Joe Sandbox Cloud Basic Analysis Report
Create Interactive Tour

Windows Analysis Report
http://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/

Overview

General Information

Sample URL:http://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/
Analysis ID:1456949
Infos:

Detection

Outlook Phishing, HTMLPhisher
Score:92
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Phishing site detected (based on favicon image match)
Yara detected HtmlPhish10
Phishing site detected (based on logo match)
Phishing site detected (based on shot match)
Yara detected Outlook Phishing page
HTML body contains low number of good links
HTML body contains password input but no form action
HTML body with high number of embedded images detected
HTML title does not match URL
HTTP GET or POST without a user agent
Uses insecure TLS / SSL version for HTTPS connection

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • chrome.exe (PID: 1372 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
    • chrome.exe (PID: 4152 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2900 --field-trial-handle=2864,i,15905578781120468769,3679726759094227061,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
  • chrome.exe (PID: 6404 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_47JoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
    dropped/chromecache_47JoeSecurity_OutlookPhishingYara detected Outlook Phishing pageJoe Security

      HTML

      SourceRuleDescriptionAuthorStrings
      0.0.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
        0.0.pages.csvJoeSecurity_OutlookPhishingYara detected Outlook Phishing pageJoe Security

          Sigma Signatures

          No Sigma rule has matched

          Snort Signatures

          No Snort rule has matched

          Joe Sandbox Signatures

          • AV Detection
          • Phishing
          • Compliance
          • Networking
          • System Summary

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Source: http://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/Avira URL Cloud: detection malicious, Label: phishing
          Source: http://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social usering
          Source: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/owa/auth/15.2.1258/themes/resources/segoeui-regular.ttfAvira URL Cloud: Label: phishing

          Phishing

          barindex
          Source: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.linkLLM: Score: 9 brands: Outlook Reasons: The URL 'https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link' is highly suspicious. It does not match the legitimate domain name 'outlook.com' associated with the Outlook brand. The use of a decentralized web link (dweb.link) is unusual for a legitimate service like Outlook. The page contains a login form, which is a common feature in phishing sites to capture user credentials. The image resembles the legitimate Outlook login page, which is a social usering technique to mislead users. Therefore, this site is highly likely to be a phishing site. DOM: 0.0.pages.csv
          Source: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.linkMatcher: Template: outlook matched with high similarity
          Source: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/Matcher: Template: outlook matched with high similarity
          Source: Yara matchFile source: 0.0.pages.csv, type: HTML
          Source: Yara matchFile source: dropped/chromecache_47, type: DROPPED
          Source: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/Matcher: Template: outlook matched
          Source: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/Matcher: Template: outlook matched
          Source: Yara matchFile source: 0.0.pages.csv, type: HTML
          Source: Yara matchFile source: dropped/chromecache_47, type: DROPPED
          Source: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/HTTP Parser: Number of links: 0
          Source: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/HTTP Parser: <input type="password" .../> found but no <form action="...
          Source: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/HTTP Parser: Total embedded image size: 20476
          Source: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/HTTP Parser: Title: Outlook does not match URL
          Source: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/HTTP Parser: <input type="password" .../> found
          Source: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/HTTP Parser: No <meta name="author".. found
          Source: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/HTTP Parser: No <meta name="copyright".. found
          Source: unknownHTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49734 version: TLS 1.0
          Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:49711 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49713 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49719 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.211.8.90:443 -> 192.168.2.6:49728 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.211.8.90:443 -> 192.168.2.6:49729 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49731 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49730 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49735 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49736 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49737 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49738 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49744 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49745 version: TLS 1.2
          Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: ipinfo.ioConnection: Keep-Alive
          Source: unknownHTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49734 version: TLS 1.0
          Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
          Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
          Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
          Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
          Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
          Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
          Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
          Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: ipinfo.ioConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.linkConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf HTTP/1.1Host: bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.linkConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.linksec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
          Source: global trafficHTTP traffic detected: GET /mail/favicon.ico HTTP/1.1Host: outlook.live.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /mail/favicon.ico HTTP/1.1Host: outlook.live.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficDNS traffic detected: DNS query: bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link
          Source: global trafficDNS traffic detected: DNS query: stackpath.bootstrapcdn.com
          Source: global trafficDNS traffic detected: DNS query: www.google.com
          Source: global trafficDNS traffic detected: DNS query: outlook.live.com
          Source: unknownHTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4775Host: login.live.com
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 13 Jun 2024 22:28:17 GMTContent-Type: text/plain; charset=utf-8Content-Length: 227Connection: closeaccess-control-allow-headers: Content-Typeaccess-control-allow-headers: Rangeaccess-control-allow-headers: User-Agentaccess-control-allow-headers: X-Requested-Withaccess-control-allow-methods: GETaccess-control-allow-methods: HEADaccess-control-allow-methods: OPTIONSaccess-control-allow-origin: *access-control-expose-headers: Content-Lengthaccess-control-expose-headers: Content-Rangeaccess-control-expose-headers: X-Chunked-Outputaccess-control-expose-headers: X-Ipfs-Pathaccess-control-expose-headers: X-Ipfs-Rootsaccess-control-expose-headers: X-Stream-Outputx-content-type-options: nosniffx-ipfs-path: /ipfs/bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u/owa/auth/15.2.1258/themes/resources/segoeui-regular.ttfx-ipfs-pop: rainbow-ny5-04cache-control: public, max-age=0CF-Cache-Status: EXPIREDSet-Cookie: __cflb=0H28uueNjc7tVFoaMJ379GKnRjnqwz2CFaPNGTSWjLx; SameSite=None; Secure; path=/; expires=Fri, 14-Jun-24 21:28:17 GMT; HttpOnlyServer: cloudflareCF-RAY: 893581d07cce2e2a-DFWalt-svc: h3=":443"; ma=86400
          Source: chromecache_47.2.drString found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
          Source: chromecache_47.2.drString found in binary or memory: https://cagro.gensantos.gov.ph/wp-admin/user/next.php
          Source: chromecache_49.2.drString found in binary or memory: https://getbootstrap.com/)
          Source: chromecache_49.2.drString found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
          Source: chromecache_49.2.drString found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
          Source: chromecache_47.2.drString found in binary or memory: https://outlook.live.com/mail/favicon.ico
          Source: chromecache_47.2.drString found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
          Source: chromecache_47.2.drString found in binary or memory: https://www.telekom.de/shop/geraete/smartphones
          Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
          Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
          Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
          Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
          Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
          Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
          Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
          Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
          Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
          Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
          Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
          Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:49711 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49713 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49719 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.211.8.90:443 -> 192.168.2.6:49728 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.211.8.90:443 -> 192.168.2.6:49729 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49731 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49730 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49735 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49736 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49737 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49738 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49744 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49745 version: TLS 1.2
          Source: classification engineClassification label: mal92.phis.win@17/13@12/7
          Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2900 --field-trial-handle=2864,i,15905578781120468769,3679726759094227061,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
          Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/"
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2900 --field-trial-handle=2864,i,15905578781120468769,3679726759094227061,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: Window RecorderWindow detected: More than 3 window changes detected

          Mitre Att&ck Matrix

          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
          Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
          Process Injection          		1
          Process Injection          		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
          Encrypted Channel          		Exfiltration Over Other Network MediumAbuse Accessibility Features
          CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
          Non-Application Layer Protocol          		Exfiltration Over BluetoothNetwork Denial of Service
          Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
          Application Layer Protocol          		Automated ExfiltrationData Encrypted for Impact
          Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
          Ingress Tool Transfer          		Traffic DuplicationData Destruction

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet
          behaviorgraph top1 signatures2 2 Behavior Graph ID: 1456949 URL: http://bafybeigmbqvsi2362ch... Startdate: 14/06/2024 Architecture: WINDOWS Score: 92 26 Antivirus detection for URL or domain 2->26 28 Antivirus / Scanner detection for submitted sample 2->28 30 Phishing site detected (based on favicon image match) 2->30 32 5 other signatures 2->32 6 chrome.exe 1 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 14 192.168.2.5 unknown unknown 6->14 16 192.168.2.6, 443, 49367, 49705 unknown unknown 6->16 18 239.255.255.250 unknown Reserved 6->18 11 chrome.exe 6->11         started        process5 dnsIp6 20 bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link 209.94.90.2, 443, 49720, 49725 PROTOCOLUS United States 11->20 22 FRA-efz.ms-acdc.office.com 52.98.178.210, 443, 49741, 49743 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 11->22 24 5 other IPs or domains 11->24

          Screenshots

          Download Video

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.


          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          SourceDetectionScannerLabelLink
          http://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/100%Avira URL Cloudphishing
          http://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/100%SlashNextCredential Stealing type: Phishing & Social usering

          Dropped Files

          No Antivirus matches

          Unpacked PE Files

          No Antivirus matches

          Domains

          No Antivirus matches

          URLs

          SourceDetectionScannerLabelLink
          https://ipinfo.io/0%URL Reputationsafe
          https://getbootstrap.com/)0%URL Reputationsafe
          https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js0%Avira URL Cloudsafe
          https://cagro.gensantos.gov.ph/wp-admin/user/next.php0%Avira URL Cloudsafe
          https://github.com/twbs/bootstrap/blob/master/LICENSE)0%Avira URL Cloudsafe
          https://outlook.live.com/mail/favicon.ico0%Avira URL Cloudsafe
          https://github.com/twbs/bootstrap/graphs/contributors)0%Avira URL Cloudsafe
          https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf100%Avira URL Cloudphishing
          https://www.telekom.de/shop/geraete/smartphones0%Avira URL Cloudsafe

          Domains and IPs

          Download Network PCAP: filteredfull

          Contacted Domains

          NameIPActiveMaliciousAntivirus DetectionReputation
          bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link
          		209.94.90.2
          		truetrue
            		unknown
            stackpath.bootstrapcdn.com
            		104.18.11.207
            		truefalse
              		unknown
              www.google.com
              		216.58.206.68
              		truefalse
                		unknown
                FRA-efz.ms-acdc.office.com
                		52.98.178.210
                		truefalse
                  		unknown
                  fp2e7a.wpc.phicdn.net
                  		192.229.221.95
                  		truefalse
                    		unknown
                    outlook.live.com
                    		unknown
                    		unknownfalse
                      		unknown

                      Contacted URLs

                      NameMaliciousAntivirus DetectionReputation
                      https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.jsfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/owa/auth/15.2.1258/themes/resources/segoeui-regular.ttftrue
                      • Avira URL Cloud: phishing
                      		unknown
                      https://ipinfo.io/false
                      • URL Reputation: safe
                      		unknown
                      https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/true
                        		unknown
                        https://outlook.live.com/mail/favicon.icofalse
                        • Avira URL Cloud: safe
                        		unknown
                        NameSourceMaliciousAntivirus DetectionReputation
                        https://github.com/twbs/bootstrap/blob/master/LICENSE)chromecache_49.2.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://github.com/twbs/bootstrap/graphs/contributors)chromecache_49.2.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://getbootstrap.com/)chromecache_49.2.drfalse
                        • URL Reputation: safe
                        		unknown
                        https://cagro.gensantos.gov.ph/wp-admin/user/next.phpchromecache_47.2.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://www.telekom.de/shop/geraete/smartphoneschromecache_47.2.drfalse
                        • Avira URL Cloud: safe
                        		unknown

                        World Map of Contacted IPs

                        • No. of IPs < 25%
                        • 25% < No. of IPs < 50%
                        • 50% < No. of IPs < 75%
                        • 75% < No. of IPs

                        Public IPs

                        IPDomainCountryFlagASNASN NameMalicious
                        216.58.206.68
                        		www.google.comUnited States
                        		15169GOOGLEUSfalse
                        104.18.11.207
                        		stackpath.bootstrapcdn.comUnited States
                        		13335CLOUDFLARENETUSfalse
                        239.255.255.250
                        		unknownReserved
                        		unknownunknownfalse
                        52.98.178.210
                        		FRA-efz.ms-acdc.office.comUnited States
                        		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                        209.94.90.2
                        		bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.linkUnited States
                        		40680PROTOCOLUStrue

                        Private

                        IP
                        192.168.2.6
                        192.168.2.5

                        General Information

                        Joe Sandbox version:40.0.0 Tourmaline
                        Analysis ID:1456949
                        Start date and time:2024-06-14 00:26:20 +02:00
                        Joe Sandbox product:CloudBasic
                        Overall analysis duration:0h 3m 8s
                        Hypervisor based Inspection enabled:false
                        Report type:full
                        Cookbook file name:browseurl.jbs
                        Sample URL:http://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/
                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                        Number of analysed new started processes analysed:9
                        Number of new started drivers analysed:0
                        Number of existing processes analysed:0
                        Number of existing drivers analysed:0
                        Number of injected processes analysed:0
                        Technologies:
                        • HCA enabled
                        • EGA enabled
                        • AMSI enabled
                        Analysis Mode:default
                        Analysis stop reason:Timeout
                        Detection:MAL
                        Classification:mal92.phis.win@17/13@12/7
                        EGA Information:Failed
                        HCA Information:
                        • Successful, ratio: 100%
                        • Number of executed functions: 0
                        • Number of non-executed functions: 0
                        • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                        • Excluded IPs from analysis (whitelisted): 192.229.221.95, 93.184.221.240, 216.58.206.67, 142.250.186.46, 64.233.184.84, 34.104.35.123, 142.250.185.170, 216.58.206.74, 172.217.23.106, 142.250.74.202, 216.58.212.170, 216.58.206.42, 142.250.184.202, 142.250.186.42, 142.250.186.74, 216.58.212.138, 142.250.185.106, 142.250.181.234, 172.217.18.10, 142.250.185.234, 142.250.185.202, 142.250.186.138, 52.165.165.26, 13.95.31.18, 20.3.187.198, 142.250.186.131
                        • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, wu.azureedge.net, clients2.google.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, hlb.apr-52dd2-0.edgecastdns.net, sls.update.microsoft.com, update.googleapis.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, client.wns.windows.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, ajax.googleapis.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com
                        • Not all processes where analyzed, report is missing behavior information
                        • Report size getting too big, too many NtSetInformationFile calls found.
                        • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                        • VT rate limit hit for: http://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/

                        Simulations

                        Behavior and APIs

                        No simulations

                        LLM Input / Output

                        InputOutput
                        URL: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link Model: gpt-4o
                        ```json
{
  "phishing_score": 9,
  "brands": "Outlook",
  "phishing": true,
  "suspicious_domain": true,
  "has_loginform": true,
  "has_captcha": false,
  "setechniques": true,
  "has_suspicious_link": true,
  "legitmate_domain": "outlook.com",
  "reasons": "The URL 'https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link' is highly suspicious. It does not match the legitimate domain name 'outlook.com' associated with the Outlook brand. The use of a decentralized web link (dweb.link) is unusual for a legitimate service like Outlook. The page contains a login form, which is a common feature in phishing sites to capture user credentials. The image resembles the legitimate Outlook login page, which is a social usering technique to mislead users. Therefore, this site is highly likely to be a phishing site."
}

                        Joe Sandbox View / Context

                        IPs

                        No context

                        Domains

                        No context

                        ASNs

                        No context

                        JA3 Fingerprints

                        No context

                        Dropped Files

                        No context

                        Created / dropped Files

                        Chrome Cache Entry: 46

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (32065)
                        Category:downloaded
                        Size (bytes):85578
                        Entropy (8bit):5.366055229017455
                        Encrypted:false
                        SSDEEP:1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2
                        MD5:2F6B11A7E914718E0290410E85366FE9
                        SHA1:69BB69E25CA7D5EF0935317584E6153F3FD9A88C
                        SHA-256:05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
                        SHA-512:0D40BCCAA59FEDECF7243D63B33C42592541D0330FEFC78EC81A4C6B9689922D5B211011CA4BE23AE22621CCE4C658F52A1552C92D7AC3615241EB640F8514DB
                        Malicious:false
                        Reputation:low
                        URL:https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
                        Preview:/*! jQuery v2.2.4 | (c) jQuery Foundation | jquery.org/license */.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call

                        Chrome Cache Entry: 47

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:HTML document, Unicode text, UTF-8 text, with very long lines (10412), with CRLF line terminators
                        Category:downloaded
                        Size (bytes):38457
                        Entropy (8bit):6.209596455512543
                        Encrypted:false
                        SSDEEP:768:Lx0tkGdKV7aQblzoJmgK4e2Fuz3zFbcN9c8ReNa1Us:F0t/kF5D4nFuhcvLeNaz
                        MD5:54C7974D4251A047ECA4FE0271CAFE12
                        SHA1:D236B4A8DFBA25AD1B89EC520DEB4FDE2ECA25F2
                        SHA-256:E99D7A157219E1FA431FADE24A2BE84FBADF1EB13B2D862750944A67DF02CDDF
                        SHA-512:BE8E405E367B5C8E6C65B3C2CC88204112E5DB8FF923EB5F956738CB4EA970A57B10B68A4A77559F2A90CB832B8DD884D9E3864B6C2CA271C19D98DEFA2D3F45
                        Malicious:false
                        Reputation:low
                        URL:https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/
                        Preview:<head>.<link rel="shortcut icon" type="image/x-icon" href="https://outlook.live.com/mail/favicon.ico">....<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">....<title>Outlook</title>....<meta name="viewport" content="width=device-width, initial-scale=1.0">...........<style>@font-face { font-family: "wf_segoe-ui_normal"; src: url("/owa/auth/15.2.1258/themes/resources/segoeui-regular.eot?#iefix") format("embedded-opentype"), url("/owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf") format("truetype");}@font-face { font-family: "wf_segoe-ui_semilight"; src: url("/owa/auth/15.2.1258/themes/resources/segoeui-semilight.eot?#iefix") format("embedded-opentype"), url("/owa/auth/15.2.1258/themes/resources/segoeui-semilight.ttf") format("truetype");}@font-face { font-family: "wf_segoe-ui_semibold"; src: url("/owa/auth/15.2.1258/themes/resources/segoeui-semibold.eot?#iefix") format("embedded-opentype"), url("/owa/auth/15.2.1258/themes/resources/segoeui-semibold.ttf") format(

                        Chrome Cache Entry: 48

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with no line terminators
                        Category:downloaded
                        Size (bytes):40
                        Entropy (8bit):4.439822782008755
                        Encrypted:false
                        SSDEEP:3:mSLinPbSsvVXyY:mSWPbScVXL
                        MD5:43E3F24D620D17E27253CC707F21F8A5
                        SHA1:65056BA10A4907DEA1D5B0C601ACF71AC23D7BFC
                        SHA-256:BB35BE02979B6BADD6DB473B6C54FAF85DB79FCE1BC727379F60E9C7CF9E0E58
                        SHA-512:EAB19F91F08B8BBEE6F42F6E68641FB1B1C863CAD15B0AF405FBBA41A7113BDD872A7B56C27E10BDBF5AACC4FBB7FAB23CCD9F7022720B75AC79518CBBA63EEE
                        Malicious:false
                        Reputation:low
                        URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzQSHgn83opA_cVqIhIFDXhvEhkSBQ3OQUx6EgUNTx8adg==?alt=proto
                        Preview:ChsKBw14bxIZGgAKBw3OQUx6GgAKBw1PHxp2GgA=

                        Chrome Cache Entry: 49

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (50758)
                        Category:downloaded
                        Size (bytes):51039
                        Entropy (8bit):5.247253437401007
                        Encrypted:false
                        SSDEEP:768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+
                        MD5:67176C242E1BDC20603C878DEE836DF3
                        SHA1:27A71B00383D61EF3C489326B3564D698FC1227C
                        SHA-256:56C12A125B021D21A69E61D7190CEFA168D6C28CE715265CEA1B3B0112D169C4
                        SHA-512:9FA75814E1B9F7DB38FE61A503A13E60B82D83DB8F4CE30351BD08A6B48C0D854BAF472D891AF23C443C8293380C2325C7B3361B708AF9971AA0EA09A25CDD0A
                        Malicious:false
                        Reputation:low
                        URL:https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
                        Preview:/*!. * Bootstrap v4.1.3 (https://getbootstrap.com/). * Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,h){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function l(r){for(var t=1;t<arguments.length;t++){var o=null!=arguments[t]?arguments[t]:{},e=Object.keys(o);"function"==typeof Object.getOwnPropertySymbols&&(e=e.concat(Object.getOwnPropertySymbols(o).filter(function(t){return Object.getOwnPropertyDescriptor(o,t).enum

                        Chrome Cache Entry: 50

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
                        Category:downloaded
                        Size (bytes):7886
                        Entropy (8bit):4.14434000076088
                        Encrypted:false
                        SSDEEP:48:gFLLLLLLBWj2P+W3DS4E4U4R7454y4aR+BddHOlFgWSsjfQeiFzm22lhCa1I/CPP:tjQDdNKevXOl/amZP
                        MD5:AC16FA7FC862073B02ACD1187FC6DEF4
                        SHA1:F2B9A6255F6293000F30EEE272ABDD372A14E9D3
                        SHA-256:E35D94B76894D6ECA96FF5B1A12D94DFE73485EF3C52CB5B4395BE8FFAC1CB45
                        SHA-512:FF0884F9F3DED38191C7D1F214545509E80DE614BC824395F3C9412AED8D81DB95BA7E761939AC1F1798C1D39A7969A3DBF373D03A88404345714EDD8165F19D
                        Malicious:false
                        Reputation:low
                        URL:https://outlook.live.com/mail/favicon.ico
                        Preview:...... .... .....6......... ............... .h...f...(... ...@..... ..........................................................................................................................................................................................................................................................................................................................(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..'.....................................(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(.....~......................................(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(.."................................................ ... ... ... ... ... ... ... .."..(..(..(..(..(..(..(..(..$.....}...............................................y...y...y...y...y...y...y...y...y...%..(..(..(..(..(..'.....|..............................

                        Chrome Cache Entry: 51

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
                        Category:dropped
                        Size (bytes):7886
                        Entropy (8bit):4.14434000076088
                        Encrypted:false
                        SSDEEP:48:gFLLLLLLBWj2P+W3DS4E4U4R7454y4aR+BddHOlFgWSsjfQeiFzm22lhCa1I/CPP:tjQDdNKevXOl/amZP
                        MD5:AC16FA7FC862073B02ACD1187FC6DEF4
                        SHA1:F2B9A6255F6293000F30EEE272ABDD372A14E9D3
                        SHA-256:E35D94B76894D6ECA96FF5B1A12D94DFE73485EF3C52CB5B4395BE8FFAC1CB45
                        SHA-512:FF0884F9F3DED38191C7D1F214545509E80DE614BC824395F3C9412AED8D81DB95BA7E761939AC1F1798C1D39A7969A3DBF373D03A88404345714EDD8165F19D
                        Malicious:false
                        Reputation:low
                        Preview:...... .... .....6......... ............... .h...f...(... ...@..... ..........................................................................................................................................................................................................................................................................................................................(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..'.....................................(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(.....~......................................(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(.."................................................ ... ... ... ... ... ... ... .."..(..(..(..(..(..(..(..(..$.....}...............................................y...y...y...y...y...y...y...y...y...%..(..(..(..(..(..'.....|..............................

                        Chrome Cache Entry: 52

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:downloaded
                        Size (bytes):227
                        Entropy (8bit):4.995054839523766
                        Encrypted:false
                        SSDEEP:6:fIdsRnNiNXfGcklJ0dbWzcIVKQ1IiNXfGcA:fX6XWJ0VEcId/Xk
                        MD5:25BC1C27D70CF7C1694A3D82EC02E946
                        SHA1:2324FE278F054441B5A7F86BBF34399ABF869D3B
                        SHA-256:9AE26D0F29FA22CB7F96E701D69FDF9CD8BBFBC14C19944D8D161F3225D9696E
                        SHA-512:F19E70AAA1DF8FA6DAED33B6C4508D07BC3D9E14A0B4A8F0254B5DA67558F5E16FFA0A3DB5D97695BFFDEF36CC5CDA58A96B8689326D4418554827F24998BDAB
                        Malicious:false
                        Reputation:low
                        URL:https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf
                        Preview:failed to resolve /ipfs/bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u/owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf: no link named "owa" under bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.

                        Static File Info

                        No static file info

                        Network Behavior

                        Download Network PCAP: filteredfull

                        Network Port Distribution

                        • Total Packets: 273
                        • 443 (HTTPS)
                        • 53 (DNS)
                        TimestampSource PortDest PortSource IPDest IP
                        Jun 14, 2024 00:27:04.905402899 CEST4434971140.113.103.199192.168.2.6
                        Jun 14, 2024 00:27:04.905479908 CEST49711443192.168.2.640.113.103.199
                        Jun 14, 2024 00:27:04.908068895 CEST49711443192.168.2.640.113.103.199
                        Jun 14, 2024 00:27:04.908081055 CEST4434971140.113.103.199192.168.2.6
                        Jun 14, 2024 00:27:04.908359051 CEST4434971140.113.103.199192.168.2.6
                        Jun 14, 2024 00:27:04.909535885 CEST49711443192.168.2.640.113.103.199
                        Jun 14, 2024 00:27:04.909614086 CEST49711443192.168.2.640.113.103.199
                        Jun 14, 2024 00:27:04.909619093 CEST4434971140.113.103.199192.168.2.6
                        Jun 14, 2024 00:27:04.909739971 CEST49711443192.168.2.640.113.103.199
                        Jun 14, 2024 00:27:04.952510118 CEST4434971140.113.103.199192.168.2.6
                        Jun 14, 2024 00:27:05.152807951 CEST4434971140.113.103.199192.168.2.6
                        Jun 14, 2024 00:27:05.153223991 CEST49711443192.168.2.640.113.103.199
                        Jun 14, 2024 00:27:05.153250933 CEST4434971140.113.103.199192.168.2.6
                        Jun 14, 2024 00:27:05.153274059 CEST49711443192.168.2.640.113.103.199
                        Jun 14, 2024 00:27:05.153306007 CEST49711443192.168.2.640.113.103.199
                        Jun 14, 2024 00:27:07.107122898 CEST49673443192.168.2.6173.222.162.64
                        Jun 14, 2024 00:27:07.107340097 CEST49674443192.168.2.6173.222.162.64
                        Jun 14, 2024 00:27:07.450869083 CEST49672443192.168.2.6173.222.162.64
                        Jun 14, 2024 00:27:11.255882025 CEST49713443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:11.255918980 CEST4434971340.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:11.255975962 CEST49713443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:11.256597042 CEST49713443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:11.256611109 CEST4434971340.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:12.347805977 CEST4434971340.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:12.347887039 CEST49713443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:12.566447020 CEST49713443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:12.566488028 CEST4434971340.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:12.567410946 CEST4434971340.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:12.569139004 CEST49713443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:12.569204092 CEST49713443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:12.569210052 CEST4434971340.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:12.569425106 CEST49713443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:12.616497040 CEST4434971340.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:12.813647985 CEST4434971340.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:12.842792988 CEST49713443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:12.842822075 CEST4434971340.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:12.842839003 CEST49713443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:12.842883110 CEST49713443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:14.978075027 CEST49719443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:14.978112936 CEST4434971940.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:14.978262901 CEST49719443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:14.979012966 CEST49719443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:14.979031086 CEST4434971940.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:15.568432093 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:15.568521976 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:15.568587065 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:15.568804026 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:15.568834066 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.064618111 CEST4434971940.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:16.064711094 CEST49719443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:16.067060947 CEST49719443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:16.067080021 CEST4434971940.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:16.067867041 CEST4434971940.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:16.069860935 CEST49719443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:16.069955111 CEST49719443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:16.069964886 CEST4434971940.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:16.070105076 CEST49719443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:16.116508961 CEST4434971940.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:16.187715054 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.188082933 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.188134909 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.189399004 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.189480066 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.190707922 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.190782070 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.190947056 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.190962076 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.230370045 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.312128067 CEST4434971940.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:16.312634945 CEST49719443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:16.312653065 CEST4434971940.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:16.312794924 CEST49719443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:16.333606005 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.333739996 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.333823919 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.333830118 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.333858013 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.333914042 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.333971024 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.334124088 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.334197044 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.334249020 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.334264994 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.334678888 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.334691048 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.385587931 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.385636091 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.437405109 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.449981928 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.450186968 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.450211048 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.450254917 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.450298071 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.450510979 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.450726986 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.450777054 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.450819016 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.450836897 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.451528072 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.451575041 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.451606035 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.452235937 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.452279091 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.452334881 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.452358961 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.452512980 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.453021049 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.453166962 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.453219891 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.453249931 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.453896999 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.453952074 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.453972101 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.454689980 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.454772949 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.454799891 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.454819918 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.454932928 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.454941988 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.455008984 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.455055952 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.455830097 CEST49720443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.455862045 CEST44349720209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.475323915 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:16.475368977 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:16.475429058 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:16.475784063 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:16.475805044 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:16.501477957 CEST49725443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.501528025 CEST44349725209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.501673937 CEST49725443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.502299070 CEST49725443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:16.502341032 CEST44349725209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:16.716010094 CEST49673443192.168.2.6173.222.162.64
                        Jun 14, 2024 00:27:16.716248035 CEST49674443192.168.2.6173.222.162.64
                        Jun 14, 2024 00:27:17.065684080 CEST49672443192.168.2.6173.222.162.64
                        Jun 14, 2024 00:27:17.078140974 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.078649998 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.078708887 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.079730034 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.079799891 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.081892014 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.081955910 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.082531929 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.082542896 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.118598938 CEST44349725209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:17.122425079 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.123816013 CEST49725443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:17.123905897 CEST44349725209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:17.125288010 CEST44349725209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:17.126071930 CEST49725443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:17.126271009 CEST44349725209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:17.126636028 CEST49725443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:27:17.168519974 CEST44349725209.94.90.2192.168.2.6
                        Jun 14, 2024 00:27:17.222661972 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.222695112 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.222719908 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.222743034 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.222765923 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.222769976 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.222780943 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.222800970 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.222815037 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.222826004 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.223654985 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.223683119 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.223701954 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.223723888 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.223732948 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.223776102 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.263283014 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.337512016 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.337657928 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.337682009 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.337713957 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.337738991 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.337781906 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.338200092 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.338236094 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.338254929 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.338283062 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.338293076 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.338342905 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.339121103 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.342463017 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.342489958 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.342530966 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.342567921 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.342554092 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.342583895 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.342596054 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.342637062 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.342638969 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.342673063 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.342711926 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.343240976 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.343278885 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.343301058 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.343342066 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.343352079 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.343399048 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.452301025 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.452344894 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.452378988 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.452495098 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.452536106 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.452591896 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.452603102 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.452810049 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.452831984 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.452852964 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.452862024 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.452908039 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.452915907 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.452981949 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.453035116 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.454344988 CEST49724443192.168.2.6104.18.11.207
                        Jun 14, 2024 00:27:17.454375982 CEST44349724104.18.11.207192.168.2.6
                        Jun 14, 2024 00:27:17.926291943 CEST49726443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:27:17.926382065 CEST44349726216.58.206.68192.168.2.6
                        Jun 14, 2024 00:27:17.926461935 CEST49726443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:27:17.927387953 CEST49726443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:27:17.927424908 CEST44349726216.58.206.68192.168.2.6
                        Jun 14, 2024 00:27:18.494708061 CEST49728443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:18.494736910 CEST4434972823.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:18.494822025 CEST49728443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:18.496512890 CEST49728443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:18.496526957 CEST4434972823.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:18.797439098 CEST44349726216.58.206.68192.168.2.6
                        Jun 14, 2024 00:27:18.797904968 CEST49726443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:27:18.797971964 CEST44349726216.58.206.68192.168.2.6
                        Jun 14, 2024 00:27:18.799607038 CEST44349726216.58.206.68192.168.2.6
                        Jun 14, 2024 00:27:18.799695969 CEST49726443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:27:18.801208019 CEST49726443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:27:18.801316023 CEST44349726216.58.206.68192.168.2.6
                        Jun 14, 2024 00:27:18.842308998 CEST44349705173.222.162.64192.168.2.6
                        Jun 14, 2024 00:27:18.842425108 CEST49705443192.168.2.6173.222.162.64
                        Jun 14, 2024 00:27:18.856636047 CEST49726443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:27:18.856702089 CEST44349726216.58.206.68192.168.2.6
                        Jun 14, 2024 00:27:18.902534008 CEST49726443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:27:19.340600967 CEST4434972823.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:19.340720892 CEST49728443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:19.345283985 CEST49728443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:19.345289946 CEST4434972823.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:19.345541954 CEST4434972823.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:19.385380030 CEST49728443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:19.445636034 CEST49728443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:19.492501020 CEST4434972823.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:19.689290047 CEST4434972823.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:19.689445019 CEST4434972823.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:19.689474106 CEST49728443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:19.689496994 CEST4434972823.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:19.689533949 CEST49728443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:19.689539909 CEST4434972823.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:19.689707041 CEST49728443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:19.689709902 CEST4434972823.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:19.723995924 CEST49729443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:19.724041939 CEST4434972923.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:19.724138975 CEST49729443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:19.724428892 CEST49729443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:19.724443913 CEST4434972923.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:20.567625046 CEST4434972923.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:20.567697048 CEST49729443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:20.587440968 CEST49729443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:20.587460995 CEST4434972923.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:20.587667942 CEST4434972923.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:20.594381094 CEST49729443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:20.636509895 CEST4434972923.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:20.839023113 CEST4434972923.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:20.839092016 CEST4434972923.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:20.839174986 CEST49729443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:20.841943026 CEST49729443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:20.841963053 CEST4434972923.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:20.841974020 CEST49729443192.168.2.623.211.8.90
                        Jun 14, 2024 00:27:20.841979980 CEST4434972923.211.8.90192.168.2.6
                        Jun 14, 2024 00:27:23.109949112 CEST49730443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:23.110003948 CEST4434973040.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:23.110097885 CEST49730443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:23.111100912 CEST49730443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:23.111140966 CEST4434973040.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:23.116965055 CEST49731443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:23.117065907 CEST4434973140.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:23.117172003 CEST49731443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:23.117777109 CEST49731443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:23.117815971 CEST4434973140.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.256912947 CEST4434973140.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.257016897 CEST49731443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.260101080 CEST49731443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.260134935 CEST4434973140.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.260586023 CEST4434973140.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.261277914 CEST4434973040.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.261509895 CEST49730443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.268516064 CEST49730443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.268584967 CEST4434973040.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.269260883 CEST49731443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.269340038 CEST49731443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.269354105 CEST4434973140.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.269352913 CEST4434973040.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.269578934 CEST49731443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.270509958 CEST49730443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.270559072 CEST49730443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.270579100 CEST4434973040.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.270665884 CEST49730443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.312515020 CEST4434973040.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.312521935 CEST4434973140.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.508686066 CEST4434973140.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.509350061 CEST49731443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.509350061 CEST49731443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.509426117 CEST4434973140.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.509505987 CEST49731443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.510226011 CEST4434973040.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.510612965 CEST49730443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.510689020 CEST4434973040.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.510751963 CEST49730443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.511099100 CEST4434973040.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:24.511177063 CEST49730443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:24.511177063 CEST49730443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:28.785273075 CEST44349726216.58.206.68192.168.2.6
                        Jun 14, 2024 00:27:28.785356998 CEST44349726216.58.206.68192.168.2.6
                        Jun 14, 2024 00:27:28.785654068 CEST49726443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:27:29.743953943 CEST49705443192.168.2.6173.222.162.64
                        Jun 14, 2024 00:27:29.744046926 CEST49705443192.168.2.6173.222.162.64
                        Jun 14, 2024 00:27:29.758631945 CEST44349705173.222.162.64192.168.2.6
                        Jun 14, 2024 00:27:29.758696079 CEST44349705173.222.162.64192.168.2.6
                        Jun 14, 2024 00:27:29.773583889 CEST49734443192.168.2.6173.222.162.64
                        Jun 14, 2024 00:27:29.773683071 CEST44349734173.222.162.64192.168.2.6
                        Jun 14, 2024 00:27:29.773796082 CEST49734443192.168.2.6173.222.162.64
                        Jun 14, 2024 00:27:29.774616957 CEST49734443192.168.2.6173.222.162.64
                        Jun 14, 2024 00:27:29.774652004 CEST44349734173.222.162.64192.168.2.6
                        Jun 14, 2024 00:27:30.382787943 CEST49726443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:27:30.382863998 CEST44349726216.58.206.68192.168.2.6
                        Jun 14, 2024 00:27:30.449557066 CEST44349734173.222.162.64192.168.2.6
                        Jun 14, 2024 00:27:30.449664116 CEST49734443192.168.2.6173.222.162.64
                        Jun 14, 2024 00:27:36.616172075 CEST49735443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:36.616295099 CEST4434973540.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:36.616389990 CEST49735443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:36.617966890 CEST49735443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:36.617980003 CEST4434973540.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:37.717674017 CEST4434973540.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:37.717747927 CEST49735443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:37.719999075 CEST49735443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:37.720011950 CEST4434973540.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:37.720237017 CEST4434973540.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:37.722104073 CEST49735443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:37.722178936 CEST49735443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:37.722184896 CEST4434973540.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:37.722333908 CEST49735443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:37.768491030 CEST4434973540.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:37.965554953 CEST4434973540.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:37.966831923 CEST49735443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:37.966857910 CEST4434973540.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:37.966876030 CEST49735443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:37.966907024 CEST49735443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:39.126925945 CEST49736443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:39.127022028 CEST4434973640.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:39.127149105 CEST49736443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:39.127789974 CEST49736443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:39.127824068 CEST4434973640.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:41.181857109 CEST4434973640.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:41.181937933 CEST49736443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:41.184462070 CEST49736443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:41.184473038 CEST4434973640.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:41.185256004 CEST4434973640.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:41.186572075 CEST49736443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:41.186630964 CEST49736443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:41.186635971 CEST4434973640.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:41.186774015 CEST49736443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:41.228549004 CEST4434973640.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:41.428462029 CEST4434973640.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:41.429084063 CEST49736443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:41.429155111 CEST4434973640.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:41.429203033 CEST49736443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:41.429233074 CEST49736443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:49.596441984 CEST44349734173.222.162.64192.168.2.6
                        Jun 14, 2024 00:27:49.596508026 CEST49734443192.168.2.6173.222.162.64
                        Jun 14, 2024 00:27:57.865894079 CEST49737443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:57.865955114 CEST4434973740.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:57.866029024 CEST49737443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:57.866970062 CEST49737443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:57.866988897 CEST4434973740.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:57.873452902 CEST49738443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:57.873462915 CEST4434973840.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:57.873528004 CEST49738443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:57.874438047 CEST49738443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:57.874453068 CEST4434973840.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:58.945563078 CEST4434973740.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:58.945864916 CEST49737443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:58.947853088 CEST49737443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:58.947869062 CEST4434973740.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:58.948087931 CEST4434973740.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:58.949341059 CEST49737443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:58.949410915 CEST49737443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:58.949415922 CEST4434973740.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:58.949532986 CEST49737443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:58.957684040 CEST4434973840.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:58.957813025 CEST49738443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:58.959047079 CEST49738443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:58.959053040 CEST4434973840.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:58.959243059 CEST4434973840.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:58.960606098 CEST49738443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:58.960606098 CEST49738443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:58.960623980 CEST4434973840.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:58.960719109 CEST49738443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:58.996496916 CEST4434973740.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:59.008492947 CEST4434973840.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:59.189070940 CEST4434973740.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:59.191648006 CEST49737443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:59.191677094 CEST4434973740.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:59.191713095 CEST49737443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:59.191894054 CEST4434973740.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:59.191920996 CEST49737443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:59.192162991 CEST49737443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:59.201550961 CEST4434973840.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:59.201967001 CEST49738443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:59.201976061 CEST4434973840.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:59.202100992 CEST49738443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:59.202121973 CEST4434973840.113.110.67192.168.2.6
                        Jun 14, 2024 00:27:59.202152967 CEST49738443192.168.2.640.113.110.67
                        Jun 14, 2024 00:27:59.202239037 CEST49738443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:02.170531034 CEST49725443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:28:02.170557022 CEST44349725209.94.90.2192.168.2.6
                        Jun 14, 2024 00:28:17.400557995 CEST44349725209.94.90.2192.168.2.6
                        Jun 14, 2024 00:28:17.400814056 CEST44349725209.94.90.2192.168.2.6
                        Jun 14, 2024 00:28:17.400881052 CEST49725443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:28:17.404892921 CEST49725443192.168.2.6209.94.90.2
                        Jun 14, 2024 00:28:17.404915094 CEST44349725209.94.90.2192.168.2.6
                        Jun 14, 2024 00:28:17.424880981 CEST49741443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:17.424921036 CEST4434974152.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:17.425038099 CEST49741443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:17.425273895 CEST49741443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:17.425286055 CEST4434974152.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:17.794822931 CEST49742443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:28:17.794874907 CEST44349742216.58.206.68192.168.2.6
                        Jun 14, 2024 00:28:17.795101881 CEST49742443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:28:17.795557022 CEST49742443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:28:17.795569897 CEST44349742216.58.206.68192.168.2.6
                        Jun 14, 2024 00:28:18.541479111 CEST4434974152.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:18.541882038 CEST49741443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:18.541899920 CEST4434974152.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:18.542912006 CEST4434974152.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:18.542990923 CEST49741443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:18.542998075 CEST4434974152.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:18.543035030 CEST49741443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:18.544677019 CEST49741443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:18.544734955 CEST4434974152.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:18.545454979 CEST49741443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:18.545460939 CEST4434974152.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:18.590354919 CEST49741443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:18.654386997 CEST44349742216.58.206.68192.168.2.6
                        Jun 14, 2024 00:28:18.655154943 CEST49742443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:28:18.655195951 CEST44349742216.58.206.68192.168.2.6
                        Jun 14, 2024 00:28:18.655648947 CEST44349742216.58.206.68192.168.2.6
                        Jun 14, 2024 00:28:18.657015085 CEST49742443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:28:18.657103062 CEST44349742216.58.206.68192.168.2.6
                        Jun 14, 2024 00:28:18.699775934 CEST49742443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:28:18.804158926 CEST4434974152.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:18.804228067 CEST4434974152.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:18.804250002 CEST4434974152.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:18.804292917 CEST49741443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:18.804311991 CEST4434974152.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:18.804342985 CEST49741443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:18.807905912 CEST49741443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:18.807984114 CEST4434974152.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:18.808043003 CEST49741443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:18.832499981 CEST49743443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:18.832525015 CEST4434974352.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:18.832582951 CEST49743443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:18.833034992 CEST49743443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:18.833051920 CEST4434974352.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:19.968132973 CEST4434974352.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:19.968506098 CEST49743443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:19.968519926 CEST4434974352.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:19.970066071 CEST4434974352.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:19.970136881 CEST49743443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:19.970144987 CEST4434974352.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:19.970186949 CEST49743443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:19.970572948 CEST49743443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:19.970660925 CEST4434974352.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:19.970789909 CEST49743443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:19.970797062 CEST4434974352.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:20.017929077 CEST49743443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:20.247829914 CEST4434974352.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:20.247874975 CEST4434974352.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:20.247912884 CEST4434974352.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:20.247925043 CEST4434974352.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:20.247941971 CEST49743443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:20.247981071 CEST4434974352.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:20.248001099 CEST49743443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:20.282402039 CEST49743443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:20.282536983 CEST4434974352.98.178.210192.168.2.6
                        Jun 14, 2024 00:28:20.282597065 CEST49743443192.168.2.652.98.178.210
                        Jun 14, 2024 00:28:25.209276915 CEST49744443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:25.209302902 CEST4434974440.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:25.209774017 CEST49744443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:25.210047960 CEST49744443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:25.210062981 CEST4434974440.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:26.287314892 CEST4434974440.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:26.287389994 CEST49744443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:26.289285898 CEST49744443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:26.289297104 CEST4434974440.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:26.289534092 CEST4434974440.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:26.291095972 CEST49744443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:26.291157961 CEST49744443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:26.291162968 CEST4434974440.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:26.291311026 CEST49744443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:26.332499981 CEST4434974440.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:26.529892921 CEST4434974440.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:26.530586004 CEST49744443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:26.530595064 CEST4434974440.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:26.530615091 CEST49744443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:26.530646086 CEST49744443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:28.639751911 CEST44349742216.58.206.68192.168.2.6
                        Jun 14, 2024 00:28:28.639825106 CEST44349742216.58.206.68192.168.2.6
                        Jun 14, 2024 00:28:28.639898062 CEST49742443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:28:29.227921009 CEST49745443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:29.227976084 CEST4434974540.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:29.228091002 CEST49745443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:29.229540110 CEST49745443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:29.229566097 CEST4434974540.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:30.126118898 CEST49742443192.168.2.6216.58.206.68
                        Jun 14, 2024 00:28:30.126137972 CEST44349742216.58.206.68192.168.2.6
                        Jun 14, 2024 00:28:30.303843975 CEST4434974540.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:30.303925991 CEST49745443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:30.306586027 CEST49745443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:30.306602001 CEST4434974540.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:30.306848049 CEST4434974540.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:30.309994936 CEST49745443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:30.310503960 CEST49745443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:30.310516119 CEST4434974540.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:30.310782909 CEST49745443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:30.352514029 CEST4434974540.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:30.550204039 CEST4434974540.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:30.553555965 CEST49745443192.168.2.640.113.110.67
                        Jun 14, 2024 00:28:30.553572893 CEST4434974540.113.110.67192.168.2.6
                        Jun 14, 2024 00:28:30.553715944 CEST49745443192.168.2.640.113.110.67
                        TimestampSource PortDest PortSource IPDest IP
                        Jun 14, 2024 00:27:13.927247047 CEST53517491.1.1.1192.168.2.6
                        Jun 14, 2024 00:27:13.972233057 CEST53493671.1.1.1192.168.2.6
                        Jun 14, 2024 00:27:15.218354940 CEST53570681.1.1.1192.168.2.6
                        Jun 14, 2024 00:27:15.482664108 CEST5092653192.168.2.61.1.1.1
                        Jun 14, 2024 00:27:15.482923031 CEST6184053192.168.2.61.1.1.1
                        Jun 14, 2024 00:27:15.496555090 CEST53509261.1.1.1192.168.2.6
                        Jun 14, 2024 00:27:15.496572971 CEST53618401.1.1.1192.168.2.6
                        Jun 14, 2024 00:27:15.553901911 CEST5456453192.168.2.61.1.1.1
                        Jun 14, 2024 00:27:15.554073095 CEST5053853192.168.2.61.1.1.1
                        Jun 14, 2024 00:27:15.564491034 CEST53505381.1.1.1192.168.2.6
                        Jun 14, 2024 00:27:15.567939997 CEST53545641.1.1.1192.168.2.6
                        Jun 14, 2024 00:27:16.464114904 CEST6222253192.168.2.61.1.1.1
                        Jun 14, 2024 00:27:16.464359999 CEST5116053192.168.2.61.1.1.1
                        Jun 14, 2024 00:27:16.472727060 CEST53510521.1.1.1192.168.2.6
                        Jun 14, 2024 00:27:16.473623037 CEST53511601.1.1.1192.168.2.6
                        Jun 14, 2024 00:27:16.474831104 CEST53622221.1.1.1192.168.2.6
                        Jun 14, 2024 00:27:17.912776947 CEST6030353192.168.2.61.1.1.1
                        Jun 14, 2024 00:27:17.913975954 CEST5413953192.168.2.61.1.1.1
                        Jun 14, 2024 00:27:17.922352076 CEST53603031.1.1.1192.168.2.6
                        Jun 14, 2024 00:27:17.923868895 CEST53541391.1.1.1192.168.2.6
                        Jun 14, 2024 00:27:18.051440001 CEST53513961.1.1.1192.168.2.6
                        Jun 14, 2024 00:27:32.287029028 CEST53534151.1.1.1192.168.2.6
                        Jun 14, 2024 00:27:51.259910107 CEST53519711.1.1.1192.168.2.6
                        Jun 14, 2024 00:28:13.460402012 CEST53648021.1.1.1192.168.2.6
                        Jun 14, 2024 00:28:14.210370064 CEST53632891.1.1.1192.168.2.6
                        Jun 14, 2024 00:28:17.413368940 CEST6538653192.168.2.61.1.1.1
                        Jun 14, 2024 00:28:17.413734913 CEST6347553192.168.2.61.1.1.1
                        Jun 14, 2024 00:28:17.422818899 CEST53653861.1.1.1192.168.2.6
                        Jun 14, 2024 00:28:17.424151897 CEST53634751.1.1.1192.168.2.6
                        Jun 14, 2024 00:28:18.821743011 CEST5994453192.168.2.61.1.1.1
                        Jun 14, 2024 00:28:18.821996927 CEST5125953192.168.2.61.1.1.1
                        Jun 14, 2024 00:28:18.830059052 CEST53512591.1.1.1192.168.2.6
                        Jun 14, 2024 00:28:18.831263065 CEST53599441.1.1.1192.168.2.6

                        DNS Queries

                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                        Jun 14, 2024 00:27:15.482664108 CEST192.168.2.61.1.1.10x7815Standard query (0)bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.linkA (IP address)IN (0x0001)false
                        Jun 14, 2024 00:27:15.482923031 CEST192.168.2.61.1.1.10x1b36Standard query (0)bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link65IN (0x0001)false
                        Jun 14, 2024 00:27:15.553901911 CEST192.168.2.61.1.1.10x40ddStandard query (0)bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.linkA (IP address)IN (0x0001)false
                        Jun 14, 2024 00:27:15.554073095 CEST192.168.2.61.1.1.10x5d2dStandard query (0)bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link65IN (0x0001)false
                        Jun 14, 2024 00:27:16.464114904 CEST192.168.2.61.1.1.10xc5acStandard query (0)stackpath.bootstrapcdn.comA (IP address)IN (0x0001)false
                        Jun 14, 2024 00:27:16.464359999 CEST192.168.2.61.1.1.10x350dStandard query (0)stackpath.bootstrapcdn.com65IN (0x0001)false
                        Jun 14, 2024 00:27:17.912776947 CEST192.168.2.61.1.1.10x5f53Standard query (0)www.google.comA (IP address)IN (0x0001)false
                        Jun 14, 2024 00:27:17.913975954 CEST192.168.2.61.1.1.10x47c7Standard query (0)www.google.com65IN (0x0001)false
                        Jun 14, 2024 00:28:17.413368940 CEST192.168.2.61.1.1.10x3379Standard query (0)outlook.live.comA (IP address)IN (0x0001)false
                        Jun 14, 2024 00:28:17.413734913 CEST192.168.2.61.1.1.10x4e0cStandard query (0)outlook.live.com65IN (0x0001)false
                        Jun 14, 2024 00:28:18.821743011 CEST192.168.2.61.1.1.10x2267Standard query (0)outlook.live.comA (IP address)IN (0x0001)false
                        Jun 14, 2024 00:28:18.821996927 CEST192.168.2.61.1.1.10x50ddStandard query (0)outlook.live.com65IN (0x0001)false

                        DNS Answers

                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                        Jun 14, 2024 00:27:15.496555090 CEST1.1.1.1192.168.2.60x7815No error (0)bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link209.94.90.2A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:27:15.496555090 CEST1.1.1.1192.168.2.60x7815No error (0)bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link209.94.90.3A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:27:15.496572971 CEST1.1.1.1192.168.2.60x1b36No error (0)bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link65IN (0x0001)false
                        Jun 14, 2024 00:27:15.564491034 CEST1.1.1.1192.168.2.60x5d2dNo error (0)bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link65IN (0x0001)false
                        Jun 14, 2024 00:27:15.567939997 CEST1.1.1.1192.168.2.60x40ddNo error (0)bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link209.94.90.2A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:27:15.567939997 CEST1.1.1.1192.168.2.60x40ddNo error (0)bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link209.94.90.3A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:27:16.473623037 CEST1.1.1.1192.168.2.60x350dNo error (0)stackpath.bootstrapcdn.com65IN (0x0001)false
                        Jun 14, 2024 00:27:16.474831104 CEST1.1.1.1192.168.2.60xc5acNo error (0)stackpath.bootstrapcdn.com104.18.11.207A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:27:16.474831104 CEST1.1.1.1192.168.2.60xc5acNo error (0)stackpath.bootstrapcdn.com104.18.10.207A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:27:17.922352076 CEST1.1.1.1192.168.2.60x5f53No error (0)www.google.com216.58.206.68A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:27:17.923868895 CEST1.1.1.1192.168.2.60x47c7No error (0)www.google.com65IN (0x0001)false
                        Jun 14, 2024 00:27:27.924444914 CEST1.1.1.1192.168.2.60xe1d0No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                        Jun 14, 2024 00:27:27.924444914 CEST1.1.1.1192.168.2.60xe1d0No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:27:40.960319042 CEST1.1.1.1192.168.2.60xd707No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                        Jun 14, 2024 00:27:40.960319042 CEST1.1.1.1192.168.2.60xd707No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:28:06.357613087 CEST1.1.1.1192.168.2.60x9bbfNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                        Jun 14, 2024 00:28:06.357613087 CEST1.1.1.1192.168.2.60x9bbfNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:28:17.422818899 CEST1.1.1.1192.168.2.60x3379No error (0)outlook.live.comolc-g2.tm-4.office.comCNAME (Canonical name)IN (0x0001)false
                        Jun 14, 2024 00:28:17.422818899 CEST1.1.1.1192.168.2.60x3379No error (0)olc-g2.tm-4.office.comoutlook.ms-acdc.office.comCNAME (Canonical name)IN (0x0001)false
                        Jun 14, 2024 00:28:17.422818899 CEST1.1.1.1192.168.2.60x3379No error (0)outlook.ms-acdc.office.comFRA-efz.ms-acdc.office.comCNAME (Canonical name)IN (0x0001)false
                        Jun 14, 2024 00:28:17.422818899 CEST1.1.1.1192.168.2.60x3379No error (0)FRA-efz.ms-acdc.office.com52.98.178.210A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:28:17.422818899 CEST1.1.1.1192.168.2.60x3379No error (0)FRA-efz.ms-acdc.office.com40.99.155.226A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:28:17.422818899 CEST1.1.1.1192.168.2.60x3379No error (0)FRA-efz.ms-acdc.office.com52.98.253.66A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:28:17.424151897 CEST1.1.1.1192.168.2.60x4e0cNo error (0)outlook.live.comolc-g2.tm-4.office.comCNAME (Canonical name)IN (0x0001)false
                        Jun 14, 2024 00:28:17.424151897 CEST1.1.1.1192.168.2.60x4e0cNo error (0)olc-g2.tm-4.office.comoutlook.ms-acdc.office.comCNAME (Canonical name)IN (0x0001)false
                        Jun 14, 2024 00:28:17.424151897 CEST1.1.1.1192.168.2.60x4e0cNo error (0)outlook.ms-acdc.office.comFRA-efz.ms-acdc.office.comCNAME (Canonical name)IN (0x0001)false
                        Jun 14, 2024 00:28:18.830059052 CEST1.1.1.1192.168.2.60x50ddNo error (0)outlook.live.comolc-g2.tm-4.office.comCNAME (Canonical name)IN (0x0001)false
                        Jun 14, 2024 00:28:18.831263065 CEST1.1.1.1192.168.2.60x2267No error (0)outlook.live.comolc-g2.tm-4.office.comCNAME (Canonical name)IN (0x0001)false
                        Jun 14, 2024 00:28:18.831263065 CEST1.1.1.1192.168.2.60x2267No error (0)olc-g2.tm-4.office.comoutlook.ms-acdc.office.comCNAME (Canonical name)IN (0x0001)false
                        Jun 14, 2024 00:28:18.831263065 CEST1.1.1.1192.168.2.60x2267No error (0)outlook.ms-acdc.office.comFRA-efz.ms-acdc.office.comCNAME (Canonical name)IN (0x0001)false
                        Jun 14, 2024 00:28:18.831263065 CEST1.1.1.1192.168.2.60x2267No error (0)FRA-efz.ms-acdc.office.com52.98.178.210A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:28:18.831263065 CEST1.1.1.1192.168.2.60x2267No error (0)FRA-efz.ms-acdc.office.com52.98.253.162A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:28:18.831263065 CEST1.1.1.1192.168.2.60x2267No error (0)FRA-efz.ms-acdc.office.com52.98.253.146A (IP address)IN (0x0001)false
                        Jun 14, 2024 00:28:26.825165033 CEST1.1.1.1192.168.2.60x38adNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                        Jun 14, 2024 00:28:26.825165033 CEST1.1.1.1192.168.2.60x38adNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false

                        HTTP Request Dependency Graph

                        • login.live.com
                        • ipinfo.io
                        • bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link
                        • https:
                          • stackpath.bootstrapcdn.com
                          • outlook.live.com
                        • fs.microsoft.com

                        HTTPS Proxied Packets

                        Session IDSource IPSource PortDestination IPDestination Port
                        0192.168.2.64970820.190.159.23443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:03 UTC422OUTPOST /RST2.srf HTTP/1.0
                        Connection: Keep-Alive
                        Content-Type: application/soap+xml
                        Accept: */*
                        User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                        Content-Length: 4775
                        Host: login.live.com
                        2024-06-13 22:27:03 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                        Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                        2024-06-13 22:27:03 UTC569INHTTP/1.1 200 OK
                        Cache-Control: no-store, no-cache
                        Pragma: no-cache
                        Content-Type: application/soap+xml; charset=utf-8
                        Expires: Thu, 13 Jun 2024 22:26:03 GMT
                        P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                        Referrer-Policy: strict-origin-when-cross-origin
                        x-ms-route-info: C558_BL2
                        x-ms-request-id: c655f83a-417a-4538-831d-f3df2ea50c2c
                        PPServer: PPV: 30 H: BL02EPF0001D997 V: 0
                        X-Content-Type-Options: nosniff
                        Strict-Transport-Security: max-age=31536000
                        X-XSS-Protection: 1; mode=block
                        Date: Thu, 13 Jun 2024 22:27:03 GMT
                        Connection: close
                        Content-Length: 11373
                        2024-06-13 22:27:03 UTC11373INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                        Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                        Session IDSource IPSource PortDestination IPDestination Port
                        1192.168.2.64970720.190.160.17443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:03 UTC422OUTPOST /RST2.srf HTTP/1.0
                        Connection: Keep-Alive
                        Content-Type: application/soap+xml
                        Accept: */*
                        User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                        Content-Length: 4694
                        Host: login.live.com
                        2024-06-13 22:27:03 UTC4694OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                        Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                        2024-06-13 22:27:03 UTC569INHTTP/1.1 200 OK
                        Cache-Control: no-store, no-cache
                        Pragma: no-cache
                        Content-Type: application/soap+xml; charset=utf-8
                        Expires: Thu, 13 Jun 2024 22:26:03 GMT
                        P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                        Referrer-Policy: strict-origin-when-cross-origin
                        x-ms-route-info: C558_SN1
                        x-ms-request-id: 247167b0-3c2a-4468-b5c2-ef60c3e82a79
                        PPServer: PPV: 30 H: SN1PEPF0002FA81 V: 0
                        X-Content-Type-Options: nosniff
                        Strict-Transport-Security: max-age=31536000
                        X-XSS-Protection: 1; mode=block
                        Date: Thu, 13 Jun 2024 22:27:03 GMT
                        Connection: close
                        Content-Length: 10857
                        2024-06-13 22:27:03 UTC10857INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                        Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                        Session IDSource IPSource PortDestination IPDestination Port
                        2192.168.2.64970934.117.186.192443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:03 UTC59OUTGET / HTTP/1.1
                        Host: ipinfo.io
                        Connection: Keep-Alive
                        2024-06-13 22:27:03 UTC513INHTTP/1.1 200 OK
                        server: nginx/1.24.0
                        date: Thu, 13 Jun 2024 22:27:03 GMT
                        content-type: application/json; charset=utf-8
                        Content-Length: 314
                        access-control-allow-origin: *
                        x-frame-options: SAMEORIGIN
                        x-xss-protection: 1; mode=block
                        x-content-type-options: nosniff
                        referrer-policy: strict-origin-when-cross-origin
                        x-envoy-upstream-service-time: 8
                        via: 1.1 google
                        strict-transport-security: max-age=2592000; includeSubDomains
                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                        Connection: close
                        2024-06-13 22:27:03 UTC314INData Raw: 7b 0a 20 20 22 69 70 22 3a 20 22 31 37 33 2e 32 35 34 2e 32 35 30 2e 39 31 22 2c 0a 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 31 37 33 2e 32 35 34 2e 32 35 30 2e 39 31 2e 73 74 61 74 69 63 2e 71 75 61 64 72 61 6e 65 74 2e 63 6f 6d 22 2c 0a 20 20 22 63 69 74 79 22 3a 20 22 44 61 6c 6c 61 73 22 2c 0a 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 54 65 78 61 73 22 2c 0a 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 22 6c 6f 63 22 3a 20 22 33 32 2e 38 31 35 32 2c 2d 39 36 2e 38 37 30 33 22 2c 0a 20 20 22 6f 72 67 22 3a 20 22 41 53 38 31 30 30 20 51 75 61 64 72 61 4e 65 74 20 45 6e 74 65 72 70 72 69 73 65 73 20 4c 4c 43 22 2c 0a 20 20 22 70 6f 73 74 61 6c 22 3a 20 22 37 35 32 34 37 22 2c 0a 20 20 22 74 69 6d 65 7a 6f 6e 65 22 3a 20 22 41 6d 65 72
                        Data Ascii: { "ip": "173.254.250.91", "hostname": "173.254.250.91.static.quadranet.com", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.8152,-96.8703", "org": "AS8100 QuadraNet Enterprises LLC", "postal": "75247", "timezone": "Amer


                        Session IDSource IPSource PortDestination IPDestination Port
                        3192.168.2.64971140.113.103.199443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:04 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 6a 79 78 6d 4e 75 35 31 4f 30 61 52 52 69 32 33 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 30 39 61 30 32 65 35 31 38 36 63 62 34 66 66 0d 0a 0d 0a
                        Data Ascii: CNT 1 CON 305MS-CV: jyxmNu51O0aRRi23.1Context: 709a02e5186cb4ff
                        2024-06-13 22:27:04 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                        2024-06-13 22:27:04 UTC1064OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 6a 79 78 6d 4e 75 35 31 4f 30 61 52 52 69 32 33 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 30 39 61 30 32 65 35 31 38 36 63 62 34 66 66 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 64 57 67 33 63 56 46 61 32 45 43 54 79 36 74 69 55 62 53 42 56 53 42 4e 6a 68 2f 41 42 6b 67 75 71 4a 38 33 36 6d 61 30 39 5a 36 55 68 76 39 4c 36 70 38 30 46 68 69 65 57 4d 66 7a 51 4f 32 54 61 36 37 31 32 55 4a 78 52 4a 6c 50 57 77 65 39 67 6e 4b 4f 69 58 77 53 70 6d 54 4c 35 53 31 72 7a 6f 33 64 33 52 6d 6c 75 6f 7a 75 51
                        Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: jyxmNu51O0aRRi23.2Context: 709a02e5186cb4ff<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAdWg3cVFa2ECTy6tiUbSBVSBNjh/ABkguqJ836ma09Z6Uhv9L6p80FhieWMfzQO2Ta6712UJxRJlPWwe9gnKOiXwSpmTL5S1rzo3d3RmluozuQ
                        2024-06-13 22:27:04 UTC74OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 6a 79 78 6d 4e 75 35 31 4f 30 61 52 52 69 32 33 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 30 39 61 30 32 65 35 31 38 36 63 62 34 66 66 0d 0a 0d 0a
                        Data Ascii: BND 3 CON\QOS 56MS-CV: jyxmNu51O0aRRi23.3Context: 709a02e5186cb4ff
                        2024-06-13 22:27:05 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                        Data Ascii: 202 1 CON 58
                        2024-06-13 22:27:05 UTC58INData Raw: 4d 53 2d 43 56 3a 20 38 4d 2b 42 78 7a 72 54 62 45 32 4b 48 47 2f 77 66 70 77 7a 57 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                        Data Ascii: MS-CV: 8M+BxzrTbE2KHG/wfpwzWA.0Payload parsing failed.


                        Session IDSource IPSource PortDestination IPDestination Port
                        4192.168.2.64971340.113.110.67443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:12 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 48 64 30 6c 4f 74 77 68 5a 30 53 58 55 30 4c 54 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 35 66 62 61 34 38 33 34 35 63 61 65 63 39 34 0d 0a 0d 0a
                        Data Ascii: CNT 1 CON 305MS-CV: Hd0lOtwhZ0SXU0LT.1Context: 95fba48345caec94
                        2024-06-13 22:27:12 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                        2024-06-13 22:27:12 UTC1064OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 48 64 30 6c 4f 74 77 68 5a 30 53 58 55 30 4c 54 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 35 66 62 61 34 38 33 34 35 63 61 65 63 39 34 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 64 57 67 33 63 56 46 61 32 45 43 54 79 36 74 69 55 62 53 42 56 53 42 4e 6a 68 2f 41 42 6b 67 75 71 4a 38 33 36 6d 61 30 39 5a 36 55 68 76 39 4c 36 70 38 30 46 68 69 65 57 4d 66 7a 51 4f 32 54 61 36 37 31 32 55 4a 78 52 4a 6c 50 57 77 65 39 67 6e 4b 4f 69 58 77 53 70 6d 54 4c 35 53 31 72 7a 6f 33 64 33 52 6d 6c 75 6f 7a 75 51
                        Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: Hd0lOtwhZ0SXU0LT.2Context: 95fba48345caec94<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAdWg3cVFa2ECTy6tiUbSBVSBNjh/ABkguqJ836ma09Z6Uhv9L6p80FhieWMfzQO2Ta6712UJxRJlPWwe9gnKOiXwSpmTL5S1rzo3d3RmluozuQ
                        2024-06-13 22:27:12 UTC74OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 48 64 30 6c 4f 74 77 68 5a 30 53 58 55 30 4c 54 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 35 66 62 61 34 38 33 34 35 63 61 65 63 39 34 0d 0a 0d 0a
                        Data Ascii: BND 3 CON\QOS 56MS-CV: Hd0lOtwhZ0SXU0LT.3Context: 95fba48345caec94
                        2024-06-13 22:27:12 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                        Data Ascii: 202 1 CON 58
                        2024-06-13 22:27:12 UTC58INData Raw: 4d 53 2d 43 56 3a 20 63 4a 31 66 4f 67 4a 72 54 30 4b 77 42 57 4a 72 66 34 35 35 6d 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                        Data Ascii: MS-CV: cJ1fOgJrT0KwBWJrf455mg.0Payload parsing failed.


                        Session IDSource IPSource PortDestination IPDestination Port
                        5192.168.2.64971940.113.110.67443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:16 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 4a 58 34 6a 66 35 44 63 4b 30 43 4f 30 35 4d 77 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 30 33 35 32 66 64 34 63 39 33 64 61 31 37 30 0d 0a 0d 0a
                        Data Ascii: CNT 1 CON 305MS-CV: JX4jf5DcK0CO05Mw.1Context: 90352fd4c93da170
                        2024-06-13 22:27:16 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                        2024-06-13 22:27:16 UTC1064OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 4a 58 34 6a 66 35 44 63 4b 30 43 4f 30 35 4d 77 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 30 33 35 32 66 64 34 63 39 33 64 61 31 37 30 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 64 57 67 33 63 56 46 61 32 45 43 54 79 36 74 69 55 62 53 42 56 53 42 4e 6a 68 2f 41 42 6b 67 75 71 4a 38 33 36 6d 61 30 39 5a 36 55 68 76 39 4c 36 70 38 30 46 68 69 65 57 4d 66 7a 51 4f 32 54 61 36 37 31 32 55 4a 78 52 4a 6c 50 57 77 65 39 67 6e 4b 4f 69 58 77 53 70 6d 54 4c 35 53 31 72 7a 6f 33 64 33 52 6d 6c 75 6f 7a 75 51
                        Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: JX4jf5DcK0CO05Mw.2Context: 90352fd4c93da170<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAdWg3cVFa2ECTy6tiUbSBVSBNjh/ABkguqJ836ma09Z6Uhv9L6p80FhieWMfzQO2Ta6712UJxRJlPWwe9gnKOiXwSpmTL5S1rzo3d3RmluozuQ
                        2024-06-13 22:27:16 UTC218OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 4a 58 34 6a 66 35 44 63 4b 30 43 4f 30 35 4d 77 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 30 33 35 32 66 64 34 63 39 33 64 61 31 37 30 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                        Data Ascii: BND 3 CON\WNS 0 197MS-CV: JX4jf5DcK0CO05Mw.3Context: 90352fd4c93da170<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                        2024-06-13 22:27:16 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                        Data Ascii: 202 1 CON 58
                        2024-06-13 22:27:16 UTC58INData Raw: 4d 53 2d 43 56 3a 20 33 77 31 48 4e 31 39 36 44 45 61 73 63 41 37 6a 59 64 34 38 78 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                        Data Ascii: MS-CV: 3w1HN196DEascA7jYd48xw.0Payload parsing failed.


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        6192.168.2.649720209.94.90.24434152C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:16 UTC717OUTGET / HTTP/1.1
                        Host: bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link
                        Connection: keep-alive
                        Upgrade-Insecure-Requests: 1
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                        Sec-Fetch-Site: none
                        Sec-Fetch-Mode: navigate
                        Sec-Fetch-User: ?1
                        Sec-Fetch-Dest: document
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        sec-ch-ua-mobile: ?0
                        sec-ch-ua-platform: "Windows"
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-06-13 22:27:16 UTC1071INHTTP/1.1 200 OK
                        Date: Thu, 13 Jun 2024 22:27:16 GMT
                        Content-Type: text/html
                        Transfer-Encoding: chunked
                        Connection: close
                        access-control-allow-headers: Content-Type
                        access-control-allow-headers: Range
                        access-control-allow-headers: User-Agent
                        access-control-allow-headers: X-Requested-With
                        access-control-allow-methods: GET
                        access-control-allow-methods: HEAD
                        access-control-allow-methods: OPTIONS
                        access-control-allow-origin: *
                        access-control-expose-headers: Content-Length
                        access-control-expose-headers: Content-Range
                        access-control-expose-headers: X-Chunked-Output
                        access-control-expose-headers: X-Ipfs-Path
                        access-control-expose-headers: X-Ipfs-Roots
                        access-control-expose-headers: X-Stream-Output
                        Cache-Control: public, max-age=29030400, immutable
                        x-ipfs-path: /ipfs/bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u/
                        x-ipfs-roots: bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u
                        x-ipfs-pop: rainbow-sv15-03
                        CF-Cache-Status: HIT
                        Age: 39898
                        Server: cloudflare
                        CF-RAY: 893581ca9b554653-DFW
                        alt-svc: h3=":443"; ma=86400
                        2024-06-13 22:27:16 UTC298INData Raw: 37 62 38 32 0d 0a 3c 68 65 61 64 3e 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6f 75 74 6c 6f 6f 6b 2e 6c 69 76 65 2e 63 6f 6d 2f 6d 61 69 6c 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 09 09 3c 74 69 74 6c 65 3e 4f 75 74 6c 6f 6f 6b 3c 2f 74 69 74 6c 65 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69
                        Data Ascii: 7b82<head><link rel="shortcut icon" type="image/x-icon" href="https://outlook.live.com/mail/favicon.ico"><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Outlook</title><meta name="viewport" content="width=device-wi
                        2024-06-13 22:27:16 UTC1369INData Raw: 66 6f 6e 74 2d 66 61 63 65 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 77 66 5f 73 65 67 6f 65 2d 75 69 5f 6e 6f 72 6d 61 6c 22 3b 20 73 72 63 3a 20 75 72 6c 28 22 2f 6f 77 61 2f 61 75 74 68 2f 31 35 2e 32 2e 31 32 35 38 2f 74 68 65 6d 65 73 2f 72 65 73 6f 75 72 63 65 73 2f 73 65 67 6f 65 75 69 2d 72 65 67 75 6c 61 72 2e 65 6f 74 3f 23 69 65 66 69 78 22 29 20 66 6f 72 6d 61 74 28 22 65 6d 62 65 64 64 65 64 2d 6f 70 65 6e 74 79 70 65 22 29 2c 20 75 72 6c 28 22 2f 6f 77 61 2f 61 75 74 68 2f 31 35 2e 32 2e 31 32 35 38 2f 74 68 65 6d 65 73 2f 72 65 73 6f 75 72 63 65 73 2f 73 65 67 6f 65 75 69 2d 72 65 67 75 6c 61 72 2e 74 74 66 22 29 20 66 6f 72 6d 61 74 28 22 74 72 75 65 74 79 70 65 22 29 3b 7d 40 66 6f 6e 74 2d 66 61 63 65 20 7b 20 66 6f 6e 74 2d 66
                        Data Ascii: font-face { font-family: "wf_segoe-ui_normal"; src: url("/owa/auth/15.2.1258/themes/resources/segoeui-regular.eot?#iefix") format("embedded-opentype"), url("/owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf") format("truetype");}@font-face { font-f
                        2024-06-13 22:27:16 UTC1369INData Raw: 67 6f 20 61 6c 69 67 6e 73 20 6c 65 66 74 20 66 6f 72 20 62 6f 74 68 20 6c 74 72 20 26 20 72 74 6c 20 2a 2f 7d 2e 74 6e 61 72 72 6f 77 20 2e 6f 77 61 4c 6f 67 6f 20 7b 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 7d 2e 6d 6f 75 73 65 20 2e 6f 77 61 4c 6f 67 6f 53 6d 61 6c 6c 2c 20 2e 74 77 69 64 65 20 2e 6f 77 61 4c 6f 67 6f 53 6d 61 6c 6c 7b 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 7d 2e 6c 6f 67 6f 6e 44 69 76 20 7b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 3b 7d 2e 72 74 6c 20 2e 6c 6f 67 6f 6e 44 69 76 20 7b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 3b 7d 2e 6d 6f 75 73 65 20 2e 6c 6f 67 6f 6e 43 6f 6e 74 61 69 6e 65 72 2c 20 2e 74 77 69 64 65 20 2e 6c 6f 67 6f 6e 43 6f 6e 74 61 69 6e 65 72 7b 20 70 61 64 64 69 6e 67 2d 74 6f 70 3a
                        Data Ascii: go aligns left for both ltr & rtl */}.tnarrow .owaLogo { display: none;}.mouse .owaLogoSmall, .twide .owaLogoSmall{ display: none;}.logonDiv { text-align:left;}.rtl .logonDiv { text-align:right;}.mouse .logonContainer, .twide .logonContainer{ padding-top:
                        2024-06-13 22:27:16 UTC1369INData Raw: 73 69 7a 69 6e 67 3a 20 63 6f 6e 74 65 6e 74 2d 62 6f 78 3b 20 2d 6d 6f 7a 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 63 6f 6e 74 65 6e 74 2d 62 6f 78 3b 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 63 6f 6e 74 65 6e 74 2d 62 6f 78 3b 7d 2e 6d 6f 75 73 65 20 2e 73 69 67 6e 49 6e 49 6e 70 75 74 54 65 78 74 20 7b 20 68 65 69 67 68 74 3a 20 32 32 70 78 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 20 70 61 64 64 69 6e 67 3a 20 33 70 78 20 35 70 78 3b 20 63 6f 6c 6f 72 3a 20 23 33 33 33 33 33 33 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 77 66 5f 73 65 67 6f 65 2d 75 69 5f 6e 6f 72 6d 61 6c 27 2c 20 27 53 65 67 6f 65 20 55 49 27 2c 20 27 53 65 67 6f 65 20 57 50 27 2c 20 54 61 68 6f 6d 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72
                        Data Ascii: sizing: content-box; -moz-box-sizing: content-box; -webkit-box-sizing: content-box;}.mouse .signInInputText { height: 22px; font-size: 12px; padding: 3px 5px; color: #333333;font-family:'wf_segoe-ui_normal', 'Segoe UI', 'Segoe WP', Tahoma, Arial, sans-ser
                        2024-06-13 22:27:16 UTC1369INData Raw: 72 67 69 6e 3a 20 30 70 78 20 36 70 78 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 7d 2e 62 74 6e 4f 6e 4d 73 65 4f 76 72 7b 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 39 62 31 33 33 3b 62 6f 72 64 65 72 3a 20 30 70 78 3b 20 70 61 64 64 69 6e 67 3a 20 32 70 78 20 36 70 78 3b 20 6d 61 72 67 69 6e 3a 20 30 70 78 20 36 70 78 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 7d 2e 62 74 6e 4f 6e 4d 73 65 44 77 6e 7b 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 39 62 31 33 33 3b 62 6f 72 64 65 72 3a 20 30 70 78 20 73 6f 6c 69 64 20 23 66 39 62 31 33 33 3b 70 61 64 64 69 6e 67 3a 20 32 70 78 20 36 70 78 3b 20 6d 61
                        Data Ascii: rgin: 0px 6px; text-align:center;}.btnOnMseOvr{color: #ffffff;background-color: #f9b133;border: 0px; padding: 2px 6px; margin: 0px 6px; text-align:center;}.btnOnMseDwn{color: #000000;background-color: #f9b133;border: 0px solid #f9b133;padding: 2px 6px; ma
                        2024-06-13 22:27:16 UTC1369INData Raw: 2d 75 69 5f 6e 6f 72 6d 61 6c 27 2c 20 27 53 65 67 6f 65 20 55 49 27 2c 20 27 53 65 67 6f 65 20 57 50 27 2c 20 54 61 68 6f 6d 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 38 70 78 3b 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 7d 2e 73 69 67 6e 49 6e 49 6e 70 75 74 4c 61 62 65 6c 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 63 6f 6c 6f 72 3a 23 36 36 36 36 36 36 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 77 66 5f 73 65 67 6f 65 2d 75 69 5f 6e 6f 72 6d 61 6c 27 2c 20 27 53 65 67 6f 65 20 55 49 27 2c 20 27 53 65 67 6f 65 20 57 50 27 2c 20 54 61 68 6f 6d 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 7d 2e 73 69 67 6e 49 6e 43 68 65 63 6b 42 6f 78 54 65 78 74 7b
                        Data Ascii: -ui_normal', 'Segoe UI', 'Segoe WP', Tahoma, Arial, sans-serif;margin-bottom:18px;white-space: nowrap;}.signInInputLabel{font-size:12px;color:#666666;font-family:'wf_segoe-ui_normal', 'Segoe UI', 'Segoe WP', Tahoma, Arial, sans-serif;}.signInCheckBoxText{
                        2024-06-13 22:27:16 UTC1369INData Raw: 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 7d 2e 6d 6f 75 73 65 20 2e 73 68 65 6c 6c 44 69 61 6c 6f 67 75 65 48 65 61 64 20 7b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 33 35 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 7d 2e 74 77 69 64 65 20 2e 73 68 65 6c 6c 44 69 61 6c 6f 67 75 65 48 65 61 64 2c 20 2e 74 6e 61 72 72 6f 77 20 2e 73 68 65 6c 6c 44 69 61 6c 6f 67 75 65 48 65 61 64 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 33 34 70 78 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 32 70 78 3b 7d 2e 73 68 65 6c 6c 44 69 61 6c 6f 67 75 65 4d 73 67 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 33 70 78 3b 63 6f 6c 6f 72 3a 23 33 33 33 33 33 33 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 77 66 5f 73 65 67 6f 65 2d 75 69 5f 6e 6f 72
                        Data Ascii: Arial, sans-serif;}.mouse .shellDialogueHead { line-height: 35px; margin-bottom: 10px;}.twide .shellDialogueHead, .tnarrow .shellDialogueHead{line-height:34px;margin-bottom: 12px;}.shellDialogueMsg{font-size:13px;color:#333333;font-family:'wf_segoe-ui_nor
                        2024-06-13 22:27:16 UTC1369INData Raw: 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 7d 69 6e 70 75 74 2e 63 68 6b 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 39 70 78 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 7d 2e 69 6d 67 4c 6e 6b 7b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 6d 69 64 64 6c 65 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 32 70 78 3b 7d 2e 73 69 67 6e 69 6e 54 78 74 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 31 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 31 70 78 3b 20 2f 2a 20 4e 65 65 64 65 64 20 66 6f 72 20 52 54 4c 2c 20 64 6f 65 73 6e 74 20 68 75 72 74 20 74 6f 20 61 64 64 20 74 68 69 73 20 66 6f 72 20 4c 54 52 20 61 73 20 77 65 6c 6c 20 2a 2f 7d 2e 68 69 64 64 65 6e 2d
                        Data Ascii: , sans-serif;margin-top:5px;}input.chk{margin-right:9px;margin-left:0px;}.imgLnk{vertical-align: middle;line-height:2;margin-top: -2px;}.signinTxt{padding-left:11px;padding-right:11px; /* Needed for RTL, doesnt hurt to add this for LTR as well */}.hidden-
                        2024-06-13 22:27:16 UTC1369INData Raw: 64 33 4d 69 49 48 68 74 63 44 70 44 63 6d 56 68 64 47 56 45 59 58 52 6c 50 53 49 79 4d 44 45 79 4c 54 41 31 4c 54 45 31 56 44 45 7a 4f 6a 45 77 4f 6a 55 35 4c 54 41 33 4f 6a 41 77 49 69 42 34 62 58 41 36 54 57 39 6b 61 57 5a 35 52 47 46 30 5a 54 30 69 4d 6a 41 78 4d 69 30 77 4e 53 30 78 4e 56 51 78 4d 7a 6f 78 4d 54 6f 30 4e 69 30 77 4e 7a 6f 77 4d 43 49 67 65 47 31 77 4f 6b 31 6c 64 47 46 6b 59 58 52 68 52 47 46 30 5a 54 30 69 4d 6a 41 78 4d 69 30 77 4e 53 30 78 4e 56 51 78 4d 7a 6f 78 4d 54 6f 30 4e 69 30 77 4e 7a 6f 77 4d 43 49 67 5a 47 4d 36 5a 6d 39 79 62 57 46 30 50 53 4a 70 62 57 46 6e 5a 53 39 77 62 6d 63 69 49 48 68 74 63 45 31 4e 4f 6b 6c 75 63 33 52 68 62 6d 4e 6c 53 55 51 39 49 6e 68 74 63 43 35 70 61 57 51 36 4d 7a 49 32 4e 54 41 7a 4e 6a 51
                        Data Ascii: d3MiIHhtcDpDcmVhdGVEYXRlPSIyMDEyLTA1LTE1VDEzOjEwOjU5LTA3OjAwIiB4bXA6TW9kaWZ5RGF0ZT0iMjAxMi0wNS0xNVQxMzoxMTo0Ni0wNzowMCIgeG1wOk1ldGFkYXRhRGF0ZT0iMjAxMi0wNS0xNVQxMzoxMTo0Ni0wNzowMCIgZGM6Zm9ybWF0PSJpbWFnZS9wbmciIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6MzI2NTAzNjQ
                        2024-06-13 22:27:16 UTC1369INData Raw: 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 4c 6f 67 6f 6e 44 69 76 22 29 3b 0d 0a 20 20 20 20 20 20 20 20 6d 61 69 6e 4c 6f 67 6f 6e 44 69 76 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 6d 61 69 6e 4c 6f 67 6f 6e 44 69 76 43 6c 61 73 73 4e 61 6d 65 3b 0d 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 69 64 65 62 61 72 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 77 61 4c 6f 67 6f 43 6f 6e 74 61 69 6e 65 72 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6d 67 20 73 72 63 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 70 6e 67 3b 62 61 73 65 36 34 2c 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 41 49 41 41 41 41 42 73 43 41 59 41
                        Data Ascii: nt.getElementById("mainLogonDiv"); mainLogonDiv.className = mainLogonDivClassName; </script> <div class="sidebar"> <div class="owaLogoContainer"> <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAABsCAYA


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        7192.168.2.649724104.18.11.2074434152C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:17 UTC619OUTGET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
                        Host: stackpath.bootstrapcdn.com
                        Connection: keep-alive
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        sec-ch-ua-mobile: ?0
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        sec-ch-ua-platform: "Windows"
                        Accept: */*
                        Sec-Fetch-Site: cross-site
                        Sec-Fetch-Mode: no-cors
                        Sec-Fetch-Dest: script
                        Referer: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-06-13 22:27:17 UTC946INHTTP/1.1 200 OK
                        Date: Thu, 13 Jun 2024 22:27:17 GMT
                        Content-Type: application/javascript; charset=utf-8
                        Transfer-Encoding: chunked
                        Connection: close
                        Vary: Accept-Encoding
                        CDN-PullZone: 252412
                        CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
                        CDN-RequestCountryCode: US
                        Access-Control-Allow-Origin: *
                        Cache-Control: public, max-age=31919000
                        ETag: W/"67176c242e1bdc20603c878dee836df3"
                        Last-Modified: Mon, 25 Jan 2021 22:04:06 GMT
                        CDN-ProxyVer: 1.03
                        CDN-RequestPullSuccess: True
                        CDN-RequestPullCode: 200
                        CDN-CachedAt: 12/08/2022 21:02:39
                        CDN-EdgeStorageId: 871
                        timing-allow-origin: *
                        cross-origin-resource-policy: cross-origin
                        X-Content-Type-Options: nosniff
                        CDN-Status: 200
                        CDN-RequestId: 7234b26822f9dfc4ef4bddd540bb9d13
                        CDN-Cache: HIT
                        CF-Cache-Status: HIT
                        Age: 8724450
                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                        Server: cloudflare
                        CF-RAY: 893581d0299372f8-DFW
                        alt-svc: h3=":443"; ma=86400
                        2024-06-13 22:27:17 UTC423INData Raw: 37 63 30 31 0d 0a 2f 2a 21 0a 20 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 34 2e 31 2e 33 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0a 20 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 38 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 67 72 61 70 68 73 2f 63 6f 6e 74 72 69 62 75 74 6f 72 73 29 0a 20 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 20 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28
                        Data Ascii: 7c01/*! * Bootstrap v4.1.3 (https://getbootstrap.com/) * Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors) * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) */!function(
                        2024-06-13 22:27:17 UTC1369INData Raw: 65 72 79 22 2c 22 70 6f 70 70 65 72 2e 6a 73 22 5d 2c 65 29 3a 65 28 74 2e 62 6f 6f 74 73 74 72 61 70 3d 7b 7d 2c 74 2e 6a 51 75 65 72 79 2c 74 2e 50 6f 70 70 65 72 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 68 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 69 28 74 2c 65 29 7b 66 6f 72 28 76 61 72 20 6e 3d 30 3b 6e 3c 65 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 7b 76 61 72 20 69 3d 65 5b 6e 5d 3b 69 2e 65 6e 75 6d 65 72 61 62 6c 65 3d 69 2e 65 6e 75 6d 65 72 61 62 6c 65 7c 7c 21 31 2c 69 2e 63 6f 6e 66 69 67 75 72 61 62 6c 65 3d 21 30 2c 22 76 61 6c 75 65 22 69 6e 20 69 26 26 28 69 2e 77 72 69 74 61 62 6c 65 3d 21 30 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 74 2c 69 2e 6b 65 79 2c 69
                        Data Ascii: ery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,h){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i
                        2024-06-13 22:27:17 UTC1369INData Raw: 6e 2c 55 6e 2c 71 6e 2c 46 6e 3d 66 75 6e 63 74 69 6f 6e 28 69 29 7b 76 61 72 20 65 3d 22 74 72 61 6e 73 69 74 69 6f 6e 65 6e 64 22 3b 66 75 6e 63 74 69 6f 6e 20 74 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 2c 6e 3d 21 31 3b 72 65 74 75 72 6e 20 69 28 74 68 69 73 29 2e 6f 6e 65 28 6c 2e 54 52 41 4e 53 49 54 49 4f 4e 5f 45 4e 44 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 3d 21 30 7d 29 2c 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 7c 7c 6c 2e 74 72 69 67 67 65 72 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 28 65 29 7d 2c 74 29 2c 74 68 69 73 7d 76 61 72 20 6c 3d 7b 54 52 41 4e 53 49 54 49 4f 4e 5f 45 4e 44 3a 22 62 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 22 2c 67 65 74 55 49 44 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 66 6f 72 28 3b 74 2b
                        Data Ascii: n,Un,qn,Fn=function(i){var e="transitionend";function t(t){var e=this,n=!1;return i(this).one(l.TRANSITION_END,function(){n=!0}),setTimeout(function(){n||l.triggerTransitionEnd(e)},t),this}var l={TRANSITION_END:"bsTransitionEnd",getUID:function(t){for(;t+
                        2024-06-13 22:27:17 UTC1369INData Raw: 67 75 6d 65 6e 74 73 29 7d 7d 2c 6c 7d 28 65 29 2c 4b 6e 3d 28 6e 3d 22 61 6c 65 72 74 22 2c 61 3d 22 2e 22 2b 28 6f 3d 22 62 73 2e 61 6c 65 72 74 22 29 2c 63 3d 28 72 3d 65 29 2e 66 6e 5b 6e 5d 2c 75 3d 7b 43 4c 4f 53 45 3a 22 63 6c 6f 73 65 22 2b 61 2c 43 4c 4f 53 45 44 3a 22 63 6c 6f 73 65 64 22 2b 61 2c 43 4c 49 43 4b 5f 44 41 54 41 5f 41 50 49 3a 22 63 6c 69 63 6b 22 2b 61 2b 22 2e 64 61 74 61 2d 61 70 69 22 7d 2c 66 3d 22 61 6c 65 72 74 22 2c 64 3d 22 66 61 64 65 22 2c 67 3d 22 73 68 6f 77 22 2c 5f 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 69 28 74 29 7b 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 74 7d 76 61 72 20 74 3d 69 2e 70 72 6f 74 6f 74 79 70 65 3b 72 65 74 75 72 6e 20 74 2e 63 6c 6f 73 65 3d 66 75 6e 63 74 69 6f 6e 28 74
                        Data Ascii: guments)}},l}(e),Kn=(n="alert",a="."+(o="bs.alert"),c=(r=e).fn[n],u={CLOSE:"close"+a,CLOSED:"closed"+a,CLICK_DATA_API:"click"+a+".data-api"},f="alert",d="fade",g="show",_=function(){function i(t){this._element=t}var t=i.prototype;return t.close=function(t
                        2024-06-13 22:27:17 UTC1369INData Raw: 20 5f 29 29 2c 72 2e 66 6e 5b 6e 5d 3d 5f 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 2c 72 2e 66 6e 5b 6e 5d 2e 43 6f 6e 73 74 72 75 63 74 6f 72 3d 5f 2c 72 2e 66 6e 5b 6e 5d 2e 6e 6f 43 6f 6e 66 6c 69 63 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 72 2e 66 6e 5b 6e 5d 3d 63 2c 5f 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 7d 2c 5f 29 2c 4d 6e 3d 28 70 3d 22 62 75 74 74 6f 6e 22 2c 79 3d 22 2e 22 2b 28 76 3d 22 62 73 2e 62 75 74 74 6f 6e 22 29 2c 45 3d 22 2e 64 61 74 61 2d 61 70 69 22 2c 43 3d 28 6d 3d 65 29 2e 66 6e 5b 70 5d 2c 54 3d 22 61 63 74 69 76 65 22 2c 62 3d 22 62 74 6e 22 2c 49 3d 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 5e 3d 22 62 75 74 74 6f 6e 22 5d 27 2c 41 3d 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 3d 22 62 75
                        Data Ascii: _)),r.fn[n]=_._jQueryInterface,r.fn[n].Constructor=_,r.fn[n].noConflict=function(){return r.fn[n]=c,_._jQueryInterface},_),Mn=(p="button",y="."+(v="bs.button"),E=".data-api",C=(m=e).fn[p],T="active",b="btn",I='[data-toggle^="button"]',A='[data-toggle="bu
                        2024-06-13 22:27:17 UTC1369INData Raw: 29 3b 76 61 72 20 65 3d 74 2e 74 61 72 67 65 74 3b 6d 28 65 29 2e 68 61 73 43 6c 61 73 73 28 62 29 7c 7c 28 65 3d 6d 28 65 29 2e 63 6c 6f 73 65 73 74 28 4e 29 29 2c 6b 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 2e 63 61 6c 6c 28 6d 28 65 29 2c 22 74 6f 67 67 6c 65 22 29 7d 29 2e 6f 6e 28 4f 2e 46 4f 43 55 53 5f 42 4c 55 52 5f 44 41 54 41 5f 41 50 49 2c 49 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 6d 28 74 2e 74 61 72 67 65 74 29 2e 63 6c 6f 73 65 73 74 28 4e 29 5b 30 5d 3b 6d 28 65 29 2e 74 6f 67 67 6c 65 43 6c 61 73 73 28 53 2c 2f 5e 66 6f 63 75 73 28 69 6e 29 3f 24 2f 2e 74 65 73 74 28 74 2e 74 79 70 65 29 29 7d 29 2c 6d 2e 66 6e 5b 70 5d 3d 6b 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 2c 6d 2e 66 6e 5b 70 5d 2e 43 6f 6e
                        Data Ascii: );var e=t.target;m(e).hasClass(b)||(e=m(e).closest(N)),k._jQueryInterface.call(m(e),"toggle")}).on(O.FOCUS_BLUR_DATA_API,I,function(t){var e=m(t.target).closest(N)[0];m(e).toggleClass(S,/^focus(in)?$/.test(t.type))}),m.fn[p]=k._jQueryInterface,m.fn[p].Con
                        2024-06-13 22:27:17 UTC1369INData Raw: 6c 65 63 74 6f 72 28 6e 74 29 2c 74 68 69 73 2e 5f 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 73 28 29 7d 76 61 72 20 74 3d 6f 2e 70 72 6f 74 6f 74 79 70 65 3b 72 65 74 75 72 6e 20 74 2e 6e 65 78 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 69 73 53 6c 69 64 69 6e 67 7c 7c 74 68 69 73 2e 5f 73 6c 69 64 65 28 71 29 7d 2c 74 2e 6e 65 78 74 57 68 65 6e 56 69 73 69 62 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 21 64 6f 63 75 6d 65 6e 74 2e 68 69 64 64 65 6e 26 26 50 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 69 73 28 22 3a 76 69 73 69 62 6c 65 22 29 26 26 22 68 69 64 64 65 6e 22 21 3d 3d 50 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 63 73 73 28 22 76 69 73 69 62 69 6c 69 74 79 22 29 26 26 74 68 69 73 2e 6e 65 78 74 28 29 7d 2c 74 2e
                        Data Ascii: lector(nt),this._addEventListeners()}var t=o.prototype;return t.next=function(){this._isSliding||this._slide(q)},t.nextWhenVisible=function(){!document.hidden&&P(this._element).is(":visible")&&"hidden"!==P(this._element).css("visibility")&&this.next()},t.
                        2024-06-13 22:27:17 UTC1369INData Raw: 74 3d 6c 28 7b 7d 2c 57 2c 74 29 2c 46 6e 2e 74 79 70 65 43 68 65 63 6b 43 6f 6e 66 69 67 28 6a 2c 74 2c 55 29 2c 74 7d 2c 74 2e 5f 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 68 69 73 3b 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 6b 65 79 62 6f 61 72 64 26 26 50 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 6f 6e 28 51 2e 4b 45 59 44 4f 57 4e 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 2e 5f 6b 65 79 64 6f 77 6e 28 74 29 7d 29 2c 22 68 6f 76 65 72 22 3d 3d 3d 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 70 61 75 73 65 26 26 28 50 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 6f 6e 28 51 2e 4d 4f 55 53 45 45 4e 54 45 52 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20
                        Data Ascii: t=l({},W,t),Fn.typeCheckConfig(j,t,U),t},t._addEventListeners=function(){var e=this;this._config.keyboard&&P(this._element).on(Q.KEYDOWN,function(t){return e._keydown(t)}),"hover"===this._config.pause&&(P(this._element).on(Q.MOUSEENTER,function(t){return
                        2024-06-13 22:27:17 UTC1369INData Raw: 28 74 68 69 73 2e 5f 69 6e 64 69 63 61 74 6f 72 73 45 6c 65 6d 65 6e 74 29 7b 76 61 72 20 65 3d 5b 5d 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 74 68 69 73 2e 5f 69 6e 64 69 63 61 74 6f 72 73 45 6c 65 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 24 29 29 3b 50 28 65 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 56 29 3b 76 61 72 20 6e 3d 74 68 69 73 2e 5f 69 6e 64 69 63 61 74 6f 72 73 45 6c 65 6d 65 6e 74 2e 63 68 69 6c 64 72 65 6e 5b 74 68 69 73 2e 5f 67 65 74 49 74 65 6d 49 6e 64 65 78 28 74 29 5d 3b 6e 26 26 50 28 6e 29 2e 61 64 64 43 6c 61 73 73 28 56 29 7d 7d 2c 74 2e 5f 73 6c 69 64 65 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 6e 2c 69 2c 72 2c 6f 3d 74 68 69 73 2c 73 3d 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 71 75 65 72
                        Data Ascii: (this._indicatorsElement){var e=[].slice.call(this._indicatorsElement.querySelectorAll($));P(e).removeClass(V);var n=this._indicatorsElement.children[this._getItemIndex(t)];n&&P(n).addClass(V)}},t._slide=function(t,e){var n,i,r,o=this,s=this._element.quer
                        2024-06-13 22:27:17 UTC1369INData Raw: 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 6e 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 74 5b 6e 5d 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 27 4e 6f 20 6d 65 74 68 6f 64 20 6e 61 6d 65 64 20 22 27 2b 6e 2b 27 22 27 29 3b 74 5b 6e 5d 28 29 7d 65 6c 73 65 20 65 2e 69 6e 74 65 72 76 61 6c 26 26 28 74 2e 70 61 75 73 65 28 29 2c 74 2e 63 79 63 6c 65 28 29 29 7d 29 7d 2c 6f 2e 5f 64 61 74 61 41 70 69 43 6c 69 63 6b 48 61 6e 64 6c 65 72 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 46 6e 2e 67 65 74 53 65 6c 65 63 74 6f 72 46 72 6f 6d 45 6c 65 6d 65 6e 74 28 74 68 69 73 29 3b 69 66 28 65 29 7b 76 61 72 20 6e 3d 50 28 65 29 5b 30 5d 3b 69 66 28 6e 26 26 50 28 6e 29 2e 68 61 73 43 6c 61 73 73 28 42 29
                        Data Ascii: ing"==typeof n){if("undefined"==typeof t[n])throw new TypeError('No method named "'+n+'"');t[n]()}else e.interval&&(t.pause(),t.cycle())})},o._dataApiClickHandler=function(t){var e=Fn.getSelectorFromElement(this);if(e){var n=P(e)[0];if(n&&P(n).hasClass(B)


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        8192.168.2.649725209.94.90.24434152C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:17 UTC775OUTGET /owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf HTTP/1.1
                        Host: bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link
                        Connection: keep-alive
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        Origin: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link
                        sec-ch-ua-mobile: ?0
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        sec-ch-ua-platform: "Windows"
                        Accept: */*
                        Sec-Fetch-Site: same-origin
                        Sec-Fetch-Mode: cors
                        Sec-Fetch-Dest: font
                        Referer: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-06-13 22:28:17 UTC1215INHTTP/1.1 404 Not Found
                        Date: Thu, 13 Jun 2024 22:28:17 GMT
                        Content-Type: text/plain; charset=utf-8
                        Content-Length: 227
                        Connection: close
                        access-control-allow-headers: Content-Type
                        access-control-allow-headers: Range
                        access-control-allow-headers: User-Agent
                        access-control-allow-headers: X-Requested-With
                        access-control-allow-methods: GET
                        access-control-allow-methods: HEAD
                        access-control-allow-methods: OPTIONS
                        access-control-allow-origin: *
                        access-control-expose-headers: Content-Length
                        access-control-expose-headers: Content-Range
                        access-control-expose-headers: X-Chunked-Output
                        access-control-expose-headers: X-Ipfs-Path
                        access-control-expose-headers: X-Ipfs-Roots
                        access-control-expose-headers: X-Stream-Output
                        x-content-type-options: nosniff
                        x-ipfs-path: /ipfs/bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u/owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf
                        x-ipfs-pop: rainbow-ny5-04
                        cache-control: public, max-age=0
                        CF-Cache-Status: EXPIRED
                        Set-Cookie: __cflb=0H28uueNjc7tVFoaMJ379GKnRjnqwz2CFaPNGTSWjLx; SameSite=None; Secure; path=/; expires=Fri, 14-Jun-24 21:28:17 GMT; HttpOnly
                        Server: cloudflare
                        CF-RAY: 893581d07cce2e2a-DFW
                        alt-svc: h3=":443"; ma=86400
                        2024-06-13 22:28:17 UTC154INData Raw: 66 61 69 6c 65 64 20 74 6f 20 72 65 73 6f 6c 76 65 20 2f 69 70 66 73 2f 62 61 66 79 62 65 69 67 6d 62 71 76 73 69 32 33 36 32 63 68 72 37 65 66 74 74 72 32 63 6a 6c 68 79 6c 6b 7a 37 76 64 65 6d 32 33 63 6e 77 73 6c 34 7a 73 6d 61 62 75 69 73 34 75 2f 6f 77 61 2f 61 75 74 68 2f 31 35 2e 32 2e 31 32 35 38 2f 74 68 65 6d 65 73 2f 72 65 73 6f 75 72 63 65 73 2f 73 65 67 6f 65 75 69 2d 72 65 67 75 6c 61 72 2e 74 74 66 3a 20 6e 6f 20 6c 69 6e 6b 20 6e 61 6d 65 64
                        Data Ascii: failed to resolve /ipfs/bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u/owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf: no link named
                        2024-06-13 22:28:17 UTC73INData Raw: 20 22 6f 77 61 22 20 75 6e 64 65 72 20 62 61 66 79 62 65 69 67 6d 62 71 76 73 69 32 33 36 32 63 68 72 37 65 66 74 74 72 32 63 6a 6c 68 79 6c 6b 7a 37 76 64 65 6d 32 33 63 6e 77 73 6c 34 7a 73 6d 61 62 75 69 73 34 75 0a
                        Data Ascii: "owa" under bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        9192.168.2.64972823.211.8.90443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:19 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                        Connection: Keep-Alive
                        Accept: */*
                        Accept-Encoding: identity
                        User-Agent: Microsoft BITS/7.8
                        Host: fs.microsoft.com
                        2024-06-13 22:27:19 UTC467INHTTP/1.1 200 OK
                        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                        Content-Type: application/octet-stream
                        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                        Server: ECAcc (lpl/EF06)
                        X-CID: 11
                        X-Ms-ApiVersion: Distribute 1.2
                        X-Ms-Region: prod-neu-z1
                        Cache-Control: public, max-age=236606
                        Date: Thu, 13 Jun 2024 22:27:19 GMT
                        Connection: close
                        X-CID: 2


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        10192.168.2.64972923.211.8.90443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:20 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                        Connection: Keep-Alive
                        Accept: */*
                        Accept-Encoding: identity
                        If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                        Range: bytes=0-2147483646
                        User-Agent: Microsoft BITS/7.8
                        Host: fs.microsoft.com
                        2024-06-13 22:27:20 UTC535INHTTP/1.1 200 OK
                        Content-Type: application/octet-stream
                        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                        ApiVersion: Distribute 1.1
                        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                        X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y=
                        Cache-Control: public, max-age=236580
                        Date: Thu, 13 Jun 2024 22:27:20 GMT
                        Content-Length: 55
                        Connection: close
                        X-CID: 2
                        2024-06-13 22:27:20 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                        Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                        Session IDSource IPSource PortDestination IPDestination Port
                        11192.168.2.64973140.113.110.67443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:24 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 70 70 71 4a 75 33 4a 6f 78 6b 75 32 37 50 32 6b 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 33 63 34 63 66 65 32 36 36 31 39 63 63 66 38 0d 0a 0d 0a
                        Data Ascii: CNT 1 CON 305MS-CV: ppqJu3Joxku27P2k.1Context: d3c4cfe26619ccf8
                        2024-06-13 22:27:24 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                        2024-06-13 22:27:24 UTC1064OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 70 70 71 4a 75 33 4a 6f 78 6b 75 32 37 50 32 6b 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 33 63 34 63 66 65 32 36 36 31 39 63 63 66 38 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 64 57 67 33 63 56 46 61 32 45 43 54 79 36 74 69 55 62 53 42 56 53 42 4e 6a 68 2f 41 42 6b 67 75 71 4a 38 33 36 6d 61 30 39 5a 36 55 68 76 39 4c 36 70 38 30 46 68 69 65 57 4d 66 7a 51 4f 32 54 61 36 37 31 32 55 4a 78 52 4a 6c 50 57 77 65 39 67 6e 4b 4f 69 58 77 53 70 6d 54 4c 35 53 31 72 7a 6f 33 64 33 52 6d 6c 75 6f 7a 75 51
                        Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: ppqJu3Joxku27P2k.2Context: d3c4cfe26619ccf8<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAdWg3cVFa2ECTy6tiUbSBVSBNjh/ABkguqJ836ma09Z6Uhv9L6p80FhieWMfzQO2Ta6712UJxRJlPWwe9gnKOiXwSpmTL5S1rzo3d3RmluozuQ
                        2024-06-13 22:27:24 UTC218OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 70 70 71 4a 75 33 4a 6f 78 6b 75 32 37 50 32 6b 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 33 63 34 63 66 65 32 36 36 31 39 63 63 66 38 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                        Data Ascii: BND 3 CON\WNS 0 197MS-CV: ppqJu3Joxku27P2k.3Context: d3c4cfe26619ccf8<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                        2024-06-13 22:27:24 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                        Data Ascii: 202 1 CON 58
                        2024-06-13 22:27:24 UTC58INData Raw: 4d 53 2d 43 56 3a 20 4a 70 74 70 4d 35 50 33 35 45 47 4d 51 66 63 32 56 61 50 7a 51 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                        Data Ascii: MS-CV: JptpM5P35EGMQfc2VaPzQw.0Payload parsing failed.


                        Session IDSource IPSource PortDestination IPDestination Port
                        12192.168.2.64973040.113.110.67443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:24 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 31 37 52 6a 68 58 53 33 7a 55 47 46 61 44 42 52 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 62 35 38 33 32 66 63 35 33 34 61 30 66 35 64 0d 0a 0d 0a
                        Data Ascii: CNT 1 CON 305MS-CV: 17RjhXS3zUGFaDBR.1Context: db5832fc534a0f5d
                        2024-06-13 22:27:24 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                        2024-06-13 22:27:24 UTC1064OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 31 37 52 6a 68 58 53 33 7a 55 47 46 61 44 42 52 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 62 35 38 33 32 66 63 35 33 34 61 30 66 35 64 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 64 57 67 33 63 56 46 61 32 45 43 54 79 36 74 69 55 62 53 42 56 53 42 4e 6a 68 2f 41 42 6b 67 75 71 4a 38 33 36 6d 61 30 39 5a 36 55 68 76 39 4c 36 70 38 30 46 68 69 65 57 4d 66 7a 51 4f 32 54 61 36 37 31 32 55 4a 78 52 4a 6c 50 57 77 65 39 67 6e 4b 4f 69 58 77 53 70 6d 54 4c 35 53 31 72 7a 6f 33 64 33 52 6d 6c 75 6f 7a 75 51
                        Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: 17RjhXS3zUGFaDBR.2Context: db5832fc534a0f5d<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAdWg3cVFa2ECTy6tiUbSBVSBNjh/ABkguqJ836ma09Z6Uhv9L6p80FhieWMfzQO2Ta6712UJxRJlPWwe9gnKOiXwSpmTL5S1rzo3d3RmluozuQ
                        2024-06-13 22:27:24 UTC74OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 31 37 52 6a 68 58 53 33 7a 55 47 46 61 44 42 52 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 62 35 38 33 32 66 63 35 33 34 61 30 66 35 64 0d 0a 0d 0a
                        Data Ascii: BND 3 CON\QOS 56MS-CV: 17RjhXS3zUGFaDBR.3Context: db5832fc534a0f5d
                        2024-06-13 22:27:24 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                        Data Ascii: 202 1 CON 58
                        2024-06-13 22:27:24 UTC58INData Raw: 4d 53 2d 43 56 3a 20 61 52 41 47 71 53 6d 43 58 55 47 6b 4c 72 53 38 4c 71 61 4c 36 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                        Data Ascii: MS-CV: aRAGqSmCXUGkLrS8LqaL6A.0Payload parsing failed.


                        Session IDSource IPSource PortDestination IPDestination Port
                        13192.168.2.64973540.113.110.67443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:37 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 57 35 58 38 4f 37 72 63 53 30 32 49 78 6c 33 33 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 61 64 30 64 34 31 34 38 63 66 32 36 65 63 35 35 0d 0a 0d 0a
                        Data Ascii: CNT 1 CON 305MS-CV: W5X8O7rcS02Ixl33.1Context: ad0d4148cf26ec55
                        2024-06-13 22:27:37 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                        2024-06-13 22:27:37 UTC1064OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 57 35 58 38 4f 37 72 63 53 30 32 49 78 6c 33 33 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 61 64 30 64 34 31 34 38 63 66 32 36 65 63 35 35 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 64 57 67 33 63 56 46 61 32 45 43 54 79 36 74 69 55 62 53 42 56 53 42 4e 6a 68 2f 41 42 6b 67 75 71 4a 38 33 36 6d 61 30 39 5a 36 55 68 76 39 4c 36 70 38 30 46 68 69 65 57 4d 66 7a 51 4f 32 54 61 36 37 31 32 55 4a 78 52 4a 6c 50 57 77 65 39 67 6e 4b 4f 69 58 77 53 70 6d 54 4c 35 53 31 72 7a 6f 33 64 33 52 6d 6c 75 6f 7a 75 51
                        Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: W5X8O7rcS02Ixl33.2Context: ad0d4148cf26ec55<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAdWg3cVFa2ECTy6tiUbSBVSBNjh/ABkguqJ836ma09Z6Uhv9L6p80FhieWMfzQO2Ta6712UJxRJlPWwe9gnKOiXwSpmTL5S1rzo3d3RmluozuQ
                        2024-06-13 22:27:37 UTC218OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 57 35 58 38 4f 37 72 63 53 30 32 49 78 6c 33 33 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 61 64 30 64 34 31 34 38 63 66 32 36 65 63 35 35 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                        Data Ascii: BND 3 CON\WNS 0 197MS-CV: W5X8O7rcS02Ixl33.3Context: ad0d4148cf26ec55<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                        2024-06-13 22:27:37 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                        Data Ascii: 202 1 CON 58
                        2024-06-13 22:27:37 UTC58INData Raw: 4d 53 2d 43 56 3a 20 6a 2b 6b 4e 4b 56 71 4e 6a 6b 53 71 34 2f 53 4d 77 57 4d 74 68 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                        Data Ascii: MS-CV: j+kNKVqNjkSq4/SMwWMthQ.0Payload parsing failed.


                        Session IDSource IPSource PortDestination IPDestination Port
                        14192.168.2.64973640.113.110.67443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:41 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 43 76 32 4a 6a 74 4d 56 47 30 57 6d 6f 73 52 33 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 63 65 63 61 35 39 30 37 33 32 65 37 35 61 38 64 0d 0a 0d 0a
                        Data Ascii: CNT 1 CON 305MS-CV: Cv2JjtMVG0WmosR3.1Context: ceca590732e75a8d
                        2024-06-13 22:27:41 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                        2024-06-13 22:27:41 UTC1064OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 43 76 32 4a 6a 74 4d 56 47 30 57 6d 6f 73 52 33 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 63 65 63 61 35 39 30 37 33 32 65 37 35 61 38 64 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 64 57 67 33 63 56 46 61 32 45 43 54 79 36 74 69 55 62 53 42 56 53 42 4e 6a 68 2f 41 42 6b 67 75 71 4a 38 33 36 6d 61 30 39 5a 36 55 68 76 39 4c 36 70 38 30 46 68 69 65 57 4d 66 7a 51 4f 32 54 61 36 37 31 32 55 4a 78 52 4a 6c 50 57 77 65 39 67 6e 4b 4f 69 58 77 53 70 6d 54 4c 35 53 31 72 7a 6f 33 64 33 52 6d 6c 75 6f 7a 75 51
                        Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: Cv2JjtMVG0WmosR3.2Context: ceca590732e75a8d<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAdWg3cVFa2ECTy6tiUbSBVSBNjh/ABkguqJ836ma09Z6Uhv9L6p80FhieWMfzQO2Ta6712UJxRJlPWwe9gnKOiXwSpmTL5S1rzo3d3RmluozuQ
                        2024-06-13 22:27:41 UTC74OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 43 76 32 4a 6a 74 4d 56 47 30 57 6d 6f 73 52 33 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 63 65 63 61 35 39 30 37 33 32 65 37 35 61 38 64 0d 0a 0d 0a
                        Data Ascii: BND 3 CON\QOS 56MS-CV: Cv2JjtMVG0WmosR3.3Context: ceca590732e75a8d
                        2024-06-13 22:27:41 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                        Data Ascii: 202 1 CON 58
                        2024-06-13 22:27:41 UTC58INData Raw: 4d 53 2d 43 56 3a 20 55 4b 48 2f 64 79 75 59 49 55 65 42 47 33 62 51 56 57 31 65 5a 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                        Data Ascii: MS-CV: UKH/dyuYIUeBG3bQVW1eZA.0Payload parsing failed.


                        Session IDSource IPSource PortDestination IPDestination Port
                        15192.168.2.64973740.113.110.67443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:58 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 44 4c 69 75 2b 39 2f 77 74 6b 6d 53 31 6c 6a 43 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 62 30 36 32 35 64 61 30 63 62 61 65 32 35 31 0d 0a 0d 0a
                        Data Ascii: CNT 1 CON 305MS-CV: DLiu+9/wtkmS1ljC.1Context: eb0625da0cbae251
                        2024-06-13 22:27:58 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                        2024-06-13 22:27:58 UTC1064OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 44 4c 69 75 2b 39 2f 77 74 6b 6d 53 31 6c 6a 43 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 62 30 36 32 35 64 61 30 63 62 61 65 32 35 31 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 64 57 67 33 63 56 46 61 32 45 43 54 79 36 74 69 55 62 53 42 56 53 42 4e 6a 68 2f 41 42 6b 67 75 71 4a 38 33 36 6d 61 30 39 5a 36 55 68 76 39 4c 36 70 38 30 46 68 69 65 57 4d 66 7a 51 4f 32 54 61 36 37 31 32 55 4a 78 52 4a 6c 50 57 77 65 39 67 6e 4b 4f 69 58 77 53 70 6d 54 4c 35 53 31 72 7a 6f 33 64 33 52 6d 6c 75 6f 7a 75 51
                        Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: DLiu+9/wtkmS1ljC.2Context: eb0625da0cbae251<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAdWg3cVFa2ECTy6tiUbSBVSBNjh/ABkguqJ836ma09Z6Uhv9L6p80FhieWMfzQO2Ta6712UJxRJlPWwe9gnKOiXwSpmTL5S1rzo3d3RmluozuQ
                        2024-06-13 22:27:58 UTC74OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 44 4c 69 75 2b 39 2f 77 74 6b 6d 53 31 6c 6a 43 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 62 30 36 32 35 64 61 30 63 62 61 65 32 35 31 0d 0a 0d 0a
                        Data Ascii: BND 3 CON\QOS 56MS-CV: DLiu+9/wtkmS1ljC.3Context: eb0625da0cbae251
                        2024-06-13 22:27:59 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                        Data Ascii: 202 1 CON 58
                        2024-06-13 22:27:59 UTC58INData Raw: 4d 53 2d 43 56 3a 20 48 35 58 49 75 61 59 74 36 30 75 53 44 63 4f 6a 44 31 43 64 51 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                        Data Ascii: MS-CV: H5XIuaYt60uSDcOjD1CdQw.0Payload parsing failed.


                        Session IDSource IPSource PortDestination IPDestination Port
                        16192.168.2.64973840.113.110.67443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:27:58 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 6d 68 4b 6b 34 6f 34 4e 61 45 43 54 4f 6e 74 62 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 62 35 65 33 63 31 30 34 38 65 63 35 66 33 63 0d 0a 0d 0a
                        Data Ascii: CNT 1 CON 305MS-CV: mhKk4o4NaECTOntb.1Context: 9b5e3c1048ec5f3c
                        2024-06-13 22:27:58 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                        2024-06-13 22:27:58 UTC1064OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 6d 68 4b 6b 34 6f 34 4e 61 45 43 54 4f 6e 74 62 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 62 35 65 33 63 31 30 34 38 65 63 35 66 33 63 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 64 57 67 33 63 56 46 61 32 45 43 54 79 36 74 69 55 62 53 42 56 53 42 4e 6a 68 2f 41 42 6b 67 75 71 4a 38 33 36 6d 61 30 39 5a 36 55 68 76 39 4c 36 70 38 30 46 68 69 65 57 4d 66 7a 51 4f 32 54 61 36 37 31 32 55 4a 78 52 4a 6c 50 57 77 65 39 67 6e 4b 4f 69 58 77 53 70 6d 54 4c 35 53 31 72 7a 6f 33 64 33 52 6d 6c 75 6f 7a 75 51
                        Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: mhKk4o4NaECTOntb.2Context: 9b5e3c1048ec5f3c<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAdWg3cVFa2ECTy6tiUbSBVSBNjh/ABkguqJ836ma09Z6Uhv9L6p80FhieWMfzQO2Ta6712UJxRJlPWwe9gnKOiXwSpmTL5S1rzo3d3RmluozuQ
                        2024-06-13 22:27:58 UTC218OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 6d 68 4b 6b 34 6f 34 4e 61 45 43 54 4f 6e 74 62 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 62 35 65 33 63 31 30 34 38 65 63 35 66 33 63 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                        Data Ascii: BND 3 CON\WNS 0 197MS-CV: mhKk4o4NaECTOntb.3Context: 9b5e3c1048ec5f3c<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                        2024-06-13 22:27:59 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                        Data Ascii: 202 1 CON 58
                        2024-06-13 22:27:59 UTC58INData Raw: 4d 53 2d 43 56 3a 20 42 78 61 4d 4e 57 6b 38 68 6b 4f 59 68 72 50 34 7a 6e 32 67 71 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                        Data Ascii: MS-CV: BxaMNWk8hkOYhrP4zn2gqQ.0Payload parsing failed.


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        17192.168.2.64974152.98.178.2104434152C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:28:18 UTC650OUTGET /mail/favicon.ico HTTP/1.1
                        Host: outlook.live.com
                        Connection: keep-alive
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        sec-ch-ua-mobile: ?0
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        sec-ch-ua-platform: "Windows"
                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                        Sec-Fetch-Site: cross-site
                        Sec-Fetch-Mode: no-cors
                        Sec-Fetch-Dest: image
                        Referer: https://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-06-13 22:28:18 UTC850INHTTP/1.1 200 OK
                        Content-Length: 7886
                        Content-Type: image/x-icon
                        Last-Modified: Thu, 13 Jun 2024 00:33:22 GMT
                        Accept-Ranges: bytes
                        ETag: "1dabd294b91abce"
                        Server: Microsoft-IIS/10.0
                        request-id: f1d3e4c7-0fe6-1c31-5a79-172624d3eefa
                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                        Alt-Svc: h3=":443";ma=2592000,h3-29=":443";ma=2592000
                        X-PreferredRoutingKeyDiagnostics: 0
                        X-CalculatedBETarget: FRYP281MB2574.DEUP281.PROD.OUTLOOK.COM
                        X-BackEndHttpStatus: 200
                        x-besku: UNKNOWN
                        X-Proxy-RoutingCorrectness: 1
                        X-Proxy-BackendServerStatus: 200
                        X-FirstHopCafeEFZ: FRA
                        X-BEPartition: Clique/CLDEUP281FRA00
                        X-FEProxyInfo: FR4P281CA0258.DEUP281.PROD.OUTLOOK.COM
                        X-FEEFZInfo: FRA
                        MS-CV: x+TT8eYPMRxaeRcmJNPu+g.1
                        X-Powered-By: ASP.NET
                        X-FEServer: FR4P281CA0258
                        Date: Thu, 13 Jun 2024 22:28:18 GMT
                        Connection: close
                        2024-06-13 22:28:18 UTC7886INData Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                        Data Ascii: 6 hf( @


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        18192.168.2.64974352.98.178.2104434152C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:28:19 UTC356OUTGET /mail/favicon.ico HTTP/1.1
                        Host: outlook.live.com
                        Connection: keep-alive
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept: */*
                        Sec-Fetch-Site: none
                        Sec-Fetch-Mode: cors
                        Sec-Fetch-Dest: empty
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-06-13 22:28:20 UTC995INHTTP/1.1 200 OK
                        Content-Length: 7886
                        Content-Type: image/x-icon
                        Last-Modified: Thu, 13 Jun 2024 00:33:22 GMT
                        Accept-Ranges: bytes
                        ETag: "1dabd294b91abce"
                        Server: Microsoft-IIS/10.0
                        request-id: a5573b5a-f98d-fa8e-16cd-7afeda99ca14
                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                        Alt-Svc: h3=":443";ma=2592000,h3-29=":443";ma=2592000
                        X-PreferredRoutingKeyDiagnostics: 0
                        X-CalculatedFETarget: BEXP281CU001.internal.outlook.com
                        X-BackEndHttpStatus: 200
                        X-NanoProxy: 1
                        X-Proxy-BackendServerStatus: 200
                        X-CalculatedBETarget: BEUP281MB3704.DEUP281.PROD.OUTLOOK.COM
                        X-FEServer: BEXP281CA0002
                        x-besku: UNKNOWN
                        X-BackEndHttpStatus: 200
                        X-Proxy-RoutingCorrectness: 1
                        X-FEProxyInfo: FR4P281CA0268.DEUP281.PROD.OUTLOOK.COM
                        X-FEEFZInfo: FRA
                        Alt-Svc: h3=":443";ma=2592000,h3-29=":443";ma=2592000
                        MS-CV: WjtXpY35jvoWzXr+2pnKFA.1.1
                        X-FirstHopCafeEFZ: FRA
                        X-Powered-By: ASP.NET
                        X-FEServer: FR4P281CA0268
                        Date: Thu, 13 Jun 2024 22:28:19 GMT
                        Connection: close
                        2024-06-13 22:28:20 UTC7886INData Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                        Data Ascii: 6 hf( @


                        Session IDSource IPSource PortDestination IPDestination Port
                        19192.168.2.64974440.113.110.67443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:28:26 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 76 4f 67 41 62 65 70 7a 6b 55 61 6e 37 59 30 39 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 63 31 37 37 66 63 66 31 64 66 36 63 66 39 35 0d 0a 0d 0a
                        Data Ascii: CNT 1 CON 305MS-CV: vOgAbepzkUan7Y09.1Context: 9c177fcf1df6cf95
                        2024-06-13 22:28:26 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                        2024-06-13 22:28:26 UTC1064OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 76 4f 67 41 62 65 70 7a 6b 55 61 6e 37 59 30 39 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 63 31 37 37 66 63 66 31 64 66 36 63 66 39 35 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 64 57 67 33 63 56 46 61 32 45 43 54 79 36 74 69 55 62 53 42 56 53 42 4e 6a 68 2f 41 42 6b 67 75 71 4a 38 33 36 6d 61 30 39 5a 36 55 68 76 39 4c 36 70 38 30 46 68 69 65 57 4d 66 7a 51 4f 32 54 61 36 37 31 32 55 4a 78 52 4a 6c 50 57 77 65 39 67 6e 4b 4f 69 58 77 53 70 6d 54 4c 35 53 31 72 7a 6f 33 64 33 52 6d 6c 75 6f 7a 75 51
                        Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: vOgAbepzkUan7Y09.2Context: 9c177fcf1df6cf95<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAdWg3cVFa2ECTy6tiUbSBVSBNjh/ABkguqJ836ma09Z6Uhv9L6p80FhieWMfzQO2Ta6712UJxRJlPWwe9gnKOiXwSpmTL5S1rzo3d3RmluozuQ
                        2024-06-13 22:28:26 UTC74OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 76 4f 67 41 62 65 70 7a 6b 55 61 6e 37 59 30 39 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 63 31 37 37 66 63 66 31 64 66 36 63 66 39 35 0d 0a 0d 0a
                        Data Ascii: BND 3 CON\QOS 56MS-CV: vOgAbepzkUan7Y09.3Context: 9c177fcf1df6cf95
                        2024-06-13 22:28:26 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                        Data Ascii: 202 1 CON 58
                        2024-06-13 22:28:26 UTC58INData Raw: 4d 53 2d 43 56 3a 20 46 43 55 4a 38 64 6a 75 32 6b 47 4c 44 7a 63 38 72 6b 36 4d 78 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                        Data Ascii: MS-CV: FCUJ8dju2kGLDzc8rk6Mxw.0Payload parsing failed.


                        Session IDSource IPSource PortDestination IPDestination Port
                        20192.168.2.64974540.113.110.67443
                        TimestampBytes transferredDirectionData
                        2024-06-13 22:28:30 UTC70OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 34 0d 0a 4d 53 2d 43 56 3a 20 42 56 48 74 6c 38 41 62 51 45 61 4a 66 6c 76 4b 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 31 38 63 32 31 33 39 64 63 36 32 34 66 30 66 0d 0a 0d 0a
                        Data Ascii: CNT 1 CON 304MS-CV: BVHtl8AbQEaJflvK.1Context: 18c2139dc624f0f
                        2024-06-13 22:28:30 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                        2024-06-13 22:28:30 UTC1063OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 30 0d 0a 4d 53 2d 43 56 3a 20 42 56 48 74 6c 38 41 62 51 45 61 4a 66 6c 76 4b 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 31 38 63 32 31 33 39 64 63 36 32 34 66 30 66 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 64 57 67 33 63 56 46 61 32 45 43 54 79 36 74 69 55 62 53 42 56 53 42 4e 6a 68 2f 41 42 6b 67 75 71 4a 38 33 36 6d 61 30 39 5a 36 55 68 76 39 4c 36 70 38 30 46 68 69 65 57 4d 66 7a 51 4f 32 54 61 36 37 31 32 55 4a 78 52 4a 6c 50 57 77 65 39 67 6e 4b 4f 69 58 77 53 70 6d 54 4c 35 53 31 72 7a 6f 33 64 33 52 6d 6c 75 6f 7a 75 51 39
                        Data Ascii: ATH 2 CON\DEVICE 1040MS-CV: BVHtl8AbQEaJflvK.2Context: 18c2139dc624f0f<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAdWg3cVFa2ECTy6tiUbSBVSBNjh/ABkguqJ836ma09Z6Uhv9L6p80FhieWMfzQO2Ta6712UJxRJlPWwe9gnKOiXwSpmTL5S1rzo3d3RmluozuQ9
                        2024-06-13 22:28:30 UTC217OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 36 0d 0a 4d 53 2d 43 56 3a 20 42 56 48 74 6c 38 41 62 51 45 61 4a 66 6c 76 4b 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 31 38 63 32 31 33 39 64 63 36 32 34 66 30 66 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                        Data Ascii: BND 3 CON\WNS 0 196MS-CV: BVHtl8AbQEaJflvK.3Context: 18c2139dc624f0f<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                        2024-06-13 22:28:30 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                        Data Ascii: 202 1 CON 58
                        2024-06-13 22:28:30 UTC58INData Raw: 4d 53 2d 43 56 3a 20 6f 61 53 4d 65 64 6d 38 43 45 36 6e 43 79 68 72 68 52 43 58 2f 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                        Data Ascii: MS-CV: oaSMedm8CE6nCyhrhRCX/w.0Payload parsing failed.


                        Statistics

                        CPU Usage

                        020406080s020406080100

                        Click to jump to process

                        Memory Usage

                        020406080s0.0050100MB

                        Click to jump to process

                        Behavior

                        Click to jump to process

                        System Behavior

                        General

                        Target ID:0
                        Start time:18:27:07
                        Start date:13/06/2024
                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                        Wow64 process (32bit):false
                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                        Imagebase:0x7ff684c40000
                        File size:3'242'272 bytes
                        MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:low
                        Has exited:false
                        Show Windows behavior

                        File Activities

                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                        Show Windows behavior

                        Process Activities

                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                        Show Windows behavior

                        Memory Activities

                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                        Show Windows behavior

                        Process Token Activities


                        General

                        Target ID:2
                        Start time:18:27:12
                        Start date:13/06/2024
                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                        Wow64 process (32bit):false
                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2900 --field-trial-handle=2864,i,15905578781120468769,3679726759094227061,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                        Imagebase:0x7ff684c40000
                        File size:3'242'272 bytes
                        MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:low
                        Has exited:false
                        Show Windows behavior

                        File Activities

                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                        Show Windows behavior

                        Memory Activities


                        General

                        Target ID:3
                        Start time:18:27:14
                        Start date:13/06/2024
                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                        Wow64 process (32bit):false
                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://bafybeigmbqvsi2362chr7efttr2cjlhylkz7vdem23cnwsl4zsmabuis4u.ipfs.dweb.link/"
                        Imagebase:0x7ff684c40000
                        File size:3'242'272 bytes
                        MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:low
                        Has exited:true
                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                        Disassembly

                        No disassembly