Edit tour

Windows Analysis Report
https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id

Overview

General Information

Sample URL:	https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id
Analysis ID:	1447750
Infos:

Detection

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Multi AV Scanner detection for submitted file

Phishing site detected (based on favicon image match)

Classification

Process Tree

System is w10x64

chrome.exe (PID: 7100 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 6052 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2028,i,13871963784792266551,7697430413099180902,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 2420 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social usering

Multi AV Scanner detection for submitted file

Source: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id

Virustotal: Detection: 14%

Perma Link

Phishing

Phishing site detected (based on favicon image match)

Source: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id

Matcher: Template: facebook matched with high similarity

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49717 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /appeal_case_id HTTP/1.1Host: open-cases-support-for-business-appeal-id-204.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/js/main.2a7e9354.js HTTP/1.1Host: open-cases-support-for-business-appeal-id-204.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_idAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/css/main.4b429469.css HTTP/1.1Host: open-cases-support-for-business-appeal-id-204.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_idAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/media/locked3.f8aad5b3548314fb29cd.jpg HTTP/1.1Host: open-cases-support-for-business-appeal-id-204.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_idAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /manifest.json HTTP/1.1Host: open-cases-support-for-business-appeal-id-204.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_idAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logo.png HTTP/1.1Host: open-cases-support-for-business-appeal-id-204.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_idAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/media/locked3.f8aad5b3548314fb29cd.jpg HTTP/1.1Host: open-cases-support-for-business-appeal-id-204.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logo192.png HTTP/1.1Host: open-cases-support-for-business-appeal-id-204.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_idAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logo.png HTTP/1.1Host: open-cases-support-for-business-appeal-id-204.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /logo192.png HTTP/1.1Host: open-cases-support-for-business-appeal-id-204.vercel.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: open-cases-support-for-business-appeal-id-204.vercel.app
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49717 version: TLS 1.2

Source: classification engine

Classification label: mal64.phis.win@16/17@6/6

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2028,i,13871963784792266551,7697430413099180902,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2028,i,13871963784792266551,7697430413099180902,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id	0%	Avira URL Cloud	safe
https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id	15%	Virustotal		Browse
https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id	100%	SlashNext	Credential Stealing type: Phishing & Social usering

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Link
fp2e7a.wpc.phicdn.net	0%	Virustotal	Browse
www.google.com	0%	Virustotal	Browse
bg.microsoft.map.fastly.net	0%	Virustotal	Browse
open-cases-support-for-business-appeal-id-204.vercel.app	2%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label
https://open-cases-support-for-business-appeal-id-204.vercel.app/static/js/main.2a7e9354.js	0%	Avira URL Cloud	safe
https://open-cases-support-for-business-appeal-id-204.vercel.app/static/media/locked3.f8aad5b3548314fb29cd.jpg	0%	Avira URL Cloud	safe
https://open-cases-support-for-business-appeal-id-204.vercel.app/logo.png	0%	Avira URL Cloud	safe
https://open-cases-support-for-business-appeal-id-204.vercel.app/static/css/main.4b429469.css	0%	Avira URL Cloud	safe
https://open-cases-support-for-business-appeal-id-204.vercel.app/manifest.json	0%	Avira URL Cloud	safe
https://open-cases-support-for-business-appeal-id-204.vercel.app/logo192.png	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
bg.microsoft.map.fastly.net	199.232.214.172	true	false	0%, Virustotal, Browse	unknown
www.google.com	142.250.186.100	true	false	0%, Virustotal, Browse	unknown
open-cases-support-for-business-appeal-id-204.vercel.app	76.76.21.241	true	false	2%, Virustotal, Browse	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	0%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://open-cases-support-for-business-appeal-id-204.vercel.app/static/media/locked3.f8aad5b3548314fb29cd.jpg	false	Avira URL Cloud: safe	unknown
https://open-cases-support-for-business-appeal-id-204.vercel.app/static/js/main.2a7e9354.js	false	Avira URL Cloud: safe	unknown
https://open-cases-support-for-business-appeal-id-204.vercel.app/logo.png	false	Avira URL Cloud: safe	unknown
https://open-cases-support-for-business-appeal-id-204.vercel.app/static/css/main.4b429469.css	false	Avira URL Cloud: safe	unknown
https://open-cases-support-for-business-appeal-id-204.vercel.app/logo192.png	false	Avira URL Cloud: safe	unknown
https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id	true		unknown
https://open-cases-support-for-business-appeal-id-204.vercel.app/manifest.json	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
239.255.255.250	unknown	Reserved	unknown	unknown	false
76.76.21.241	open-cases-support-for-business-appeal-id-204.vercel.app	United States	16509	AMAZON-02US	false
76.76.21.61	unknown	United States	16509	AMAZON-02US	false
142.250.186.100	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4
192.168.2.6

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1447750
Start date and time:	2024-05-27 00:42:29 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 13s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal64.phis.win@16/17@6/6
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.67, 74.125.206.84, 142.250.186.110, 34.104.35.123, 13.85.23.86, 199.232.214.172, 192.229.221.95, 13.85.23.206, 20.3.187.198, 216.58.206.67
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id Model: Perplexity: mixtral-8x7b-instruct	{ "loginform": false, "reasons": [ "No input fields for username or password are present in the text.", "No 'Login' or 'Submit' button is present in the text.", "The text is about a Facebook Information Center and an account review process, not a login form." ] }
Meta Welcome to the Facebook Information Center We have noticed that your account has engaged in inappropriate advertising behavior. According to Facebook's policy, your advertising account will be temporarily suspended starting from May 26, 2024 Detailed information: Your ads will not be displayed until we have reviewed your account. Below, you need to complete several steps to proceed with the review of your account. Continue

Input

Output

URL: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id Model: Perplexity: mixtral-8x7b-instruct

{
"loginform": false,
"reasons": [
"No input fields for username or password are present in the text.",
"No 'Login' or 'Submit' button is present in the text.",
"The text is about a Facebook Information Center and an account review process, not a login form."
]
}

Meta Welcome to the Facebook Information Center We have noticed that your account has engaged in inappropriate advertising behavior. According to Facebook's policy, your advertising account will be temporarily suspended starting from May 26, 2024 Detailed information: Your ads will not be displayed until we have reviewed your account. Below, you need to complete several steps to proceed with the review of your account. Continue

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 49

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 192 x 192, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	5347
Entropy (8bit):	7.94375880473395
Encrypted:	false
SSDEEP:	96:gMgJkzj81lSl2dxYAYKsHHVIqApHGoKf4slNb6LQbTehYx5AtKAdmTRwy/Ik2k3:gMct0nKsUwXTbnkeAMA+Twkv
MD5:	33DBDD0177549353EEEB785D02C294AF
SHA1:	7F4F2D68782A7FAFCEDA84554ECAB9B489877500
SHA-256:	C386396EC70DB3608075B5FBFAAC4AB1CCAA86BA05A68AB393EC551EB66C3E00
SHA-512:	E34572CF754FF7E1D0ACB12D8275252230AD1DD9ADC5858E807FEF0FB61AEA82CB1F9CA3EBAB3EEB449460373140105F8D773E7BDDBF6745F9E81CC1546621F4
Malicious:	false
Reputation:	low
URL:	https://open-cases-support-for-business-appeal-id-204.vercel.app/logo192.png
Preview:	.PNG........IHDR.............e..5....PLTE...d..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..`..a..a..a..a..a..a..a..`..a..a..a..a..a..a..a..a..a..a..a..f..a..c..e..h..H.....'tRNS...#..,..._....E..L..n?X.4Qg.yt.:.....!.....IDATx..[.r.0....l..;>...i...?_-,.)........L'......o..o..o..o..o.x-..F?......&.?B.Y.>....MO.q.......8.r....1.O..'....<...x...h.>.[.q.@L...)...."7....$.../..I.k....T.w...O.V...B8..O_....YI..... .e....0.5SH....\|.../..e8=vbu.\5.......}7r..l.h.O..O.p'8?i.3..O.-....6...CS..3.u..qHc6I..)(........k..LV.....#...,<....t.pz......!...YQ.yZ...C:.a.x.D....\|.\....M.Q..4.6.b..O9.Q.X......wt3...~..0........@..K..d.[T..r..k...@.O.X6$..J........,5....F..#.0._o...Iy....S.....>m..K9%..m.9.W..VJ..uX..Cc...p..+.".......>..)>x..!".#s3...d.'.....4{...H.n..fP......#.....8C.b..."......\@...F...P..Mul..v.&.....2...n~..P#..g.L.......K..7C....IO.--......I..)@.`'..KOY....2r?.C...C(..8....7...M\|68....y........D.U:R.......7.G..W..mT#t...;..[..

Chrome Cache Entry: 50

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65464), with CRLF line terminators
Category:	downloaded
Size (bytes):	271965
Entropy (8bit):	5.674751565463215
Encrypted:	false
SSDEEP:	6144:YWBFoqfB+rvRGPHUi5fig8N6iuJJZi6B8hVm:50vEHZg7IiuJHd
MD5:	90CFD567840E63E35472CC83560ADB9F
SHA1:	09D7A359C47CDDB7EF8C7F576FBFD8266823E3C6
SHA-256:	0EEC2B0E8CC72E937F9784DF0E4B50A912D3FB8A986F0E1A9D3444F59E0D57BE
SHA-512:	8C6BCB6E146A835E638FE64591C0F7D7CD5F6E15030949DA249812104D335C1C66796BD6DD89CBCEBBC001F3A6D7352BDEE8DFEBCF6AF83F1E67F9ED16A6202C
Malicious:	false
Reputation:	low
URL:	https://open-cases-support-for-business-appeal-id-204.vercel.app/static/js/main.2a7e9354.js
Preview:	/! For license information please see main.2a7e9354.js.LICENSE.txt /..(()=>{"use strict";var e={110:(e,t,n)=>{var r=n(309),a={childContextTypes:!0,contextType:!0,contextTypes:!0,defaultProps:!0,displayName:!0,getDefaultProps:!0,getDerivedStateFromError:!0,getDerivedStateFromProps:!0,mixins:!0,propTypes:!0,type:!0},o={name:!0,length:!0,prototype:!0,caller:!0,callee:!0,arguments:!0,arity:!0},l={$$typeof:!0,compare:!0,defaultProps:!0,displayName:!0,propTypes:!0,type:!0},i={};function s(e){return r.isMemo(e)?l:i[e.$$typeof]\|\|a}i[r.ForwardRef]={$$typeof:!0,render:!0,defaultProps:!0,displayName:!0,propTypes:!0},i[r.Memo]=l;var u=Object.defineProperty,c=Object.getOwnPropertyNames,d=Object.getOwnPropertySymbols,f=Object.getOwnPropertyDescriptor,p=Object.getPrototypeOf,h=Object.prototype;e.exports=function e(t,n,r){if("string"!==typeof n){if(h){var a=p(n);a&&a!==h&&e(t,a,r)}var l=c(n);d&&(l=l.concat(d(n)));for(var i=s(t),A=s(n),m=0;m<l.length;++m){var v=l[m];if(!o[v]&&(!r\|\|!r[v])&&(!A\|\|!A[v])

Chrome Cache Entry: 51

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	35616
Entropy (8bit):	7.986628448775663
Encrypted:	false
SSDEEP:	768:Z+eI7tkdnNbhZCXYNv6lGIvi9DFDPDClsH/RTu9eLtlgsHl1W7X:m+b/PJMTiRFDrSI1LtTFUX
MD5:	3DDB61BDD806C16C6AA2B1DFDB7EAEC9
SHA1:	5F5CBFD0F1284B09C15884A494758F8626227DD4
SHA-256:	62EBFAB29CDF3C417EB48E9C429133D6C4D1B8DDB27FC14820A57B9D5A617AE8
SHA-512:	AFB7C527C04BD44DBC53EAB69D99AF3933E9000B1287630299178FB0C6DCE462AB249A754B58BB62F986FDDE017E0D149F5BACEDBEE10B8C80572AB7A2E46FC7
Malicious:	false
Reputation:	low
URL:	https://open-cases-support-for-business-appeal-id-204.vercel.app/logo.png
Preview:	RIFF....WEBPVP8L..../.....Y...m....."..pD............n(..E.T.1R..PU..+...,...-.....a.....Q......$... Q..\|.@=.C....H.`=...8..=..]^.(......@..`....9......Q........)u....~.u.Q...".u^.{.T.?..M..w...=~...n.>...t...^o."..yA.5.8.4.A.E.\.D.R..C.X..D.. Z..$..E....2..o"...9.d.uS.8..j.....G...A0...9..9$E.U[.......th..z(...Z..\|7 {..nW....O.?N.'.........4.i....B..$....A..].;.... j.(.D..\|....r.D.'...r.y.p....%.H......a9.,n8B..8...\.......@.L.B.P.:. ....p.....p.R.....j((V=.e//<.e.....>....>.#/..u>.............;W...a&..d..GA0.........7.?.M#....G.O.YX.J..B..,.F.kT...<.....BN.XM..W(.8.Vg'....[...........T.....O.z.....W+.....J.'\.W...<8X..wvV9..x..Yeyw&..g.k[<....~.p..q..+d.j......4..]5y.(.?....oT`..u..;..-...o,..b.../..uX4..Ec..4444....o.i.B.I......g..;..1....."`......q14..z.....>...?...S.FU.8/...>g.?.....yF...<..+M.......a...;..6..0.....E.E....k..i..~.*Id.LoMN[.+.Ar..8t...Mv...TR.9Ci.<..7L..9.%$....(.\|o=.s...`.l..(..<r.-2..m..f....i..!wo...r..~.g....{Mq0..

Chrome Cache Entry: 52

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (10026), with CRLF line terminators
Category:	downloaded
Size (bytes):	10072
Entropy (8bit):	5.212491013854088
Encrypted:	false
SSDEEP:	96:0Nmbbks8rsXw30aGLdaqzMWv56yclIyp+XvxQ/yYZTETioyXwq/N5QTw47:0wEsx200MMWvo1lNp+XvxvOoLmg7
MD5:	190F5E5D9CC9957E2A752F6927A402A5
SHA1:	26FF2B10AB0A6F5879E7E1E761ABE399D480AD29
SHA-256:	8168F95C9B828F8BA3856404AFFD3C1E580FFFDEF197E69495F135FB900FD645
SHA-512:	45EF7B5E25BCA03A8E0CCF92CA7459DF85AD157795149D96918EA9FFB7429CECA7C4F30C3D49EA7A20C02A81B3877B7AA5D008B0E138AA2C6F84AF5010A75508
Malicious:	false
Reputation:	low
URL:	https://open-cases-support-for-business-appeal-id-204.vercel.app/static/css/main.4b429469.css
Preview:	html{-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}input::-webkit-inner-spin-button,input::-webkit-outer-spin-button{-webkit-appearance:none;margin:0}input[type=number]{-moz-appearance:textfield}*{box-sizing:border-box}a,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,em,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,object,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{border:0;font-size:100%;font:inherit;margin:0;padding:0;vertical-align:initial}article,aside,details,figcaption,figure,footer,header,hgroup,menu,nav,section{display:block}:root{--font-website:system-ui,-apple-system,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans","Liberation Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto C

Chrome Cache Entry: 53

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	35616
Entropy (8bit):	7.986628448775663
Encrypted:	false
SSDEEP:	768:Z+eI7tkdnNbhZCXYNv6lGIvi9DFDPDClsH/RTu9eLtlgsHl1W7X:m+b/PJMTiRFDrSI1LtTFUX
MD5:	3DDB61BDD806C16C6AA2B1DFDB7EAEC9
SHA1:	5F5CBFD0F1284B09C15884A494758F8626227DD4
SHA-256:	62EBFAB29CDF3C417EB48E9C429133D6C4D1B8DDB27FC14820A57B9D5A617AE8
SHA-512:	AFB7C527C04BD44DBC53EAB69D99AF3933E9000B1287630299178FB0C6DCE462AB249A754B58BB62F986FDDE017E0D149F5BACEDBEE10B8C80572AB7A2E46FC7
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8L..../.....Y...m....."..pD............n(..E.T.1R..PU..+...,...-.....a.....Q......$... Q..\|.@=.C....H.`=...8..=..]^.(......@..`....9......Q........)u....~.u.Q...".u^.{.T.?..M..w...=~...n.>...t...^o."..yA.5.8.4.A.E.\.D.R..C.X..D.. Z..$..E....2..o"...9.d.uS.8..j.....G...A0...9..9$E.U[.......th..z(...Z..\|7 {..nW....O.?N.'.........4.i....B..$....A..].;.... j.(.D..\|....r.D.'...r.y.p....%.H......a9.,n8B..8...\.......@.L.B.P.:. ....p.....p.R.....j((V=.e//<.e.....>....>.#/..u>.............;W...a&..d..GA0.........7.?.M#....G.O.YX.J..B..,.F.kT...<.....BN.XM..W(.8.Vg'....[...........T.....O.z.....W+.....J.'\.W...<8X..wvV9..x..Yeyw&..g.k[<....~.p..q..+d.j......4..]5y.(.?....oT`..u..;..-...o,..b.../..uX4..Ec..4444....o.i.B.I......g..;..1....."`......q14..z.....>...?...S.FU.8/...>g.?.....yF...<..+M.......a...;..6..0.....E.E....k..i..~.*Id.LoMN[.+.Ar..8t...Mv...TR.9Ci.<..7L..9.%$....(.\|o=.s...`.l..(..<r.-2..m..f....i..!wo...r..~.g....{Mq0..

Chrome Cache Entry: 54

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1400x753, components 3
Category:	downloaded
Size (bytes):	78013
Entropy (8bit):	7.655386019209518
Encrypted:	false
SSDEEP:	1536:yKZKal/1CT922zh3MgLnSCjeMiEUL/mHnKGR8ulk:TKU/I82JLnNKbE+xGR8ui
MD5:	FE814BA91F3DDAB3535253A2DC94F41C
SHA1:	784D20946B089CBB701497A2163D60DAED2F4E3D
SHA-256:	14E3984B0A47CDE756D2BB4D8F7ED16D467C128DE4C6AF47DAB07761C49FE871
SHA-512:	A43F66D2FABDB352A081398BE15B1853CAAF25B576DEF2729A9C8E0CD4C0C2A61FA9C57E53C5D3F048D8F611E67701F0945BA998790E1247A4706434006FD7DB
Malicious:	false
Reputation:	low
URL:	https://open-cases-support-for-business-appeal-id-204.vercel.app/static/media/locked3.f8aad5b3548314fb29cd.jpg
Preview:	......JFIF.....H.H....."Exif..MM...........................ICC_PROFILE............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6...C....................................................................C.........................................................................x.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.

Chrome Cache Entry: 55

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (982), with no line terminators
Category:	downloaded
Size (bytes):	982
Entropy (8bit):	4.734159837008326
Encrypted:	false
SSDEEP:	12:qTEOr26V5qQq6yqFeqdkeq4CHHqZCHHqSCHHqukqRHFUHEbVe1eF5TG7faKj2a:0EWRHjVyvk8VM7kuhbVqeF5C75j2a
MD5:	224BF5715AA9473E84A327135EA53842
SHA1:	4D01ED1505B4BCDEBD4442BBCE77C3B4B1416B51
SHA-256:	919E942A14D9226B01E0D41D2E69E94807AA4A0615C58A04C06A7B9AAA66F760
SHA-512:	45CB506BE01B6CCBF275C0538DB3B4238372D12F897AE682DCC6D1F8DF198B8AE237C1C7BBA767E3C98D60FEAF6F0D02A4EC6C403DEBF14756DA203630544E7B
Malicious:	false
Reputation:	low
URL:	https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id
Preview:	<!doctype html><html lang="en"><head><link rel="icon" href="/logo.png"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><meta property="og:type" content="website"><meta property="twitter:type" content="website"><meta property="og:url" content="/meta-community-standard"><meta property="twitter:url" content="/meta-community-standard"><meta property="og:title" content="Meta for business"><meta property="twitter:title" content="Meta for business"><meta property="description" content="Meta for business"><meta property="og:image" content="/logo.png"><meta property="twitter:image" content="/logo.png"><link rel="manifest" href="/manifest.json"/><title>Information center</title><script defer="defer" src="/static/js/main.2a7e9354.js"></script><link href="/static/css/main.4b429469.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div></body></html>

Chrome Cache Entry: 56

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 192 x 192, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	5347
Entropy (8bit):	7.94375880473395
Encrypted:	false
SSDEEP:	96:gMgJkzj81lSl2dxYAYKsHHVIqApHGoKf4slNb6LQbTehYx5AtKAdmTRwy/Ik2k3:gMct0nKsUwXTbnkeAMA+Twkv
MD5:	33DBDD0177549353EEEB785D02C294AF
SHA1:	7F4F2D68782A7FAFCEDA84554ECAB9B489877500
SHA-256:	C386396EC70DB3608075B5FBFAAC4AB1CCAA86BA05A68AB393EC551EB66C3E00
SHA-512:	E34572CF754FF7E1D0ACB12D8275252230AD1DD9ADC5858E807FEF0FB61AEA82CB1F9CA3EBAB3EEB449460373140105F8D773E7BDDBF6745F9E81CC1546621F4
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............e..5....PLTE...d..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..a..`..a..a..a..a..a..a..a..`..a..a..a..a..a..a..a..a..a..a..a..f..a..c..e..h..H.....'tRNS...#..,..._....E..L..n?X.4Qg.yt.:.....!.....IDATx..[.r.0....l..;>...i...?_-,.)........L'......o..o..o..o..o.x-..F?......&.?B.Y.>....MO.q.......8.r....1.O..'....<...x...h.>.[.q.@L...)...."7....$.../..I.k....T.w...O.V...B8..O_....YI..... .e....0.5SH....\|.../..e8=vbu.\5.......}7r..l.h.O..O.p'8?i.3..O.-....6...CS..3.u..qHc6I..)(........k..LV.....#...,<....t.pz......!...YQ.yZ...C:.a.x.D....\|.\....M.Q..4.6.b..O9.Q.X......wt3...~..0........@..K..d.[T..r..k...@.O.X6$..J........,5....F..#.0._o...Iy....S.....>m..K9%..m.9.W..VJ..uX..Cc...p..+.".......>..)>x..!".#s3...d.'.....4{...H.n..fP......#.....8C.b..."......\@...F...P..Mul..v.&.....2...n~..P#..g.L.......K..7C....IO.--......I..)@.`'..KOY....2r?.C...C(..8....7...M\|68....y........D.U:R.......7.G..W..mT#t...;..[..

Chrome Cache Entry: 57

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	515
Entropy (8bit):	4.570092422848653
Encrypted:	false
SSDEEP:	12:6YEqol5oL0Mqo4XorigqXoTjvV/2wDTMA:6YFol5HzXf7XybfDTX
MD5:	D9B64CF56AAD8262259C011D20B47907
SHA1:	9DE540D288565090F0C38B5F394FAF57E564DF8B
SHA-256:	6D14FF955D88406E6EE72C3DB606E3690D5B15623FE5A617FA2168FC6CC7EFEF
SHA-512:	CFF28E580F6A45791371639EAFAAA14466F274CB788AE0A2AA9275E2280C6FFEDA81F75E6D3F6F396A29F3E5D4DF69F5A41751D1B265AB41BF8DA403EE20CE1E
Malicious:	false
Reputation:	low
URL:	https://open-cases-support-for-business-appeal-id-204.vercel.app/manifest.json
Preview:	{.. "short_name": "React App",.. "name": "Create React App Sample",.. "icons": [.. {.. "src": "favicon.ico",.. "sizes": "64x64 32x32 24x24 16x16",.. "type": "image/x-icon".. },.. {.. "src": "logo192.png",.. "type": "image/png",.. "sizes": "192x192".. },.. {.. "src": "logo512.png",.. "type": "image/png",.. "sizes": "512x512".. }.. ],.. "start_url": ".",.. "display": "standalone",.. "theme_color": "#000000",.. "background_color": "#ffffff"..}

Chrome Cache Entry: 58

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1400x753, components 3
Category:	dropped
Size (bytes):	78013
Entropy (8bit):	7.655386019209518
Encrypted:	false
SSDEEP:	1536:yKZKal/1CT922zh3MgLnSCjeMiEUL/mHnKGR8ulk:TKU/I82JLnNKbE+xGR8ui
MD5:	FE814BA91F3DDAB3535253A2DC94F41C
SHA1:	784D20946B089CBB701497A2163D60DAED2F4E3D
SHA-256:	14E3984B0A47CDE756D2BB4D8F7ED16D467C128DE4C6AF47DAB07761C49FE871
SHA-512:	A43F66D2FABDB352A081398BE15B1853CAAF25B576DEF2729A9C8E0CD4C0C2A61FA9C57E53C5D3F048D8F611E67701F0945BA998790E1247A4706434006FD7DB
Malicious:	false
Reputation:	low
Preview:	......JFIF.....H.H....."Exif..MM...........................ICC_PROFILE............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6...C....................................................................C.........................................................................x.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 27, 2024 00:43:13.582464933 CEST	49674	443	192.168.2.6	173.222.162.64
May 27, 2024 00:43:13.582464933 CEST	49673	443	192.168.2.6	173.222.162.64
May 27, 2024 00:43:13.848037958 CEST	49672	443	192.168.2.6	173.222.162.64
May 27, 2024 00:43:21.976555109 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:21.976594925 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:21.976672888 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:21.977020979 CEST	49705	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:21.977030039 CEST	443	49705	76.76.21.241	192.168.2.6
May 27, 2024 00:43:21.977622986 CEST	49705	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:21.978805065 CEST	49705	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:21.978822947 CEST	443	49705	76.76.21.241	192.168.2.6
May 27, 2024 00:43:21.979152918 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:21.979161978 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.476994038 CEST	443	49705	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.479331970 CEST	49705	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.479356050 CEST	443	49705	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.480901003 CEST	443	49705	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.480983973 CEST	49705	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.482002020 CEST	49705	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.482093096 CEST	443	49705	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.482258081 CEST	49705	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.482264996 CEST	443	49705	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.493311882 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.493545055 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.493557930 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.494575024 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.494646072 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.494962931 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.495008945 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.535739899 CEST	49705	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.535739899 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.535753965 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.588048935 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.651614904 CEST	443	49705	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.656295061 CEST	443	49705	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.656388998 CEST	49705	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.658617020 CEST	49705	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.658637047 CEST	443	49705	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.704327106 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.705225945 CEST	49707	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.705255985 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.705315113 CEST	49707	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.705651999 CEST	49707	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.705662966 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.750499010 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.819820881 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.823204994 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.823235035 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.823391914 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.823407888 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.823452950 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.835417986 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.835429907 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.835541964 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.839273930 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.839284897 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.839366913 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.839422941 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.879513979 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.918370008 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.918409109 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.918426991 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.918473005 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.918540001 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.930738926 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.930764914 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.930782080 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.930818081 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.930893898 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.930907965 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.930960894 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.941428900 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.941458941 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.941509008 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.952758074 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.952807903 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.952827930 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.952842951 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:22.952858925 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:22.952914953 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.002161980 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.015062094 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.015079021 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.015100956 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.015153885 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.015185118 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.015218973 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.024243116 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.024286985 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.024302006 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.024322033 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.024339914 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.024372101 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.035794973 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.035835981 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.035851002 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.035885096 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.035913944 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.035947084 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.035968065 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.048101902 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.048158884 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.048207998 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.048224926 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.048280001 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.098192930 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.098273993 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.098293066 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.098320961 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.098383904 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.098423958 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.098475933 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.109011889 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.109065056 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.109107018 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.109122038 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.109179020 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.109198093 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.117755890 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.117799997 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.117841005 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.117852926 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.117904902 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.125365973 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.125411987 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.125452042 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.125463009 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.125509024 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.125539064 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.128921986 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.129005909 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.134994030 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.135037899 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.135087967 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.135101080 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.135143042 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.135164976 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.140765905 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.140811920 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.140865088 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.140880108 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.140932083 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.140954971 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.145725012 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.145770073 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.145809889 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.145826101 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.145868063 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.145893097 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.191423893 CEST	49674	443	192.168.2.6	173.222.162.64
May 27, 2024 00:43:23.191423893 CEST	49673	443	192.168.2.6	173.222.162.64
May 27, 2024 00:43:23.193278074 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.193321943 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.193358898 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.193376064 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.193424940 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.193445921 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.197602987 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.197643042 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.197679996 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.197691917 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.197741032 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.197777987 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.199650049 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.199733973 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.201692104 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.201755047 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.201786995 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.201806068 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.201833963 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.201982975 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.202049017 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.217957973 CEST	49704	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.217986107 CEST	443	49704	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.246958017 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.247605085 CEST	49707	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.247642040 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.248115063 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.248894930 CEST	49707	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.248980999 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.249840975 CEST	49707	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.294498920 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.456804037 CEST	49672	443	192.168.2.6	173.222.162.64
May 27, 2024 00:43:23.464793921 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.464901924 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.464976072 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.464977026 CEST	49707	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.465032101 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.465105057 CEST	49707	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.469259977 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.469347000 CEST	49707	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.469394922 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.469459057 CEST	49707	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.469472885 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.469564915 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.469625950 CEST	49707	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.469764948 CEST	49707	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.469764948 CEST	49707	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.469800949 CEST	443	49707	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.469860077 CEST	49707	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.635776043 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.635835886 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:23.635905027 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.773255110 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:23.773307085 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.256834984 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.257101059 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.257131100 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.257484913 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.258012056 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.258125067 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.258256912 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.302501917 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.430598974 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.435280085 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.435640097 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.435667038 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.449165106 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.449219942 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.449238062 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.449275017 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.460745096 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.460810900 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.522842884 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.522919893 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.536662102 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.536670923 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.536708117 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.536735058 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.536767006 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.543986082 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.544059038 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.563467026 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.563534021 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.563536882 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.563580990 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.563594103 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.610460997 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.618760109 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.618769884 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.618818998 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.618824005 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.618844986 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.618865013 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.627486944 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.627531052 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.627566099 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.627578974 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.627599001 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.636816025 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.636859894 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.636883974 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.636898994 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.636910915 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.636945009 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.654097080 CEST	49710	443	192.168.2.6	142.250.186.100
May 27, 2024 00:43:24.654148102 CEST	443	49710	142.250.186.100	192.168.2.6
May 27, 2024 00:43:24.654208899 CEST	49710	443	192.168.2.6	142.250.186.100
May 27, 2024 00:43:24.654567003 CEST	49710	443	192.168.2.6	142.250.186.100
May 27, 2024 00:43:24.654581070 CEST	443	49710	142.250.186.100	192.168.2.6
May 27, 2024 00:43:24.655096054 CEST	49709	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.655128002 CEST	443	49709	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.666536093 CEST	49711	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.666563988 CEST	443	49711	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.666645050 CEST	49711	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.667262077 CEST	49711	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.667278051 CEST	443	49711	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.673007965 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.673036098 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.673094988 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.673260927 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:24.673270941 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:24.790707111 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:24.790788889 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:24.790885925 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:24.793590069 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:24.793623924 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.133600950 CEST	443	49698	173.222.162.64	192.168.2.6
May 27, 2024 00:43:25.133765936 CEST	49698	443	192.168.2.6	173.222.162.64
May 27, 2024 00:43:25.163007975 CEST	443	49711	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.163340092 CEST	49711	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.163369894 CEST	443	49711	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.166925907 CEST	443	49711	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.167005062 CEST	49711	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.167687893 CEST	49711	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.167865038 CEST	443	49711	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.168220997 CEST	49711	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.168231010 CEST	443	49711	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.179044962 CEST	49714	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:25.179080963 CEST	443	49714	184.28.90.27	192.168.2.6
May 27, 2024 00:43:25.179209948 CEST	49714	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:25.181155920 CEST	49714	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:25.181169987 CEST	443	49714	184.28.90.27	192.168.2.6
May 27, 2024 00:43:25.183667898 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.183996916 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.184025049 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.184349060 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.184743881 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.184803009 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.185141087 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.215058088 CEST	49711	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.226506948 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.282074928 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.282574892 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.282622099 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.283659935 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.283759117 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.284491062 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.284564972 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.285182953 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.285197973 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.314807892 CEST	443	49710	142.250.186.100	192.168.2.6
May 27, 2024 00:43:25.319057941 CEST	443	49711	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.319274902 CEST	443	49711	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.319365025 CEST	49711	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.331069946 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.349054098 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.353043079 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.353089094 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.353106976 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.358261108 CEST	49710	443	192.168.2.6	142.250.186.100
May 27, 2024 00:43:25.358319044 CEST	443	49710	142.250.186.100	192.168.2.6
May 27, 2024 00:43:25.359407902 CEST	443	49710	142.250.186.100	192.168.2.6
May 27, 2024 00:43:25.359477997 CEST	49710	443	192.168.2.6	142.250.186.100
May 27, 2024 00:43:25.360476971 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.360671043 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.360681057 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.360776901 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.367573023 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.367661953 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.373414993 CEST	49710	443	192.168.2.6	142.250.186.100
May 27, 2024 00:43:25.373545885 CEST	443	49710	142.250.186.100	192.168.2.6
May 27, 2024 00:43:25.424834013 CEST	49710	443	192.168.2.6	142.250.186.100
May 27, 2024 00:43:25.424861908 CEST	443	49710	142.250.186.100	192.168.2.6
May 27, 2024 00:43:25.436091900 CEST	49711	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.436135054 CEST	443	49711	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.444962978 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.445029974 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.446070910 CEST	49715	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.446105003 CEST	443	49715	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.446161032 CEST	49715	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.448256016 CEST	49715	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.448280096 CEST	443	49715	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.452332020 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.452343941 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.452424049 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.452444077 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.452482939 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.456993103 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.457056999 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.457071066 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.457103014 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.459472895 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.460803986 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.460844994 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.460880041 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.460907936 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.460952997 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.463337898 CEST	49712	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.463356972 CEST	443	49712	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.465714931 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.465780020 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.469392061 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.469403028 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.469456911 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.471723080 CEST	49710	443	192.168.2.6	142.250.186.100
May 27, 2024 00:43:25.550528049 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.550609112 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.556296110 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.556305885 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.556376934 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.556408882 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.556849003 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.565818071 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.565964937 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.568121910 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.568181992 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.568217039 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.568238020 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.568259954 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.612535000 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.642699003 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.642712116 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.642750978 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.642800093 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.642833948 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.642860889 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.647396088 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.647432089 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.647463083 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.647481918 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.647507906 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.652648926 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.652679920 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.652726889 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.652726889 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.652767897 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.653131962 CEST	49713	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:25.653150082 CEST	443	49713	76.76.21.61	192.168.2.6
May 27, 2024 00:43:25.834892035 CEST	443	49714	184.28.90.27	192.168.2.6
May 27, 2024 00:43:25.834985018 CEST	49714	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:25.839011908 CEST	49714	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:25.839030981 CEST	443	49714	184.28.90.27	192.168.2.6
May 27, 2024 00:43:25.839380980 CEST	443	49714	184.28.90.27	192.168.2.6
May 27, 2024 00:43:25.884944916 CEST	49714	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:25.930500984 CEST	443	49714	184.28.90.27	192.168.2.6
May 27, 2024 00:43:25.985630989 CEST	443	49715	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.985939980 CEST	49715	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.985970974 CEST	443	49715	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.987154961 CEST	443	49715	76.76.21.241	192.168.2.6
May 27, 2024 00:43:25.987668037 CEST	49715	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.987834930 CEST	49715	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:25.987863064 CEST	443	49715	76.76.21.241	192.168.2.6
May 27, 2024 00:43:26.034205914 CEST	49715	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:26.034221888 CEST	443	49715	76.76.21.241	192.168.2.6
May 27, 2024 00:43:26.060055017 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.060106993 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.062493086 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.063013077 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.063030005 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.121550083 CEST	443	49714	184.28.90.27	192.168.2.6
May 27, 2024 00:43:26.121632099 CEST	443	49714	184.28.90.27	192.168.2.6
May 27, 2024 00:43:26.121784925 CEST	49714	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:26.126312971 CEST	49714	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:26.126312971 CEST	49714	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:26.126336098 CEST	443	49714	184.28.90.27	192.168.2.6
May 27, 2024 00:43:26.126343966 CEST	443	49714	184.28.90.27	192.168.2.6
May 27, 2024 00:43:26.168663979 CEST	49717	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:26.168701887 CEST	443	49717	184.28.90.27	192.168.2.6
May 27, 2024 00:43:26.168811083 CEST	49717	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:26.169152021 CEST	49717	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:26.169167995 CEST	443	49717	184.28.90.27	192.168.2.6
May 27, 2024 00:43:26.204241037 CEST	443	49715	76.76.21.241	192.168.2.6
May 27, 2024 00:43:26.207542896 CEST	443	49715	76.76.21.241	192.168.2.6
May 27, 2024 00:43:26.207598925 CEST	49715	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:26.207624912 CEST	443	49715	76.76.21.241	192.168.2.6
May 27, 2024 00:43:26.212359905 CEST	443	49715	76.76.21.241	192.168.2.6
May 27, 2024 00:43:26.212424994 CEST	49715	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:26.212443113 CEST	443	49715	76.76.21.241	192.168.2.6
May 27, 2024 00:43:26.212497950 CEST	49715	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:26.212506056 CEST	443	49715	76.76.21.241	192.168.2.6
May 27, 2024 00:43:26.212551117 CEST	49715	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:26.385752916 CEST	49715	443	192.168.2.6	76.76.21.241
May 27, 2024 00:43:26.385781050 CEST	443	49715	76.76.21.241	192.168.2.6
May 27, 2024 00:43:26.406167030 CEST	49718	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.406213045 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.406281948 CEST	49718	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.407088041 CEST	49718	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.407109022 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.565629959 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.607198000 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.695755005 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.695812941 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.697324991 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.697805882 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.697987080 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.698016882 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.743294954 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.806619883 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.808984995 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.809055090 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.809057951 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.809107065 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.809148073 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.817106962 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.817131996 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.817182064 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.817224026 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.828022003 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.828059912 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.828121901 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.828125954 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.828186989 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.850755930 CEST	443	49717	184.28.90.27	192.168.2.6
May 27, 2024 00:43:26.850857019 CEST	49717	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:26.854928017 CEST	49717	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:26.854958057 CEST	443	49717	184.28.90.27	192.168.2.6
May 27, 2024 00:43:26.855242014 CEST	443	49717	184.28.90.27	192.168.2.6
May 27, 2024 00:43:26.858011961 CEST	49717	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:26.879050970 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.898497105 CEST	443	49717	184.28.90.27	192.168.2.6
May 27, 2024 00:43:26.900796890 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.900816917 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.900845051 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.900856018 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.900913954 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.911012888 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.911034107 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.911045074 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.911072969 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.911114931 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.911128044 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.911166906 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.916304111 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.916333914 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.916368008 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.916513920 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.916558981 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.916872978 CEST	49716	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.916888952 CEST	443	49716	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.923878908 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.924278975 CEST	49718	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.924293041 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.924766064 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.925373077 CEST	49718	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.925452948 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:26.925528049 CEST	49718	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:26.966500044 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:27.089482069 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:27.090737104 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:27.090784073 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:27.090816021 CEST	49718	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:27.090878010 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:27.090945959 CEST	49718	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:27.096029997 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:27.096103907 CEST	49718	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:27.096116066 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:27.096148014 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:27.096205950 CEST	49718	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:27.096282959 CEST	49718	443	192.168.2.6	76.76.21.61
May 27, 2024 00:43:27.096313000 CEST	443	49718	76.76.21.61	192.168.2.6
May 27, 2024 00:43:27.191693068 CEST	443	49717	184.28.90.27	192.168.2.6
May 27, 2024 00:43:27.191786051 CEST	443	49717	184.28.90.27	192.168.2.6
May 27, 2024 00:43:27.191845894 CEST	49717	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:27.193829060 CEST	49717	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:27.193865061 CEST	443	49717	184.28.90.27	192.168.2.6
May 27, 2024 00:43:27.193882942 CEST	49717	443	192.168.2.6	184.28.90.27
May 27, 2024 00:43:27.193888903 CEST	443	49717	184.28.90.27	192.168.2.6
May 27, 2024 00:43:35.208530903 CEST	443	49710	142.250.186.100	192.168.2.6
May 27, 2024 00:43:35.208600044 CEST	443	49710	142.250.186.100	192.168.2.6
May 27, 2024 00:43:35.214823008 CEST	49710	443	192.168.2.6	142.250.186.100
May 27, 2024 00:43:37.025739908 CEST	49710	443	192.168.2.6	142.250.186.100
May 27, 2024 00:43:37.025769949 CEST	443	49710	142.250.186.100	192.168.2.6
May 27, 2024 00:44:24.693767071 CEST	49728	443	192.168.2.6	142.250.186.100
May 27, 2024 00:44:24.693815947 CEST	443	49728	142.250.186.100	192.168.2.6
May 27, 2024 00:44:24.693881035 CEST	49728	443	192.168.2.6	142.250.186.100
May 27, 2024 00:44:24.694473982 CEST	49728	443	192.168.2.6	142.250.186.100
May 27, 2024 00:44:24.694515944 CEST	443	49728	142.250.186.100	192.168.2.6
May 27, 2024 00:44:25.374912977 CEST	443	49728	142.250.186.100	192.168.2.6
May 27, 2024 00:44:25.375437021 CEST	49728	443	192.168.2.6	142.250.186.100
May 27, 2024 00:44:25.375498056 CEST	443	49728	142.250.186.100	192.168.2.6
May 27, 2024 00:44:25.376612902 CEST	443	49728	142.250.186.100	192.168.2.6
May 27, 2024 00:44:25.380840063 CEST	49728	443	192.168.2.6	142.250.186.100
May 27, 2024 00:44:25.381028891 CEST	443	49728	142.250.186.100	192.168.2.6
May 27, 2024 00:44:25.424496889 CEST	49728	443	192.168.2.6	142.250.186.100
May 27, 2024 00:44:35.278896093 CEST	443	49728	142.250.186.100	192.168.2.6
May 27, 2024 00:44:35.279071093 CEST	443	49728	142.250.186.100	192.168.2.6
May 27, 2024 00:44:35.279139996 CEST	49728	443	192.168.2.6	142.250.186.100
May 27, 2024 00:44:36.614270926 CEST	49728	443	192.168.2.6	142.250.186.100
May 27, 2024 00:44:36.614345074 CEST	443	49728	142.250.186.100	192.168.2.6

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 27, 2024 00:43:20.212227106 CEST	53	50085	1.1.1.1	192.168.2.6
May 27, 2024 00:43:20.283304930 CEST	53	51363	1.1.1.1	192.168.2.6
May 27, 2024 00:43:21.387487888 CEST	53	50965	1.1.1.1	192.168.2.6
May 27, 2024 00:43:21.942500114 CEST	62211	53	192.168.2.6	1.1.1.1
May 27, 2024 00:43:21.942753077 CEST	62616	53	192.168.2.6	1.1.1.1
May 27, 2024 00:43:21.951754093 CEST	53	62211	1.1.1.1	192.168.2.6
May 27, 2024 00:43:21.960627079 CEST	53	62616	1.1.1.1	192.168.2.6
May 27, 2024 00:43:24.635867119 CEST	49362	53	192.168.2.6	1.1.1.1
May 27, 2024 00:43:24.636043072 CEST	53498	53	192.168.2.6	1.1.1.1
May 27, 2024 00:43:24.644762993 CEST	53	53498	1.1.1.1	192.168.2.6
May 27, 2024 00:43:24.652585983 CEST	53	49362	1.1.1.1	192.168.2.6
May 27, 2024 00:43:24.760371923 CEST	64203	53	192.168.2.6	1.1.1.1
May 27, 2024 00:43:24.760740042 CEST	64200	53	192.168.2.6	1.1.1.1
May 27, 2024 00:43:24.769865036 CEST	53	64203	1.1.1.1	192.168.2.6
May 27, 2024 00:43:24.778827906 CEST	53	64200	1.1.1.1	192.168.2.6
May 27, 2024 00:43:38.504390001 CEST	53	50197	1.1.1.1	192.168.2.6
May 27, 2024 00:43:57.330296040 CEST	53	58222	1.1.1.1	192.168.2.6
May 27, 2024 00:44:20.164136887 CEST	53	63585	1.1.1.1	192.168.2.6
May 27, 2024 00:44:20.774411917 CEST	53	62074	1.1.1.1	192.168.2.6

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
May 27, 2024 00:43:21.942500114 CEST	192.168.2.6	1.1.1.1	0x9fb3	Standard query (0)	open-cases-support-for-business-appeal-id-204.vercel.app	A (IP address)	IN (0x0001)	false
May 27, 2024 00:43:21.942753077 CEST	192.168.2.6	1.1.1.1	0x368a	Standard query (0)	open-cases-support-for-business-appeal-id-204.vercel.app	65	IN (0x0001)	false
May 27, 2024 00:43:24.635867119 CEST	192.168.2.6	1.1.1.1	0xce34	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
May 27, 2024 00:43:24.636043072 CEST	192.168.2.6	1.1.1.1	0xd97d	Standard query (0)	www.google.com	65	IN (0x0001)	false
May 27, 2024 00:43:24.760371923 CEST	192.168.2.6	1.1.1.1	0xc4d	Standard query (0)	open-cases-support-for-business-appeal-id-204.vercel.app	A (IP address)	IN (0x0001)	false
May 27, 2024 00:43:24.760740042 CEST	192.168.2.6	1.1.1.1	0x8f57	Standard query (0)	open-cases-support-for-business-appeal-id-204.vercel.app	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
May 27, 2024 00:43:21.951754093 CEST	1.1.1.1	192.168.2.6	0x9fb3	No error (0)	open-cases-support-for-business-appeal-id-204.vercel.app		76.76.21.241	A (IP address)	IN (0x0001)	false
May 27, 2024 00:43:21.951754093 CEST	1.1.1.1	192.168.2.6	0x9fb3	No error (0)	open-cases-support-for-business-appeal-id-204.vercel.app		76.76.21.164	A (IP address)	IN (0x0001)	false
May 27, 2024 00:43:24.644762993 CEST	1.1.1.1	192.168.2.6	0xd97d	No error (0)	www.google.com			65	IN (0x0001)	false
May 27, 2024 00:43:24.652585983 CEST	1.1.1.1	192.168.2.6	0xce34	No error (0)	www.google.com		142.250.186.100	A (IP address)	IN (0x0001)	false
May 27, 2024 00:43:24.769865036 CEST	1.1.1.1	192.168.2.6	0xc4d	No error (0)	open-cases-support-for-business-appeal-id-204.vercel.app		76.76.21.61	A (IP address)	IN (0x0001)	false
May 27, 2024 00:43:24.769865036 CEST	1.1.1.1	192.168.2.6	0xc4d	No error (0)	open-cases-support-for-business-appeal-id-204.vercel.app		76.76.21.9	A (IP address)	IN (0x0001)	false
May 27, 2024 00:43:34.276772022 CEST	1.1.1.1	192.168.2.6	0x60a9	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false
May 27, 2024 00:43:34.276772022 CEST	1.1.1.1	192.168.2.6	0x60a9	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false
May 27, 2024 00:43:34.805197001 CEST	1.1.1.1	192.168.2.6	0xf322	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 27, 2024 00:43:34.805197001 CEST	1.1.1.1	192.168.2.6	0xf322	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
May 27, 2024 00:43:48.979264021 CEST	1.1.1.1	192.168.2.6	0x82ec	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 27, 2024 00:43:48.979264021 CEST	1.1.1.1	192.168.2.6	0x82ec	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
May 27, 2024 00:44:12.430491924 CEST	1.1.1.1	192.168.2.6	0xbfcb	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 27, 2024 00:44:12.430491924 CEST	1.1.1.1	192.168.2.6	0xbfcb	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
May 27, 2024 00:44:33.537909031 CEST	1.1.1.1	192.168.2.6	0x9e5a	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 27, 2024 00:44:33.537909031 CEST	1.1.1.1	192.168.2.6	0x9e5a	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

open-cases-support-for-business-appeal-id-204.vercel.app

https:

fs.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.6	49705	76.76.21.241	443	6052	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-26 22:43:22 UTC	713	OUT	GET /appeal_case_id HTTP/1.1 Host: open-cases-support-for-business-appeal-id-204.vercel.app Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-26 22:43:22 UTC	521	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 1169626 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline; filename="appeal_case_id.html" Content-Length: 982 Content-Type: text/html; charset=utf-8 Date: Sun, 26 May 2024 22:43:22 GMT Etag: "224bf5715aa9473e84a327135ea53842" Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Vercel-Cache: HIT X-Vercel-Id: iad1::xgh2c-1716763402585-d5053d5f7662 Connection: close
2024-05-26 22:43:22 UTC	982	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 6c 6f 67 6f 2e 70 6e 67 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 30 30 30 30 30 30 22 2f 3e 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 77 65 62 73 69 74 65 22 3e 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 74 77 69 74 74 65 72 3a 74 79 70 65 Data Ascii: <!doctype html><html lang="en"><head><link rel="icon" href="/logo.png"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><meta property="og:type" content="website"><meta property="twitter:type

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.6	49704	76.76.21.241	443	6052	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-26 22:43:22 UTC	637	OUT	GET /static/js/main.2a7e9354.js HTTP/1.1 Host: open-cases-support-for-business-appeal-id-204.vercel.app Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-26 22:43:22 UTC	534	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 1169626 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline; filename="main.2a7e9354.js" Content-Length: 271965 Content-Type: application/javascript; charset=utf-8 Date: Sun, 26 May 2024 22:43:22 GMT Etag: "90cfd567840e63e35472cc83560adb9f" Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Vercel-Cache: HIT X-Vercel-Id: iad1::mkxr6-1716763402759-15ae4d47818b Connection: close
2024-05-26 22:43:22 UTC	2372	IN	Data Raw: 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 6d 61 69 6e 2e 32 61 37 65 39 33 35 34 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0d 0a 28 28 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 3d 7b 31 31 30 3a 28 65 2c 74 2c 6e 29 3d 3e 7b 76 61 72 20 72 3d 6e 28 33 30 39 29 2c 61 3d 7b 63 68 69 6c 64 43 6f 6e 74 65 78 74 54 79 70 65 73 3a 21 30 2c 63 6f 6e 74 65 78 74 54 79 70 65 3a 21 30 2c 63 6f 6e 74 65 78 74 54 79 70 65 73 3a 21 30 2c 64 65 66 61 75 6c 74 50 72 6f 70 73 3a 21 30 2c 64 69 73 70 6c 61 79 4e 61 6d 65 3a 21 30 2c 67 65 74 44 65 66 61 75 6c 74 50 72 6f 70 73 3a 21 30 2c 67 65 74 44 65 72 69 76 65 64 53 74 61 74 65 46 72 6f 6d 45 72 72 6f 72 3a Data Ascii: /! For license information please see main.2a7e9354.js.LICENSE.txt /(()=>{"use strict";var e={110:(e,t,n)=>{var r=n(309),a={childContextTypes:!0,contextType:!0,contextTypes:!0,defaultProps:!0,displayName:!0,getDefaultProps:!0,getDerivedStateFromError:
2024-05-26 22:43:22 UTC	1185	IN	Data Raw: 3d 77 2c 74 2e 69 73 43 6f 6e 74 65 78 74 43 6f 6e 73 75 6d 65 72 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 78 28 65 29 3d 3d 3d 75 7d 2c 74 2e 69 73 43 6f 6e 74 65 78 74 50 72 6f 76 69 64 65 72 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 78 28 65 29 3d 3d 3d 73 7d 2c 74 2e 69 73 45 6c 65 6d 65 6e 74 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 6f 62 6a 65 63 74 22 3d 3d 3d 74 79 70 65 6f 66 20 65 26 26 6e 75 6c 6c 21 3d 3d 65 26 26 65 2e 24 24 74 79 70 65 6f 66 3d 3d 3d 72 7d 2c 74 2e 69 73 46 6f 72 77 61 72 64 52 65 66 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 78 28 65 29 3d 3d 3d 66 7d 2c 74 2e 69 73 46 72 61 67 6d 65 6e 74 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 78 Data Ascii: =w,t.isContextConsumer=function(e){return x(e)===u},t.isContextProvider=function(e){return x(e)===s},t.isElement=function(e){return"object"===typeof e&&null!==e&&e.$$typeof===r},t.isForwardRef=function(e){return x(e)===f},t.isFragment=function(e){return x
2024-05-26 22:43:22 UTC	4744	IN	Data Raw: 6c 20 68 65 6c 70 66 75 6c 20 77 61 72 6e 69 6e 67 73 2e 22 7d 76 61 72 20 6c 3d 6e 65 77 20 53 65 74 2c 69 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 73 28 65 2c 74 29 7b 75 28 65 2c 74 29 2c 75 28 65 2b 22 43 61 70 74 75 72 65 22 2c 74 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 29 7b 66 6f 72 28 69 5b 65 5d 3d 74 2c 65 3d 30 3b 65 3c 74 2e 6c 65 6e 67 74 68 3b 65 2b 2b 29 6c 2e 61 64 64 28 74 5b 65 5d 29 7d 76 61 72 20 63 3d 21 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 7c 7c 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 64 6f 63 75 6d 65 6e 74 7c 7c 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 Data Ascii: l helpful warnings."}var l=new Set,i={};function s(e,t){u(e,t),u(e+"Capture",t)}function u(e,t){for(i[e]=t,e=0;e<t.length;e++)l.add(t[e])}var c=!("undefined"===typeof window\|\|"undefined"===typeof window.document\|\|"undefined"===typeof window.document.creat
2024-05-26 22:43:22 UTC	5930	IN	Data Raw: 2c 22 63 72 6f 73 73 4f 72 69 67 69 6e 22 5d 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 6d 5b 65 5d 3d 6e 65 77 20 41 28 65 2c 31 2c 21 31 2c 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 6e 75 6c 6c 2c 21 31 2c 21 31 29 7d 29 29 2c 6d 2e 78 6c 69 6e 6b 48 72 65 66 3d 6e 65 77 20 41 28 22 78 6c 69 6e 6b 48 72 65 66 22 2c 31 2c 21 31 2c 22 78 6c 69 6e 6b 3a 68 72 65 66 22 2c 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 6c 69 6e 6b 22 2c 21 30 2c 21 31 29 2c 5b 22 73 72 63 22 2c 22 68 72 65 66 22 2c 22 61 63 74 69 6f 6e 22 2c 22 66 6f 72 6d 41 63 74 69 6f 6e 22 5d 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 6d 5b 65 5d 3d 6e 65 77 20 41 28 65 2c 31 2c 21 31 2c 65 2e 74 6f 4c 6f 77 Data Ascii: ,"crossOrigin"].forEach((function(e){m[e]=new A(e,1,!1,e.toLowerCase(),null,!1,!1)})),m.xlinkHref=new A("xlinkHref",1,!1,"xlink:href","http://www.w3.org/1999/xlink",!0,!1),["src","href","action","formAction"].forEach((function(e){m[e]=new A(e,1,!1,e.toLow
2024-05-26 22:43:22 UTC	7116	IN	Data Raw: 4f 77 6e 50 72 6f 70 65 72 74 79 28 22 76 61 6c 75 65 22 29 7c 7c 74 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 22 64 65 66 61 75 6c 74 56 61 6c 75 65 22 29 29 7b 76 61 72 20 72 3d 74 2e 74 79 70 65 3b 69 66 28 21 28 22 73 75 62 6d 69 74 22 21 3d 3d 72 26 26 22 72 65 73 65 74 22 21 3d 3d 72 7c 7c 76 6f 69 64 20 30 21 3d 3d 74 2e 76 61 6c 75 65 26 26 6e 75 6c 6c 21 3d 3d 74 2e 76 61 6c 75 65 29 29 72 65 74 75 72 6e 3b 74 3d 22 22 2b 65 2e 5f 77 72 61 70 70 65 72 53 74 61 74 65 2e 69 6e 69 74 69 61 6c 56 61 6c 75 65 2c 6e 7c 7c 74 3d 3d 3d 65 2e 76 61 6c 75 65 7c 7c 28 65 2e 76 61 6c 75 65 3d 74 29 2c 65 2e 64 65 66 61 75 6c 74 56 61 6c 75 65 3d 74 7d 22 22 21 3d 3d 28 6e 3d 65 2e 6e 61 6d 65 29 26 26 28 65 2e 6e 61 6d 65 3d 22 22 29 2c 65 2e 64 65 66 Data Ascii: OwnProperty("value")\|\|t.hasOwnProperty("defaultValue")){var r=t.type;if(!("submit"!==r&&"reset"!==r\|\|void 0!==t.value&&null!==t.value))return;t=""+e._wrapperState.initialValue,n\|\|t===e.value\|\|(e.value=t),e.defaultValue=t}""!==(n=e.name)&&(e.name=""),e.def
2024-05-26 22:43:22 UTC	8302	IN	Data Raw: 20 65 3b 66 6f 72 28 65 3d 65 2e 63 68 69 6c 64 3b 6e 75 6c 6c 21 3d 3d 65 3b 29 7b 76 61 72 20 74 3d 5f 65 28 65 29 3b 69 66 28 6e 75 6c 6c 21 3d 3d 74 29 72 65 74 75 72 6e 20 74 3b 65 3d 65 2e 73 69 62 6c 69 6e 67 7d 72 65 74 75 72 6e 20 6e 75 6c 6c 7d 76 61 72 20 59 65 3d 61 2e 75 6e 73 74 61 62 6c 65 5f 73 63 68 65 64 75 6c 65 43 61 6c 6c 62 61 63 6b 2c 47 65 3d 61 2e 75 6e 73 74 61 62 6c 65 5f 63 61 6e 63 65 6c 43 61 6c 6c 62 61 63 6b 2c 4b 65 3d 61 2e 75 6e 73 74 61 62 6c 65 5f 73 68 6f 75 6c 64 59 69 65 6c 64 2c 58 65 3d 61 2e 75 6e 73 74 61 62 6c 65 5f 72 65 71 75 65 73 74 50 61 69 6e 74 2c 4a 65 3d 61 2e 75 6e 73 74 61 62 6c 65 5f 6e 6f 77 2c 5a 65 3d 61 2e 75 6e 73 74 61 62 6c 65 5f 67 65 74 43 75 72 72 65 6e 74 50 72 69 6f 72 69 74 79 4c 65 76 Data Ascii: e;for(e=e.child;null!==e;){var t=_e(e);if(null!==t)return t;e=e.sibling}return null}var Ye=a.unstable_scheduleCallback,Ge=a.unstable_cancelCallback,Ke=a.unstable_shouldYield,Xe=a.unstable_requestPaint,Je=a.unstable_now,Ze=a.unstable_getCurrentPriorityLev
2024-05-26 22:43:22 UTC	6676	IN	Data Raw: 61 72 20 6f 6e 2c 6c 6e 2c 73 6e 2c 75 6e 3d 7b 65 76 65 6e 74 50 68 61 73 65 3a 30 2c 62 75 62 62 6c 65 73 3a 30 2c 63 61 6e 63 65 6c 61 62 6c 65 3a 30 2c 74 69 6d 65 53 74 61 6d 70 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 2e 74 69 6d 65 53 74 61 6d 70 7c 7c 44 61 74 65 2e 6e 6f 77 28 29 7d 2c 64 65 66 61 75 6c 74 50 72 65 76 65 6e 74 65 64 3a 30 2c 69 73 54 72 75 73 74 65 64 3a 30 7d 2c 63 6e 3d 61 6e 28 75 6e 29 2c 64 6e 3d 55 28 7b 7d 2c 75 6e 2c 7b 76 69 65 77 3a 30 2c 64 65 74 61 69 6c 3a 30 7d 29 2c 66 6e 3d 61 6e 28 64 6e 29 2c 70 6e 3d 55 28 7b 7d 2c 64 6e 2c 7b 73 63 72 65 65 6e 58 3a 30 2c 73 63 72 65 65 6e 59 3a 30 2c 63 6c 69 65 6e 74 58 3a 30 2c 63 6c 69 65 6e 74 59 3a 30 2c 70 61 67 65 58 3a 30 2c 70 61 67 65 59 3a 30 Data Ascii: ar on,ln,sn,un={eventPhase:0,bubbles:0,cancelable:0,timeStamp:function(e){return e.timeStamp\|\|Date.now()},defaultPrevented:0,isTrusted:0},cn=an(un),dn=U({},un,{view:0,detail:0}),fn=an(dn),pn=U({},dn,{screenX:0,screenY:0,clientX:0,clientY:0,pageX:0,pageY:0
2024-05-26 22:43:22 UTC	10674	IN	Data Raw: 65 3d 65 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 29 31 3d 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 26 26 74 2e 70 75 73 68 28 7b 65 6c 65 6d 65 6e 74 3a 65 2c 6c 65 66 74 3a 65 2e 73 63 72 6f 6c 6c 4c 65 66 74 2c 74 6f 70 3a 65 2e 73 63 72 6f 6c 6c 54 6f 70 7d 29 3b 66 6f 72 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 6e 2e 66 6f 63 75 73 26 26 6e 2e 66 6f 63 75 73 28 29 2c 6e 3d 30 3b 6e 3c 74 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 28 65 3d 74 5b 6e 5d 29 2e 65 6c 65 6d 65 6e 74 2e 73 63 72 6f 6c 6c 4c 65 66 74 3d 65 2e 6c 65 66 74 2c 65 2e 65 6c 65 6d 65 6e 74 2e 73 63 72 6f 6c 6c 54 6f 70 3d 65 2e 74 6f 70 7d 7d 76 61 72 20 41 72 3d 63 26 26 22 64 6f 63 75 6d 65 6e 74 4d 6f 64 65 22 69 6e 20 64 6f 63 75 6d 65 6e 74 26 26 31 31 3e 3d 64 6f 63 75 Data Ascii: e=e.parentNode;)1===e.nodeType&&t.push({element:e,left:e.scrollLeft,top:e.scrollTop});for("function"===typeof n.focus&&n.focus(),n=0;n<t.length;n++)(e=t[n]).element.scrollLeft=e.left,e.element.scrollTop=e.top}}var Ar=c&&"documentMode"in document&&11>=docu
2024-05-26 22:43:23 UTC	11860	IN	Data Raw: 63 68 69 6c 64 72 65 6e 7c 7c 22 6f 62 6a 65 63 74 22 3d 3d 3d 74 79 70 65 6f 66 20 74 2e 64 61 6e 67 65 72 6f 75 73 6c 79 53 65 74 49 6e 6e 65 72 48 54 4d 4c 26 26 6e 75 6c 6c 21 3d 3d 74 2e 64 61 6e 67 65 72 6f 75 73 6c 79 53 65 74 49 6e 6e 65 72 48 54 4d 4c 26 26 6e 75 6c 6c 21 3d 74 2e 64 61 6e 67 65 72 6f 75 73 6c 79 53 65 74 49 6e 6e 65 72 48 54 4d 4c 2e 5f 5f 68 74 6d 6c 7d 76 61 72 20 72 61 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 73 65 74 54 69 6d 65 6f 75 74 3f 73 65 74 54 69 6d 65 6f 75 74 3a 76 6f 69 64 20 30 2c 61 61 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 63 6c 65 61 72 54 69 6d 65 6f 75 74 3f 63 6c 65 61 72 54 69 6d 65 6f 75 74 3a 76 6f 69 64 20 30 2c 6f 61 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d Data Ascii: children\|\|"object"===typeof t.dangerouslySetInnerHTML&&null!==t.dangerouslySetInnerHTML&&null!=t.dangerouslySetInnerHTML.__html}var ra="function"===typeof setTimeout?setTimeout:void 0,aa="function"===typeof clearTimeout?clearTimeout:void 0,oa="function"==
2024-05-26 22:43:23 UTC	10234	IN	Data Raw: 69 6c 6c 4d 6f 75 6e 74 26 26 61 2e 63 6f 6d 70 6f 6e 65 6e 74 57 69 6c 6c 4d 6f 75 6e 74 28 29 2c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 61 2e 55 4e 53 41 46 45 5f 63 6f 6d 70 6f 6e 65 6e 74 57 69 6c 6c 4d 6f 75 6e 74 26 26 61 2e 55 4e 53 41 46 45 5f 63 6f 6d 70 6f 6e 65 6e 74 57 69 6c 6c 4d 6f 75 6e 74 28 29 2c 74 21 3d 3d 61 2e 73 74 61 74 65 26 26 57 6f 2e 65 6e 71 75 65 75 65 52 65 70 6c 61 63 65 53 74 61 74 65 28 61 2c 61 2e 73 74 61 74 65 2c 6e 75 6c 6c 29 2c 4d 6f 28 65 2c 6e 2c 61 2c 72 29 2c 61 2e 73 74 61 74 65 3d 65 2e 6d 65 6d 6f 69 7a 65 64 53 74 61 74 65 29 2c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 61 2e 63 6f 6d 70 6f 6e 65 6e 74 44 69 64 4d 6f 75 6e 74 26 26 28 65 2e 66 6c 61 67 73 7c 3d 34 31 39 Data Ascii: illMount&&a.componentWillMount(),"function"===typeof a.UNSAFE_componentWillMount&&a.UNSAFE_componentWillMount(),t!==a.state&&Wo.enqueueReplaceState(a,a.state,null),Mo(e,n,a,r),a.state=e.memoizedState),"function"===typeof a.componentDidMount&&(e.flags\|=419

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.6	49707	76.76.21.241	443	6052	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-26 22:43:23 UTC	653	OUT	GET /static/css/main.4b429469.css HTTP/1.1 Host: open-cases-support-for-business-appeal-id-204.vercel.app Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-26 22:43:23 UTC	520	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 1169627 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline; filename="main.4b429469.css" Content-Length: 10072 Content-Type: text/css; charset=utf-8 Date: Sun, 26 May 2024 22:43:23 GMT Etag: "190f5e5d9cc9957e2a752f6927a402a5" Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Vercel-Cache: HIT X-Vercel-Id: iad1::lcvb6-1716763403387-e5863af5cfc0 Connection: close
2024-05-26 22:43:23 UTC	2372	IN	Data Raw: 68 74 6d 6c 7b 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 3b 2d 6d 73 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 7d 69 6e 70 75 74 3a 3a 2d 77 65 62 6b 69 74 2d 69 6e 6e 65 72 2d 73 70 69 6e 2d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 3a 3a 2d 77 65 62 6b 69 74 2d 6f 75 74 65 72 2d 73 70 69 6e 2d 62 75 74 74 6f 6e 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 30 7d 69 6e 70 75 74 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 7b 2d 6d 6f 7a 2d 61 70 70 65 61 72 61 6e 63 65 3a 74 65 78 74 66 69 65 6c 64 7d 2a 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 7d 61 2c 61 62 62 72 2c 61 63 72 6f 6e 79 6d 2c 61 64 64 72 65 73 73 2c 61 70 70 Data Ascii: html{-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}input::-webkit-inner-spin-button,input::-webkit-outer-spin-button{-webkit-appearance:none;margin:0}input[type=number]{-moz-appearance:textfield}*{box-sizing:border-box}a,abbr,acronym,address,app
2024-05-26 22:43:23 UTC	1199	IN	Data Raw: 73 69 73 3a 63 61 6c 63 28 31 30 30 25 20 2d 20 34 35 70 78 29 3b 66 6c 65 78 2d 67 72 6f 77 3a 30 3b 66 6c 65 78 2d 73 68 72 69 6e 6b 3a 30 3b 77 69 64 74 68 3a 63 61 6c 63 28 31 30 30 25 20 2d 20 34 35 70 78 29 7d 2e 66 61 5f 5f 6d 2d 2d 63 74 20 70 3a 66 69 72 73 74 2d 63 68 69 6c 64 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 2e 35 70 78 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 35 70 78 7d 2e 66 61 5f 5f 6d 2d 2d 63 74 20 70 3a 6e 74 68 2d 63 68 69 6c 64 28 32 29 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 7d 2e 66 61 5f 5f 6d 63 74 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 35 7d 2e 66 61 5f 5f 6d 63 74 20 62 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 37 70 78 7d 2e 66 61 5f 5f 6d 63 74 2d 2d 32 20 62 7b 63 Data Ascii: sis:calc(100% - 45px);flex-grow:0;flex-shrink:0;width:calc(100% - 45px)}.fa__m--ct p:first-child{font-size:14.5px;font-weight:600;margin-bottom:5px}.fa__m--ct p:nth-child(2){font-size:12px}.fa__mct{line-height:1.5}.fa__mct b{font-size:17px}.fa__mct--2 b{c
2024-05-26 22:43:23 UTC	4744	IN	Data Raw: 74 2d 73 69 7a 65 3a 31 35 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 66 7b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6c 69 70 3a 69 6e 69 74 69 61 6c 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 6f 72 64 65 72 3a 69 6e 69 74 69 61 6c 20 6e 6f 6e 65 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 69 6e 69 74 69 61 6c 3b 62 6f 72 64 65 72 2d 69 6d 61 67 65 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 2d 69 6d 61 67 65 3a 69 6e 69 74 69 61 6c 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 2e 32 35 72 65 6d 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 31 70 78 20 32 70 78 20 23 30 30 30 33 3b 64 69 73 70 6c 61 79 3a 66 6c 65 Data Ascii: t-size:15px;margin-top:10px;text-align:center}.f{word-wrap:break-word;background-clip:initial;background-color:#fff;border:initial none;border-color:initial;border-image:none;border-image:initial;border-radius:.25rem;box-shadow:0 1px 2px #0003;display:fle
2024-05-26 22:43:23 UTC	1757	IN	Data Raw: 78 3b 77 69 64 74 68 3a 31 33 35 70 78 7d 2e 6d 61 5f 5f 6d 2d 69 7b 66 6c 65 78 2d 62 61 73 69 73 3a 63 61 6c 63 28 31 30 30 25 20 2d 20 31 34 35 70 78 29 3b 66 6c 65 78 2d 67 72 6f 77 3a 30 3b 66 6c 65 78 2d 73 68 72 69 6e 6b 3a 30 3b 77 69 64 74 68 3a 63 61 6c 63 28 31 30 30 25 20 2d 20 31 34 35 70 78 29 7d 2e 6d 61 5f 5f 6d 2d 69 2d 74 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 34 70 78 7d 2e 6d 61 5f 5f 6d 2d 69 2d 73 2d 74 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 31 70 78 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 36 70 78 7d 2e 6d 61 5f 5f 6d 2d 70 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 39 65 63 65 66 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 36 70 78 3b 68 65 69 67 68 Data Ascii: x;width:135px}.ma__m-i{flex-basis:calc(100% - 145px);flex-grow:0;flex-shrink:0;width:calc(100% - 145px)}.ma__m-i-t{font-weight:600;margin-bottom:4px}.ma__m-i-s-t{line-height:21px;margin-bottom:16px}.ma__m-p{background-color:#e9ecef;border-radius:6px;heigh

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.6	49709	76.76.21.241	443	6052	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-26 22:43:24 UTC	716	OUT	GET /static/media/locked3.f8aad5b3548314fb29cd.jpg HTTP/1.1 Host: open-cases-support-for-business-appeal-id-204.vercel.app Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-26 22:43:24 UTC	522	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 1169628 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline; filename="locked3.f8aad5b3548314fb29cd.jpg" Content-Length: 78013 Content-Type: image/jpeg Date: Sun, 26 May 2024 22:43:24 GMT Etag: "fe814ba91f3ddab3535253a2dc94f41c" Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Vercel-Cache: HIT X-Vercel-Id: iad1::9wlnv-1716763404374-4f47f27a4d52 Connection: close
2024-05-26 22:43:24 UTC	2372	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 22 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 01 01 12 00 03 00 00 00 01 00 01 00 00 00 00 00 00 ff e2 01 d8 49 43 43 5f 50 52 4f 46 49 4c 45 00 01 01 00 00 01 c8 00 00 00 00 04 30 00 00 6d 6e 74 72 52 47 42 20 58 59 5a 20 07 e0 00 01 00 01 00 00 00 00 00 00 61 63 73 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 f6 d6 00 01 00 00 00 00 d3 2d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09 64 65 73 63 00 00 00 f0 00 00 00 24 72 58 59 5a 00 00 01 14 00 00 00 14 67 58 59 5a 00 00 01 28 00 00 00 14 62 58 59 5a 00 00 01 3c 00 00 00 14 77 Data Ascii: JFIFHH"ExifMM*ICC_PROFILE0mntrRGB XYZ acsp-desc$rXYZgXYZ(bXYZ<w
2024-05-26 22:43:24 UTC	1197	IN	Data Raw: 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 9a e6 fe 2a 7c 5f f0 cf c1 4f 0b 49 ac f8 a7 58 b3 d1 ec 23 c8 56 99 bf 79 3b 7f 76 34 1f 34 8d ec a0 9a 99 49 45 73 4b 44 54 63 29 3e 58 ab b3 a4 eb 5e Data Ascii: EQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQ*\|_OIX#Vy;v44IEsKDTc)>X^
2024-05-26 22:43:24 UTC	4744	IN	Data Raw: fc 46 26 d3 9f bb 1e ef 77 e8 bf a4 7d 81 fb 4e ff 00 c1 5a f4 8f 0b 89 f4 9f 86 76 f1 6b ba 82 92 8f ac 5d c6 c2 c6 03 eb 12 70 d3 1f 73 b5 7b fc c3 8a f8 4f e2 3f c5 0f 11 7c 5f f1 34 9a c7 8a 35 8b ed 6f 52 93 8f 36 e6 4d de 5a f2 76 a2 fd d4 51 93 f2 a8 02 b0 73 4c b8 b8 8e d6 26 92 47 58 d1 7a b3 1c 01 5f 2b 8a c7 56 c4 3b d4 7a 76 e8 7d d6 07 2b c3 e1 23 6a 4b 5e ef 77 fd 79 0f aa da 96 ad 6f a5 45 ba 69 02 fa 0e ac df 41 58 5a bf 8e 77 6e 4b 35 f6 f3 5c 7f 21 fe 35 cf cd 33 dd 4a d2 48 cd 24 8d d5 98 f2 6b cf 94 fb 1e 9c 61 dc d5 d5 fc 65 71 a8 13 1c 39 b7 87 d4 1f 9d be a7 b7 e1 59 18 a0 b6 05 7a 37 c0 3f d9 57 c6 7f b4 75 fe 3c 3f a7 f9 7a 64 6d b2 6d 56 ef 31 d9 c2 7b 8d d8 cb b7 fb 28 09 f5 c7 5a aa 18 7a b8 8a 8a 95 18 b9 49 f4 43 94 a3 08 f3 Data Ascii: F&w}NZvk]ps{O?\|_45oR6MZvQsL&GXz_+V;zv}+#jK^wyoEiAXZwnK5\!53JH$kaeq9Yz7?Wu<?zdmmV1{(ZzIC
2024-05-26 22:43:24 UTC	5930	IN	Data Raw: a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a a3 e2 5f 13 e9 be 0c d0 ae 75 4d 62 fa d3 4b d3 6c d4 bc d7 37 52 88 a2 8c 0e 79 63 c7 e1 d4 d7 c5 5f b4 df fc 15 ce da d1 6e 74 7f 85 f6 ab 79 29 ca 1d 7a fa 26 58 93 8e b0 42 c0 16 3d 70 d2 60 71 f7 58 1c d7 2e 2b 19 46 82 bd 47 f2 ea 76 e0 b2 fa f8 b9 72 d1 8d fc fa 2f 57 fd 33 eb 3f 8c 7f 1e fc 23 f0 0b c3 cd a9 78 b3 5c b3 d2 e1 60 7c 98 59 b7 dc dd 1f ee c5 10 f9 dc fd 06 07 72 07 35 f0 17 ed 35 ff 00 05 53 f1 67 c5 55 b9 Data Ascii: (((((((((((((((((((((((((((_uMbKl7Ryc_nty)z&XB=p`qX.+FGvr/W3?#x\`\|Yr55SgU
2024-05-26 22:43:24 UTC	7116	IN	Data Raw: 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 01 d1 ff 00 ac 5f ad 7f 3a ff 00 b6 5f fc 9d df c5 0f fb 1a b5 1f fd 28 7a fe 8a 23 ff 00 58 bf 5a fe 75 ff 00 6c bf f9 3b bf 8a Data Ascii: (((((((((((((((((((((((((((((((((((((((((((((((((((((_:_(z#XZul;
2024-05-26 22:43:24 UTC	8302	IN	Data Raw: a2 8a 00 28 a0 9c 1a 8a f2 fa 1d 3a ca 6b 8b 89 a3 b7 b7 b7 43 24 b2 ca c1 12 35 1d 4b 13 c0 03 d4 d0 dd b5 60 4b 58 3f 10 fe 26 e8 1f 09 fc 3d 26 ad e2 3d 5e c7 47 b1 8f 81 25 c4 81 4c 87 fb a8 bf 79 d8 fa 28 26 be 6b fd a3 ff 00 e0 a8 3a 1f 82 fc fd 2b c0 31 43 e2 3d 4c 66 37 d4 a5 dc b6 36 cd 8e a8 38 33 11 ed 85 e3 a9 e9 5f 13 7c 4c f8 b1 e2 4f 8c 9e 23 6d 5b c4 fa c5 de ad 7a d9 da 65 20 47 08 3f c3 1a 00 15 17 d9 40 fc 6b e1 f3 ae 36 c2 e1 6f 4b 0b fb c9 f7 fb 2b e7 d7 e5 f7 9e ae 17 2a a9 53 de a9 ee af c4 fa 5f f6 8c ff 00 82 a5 6a 9e 28 4b 8d 27 e1 ed ac da 2d 8c 9f 23 6a d7 68 3e db 20 ee 62 40 4a c6 3d ce e6 c7 65 35 f2 6e a3 a8 5c 6b 3a 8c f7 97 97 13 de 5e 5d 39 92 69 e7 90 c9 24 ac 7a b3 31 e4 9f 73 50 e2 8a fc b3 32 cd b1 58 ea 9e d3 13 3b Data Ascii: (:kC$5K`KX?&=&=^G%Ly(&k:+1C=Lf7683_\|LO#m[ze G?@k6oK+*S_j(K'-#jh> b@J=e5n\k:^]9i$z1sP2X;
2024-05-26 22:43:24 UTC	6676	IN	Data Raw: 6b a6 d0 7c 37 23 10 ba 55 93 90 24 5c 9c 79 d2 70 d2 1c 63 23 85 c8 fb b5 e3 b3 cf 25 dd c4 93 4d 24 93 4d 33 16 92 49 1c bb c8 c7 a9 24 f2 49 f5 34 da fc 9f 39 e2 cc 6e 3e f0 4f 92 1d 97 5f 57 d7 f0 5e 47 d1 61 72 ea 54 75 dd f7 7f a0 81 42 8c 01 80 29 68 a3 39 6a f9 73 d0 0a 74 16 f2 5d ca 23 89 5a 47 6e 80 0a d7 d1 fc 19 3d f6 d9 2e 33 6f 11 fe 1f e3 3f e1 f8 d7 4f a7 e9 70 69 70 ec 86 35 51 dc f7 6f a9 aa 8c 5b 26 52 b1 87 a4 78 1b 6e 24 bc 3b bd 22 53 d3 ea 7f c2 ba 28 20 4b 78 95 23 55 8d 57 a2 a8 c0 14 e2 6a 1b dd 42 1d 3a 13 24 d2 2c 6b ef d4 fd 05 68 92 46 6d b6 4d 54 75 6d 7e df 48 1f bc 7c c9 da 35 e5 8f f8 7e 35 83 ac 78 de 5b a2 d1 da a9 86 33 fc 67 ef 9f f0 ac 32 4b 31 66 3b 98 f2 49 ea 6a 65 3e c5 46 1d cd 1d 63 c5 17 5a ae e5 cf 93 09 fe Data Ascii: k\|7#U$\ypc#%M$M3I$I49n>O_W^GarTuB)h9jst]#ZGn=.3o?Opip5Qo[&Rxn$;"S( Kx#UWjB:$,khFmMTum~H\|5~5x[3g2K1f;Ije>FcZ
2024-05-26 22:43:24 UTC	10674	IN	Data Raw: 48 f5 af 03 5c 9b 4f 19 e9 6f ff 00 4f 28 87 e8 c7 69 fe 75 ef 00 60 57 cb ff 00 0e fc 59 73 a9 f8 9f 4f b6 fb 3c 97 17 5e 72 32 18 17 71 38 60 72 47 6c 7a d7 d4 02 bf 75 f0 26 ac 9e 03 15 0d 6c a7 17 e5 77 1b 3f 9e 8a ff 00 23 e2 f8 d2 16 af 4d f5 b3 fc ff 00 e0 85 14 51 5f bb 9f 16 14 51 41 19 a0 0e 2f e3 6e bf fd 9d e1 c8 ec d1 bf 7b 7c f8 61 ff 00 4c d7 93 f9 9c 0f ce bc 9c 71 5d 07 c4 ff 00 11 7f c2 45 e2 f9 da 36 dd 05 af fa 3c 64 74 38 27 27 f1 39 fc 85 73 f5 fc 5b e2 36 7d fd ab 9e d6 ab 07 78 43 dc 8f a4 77 6b d6 57 6b c9 9f ad e4 38 2f ab 60 a3 17 bb d5 fa bf f2 56 41 45 14 75 ff 00 eb 57 c2 9e c8 51 5e a1 e1 cf d9 ee 1b 9d 19 64 d4 af 2e 61 bc 99 03 04 84 2e d8 73 d0 1c 83 b8 fa f4 fe b5 e7 fe 29 f0 dd c7 84 b5 e9 ec 2e 36 99 21 20 86 1d 24 53 Data Ascii: H\OoO(iu`WYsO<^r2q8`rGlzu&lw?#MQ_QA/n{\|aLq]E6<dt8''9s[6}xCwkWk8/`VAEuWQ^d.a.s).6! $S
2024-05-26 22:43:24 UTC	11860	IN	Data Raw: 9a fd 8f 87 f4 e3 71 7d 3c 50 c0 c3 82 df 36 ff 00 a0 fe 2f c2 bc ef e2 6f c5 6d 37 5b b1 7d 3e ce d2 3b f1 c8 fb 44 cb f2 c6 7d 50 75 cf bf 1f 8d 72 fe 14 f8 7b ab 78 d1 a3 30 c6 d1 da a0 db f6 89 b2 23 51 e8 bd cf d0 53 f6 8d 68 b5 17 b3 4d 73 4b 41 7c 4b e2 fb 76 f1 03 5d 68 30 cf a3 a3 02 ac 61 94 c6 66 f7 da 38 5f a5 68 f8 4b e0 f6 a9 e2 a3 f6 9b c6 6b 1b 79 3e 6f 32 51 ba 59 73 dc 2e 73 f8 9f d6 ba 4f f8 52 73 78 78 db de 68 f7 ea da 95 ae 5b 17 31 83 1c a7 db ae 3f 1c fd 45 6a e8 df 14 d2 3b df b0 6b d6 f2 68 fa 87 4d cf fe a6 4f 70 dd b3 f8 8f 7a 98 d3 d7 df 2e 55 34 fd df fc 13 13 43 fb 77 c1 77 91 6f 74 d8 6f 34 e9 1b 26 fe d9 3f 7a b9 fe f7 3d 3d 8e 3e a6 bb cd 2b c4 b6 1a d6 96 6f 2d 6e a1 92 d5 46 59 f3 b4 27 fb d9 fb bf 8d 60 f8 c3 e2 ee 97 Data Ascii: q}<P6/om7[}>;D}Pur{x0#QShMsKA\|Kv]h0af8_hKky>o2QYs.sORsxxh[1?Ej;khMOpz.U4Cwwoto4&?z==>+o-nFY'`
2024-05-26 22:43:24 UTC	10234	IN	Data Raw: 30 83 6d ec 1b a4 51 84 99 4e d9 13 e8 7f a1 c8 ae 22 5f d9 db fd 23 e4 d5 b1 0e 7f 8a df e6 03 fe fa c5 7a 6d 18 cd 4c a9 c5 ee 69 1a 92 8e c7 3f e0 ff 00 86 da 67 83 42 c9 0c 5e 75 de 39 b8 97 97 fc 3b 2f e1 5d 07 7a 2b 1f 58 f1 7d be 9c 59 23 c5 c4 dd 30 a7 e5 1f 53 46 91 44 eb 26 6b 4b 2a c1 19 67 65 55 5e a5 8e 00 ae 7f 58 f1 ca ae e8 ec d7 79 e9 e6 30 e0 7d 07 7a c2 d4 b5 8b 8d 5e 4d d3 48 4a 8e 88 38 51 f8 55 6c f3 50 e7 d8 b5 0e e3 ee ae 65 bd 98 c9 34 8d 24 87 b9 34 ce d5 b5 f0 f7 e1 c6 bf f1 6f c5 76 fa 17 86 34 7d 43 5d d5 ee 8f ee ed 6c e2 32 3e 33 8d cd d9 54 77 66 20 0f 5a fd 05 fd 92 bf e0 8a d6 7a 50 b7 d6 fe 2e 5d 2e a1 73 81 24 7e 1e d3 e7 22 de 33 d7 17 13 2f 32 1f f6 63 21 7f da 61 5d 38 4c 0d 6c 4c ad 4d 69 df a1 c5 8e cd 30 f8 38 de Data Ascii: 0mQN"_#zmLi?gB^u9;/]z+X}Y#0SFD&kK*geU^Xy0}z^MHJ8QUlPe4$4ov4}C]l2>3Twf ZzP.].s$~"3/2c!a]8LlLMi08

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.6	49711	76.76.21.241	443	6052	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-26 22:43:25 UTC	623	OUT	GET /manifest.json HTTP/1.1 Host: open-cases-support-for-business-appeal-id-204.vercel.app Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: manifest Referer: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-26 22:43:25 UTC	522	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 1169626 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline; filename="manifest.json" Content-Length: 515 Content-Type: application/json; charset=utf-8 Date: Sun, 26 May 2024 22:43:25 GMT Etag: "d9b64cf56aad8262259c011d20b47907" Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Vercel-Cache: HIT X-Vercel-Id: iad1::qm2qf-1716763405263-5568fdb34ef0 Connection: close
2024-05-26 22:43:25 UTC	515	IN	Data Raw: 7b 0d 0a 20 20 22 73 68 6f 72 74 5f 6e 61 6d 65 22 3a 20 22 52 65 61 63 74 20 41 70 70 22 2c 0d 0a 20 20 22 6e 61 6d 65 22 3a 20 22 43 72 65 61 74 65 20 52 65 61 63 74 20 41 70 70 20 53 61 6d 70 6c 65 22 2c 0d 0a 20 20 22 69 63 6f 6e 73 22 3a 20 5b 0d 0a 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 22 73 72 63 22 3a 20 22 66 61 76 69 63 6f 6e 2e 69 63 6f 22 2c 0d 0a 20 20 20 20 20 20 22 73 69 7a 65 73 22 3a 20 22 36 34 78 36 34 20 33 32 78 33 32 20 32 34 78 32 34 20 31 36 78 31 36 22 2c 0d 0a 20 20 20 20 20 20 22 74 79 70 65 22 3a 20 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 0d 0a 20 20 20 20 7d 2c 0d 0a 20 20 20 20 7b 0d 0a 20 20 20 20 20 20 22 73 72 63 22 3a 20 22 6c 6f 67 6f 31 39 32 2e 70 6e 67 22 2c 0d 0a 20 20 20 20 20 20 22 74 79 70 65 22 3a 20 22 69 6d Data Ascii: { "short_name": "React App", "name": "Create React App Sample", "icons": [ { "src": "favicon.ico", "sizes": "64x64 32x32 24x24 16x16", "type": "image/x-icon" }, { "src": "logo192.png", "type": "im

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.6	49712	76.76.21.241	443	6052	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-26 22:43:25 UTC	679	OUT	GET /logo.png HTTP/1.1 Host: open-cases-support-for-business-appeal-id-204.vercel.app Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-26 22:43:25 UTC	497	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 1169616 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline; filename="logo.png" Content-Length: 35616 Content-Type: image/png Date: Sun, 26 May 2024 22:43:25 GMT Etag: "3ddb61bdd806c16c6aa2b1dfdb7eaec9" Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Vercel-Cache: HIT X-Vercel-Id: iad1::ppdzf-1716763405288-5033e130d167 Connection: close
2024-05-26 22:43:25 UTC	2372	IN	Data Raw: 52 49 46 46 18 8b 00 00 57 45 42 50 56 50 38 4c 0c 8b 00 00 2f ff c7 ff 11 19 59 b6 ed d6 6d b3 2e ef cd f3 22 f3 1f 70 44 10 00 93 b4 9f 11 fd 9f 00 fc a6 ba 6e 28 bb d4 45 0c 54 0b 31 52 0d c4 50 55 91 18 2b 95 90 18 2c 15 90 18 2d 1d 91 18 2e 1d 61 fc 09 dd 12 11 51 f0 aa 14 8d fa 88 08 24 9d 00 94 20 51 1f 81 7c e4 94 40 3d 89 43 a7 b0 a3 eb 48 b4 60 3d 19 e5 11 38 8e 03 3d b8 03 5d 5e 0f 28 8f 0a 1f e0 db ea 40 9f 17 60 dc 84 1e a7 b8 39 ef 89 95 b0 cb bc dc 81 0c ea 97 51 ef 19 1e 12 ff b1 be 2a bc 29 75 01 ae f3 ef b7 7e 95 75 9d 51 e2 db b0 ea 22 13 75 5e 15 7b 17 54 1a 3f 80 d6 4d 0e 00 77 e1 db eb 3d 7e 80 2e c2 93 6e 09 3e e1 1e ec 74 07 b9 83 5e 6f 08 22 ab d7 79 41 e4 35 8f 38 d1 34 1e 41 9a 45 e2 5c 9a 44 a2 52 fa 1c 43 a2 58 9a 11 44 fd 8c Data Ascii: RIFFWEBPVP8L/Ym."pDn(ET1RPU+,-.aQ$ Q\|@=CH`=8=]^(@`9Q*)u~uQ"u^{T?Mw=~.n>t^o"yA584AE\DRCXD
2024-05-26 22:43:25 UTC	1222	IN	Data Raw: 4b 03 9a 0c 6b 18 00 06 ff 2d d2 f9 2c eb 41 40 0b 38 bf 0d 3b 00 f6 05 fb de 66 ff 7d 43 c5 e2 d4 b9 86 97 bf d1 e7 61 68 51 30 04 1b 06 06 00 3d eb 4e 90 b4 d8 ee 2c 6c f5 64 bc b3 57 70 ca e6 e8 8b 1f e7 d1 2a dc 18 9a 03 86 77 58 cf 1a 06 ae 20 7b 8a d5 6b 0e 7b bf 6f ed 17 90 e2 11 ba 7e 9f d8 f6 d2 28 c2 38 10 50 09 c0 46 04 02 eb 65 8a b2 c8 36 6c 53 b1 8e b0 f9 02 6c df fb de 84 82 d0 c9 86 a4 1a f2 6c 18 08 2b c2 f7 5e 66 a8 c3 3d 03 ac 6e 95 b0 9a 56 bb 1f ca 9d b1 c8 43 99 ee b3 1f f4 78 21 dc 12 0b 28 02 9b ac ef 01 77 82 4d 95 f5 ad b6 64 f5 bd 4f 4e 85 fe 2f e4 84 18 a4 08 0b c2 b0 37 9b cc 0a 80 02 b0 3d 0d 5b 75 58 2d d0 04 23 7c f1 c3 7a d2 f0 a2 d5 02 42 30 85 d9 03 90 83 ac 4d 6f 2d bc ef a9 13 16 5c 74 fd 3c a5 f4 b5 97 c0 c4 55 d8 6b Data Ascii: Kk-,A@8;f}CahQ0=N,ldWp*wX {k{o~(8PFe6lSll+^f=nVCx!(wMdON/7=[uX-#\|zB0Mo-\t<Uk
2024-05-26 22:43:25 UTC	4744	IN	Data Raw: b8 1b 73 09 35 ba 90 ed b9 99 fa dc 04 48 d5 53 00 51 f5 36 c6 b7 a9 9d cc bf 7e 43 90 4b bb 19 78 a6 cf f3 40 50 6d 05 12 83 9a 46 3b 22 e8 11 33 cf b7 f2 8f a1 ab 3a 0b d8 b4 b9 ed 6a 49 5d 71 a1 46 e9 d3 3f fd 51 8d e7 cb 87 f6 3c d8 a8 e6 82 3e 6b 52 cf 19 31 ca 9d b1 05 8f bc e7 be 70 b0 81 6a 2f 8f d7 be 6f d6 39 e2 ff e9 6d f0 4a 9a e6 be ac 63 63 fa d0 78 83 86 aa 30 01 0f 2d b6 8e 6f 6f dd f8 6d a2 cc 97 9d 0c 6d cf db 52 3f ca 0a 40 4d 06 83 ae 99 de 91 b2 62 93 b1 54 d9 c9 b0 59 9c a2 fd 07 f6 00 5c b5 d9 43 14 dd 24 e5 c2 27 f2 ef 4c 93 fd 0c 5c 2e 81 a6 ea b4 17 68 b3 6d 35 be 1e 77 91 d6 04 39 b3 ef 83 c7 ce 78 1b 00 1b 55 b3 41 af cb b7 c1 4a fc 5b bf cb 52 6e 3c d4 b0 99 d3 9f e4 1c e0 55 bb 81 c4 a0 d2 90 d3 e2 41 88 73 cf ab 67 2b 17 4c Data Ascii: s5HSQ6~CKx@PmF;"3:jI]qF?Q<>kR1pj/o9mJccx0-oommR?@MbTY\C$'L\.hm5w9xUAJ[Rn<UAsg+L
2024-05-26 22:43:25 UTC	5930	IN	Data Raw: 3e a5 78 e3 e7 2d 23 a7 e1 24 6f e9 24 6d 82 1b 22 42 a1 34 6f 18 f1 1e 68 11 a6 32 e7 28 31 80 44 0f a8 a7 69 19 da 83 d6 14 a2 62 a5 7a 4a a5 8e fd 7f 96 d6 c0 d7 67 7c 84 ab 64 4f b4 9c ff f8 14 69 0b 0e 8b 65 67 69 0f ea 0a 4a df 1e fe f6 c4 d9 43 e9 17 15 5a 82 ff f0 92 14 99 57 c2 27 2a 7b f7 3f 9a b4 03 0f a0 33 4a f9 24 96 34 84 ff 4e 56 84 a9 a4 0f 74 4a 2b e0 9d 63 a8 72 cf f6 0d 40 fa f6 88 36 29 d3 48 bb a5 0d 30 93 f9 b0 d2 3e 48 73 8e 16 a0 5d 0d 96 21 51 e2 07 ab 81 77 cb fe 6f 7a b7 72 1c 81 52 3f a0 a4 e5 3f ab be 6f 79 ff 0c be 51 c9 9f 4a 6e 30 cf 04 7d 3f de 90 14 52 fa 67 2d 6b d7 31 71 bf 8f 37 14 33 2d 2a b0 e7 94 be 3d 0a 1b 16 1a e6 ff fe 8a ac cf c7 1b 92 58 b0 00 a4 ac 1e 9f 89 e0 a0 cd 98 00 af 61 f5 75 0a f3 87 31 01 fb ac 59 Data Ascii: >x-#$o$m"B4oh2(1DibzJg\|dOiegiJCZW'{?3J$4NVtJ+cr@6)H0>Hs]!QwozrR??oyQJn0}?Rg-k1q73-=Xau1Y
2024-05-26 22:43:25 UTC	7116	IN	Data Raw: 71 c6 0e de 42 3b 7b 43 dd e8 8e 97 b0 25 b9 94 89 f3 66 f0 16 50 8f 4d 27 35 52 27 ca 39 17 d6 c9 0b 00 a7 51 0e ee c2 93 23 0d e8 c6 84 03 22 29 a0 4c 9c b7 83 bf e0 15 70 e6 2f 5e c0 aa 03 ed 1c 33 35 8b 41 95 28 b2 34 05 d8 93 74 da ef a0 2b e7 68 6f 7f f3 b9 a7 3a 90 6a 11 65 e2 9c 3e 78 0c 96 71 53 dd e7 f6 bd f8 42 79 05 d0 fc 03 8f 01 36 9c 76 6c 87 3a 4f 98 8b 0a 65 88 a1 f1 19 b0 06 aa eb 1c 7c 0a 2b 93 ec 4a 19 64 50 9f 01 39 f9 7d 75 9c e5 ec bc 3a c9 b9 40 b4 64 f0 19 9e f4 65 fa 75 dd f2 c2 a9 0a 28 13 8b 0a bc 06 92 80 a7 d5 69 0e 8f 63 6c a1 cc 2e e4 59 3d 78 0d 60 d0 9e 38 aa 4e 13 9d 0b 29 13 f5 98 5a 1a dc 06 af 40 75 99 5b 8f 33 48 12 47 99 38 63 c1 6f 40 f7 9c 7e 7c 5c 03 a0 c3 74 1d 8b 0b 65 41 61 9e 51 83 e3 e0 c6 15 75 97 83 c3 3b Data Ascii: qB;{C%fPM'5R'9Q#")Lp/^35A(4t+ho:je>xqSBy6vl:Oe\|+JdP9}u:@deu(icl.Y=x`8N)Z@u[3HG8co@~\|\teAaQu;
2024-05-26 22:43:25 UTC	8302	IN	Data Raw: 8a d9 ed 4b 1d 4e ad e5 48 4a cd 5e df e8 20 c8 32 73 a4 98 31 bb 7d d4 69 1d 47 1a d4 dc 3c 4f 37 e0 26 0c c6 64 c8 30 af 50 0d b1 d3 4f 37 20 40 84 99 23 ed 6e 62 f6 fa 34 9c 77 bf 99 39 d2 f3 be 5f 74 fc aa d7 97 3a 28 da 9e f3 ff c7 2e 8e 26 cc 5e 1f 24 e6 d5 7e 28 56 9f 90 d6 b2 02 a5 b5 8d f3 74 03 ae 61 b0 ad 56 07 01 c4 54 43 d3 6c 03 69 03 18 13 25 b5 ac 40 23 95 4e 5f ea 20 64 e6 7f ac 60 b9 ec 4c 09 58 91 a5 cf 37 0c b0 98 31 b1 02 9d cf cd c2 e9 f4 43 0e 21 e0 c3 d3 a5 85 15 f4 32 2c 6a 9c 3e 2f 61 ba 97 55 84 98 9c 3e 28 4c ac 64 68 4d 0e ff 94 01 02 00 a8 31 b1 92 48 4c 3e df e8 20 50 66 25 2b 89 39 4c 4e 5f eb 50 cc 98 58 c9 62 f5 64 f2 f9 2b b0 b3 de 9b 58 c9 0b 5e 5f b6 88 4e 9b ef 73 20 df 79 fe cf cf da 56 dd 83 50 7c fe b4 f8 8f 15 a9 Data Ascii: KNHJ^ 2s1}iG<O7&d0PO7 @#nb4w9_t:(.&^$~(VtaVTCli%@#N_ d`LX71C!2,j>/aU>(LdhM1HL> Pf%+9LN_PXbd+X^_Ns yVP\|
2024-05-26 22:43:25 UTC	5930	IN	Data Raw: 57 00 a8 7f f0 13 05 70 94 78 b5 c2 7b 93 df 50 a8 06 da 06 e4 c9 9c d2 ae 26 e5 0f 05 52 1d 84 28 6d 62 83 32 e9 26 19 e4 b3 8b aa 87 3c 83 7b 30 e5 8e 33 6c c1 51 4d 64 26 0f 56 12 6e 8e 61 26 3c d5 45 96 c1 7b 38 dd 26 19 34 ca e0 a9 36 22 84 c9 f6 8f 21 6b 32 05 aa 8f da dd 2a 02 89 12 2d 47 32 4a 45 aa 91 cc c9 32 c9 b2 d2 2c 82 df 6e 37 7c d5 49 53 9e 49 98 96 95 64 d1 88 96 8a 58 b5 92 89 94 44 a0 14 0b 15 e2 3b a9 ea a5 91 a3 18 58 4a b0 50 fe 94 33 b9 6a a6 57 7b 4b 41 c3 8b ae df 9b bc 3d 03 a8 1b c0 ff 77 89 c7 2b aa 9b 86 28 30 39 4a ae 80 bb 30 d2 50 e5 84 28 11 7e 6e 1d 6a c0 64 ee 01 55 50 c4 78 62 2d 4a 0c 14 9e 2e aa 8e b2 98 49 ab 11 88 f6 3a d3 aa a5 7c 8f eb 88 73 6a dd 41 8e 90 65 2e a8 9e 6a 4c 56 4a cd 45 08 44 66 f0 54 53 ed b0 f0 Data Ascii: Wpx{P&R(mb2&<{03lQMd&Vna&<E{8&46"!k2*-G2JE2,n7\|ISIdXD;XJP3jW{KA=w+(09J0P(~njdUPxb-J.I:\|sjAe.jLVJEDfTS

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.6	49713	76.76.21.61	443	6052	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-26 22:43:25 UTC	425	OUT	GET /static/media/locked3.f8aad5b3548314fb29cd.jpg HTTP/1.1 Host: open-cases-support-for-business-appeal-id-204.vercel.app Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-26 22:43:25 UTC	522	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 1169629 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline; filename="locked3.f8aad5b3548314fb29cd.jpg" Content-Length: 78013 Content-Type: image/jpeg Date: Sun, 26 May 2024 22:43:25 GMT Etag: "fe814ba91f3ddab3535253a2dc94f41c" Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Vercel-Cache: HIT X-Vercel-Id: iad1::jsr9x-1716763405400-7b7a25b50cab Connection: close
2024-05-26 22:43:25 UTC	2372	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 22 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 01 01 12 00 03 00 00 00 01 00 01 00 00 00 00 00 00 ff e2 01 d8 49 43 43 5f 50 52 4f 46 49 4c 45 00 01 01 00 00 01 c8 00 00 00 00 04 30 00 00 6d 6e 74 72 52 47 42 20 58 59 5a 20 07 e0 00 01 00 01 00 00 00 00 00 00 61 63 73 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 f6 d6 00 01 00 00 00 00 d3 2d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09 64 65 73 63 00 00 00 f0 00 00 00 24 72 58 59 5a 00 00 01 14 00 00 00 14 67 58 59 5a 00 00 01 28 00 00 00 14 62 58 59 5a 00 00 01 3c 00 00 00 14 77 Data Ascii: JFIFHH"ExifMM*ICC_PROFILE0mntrRGB XYZ acsp-desc$rXYZgXYZ(bXYZ<w
2024-05-26 22:43:25 UTC	1197	IN	Data Raw: 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 9a e6 fe 2a 7c 5f f0 cf c1 4f 0b 49 ac f8 a7 58 b3 d1 ec 23 c8 56 99 bf 79 3b 7f 76 34 1f 34 8d ec a0 9a 99 49 45 73 4b 44 54 63 29 3e 58 ab b3 a4 eb 5e Data Ascii: EQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQ*\|_OIX#Vy;v44IEsKDTc)>X^
2024-05-26 22:43:25 UTC	4744	IN	Data Raw: fc 46 26 d3 9f bb 1e ef 77 e8 bf a4 7d 81 fb 4e ff 00 c1 5a f4 8f 0b 89 f4 9f 86 76 f1 6b ba 82 92 8f ac 5d c6 c2 c6 03 eb 12 70 d3 1f 73 b5 7b fc c3 8a f8 4f e2 3f c5 0f 11 7c 5f f1 34 9a c7 8a 35 8b ed 6f 52 93 8f 36 e6 4d de 5a f2 76 a2 fd d4 51 93 f2 a8 02 b0 73 4c b8 b8 8e d6 26 92 47 58 d1 7a b3 1c 01 5f 2b 8a c7 56 c4 3b d4 7a 76 e8 7d d6 07 2b c3 e1 23 6a 4b 5e ef 77 fd 79 0f aa da 96 ad 6f a5 45 ba 69 02 fa 0e ac df 41 58 5a bf 8e 77 6e 4b 35 f6 f3 5c 7f 21 fe 35 cf cd 33 dd 4a d2 48 cd 24 8d d5 98 f2 6b cf 94 fb 1e 9c 61 dc d5 d5 fc 65 71 a8 13 1c 39 b7 87 d4 1f 9d be a7 b7 e1 59 18 a0 b6 05 7a 37 c0 3f d9 57 c6 7f b4 75 fe 3c 3f a7 f9 7a 64 6d b2 6d 56 ef 31 d9 c2 7b 8d d8 cb b7 fb 28 09 f5 c7 5a aa 18 7a b8 8a 8a 95 18 b9 49 f4 43 94 a3 08 f3 Data Ascii: F&w}NZvk]ps{O?\|_45oR6MZvQsL&GXz_+V;zv}+#jK^wyoEiAXZwnK5\!53JH$kaeq9Yz7?Wu<?zdmmV1{(ZzIC
2024-05-26 22:43:25 UTC	5930	IN	Data Raw: a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a 28 a0 02 8a a3 e2 5f 13 e9 be 0c d0 ae 75 4d 62 fa d3 4b d3 6c d4 bc d7 37 52 88 a2 8c 0e 79 63 c7 e1 d4 d7 c5 5f b4 df fc 15 ce da d1 6e 74 7f 85 f6 ab 79 29 ca 1d 7a fa 26 58 93 8e b0 42 c0 16 3d 70 d2 60 71 f7 58 1c d7 2e 2b 19 46 82 bd 47 f2 ea 76 e0 b2 fa f8 b9 72 d1 8d fc fa 2f 57 fd 33 eb 3f 8c 7f 1e fc 23 f0 0b c3 cd a9 78 b3 5c b3 d2 e1 60 7c 98 59 b7 dc dd 1f ee c5 10 f9 dc fd 06 07 72 07 35 f0 17 ed 35 ff 00 05 53 f1 67 c5 55 b9 Data Ascii: (((((((((((((((((((((((((((_uMbKl7Ryc_nty)z&XB=p`qX.+FGvr/W3?#x\`\|Yr55SgU
2024-05-26 22:43:25 UTC	7116	IN	Data Raw: 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 01 d1 ff 00 ac 5f ad 7f 3a ff 00 b6 5f fc 9d df c5 0f fb 1a b5 1f fd 28 7a fe 8a 23 ff 00 58 bf 5a fe 75 ff 00 6c bf f9 3b bf 8a Data Ascii: (((((((((((((((((((((((((((((((((((((((((((((((((((((_:_(z#XZul;
2024-05-26 22:43:25 UTC	8302	IN	Data Raw: a2 8a 00 28 a0 9c 1a 8a f2 fa 1d 3a ca 6b 8b 89 a3 b7 b7 b7 43 24 b2 ca c1 12 35 1d 4b 13 c0 03 d4 d0 dd b5 60 4b 58 3f 10 fe 26 e8 1f 09 fc 3d 26 ad e2 3d 5e c7 47 b1 8f 81 25 c4 81 4c 87 fb a8 bf 79 d8 fa 28 26 be 6b fd a3 ff 00 e0 a8 3a 1f 82 fc fd 2b c0 31 43 e2 3d 4c 66 37 d4 a5 dc b6 36 cd 8e a8 38 33 11 ed 85 e3 a9 e9 5f 13 7c 4c f8 b1 e2 4f 8c 9e 23 6d 5b c4 fa c5 de ad 7a d9 da 65 20 47 08 3f c3 1a 00 15 17 d9 40 fc 6b e1 f3 ae 36 c2 e1 6f 4b 0b fb c9 f7 fb 2b e7 d7 e5 f7 9e ae 17 2a a9 53 de a9 ee af c4 fa 5f f6 8c ff 00 82 a5 6a 9e 28 4b 8d 27 e1 ed ac da 2d 8c 9f 23 6a d7 68 3e db 20 ee 62 40 4a c6 3d ce e6 c7 65 35 f2 6e a3 a8 5c 6b 3a 8c f7 97 97 13 de 5e 5d 39 92 69 e7 90 c9 24 ac 7a b3 31 e4 9f 73 50 e2 8a fc b3 32 cd b1 58 ea 9e d3 13 3b Data Ascii: (:kC$5K`KX?&=&=^G%Ly(&k:+1C=Lf7683_\|LO#m[ze G?@k6oK+*S_j(K'-#jh> b@J=e5n\k:^]9i$z1sP2X;
2024-05-26 22:43:25 UTC	6676	IN	Data Raw: 6b a6 d0 7c 37 23 10 ba 55 93 90 24 5c 9c 79 d2 70 d2 1c 63 23 85 c8 fb b5 e3 b3 cf 25 dd c4 93 4d 24 93 4d 33 16 92 49 1c bb c8 c7 a9 24 f2 49 f5 34 da fc 9f 39 e2 cc 6e 3e f0 4f 92 1d 97 5f 57 d7 f0 5e 47 d1 61 72 ea 54 75 dd f7 7f a0 81 42 8c 01 80 29 68 a3 39 6a f9 73 d0 0a 74 16 f2 5d ca 23 89 5a 47 6e 80 0a d7 d1 fc 19 3d f6 d9 2e 33 6f 11 fe 1f e3 3f e1 f8 d7 4f a7 e9 70 69 70 ec 86 35 51 dc f7 6f a9 aa 8c 5b 26 52 b1 87 a4 78 1b 6e 24 bc 3b bd 22 53 d3 ea 7f c2 ba 28 20 4b 78 95 23 55 8d 57 a2 a8 c0 14 e2 6a 1b dd 42 1d 3a 13 24 d2 2c 6b ef d4 fd 05 68 92 46 6d b6 4d 54 75 6d 7e df 48 1f bc 7c c9 da 35 e5 8f f8 7e 35 83 ac 78 de 5b a2 d1 da a9 86 33 fc 67 ef 9f f0 ac 32 4b 31 66 3b 98 f2 49 ea 6a 65 3e c5 46 1d cd 1d 63 c5 17 5a ae e5 cf 93 09 fe Data Ascii: k\|7#U$\ypc#%M$M3I$I49n>O_W^GarTuB)h9jst]#ZGn=.3o?Opip5Qo[&Rxn$;"S( Kx#UWjB:$,khFmMTum~H\|5~5x[3g2K1f;Ije>FcZ
2024-05-26 22:43:25 UTC	10674	IN	Data Raw: 48 f5 af 03 5c 9b 4f 19 e9 6f ff 00 4f 28 87 e8 c7 69 fe 75 ef 00 60 57 cb ff 00 0e fc 59 73 a9 f8 9f 4f b6 fb 3c 97 17 5e 72 32 18 17 71 38 60 72 47 6c 7a d7 d4 02 bf 75 f0 26 ac 9e 03 15 0d 6c a7 17 e5 77 1b 3f 9e 8a ff 00 23 e2 f8 d2 16 af 4d f5 b3 fc ff 00 e0 85 14 51 5f bb 9f 16 14 51 41 19 a0 0e 2f e3 6e bf fd 9d e1 c8 ec d1 bf 7b 7c f8 61 ff 00 4c d7 93 f9 9c 0f ce bc 9c 71 5d 07 c4 ff 00 11 7f c2 45 e2 f9 da 36 dd 05 af fa 3c 64 74 38 27 27 f1 39 fc 85 73 f5 fc 5b e2 36 7d fd ab 9e d6 ab 07 78 43 dc 8f a4 77 6b d6 57 6b c9 9f ad e4 38 2f ab 60 a3 17 bb d5 fa bf f2 56 41 45 14 75 ff 00 eb 57 c2 9e c8 51 5e a1 e1 cf d9 ee 1b 9d 19 64 d4 af 2e 61 bc 99 03 04 84 2e d8 73 d0 1c 83 b8 fa f4 fe b5 e7 fe 29 f0 dd c7 84 b5 e9 ec 2e 36 99 21 20 86 1d 24 53 Data Ascii: H\OoO(iu`WYsO<^r2q8`rGlzu&lw?#MQ_QA/n{\|aLq]E6<dt8''9s[6}xCwkWk8/`VAEuWQ^d.a.s).6! $S
2024-05-26 22:43:25 UTC	11860	IN	Data Raw: 9a fd 8f 87 f4 e3 71 7d 3c 50 c0 c3 82 df 36 ff 00 a0 fe 2f c2 bc ef e2 6f c5 6d 37 5b b1 7d 3e ce d2 3b f1 c8 fb 44 cb f2 c6 7d 50 75 cf bf 1f 8d 72 fe 14 f8 7b ab 78 d1 a3 30 c6 d1 da a0 db f6 89 b2 23 51 e8 bd cf d0 53 f6 8d 68 b5 17 b3 4d 73 4b 41 7c 4b e2 fb 76 f1 03 5d 68 30 cf a3 a3 02 ac 61 94 c6 66 f7 da 38 5f a5 68 f8 4b e0 f6 a9 e2 a3 f6 9b c6 6b 1b 79 3e 6f 32 51 ba 59 73 dc 2e 73 f8 9f d6 ba 4f f8 52 73 78 78 db de 68 f7 ea da 95 ae 5b 17 31 83 1c a7 db ae 3f 1c fd 45 6a e8 df 14 d2 3b df b0 6b d6 f2 68 fa 87 4d cf fe a6 4f 70 dd b3 f8 8f 7a 98 d3 d7 df 2e 55 34 fd df fc 13 13 43 fb 77 c1 77 91 6f 74 d8 6f 34 e9 1b 26 fe d9 3f 7a b9 fe f7 3d 3d 8e 3e a6 bb cd 2b c4 b6 1a d6 96 6f 2d 6e a1 92 d5 46 59 f3 b4 27 fb d9 fb bf 8d 60 f8 c3 e2 ee 97 Data Ascii: q}<P6/om7[}>;D}Pur{x0#QShMsKA\|Kv]h0af8_hKky>o2QYs.sORsxxh[1?Ej;khMOpz.U4Cwwoto4&?z==>+o-nFY'`
2024-05-26 22:43:25 UTC	10234	IN	Data Raw: 30 83 6d ec 1b a4 51 84 99 4e d9 13 e8 7f a1 c8 ae 22 5f d9 db fd 23 e4 d5 b1 0e 7f 8a df e6 03 fe fa c5 7a 6d 18 cd 4c a9 c5 ee 69 1a 92 8e c7 3f e0 ff 00 86 da 67 83 42 c9 0c 5e 75 de 39 b8 97 97 fc 3b 2f e1 5d 07 7a 2b 1f 58 f1 7d be 9c 59 23 c5 c4 dd 30 a7 e5 1f 53 46 91 44 eb 26 6b 4b 2a c1 19 67 65 55 5e a5 8e 00 ae 7f 58 f1 ca ae e8 ec d7 79 e9 e6 30 e0 7d 07 7a c2 d4 b5 8b 8d 5e 4d d3 48 4a 8e 88 38 51 f8 55 6c f3 50 e7 d8 b5 0e e3 ee ae 65 bd 98 c9 34 8d 24 87 b9 34 ce d5 b5 f0 f7 e1 c6 bf f1 6f c5 76 fa 17 86 34 7d 43 5d d5 ee 8f ee ed 6c e2 32 3e 33 8d cd d9 54 77 66 20 0f 5a fd 05 fd 92 bf e0 8a d6 7a 50 b7 d6 fe 2e 5d 2e a1 73 81 24 7e 1e d3 e7 22 de 33 d7 17 13 2f 32 1f f6 63 21 7f da 61 5d 38 4c 0d 6c 4c ad 4d 69 df a1 c5 8e cd 30 f8 38 de Data Ascii: 0mQN"_#zmLi?gB^u9;/]z+X}Y#0SFD&kK*geU^Xy0}z^MHJ8QUlPe4$4ov4}C]l2>3Twf ZzP.].s$~"3/2c!a]8LlLMi08

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.6	49714	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-05-26 22:43:25 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-05-26 22:43:26 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=235548 Date: Sun, 26 May 2024 22:43:26 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.6	49715	76.76.21.241	443	6052	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-26 22:43:25 UTC	682	OUT	GET /logo192.png HTTP/1.1 Host: open-cases-support-for-business-appeal-id-204.vercel.app Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-26 22:43:26 UTC	497	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 42000 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline; filename="logo192.png" Content-Length: 5347 Content-Type: image/png Date: Sun, 26 May 2024 22:43:26 GMT Etag: "33dbdd0177549353eeeb785d02c294af" Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Vercel-Cache: HIT X-Vercel-Id: iad1::zbshr-1716763406132-8dc09f2be199 Connection: close
2024-05-26 22:43:26 UTC	2372	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c0 00 00 00 c0 08 03 00 00 00 65 02 9c 35 00 00 00 87 50 4c 54 45 00 00 00 64 da fb 61 da fc 61 db fc 61 da fc 61 db fc 61 da fb 61 db fc 61 da fb 61 da fc 61 db fc 61 da fc 61 da fc 61 db fc 61 da fc 61 da fc 61 da fb 61 da fb 61 da fb 61 da fc 60 da fb 61 da fb 61 db fb 61 da fc 61 da fc 61 da fc 61 da fc 61 da fb 60 da fb 61 da fb 61 db fc 61 da fc 61 db fc 61 da fb 61 db fc 61 da fb 61 da fb 61 db fb 61 da fb 61 da fb 66 e8 ff 61 dc fe 63 df ff 65 e3 ff 68 eb ff 48 d5 c6 94 00 00 00 27 74 52 4e 53 00 08 fb 23 f6 0f 2c e0 d8 eb 5f 93 80 ac f1 9c 45 c0 d0 4c 1c 17 6e 3f 58 e5 b3 34 51 67 b9 79 74 ca 3a a4 c5 87 8c 8c 8d 21 cd 00 00 13 e4 49 44 41 54 78 da ec 5b e9 72 9b 30 10 2e 02 1b 6c 2e 1b 3b Data Ascii: PNGIHDRe5PLTEdaaaaaaaaaaaaaaaaaa`aaaaaaa`aaaaaaaaaaafacehH'tRNS#,_ELn?X4Qgyt:!IDATx[r0.l.;
2024-05-26 22:43:26 UTC	1222	IN	Data Raw: 90 15 0c 30 e1 d7 ca 12 ce 18 fb 6c 0a 53 29 44 65 0d 07 e3 db 15 e7 c6 64 5b 38 b5 d0 42 87 e6 68 db e0 12 6e ee 35 2b 83 26 7b 6e f2 eb a0 84 07 b1 aa 8d 7c 2d 29 28 ec 8a 10 a6 f1 c2 36 21 60 84 d1 ce 99 a9 84 56 c6 64 5b 72 37 07 99 b7 b7 56 b8 73 58 30 08 3d ca 24 a4 05 46 45 09 19 c1 8e 35 33 9a 28 06 5d b4 73 b2 04 aa 41 2a fa a1 0e 66 8f 0c 42 7b 4a 4c b6 59 7c 53 5e f3 c7 4c 54 d5 7d b1 1f da 09 6f 60 25 10 3d da 61 ca ef a8 eb 1e dc aa 45 82 5f 2a 3d 42 ed da 76 cd c6 e8 2d 90 d9 21 48 33 5d 4b c3 9e d6 fe 30 53 40 30 e5 e7 fd 78 4c 44 61 4c 8c 8e 3a 93 83 0c 42 40 d0 b9 3b da 80 c1 c2 07 59 00 dd ad 3f 29 31 40 72 53 ab 22 80 91 d6 63 5a 59 48 bd 98 51 82 28 d6 41 c1 72 5e 57 1a 20 28 70 96 13 6d bd 0f 46 4b 10 7a 69 da 08 00 6a 0b 2d ab 2d f6 Data Ascii: 0lS)Ded[8Bhn5+&{n\|-)(6!`Vd[r7VsX0=$FE53(]sAfB{JLY\|S^LT}o`%=aE_=Bv-!H3]K0S@0xLDaL:B@;Y?)1@rS"cZYHQ(Ar^W (pmFKzij--
2024-05-26 22:43:26 UTC	1753	IN	Data Raw: a1 86 04 fc fe 74 0e d1 e3 cd 56 e4 9b 1f 59 21 b2 c2 fa 27 74 41 0f df 53 d3 c6 1b 67 06 b1 03 43 f9 10 d8 14 05 1e 21 ee 8f 59 d5 b0 43 19 8b b4 35 d4 52 e5 81 af 98 20 e5 ad 38 fd 45 05 1a 29 17 fd 19 ab 18 0b 26 eb 1f ae f0 9d 85 7e 44 72 00 ba b0 aa 0c c9 a6 bd c8 c8 26 cc e8 86 a3 8a 18 35 80 82 b3 2b b3 58 7d 3d 55 3c 66 50 7e 61 c3 51 2e cf 80 e4 aa cb 10 ee 22 9d c9 9d 91 92 3a 3a 7b 8f 62 5f 29 5d 04 ab ba d5 a6 0b 14 02 12 bb e9 5c 28 16 7c 22 3b 44 ac ef ae 14 05 1a ca 1f f5 74 ba 8e 92 f8 fc f9 32 ee e2 1d 94 e9 c2 e6 f5 d4 05 f8 2a 79 cb 5d b1 e8 4b ee 1d b5 bd 06 bf 52 dc 06 dc 5e 9f b8 2a 34 7f e8 64 7a d8 8b df c7 41 83 10 01 7c 70 d4 6a f4 f8 ae 72 1c c3 bc 06 63 a4 b2 d9 c8 93 b0 23 3b 6b f2 97 1b 85 ad 48 e0 8b 20 2a 78 ed 0c 5e 4e 6f Data Ascii: tVY!'tASgC!YC5R 8E)&~Dr&5+X}=U<fP~aQ."::{b_)]\(\|";Dt2y]KR^4dzA\|pjrc#;kH *x^No

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.6	49716	76.76.21.61	443	6052	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-26 22:43:26 UTC	388	OUT	GET /logo.png HTTP/1.1 Host: open-cases-support-for-business-appeal-id-204.vercel.app Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-26 22:43:26 UTC	497	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 1169617 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline; filename="logo.png" Content-Length: 35616 Content-Type: image/png Date: Sun, 26 May 2024 22:43:26 GMT Etag: "3ddb61bdd806c16c6aa2b1dfdb7eaec9" Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Vercel-Cache: HIT X-Vercel-Id: iad1::7gx7q-1716763406748-c9b5ee8fd932 Connection: close
2024-05-26 22:43:26 UTC	2372	IN	Data Raw: 52 49 46 46 18 8b 00 00 57 45 42 50 56 50 38 4c 0c 8b 00 00 2f ff c7 ff 11 19 59 b6 ed d6 6d b3 2e ef cd f3 22 f3 1f 70 44 10 00 93 b4 9f 11 fd 9f 00 fc a6 ba 6e 28 bb d4 45 0c 54 0b 31 52 0d c4 50 55 91 18 2b 95 90 18 2c 15 90 18 2d 1d 91 18 2e 1d 61 fc 09 dd 12 11 51 f0 aa 14 8d fa 88 08 24 9d 00 94 20 51 1f 81 7c e4 94 40 3d 89 43 a7 b0 a3 eb 48 b4 60 3d 19 e5 11 38 8e 03 3d b8 03 5d 5e 0f 28 8f 0a 1f e0 db ea 40 9f 17 60 dc 84 1e a7 b8 39 ef 89 95 b0 cb bc dc 81 0c ea 97 51 ef 19 1e 12 ff b1 be 2a bc 29 75 01 ae f3 ef b7 7e 95 75 9d 51 e2 db b0 ea 22 13 75 5e 15 7b 17 54 1a 3f 80 d6 4d 0e 00 77 e1 db eb 3d 7e 80 2e c2 93 6e 09 3e e1 1e ec 74 07 b9 83 5e 6f 08 22 ab d7 79 41 e4 35 8f 38 d1 34 1e 41 9a 45 e2 5c 9a 44 a2 52 fa 1c 43 a2 58 9a 11 44 fd 8c Data Ascii: RIFFWEBPVP8L/Ym."pDn(ET1RPU+,-.aQ$ Q\|@=CH`=8=]^(@`9Q*)u~uQ"u^{T?Mw=~.n>t^o"yA584AE\DRCXD
2024-05-26 22:43:26 UTC	1222	IN	Data Raw: 4b 03 9a 0c 6b 18 00 06 ff 2d d2 f9 2c eb 41 40 0b 38 bf 0d 3b 00 f6 05 fb de 66 ff 7d 43 c5 e2 d4 b9 86 97 bf d1 e7 61 68 51 30 04 1b 06 06 00 3d eb 4e 90 b4 d8 ee 2c 6c f5 64 bc b3 57 70 ca e6 e8 8b 1f e7 d1 2a dc 18 9a 03 86 77 58 cf 1a 06 ae 20 7b 8a d5 6b 0e 7b bf 6f ed 17 90 e2 11 ba 7e 9f d8 f6 d2 28 c2 38 10 50 09 c0 46 04 02 eb 65 8a b2 c8 36 6c 53 b1 8e b0 f9 02 6c df fb de 84 82 d0 c9 86 a4 1a f2 6c 18 08 2b c2 f7 5e 66 a8 c3 3d 03 ac 6e 95 b0 9a 56 bb 1f ca 9d b1 c8 43 99 ee b3 1f f4 78 21 dc 12 0b 28 02 9b ac ef 01 77 82 4d 95 f5 ad b6 64 f5 bd 4f 4e 85 fe 2f e4 84 18 a4 08 0b c2 b0 37 9b cc 0a 80 02 b0 3d 0d 5b 75 58 2d d0 04 23 7c f1 c3 7a d2 f0 a2 d5 02 42 30 85 d9 03 90 83 ac 4d 6f 2d bc ef a9 13 16 5c 74 fd 3c a5 f4 b5 97 c0 c4 55 d8 6b Data Ascii: Kk-,A@8;f}CahQ0=N,ldWp*wX {k{o~(8PFe6lSll+^f=nVCx!(wMdON/7=[uX-#\|zB0Mo-\t<Uk
2024-05-26 22:43:26 UTC	4744	IN	Data Raw: b8 1b 73 09 35 ba 90 ed b9 99 fa dc 04 48 d5 53 00 51 f5 36 c6 b7 a9 9d cc bf 7e 43 90 4b bb 19 78 a6 cf f3 40 50 6d 05 12 83 9a 46 3b 22 e8 11 33 cf b7 f2 8f a1 ab 3a 0b d8 b4 b9 ed 6a 49 5d 71 a1 46 e9 d3 3f fd 51 8d e7 cb 87 f6 3c d8 a8 e6 82 3e 6b 52 cf 19 31 ca 9d b1 05 8f bc e7 be 70 b0 81 6a 2f 8f d7 be 6f d6 39 e2 ff e9 6d f0 4a 9a e6 be ac 63 63 fa d0 78 83 86 aa 30 01 0f 2d b6 8e 6f 6f dd f8 6d a2 cc 97 9d 0c 6d cf db 52 3f ca 0a 40 4d 06 83 ae 99 de 91 b2 62 93 b1 54 d9 c9 b0 59 9c a2 fd 07 f6 00 5c b5 d9 43 14 dd 24 e5 c2 27 f2 ef 4c 93 fd 0c 5c 2e 81 a6 ea b4 17 68 b3 6d 35 be 1e 77 91 d6 04 39 b3 ef 83 c7 ce 78 1b 00 1b 55 b3 41 af cb b7 c1 4a fc 5b bf cb 52 6e 3c d4 b0 99 d3 9f e4 1c e0 55 bb 81 c4 a0 d2 90 d3 e2 41 88 73 cf ab 67 2b 17 4c Data Ascii: s5HSQ6~CKx@PmF;"3:jI]qF?Q<>kR1pj/o9mJccx0-oommR?@MbTY\C$'L\.hm5w9xUAJ[Rn<UAsg+L
2024-05-26 22:43:26 UTC	5930	IN	Data Raw: 3e a5 78 e3 e7 2d 23 a7 e1 24 6f e9 24 6d 82 1b 22 42 a1 34 6f 18 f1 1e 68 11 a6 32 e7 28 31 80 44 0f a8 a7 69 19 da 83 d6 14 a2 62 a5 7a 4a a5 8e fd 7f 96 d6 c0 d7 67 7c 84 ab 64 4f b4 9c ff f8 14 69 0b 0e 8b 65 67 69 0f ea 0a 4a df 1e fe f6 c4 d9 43 e9 17 15 5a 82 ff f0 92 14 99 57 c2 27 2a 7b f7 3f 9a b4 03 0f a0 33 4a f9 24 96 34 84 ff 4e 56 84 a9 a4 0f 74 4a 2b e0 9d 63 a8 72 cf f6 0d 40 fa f6 88 36 29 d3 48 bb a5 0d 30 93 f9 b0 d2 3e 48 73 8e 16 a0 5d 0d 96 21 51 e2 07 ab 81 77 cb fe 6f 7a b7 72 1c 81 52 3f a0 a4 e5 3f ab be 6f 79 ff 0c be 51 c9 9f 4a 6e 30 cf 04 7d 3f de 90 14 52 fa 67 2d 6b d7 31 71 bf 8f 37 14 33 2d 2a b0 e7 94 be 3d 0a 1b 16 1a e6 ff fe 8a ac cf c7 1b 92 58 b0 00 a4 ac 1e 9f 89 e0 a0 cd 98 00 af 61 f5 75 0a f3 87 31 01 fb ac 59 Data Ascii: >x-#$o$m"B4oh2(1DibzJg\|dOiegiJCZW'{?3J$4NVtJ+cr@6)H0>Hs]!QwozrR??oyQJn0}?Rg-k1q73-=Xau1Y
2024-05-26 22:43:26 UTC	7116	IN	Data Raw: 71 c6 0e de 42 3b 7b 43 dd e8 8e 97 b0 25 b9 94 89 f3 66 f0 16 50 8f 4d 27 35 52 27 ca 39 17 d6 c9 0b 00 a7 51 0e ee c2 93 23 0d e8 c6 84 03 22 29 a0 4c 9c b7 83 bf e0 15 70 e6 2f 5e c0 aa 03 ed 1c 33 35 8b 41 95 28 b2 34 05 d8 93 74 da ef a0 2b e7 68 6f 7f f3 b9 a7 3a 90 6a 11 65 e2 9c 3e 78 0c 96 71 53 dd e7 f6 bd f8 42 79 05 d0 fc 03 8f 01 36 9c 76 6c 87 3a 4f 98 8b 0a 65 88 a1 f1 19 b0 06 aa eb 1c 7c 0a 2b 93 ec 4a 19 64 50 9f 01 39 f9 7d 75 9c e5 ec bc 3a c9 b9 40 b4 64 f0 19 9e f4 65 fa 75 dd f2 c2 a9 0a 28 13 8b 0a bc 06 92 80 a7 d5 69 0e 8f 63 6c a1 cc 2e e4 59 3d 78 0d 60 d0 9e 38 aa 4e 13 9d 0b 29 13 f5 98 5a 1a dc 06 af 40 75 99 5b 8f 33 48 12 47 99 38 63 c1 6f 40 f7 9c 7e 7c 5c 03 a0 c3 74 1d 8b 0b 65 41 61 9e 51 83 e3 e0 c6 15 75 97 83 c3 3b Data Ascii: qB;{C%fPM'5R'9Q#")Lp/^35A(4t+ho:je>xqSBy6vl:Oe\|+JdP9}u:@deu(icl.Y=x`8N)Z@u[3HG8co@~\|\teAaQu;
2024-05-26 22:43:26 UTC	8302	IN	Data Raw: 8a d9 ed 4b 1d 4e ad e5 48 4a cd 5e df e8 20 c8 32 73 a4 98 31 bb 7d d4 69 1d 47 1a d4 dc 3c 4f 37 e0 26 0c c6 64 c8 30 af 50 0d b1 d3 4f 37 20 40 84 99 23 ed 6e 62 f6 fa 34 9c 77 bf 99 39 d2 f3 be 5f 74 fc aa d7 97 3a 28 da 9e f3 ff c7 2e 8e 26 cc 5e 1f 24 e6 d5 7e 28 56 9f 90 d6 b2 02 a5 b5 8d f3 74 03 ae 61 b0 ad 56 07 01 c4 54 43 d3 6c 03 69 03 18 13 25 b5 ac 40 23 95 4e 5f ea 20 64 e6 7f ac 60 b9 ec 4c 09 58 91 a5 cf 37 0c b0 98 31 b1 02 9d cf cd c2 e9 f4 43 0e 21 e0 c3 d3 a5 85 15 f4 32 2c 6a 9c 3e 2f 61 ba 97 55 84 98 9c 3e 28 4c ac 64 68 4d 0e ff 94 01 02 00 a8 31 b1 92 48 4c 3e df e8 20 50 66 25 2b 89 39 4c 4e 5f eb 50 cc 98 58 c9 62 f5 64 f2 f9 2b b0 b3 de 9b 58 c9 0b 5e 5f b6 88 4e 9b ef 73 20 df 79 fe cf cf da 56 dd 83 50 7c fe b4 f8 8f 15 a9 Data Ascii: KNHJ^ 2s1}iG<O7&d0PO7 @#nb4w9_t:(.&^$~(VtaVTCli%@#N_ d`LX71C!2,j>/aU>(LdhM1HL> Pf%+9LN_PXbd+X^_Ns yVP\|
2024-05-26 22:43:26 UTC	5930	IN	Data Raw: 57 00 a8 7f f0 13 05 70 94 78 b5 c2 7b 93 df 50 a8 06 da 06 e4 c9 9c d2 ae 26 e5 0f 05 52 1d 84 28 6d 62 83 32 e9 26 19 e4 b3 8b aa 87 3c 83 7b 30 e5 8e 33 6c c1 51 4d 64 26 0f 56 12 6e 8e 61 26 3c d5 45 96 c1 7b 38 dd 26 19 34 ca e0 a9 36 22 84 c9 f6 8f 21 6b 32 05 aa 8f da dd 2a 02 89 12 2d 47 32 4a 45 aa 91 cc c9 32 c9 b2 d2 2c 82 df 6e 37 7c d5 49 53 9e 49 98 96 95 64 d1 88 96 8a 58 b5 92 89 94 44 a0 14 0b 15 e2 3b a9 ea a5 91 a3 18 58 4a b0 50 fe 94 33 b9 6a a6 57 7b 4b 41 c3 8b ae df 9b bc 3d 03 a8 1b c0 ff 77 89 c7 2b aa 9b 86 28 30 39 4a ae 80 bb 30 d2 50 e5 84 28 11 7e 6e 1d 6a c0 64 ee 01 55 50 c4 78 62 2d 4a 0c 14 9e 2e aa 8e b2 98 49 ab 11 88 f6 3a d3 aa a5 7c 8f eb 88 73 6a dd 41 8e 90 65 2e a8 9e 6a 4c 56 4a cd 45 08 44 66 f0 54 53 ed b0 f0 Data Ascii: Wpx{P&R(mb2&<{03lQMd&Vna&<E{8&46"!k2*-G2JE2,n7\|ISIdXD;XJP3jW{KA=w+(09J0P(~njdUPxb-J.I:\|sjAe.jLVJEDfTS

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.6	49717	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-05-26 22:43:26 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-05-26 22:43:27 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=235630 Date: Sun, 26 May 2024 22:43:27 GMT Content-Length: 55 Connection: close X-CID: 2
2024-05-26 22:43:27 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.6	49718	76.76.21.61	443	6052	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-26 22:43:26 UTC	391	OUT	GET /logo192.png HTTP/1.1 Host: open-cases-support-for-business-appeal-id-204.vercel.app Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-26 22:43:27 UTC	497	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 42001 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline; filename="logo192.png" Content-Length: 5347 Content-Type: image/png Date: Sun, 26 May 2024 22:43:27 GMT Etag: "33dbdd0177549353eeeb785d02c294af" Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Vercel-Cache: HIT X-Vercel-Id: iad1::dx47d-1716763407028-5e257f1b111d Connection: close
2024-05-26 22:43:27 UTC	2372	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c0 00 00 00 c0 08 03 00 00 00 65 02 9c 35 00 00 00 87 50 4c 54 45 00 00 00 64 da fb 61 da fc 61 db fc 61 da fc 61 db fc 61 da fb 61 db fc 61 da fb 61 da fc 61 db fc 61 da fc 61 da fc 61 db fc 61 da fc 61 da fc 61 da fb 61 da fb 61 da fb 61 da fc 60 da fb 61 da fb 61 db fb 61 da fc 61 da fc 61 da fc 61 da fc 61 da fb 60 da fb 61 da fb 61 db fc 61 da fc 61 db fc 61 da fb 61 db fc 61 da fb 61 da fb 61 db fb 61 da fb 61 da fb 66 e8 ff 61 dc fe 63 df ff 65 e3 ff 68 eb ff 48 d5 c6 94 00 00 00 27 74 52 4e 53 00 08 fb 23 f6 0f 2c e0 d8 eb 5f 93 80 ac f1 9c 45 c0 d0 4c 1c 17 6e 3f 58 e5 b3 34 51 67 b9 79 74 ca 3a a4 c5 87 8c 8c 8d 21 cd 00 00 13 e4 49 44 41 54 78 da ec 5b e9 72 9b 30 10 2e 02 1b 6c 2e 1b 3b Data Ascii: PNGIHDRe5PLTEdaaaaaaaaaaaaaaaaaa`aaaaaaa`aaaaaaaaaaafacehH'tRNS#,_ELn?X4Qgyt:!IDATx[r0.l.;
2024-05-26 22:43:27 UTC	1222	IN	Data Raw: 90 15 0c 30 e1 d7 ca 12 ce 18 fb 6c 0a 53 29 44 65 0d 07 e3 db 15 e7 c6 64 5b 38 b5 d0 42 87 e6 68 db e0 12 6e ee 35 2b 83 26 7b 6e f2 eb a0 84 07 b1 aa 8d 7c 2d 29 28 ec 8a 10 a6 f1 c2 36 21 60 84 d1 ce 99 a9 84 56 c6 64 5b 72 37 07 99 b7 b7 56 b8 73 58 30 08 3d ca 24 a4 05 46 45 09 19 c1 8e 35 33 9a 28 06 5d b4 73 b2 04 aa 41 2a fa a1 0e 66 8f 0c 42 7b 4a 4c b6 59 7c 53 5e f3 c7 4c 54 d5 7d b1 1f da 09 6f 60 25 10 3d da 61 ca ef a8 eb 1e dc aa 45 82 5f 2a 3d 42 ed da 76 cd c6 e8 2d 90 d9 21 48 33 5d 4b c3 9e d6 fe 30 53 40 30 e5 e7 fd 78 4c 44 61 4c 8c 8e 3a 93 83 0c 42 40 d0 b9 3b da 80 c1 c2 07 59 00 dd ad 3f 29 31 40 72 53 ab 22 80 91 d6 63 5a 59 48 bd 98 51 82 28 d6 41 c1 72 5e 57 1a 20 28 70 96 13 6d bd 0f 46 4b 10 7a 69 da 08 00 6a 0b 2d ab 2d f6 Data Ascii: 0lS)Ded[8Bhn5+&{n\|-)(6!`Vd[r7VsX0=$FE53(]sAfB{JLY\|S^LT}o`%=aE_=Bv-!H3]K0S@0xLDaL:B@;Y?)1@rS"cZYHQ(Ar^W (pmFKzij--
2024-05-26 22:43:27 UTC	1753	IN	Data Raw: a1 86 04 fc fe 74 0e d1 e3 cd 56 e4 9b 1f 59 21 b2 c2 fa 27 74 41 0f df 53 d3 c6 1b 67 06 b1 03 43 f9 10 d8 14 05 1e 21 ee 8f 59 d5 b0 43 19 8b b4 35 d4 52 e5 81 af 98 20 e5 ad 38 fd 45 05 1a 29 17 fd 19 ab 18 0b 26 eb 1f ae f0 9d 85 7e 44 72 00 ba b0 aa 0c c9 a6 bd c8 c8 26 cc e8 86 a3 8a 18 35 80 82 b3 2b b3 58 7d 3d 55 3c 66 50 7e 61 c3 51 2e cf 80 e4 aa cb 10 ee 22 9d c9 9d 91 92 3a 3a 7b 8f 62 5f 29 5d 04 ab ba d5 a6 0b 14 02 12 bb e9 5c 28 16 7c 22 3b 44 ac ef ae 14 05 1a ca 1f f5 74 ba 8e 92 f8 fc f9 32 ee e2 1d 94 e9 c2 e6 f5 d4 05 f8 2a 79 cb 5d b1 e8 4b ee 1d b5 bd 06 bf 52 dc 06 dc 5e 9f b8 2a 34 7f e8 64 7a d8 8b df c7 41 83 10 01 7c 70 d4 6a f4 f8 ae 72 1c c3 bc 06 63 a4 b2 d9 c8 93 b0 23 3b 6b f2 97 1b 85 ad 48 e0 8b 20 2a 78 ed 0c 5e 4e 6f Data Ascii: tVY!'tASgC!YC5R 8E)&~Dr&5+X}=U<fP~aQ."::{b_)]\(\|";Dt2y]KR^4dzA\|pjrc#;kH *x^No

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 7100, Parent PID: 3040

General

Target ID:	0
Start time:	18:43:13
Start date:	26/05/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6052, Parent PID: 7100

General

Target ID:	2
Start time:	18:43:18
Start date:	26/05/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2028,i,13871963784792266551,7697430413099180902,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 2420, Parent PID: 3040

General

Target ID:	3
Start time:	18:43:20
Start date:	26/05/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id"
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 49

Chrome Cache Entry: 50

Chrome Cache Entry: 51

Chrome Cache Entry: 52

Chrome Cache Entry: 53

Chrome Cache Entry: 54

Chrome Cache Entry: 55

Chrome Cache Entry: 56

Chrome Cache Entry: 57

Chrome Cache Entry: 58

Static File Info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTPS Proxied Packets

Statistics

CPU Usage

Memory Usage

Behavior

System Behavior

Analysis Process: chrome.exePID: 7100, Parent PID: 3040

General

Chronological Activities

Analysis Process: chrome.exePID: 6052, Parent PID: 7100

Windows Analysis Report
https://open-cases-support-for-business-appeal-id-204.vercel.app/appeal_case_id