                                                                                          SSDEEP:48:7Mf1KUUUUUUUUUUzQvR9H9vxFGiDIAEkGVvEqFl2GL7msP:7jUUUUUUUUUUzoFGSItuKVmsP
                                                                                          MD5:CEB26702D886FCF6BD8E84AD034FF28F
                                                                                          SHA1:7B01B5B5A2BF7B7559FE22F120B6BDC4253D4D72
                                                                                          SHA-256:A818403F4398093589D8F6856D7038D81BA498F6E2C1CD13562E8D98C1BCE471
                                                                                          SHA-512:CFC4CB5F0A01CE304A69326168A1ABFB99036C585C16EACE27F23F920F855EFD799536AB25CBEBC016C88ED03FC44E60FE52460D870482681D95016681062999
                                                                                          Malicious:false
                                                                                          Preview:.... .c.....+2])......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................f.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                          Category:dropped
                                                                                          Size (bytes):246
                                                                                          Entropy (8bit):3.4973455600014702
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8EeyXH:Qw946cPbiOxDlbYnuRK+g
                                                                                          MD5:00975C55DF49309133C8B53980CF3921
                                                                                          SHA1:09BB54D9158153578CD4C3CDD8B9D904C7A171F7
                                                                                          SHA-256:10BE87AF6BF59B8FAACC1D72F88DE177AAA90EEF058268FA4122FB2B4347DA83
                                                                                          SHA-512:FB23E1471D3B41D70827035D6E853F9793A8AF4B028CFBCEDEEB3AE66D7A7746D736E9A4A6E5792BAB9BC8055145AD480C6DD340B7508559C40D22B26F62E3DB
                                                                                          Malicious:false
                                                                                          Preview:..E.r.r.o.r. .2.7.1.1...T.h.e. .s.p.e.c.i.f.i.e.d. .F.e.a.t.u.r.e. .n.a.m.e. .(.'.A.R.M.'.). .n.o.t. .f.o.u.n.d. .i.n. .F.e.a.t.u.r.e. .t.a.b.l.e.......=.=.=. .L.o.g.g.i.n.g. .s.t.o.p.p.e.d.:. .1.0./.0.5./.2.0.2.4. . .1.1.:.5.0.:.5.1. .=.=.=.....
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:PDF document, version 1.6, 0 pages
                                                                                          Category:dropped
                                                                                          Size (bytes):358
                                                                                          Entropy (8bit):5.025063320332418
                                                                                          Encrypted:false
                                                                                          SSDEEP:6:IngVMrexJzJT0y9VEQIFVmb/eu2g/86S1kxROOkmaZcxaZcwCSyAAO:IngVMre9T0HQIDmy9g06JX3q2qVlX
                                                                                          MD5:2FC7ADED5041BA72A078D974D4816546
                                                                                          SHA1:5515D52BCA29C0833F8E9F2212777E1F9645862E
                                                                                          SHA-256:1087AC1D6C95AAB3A0251E53510BAC1960EE9FB49151A45E92F1C3289F66B99B
                                                                                          SHA-512:491934CCBB63EDDE73D9B303899C0D4E2450C25EBA12002B5247CDC3B47C582785CF3810CAF7F61D709D7D8228B58801E30F7204176FF22C51FC28F94DC41E23
                                                                                          Malicious:false
                                                                                          Preview:%PDF-1.6.%......1 0 obj.<</Pages 2 0 R/Type/Catalog>>.endobj.2 0 obj.<</Count 0/Kids[]/Type/Pages>>.endobj.3 0 obj.<<>>.endobj.xref..0 4..0000000000 65535 f..0000000016 00000 n..0000000061 00000 n..0000000107 00000 n..trailer..<</Size 4/Root 1 0 R/Info 3 0 R/ID[<64E3ED02B96CDE4EBFCF9931712C2E20><64E3ED02B96CDE4EBFCF9931712C2E20>]>>..startxref..127..%%EOF..
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:ASCII text, with very long lines (393)
                                                                                          Category:dropped
                                                                                          Size (bytes):16525
                                                                                          Entropy (8bit):5.345946398610936
                                                                                          Encrypted:false
                                                                                          SSDEEP:384:zHIq8qrq0qoq/qUILImCIrImI9IWdFdDdoPtPTPtP7ygyAydy0yGV///X/J/VokV:nNW
                                                                                          MD5:8947C10F5AB6CFFFAE64BCA79B5A0BE3
                                                                                          SHA1:70F87EEB71BA1BE43D2ABAB7563F94C73AB5F778
                                                                                          SHA-256:4F3449101521DA7DF6B58A2C856592E1359BA8BD1ACD0688ECF4292BA5388485
                                                                                          SHA-512:B76DB9EF3AE758F00CAF0C1705105C875838C7801F7265B17396466EECDA4BCD915DA4611155C5F2AD1C82A800C1BEC855E52E2203421815F915B77AA7331CA0
                                                                                          Malicious:false
                                                                                          Preview:SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:088+0100 ThreadID=3400 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_NglAppLib Description="SetConfig:
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:ASCII text, with very long lines (393), with CRLF line terminators
                                                                                          Category:dropped
                                                                                          Size (bytes):16603
                                                                                          Entropy (8bit):5.350971456697118
                                                                                          Encrypted:false
                                                                                          SSDEEP:384:stJoK+3aD8YYVMRFLfAPtn6NqpW7/7B1CcW4sGP+FdiMWzdzCyb7O7+TIuNYzbfh:q87
                                                                                          MD5:DD7687DB230486D392AE4808E662D477
                                                                                          SHA1:68A937D73C111E2DFA282DCE88663DFB691B0CB9
                                                                                          SHA-256:A4DBD2F8AB9E220FF78A221C301BFFC0AE537205AEE74AF42437ED4BB80745F1
                                                                                          SHA-512:019EDF0F18609994E4C2475D59498D12D6934D6815CD8C8F62EA3FCDEADE773FC628EBDF22C9E3BB29E381C6A85AE94438F7BD1ABF2DA42657DF98FBD74E48CE
                                                                                          Malicious:false
                                                                                          Preview:SessionID=10b6b455-8d3e-4824-9e0b-0e3d908016a8.1715334644376 Timestamp=2024-05-10T11:50:44:376+0200 ThreadID=7664 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------"..SessionID=10b6b455-8d3e-4824-9e0b-0e3d908016a8.1715334644376 Timestamp=2024-05-10T11:50:44:377+0200 ThreadID=7664 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found"..SessionID=10b6b455-8d3e-4824-9e0b-0e3d908016a8.1715334644376 Timestamp=2024-05-10T11:50:44:377+0200 ThreadID=7664 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!"..SessionID=10b6b455-8d3e-4824-9e0b-0e3d908016a8.1715334644376 Timestamp=2024-05-10T11:50:44:377+0200 ThreadID=7664 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1"..SessionID=10b6b455-8d3e-4824-9e0b-0e3d908016a8.1715334644376 Timestamp=2024-05-10T11:50:44:378+0200 ThreadID=7664 Component=ngl-lib_NglAppLib Description="SetConf
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                          Category:dropped
                                                                                          Size (bytes):29845
                                                                                          Entropy (8bit):5.382344506227396
                                                                                          Encrypted:false
                                                                                          SSDEEP:768:anddBuBYZwcfCnwZCnR8Bu5hx18HoCnLlAY+iCBuzhLCnx1CnPrRRFS10l8gT2rs:bk
                                                                                          MD5:CF97D00C2688391C20FFFF46E5EFA566
                                                                                          SHA1:BF9AD83A17117FC12BE11113F6C9529125ABB790
                                                                                          SHA-256:9F4F3F841863A66779779A37ED9ABBFC82B8E59B38F165A7D0CA6A400BB48847
                                                                                          SHA-512:5B0364BC3C240C88B972E16D21826731BC10520C62505F541467448C44DA5643F8D84B24913E4CC61848DEC32134915876A8236E65AF9DAE931108771B5B67C8
                                                                                          Malicious:false
                                                                                          Preview:03-10-2023 12:50:40:.---2---..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : ***************************************..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : ***************************************..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : Starting NGL..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..03-10-2023 12:50:40:.Closing File..03-10-
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
                                                                                          Category:dropped
                                                                                          Size (bytes):758601
                                                                                          Entropy (8bit):7.98639316555857
                                                                                          Encrypted:false
                                                                                          SSDEEP:12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg
                                                                                          MD5:3A49135134665364308390AC398006F1
                                                                                          SHA1:28EF4CE5690BF8A9E048AF7D30688120DAC6F126
                                                                                          SHA-256:D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B
                                                                                          SHA-512:BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5
                                                                                          Malicious:false
                                                                                          Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
                                                                                          Category:dropped
                                                                                          Size (bytes):386528
                                                                                          Entropy (8bit):7.9736851559892425
                                                                                          Encrypted:false
                                                                                          SSDEEP:6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m
                                                                                          MD5:5C48B0AD2FEF800949466AE872E1F1E2
                                                                                          SHA1:337D617AE142815EDDACB48484628C1F16692A2F
                                                                                          SHA-256:F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
                                                                                          SHA-512:44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324
                                                                                          Malicious:false
                                                                                          Preview:...........]s[G. Z...{....;...J$%K&..%.[..k...S....$,.`. )Z..m........a.......o..7.VfV...S..HY}Ba.<.NUVVV~W.].;qG4..b,N..#1.=1.#1..o.Fb.........IC.....Z...g_~.OO.l..g.uO...bY.,[..o.s.D<..W....w....?$4..+..%.[.?..h.w<.T.9.vM.!..h0......}..H..$[...lq,....>..K.)=..s.{.g.O...S9".....Q...#...+..)>=.....|6......<4W.'.U.j$....+..=9...l.....S..<.\.k.'....{.1<.?..<..uk.v;.7n.!...g....."P..4.U........c.KC..w._G..u..g./.g....{'^.-|..h#.g.\.PO.|...]x..Kf4..s..............+.Y.....@.K....zI..X......6e?[..u.g"{..h.vKbM<.?i6{%.q)i...v..<P8P3.......CW.fwd...{:@h...;........5..@.C.j.....a.. U.5...].$.L..wW....z...v.......".M.?c.......o..}.a.9..A..%V..o.d....'..|m.WC.....|.....e.[W.p.8...rm....^..x'......5!...|......z..#......X_..Gl..c..R..`...*.s-1f..]x......f...g...k........g....... ).3.B..{"4...!r....v+As...Zn.]K{.8[..M.r.Y..........+%...]...J}f]~}_..K....;.Z.[..V.&..g...>...{F..{I..@~.^.|P..G.R>....U..../HY...(.z.<.~.9OW.Sxo.Y
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
                                                                                          Category:dropped
                                                                                          Size (bytes):1407294
                                                                                          Entropy (8bit):7.97605879016224
                                                                                          Encrypted:false
                                                                                          SSDEEP:24576:/M7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07tOWLaGZ4ZwYIGNPS:RB3mlind9i4ufFXpAXkrfUs0kWLaGZ48
                                                                                          MD5:1D64D25345DD73F100517644279994E6
                                                                                          SHA1:DE807F82098D469302955DCBE1A963CD6E887737
                                                                                          SHA-256:0A05C4CE0C4D8527D79A3C9CEE2A8B73475F53E18544622E4656C598BC814DFC
                                                                                          SHA-512:C0A37437F84B4895A7566E278046CFD50558AD84120CA0BD2EAD2259CA7A30BD67F0BDC4C043D73257773C607259A64B6F6AE4987C8B43BB47241F3C78EB9416
                                                                                          Malicious:false
                                                                                          Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.
                                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
                                                                                          Category:dropped
                                                                                          Size (bytes):1419751
                                                                                          Entropy (8bit):7.976496077007677
                                                                                          Encrypted:false
                                                                                          SSDEEP:24576:/xA7owWLaGZDwYIGNPJodpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:JVwWLaGZDwZGk3mlind9i4ufFXpAXkru
                                                                                          MD5:18E3D04537AF72FDBEB3760B2D10C80E
                                                                                          SHA1:B313CD0B25E41E5CF0DFB83B33AB3E3C7678D5CC
                                                                                          SHA-256:BBEF113A2057EE7EAC911DC960D36D4A62C262DAE5B1379257908228243BD6F4
                                                                                          SHA-512:2A5B9B0A5DC98151AD2346055DF2F7BFDE62F6069A4A6A9AB3377B644D61AE31609B9FC73BEE4A0E929F84BF30DA4C1CDE628915AC37C7542FD170D12DE41298
                                                                                          Malicious:false
                                                                                          Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.
                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          File Type:PNG image data, 1600 x 1189, 8-bit/color RGBA, non-interlaced
                                                                                          Category:dropped
                                                                                          Size (bytes):73947
                                                                                          Entropy (8bit):7.85208958769485
                                                                                          Encrypted:false
                                                                                          SSDEEP:1536:/3fnoYs2lNKl8QVW/iDehVI16kSNwp7kU7V9B7RxEZwoG:/PoRlQvVI1qGOEVv7YZwoG
                                                                                          MD5:3A091B8B0AF2225155C70E0915E1A0C5
                                                                                          SHA1:DBD539A03DB625585A2D68831A56522844C38FC7
                                                                                          SHA-256:64FBC5854EA158FC46497376CA32D3DC5BA37213C8E061607FF00D04A26B7F25
                                                                                          SHA-512:E971CF88B70D5901E4D868EF45BED2C85670A6326AB48BBC4EC2211C58CBF70B8EE1D9FAD33B67768663210640021C93DAA07B8D3826A507EC3F6E3FE7804D80
                                                                                          Malicious:false
                                                                                          Preview:.PNG........IHDR...@................ cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs..........(J.....IDATx...w..w]..G..m....(-....e#2dD.Ad(..Qp!....*.E....n......'..,A..-Pf..3...BNC.&.9'..o.sKr......:.>....~..............m.......6n^..g.Y......3....0w.+.Xm....X>....`..E..~.qT;.}.....OU.W.....3.....?U}e..>Ym........Y]8..eW...H..`..@......!.A..q.......Z....C.......j.........v. .6..m../6..V[./U.m.%...Q}u...W............`....c]ux#..VurujuZuJ....F.qX.{c....F(r~.C......G....'.>w.u..G.#..,".....*.$.X..9Nh...O~..F.qLc.C.....Fg.....O6:H>Q}..L#..Fu........N.........K...V7i..8...q...h.\..2....U.[...\.{..].E.....D....,.....5fp\..t..v\'a.j.V}.:..).......W...v.....L....\-W.x.\..mu..V.$.6.7..:.....z_c......@ ...,.....{.*:<n^..ucv.q..@.ErQc....a.;.[g}.1O..."..L3.....[..=..Nj...O.1......*....Tg..pua....F....|.n.<.h..8..[u..F..b...=..Toi.".o......"...o....`..cmuBc~.&.7l...l.U.k...=..i..0....A.....h.....;Wwolmu...g.].........>.N.C.!........,.
                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          File Type:HTML document, ASCII text, with CRLF line terminators
                                                                                          Category:downloaded
                                                                                          Size (bytes):548
                                                                                          Entropy (8bit):4.688532577858027
                                                                                          Encrypted:false
                                                                                          SSDEEP:12:TjeRHVIdtklI5r8INGlTF5TF5TF5TF5TF5TFK:neRH68DTPTPTPTPTPTc
                                                                                          MD5:370E16C3B7DBA286CFF055F93B9A94D8
                                                                                          SHA1:65F3537C3C798F7DA146C55AEF536F7B5D0CB943
                                                                                          SHA-256:D465172175D35D493FB1633E237700022BD849FA123164790B168B8318ACB090
                                                                                          SHA-512:75CD6A0AC7D6081D35140ABBEA018D1A2608DD936E2E21F61BF69E063F6FA16DD31C62392F5703D7A7C828EE3D4ECC838E73BFF029A98CED8986ACB5C8364966
                                                                                          Malicious:false
                                                                                          URL:https://assets-oce.mkt.dynamics.com/favicon.ico
                                                                                          Preview:<html>..<head><title>404 Not Found</title></head>..<body>..<center><h1>404 Not Found</h1></center>..<hr><center>nginx</center>..</body>..</html>.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->..
                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          File Type:JSON data
                                                                                          Category:dropped
                                                                                          Size (bytes):1304
                                                                                          Entropy (8bit):4.68425644587903
                                                                                          Encrypted:false
                                                                                          SSDEEP:24:mioTJODICcnv8cKoexKc846vgBie9ZY8mlvOq8RvLNHVENggeGg:micaIPU7oeoc8xYBfmlgRjNOen
                                                                                          MD5:DBAC2EBFBE18E8C7CF3830AF4C420E77
                                                                                          SHA1:78ADD1C663DD8B4AD6BBF89E48376015EA08A85A
                                                                                          SHA-256:491377DB69C365D489C88BD4AC641D341B52E6A70B034390A5FC3D161268BCA5
                                                                                          SHA-512:7DBFFD0FB6EC417AB7481919357D20D78224C9B97D180B603CFCD8F8808EA8FD54A4D15103178C15A985C563BE80CBBB6391E58D06C42F1062DF0948E79F7880
                                                                                          Malicious:false
                                                                                          Preview:{.. "FormFailedToLoad": "Failed to load form",.. "FormFailedToLoadCors": "The form can not be loaded on a domain that hasn't been allowed for external form hosting or there is a network connectivity issue",.. "LearnMore": "Learn more",.. "FormSubmitted": "Form submitted",.. "FormSubmitError": "Error submitting the form",.. "Reload": "Reload",.. "LookupLoading": "loading...",.. "LookupGenericError": "There was a problem retrieving items. Try again later.",.. "ValidationRequiredField": "This field is required",.. "EventFailedToLoad": "Failed to load event.",.. "EventAtCapacity": "This event is no longer accepting registrations.",.. "EventNotLive": "We are still setting up this event. Please check again in some time or contact the event organizer ",.. "SubmissionErrorEventNotLive": "Registrations for this event have been closed. We look forward to seeing you at our next event.",.. "SubmissionErrorEventCapacityIsFull": "Registrations for this event have been closed. We.re a
                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          File Type:HTML document, ASCII text, with very long lines (1048)
                                                                                          Category:downloaded
                                                                                          Size (bytes):29425
                                                                                          Entropy (8bit):4.4329309281153835
                                                                                          Encrypted:false
                                                                                          SSDEEP:192:lHVYB4GEwZT1TpSGCeRH8u/Lj7Ma9xPcjBsvLNrqbVb+6JknFjlirg1qaR3H0ZPX:Y4V4iCqaRXrZ+b
                                                                                          MD5:0FD878960D1260F0DC9B6EB0D7D197C0
                                                                                          SHA1:C6F94462EFB4FCCC99A2DE8C7DB8078FAE1F86B3
                                                                                          SHA-256:209305B31776F795B923163E729966AE306BE24BBEF06F16E43B8D94B438EB76
                                                                                          SHA-512:8DC3FE8CB857CC3FF6C84D222A047A3273A38385D7CB59DD803816903849A9ED203C89A7A112D291DD97411ACC74FCD5D242F363C43A25CABE5FACDE80181602
                                                                                          Malicious:false
                                                                                          URL:https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/forms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6
                                                                                          Preview:<!DOCTYPE html><html><head>. <meta http-equiv="Content-Type" content="text/html; charset=utf-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <title>Marketing Form</title>. <meta name="referrer" content="never">. <meta type="xrm/designer/setting" name="type" value="marketing-designer-content-editor-document">. <meta type="xrm/designer/setting" name="layout-editable" value="marketing-designer-layout-editable">. <style>. .editor-control-layout html {. box-sizing: border-box;. background-color: #fff;. }. .editor-control-layout *,. .editor-control-layout *:before,. .editor-control-layout *:after {. box-sizing: inherit;. }.. .marketingForm h1 {. color: #000;. margin: 0px;. padding: 0px;. width: 100%;. font-family: "Segoe
                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          File Type:HTML document, ASCII text
                                                                                          Category:downloaded
                                                                                          Size (bytes):491
                                                                                          Entropy (8bit):5.034364587943775
                                                                                          Encrypted:false
                                                                                          SSDEEP:12:s8gcIZ8//4S02cToi2llJ2c5cItmh6BAdgxMAdb:IO/AH2cTopB2cHtLAdgxbb
                                                                                          MD5:0AB5D58CBAE6E73D4209E47CF8769351
                                                                                          SHA1:7C65F9CEFABE6B724823EA8A9AA630214785A56D
                                                                                          SHA-256:6D7BA65D2EE0C5BCA5970CB12FB082238741D11C5A6823C549F8EB166CB8AD4B
                                                                                          SHA-512:509EAD31347F4FC3EA3D569B99D8431DFD35A0721DADC9F3658A45F9A02B621221DB04D9D3B3E5725511998C2DA5EFD3098DF8F6A5C937D2AE444A435C474665
                                                                                          Malicious:false
                                                                                          URL:https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6
                                                                                          Preview:<div. data-form-id='2f424f2e-fc0d-ef11-9f89-6045bd4015e6'. data-form-api-url='https://public-oce.mkt.dynamics.com/api/v1.0/orgs/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/landingpageforms'. data-cached-form-url='https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/forms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6' ></div>. <script src = 'https://cxppusa1formui01cdnsa01-endpoint.azureedge.net/oce/FormLoader/FormLoader.bundle.js' ></script>
                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          File Type:PNG image data, 1600 x 1189, 8-bit/color RGBA, non-interlaced
                                                                                          Category:downloaded
                                                                                          Size (bytes):73947
                                                                                          Entropy (8bit):7.85208958769485
                                                                                          Encrypted:false
                                                                                          SSDEEP:1536:/3fnoYs2lNKl8QVW/iDehVI16kSNwp7kU7V9B7RxEZwoG:/PoRlQvVI1qGOEVv7YZwoG
                                                                                          MD5:3A091B8B0AF2225155C70E0915E1A0C5
                                                                                          SHA1:DBD539A03DB625585A2D68831A56522844C38FC7
                                                                                          SHA-256:64FBC5854EA158FC46497376CA32D3DC5BA37213C8E061607FF00D04A26B7F25
                                                                                          SHA-512:E971CF88B70D5901E4D868EF45BED2C85670A6326AB48BBC4EC2211C58CBF70B8EE1D9FAD33B67768663210640021C93DAA07B8D3826A507EC3F6E3FE7804D80
                                                                                          Malicious:false
                                                                                          URL:https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/images/285269d1-5c0d-ef11-9f89-6045bd401296?ts=638507845797957844
                                                                                          Preview:.PNG........IHDR...@................ cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs..........(J.....IDATx...w..w]..G..m....(-....e#2dD.Ad(..Qp!....*.E....n......'..,A..-Pf..3...BNC.&.9'..o.sKr......:.>....~..............m.......6n^..g.Y......3....0w.+.Xm....X>....`..E..~.qT;.}.....OU.W.....3.....?U}e..>Ym........Y]8..eW...H..`..@......!.A..q.......Z....C.......j.........v. .6..m../6..V[./U.m.%...Q}u...W............`....c]ux#..VurujuZuJ....F.qX.{c....F(r~.C......G....'.>w.u..G.#..,".....*.$.X..9Nh...O~..F.qLc.C.....Fg.....O6:H>Q}..L#..Fu........N.........K...V7i..8...q...h.\..2....U.[...\.{..].E.....D....,.....5fp\..t..v\'a.j.V}.:..).......W...v.....L....\-W.x.\..mu..V.$.6.7..:.....z_c......@ ...,.....{.*:<n^..ucv.q..@.ErQc....a.;.[g}.1O..."..L3.....[..=..Nj...O.1......*....Tg..pua....F....|.n.<.h..8..[u..F..b...=..Toi.".o......"...o....`..cmuBc~.&.7l...l.U.k...=..i..0....A.....h.....;Wwolmu...g.].........>.N.C.!........,.
                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          File Type:JSON data
                                                                                          Category:downloaded
                                                                                          Size (bytes):1304
                                                                                          Entropy (8bit):4.68425644587903
                                                                                          Encrypted:false
                                                                                          SSDEEP:24:mioTJODICcnv8cKoexKc846vgBie9ZY8mlvOq8RvLNHVENggeGg:micaIPU7oeoc8xYBfmlgRjNOen
                                                                                          MD5:DBAC2EBFBE18E8C7CF3830AF4C420E77
                                                                                          SHA1:78ADD1C663DD8B4AD6BBF89E48376015EA08A85A
                                                                                          SHA-256:491377DB69C365D489C88BD4AC641D341B52E6A70B034390A5FC3D161268BCA5
                                                                                          SHA-512:7DBFFD0FB6EC417AB7481919357D20D78224C9B97D180B603CFCD8F8808EA8FD54A4D15103178C15A985C563BE80CBBB6391E58D06C42F1062DF0948E79F7880
                                                                                          Malicious:false
                                                                                          URL:https://cxppusa1formui01cdnsa01-endpoint.azureedge.net/oce/FormLoader/public/locales/en-us/translation.json
                                                                                          Preview:{.. "FormFailedToLoad": "Failed to load form",.. "FormFailedToLoadCors": "The form can not be loaded on a domain that hasn't been allowed for external form hosting or there is a network connectivity issue",.. "LearnMore": "Learn more",.. "FormSubmitted": "Form submitted",.. "FormSubmitError": "Error submitting the form",.. "Reload": "Reload",.. "LookupLoading": "loading...",.. "LookupGenericError": "There was a problem retrieving items. Try again later.",.. "ValidationRequiredField": "This field is required",.. "EventFailedToLoad": "Failed to load event.",.. "EventAtCapacity": "This event is no longer accepting registrations.",.. "EventNotLive": "We are still setting up this event. Please check again in some time or contact the event organizer ",.. "SubmissionErrorEventNotLive": "Registrations for this event have been closed. We look forward to seeing you at our next event.",.. "SubmissionErrorEventCapacityIsFull": "Registrations for this event have been closed. We.re a
                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          File Type:HTML document, ASCII text, with very long lines (1048)
                                                                                          Category:dropped
                                                                                          Size (bytes):29425
                                                                                          Entropy (8bit):4.4329309281153835
                                                                                          Encrypted:false
                                                                                          SSDEEP:192:lHVYB4GEwZT1TpSGCeRH8u/Lj7Ma9xPcjBsvLNrqbVb+6JknFjlirg1qaR3H0ZPX:Y4V4iCqaRXrZ+b
                                                                                          MD5:0FD878960D1260F0DC9B6EB0D7D197C0
                                                                                          SHA1:C6F94462EFB4FCCC99A2DE8C7DB8078FAE1F86B3
                                                                                          SHA-256:209305B31776F795B923163E729966AE306BE24BBEF06F16E43B8D94B438EB76
                                                                                          SHA-512:8DC3FE8CB857CC3FF6C84D222A047A3273A38385D7CB59DD803816903849A9ED203C89A7A112D291DD97411ACC74FCD5D242F363C43A25CABE5FACDE80181602
                                                                                          Malicious:false
                                                                                          Preview:<!DOCTYPE html><html><head>. <meta http-equiv="Content-Type" content="text/html; charset=utf-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <title>Marketing Form</title>. <meta name="referrer" content="never">. <meta type="xrm/designer/setting" name="type" value="marketing-designer-content-editor-document">. <meta type="xrm/designer/setting" name="layout-editable" value="marketing-designer-layout-editable">. <style>. .editor-control-layout html {. box-sizing: border-box;. background-color: #fff;. }. .editor-control-layout *,. .editor-control-layout *:before,. .editor-control-layout *:after {. box-sizing: inherit;. }.. .marketingForm h1 {. color: #000;. margin: 0px;. padding: 0px;. width: 100%;. font-family: "Segoe
                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          File Type:ASCII text, with very long lines (65461)
                                                                                          Category:downloaded
                                                                                          Size (bytes):711081
                                                                                          Entropy (8bit):5.444336573525724
                                                                                          Encrypted:false
                                                                                          SSDEEP:3072:Ns0tPO7ZVKF61InSjikH0Gu0r2ee6PnBdHQdU1HECHttsMkO3bBqMG/+9coZukG6:N7tPOCWPQdUzCO3bBL9jZVGiMRlRhxkR
                                                                                          MD5:FDC2BE4EB54FF521EB5F6CA57AEDAE03
                                                                                          SHA1:580FEFB1274BB5A21E34DC206D3F042512CA2EDC
                                                                                          SHA-256:36C366BC39F4B2EB17CC2EAC87B9B94199CB4DFC0FF9F3D8A2F4C2EADE1BB9C3
                                                                                          SHA-512:42939CBF474C6593774F5B5FF13A5E9FCDDE7CAAE05229CBE9804C1368337B892EB3ED96CA85133A34AC0551696B4995EA203773B474BF31E50780BF9BDD53C2
                                                                                          Malicious:false
                                                                                          URL:https://cxppusa1formui01cdnsa01-endpoint.azureedge.net/oce/FormLoader/FormLoader.bundle.js
                                                                                          Preview:/*! For license information please see FormLoader.bundle.js.LICENSE.txt */.var d365mktforms;(()=>{var e,t,n={317:function(e,t){var n="undefined"!=typeof self?self:this,r=function(){function e(){this.fetch=!1,this.DOMException=n.DOMException}return e.prototype=n,new e}();!function(e){!function(t){var n="URLSearchParams"in e,r="Symbol"in e&&"iterator"in Symbol,i="FileReader"in e&&"Blob"in e&&function(){try{return new Blob,!0}catch(e){return!1}}(),a="FormData"in e,o="ArrayBuffer"in e;if(o)var s=["[object Int8Array]","[object Uint8Array]","[object Uint8ClampedArray]","[object Int16Array]","[object Uint16Array]","[object Int32Array]","[object Uint32Array]","[object Float32Array]","[object Float64Array]"],u=ArrayBuffer.isView||function(e){return e&&s.indexOf(Object.prototype.toString.call(e))>-1};function c(e){if("string"!=typeof e&&(e=String(e)),/[^a-z0-9\-#$%&'*+.^_`|~]/i.test(e))throw new TypeError("Invalid character in header field name");return e.toLowerCase()}function l(e){return"strin
                                                                                          File type:PDF document, version 1.7, 1 pages
                                                                                          Entropy (8bit):7.9289376878632565
                                                                                          TrID:
                                                                                          • Adobe Portable Document Format (5005/1) 100.00%
                                                                                          File name:North Cheshire Holdings Ltd.pdf
                                                                                          File size:128'411 bytes
                                                                                          MD5:b72bca2b4d3f036fa750f51d5e7e47d3
                                                                                          SHA1:da5709cd70c71f0a7bfcc5aafeb0d51cd546f9b7
                                                                                          SHA256:82983f17612216321613d38a92616f31e82ec6edad441fe45fabd49e86ac1e5b
                                                                                          SHA512:9acedb27c1bf530a0820e00f9d340d993e5fcb5a2d905bb374688da25e13fc3304ac47dcd373967bae3039d2f3cab236e51b0f3fa707f06548e9ef3103fdb4a5
                                                                                          SSDEEP:3072:FK93ruk21d9qLXCH8GVVRz/OiQa6usPVHr:s93ruk21d9OtYz/L6umHr
                                                                                          TLSH:9BC3F104DA5A7DCCF0D6EBA21F6DBC4BB42AF10260D492D0B19DC6E347D0E5AE833959
                                                                                          File Content Preview:%PDF-1.7..%......1 0 obj..<</Type/Catalog/Pages 2 0 R/Lang(en) /StructTreeRoot 38 0 R/MarkInfo<</Marked true>>/Metadata 80 0 R/ViewerPreferences 81 0 R>>..endobj..2 0 obj..<</Type/Pages/Count 1/Kids[ 3 0 R] >>..endobj..3 0 obj..<</Type/Page/Parent 2 0 R/R
                                                                                          Icon Hash:62cc8caeb29e8ae0

                                                                                          General

                                                                                          Header:%PDF-1.7
                                                                                          Total Entropy:7.928938
                                                                                          Total Bytes:128411
                                                                                          Stream Entropy:7.971966
                                                                                          Stream Bytes:118248
                                                                                          Entropy outside Streams:5.300436
                                                                                          Bytes outside Streams:10163
                                                                                          Number of EOF found:2
                                                                                          Bytes after EOF:
                                                                                          NameCount
                                                                                          obj58
                                                                                          endobj58
                                                                                          stream14
                                                                                          endstream14
                                                                                          xref2
                                                                                          trailer2
                                                                                          startxref2
                                                                                          /Page1
                                                                                          /Encrypt0
                                                                                          /ObjStm1
                                                                                          /URI2
                                                                                          /JS0
                                                                                          /JavaScript0
                                                                                          /AA0
                                                                                          /OpenAction0
                                                                                          /AcroForm0
                                                                                          /JBIG2Decode0
                                                                                          /RichMedia0
                                                                                          /Launch0
                                                                                          /EmbeddedFile0
                                                                                          IDDHASHMD5Preview
                                                                                          360d4d0e0f4d0f0e4d729a9a873aaced03bdca8fd1e6320814

                                                                                          Download Network PCAP: filteredfull

                                                                                          • Total Packets: 309
                                                                                          • 443 (HTTPS)
                                                                                          • 53 (DNS)
                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                          May 10, 2024 11:50:37.671785116 CEST49678443192.168.2.4104.46.162.224
                                                                                          May 10, 2024 11:50:37.687417984 CEST49675443192.168.2.4173.222.162.32
                                                                                          May 10, 2024 11:50:47.295928955 CEST49675443192.168.2.4173.222.162.32
                                                                                          May 10, 2024 11:50:49.262423992 CEST49738443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:49.262448072 CEST4434973823.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:49.262511015 CEST49738443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:49.272131920 CEST49738443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:49.272147894 CEST4434973823.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:49.497668028 CEST4434973823.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:49.497740984 CEST49738443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:49.500149965 CEST49738443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:49.500159025 CEST4434973823.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:49.500399113 CEST4434973823.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:49.543200970 CEST49738443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:49.588121891 CEST4434973823.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:49.709533930 CEST4434973823.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:49.709647894 CEST4434973823.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:49.709711075 CEST49738443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:49.737602949 CEST49738443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:49.737622976 CEST4434973823.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:49.792644024 CEST49739443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:49.792665005 CEST4434973923.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:49.792824984 CEST49739443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:49.793086052 CEST49739443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:49.793097019 CEST4434973923.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:50.014486074 CEST4434973923.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:50.014561892 CEST49739443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:50.015954018 CEST49739443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:50.015964985 CEST4434973923.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:50.016211033 CEST4434973923.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:50.017230034 CEST49739443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:50.060123920 CEST4434973923.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:50.231229067 CEST4434973923.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:50.231286049 CEST4434973923.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:50.231368065 CEST49739443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:50.232125998 CEST49739443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:50.232125998 CEST49739443192.168.2.423.221.246.93
                                                                                          May 10, 2024 11:50:50.232137918 CEST4434973923.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:50.232146025 CEST4434973923.221.246.93192.168.2.4
                                                                                          May 10, 2024 11:50:54.737803936 CEST49740443192.168.2.423.219.48.155
                                                                                          May 10, 2024 11:50:54.737822056 CEST4434974023.219.48.155192.168.2.4
                                                                                          May 10, 2024 11:50:54.737895966 CEST49740443192.168.2.423.219.48.155
                                                                                          May 10, 2024 11:50:54.738086939 CEST49740443192.168.2.423.219.48.155
                                                                                          May 10, 2024 11:50:54.738097906 CEST4434974023.219.48.155192.168.2.4
                                                                                          May 10, 2024 11:50:55.069050074 CEST4434974023.219.48.155192.168.2.4
                                                                                          May 10, 2024 11:50:55.069361925 CEST49740443192.168.2.423.219.48.155
                                                                                          May 10, 2024 11:50:55.069381952 CEST4434974023.219.48.155192.168.2.4
                                                                                          May 10, 2024 11:50:55.070276976 CEST4434974023.219.48.155192.168.2.4
                                                                                          May 10, 2024 11:50:55.070368052 CEST49740443192.168.2.423.219.48.155
                                                                                          May 10, 2024 11:50:55.072422028 CEST49740443192.168.2.423.219.48.155
                                                                                          May 10, 2024 11:50:55.072479010 CEST4434974023.219.48.155192.168.2.4
                                                                                          May 10, 2024 11:50:55.072736025 CEST49740443192.168.2.423.219.48.155
                                                                                          May 10, 2024 11:50:55.072743893 CEST4434974023.219.48.155192.168.2.4
                                                                                          May 10, 2024 11:50:55.121009111 CEST49740443192.168.2.423.219.48.155
                                                                                          May 10, 2024 11:50:55.184562922 CEST4434974023.219.48.155192.168.2.4
                                                                                          May 10, 2024 11:50:55.184679985 CEST4434974023.219.48.155192.168.2.4
                                                                                          May 10, 2024 11:50:55.184752941 CEST49740443192.168.2.423.219.48.155
                                                                                          May 10, 2024 11:50:55.185164928 CEST49740443192.168.2.423.219.48.155
                                                                                          May 10, 2024 11:50:55.185178995 CEST4434974023.219.48.155192.168.2.4
                                                                                          May 10, 2024 11:51:00.165242910 CEST49741443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:00.165273905 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:00.165343046 CEST49741443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:00.166543961 CEST49741443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:00.166558981 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:00.780225039 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:00.780416012 CEST49741443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:00.783400059 CEST49741443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:00.783410072 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:00.783648014 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:00.824202061 CEST49741443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:01.188347101 CEST49741443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:01.232126951 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:01.586894989 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:01.586916924 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:01.586925030 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:01.586937904 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:01.586971045 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:01.587003946 CEST49741443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:01.587018013 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:01.587052107 CEST49741443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:01.587058067 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:01.587070942 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:01.587079048 CEST49741443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:01.587924957 CEST49741443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:01.840725899 CEST49741443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:01.840751886 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:01.840764999 CEST49741443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:01.840776920 CEST4434974140.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:08.316981077 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.317011118 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:08.317085028 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.317502975 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.317516088 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:08.317817926 CEST49749443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.317847013 CEST4434974913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:08.317895889 CEST49749443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.318115950 CEST49749443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.318130016 CEST4434974913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:08.723397017 CEST4434974913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:08.723515034 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:08.732124090 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.732139111 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:08.732238054 CEST49749443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.732256889 CEST4434974913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:08.733117104 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:08.733208895 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.733249903 CEST4434974913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:08.733299971 CEST49749443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.753885984 CEST49749443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.753961086 CEST4434974913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:08.755831003 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.755935907 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:08.756124973 CEST49749443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.756139994 CEST4434974913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:08.797378063 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.797385931 CEST49749443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:08.797405005 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:08.843303919 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:09.905683041 CEST4434974913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:09.905929089 CEST4434974913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:09.906018019 CEST49749443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:09.919776917 CEST49749443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:09.919802904 CEST4434974913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:10.066500902 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:10.066524029 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:10.066596031 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:10.066819906 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:10.066828966 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:10.462023020 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:10.462357998 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:10.462378025 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:10.463340044 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:10.463421106 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:10.464390993 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:10.464463949 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:10.464587927 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:10.464593887 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:10.516334057 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.097573042 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.097590923 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.097598076 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.097635984 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.097661018 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.097672939 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.097691059 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.097691059 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.097708941 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.097724915 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.097732067 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.097738981 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.097750902 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.097769976 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.097781897 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.097790003 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.097822905 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.225996971 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.226016998 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.226097107 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.226129055 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.226214886 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.226214886 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.226214886 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.226228952 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.226239920 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.226255894 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.226303101 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.226310968 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.267126083 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.354752064 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.354773045 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.354831934 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.354865074 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.354876995 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.354883909 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.354949951 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.354959965 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.354990959 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.355015039 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.355019093 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.355043888 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.396445036 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.396466017 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.396550894 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.396563053 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.450855970 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.485150099 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.485168934 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.485291004 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.485296011 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.485306025 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.485321999 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.485356092 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.485373974 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.485411882 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.485411882 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.485503912 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.485532045 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.485569954 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.485575914 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.485584974 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.485618114 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.485738993 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.485754967 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.485795975 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.485800982 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.485833883 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.485961914 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.485975981 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.486021996 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.486027002 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.486062050 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.486181974 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.486196041 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.486244917 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.486248970 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.486289978 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.486563921 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.486579895 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.486633062 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.486637115 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.486645937 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.486658096 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.486684084 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.486687899 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.486731052 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.486851931 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.486864090 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.486880064 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.486884117 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.486903906 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.486926079 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.525396109 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.525409937 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.525494099 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.525505066 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.525557041 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.615459919 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.615478039 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.615542889 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.615551949 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.615592957 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.615784883 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.615803957 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.615837097 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.615843058 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.615869045 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.615889072 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.616075993 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.616089106 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.616115093 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.616118908 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.616144896 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.616167068 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.616375923 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.616390944 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.616436958 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.616441011 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.616482973 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.617310047 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.617326021 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.617378950 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.617383003 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.617396116 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.617418051 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.617444992 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.617455006 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.617459059 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.617471933 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.617485046 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.617496967 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.617505074 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.617527008 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.617527008 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.617553949 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.617558002 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.617604017 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.617610931 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.617856979 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.617871046 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.617913961 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.617918968 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.617955923 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.618155956 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.618170977 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.618217945 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.618221998 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.618252993 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.618479967 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.618494034 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.618532896 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.618537903 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.618577957 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.618644953 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.618659973 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.618690968 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.618695021 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.618720055 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.618738890 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.619288921 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.619302988 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.619369030 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.619374990 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.619419098 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.619432926 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.619446993 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.619486094 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.619491100 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.619524002 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.619828939 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.619842052 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.619900942 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.619904995 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.619940996 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.620218039 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.620232105 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.620282888 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.620286942 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.620325089 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.620503902 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.620517015 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.620568037 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.620570898 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.620608091 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.620815992 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.620829105 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.620887041 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.620891094 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.620928049 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.654943943 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.654988050 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.655035973 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.655062914 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.655076981 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.655082941 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.655138016 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.744103909 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744122982 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744179010 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744180918 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.744189978 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744206905 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744232893 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.744266987 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.744273901 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744318008 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.744479895 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744493008 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744539022 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.744543076 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744582891 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.744616985 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744631052 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744668007 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.744672060 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744679928 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744710922 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.744714022 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744736910 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.744750023 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.744790077 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.746599913 CEST49752443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.746609926 CEST4434975213.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.772845984 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.778682947 CEST49754443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.778712034 CEST4434975413.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.778786898 CEST49754443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.778990984 CEST49754443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.779005051 CEST4434975413.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.794377089 CEST49755443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.794414997 CEST4434975513.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.794485092 CEST49755443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.794840097 CEST49755443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:11.794853926 CEST4434975513.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:11.816133022 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.180804014 CEST4434975413.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.181097031 CEST49754443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:12.181113005 CEST4434975413.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.182080030 CEST4434975413.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.182147026 CEST49754443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:12.182491064 CEST49754443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:12.182545900 CEST4434975413.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.182775974 CEST49754443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:12.182782888 CEST4434975413.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.198854923 CEST4434975513.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.199120998 CEST49755443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:12.199146986 CEST4434975513.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.199434996 CEST4434975513.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.199709892 CEST49755443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:12.199768066 CEST4434975513.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.199829102 CEST49755443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:12.234827995 CEST49754443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:12.244112015 CEST4434975513.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.463908911 CEST4434975413.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.463975906 CEST4434975413.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.464056015 CEST49754443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:12.466276884 CEST49754443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:12.466289997 CEST4434975413.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.587554932 CEST49757443192.168.2.413.107.213.51
                                                                                          May 10, 2024 11:51:12.587594986 CEST4434975713.107.213.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.587673903 CEST49757443192.168.2.413.107.213.51
                                                                                          May 10, 2024 11:51:12.587867975 CEST49757443192.168.2.413.107.213.51
                                                                                          May 10, 2024 11:51:12.587883949 CEST4434975713.107.213.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.697994947 CEST49758443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:51:12.698031902 CEST44349758172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:51:12.698102951 CEST49758443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:51:12.698343992 CEST49758443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:51:12.698359966 CEST44349758172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:51:12.934434891 CEST44349758172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:51:12.934751987 CEST49758443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:51:12.934777021 CEST44349758172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:51:12.935791969 CEST44349758172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:51:12.935857058 CEST49758443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:51:12.937110901 CEST49758443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:51:12.937172890 CEST44349758172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:51:12.977570057 CEST4434975713.107.213.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.977854967 CEST49757443192.168.2.413.107.213.51
                                                                                          May 10, 2024 11:51:12.977881908 CEST4434975713.107.213.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.978765965 CEST4434975713.107.213.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.978841066 CEST49757443192.168.2.413.107.213.51
                                                                                          May 10, 2024 11:51:12.979130030 CEST49757443192.168.2.413.107.213.51
                                                                                          May 10, 2024 11:51:12.979183912 CEST4434975713.107.213.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.979388952 CEST49757443192.168.2.413.107.213.51
                                                                                          May 10, 2024 11:51:12.979397058 CEST4434975713.107.213.51192.168.2.4
                                                                                          May 10, 2024 11:51:12.986341953 CEST49758443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:51:12.986355066 CEST44349758172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:51:13.033746004 CEST49757443192.168.2.413.107.213.51
                                                                                          May 10, 2024 11:51:13.033746004 CEST49758443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:51:13.056236029 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.056262970 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.056272030 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.056303024 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.056324005 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.056327105 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.056330919 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.056349993 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.056382895 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.056406975 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.056948900 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.056957006 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.056983948 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.057013988 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.057022095 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.057037115 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.057061911 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.057945967 CEST49748443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.057960987 CEST4434974813.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.065095901 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.065114021 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.065176010 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.065376043 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.065390110 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.185209036 CEST4434975513.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.185535908 CEST4434975513.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.185611963 CEST49755443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.188819885 CEST49760443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:13.188853025 CEST4434976020.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:13.188924074 CEST49760443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:13.189110994 CEST49760443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:13.189122915 CEST4434976020.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:13.192017078 CEST49761443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.192042112 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.192109108 CEST49761443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.192292929 CEST49761443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.192306995 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.192593098 CEST49755443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.192619085 CEST4434975513.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.236886024 CEST4434975713.107.213.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.237191916 CEST4434975713.107.213.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.237260103 CEST49757443192.168.2.413.107.213.51
                                                                                          May 10, 2024 11:51:13.272669077 CEST49757443192.168.2.413.107.213.51
                                                                                          May 10, 2024 11:51:13.272706985 CEST4434975713.107.213.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.459115028 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.459506035 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.459527016 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.459851027 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.460155010 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.460228920 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.460303068 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.508126974 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.584239006 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.584553003 CEST49761443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.584583998 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.585549116 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.585611105 CEST49761443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.585930109 CEST49761443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.585988998 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.586060047 CEST49761443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.586069107 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.639447927 CEST49761443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.971713066 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.971741915 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.971750021 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.971779108 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.971802950 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.971818924 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.971824884 CEST49761443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.971854925 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.971870899 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.971880913 CEST49761443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.971884966 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.971904039 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.971913099 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:13.971940994 CEST49761443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.971940994 CEST49761443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.971972942 CEST49761443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.973249912 CEST49761443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:13.973263025 CEST4434976113.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:14.117316961 CEST4434976020.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:14.117597103 CEST49760443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:14.117610931 CEST4434976020.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:14.118638039 CEST4434976020.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:14.118696928 CEST49760443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:14.119736910 CEST49760443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:14.119796991 CEST4434976020.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:14.120044947 CEST49760443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:14.120052099 CEST4434976020.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:14.170291901 CEST49760443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:14.435734987 CEST4434976020.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:14.435833931 CEST4434976020.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:14.435928106 CEST49760443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:14.436295986 CEST49760443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:14.436316013 CEST4434976020.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:14.437139988 CEST49762443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:14.437170982 CEST4434976220.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:14.437249899 CEST49762443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:14.437544107 CEST49762443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:14.437560081 CEST4434976220.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:15.168591976 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.168615103 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.168631077 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.168718100 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.168739080 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.168751955 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.168813944 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.299021959 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.299050093 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.299103022 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.299118042 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.299144030 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.299166918 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.299319029 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.299335957 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.299377918 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.299384117 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.299391985 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.299420118 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.299452066 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.299455881 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.299468994 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.299511909 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.320173025 CEST49759443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.320185900 CEST4434975913.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.341739893 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.341780901 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.341854095 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.342171907 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.342186928 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.360301971 CEST4434976220.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:15.360534906 CEST49762443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:15.360548973 CEST4434976220.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:15.360893965 CEST4434976220.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:15.361192942 CEST49762443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:15.361248016 CEST4434976220.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:15.361319065 CEST49762443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:15.408123016 CEST4434976220.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:15.743318081 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.795454025 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.815548897 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.815566063 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.815980911 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.819287062 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.819356918 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:15.819452047 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:15.864113092 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:16.058301926 CEST4434976220.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:16.058368921 CEST4434976220.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:16.058548927 CEST49762443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:16.059943914 CEST49762443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:16.059962988 CEST4434976220.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:16.139617920 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:16.139652967 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:16.139659882 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:16.139669895 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:16.139695883 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:16.139739990 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:16.139755964 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:16.139764071 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:16.139785051 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:16.139837027 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:16.232898951 CEST49764443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:16.232927084 CEST4434976420.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:16.232990980 CEST49764443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:16.233233929 CEST49764443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:16.233244896 CEST4434976420.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:16.271270990 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:16.271286964 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:16.271358013 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:16.271377087 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:16.271392107 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:16.271411896 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:16.271430969 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:16.271467924 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:16.271471024 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:16.271511078 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:16.271770000 CEST49763443192.168.2.413.107.246.51
                                                                                          May 10, 2024 11:51:16.271781921 CEST4434976313.107.246.51192.168.2.4
                                                                                          May 10, 2024 11:51:17.153780937 CEST4434976420.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:17.154169083 CEST49764443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:17.154190063 CEST4434976420.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:17.155204058 CEST4434976420.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:17.155272007 CEST49764443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:17.155590057 CEST49764443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:17.155646086 CEST4434976420.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:17.155719042 CEST49764443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:17.155725002 CEST4434976420.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:17.201926947 CEST49764443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:17.472421885 CEST4434976420.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:17.472560883 CEST4434976420.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:17.472621918 CEST49764443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:17.473171949 CEST49764443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:17.473186970 CEST4434976420.70.221.64192.168.2.4
                                                                                          May 10, 2024 11:51:17.473196030 CEST49764443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:17.473236084 CEST49764443192.168.2.420.70.221.64
                                                                                          May 10, 2024 11:51:22.926422119 CEST44349758172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:51:22.926485062 CEST44349758172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:51:22.926525116 CEST49758443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:51:23.140127897 CEST49758443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:51:23.140147924 CEST44349758172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:51:38.166609049 CEST49772443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:38.166647911 CEST4434977240.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:38.166735888 CEST49772443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:38.167143106 CEST49772443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:38.167155027 CEST4434977240.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:38.771481037 CEST4434977240.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:38.771598101 CEST49772443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:38.775355101 CEST49772443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:38.775367975 CEST4434977240.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:38.775624037 CEST4434977240.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:38.783848047 CEST49772443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:38.828116894 CEST4434977240.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:39.365283012 CEST4434977240.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:39.365313053 CEST4434977240.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:39.365329027 CEST4434977240.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:39.365541935 CEST49772443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:39.365575075 CEST4434977240.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:39.365680933 CEST49772443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:39.371334076 CEST49772443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:39.371362925 CEST4434977240.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:51:39.371371984 CEST49772443192.168.2.440.127.169.103
                                                                                          May 10, 2024 11:51:39.371377945 CEST4434977240.127.169.103192.168.2.4
                                                                                          May 10, 2024 11:52:12.641185045 CEST49774443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:52:12.641222000 CEST44349774172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:52:12.641295910 CEST49774443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:52:12.641767979 CEST49774443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:52:12.641783953 CEST44349774172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:52:12.872417927 CEST44349774172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:52:12.872807026 CEST49774443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:52:12.872834921 CEST44349774172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:52:12.873153925 CEST44349774172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:52:12.873703003 CEST49774443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:52:12.873768091 CEST44349774172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:52:12.920805931 CEST49774443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:52:22.940615892 CEST44349774172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:52:22.940680027 CEST44349774172.217.4.68192.168.2.4
                                                                                          May 10, 2024 11:52:22.940807104 CEST49774443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:52:24.406384945 CEST49774443192.168.2.4172.217.4.68
                                                                                          May 10, 2024 11:52:24.406411886 CEST44349774172.217.4.68192.168.2.4
                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                          May 10, 2024 11:51:08.187405109 CEST5979153192.168.2.41.1.1.1
                                                                                          May 10, 2024 11:51:08.187571049 CEST5922853192.168.2.41.1.1.1
                                                                                          May 10, 2024 11:51:08.287492990 CEST138138192.168.2.4192.168.2.255
                                                                                          May 10, 2024 11:51:08.294728994 CEST53497271.1.1.1192.168.2.4
                                                                                          May 10, 2024 11:51:08.369896889 CEST53624691.1.1.1192.168.2.4
                                                                                          May 10, 2024 11:51:09.032866955 CEST53650581.1.1.1192.168.2.4
                                                                                          May 10, 2024 11:51:12.587033987 CEST6443553192.168.2.41.1.1.1
                                                                                          May 10, 2024 11:51:12.587196112 CEST5787853192.168.2.41.1.1.1
                                                                                          May 10, 2024 11:51:12.696621895 CEST53578781.1.1.1192.168.2.4
                                                                                          May 10, 2024 11:51:12.697120905 CEST53644351.1.1.1192.168.2.4
                                                                                          May 10, 2024 11:51:13.063905001 CEST6481953192.168.2.41.1.1.1
                                                                                          May 10, 2024 11:51:13.064186096 CEST5454553192.168.2.41.1.1.1
                                                                                          May 10, 2024 11:51:13.066982985 CEST5775453192.168.2.41.1.1.1
                                                                                          May 10, 2024 11:51:13.067162991 CEST6307053192.168.2.41.1.1.1
                                                                                          May 10, 2024 11:51:16.068936110 CEST5882353192.168.2.41.1.1.1
                                                                                          May 10, 2024 11:51:16.069092035 CEST5674853192.168.2.41.1.1.1
                                                                                          May 10, 2024 11:51:20.656774044 CEST53509781.1.1.1192.168.2.4
                                                                                          May 10, 2024 11:51:26.116496086 CEST53532541.1.1.1192.168.2.4
                                                                                          May 10, 2024 11:51:44.984697104 CEST53508951.1.1.1192.168.2.4
                                                                                          May 10, 2024 11:52:07.454119921 CEST53492531.1.1.1192.168.2.4
                                                                                          May 10, 2024 11:52:07.850361109 CEST53621481.1.1.1192.168.2.4
                                                                                          May 10, 2024 11:52:36.542613029 CEST53616631.1.1.1192.168.2.4
                                                                                          May 10, 2024 11:53:21.277826071 CEST53560311.1.1.1192.168.2.4
                                                                                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                          May 10, 2024 11:51:08.187405109 CEST192.168.2.41.1.1.10x208aStandard query (0)assets-oce.mkt.dynamics.comA (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:08.187571049 CEST192.168.2.41.1.1.10x262bStandard query (0)assets-oce.mkt.dynamics.com65IN (0x0001)false
                                                                                          May 10, 2024 11:51:12.587033987 CEST192.168.2.41.1.1.10xf0c0Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:12.587196112 CEST192.168.2.41.1.1.10x187cStandard query (0)www.google.com65IN (0x0001)false
                                                                                          May 10, 2024 11:51:13.063905001 CEST192.168.2.41.1.1.10x796aStandard query (0)assets-oce.mkt.dynamics.comA (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:13.064186096 CEST192.168.2.41.1.1.10xcf2bStandard query (0)assets-oce.mkt.dynamics.com65IN (0x0001)false
                                                                                          May 10, 2024 11:51:13.066982985 CEST192.168.2.41.1.1.10x9682Standard query (0)public-oce.mkt.dynamics.comA (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:13.067162991 CEST192.168.2.41.1.1.10x405cStandard query (0)public-oce.mkt.dynamics.com65IN (0x0001)false
                                                                                          May 10, 2024 11:51:16.068936110 CEST192.168.2.41.1.1.10x1602Standard query (0)public-oce.mkt.dynamics.comA (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:16.069092035 CEST192.168.2.41.1.1.10x76e3Standard query (0)public-oce.mkt.dynamics.com65IN (0x0001)false
                                                                                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                          May 10, 2024 11:51:08.313136101 CEST1.1.1.1192.168.2.40x262bNo error (0)assets-oce.mkt.dynamics.comassets-mkt-oce.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:08.316467047 CEST1.1.1.1192.168.2.40x208aNo error (0)assets-oce.mkt.dynamics.comassets-mkt-oce.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:08.316467047 CEST1.1.1.1192.168.2.40x208aNo error (0)shed.dual-low.part-0023.t-0009.t-msedge.netpart-0023.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:08.316467047 CEST1.1.1.1192.168.2.40x208aNo error (0)part-0023.t-0009.t-msedge.net13.107.246.51A (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:08.316467047 CEST1.1.1.1192.168.2.40x208aNo error (0)part-0023.t-0009.t-msedge.net13.107.213.51A (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:10.062551975 CEST1.1.1.1192.168.2.40x35f1No error (0)shed.dual-low.part-0023.t-0009.t-msedge.netpart-0023.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:10.062551975 CEST1.1.1.1192.168.2.40x35f1No error (0)part-0023.t-0009.t-msedge.net13.107.246.51A (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:10.062551975 CEST1.1.1.1192.168.2.40x35f1No error (0)part-0023.t-0009.t-msedge.net13.107.213.51A (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:12.581495047 CEST1.1.1.1192.168.2.40xa157No error (0)shed.dual-low.part-0023.t-0009.t-msedge.netpart-0023.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:12.581495047 CEST1.1.1.1192.168.2.40xa157No error (0)part-0023.t-0009.t-msedge.net13.107.213.51A (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:12.581495047 CEST1.1.1.1192.168.2.40xa157No error (0)part-0023.t-0009.t-msedge.net13.107.246.51A (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:12.696621895 CEST1.1.1.1192.168.2.40x187cNo error (0)www.google.com65IN (0x0001)false
                                                                                          May 10, 2024 11:51:12.697120905 CEST1.1.1.1192.168.2.40xf0c0No error (0)www.google.com172.217.4.68A (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:13.187079906 CEST1.1.1.1192.168.2.40x405cNo error (0)public-oce.mkt.dynamics.comcxppoce1xsasjote5vpge.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:13.187079906 CEST1.1.1.1192.168.2.40x405cNo error (0)public-prdia888eau0aks.mkt.dynamics.comprdia888eau0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:13.188366890 CEST1.1.1.1192.168.2.40x9682No error (0)public-oce.mkt.dynamics.comcxppoce1xsasjote5vpge.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:13.188366890 CEST1.1.1.1192.168.2.40x9682No error (0)public-prdia888eau0aks.mkt.dynamics.comprdia888eau0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:13.188366890 CEST1.1.1.1192.168.2.40x9682No error (0)prdia888eau0aks.mkt.dynamics.com20.70.221.64A (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:13.191361904 CEST1.1.1.1192.168.2.40xcf2bNo error (0)assets-oce.mkt.dynamics.comassets-mkt-oce.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:13.191498041 CEST1.1.1.1192.168.2.40x796aNo error (0)assets-oce.mkt.dynamics.comassets-mkt-oce.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:13.191498041 CEST1.1.1.1192.168.2.40x796aNo error (0)shed.dual-low.part-0023.t-0009.t-msedge.netpart-0023.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:13.191498041 CEST1.1.1.1192.168.2.40x796aNo error (0)part-0023.t-0009.t-msedge.net13.107.246.51A (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:13.191498041 CEST1.1.1.1192.168.2.40x796aNo error (0)part-0023.t-0009.t-msedge.net13.107.213.51A (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:16.192857981 CEST1.1.1.1192.168.2.40x1602No error (0)public-oce.mkt.dynamics.comcxppoce1xsasjote5vpge.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:16.192857981 CEST1.1.1.1192.168.2.40x1602No error (0)public-prdia888eau0aks.mkt.dynamics.comprdia888eau0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:16.192857981 CEST1.1.1.1192.168.2.40x1602No error (0)prdia888eau0aks.mkt.dynamics.com20.70.221.64A (IP address)IN (0x0001)false
                                                                                          May 10, 2024 11:51:16.232436895 CEST1.1.1.1192.168.2.40x76e3No error (0)public-oce.mkt.dynamics.comcxppoce1xsasjote5vpge.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                          May 10, 2024 11:51:16.232436895 CEST1.1.1.1192.168.2.40x76e3No error (0)public-prdia888eau0aks.mkt.dynamics.comprdia888eau0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                          • fs.microsoft.com
                                                                                          • armmf.adobe.com
                                                                                          • slscr.update.microsoft.com
                                                                                          • assets-oce.mkt.dynamics.com
                                                                                          • https:
                                                                                            • cxppusa1formui01cdnsa01-endpoint.azureedge.net
                                                                                          • public-oce.mkt.dynamics.com
                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          0192.168.2.44973823.221.246.93443
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:50:49 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: */*
                                                                                          Accept-Encoding: identity
                                                                                          User-Agent: Microsoft BITS/7.8
                                                                                          Host: fs.microsoft.com
                                                                                          2024-05-10 09:50:49 UTC467INHTTP/1.1 200 OK
                                                                                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                          Content-Type: application/octet-stream
                                                                                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                          Server: ECAcc (chd/079C)
                                                                                          X-CID: 11
                                                                                          X-Ms-ApiVersion: Distribute 1.2
                                                                                          X-Ms-Region: prod-eus-z1
                                                                                          Cache-Control: public, max-age=162779
                                                                                          Date: Fri, 10 May 2024 09:50:49 GMT
                                                                                          Connection: close
                                                                                          X-CID: 2


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          1192.168.2.44973923.221.246.93443
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:50:50 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: */*
                                                                                          Accept-Encoding: identity
                                                                                          If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                          Range: bytes=0-2147483646
                                                                                          User-Agent: Microsoft BITS/7.8
                                                                                          Host: fs.microsoft.com
                                                                                          2024-05-10 09:50:50 UTC870INHTTP/1.1 206 Partial Content
                                                                                          Accept-Ranges: bytes
                                                                                          ApiVersion: Distribute 1.1
                                                                                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                          Server: ECAcc (chd/0778)
                                                                                          X-CID: 11
                                                                                          X-CCC: US
                                                                                          X-Azure-Ref-OriginShield: Ref A: 52EA27DBDE0C4533B819423583F6692E Ref B: CH1AA2040902052 Ref C: 2023-07-09T23:10:08Z
                                                                                          X-MSEdge-Ref: Ref A: 528BB8D443C042AA9AEA4EC3F75C7762 Ref B: CHI30EDGE0111 Ref C: 2023-07-09T23:11:11Z
                                                                                          Content-Type: application/octet-stream
                                                                                          X-Azure-Ref: 01uvbYwAAAACkqWtaEMjWQL/4cpisZkorTUVNMzBFREdFMDgxMQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y=
                                                                                          Cache-Control: public, max-age=162762
                                                                                          Date: Fri, 10 May 2024 09:50:50 GMT
                                                                                          Content-Range: bytes 0-54/55
                                                                                          Content-Length: 55
                                                                                          Connection: close
                                                                                          X-CID: 2
                                                                                          2024-05-10 09:50:50 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                          Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          2192.168.2.44974023.219.48.1554437900C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:50:55 UTC475OUTGET /onboarding/smskillreader.txt HTTP/1.1
                                                                                          Host: armmf.adobe.com
                                                                                          Connection: keep-alive
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ReaderServices/23.6.20320 Chrome/105.0.0.0 Safari/537.36
                                                                                          Sec-Fetch-Site: same-origin
                                                                                          Sec-Fetch-Mode: no-cors
                                                                                          Sec-Fetch-Dest: empty
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          If-None-Match: "78-5faa31cce96da"
                                                                                          If-Modified-Since: Mon, 01 May 2023 15:02:33 GMT
                                                                                          2024-05-10 09:50:55 UTC198INHTTP/1.1 304 Not Modified
                                                                                          Content-Type: text/plain; charset=UTF-8
                                                                                          Last-Modified: Mon, 01 May 2023 15:02:33 GMT
                                                                                          ETag: "78-5faa31cce96da"
                                                                                          Date: Fri, 10 May 2024 09:50:55 GMT
                                                                                          Connection: close


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          3192.168.2.44974140.127.169.103443
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:51:01 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Y49FkgBSOF+mCl+&MD=lYe4Z8or HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: */*
                                                                                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                          Host: slscr.update.microsoft.com
                                                                                          2024-05-10 09:51:01 UTC560INHTTP/1.1 200 OK
                                                                                          Cache-Control: no-cache
                                                                                          Pragma: no-cache
                                                                                          Content-Type: application/octet-stream
                                                                                          Expires: -1
                                                                                          Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                          ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                          MS-CorrelationId: 9869c1db-e43e-4d05-875b-d0e726f3872b
                                                                                          MS-RequestId: 327e5826-9b47-4ba2-93f6-090c63513fa1
                                                                                          MS-CV: wnWnveTIHU2HuwMf.0
                                                                                          X-Microsoft-SLSClientCache: 2880
                                                                                          Content-Disposition: attachment; filename=environment.cab
                                                                                          X-Content-Type-Options: nosniff
                                                                                          Date: Fri, 10 May 2024 09:51:00 GMT
                                                                                          Connection: close
                                                                                          Content-Length: 24490
                                                                                          2024-05-10 09:51:01 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                          Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                          2024-05-10 09:51:01 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                          Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          4192.168.2.44974913.107.246.514438892C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:51:08 UTC773OUTGET /0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6 HTTP/1.1
                                                                                          Host: assets-oce.mkt.dynamics.com
                                                                                          Connection: keep-alive
                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          sec-ch-ua-platform: "Windows"
                                                                                          Upgrade-Insecure-Requests: 1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                          Sec-Fetch-Site: none
                                                                                          Sec-Fetch-Mode: navigate
                                                                                          Sec-Fetch-User: ?1
                                                                                          Sec-Fetch-Dest: document
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          2024-05-10 09:51:09 UTC495INHTTP/1.1 200 OK
                                                                                          Date: Fri, 10 May 2024 09:51:09 GMT
                                                                                          Content-Type: text/html
                                                                                          Content-Length: 491
                                                                                          Connection: close
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Cache-Control: public, max-age=900, must-revalidate
                                                                                          x-ms-trace-id: 8f7e7521aefe25c72ec22744bfdf1198
                                                                                          Strict-Transport-Security: max-age=2592000; preload
                                                                                          x-content-type-options: nosniff
                                                                                          x-azure-ref: 20240510T095108Z-17cb6678898vlvhxv08s6m5bks000000031g000000000u6b
                                                                                          x-fd-int-roxy-purgeid: 69757193
                                                                                          X-Cache: TCP_MISS
                                                                                          Accept-Ranges: bytes
                                                                                          2024-05-10 09:51:09 UTC491INData Raw: 3c 64 69 76 0a 20 20 20 20 20 20 20 20 64 61 74 61 2d 66 6f 72 6d 2d 69 64 3d 27 32 66 34 32 34 66 32 65 2d 66 63 30 64 2d 65 66 31 31 2d 39 66 38 39 2d 36 30 34 35 62 64 34 30 31 35 65 36 27 0a 20 20 20 20 20 20 20 20 64 61 74 61 2d 66 6f 72 6d 2d 61 70 69 2d 75 72 6c 3d 27 68 74 74 70 73 3a 2f 2f 70 75 62 6c 69 63 2d 6f 63 65 2e 6d 6b 74 2e 64 79 6e 61 6d 69 63 73 2e 63 6f 6d 2f 61 70 69 2f 76 31 2e 30 2f 6f 72 67 73 2f 30 65 66 36 35 35 39 39 2d 33 62 30 64 2d 65 66 31 31 2d 39 66 38 36 2d 30 30 30 64 33 61 65 30 63 31 63 64 2f 6c 61 6e 64 69 6e 67 70 61 67 65 66 6f 72 6d 73 27 0a 20 20 20 20 20 20 20 20 64 61 74 61 2d 63 61 63 68 65 64 2d 66 6f 72 6d 2d 75 72 6c 3d 27 68 74 74 70 73 3a 2f 2f 61 73 73 65 74 73 2d 6f 63 65 2e 6d 6b 74 2e 64 79 6e 61 6d
                                                                                          Data Ascii: <div data-form-id='2f424f2e-fc0d-ef11-9f89-6045bd4015e6' data-form-api-url='https://public-oce.mkt.dynamics.com/api/v1.0/orgs/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/landingpageforms' data-cached-form-url='https://assets-oce.mkt.dynam


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          5192.168.2.44975213.107.246.514438892C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:51:10 UTC592OUTGET /oce/FormLoader/FormLoader.bundle.js HTTP/1.1
                                                                                          Host: cxppusa1formui01cdnsa01-endpoint.azureedge.net
                                                                                          Connection: keep-alive
                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                          sec-ch-ua-platform: "Windows"
                                                                                          Accept: */*
                                                                                          Sec-Fetch-Site: cross-site
                                                                                          Sec-Fetch-Mode: no-cors
                                                                                          Sec-Fetch-Dest: script
                                                                                          Referer: https://assets-oce.mkt.dynamics.com/
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          2024-05-10 09:51:11 UTC623INHTTP/1.1 200 OK
                                                                                          Date: Fri, 10 May 2024 09:51:10 GMT
                                                                                          Content-Type: application/javascript
                                                                                          Content-Length: 711081
                                                                                          Connection: close
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Last-Modified: Thu, 22 Feb 2024 09:32:41 GMT
                                                                                          ETag: 0x8DC3389374F9121
                                                                                          x-ms-request-id: 86dc9164-c01e-00f0-52bf-a2a8cd000000
                                                                                          x-ms-version: 2009-09-19
                                                                                          x-ms-lease-status: unlocked
                                                                                          x-ms-blob-type: BlockBlob
                                                                                          Access-Control-Allow-Origin: *
                                                                                          x-azure-ref: 20240510T095110Z-17cb66788985dblx0v93r30a0c000000038g000000003zr9
                                                                                          x-fd-int-roxy-purgeid: 66630197
                                                                                          X-Cache: TCP_MISS
                                                                                          Accept-Ranges: bytes
                                                                                          2024-05-10 09:51:11 UTC15761INData Raw: 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 46 6f 72 6d 4c 6f 61 64 65 72 2e 62 75 6e 64 6c 65 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 76 61 72 20 64 33 36 35 6d 6b 74 66 6f 72 6d 73 3b 28 28 29 3d 3e 7b 76 61 72 20 65 2c 74 2c 6e 3d 7b 33 31 37 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 73 65 6c 66 3f 73 65 6c 66 3a 74 68 69 73 2c 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 74 68 69 73 2e 66 65 74 63 68 3d 21 31 2c 74 68 69 73 2e 44 4f 4d 45 78 63 65 70 74 69 6f 6e 3d 6e 2e 44 4f 4d 45 78 63 65 70 74 69 6f 6e 7d 72 65 74 75 72 6e 20 65 2e 70 72 6f 74 6f
                                                                                          Data Ascii: /*! For license information please see FormLoader.bundle.js.LICENSE.txt */var d365mktforms;(()=>{var e,t,n={317:function(e,t){var n="undefined"!=typeof self?self:this,r=function(){function e(){this.fetch=!1,this.DOMException=n.DOMException}return e.proto
                                                                                          2024-05-10 09:51:11 UTC16384INData Raw: 2c 6c 3d 64 28 22 72 65 61 63 74 2e 6c 61 7a 79 22 29 7d 76 61 72 20 70 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 3b 66 75 6e 63 74 69 6f 6e 20 66 28 65 29 7b 66 6f 72 28 76 61 72 20 74 3d 22 68 74 74 70 73 3a 2f 2f 72 65 61 63 74 6a 73 2e 6f 72 67 2f 64 6f 63 73 2f 65 72 72 6f 72 2d 64 65 63 6f 64 65 72 2e 68 74 6d 6c 3f 69 6e 76 61 72 69 61 6e 74 3d 22 2b 65 2c 6e 3d 31 3b 6e 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 74 2b 3d 22 26 61 72 67 73 5b 5d 3d 22 2b 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 61 72 67 75 6d 65 6e 74 73 5b 6e 5d 29 3b 72 65 74 75 72 6e 22 4d 69 6e 69 66 69 65 64 20 52 65 61 63 74 20 65 72 72 6f 72 20 23 22
                                                                                          Data Ascii: ,l=d("react.lazy")}var p="function"==typeof Symbol&&Symbol.iterator;function f(e){for(var t="https://reactjs.org/docs/error-decoder.html?invariant="+e,n=1;n<arguments.length;n++)t+="&args[]="+encodeURIComponent(arguments[n]);return"Minified React error #"
                                                                                          2024-05-10 09:51:11 UTC16384INData Raw: 70 36 48 41 44 6d 51 66 44 70 53 51 45 58 63 77 69 41 78 55 61 69 78 47 79 49 4b 47 67 48 6b 4d 6c 41 71 65 43 77 4a 41 67 44 73 74 5a 41 67 51 77 4b 45 6a 68 5a 39 41 52 34 4d 41 41 53 47 46 72 67 30 6d 47 44 43 67 51 49 46 6d 62 4d 73 41 47 42 69 2b 38 36 4b 46 42 68 49 34 63 50 77 6d 7a 61 48 41 30 57 51 66 64 75 53 77 49 53 47 69 43 41 4d 70 56 6a 77 6e 45 67 51 41 49 66 6b 45 43 51 6b 41 4e 41 41 73 41 41 41 41 41 42 34 41 48 67 43 46 42 41 59 45 68 49 61 45 78 4d 62 45 52 45 4a 45 70 4b 61 6b 35 4f 62 6b 5a 47 4a 6b 4c 43 6f 73 6c 4a 61 55 31 4e 62 55 74 4c 61 30 39 50 62 30 48 42 6f 63 56 46 4a 55 64 48 4a 30 6a 49 36 4d 7a 4d 37 4d 72 4b 36 73 37 4f 37 73 50 44 34 38 6e 4a 36 63 33 4e 37 63 76 4c 36 38 44 41 34 4d 54 45 70 4d 4e 44 49 30 2f 50 37
                                                                                          Data Ascii: p6HADmQfDpSQEXcwiAxUaixGyIKGgHkMlAqeCwJAgDstZAgQwKEjhZ9AR4MAASGFrg0mGDCgQIFmbMsAGBi+86KFBhI4cPwmzaHA0WQfduSwISGiCAMpVjwnEgQAIfkECQkANAAsAAAAAB4AHgCFBAYEhIaExMbEREJEpKak5ObkZGJkLCoslJaU1NbUtLa09Pb0HBocVFJUdHJ0jI6MzM7MrK6s7O7sPD48nJ6c3N7cvL68DA4MTEpMNDI0/P7
                                                                                          2024-05-10 09:51:11 UTC16384INData Raw: 28 76 61 72 20 69 20 69 6e 20 6e 29 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 6e 5b 69 5d 26 26 22 5b 6f 62 6a 65 63 74 20 41 72 72 61 79 5d 22 21 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 2e 61 70 70 6c 79 28 6e 5b 69 5d 29 7c 7c 74 68 69 73 2e 61 64 64 52 65 73 6f 75 72 63 65 28 65 2c 74 2c 69 2c 6e 5b 69 5d 2c 7b 73 69 6c 65 6e 74 3a 21 30 7d 29 3b 72 2e 73 69 6c 65 6e 74 7c 7c 74 68 69 73 2e 65 6d 69 74 28 22 61 64 64 65 64 22 2c 65 2c 74 2c 6e 29 7d 7d 2c 7b 6b 65 79 3a 22 61 64 64 52 65 73 6f 75 72 63 65 42 75 6e 64 6c 65 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 2c 69 29 7b 76 61 72 20 61 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 35 26 26 76 6f 69 64 20 30 21
                                                                                          Data Ascii: (var i in n)"string"!=typeof n[i]&&"[object Array]"!==Object.prototype.toString.apply(n[i])||this.addResource(e,t,i,n[i],{silent:!0});r.silent||this.emit("added",e,t,n)}},{key:"addResourceBundle",value:function(e,t,n,r,i){var a=arguments.length>5&&void 0!
                                                                                          2024-05-10 09:51:11 UTC16384INData Raw: 3f 31 3a 65 3c 37 3f 32 3a 65 3c 31 31 3f 33 3a 34 29 7d 2c 31 31 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4e 75 6d 62 65 72 28 31 3d 3d 65 7c 7c 31 31 3d 3d 65 3f 30 3a 32 3d 3d 65 7c 7c 31 32 3d 3d 65 3f 31 3a 65 3e 32 26 26 65 3c 32 30 3f 32 3a 33 29 7d 2c 31 32 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4e 75 6d 62 65 72 28 65 25 31 30 21 3d 31 7c 7c 65 25 31 30 30 3d 3d 31 31 29 7d 2c 31 33 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4e 75 6d 62 65 72 28 30 21 3d 3d 65 29 7d 2c 31 34 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4e 75 6d 62 65 72 28 31 3d 3d 65 3f 30 3a 32 3d 3d 65 3f 31 3a 33 3d 3d 65 3f 32 3a 33 29 7d 2c 31 35 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e
                                                                                          Data Ascii: ?1:e<7?2:e<11?3:4)},11:function(e){return Number(1==e||11==e?0:2==e||12==e?1:e>2&&e<20?2:3)},12:function(e){return Number(e%10!=1||e%100==11)},13:function(e){return Number(0!==e)},14:function(e){return Number(1==e?0:2==e?1:3==e?2:3)},15:function(e){return
                                                                                          2024-05-10 09:51:11 UTC16384INData Raw: 3f 74 68 69 73 2e 6c 6f 67 67 65 72 2e 77 61 72 6e 28 27 64 69 64 20 6e 6f 74 20 73 61 76 65 20 6b 65 79 20 22 27 2e 63 6f 6e 63 61 74 28 6e 2c 27 22 20 61 73 20 74 68 65 20 6e 61 6d 65 73 70 61 63 65 20 22 27 29 2e 63 6f 6e 63 61 74 28 74 2c 27 22 20 77 61 73 20 6e 6f 74 20 79 65 74 20 6c 6f 61 64 65 64 27 29 2c 22 54 68 69 73 20 6d 65 61 6e 73 20 73 6f 6d 65 74 68 69 6e 67 20 49 53 20 57 52 4f 4e 47 20 69 6e 20 79 6f 75 72 20 73 65 74 75 70 2e 20 59 6f 75 20 61 63 63 65 73 73 20 74 68 65 20 74 20 66 75 6e 63 74 69 6f 6e 20 62 65 66 6f 72 65 20 69 31 38 6e 65 78 74 2e 69 6e 69 74 20 2f 20 69 31 38 6e 65 78 74 2e 6c 6f 61 64 4e 61 6d 65 73 70 61 63 65 20 2f 20 69 31 38 6e 65 78 74 2e 63 68 61 6e 67 65 4c 61 6e 67 75 61 67 65 20 77 61 73 20 64 6f 6e 65 2e
                                                                                          Data Ascii: ?this.logger.warn('did not save key "'.concat(n,'" as the namespace "').concat(t,'" was not yet loaded'),"This means something IS WRONG in your setup. You access the t function before i18next.init / i18next.loadNamespace / i18next.changeLanguage was done.
                                                                                          2024-05-10 09:51:11 UTC16384INData Raw: 6e 28 65 2c 74 2c 6e 2c 72 29 7b 6e 26 26 22 6f 62 6a 65 63 74 22 3d 3d 3d 77 65 28 6e 29 26 26 28 6e 3d 54 65 28 22 22 2c 6e 29 2e 73 6c 69 63 65 28 31 29 29 2c 65 2e 71 75 65 72 79 53 74 72 69 6e 67 50 61 72 61 6d 73 26 26 28 74 3d 54 65 28 74 2c 65 2e 71 75 65 72 79 53 74 72 69 6e 67 50 61 72 61 6d 73 29 29 3b 74 72 79 7b 76 61 72 20 69 3b 28 69 3d 76 65 3f 6e 65 77 20 76 65 3a 6e 65 77 20 62 65 28 22 4d 53 58 4d 4c 32 2e 58 4d 4c 48 54 54 50 2e 33 2e 30 22 29 29 2e 6f 70 65 6e 28 6e 3f 22 50 4f 53 54 22 3a 22 47 45 54 22 2c 74 2c 31 29 2c 65 2e 63 72 6f 73 73 44 6f 6d 61 69 6e 7c 7c 69 2e 73 65 74 52 65 71 75 65 73 74 48 65 61 64 65 72 28 22 58 2d 52 65 71 75 65 73 74 65 64 2d 57 69 74 68 22 2c 22 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 22 29 2c 69
                                                                                          Data Ascii: n(e,t,n,r){n&&"object"===we(n)&&(n=Te("",n).slice(1)),e.queryStringParams&&(t=Te(t,e.queryStringParams));try{var i;(i=ve?new ve:new be("MSXML2.XMLHTTP.3.0")).open(n?"POST":"GET",t,1),e.crossDomain||i.setRequestHeader("X-Requested-With","XMLHttpRequest"),i
                                                                                          2024-05-10 09:51:11 UTC16384INData Raw: 2e 63 75 72 72 65 6e 74 3d 22 43 75 72 72 65 6e 74 22 7d 28 74 74 7c 7c 28 74 74 3d 7b 7d 29 29 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 6e 6f 48 6f 6c 64 6f 75 74 3d 22 6e 6f 48 6f 6c 64 6f 75 74 22 2c 65 2e 68 6f 6c 64 6f 75 74 3d 22 68 6f 6c 64 6f 75 74 22 7d 28 6e 74 7c 7c 28 6e 74 3d 7b 7d 29 29 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 43 6f 6e 64 69 74 69 6f 6e 4d 65 74 3d 22 43 6f 6e 64 69 74 69 6f 6e 4d 65 74 22 2c 65 2e 54 69 6d 65 4c 69 6d 69 74 3d 22 54 69 6d 65 4c 69 6d 69 74 22 7d 28 72 74 7c 7c 28 72 74 3d 7b 7d 29 29 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 53 74 61 6e 64 41 6c 6f 6e 65 3d 22 53 74 61 6e 64 41 6c 6f 6e 65 22 2c 65 2e 53 69 6e 67 6c 65 41 63 74 69 6f 6e 3d 22 53 69 6e 67 6c 65 41 63 74 69 6f 6e 22 2c 65 2e 43 68
                                                                                          Data Ascii: .current="Current"}(tt||(tt={})),function(e){e.noHoldout="noHoldout",e.holdout="holdout"}(nt||(nt={})),function(e){e.ConditionMet="ConditionMet",e.TimeLimit="TimeLimit"}(rt||(rt={})),function(e){e.StandAlone="StandAlone",e.SingleAction="SingleAction",e.Ch
                                                                                          2024-05-10 09:51:11 UTC16384INData Raw: 5d 29 2c 5b 34 2c 50 72 6f 6d 69 73 65 2e 61 6c 6c 28 74 2e 6d 61 70 28 28 66 75 6e 63 74 69 6f 6e 28 74 2c 61 29 7b 72 65 74 75 72 6e 20 69 5b 61 5d 26 26 69 5b 61 5d 2e 72 65 71 75 65 73 74 65 64 41 74 21 3d 3d 72 3f 6f 2e 74 72 79 52 65 74 72 69 65 76 65 56 61 6c 75 65 28 22 22 2e 63 6f 6e 63 61 74 28 65 2c 22 5f 22 29 2e 63 6f 6e 63 61 74 28 74 29 2c 6f 2e 65 78 70 69 72 61 74 69 6f 6e 43 61 63 68 65 2c 69 5b 61 5d 2c 6e 29 3a 50 72 6f 6d 69 73 65 2e 72 65 73 6f 6c 76 65 28 6e 75 6c 6c 29 7d 29 29 29 5d 3b 63 61 73 65 20 33 3a 72 65 74 75 72 6e 20 73 2e 73 65 6e 74 28 29 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 72 65 74 75 72 6e 20 61 5b 74 5b 6e 5d 5d 3d 65 7d 29 29 2c 5b 32 2c 61 5d 3b 63 61 73 65 20 34 3a 72 65 74 75
                                                                                          Data Ascii: ]),[4,Promise.all(t.map((function(t,a){return i[a]&&i[a].requestedAt!==r?o.tryRetrieveValue("".concat(e,"_").concat(t),o.expirationCache,i[a],n):Promise.resolve(null)})))];case 3:return s.sent().forEach((function(e,n){return a[t[n]]=e})),[2,a];case 4:retu
                                                                                          2024-05-10 09:51:11 UTC16384INData Raw: 6e 5b 34 2c 74 68 69 73 2e 66 65 74 63 68 47 65 74 28 65 29 5d 3b 63 61 73 65 20 31 3a 69 66 28 21 28 6e 3d 72 2e 73 65 6e 74 28 29 29 2e 6f 6b 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 22 2e 63 6f 6e 63 61 74 28 6e 75 6c 6c 3d 3d 74 3f 22 22 3a 74 2b 22 20 22 2c 22 53 74 61 74 75 73 3a 20 22 29 2e 63 6f 6e 63 61 74 28 6e 2e 73 74 61 74 75 73 2c 22 20 2d 20 22 29 2e 63 6f 6e 63 61 74 28 6e 2e 73 74 61 74 75 73 54 65 78 74 29 29 3b 72 65 74 75 72 6e 5b 34 2c 6e 2e 6a 73 6f 6e 28 29 5d 3b 63 61 73 65 20 32 3a 72 65 74 75 72 6e 5b 32 2c 72 2e 73 65 6e 74 28 29 5d 7d 7d 29 29 7d 29 29 7d 2c 65 2e 70 72 6f 74 6f 74 79 70 65 2e 66 65 74 63 68 50 6f 73 74 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 45 6e 28 74 68 69 73 2c 76 6f
                                                                                          Data Ascii: n[4,this.fetchGet(e)];case 1:if(!(n=r.sent()).ok)throw new Error("".concat(null==t?"":t+" ","Status: ").concat(n.status," - ").concat(n.statusText));return[4,n.json()];case 2:return[2,r.sent()]}}))}))},e.prototype.fetchPost=function(e,t){return En(this,vo


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          6192.168.2.44974813.107.246.514438892C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:51:11 UTC738OUTGET /0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/forms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6 HTTP/1.1
                                                                                          Host: assets-oce.mkt.dynamics.com
                                                                                          Connection: keep-alive
                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                          Accept: text/plain
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                          sec-ch-ua-platform: "Windows"
                                                                                          Sec-Fetch-Site: same-origin
                                                                                          Sec-Fetch-Mode: cors
                                                                                          Sec-Fetch-Dest: empty
                                                                                          Referer: https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          2024-05-10 09:51:13 UTC589INHTTP/1.1 200 OK
                                                                                          Date: Fri, 10 May 2024 09:51:12 GMT
                                                                                          Content-Type: text/html
                                                                                          Content-Length: 29425
                                                                                          Connection: close
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Cache-Control: public, max-age=900, must-revalidate
                                                                                          x-ms-trace-id: 021e619b830ac83cc8ffaed54f769d44
                                                                                          Strict-Transport-Security: max-age=2592000; preload
                                                                                          x-content-type-options: nosniff
                                                                                          x-azure-ref: 20240510T095111Z-17cb6678898p22rq5w3tat7a7800000002zg00000000458s
                                                                                          x-fd-int-roxy-purgeid: 69757193
                                                                                          X-Cache: TCP_MISS
                                                                                          Accept-Ranges: bytes
                                                                                          2024-05-10 09:51:13 UTC15795INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 4d 61 72 6b 65 74 69 6e 67 20 46 6f 72 6d 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74
                                                                                          Data Ascii: <!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Marketing Form</title> <meta name="referrer" cont
                                                                                          2024-05-10 09:51:13 UTC13630INData Raw: 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 74 77 6f 4f 70 74 69 6f 6e 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 64 69 76 2e 72 61 64 69 6f 62 75 74 74 6f 6e 73 20 3e 20 64 69 76 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 74 77 6f 4f 70 74 69 6f 6e 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 64 69 76 2e 74 77 6f 6f 70 74 69 6f 6e 5f 63 68 65 63 6b 62 6f 78 20 3e 20 64 69 76 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6f 70 74 69 6f 6e 53 65 74 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 64 69 76 2e 72 61 64 69 6f 62 75 74 74 6f 6e 73 20 3e 20 64 69 76 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6d 75 6c 74 69 4f 70 74 69 6f 6e 53 65 74 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 66 69 65 6c 64 73 65 74 20 3e 20 64 69 76 2c
                                                                                          Data Ascii: } .twoOptionFormFieldBlock div.radiobuttons > div, .twoOptionFormFieldBlock div.twooption_checkbox > div, .optionSetFormFieldBlock div.radiobuttons > div, .multiOptionSetFormFieldBlock fieldset > div,


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          7192.168.2.44975413.107.246.514438892C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:51:12 UTC650OUTGET /oce/FormLoader/public/locales/en-us/translation.json HTTP/1.1
                                                                                          Host: cxppusa1formui01cdnsa01-endpoint.azureedge.net
                                                                                          Connection: keep-alive
                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                          sec-ch-ua-platform: "Windows"
                                                                                          Accept: */*
                                                                                          Origin: https://assets-oce.mkt.dynamics.com
                                                                                          Sec-Fetch-Site: cross-site
                                                                                          Sec-Fetch-Mode: cors
                                                                                          Sec-Fetch-Dest: empty
                                                                                          Referer: https://assets-oce.mkt.dynamics.com/
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          2024-05-10 09:51:12 UTC628INHTTP/1.1 200 OK
                                                                                          Date: Fri, 10 May 2024 09:51:12 GMT
                                                                                          Content-Type: application/json
                                                                                          Content-Length: 1304
                                                                                          Connection: close
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Last-Modified: Thu, 22 Feb 2024 09:32:41 GMT
                                                                                          ETag: 0x8DC338937BE2143
                                                                                          x-ms-request-id: 897df493-c01e-0074-3b3e-a25390000000
                                                                                          x-ms-version: 2009-09-19
                                                                                          x-ms-lease-status: unlocked
                                                                                          x-ms-blob-type: BlockBlob
                                                                                          Access-Control-Allow-Origin: *
                                                                                          x-azure-ref: 20240510T095112Z-17cb6678898qxs6901qwgaz7ac0000000330000000000426
                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                          X-Cache-Info: L1_T2
                                                                                          X-Cache: TCP_HIT
                                                                                          Accept-Ranges: bytes
                                                                                          2024-05-10 09:51:12 UTC1304INData Raw: 7b 0d 0a 20 20 22 46 6f 72 6d 46 61 69 6c 65 64 54 6f 4c 6f 61 64 22 3a 20 22 46 61 69 6c 65 64 20 74 6f 20 6c 6f 61 64 20 66 6f 72 6d 22 2c 0d 0a 20 20 22 46 6f 72 6d 46 61 69 6c 65 64 54 6f 4c 6f 61 64 43 6f 72 73 22 3a 20 22 54 68 65 20 66 6f 72 6d 20 63 61 6e 20 6e 6f 74 20 62 65 20 6c 6f 61 64 65 64 20 6f 6e 20 61 20 64 6f 6d 61 69 6e 20 74 68 61 74 20 68 61 73 6e 27 74 20 62 65 65 6e 20 61 6c 6c 6f 77 65 64 20 66 6f 72 20 65 78 74 65 72 6e 61 6c 20 66 6f 72 6d 20 68 6f 73 74 69 6e 67 20 6f 72 20 74 68 65 72 65 20 69 73 20 61 20 6e 65 74 77 6f 72 6b 20 63 6f 6e 6e 65 63 74 69 76 69 74 79 20 69 73 73 75 65 22 2c 0d 0a 20 20 22 4c 65 61 72 6e 4d 6f 72 65 22 3a 20 22 4c 65 61 72 6e 20 6d 6f 72 65 22 2c 0d 0a 20 20 22 46 6f 72 6d 53 75 62 6d 69 74 74 65
                                                                                          Data Ascii: { "FormFailedToLoad": "Failed to load form", "FormFailedToLoadCors": "The form can not be loaded on a domain that hasn't been allowed for external form hosting or there is a network connectivity issue", "LearnMore": "Learn more", "FormSubmitte


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          8192.168.2.44975513.107.246.514438892C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:51:12 UTC713OUTGET /favicon.ico HTTP/1.1
                                                                                          Host: assets-oce.mkt.dynamics.com
                                                                                          Connection: keep-alive
                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                          sec-ch-ua-platform: "Windows"
                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                          Sec-Fetch-Site: same-origin
                                                                                          Sec-Fetch-Mode: no-cors
                                                                                          Sec-Fetch-Dest: image
                                                                                          Referer: https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          2024-05-10 09:51:13 UTC313INHTTP/1.1 404 Not Found
                                                                                          Date: Fri, 10 May 2024 09:51:13 GMT
                                                                                          Content-Type: text/html
                                                                                          Content-Length: 548
                                                                                          Connection: close
                                                                                          Strict-Transport-Security: max-age=2592000; preload
                                                                                          x-azure-ref: 20240510T095112Z-17cb6678898xmcnz87s7quths4000000042g000000001qa0
                                                                                          x-fd-int-roxy-purgeid: 69757193
                                                                                          X-Cache: TCP_MISS
                                                                                          2024-05-10 09:51:13 UTC548INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20
                                                                                          Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          9192.168.2.44975713.107.213.514438892C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:51:12 UTC422OUTGET /oce/FormLoader/public/locales/en-us/translation.json HTTP/1.1
                                                                                          Host: cxppusa1formui01cdnsa01-endpoint.azureedge.net
                                                                                          Connection: keep-alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                          Accept: */*
                                                                                          Sec-Fetch-Site: none
                                                                                          Sec-Fetch-Mode: cors
                                                                                          Sec-Fetch-Dest: empty
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          2024-05-10 09:51:13 UTC628INHTTP/1.1 200 OK
                                                                                          Date: Fri, 10 May 2024 09:51:13 GMT
                                                                                          Content-Type: application/json
                                                                                          Content-Length: 1304
                                                                                          Connection: close
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Last-Modified: Thu, 22 Feb 2024 09:32:41 GMT
                                                                                          ETag: 0x8DC338937BE2143
                                                                                          x-ms-request-id: 897df493-c01e-0074-3b3e-a25390000000
                                                                                          x-ms-version: 2009-09-19
                                                                                          x-ms-lease-status: unlocked
                                                                                          x-ms-blob-type: BlockBlob
                                                                                          Access-Control-Allow-Origin: *
                                                                                          x-azure-ref: 20240510T095113Z-17cb6678898vlvhxv08s6m5bks000000030g000000003xr3
                                                                                          x-fd-int-roxy-purgeid: 0
                                                                                          X-Cache-Info: L1_T2
                                                                                          X-Cache: TCP_HIT
                                                                                          Accept-Ranges: bytes
                                                                                          2024-05-10 09:51:13 UTC1304INData Raw: 7b 0d 0a 20 20 22 46 6f 72 6d 46 61 69 6c 65 64 54 6f 4c 6f 61 64 22 3a 20 22 46 61 69 6c 65 64 20 74 6f 20 6c 6f 61 64 20 66 6f 72 6d 22 2c 0d 0a 20 20 22 46 6f 72 6d 46 61 69 6c 65 64 54 6f 4c 6f 61 64 43 6f 72 73 22 3a 20 22 54 68 65 20 66 6f 72 6d 20 63 61 6e 20 6e 6f 74 20 62 65 20 6c 6f 61 64 65 64 20 6f 6e 20 61 20 64 6f 6d 61 69 6e 20 74 68 61 74 20 68 61 73 6e 27 74 20 62 65 65 6e 20 61 6c 6c 6f 77 65 64 20 66 6f 72 20 65 78 74 65 72 6e 61 6c 20 66 6f 72 6d 20 68 6f 73 74 69 6e 67 20 6f 72 20 74 68 65 72 65 20 69 73 20 61 20 6e 65 74 77 6f 72 6b 20 63 6f 6e 6e 65 63 74 69 76 69 74 79 20 69 73 73 75 65 22 2c 0d 0a 20 20 22 4c 65 61 72 6e 4d 6f 72 65 22 3a 20 22 4c 65 61 72 6e 20 6d 6f 72 65 22 2c 0d 0a 20 20 22 46 6f 72 6d 53 75 62 6d 69 74 74 65
                                                                                          Data Ascii: { "FormFailedToLoad": "Failed to load form", "FormFailedToLoadCors": "The form can not be loaded on a domain that hasn't been allowed for external form hosting or there is a network connectivity issue", "LearnMore": "Learn more", "FormSubmitte


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          10192.168.2.44975913.107.246.514438892C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:51:13 UTC668OUTGET /0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/images/285269d1-5c0d-ef11-9f89-6045bd401296?ts=638507845797957844 HTTP/1.1
                                                                                          Host: assets-oce.mkt.dynamics.com
                                                                                          Connection: keep-alive
                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                          sec-ch-ua-platform: "Windows"
                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                          Sec-Fetch-Site: same-origin
                                                                                          Sec-Fetch-Mode: no-cors
                                                                                          Sec-Fetch-Dest: image
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          2024-05-10 09:51:15 UTC484INHTTP/1.1 200 OK
                                                                                          Date: Fri, 10 May 2024 09:51:14 GMT
                                                                                          Content-Type: image/png
                                                                                          Content-Length: 73947
                                                                                          Connection: close
                                                                                          Access-Control-Allow-Origin: *
                                                                                          x-ms-trace-id: 703cecb2ccaae387e06491ea4c725cc7
                                                                                          Strict-Transport-Security: max-age=2592000; preload
                                                                                          x-content-type-options: nosniff
                                                                                          x-azure-ref: 20240510T095113Z-17cb6678898krkqgz2ark5vye800000003kg000000002hv5
                                                                                          Cache-Control: public, max-age=2592000
                                                                                          x-fd-int-roxy-purgeid: 69757193
                                                                                          X-Cache: TCP_MISS
                                                                                          Accept-Ranges: bytes
                                                                                          2024-05-10 09:51:15 UTC15900INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 06 40 00 00 04 a5 08 06 00 00 00 f0 1a 15 bf 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 00 09 70 48 59 73 00 00 0e c2 00 00 0e c2 01 15 28 4a 80 00 00 80 00 49 44 41 54 78 da ec dd 77 bc de 77 5d ff ff 47 92 a6 6d ba 07 85 0e 28 2d a5 94 0d 02 65 23 32 64 44 be 41 64 28 ca 06 51 70 21 a0 82 03 07 2a f8 45 d4 af 8a 0a 0a 6e 91 a5 10 b5 0c f1 27 88 a0 2c 41 f6 de 2d 50 66 07 a4 33 f9 fd f1 be 42 4e 43 d2 26 cd 39 27 d7 b8 df 6f b7 73 4b 72 ae 93 f4 d3 d7 e7 3a d7 b9 3e ef e7 e7 f5 7e 15 00 00 00 00 00 00 00 00 00 00 00 00 d3 6d 8d 12 00 00 00 0c 1b 36 6e 5e
                                                                                          Data Ascii: PNGIHDR@ cHRMz&u0`:pQ<bKGDpHYs(JIDATxww]Gm(-e#2dDAd(Qp!*En',A-Pf3BNC&9'osKr:>~m6n^
                                                                                          2024-05-10 09:51:15 UTC16384INData Raw: 40 10 02 c0 fe 24 00 01 d8 c9 86 8d 9b 1f 58 bd b8 5a af 1a c0 94 f8 60 e3 8e db 8f cd 40 f7 c7 e9 8d ad af 6e e2 b4 01 ac 9a bf a9 7e ac ab 39 14 7d 17 5b 5c 5d a3 ba 63 f5 a0 ea ee d5 49 4a cc 1e ba ac f1 be e5 9f 1a db b3 7d a8 ba 74 fb 83 c2 10 00 56 9b 2d b0 00 be dd b1 09 3f 80 e9 b1 b5 fa d3 66 23 fc 38 a0 fa a9 84 1f 00 ab ed 07 aa f7 57 ff 77 c3 c6 cd 5b f7 f4 e7 c5 4e c1 c7 ba ea 16 d5 f7 36 86 5e df a8 da a0 b4 ec a5 03 aa 9b 4d 3e 1e 53 bd b6 7a 49 f5 a6 ea c2 ed cf 39 41 08 00 ab 45 00 02 b0 c4 92 bb 97 01 a6 c5 5b 1b 5d 69 b3 e0 de d5 0f 39 65 00 ab ee 80 ea a9 d5 7b ab 7f b9 aa 2f de 29 f8 38 a6 ba 73 a3 db e3 5e d5 b5 94 93 65 72 7c f5 c8 ea c1 d5 1b 1b 1d 21 af a9 ce 15 84 00 b0 5a 6c 81 05 b0 c4 86 8d 9b d7 36 ee b4 7e 8c 6a 00 53 e0 e2
                                                                                          Data Ascii: @$XZ`@n~9}[\]cIJ}tV-?f#8Ww[N6^M>SzI9AE[]i9e{/)8s^er|!Zl6~jS
                                                                                          2024-05-10 09:51:15 UTC16384INData Raw: d9 c4 ee 8f 55 06 40 a4 ea 33 00 22 29 57 5d ec 0a d9 02 d8 9f 58 fd 7e 14 30 83 a8 89 20 55 c3 ed c4 ca 9a 07 0b 12 04 19 4a 14 45 7f 1f 30 c8 c3 27 49 92 24 49 75 65 21 70 3c 70 8d c1 0f 69 60 18 00 91 94 8c 2e 82 21 13 80 7d 89 60 c8 61 c0 0e c0 58 7b 4a fd f4 77 e0 ed c0 f2 82 04 41 c6 01 bf 20 ea e6 48 92 24 49 92 ea c7 cf 81 f7 02 6d 06 40 a4 81 61 00 44 52 92 ba 08 86 6c 46 14 4c 3f 90 a8 1b b2 07 b0 0d 30 d8 de 52 2f ad 03 be 0b 7c 81 02 6c 31 ce ae 85 69 c0 6f b2 73 5f 92 24 49 92 54 7c 0f 01 2f 07 ee 31 f8 21 0d 1c 03 20 92 92 d7 45 30 64 28 b0 2d b0 0f 91 2e 6b 5f 60 47 22 7d d6 10 7b 4c 15 58 03 7c 08 f8 f9 aa 0b 8e eb 28 c8 35 70 08 70 4e 76 9e 4b 92 24 49 92 8a ab 0d f8 1c f0 d5 22 bc 93 4a 45 66 00 44 52 e1 74 11 10 19 09 6c 07 4c 27 82 22
                                                                                          Data Ascii: U@3")W]X~0 UJE0'I$Iue!p<pi`.!}`aX{JwA H$Im@aDRlFL?0R/|l1ios_$IT|/1! E0d(-.k_`G"}{LX|(5ppNvK$I"JEfDRtlL'"
                                                                                          2024-05-10 09:51:15 UTC16384INData Raw: 62 95 64 67 41 cb 16 62 a2 76 68 f6 3d b7 66 fd 24 6d a3 a4 3d 18 4c 14 00 fb 57 cb cc 59 0f f9 62 d3 ad 9d 80 9f 00 db d4 d1 77 5a 45 04 37 66 03 8f 10 a9 0c 1f cc 7e 6d 29 31 50 5e 47 ff 8a 9e 0e 21 52 85 6d 46 dc 8f 77 01 76 27 16 b3 ec 98 fd fa 6a 62 37 52 11 4d 01 3e 07 9c dc 32 73 d6 12 af 1f a9 ee b5 01 77 00 af 4c ac 5d db 10 13 16 4b 3c 44 7d 93 8d 79 b7 01 3e 4c 8c 0b b5 5e 07 31 66 d0 c0 f7 f3 45 c0 7b 89 ba b7 a9 18 07 bc 90 f4 b2 3d 34 a4 ec 5e 75 20 e9 a4 bf 5a 00 9c 5e a0 be 1b 01 7c 86 b4 ea a7 54 cb 5a 22 c8 f1 00 b1 58 e3 81 ec b3 90 98 1f 59 9e 7d 3a e8 39 dd 5e 13 eb e7 7e c6 12 73 27 db 12 81 b7 dd 88 77 b9 5d 88 67 66 51 df e1 ca bd 0a b8 0b f8 7a cb cc 59 eb 06 ea 9d ae b7 01 90 c9 a4 17 a5 7b 0a b8 c1 97 5e 89 87 89 95 b0 29 05 40
                                                                                          Data Ascii: bdgAbvh=f$m=LWYbwZE7f~m)1P^G!RmFwv'jb7RM>2swL]K<D}y>L^1fE{=4^u Z^|TZ"XY}:9^~s'w]gfQzY{^)@
                                                                                          2024-05-10 09:51:15 UTC8895INData Raw: 03 8f 39 b6 95 d4 a9 d2 fd ef 72 8a 5f ad 3f 0c 38 89 98 9c 1e a8 2e 22 fd d5 b8 02 da 79 21 30 dd e7 c4 80 f5 12 8b 0c 56 67 d2 9e 23 81 93 7c 97 d3 40 64 17 00 49 37 a2 65 c0 7f 00 37 56 e0 18 d6 82 20 9f 05 26 d8 01 3b 4b 5d 91 c8 37 50 9d e0 c7 d3 44 5a 83 47 7d f0 4b 2a c0 95 c0 5f 33 6b d3 d1 c0 bb 3c 35 92 3a 4d 5d e0 03 60 17 22 5d d4 af 81 83 a9 e6 ae 0f 80 67 81 4f 62 d1 73 49 82 48 2d ff 97 12 3e f7 50 60 e7 41 cc 89 4d a4 98 f4 57 8b 89 dd 1f dd 5e 22 83 72 23 31 97 94 83 31 c0 07 81 8d 9d 83 55 7f 65 b9 03 24 4d ca 3e 49 14 67 9e 5d 81 e3 38 8e a8 09 f2 2d 60 a2 1d b0 33 d4 05 3f 3e 0e fc 9c 6a 04 3f 56 01 ff 0d 5c ec 19 94 d4 6a e9 79 3e 0f f8 25 79 bd 6c 8c 20 26 cb 5e ec 33 bb 7d d4 26 76 1b 26 78 25 d5 f5 91 64 13 22 7d c4 39 c4 38 76 e3
                                                                                          Data Ascii: 9r_?8."y!0Vg#|@dI7e7V &;K]7PDZG}K*_3k<5:M]`"]gObsIH->P`AMW^"r#11Ue$M>Ig]8-`3?>j?V\jy>%yl &^3}&v&x%d"}98v


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          11192.168.2.44976113.107.246.514438892C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:51:13 UTC444OUTGET /0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/forms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6 HTTP/1.1
                                                                                          Host: assets-oce.mkt.dynamics.com
                                                                                          Connection: keep-alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                          Accept: */*
                                                                                          Sec-Fetch-Site: none
                                                                                          Sec-Fetch-Mode: cors
                                                                                          Sec-Fetch-Dest: empty
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          2024-05-10 09:51:13 UTC609INHTTP/1.1 200 OK
                                                                                          Date: Fri, 10 May 2024 09:51:13 GMT
                                                                                          Content-Type: text/html
                                                                                          Content-Length: 29425
                                                                                          Connection: close
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Cache-Control: public, max-age=900, must-revalidate
                                                                                          x-ms-trace-id: 021e619b830ac83cc8ffaed54f769d44
                                                                                          Strict-Transport-Security: max-age=2592000; preload
                                                                                          x-content-type-options: nosniff
                                                                                          x-azure-ref: 20240510T095113Z-17cb6678898xmcnz87s7quths4000000044g000000000k64
                                                                                          x-fd-int-roxy-purgeid: 69757193
                                                                                          X-Cache: TCP_HIT
                                                                                          X-Cache-Info: L1_T2
                                                                                          Accept-Ranges: bytes
                                                                                          2024-05-10 09:51:13 UTC15775INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 4d 61 72 6b 65 74 69 6e 67 20 46 6f 72 6d 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74
                                                                                          Data Ascii: <!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Marketing Form</title> <meta name="referrer" cont
                                                                                          2024-05-10 09:51:13 UTC13650INData Raw: 67 69 6e 2d 74 6f 70 3a 20 31 36 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 74 77 6f 4f 70 74 69 6f 6e 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 64 69 76 2e 72 61 64 69 6f 62 75 74 74 6f 6e 73 20 3e 20 64 69 76 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 74 77 6f 4f 70 74 69 6f 6e 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 64 69 76 2e 74 77 6f 6f 70 74 69 6f 6e 5f 63 68 65 63 6b 62 6f 78 20 3e 20 64 69 76 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6f 70 74 69 6f 6e 53 65 74 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 64 69 76 2e 72 61 64 69 6f 62 75 74 74 6f 6e 73 20 3e 20 64 69 76 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6d 75 6c 74 69 4f 70 74 69 6f 6e 53 65 74 46 6f 72 6d 46 69 65 6c 64 42
                                                                                          Data Ascii: gin-top: 16px; } .twoOptionFormFieldBlock div.radiobuttons > div, .twoOptionFormFieldBlock div.twooption_checkbox > div, .optionSetFormFieldBlock div.radiobuttons > div, .multiOptionSetFormFieldB


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          12192.168.2.44976020.70.221.644438892C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:51:14 UTC605OUTOPTIONS /api/v1.0/orgs/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/landingpageforms/forms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6/visits HTTP/1.1
                                                                                          Host: public-oce.mkt.dynamics.com
                                                                                          Connection: keep-alive
                                                                                          Accept: */*
                                                                                          Access-Control-Request-Method: POST
                                                                                          Access-Control-Request-Headers: content-type
                                                                                          Origin: https://assets-oce.mkt.dynamics.com
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                          Sec-Fetch-Mode: cors
                                                                                          Sec-Fetch-Site: same-site
                                                                                          Sec-Fetch-Dest: empty
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          2024-05-10 09:51:14 UTC383INHTTP/1.1 204 No Content
                                                                                          Server: nginx
                                                                                          Date: Fri, 10 May 2024 09:51:14 GMT
                                                                                          Connection: close
                                                                                          Access-Control-Allow-Headers: content-type
                                                                                          Access-Control-Allow-Methods: GET,POST
                                                                                          Access-Control-Allow-Origin: https://assets-oce.mkt.dynamics.com
                                                                                          x-ms-trace-id: 1bf80be5677e24f6a1473bbb091293b2
                                                                                          Strict-Transport-Security: max-age=2592000; preload
                                                                                          x-content-type-options: nosniff


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          13192.168.2.44976220.70.221.644438892C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:51:15 UTC715OUTPOST /api/v1.0/orgs/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/landingpageforms/forms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6/visits HTTP/1.1
                                                                                          Host: public-oce.mkt.dynamics.com
                                                                                          Connection: keep-alive
                                                                                          Content-Length: 153
                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                          Accept: application/json
                                                                                          Content-Type: application/json
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                          sec-ch-ua-platform: "Windows"
                                                                                          Origin: https://assets-oce.mkt.dynamics.com
                                                                                          Sec-Fetch-Site: same-site
                                                                                          Sec-Fetch-Mode: cors
                                                                                          Sec-Fetch-Dest: empty
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          2024-05-10 09:51:15 UTC153OUTData Raw: 7b 22 70 61 67 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 61 73 73 65 74 73 2d 6f 63 65 2e 6d 6b 74 2e 64 79 6e 61 6d 69 63 73 2e 63 6f 6d 2f 30 65 66 36 35 35 39 39 2d 33 62 30 64 2d 65 66 31 31 2d 39 66 38 36 2d 30 30 30 64 33 61 65 30 63 31 63 64 2f 64 69 67 69 74 61 6c 61 73 73 65 74 73 2f 73 74 61 6e 64 61 6c 6f 6e 65 66 6f 72 6d 73 2f 32 66 34 32 34 66 32 65 2d 66 63 30 64 2d 65 66 31 31 2d 39 66 38 39 2d 36 30 34 35 62 64 34 30 31 35 65 36 22 7d
                                                                                          Data Ascii: {"pageUrl":"https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6"}
                                                                                          2024-05-10 09:51:16 UTC366INHTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 10 May 2024 09:51:15 GMT
                                                                                          Content-Type: application/json; charset=utf-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: close
                                                                                          Access-Control-Allow-Origin: https://assets-oce.mkt.dynamics.com
                                                                                          x-ms-trace-id: 3a124467672eb78079d2b1be2b77db4f
                                                                                          Strict-Transport-Security: max-age=2592000; preload
                                                                                          x-content-type-options: nosniff
                                                                                          2024-05-10 09:51:16 UTC54INData Raw: 32 62 0d 0a 7b 22 69 6e 74 65 72 61 63 74 69 6f 6e 53 74 61 74 75 73 22 3a 30 2c 22 65 72 72 6f 72 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 7d 0d 0a 30 0d 0a 0d 0a
                                                                                          Data Ascii: 2b{"interactionStatus":0,"errorMessage":null}0


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          14192.168.2.44976313.107.246.514438892C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:51:15 UTC467OUTGET /0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/images/285269d1-5c0d-ef11-9f89-6045bd401296?ts=638507845797957844 HTTP/1.1
                                                                                          Host: assets-oce.mkt.dynamics.com
                                                                                          Connection: keep-alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                          Accept: */*
                                                                                          Sec-Fetch-Site: none
                                                                                          Sec-Fetch-Mode: cors
                                                                                          Sec-Fetch-Dest: empty
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          2024-05-10 09:51:16 UTC504INHTTP/1.1 200 OK
                                                                                          Date: Fri, 10 May 2024 09:51:15 GMT
                                                                                          Content-Type: image/png
                                                                                          Content-Length: 73947
                                                                                          Connection: close
                                                                                          Access-Control-Allow-Origin: *
                                                                                          x-ms-trace-id: 703cecb2ccaae387e06491ea4c725cc7
                                                                                          Strict-Transport-Security: max-age=2592000; preload
                                                                                          x-content-type-options: nosniff
                                                                                          x-azure-ref: 20240510T095115Z-17cb6678898wfhrfrgfxvr4bvg00000001bg000000003ysz
                                                                                          Cache-Control: public, max-age=2592000
                                                                                          x-fd-int-roxy-purgeid: 69757193
                                                                                          X-Cache: TCP_HIT
                                                                                          X-Cache-Info: L1_T2
                                                                                          Accept-Ranges: bytes
                                                                                          2024-05-10 09:51:16 UTC15880INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 06 40 00 00 04 a5 08 06 00 00 00 f0 1a 15 bf 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 00 09 70 48 59 73 00 00 0e c2 00 00 0e c2 01 15 28 4a 80 00 00 80 00 49 44 41 54 78 da ec dd 77 bc de 77 5d ff ff 47 92 a6 6d ba 07 85 0e 28 2d a5 94 0d 02 65 23 32 64 44 be 41 64 28 ca 06 51 70 21 a0 82 03 07 2a f8 45 d4 af 8a 0a 0a 6e 91 a5 10 b5 0c f1 27 88 a0 2c 41 f6 de 2d 50 66 07 a4 33 f9 fd f1 be 42 4e 43 d2 26 cd 39 27 d7 b8 df 6f b7 73 4b 72 ae 93 f4 d3 d7 e7 3a d7 b9 3e ef e7 e7 f5 7e 15 00 00 00 00 00 00 00 00 00 00 00 00 d3 6d 8d 12 00 00 00 0c 1b 36 6e 5e
                                                                                          Data Ascii: PNGIHDR@ cHRMz&u0`:pQ<bKGDpHYs(JIDATxww]Gm(-e#2dDAd(Qp!*En',A-Pf3BNC&9'osKr:>~m6n^
                                                                                          2024-05-10 09:51:16 UTC16384INData Raw: d3 e8 90 3e 4c c9 d9 85 af 54 ff 51 bd a2 fa ff aa cf 6f 7f 40 10 02 c0 fe 24 00 01 d8 c9 86 8d 9b 1f 58 bd b8 5a af 1a c0 94 f8 60 e3 8e db 8f cd 40 f7 c7 e9 8d ad af 6e e2 b4 01 ac 9a bf a9 7e ac ab 39 14 7d 17 5b 5c 5d a3 ba 63 f5 a0 ea ee d5 49 4a cc 1e ba ac f1 be e5 9f 1a db b3 7d a8 ba 74 fb 83 c2 10 00 56 9b 2d b0 00 be dd b1 09 3f 80 e9 b1 b5 fa d3 66 23 fc 38 a0 fa a9 84 1f 00 ab ed 07 aa f7 57 ff 77 c3 c6 cd 5b f7 f4 e7 c5 4e c1 c7 ba ea 16 d5 f7 36 86 5e df a8 da a0 b4 ec a5 03 aa 9b 4d 3e 1e 53 bd b6 7a 49 f5 a6 ea c2 ed cf 39 41 08 00 ab 45 00 02 b0 c4 92 bb 97 01 a6 c5 5b 1b 5d 69 b3 e0 de d5 0f 39 65 00 ab ee 80 ea a9 d5 7b ab 7f b9 aa 2f de 29 f8 38 a6 ba 73 a3 db e3 5e d5 b5 94 93 65 72 7c f5 c8 ea c1 d5 1b 1b 1d 21 af a9 ce 15 84 00 b0
                                                                                          Data Ascii: >LTQo@$XZ`@n~9}[\]cIJ}tV-?f#8Ww[N6^M>SzI9AE[]i9e{/)8s^er|!
                                                                                          2024-05-10 09:51:16 UTC16384INData Raw: e0 c2 82 ec 02 01 78 37 f0 2d 60 a4 87 4f 92 24 49 92 ea d2 d9 c4 ee 8f 55 06 40 a4 ea 33 00 22 29 57 5d ec 0a d9 02 d8 9f 58 fd 7e 14 30 83 a8 89 20 55 c3 ed c4 ca 9a 07 0b 12 04 19 4a 14 45 7f 1f 30 c8 c3 27 49 92 24 49 75 65 21 70 3c 70 8d c1 0f 69 60 18 00 91 94 8c 2e 82 21 13 80 7d 89 60 c8 61 c0 0e c0 58 7b 4a fd f4 77 e0 ed c0 f2 82 04 41 c6 01 bf 20 ea e6 48 92 24 49 92 ea c7 cf 81 f7 02 6d 06 40 a4 81 61 00 44 52 92 ba 08 86 6c 46 14 4c 3f 90 a8 1b b2 07 b0 0d 30 d8 de 52 2f ad 03 be 0b 7c 81 02 6c 31 ce ae 85 69 c0 6f b2 73 5f 92 24 49 92 54 7c 0f 01 2f 07 ee 31 f8 21 0d 1c 03 20 92 92 d7 45 30 64 28 b0 2d b0 0f 91 2e 6b 5f 60 47 22 7d d6 10 7b 4c 15 58 03 7c 08 f8 f9 aa 0b 8e eb 28 c8 35 70 08 70 4e 76 9e 4b 92 24 49 92 8a ab 0d f8 1c f0 d5 22
                                                                                          Data Ascii: x7-`O$IU@3")W]X~0 UJE0'I$Iue!p<pi`.!}`aX{JwA H$Im@aDRlFL?0R/|l1ios_$IT|/1! E0d(-.k_`G"}{LX|(5ppNvK$I"
                                                                                          2024-05-10 09:51:16 UTC16384INData Raw: 4c ca 3e 4a a4 a5 78 02 98 9f fd fe 6a 22 a7 6e e7 aa b5 26 62 95 64 67 41 cb 16 62 a2 76 68 f6 3d b7 66 fd 24 6d a3 a4 3d 18 4c 14 00 fb 57 cb cc 59 0f f9 62 d3 ad 9d 80 9f 00 db d4 d1 77 5a 45 04 37 66 03 8f 10 a9 0c 1f cc 7e 6d 29 31 50 5e 47 ff 8a 9e 0e 21 52 85 6d 46 dc 8f 77 01 76 27 16 b3 ec 98 fd fa 6a 62 37 52 11 4d 01 3e 07 9c dc 32 73 d6 12 af 1f a9 ee b5 01 77 00 af 4c ac 5d db 10 13 16 4b 3c 44 7d 93 8d 79 b7 01 3e 4c 8c 0b b5 5e 07 31 66 d0 c0 f7 f3 45 c0 7b 89 ba b7 a9 18 07 bc 90 f4 b2 3d 34 a4 ec 5e 75 20 e9 a4 bf 5a 00 9c 5e a0 be 1b 01 7c 86 b4 ea a7 54 cb 5a 22 c8 f1 00 b1 58 e3 81 ec b3 90 98 1f 59 9e 7d 3a e8 39 dd 5e 13 eb e7 7e c6 12 73 27 db 12 81 b7 dd 88 77 b9 5d 88 67 66 51 df e1 ca bd 0a b8 0b f8 7a cb cc 59 eb 06 ea 9d ae b7
                                                                                          Data Ascii: L>Jxj"n&bdgAbvh=f$m=LWYbwZE7f~m)1P^G!RmFwv'jb7RM>2swL]K<D}y>L^1fE{=4^u Z^|TZ"XY}:9^~s'w]gfQzY
                                                                                          2024-05-10 09:51:16 UTC8915INData Raw: 53 d5 ed fa 18 09 fc 0d f0 67 22 78 b0 59 45 bf d2 83 c0 3f 03 8f 39 b6 95 d4 a9 d2 fd ef 72 8a 5f ad 3f 0c 38 89 98 9c 1e a8 2e 22 fd d5 b8 02 da 79 21 30 dd e7 c4 80 f5 12 8b 0c 56 67 d2 9e 23 81 93 7c 97 d3 40 64 17 00 49 37 a2 65 c0 7f 00 37 56 e0 18 d6 82 20 9f 05 26 d8 01 3b 4b 5d 91 c8 37 50 9d e0 c7 d3 44 5a 83 47 7d f0 4b 2a c0 95 c0 5f 33 6b d3 d1 c0 bb 3c 35 92 3a 4d 5d e0 03 60 17 22 5d d4 af 81 83 a9 e6 ae 0f 80 67 81 4f 62 d1 73 49 82 48 2d ff 97 12 3e f7 50 60 e7 41 cc 89 4d a4 98 f4 57 8b 89 dd 1f dd 5e 22 83 72 23 31 97 94 83 31 c0 07 81 8d 9d 83 55 7f 65 b9 03 24 4d ca 3e 49 14 67 9e 5d 81 e3 38 8e a8 09 f2 2d 60 a2 1d b0 33 d4 05 3f 3e 0e fc 9c 6a 04 3f 56 01 ff 0d 5c ec 19 94 d4 6a e9 79 3e 0f f8 25 79 bd 6c 8c 20 26 cb 5e ec 33 bb 7d
                                                                                          Data Ascii: Sg"xYE?9r_?8."y!0Vg#|@dI7e7V &;K]7PDZG}K*_3k<5:M]`"]gObsIH->P`AMW^"r#11Ue$M>Ig]8-`3?>j?V\jy>%yl &^3}


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          15192.168.2.44976420.70.221.644438892C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:51:17 UTC468OUTGET /api/v1.0/orgs/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/landingpageforms/forms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6/visits HTTP/1.1
                                                                                          Host: public-oce.mkt.dynamics.com
                                                                                          Connection: keep-alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                          Accept: */*
                                                                                          Sec-Fetch-Site: none
                                                                                          Sec-Fetch-Mode: cors
                                                                                          Sec-Fetch-Dest: empty
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          2024-05-10 09:51:17 UTC218INHTTP/1.1 403 Forbidden
                                                                                          Server: nginx
                                                                                          Date: Fri, 10 May 2024 09:51:17 GMT
                                                                                          Content-Length: 0
                                                                                          Connection: close
                                                                                          x-ms-trace-id: 8c868caa707503178ec6b94e57117a53
                                                                                          Strict-Transport-Security: max-age=2592000; preload


                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                          16192.168.2.44977240.127.169.103443
                                                                                          TimestampBytes transferredDirectionData
                                                                                          2024-05-10 09:51:38 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Y49FkgBSOF+mCl+&MD=lYe4Z8or HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: */*
                                                                                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                          Host: slscr.update.microsoft.com
                                                                                          2024-05-10 09:51:39 UTC560INHTTP/1.1 200 OK
                                                                                          Cache-Control: no-cache
                                                                                          Pragma: no-cache
                                                                                          Content-Type: application/octet-stream
                                                                                          Expires: -1
                                                                                          Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                          ETag: "Mx1RoJH/qEwpWfKllx7sbsl28AuERz5IYdcsvtTJcgM=_2160"
                                                                                          MS-CorrelationId: 02e386f4-9475-427f-a304-2fcabea17131
                                                                                          MS-RequestId: 6586a7b3-3861-4427-8341-73380284143d
                                                                                          MS-CV: g1HfyiIS1Umvpl0b.0
                                                                                          X-Microsoft-SLSClientCache: 2160
                                                                                          Content-Disposition: attachment; filename=environment.cab
                                                                                          X-Content-Type-Options: nosniff
                                                                                          Date: Fri, 10 May 2024 09:51:38 GMT
                                                                                          Connection: close
                                                                                          Content-Length: 25457
                                                                                          2024-05-10 09:51:39 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 51 22 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 db 8e 00 00 14 00 00 00 00 00 10 00 51 22 00 00 20 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 f3 43 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 0d 92 6f db e5 21 f3 43 43 4b ed 5a 09 38 55 5b df 3f 93 99 90 29 99 e7 29 ec 73 cc 4a 66 32 cf 84 32 64 c8 31 c7 11 52 38 87 90 42 66 09 99 87 32 0f 19 0a 09 51 a6 a8 08 29 53 86 4a 52 84 50 df 46 83 ba dd 7b df fb 7e ef 7d ee 7d bf ef 9e e7 d9 67 ef 35 ee b5 fe eb 3f ff b6 96 81 a2 0a 04 fc 31 40 21 5b 3f a5 ed 1b 04 0e 85 42 a0 10 04 64 12 6c a5 de aa a1 d8 ea f3 58 01 f2 f5 67 0b 5e 9b bd e8 a0 90 1d bf 40 88 9d eb 49 b4 87 9b ab 8b 9d 2b 46 c8 c7 c5 19 92
                                                                                          Data Ascii: MSCFQ"DQ" AdCenvironment.cabo!CCKZ8U[?))sJf22d1R8Bf2Q)SJRPF{~}}g5?1@![?BdlXg^@I+F
                                                                                          2024-05-10 09:51:39 UTC9633INData Raw: 21 6f b3 eb a6 cc f5 31 be cf 05 e2 a9 fe fa 57 6d 19 30 b3 c2 c5 66 c9 6a df f5 e7 f0 78 bd c7 a8 9e 25 e3 f9 bc ed 6b 54 57 08 2b 51 82 44 12 fb b9 53 8c cc f4 60 12 8a 76 cc 40 40 41 9b dc 5c 17 ff 5c f9 5e 17 35 98 24 56 4b 74 ef 42 10 c8 af bf 7f c6 7f f2 37 7d 5a 3f 1c f2 99 79 4a 91 52 00 af 38 0f 17 f5 2f 79 81 65 d9 a9 b5 6b e4 c7 ce f6 ca 7a 00 6f 4b 30 44 24 22 3c cf ed 03 a5 96 8f 59 29 bc b6 fd 04 e1 70 9f 32 4a 27 fd 55 af 2f fe b6 e5 8e 33 bb 62 5f 9a db 57 40 e9 f1 ce 99 66 90 8c ff 6a 62 7f dd c5 4a 0b 91 26 e2 39 ec 19 4a 71 63 9d 7b 21 6d c3 9c a3 a2 3c fa 7f 7d 96 6a 90 78 a6 6d d2 e1 9c f9 1d fc 38 d8 94 f4 c6 a5 0a 96 86 a4 bd 9e 1a ae 04 42 83 b8 b5 80 9b 22 38 20 b5 25 e5 64 ec f7 f4 bf 7e 63 59 25 0f 7a 2e 39 57 76 a2 71 aa 06 8a
                                                                                          Data Ascii: !o1Wm0fjx%kTW+QDS`v@@A\\^5$VKtB7}Z?yJR8/yekzoK0D$"<Y)p2J'U/3b_W@fjbJ&9Jqc{!m<}jxm8B"8 %d~cY%z.9Wvq


                                                                                          050100150200s020406080100

                                                                                          Click to jump to process

                                                                                          050100150200s0.0050100MB

                                                                                          Click to jump to process

                                                                                          • File
                                                                                          • Registry

                                                                                          Click to dive into process behavior distribution

                                                                                          Target ID:0
                                                                                          Start time:11:50:41
                                                                                          Start date:10/05/2024
                                                                                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                          Wow64 process (32bit):false
                                                                                          Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\North Cheshire Holdings Ltd.pdf"
                                                                                          Imagebase:0x7ff6bc1b0000
                                                                                          File size:5'641'176 bytes
                                                                                          MD5 hash:24EAD1C46A47022347DC0F05F6EFBB8C
                                                                                          Has elevated privileges:true
                                                                                          Has administrator privileges:true
                                                                                          Programmed in:C, C++ or other language
                                                                                          Reputation:moderate
                                                                                          Has exited:true
                                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                                                          Target ID:1
                                                                                          Start time:11:50:41
                                                                                          Start date:10/05/2024
                                                                                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          Wow64 process (32bit):false
                                                                                          Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
                                                                                          Imagebase:0x7ff74bb60000
                                                                                          File size:3'581'912 bytes
                                                                                          MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                                                                          Has elevated privileges:true
                                                                                          Has administrator privileges:true
                                                                                          Programmed in:C, C++ or other language
                                                                                          Reputation:moderate
                                                                                          Has exited:true
                                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                                                          Target ID:3
                                                                                          Start time:11:50:42
                                                                                          Start date:10/05/2024
                                                                                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                          Wow64 process (32bit):false
                                                                                          Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2092 --field-trial-handle=1728,i,2678301701838385624,16601363831338403521,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
                                                                                          Imagebase:0x7ff74bb60000
                                                                                          File size:3'581'912 bytes
                                                                                          MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                                                                          Has elevated privileges:true
                                                                                          Has administrator privileges:true
                                                                                          Programmed in:C, C++ or other language
                                                                                          Reputation:moderate
                                                                                          Has exited:true

                                                                                          Target ID:7
                                                                                          Start time:11:51:06
                                                                                          Start date:10/05/2024
                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          Wow64 process (32bit):false
                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://assets-oce.mkt.dynamics.com/0ef65599-3b0d-ef11-9f86-000d3ae0c1cd/digitalassets/standaloneforms/2f424f2e-fc0d-ef11-9f89-6045bd4015e6"
                                                                                          Imagebase:0x7ff76e190000
                                                                                          File size:3'242'272 bytes
                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                          Has elevated privileges:true
                                                                                          Has administrator privileges:true
                                                                                          Programmed in:C, C++ or other language
                                                                                          Reputation:high
                                                                                          Has exited:false

                                                                                          Target ID:8
                                                                                          Start time:11:51:06
                                                                                          Start date:10/05/2024
                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          Wow64 process (32bit):false
                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1968,i,15698752634780464909,2133048994524742333,262144 /prefetch:8
                                                                                          Imagebase:0x7ff76e190000
                                                                                          File size:3'242'272 bytes
                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                          Has elevated privileges:true
                                                                                          Has administrator privileges:true
                                                                                          Programmed in:C, C++ or other language
                                                                                          Reputation:high
                                                                                          Has exited:false

                                                                                          No disassembly