Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
URBAN CORPS.pdf

Overview

General Information

Sample name:URBAN CORPS.pdf
Analysis ID:1467212
MD5:ae7cb9463b29e62eca0e9e0e03bb6fb5
SHA1:785afd91cc7bfe3e1a8339154d602f0c66bbf9cc
SHA256:a8cf6092efd02a772c56a3ab265844c3fb329b165ad901d1c6ffc2d52040a1e1
Infos:

Detection

Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Antivirus detection for URL or domain
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • Acrobat.exe (PID: 4712 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\URBAN CORPS.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 360 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 7256 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2104 --field-trial-handle=1740,i,16772849399050595403,9305864139534860805,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
  • chrome.exe (PID: 8136 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://forms.office.com/r/4i3EYM0R1S" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4676 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1988,i,14556554370102153334,10441946139869340800,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus detection for URL or domain
Source: https://forms.office.com/pages/responsepage.aspx?id=m-YY3RuX2UeS4svj8aYQ3DeXDZSh651OljSHQ-HNcj5UQ0c1Q1hRTEZFWFRLODJTUkRXS1pQNVU2MS4uSlashNext: Label: Credential Stealing type: Phishing & Social Engineering

Phishing

barindex
AI detected phishing page
Source: https://assets-usa.mkt.dynamics.comLLM: Score: 7 brands: Microsoft Dynamics Reasons: The URL 'https://assets-usa.mkt.dynamics.com' appears suspicious due to the use of multiple subdomains ('assets-usa.mkt'). While 'dynamics.com' is a legitimate domain associated with Microsoft Dynamics, the additional subdomains could be an attempt to mislead users. The page prominently features a CAPTCHA and a button labeled 'Review Document,' which is a common tactic used in phishing to prompt user interaction. The presence of social engineering techniques, such as the CAPTCHA and the prompt to review a document, further raises suspicion. Therefore, this site is likely a phishing site. DOM: 1.3.pages.csv
Source: https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499HTTP Parser: No favicon
Source: https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499HTTP Parser: No favicon
Source: https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499HTTP Parser: No favicon
Source: https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49800 version: TLS 1.0
Source: unknownHTTPS traffic detected: 2.19.244.127:443 -> 192.168.2.5:49712 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.19.244.127:443 -> 192.168.2.5:49713 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.5:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.5:49801 version: TLS 1.2
Source: Joe Sandbox ViewIP Address: 13.107.246.60 13.107.246.60
Source: Joe Sandbox ViewIP Address: 20.49.124.158 20.49.124.158
Source: Joe Sandbox ViewIP Address: 52.146.76.30 52.146.76.30
Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
Source: Joe Sandbox ViewJA3 fingerprint: 1138de370e523e824bbca92d049a3777
Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49800 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=eOC3AR1WH78oNKD&MD=fbg56d3d HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499 HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /usa/FormLoader/FormLoader.bundle.js HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://assets-usa.mkt.dynamics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499 HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: text/plainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /usa/FormLoader/public/locales/en-us/translation.json HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://assets-usa.mkt.dynamics.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://assets-usa.mkt.dynamics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499 HTTP/1.1Host: assets-usa.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?fid=b105fd92-33cc-447c-b000-df58cfaf4e89&type=visual&rnd=c3b6d445-c55a-490e-a171-56d758d0beaf&mkt=en HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /usa/FormLoader/public/locales/en-us/translation.json HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /usa/Captcha/Images/icon_err.gif?vv=100 HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=b105fd92-33cc-447c-b000-df58cfaf4e89&rnd=48c46033440a4adcaad070e562fb0a2c&market=en HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /usa/Captcha/Images/hig_progcircle_animated.gif?vv=100 HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /usa/Captcha/Images/icon_err.gif?vv=100 HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /usa/Captcha/Images/hig_progcircle_animated.gif?vv=100 HTTP/1.1Host: cxppusa1formui01cdnsa01-endpoint.azureedge.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=b105fd92-33cc-447c-b000-df58cfaf4e89&rnd=48c46033440a4adcaad070e562fb0a2c&market=en HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499/visits HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=eOC3AR1WH78oNKD&MD=fbg56d3d HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?fid=bbf60dad-072f-44d9-a6e7-e0931f50c482&type=visual&rnd=2de0e11d-da42-446f-a718-00c44672625d&mkt=en HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=bbf60dad-072f-44d9-a6e7-e0931f50c482&rnd=457e8b8c9dd1497ba62a5c55b5b0b82d&market=en HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499/visits HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=bbf60dad-072f-44d9-a6e7-e0931f50c482&rnd=457e8b8c9dd1497ba62a5c55b5b0b82d&market=en HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?dc=EastUS&mkt=en&fid=bbf60dad-072f-44d9-a6e7-e0931f50c482&type=visual&c=1&rnd=0.5199867511130329 HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=bbf60dad-072f-44d9-a6e7-e0931f50c482&rnd=bfb5869cd5d147faa63611d80225b568&market=en HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=bbf60dad-072f-44d9-a6e7-e0931f50c482&rnd=bfb5869cd5d147faa63611d80225b568&market=en HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: forms.office.com
Source: global trafficDNS traffic detected: DNS query: cdn.forms.office.net
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: lists.office.com
Source: global trafficDNS traffic detected: DNS query: c.office.com
Source: global trafficDNS traffic detected: DNS query: assets-usa.mkt.dynamics.com
Source: global trafficDNS traffic detected: DNS query: public-usa.mkt.dynamics.com
Source: unknownHTTP traffic detected: POST /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499/visits HTTP/1.1Host: public-usa.mkt.dynamics.comConnection: keep-aliveContent-Length: 153sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonContent-Type: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://assets-usa.mkt.dynamics.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 19:17:23 GMTContent-Type: text/htmlContent-Length: 548Connection: closeStrict-Transport-Security: max-age=2592000; preloadx-azure-ref: 20240703T191723Z-157bfc59976pjpd267bfvppp200000000ff0000000005fuwx-fd-int-roxy-purgeid: 72378317X-Cache: TCP_MISS
Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Wed, 03 Jul 2024 19:17:26 GMTContent-Length: 0Connection: closex-ms-trace-id: 3a757724eac03d86c6071ba177122c6dStrict-Transport-Security: max-age=2592000; preload
Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Wed, 03 Jul 2024 19:18:26 GMTContent-Length: 0Connection: closex-ms-trace-id: 08b06769535da11a1dffe787e15c6c7aStrict-Transport-Security: max-age=2592000; preload
Source: E0F5C59F9FA661F6F4C50B87FEF3A15A0.2.drString found in binary or memory: http://apps.identrust.com/roots/dstrootcax3.p7c
Source: 77EC63BDA74BD0D0E0426DC8F80085060.2.drString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: chromecache_254.9.drString found in binary or memory: https://aka.ms/FormsConsumerElite.
Source: chromecache_297.9.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/dll-dompurify.min.bcf1a85.js.map/4ee7b161
Source: chromecache_277.9.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.1ds.a8079b3.js.
Source: chromecache_255.9.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_cover.9b66b
Source: chromecache_281.9.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_ext.1918055
Source: chromecache_292.9.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_groupnote.f
Source: chromecache_290.9.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_post.boot.4
Source: chromecache_301.9.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_saverespons
Source: chromecache_276.9.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.officebrowserfe
Source: chromecache_273.9.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.sw.a6ac500.js.m
Source: chromecache_252.9.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.utel.508f317.js
Source: chromecache_258.9.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.utel_1ds.625545
Source: chromecache_280.9.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.min.32c356c.js.map/0c
Source: chromecache_283.9.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/sw.js.map/29290e03f931b88dc228d32a0295c7a
Source: chromecache_284.9.drString found in binary or memory: https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/forms/ed6cc47
Source: chromecache_298.9.drString found in binary or memory: https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-192.png
Source: chromecache_298.9.drString found in binary or memory: https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-256.png
Source: chromecache_298.9.drString found in binary or memory: https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-512.png
Source: chromecache_284.9.drString found in binary or memory: https://cxppusa1formui01cdnsa01-endpoint.azureedge.net/usa/FormLoader/FormLoader.bundle.js
Source: chromecache_268.9.dr, chromecache_300.9.drString found in binary or memory: https://doni2.r.ag.d.sendibm3.com/mk/cl/f/sh/OycZvHuFo1eQtVYsQwMXO2o3/Y3fF0MGRoEKk
Source: URBAN CORPS.pdfString found in binary or memory: https://forms.office.com/r/4i3EYM0R1S)
Source: chromecache_284.9.drString found in binary or memory: https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpagefo
Source: URBAN CORPS.pdfString found in binary or memory: https://urldefense.com/v3/__http:/www.urbancorpscharter.com/__;
Source: URBAN CORPS.pdfString found in binary or memory: https://urldefense.com/v3/__http:/www.urbancorpssd.org/__;
Source: URBAN CORPS.pdfString found in binary or memory: https://urldefense.com/v3/__http:/www.urbancorpssd.org/index.html__;
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownHTTPS traffic detected: 2.19.244.127:443 -> 192.168.2.5:49712 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.19.244.127:443 -> 192.168.2.5:49713 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.5:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.5:49801 version: TLS 1.2
Source: classification engineClassification label: mal56.phis.winPDF@42/137@36/6
Source: URBAN CORPS.pdfInitial sample: https://urldefense.com/v3/__http:/www.urbancorpssd.org/index.html__;!!e_4xu6-vwmwk-q!smymy4aqrbnmri2yfq3eb2yn77t90x16dffzyk-8owpndxasgjfvxq2lwin0zq6hoqcn46qjc81xcljfeqpz-gaugmvw$
Source: URBAN CORPS.pdfInitial sample: https://urldefense.com/v3/__http:/www.urbancorpssd.org/__;!!E_4xU6-vwMWK-Q!smYMY4aqRbNMRI2yFQ3Eb2yN77T90x16dFfzyK-8OwPNDXAsGjFVxQ2lwIN0ZQ6hoQcN46QjC81xclJfEQpZ-ubQ6WrD$
Source: URBAN CORPS.pdfInitial sample: https://urldefense.com/v3/__http:/www.urbancorpssd.org/index.html__;!!E_4xU6-vwMWK-Q!smYMY4aqRbNMRI2yFQ3Eb2yN77T90x16dFfzyK-8OwPNDXAsGjFVxQ2lwIN0ZQ6hoQcN46QjC81xclJfEQpZ-gAUgMvw$
Source: URBAN CORPS.pdfInitial sample: https://forms.office.com/r/4i3eym0r1s
Source: URBAN CORPS.pdfInitial sample: mailto:kfreeland@urbancorps.com
Source: URBAN CORPS.pdfInitial sample: https://forms.office.com/r/4i3EYM0R1S
Source: URBAN CORPS.pdfInitial sample: https://urldefense.com/v3/__http:/www.urbancorpssd.org/__;!!e_4xu6-vwmwk-q!smymy4aqrbnmri2yfq3eb2yn77t90x16dffzyk-8owpndxasgjfvxq2lwin0zq6hoqcn46qjc81xcljfeqpz-ubq6wrd$
Source: URBAN CORPS.pdfInitial sample: https://urldefense.com/v3/__http:/www.urbancorpscharter.com/__;!!e_4xu6-vwmwk-q!smymy4aqrbnmri2yfq3eb2yn77t90x16dffzyk-8owpndxasgjfvxq2lwin0zq6hoqcn46qjc81xcljfeqpz-tqkcyxn$
Source: URBAN CORPS.pdfInitial sample: https://urldefense.com/v3/__http:/www.urbancorpscharter.com/__;!!E_4xU6-vwMWK-Q!smYMY4aqRbNMRI2yFQ3Eb2yN77T90x16dFfzyK-8OwPNDXAsGjFVxQ2lwIN0ZQ6hoQcN46QjC81xclJfEQpZ-tQKCyxN$
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journalJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-07-03 15-16-43-460.logJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\URBAN CORPS.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2104 --field-trial-handle=1740,i,16772849399050595403,9305864139534860805,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://forms.office.com/r/4i3EYM0R1S"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1988,i,14556554370102153334,10441946139869340800,262144 /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2104 --field-trial-handle=1740,i,16772849399050595403,9305864139534860805,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1988,i,14556554370102153334,10441946139869340800,262144 /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.8.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.8.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.8.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.8.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.8.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.8.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: URBAN CORPS.pdfInitial sample: PDF keyword /JS count = 0
Source: URBAN CORPS.pdfInitial sample: PDF keyword /JavaScript count = 0
Source: A918q8in7_ninilq_3g0.tmp.0.drInitial sample: PDF keyword /JS count = 0
Source: A918q8in7_ninilq_3g0.tmp.0.drInitial sample: PDF keyword /JavaScript count = 0
Source: URBAN CORPS.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
Source: URBAN CORPS.pdfInitial sample: PDF keyword obj count = 60
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Spearphishing Link		Windows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential Dumping1
System Information Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1467212 Sample: URBAN CORPS.pdf Startdate: 03/07/2024 Architecture: WINDOWS Score: 56 20 lists.office.com 2->20 32 Antivirus detection for URL or domain 2->32 34 AI detected phishing page 2->34 8 chrome.exe 9 2->8         started        11 Acrobat.exe 20 61 2->11         started        signatures3 process4 dnsIp5 22 192.168.2.5, 443, 49219, 49703 unknown unknown 8->22 24 239.255.255.250 unknown Reserved 8->24 13 chrome.exe 8->13         started        16 AcroCEF.exe 106 11->16         started        process6 dnsIp7 26 assets-usa.mkt.dynamics.com 13->26 28 s-part-0032.t-0009.t-msedge.net 13.107.246.60, 443, 49775, 49776 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 13->28 30 14 other IPs or domains 13->30 18 AcroCEF.exe 2 16->18         started        process8

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
URBAN CORPS.pdf0%ReversingLabs

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://forms.office.com/pages/responsepage.aspx?id=m-YY3RuX2UeS4svj8aYQ3DeXDZSh651OljSHQ-HNcj5UQ0c1Q1hRTEZFWFRLODJTUkRXS1pQNVU2MS4u100%SlashNextCredential Stealing type: Phishing & Social Engineering
https://assets-usa.mkt.dynamics.com/favicon.ico0%Avira URL Cloudsafe
https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499/visits0%Avira URL Cloudsafe
https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?fid=b105fd92-33cc-447c-b000-df58cfaf4e89&type=visual&rnd=c3b6d445-c55a-490e-a171-56d758d0beaf&mkt=en0%Avira URL Cloudsafe
https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?dc=EastUS&mkt=en&fid=bbf60dad-072f-44d9-a6e7-e0931f50c482&type=visual&c=1&rnd=0.51998675111303290%Avira URL Cloudsafe
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_ext.19180550%Avira URL Cloudsafe
https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=b105fd92-33cc-447c-b000-df58cfaf4e89&rnd=48c46033440a4adcaad070e562fb0a2c&market=en0%Avira URL Cloudsafe
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.min.32c356c.js.map/0c0%Avira URL Cloudsafe
https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-256.png0%Avira URL Cloudsafe
https://aka.ms/FormsConsumerElite.0%Avira URL Cloudsafe
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_groupnote.f0%Avira URL Cloudsafe
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_saverespons0%Avira URL Cloudsafe
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.1ds.a8079b3.js.0%Avira URL Cloudsafe
https://urldefense.com/v3/__http:/www.urbancorpscharter.com/__;0%Avira URL Cloudsafe
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.utel_1ds.6255450%Avira URL Cloudsafe
https://doni2.r.ag.d.sendibm3.com/mk/cl/f/sh/OycZvHuFo1eQtVYsQwMXO2o3/Y3fF0MGRoEKk0%Avira URL Cloudsafe
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.officebrowserfe0%Avira URL Cloudsafe
https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba4990%Avira URL Cloudsafe
https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=bbf60dad-072f-44d9-a6e7-e0931f50c482&rnd=457e8b8c9dd1497ba62a5c55b5b0b82d&market=en0%Avira URL Cloudsafe
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_post.boot.40%Avira URL Cloudsafe
https://forms.office.com/r/4i3EYM0R1S)0%Avira URL Cloudsafe
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.sw.a6ac500.js.m0%Avira URL Cloudsafe
https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=bbf60dad-072f-44d9-a6e7-e0931f50c482&rnd=bfb5869cd5d147faa63611d80225b568&market=en0%Avira URL Cloudsafe
https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpagefo0%Avira URL Cloudsafe
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_cover.9b66b0%Avira URL Cloudsafe
https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?fid=bbf60dad-072f-44d9-a6e7-e0931f50c482&type=visual&rnd=2de0e11d-da42-446f-a718-00c44672625d&mkt=en0%Avira URL Cloudsafe
https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/forms/ed6cc479-cc38-ef11-8409-7c1e520ba4990%Avira URL Cloudsafe
https://urldefense.com/v3/__http:/www.urbancorpssd.org/__;0%Avira URL Cloudsafe
https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-192.png0%Avira URL Cloudsafe
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.utel.508f317.js0%Avira URL Cloudsafe
https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/forms/ed6cc470%Avira URL Cloudsafe
https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-512.png0%Avira URL Cloudsafe
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/dll-dompurify.min.bcf1a85.js.map/4ee7b1610%Avira URL Cloudsafe
https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/sw.js.map/29290e03f931b88dc228d32a0295c7a0%Avira URL Cloudsafe
https://urldefense.com/v3/__http:/www.urbancorpssd.org/index.html__;0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
s-part-0014.t-0009.t-msedge.net
13.107.246.42
truefalse
    		unknown
    bg.microsoft.map.fastly.net
    		199.232.214.172
    		truefalse
      		unknown
      www.google.com
      		142.250.186.164
      		truefalse
        		unknown
        prdia888eus0aks.mkt.dynamics.com
        		52.146.76.30
        		truefalse
          		unknown
          s-part-0032.t-0009.t-msedge.net
          		13.107.246.60
          		truefalse
            		unknown
            prdia888wus0aks.mkt.dynamics.com
            		20.49.124.158
            		truefalse
              		unknown
              public-usa.mkt.dynamics.com
              		unknown
              		unknownfalse
                		unknown
                forms.office.com
                		unknown
                		unknownfalse
                  		unknown
                  assets-usa.mkt.dynamics.com
                  		unknown
                  		unknowntrue
                    		unknown
                    c.office.com
                    		unknown
                    		unknownfalse
                      		unknown
                      cdn.forms.office.net
                      		unknown
                      		unknownfalse
                        		unknown
                        lists.office.com
                        		unknown
                        		unknownfalse
                          		unknown

                          Contacted URLs

                          NameMaliciousAntivirus DetectionReputation
                          https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499/visitsfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?fid=b105fd92-33cc-447c-b000-df58cfaf4e89&type=visual&rnd=c3b6d445-c55a-490e-a171-56d758d0beaf&mkt=enfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=b105fd92-33cc-447c-b000-df58cfaf4e89&rnd=48c46033440a4adcaad070e562fb0a2c&market=enfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://assets-usa.mkt.dynamics.com/favicon.icotrue
                          • Avira URL Cloud: safe
                          		unknown
                          https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?dc=EastUS&mkt=en&fid=bbf60dad-072f-44d9-a6e7-e0931f50c482&type=visual&c=1&rnd=0.5199867511130329false
                          • Avira URL Cloud: safe
                          		unknown
                          https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499false
                          • Avira URL Cloud: safe
                          		unknown
                          https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=bbf60dad-072f-44d9-a6e7-e0931f50c482&rnd=457e8b8c9dd1497ba62a5c55b5b0b82d&market=enfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499true
                            		unknown
                            https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=bbf60dad-072f-44d9-a6e7-e0931f50c482&rnd=bfb5869cd5d147faa63611d80225b568&market=enfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499true
                            • Avira URL Cloud: safe
                            		unknown
                            https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?fid=bbf60dad-072f-44d9-a6e7-e0931f50c482&type=visual&rnd=2de0e11d-da42-446f-a718-00c44672625d&mkt=enfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://forms.office.com/pages/responsepage.aspx?id=m-YY3RuX2UeS4svj8aYQ3DeXDZSh651OljSHQ-HNcj5UQ0c1Q1hRTEZFWFRLODJTUkRXS1pQNVU2MS4utrue
                            • SlashNext: Credential Stealing type: Phishing & Social Engineering
                            		unknown

                            URLs from Memory and Binaries

                            NameSourceMaliciousAntivirus DetectionReputation
                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.min.32c356c.js.map/0cchromecache_280.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://aka.ms/FormsConsumerElite.chromecache_254.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_ext.1918055chromecache_281.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_groupnote.fchromecache_292.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-256.pngchromecache_298.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_saveresponschromecache_301.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.1ds.a8079b3.js.chromecache_277.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://doni2.r.ag.d.sendibm3.com/mk/cl/f/sh/OycZvHuFo1eQtVYsQwMXO2o3/Y3fF0MGRoEKkchromecache_268.9.dr, chromecache_300.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://urldefense.com/v3/__http:/www.urbancorpscharter.com/__;URBAN CORPS.pdffalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.officebrowserfechromecache_276.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.utel_1ds.625545chromecache_258.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://urldefense.com/v3/__http:/www.urbancorpssd.org/__;URBAN CORPS.pdffalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_post.boot.4chromecache_290.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://forms.office.com/r/4i3EYM0R1S)URBAN CORPS.pdffalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.sw.a6ac500.js.mchromecache_273.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpagefochromecache_284.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_cover.9b66bchromecache_255.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-192.pngchromecache_298.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-512.pngchromecache_298.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.utel.508f317.jschromecache_252.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/forms/ed6cc47chromecache_284.9.drtrue
                            • Avira URL Cloud: safe
                            		unknown
                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/dll-dompurify.min.bcf1a85.js.map/4ee7b161chromecache_297.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/sw.js.map/29290e03f931b88dc228d32a0295c7achromecache_283.9.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://urldefense.com/v3/__http:/www.urbancorpssd.org/index.html__;URBAN CORPS.pdffalse
                            • Avira URL Cloud: safe
                            		unknown

                            World Map of Contacted IPs

                            • No. of IPs < 25%
                            • 25% < No. of IPs < 50%
                            • 50% < No. of IPs < 75%
                            • 75% < No. of IPs

                            Public IPs

                            IPDomainCountryFlagASNASN NameMalicious
                            13.107.246.60
                            		s-part-0032.t-0009.t-msedge.netUnited States
                            		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                            20.49.124.158
                            		prdia888wus0aks.mkt.dynamics.comUnited States
                            		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                            52.146.76.30
                            		prdia888eus0aks.mkt.dynamics.comUnited States
                            		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                            239.255.255.250
                            		unknownReserved
                            		unknownunknownfalse
                            142.250.186.164
                            		www.google.comUnited States
                            		15169GOOGLEUSfalse

                            Private

                            IP
                            192.168.2.5

                            General Information

                            Joe Sandbox version:40.0.0 Tourmaline
                            Analysis ID:1467212
                            Start date and time:2024-07-03 21:15:53 +02:00
                            Joe Sandbox product:CloudBasic
                            Overall analysis duration:0h 5m 40s
                            Hypervisor based Inspection enabled:false
                            Report type:full
                            Cookbook file name:defaultwindowspdfcookbook.jbs
                            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                            Number of analysed new started processes analysed:13
                            Number of new started drivers analysed:0
                            Number of existing processes analysed:0
                            Number of existing drivers analysed:0
                            Number of injected processes analysed:0
                            Technologies:
                            • EGA enabled
                            • AMSI enabled
                            Analysis Mode:default
                            Analysis stop reason:Timeout
                            Sample name:URBAN CORPS.pdf
                            Detection:MAL
                            Classification:mal56.phis.winPDF@42/137@36/6
                            Cookbook Comments:
                            • Found application associated with file extension: .pdf
                            • Found PDF document
                            • Browse: https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499
                            • Close Viewer
                            • Browse: https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499

                            Warnings

                            • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, WmiPrvSE.exe, svchost.exe
                            • Excluded IPs from analysis (whitelisted): 2.19.244.159, 34.237.241.83, 54.224.241.105, 50.16.47.176, 18.213.11.84, 162.159.61.3, 172.64.41.3, 2.16.202.123, 95.101.54.195, 88.221.168.141, 199.232.214.172, 88.221.110.120, 88.221.110.59, 88.221.110.89, 88.221.110.91, 88.221.110.115, 88.221.110.99, 88.221.110.64, 2.16.100.162, 192.229.221.95, 88.221.110.97, 88.221.110.83, 88.221.110.74, 88.221.110.82, 88.221.110.90, 88.221.110.113, 88.221.110.88, 13.107.6.194, 216.58.206.35, 142.250.184.206, 74.125.71.84, 34.104.35.123, 2.18.121.134, 2.18.121.147, 142.250.184.202, 172.217.16.202, 172.217.18.10, 216.58.206.42, 216.58.206.74, 142.250.185.106, 172.217.23.106, 142.250.185.74, 142.250.186.74, 142.250.186.42, 142.250.186.106, 142.250.184.234, 172.217.18.106, 142.250.186.138, 142.250.186.170, 142.250.181.234, 52.111.243.106, 2.21.22.185, 2.21.22.168, 13.74.129.1, 204.79.197.237, 13.107.21.237, 51.11.192.49, 52.168.112.67, 142.250.185.202, 142.250.185.138, 142.250.185.234, 216.58.212.170, 142.250.185.170, 142.250.74.202,
                            • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, cdn.forms.office.net.edgesuite.net, clientservices.googleapis.com, browser.events.data.trafficmanager.net, acroipm2.adobe.com, cxppusa1im4t7x7z5iubq.trafficmanager.net, a1952.dscq.akamai.net, clients2.google.com, ocsp.digicert.com, ssl-delivery.adobe.com.edgekey.net, prod.lists.office.com.akadns.net, a122.dscd.akamai.net, onedscolprdfrc07.francecentral.cloudapp.azure.com, update.googleapis.com, apps.identrust.com, wu-b-net.trafficmanager.net, b-0039.b-msedge.net, fs.microsoft.com, identrust.edgesuite.net, content-autofill.googleapis.com, acroipm2.adobe.com.edgesuite.net, c-bing-com.dual-a-0034.a-msedge.net, ssl.adobe.com.edgekey.net, edgedl.me.gvt1.com, c.bing.com, onedscolprdeus04.eastus.cloudapp.azure.com, clients.l.google.com, geo2.adobe.com, e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, e4578.dscb.akamaiedge.net, c-msn-com-nsatc.trafficmanager.net, assets-mkt-usa.azureedge.net, assets-mkt-usa.afd.azureedge.net, optimizationg
                            • Not all processes where analyzed, report is missing behavior information
                            • Report size exceeded maximum capacity and may have missing behavior information.
                            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                            • VT rate limit hit for: URBAN CORPS.pdf

                            Simulations

                            Behavior and APIs

                            TimeTypeDescription
                            15:16:54API Interceptor2x Sleep call for process: AcroCEF.exe modified

                            LLM Input / Output

                            InputOutput
                            URL: https://forms.office.com/pages/responsepage.aspx?id=m-YY3RuX2UeS4svj8aYQ3DeXDZSh651OljSHQ-HNcj5UQ0c1Q1hRTEZFWFRLODJTUkRXS1pQNVU2MS4u Model: Perplexity: mixtral-8x7b-instruct
                            {"loginform": false,"urgency": true,
                            Title: You have received 3 documents for your review. OCR:  Microsoft You have received 3 documents for your review. This message was sent to you to protect sensitive information. https:/(assets-usa.mkt.dynamicsa:om/8eafd458-f837-efl 1-8e4b-CQ2482aac2c/dig italassets/stan dalonefo rms/ed6cc479- cc38-ef11-8409-7c1 eS20ba499
                            URL: https://forms.office.com/pages/responsepage.aspx?id=m-YY3RuX2UeS4svj8aYQ3DeXDZSh651OljSHQ-HNcj5UQ0c1Q1hRTEZFWFRLODJTUkRXS1pQNVU2MS4u Model: Perplexity: mixtral-8x7b-instruct
                            {"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form, as there is no explicit request for sensitive information such as passwords, email addresses, usernames, phone numbers, or credit card numbers.","The text does not create a sense of urgency, as it does not contain phrases such as 'click here to view document', 'to view secured document click here', or 'open the link to see your invoice'.","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]}
                            Title: You have received 3 documents for your review. OCR: You have received 3 documents for your review. This message was sent to you to protect sensitive information. hps:/tassets-usa.mkt.dynamics.com/8eafd4S8-f837-efl 1-8e4b-0022482aac2c/dig italessets/standalonefo rms/ed6cc479- cc38-ef11-8409-7c1 eS20ba499
                            URL: https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499 Model: Perplexity: mixtral-8x7b-instruct
                            {"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form, as it does not request any sensitive information like passwords, email addresses, usernames, phone numbers, or credit card numbers.","The text 'Review Document' does not create a sense of urgency, it simply asks the user to review a document.","There is no CAPTCHA or anti-robot detection mechanism present on the webpage."]}
                            Title: Marketing Form OCR: Review Document
                            URL: https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499 Model: Perplexity: mixtral-8x7b-instruct
                            {"loginform": false,"urgency": false,"captcha": true,"reasons": ["The webpage contains a CAPTCHA mechanism, which is indicated by the text 'Enter the characters you see'.","The text 'New I Audio Review Document' does not create a sense of urgency as it is a neutral statement and does not pressure the user to take immediate action."]}
                            Title: Marketing Form OCR: Enter the characters you see New I Audio Review Document
                            URL: PDF Model: gpt-4o
                            ```json{  "riskscore": 7,  "reasons": "The PDF document contains a visually prominent link labeled 'URBAN CORPS - Kyle Document'. The text creates a sense of urgency by stating that proposals are due by a specific date and time. The document also impersonates a well-known organization, Urban Corps of San Diego County, which adds credibility and can mislead the user. The sense of urgency is directly connected to the prominent link, which increases the likelihood of the user clicking on it without proper scrutiny. These factors combined indicate a high risk of phishing or malware."}
                            URL: https://assets-usa.mkt.dynamics.com Model: gpt-4o
                            ```json{  "phishing_score": 7,  "brands": "Microsoft Dynamics",  "phishing": true,  "suspicious_domain": true,  "has_prominent_loginform": true,  "has_captcha": true,  "setechniques": true,  "has_suspicious_link": false,  "legitmate_domain": "dynamics.com",  "reasons": "The URL 'https://assets-usa.mkt.dynamics.com' appears suspicious due to the use of multiple subdomains ('assets-usa.mkt'). While 'dynamics.com' is a legitimate domain associated with Microsoft Dynamics, the additional subdomains could be an attempt to mislead users. The page prominently features a CAPTCHA and a button labeled 'Review Document,' which is a common tactic used in phishing to prompt user interaction. The presence of social engineering techniques, such as the CAPTCHA and the prompt to review a document, further raises suspicion. Therefore, this site is likely a phishing site."}

                            Joe Sandbox View / Context

                            IPs

                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                            20.49.124.158The Siedenburg Group #24-051-553861 Project.pdfGet hashmaliciousUnknownBrowse
                              The Siedenburg Group #24-051-553861 Project.pdfGet hashmaliciousUnknownBrowse
                                https://assets-usa.mkt.dynamics.com/d7d7d53b-67f7-ee11-9046-6045bda8c213/digitalassets/standaloneforms/a8a5d076-d2fc-ee11-a1fe-6045bda76c78Get hashmaliciousOutlook Phishing, HTMLPhisherBrowse
                                  https://assets-usa.mkt.dynamics.com/97c9a062-91f8-ee11-9048-6045bd00330f/digitalassets/standaloneforms/8ba5ff5d-a1f8-ee11-a1ff-6045bd006d62Get hashmaliciousFake Captcha, HTMLPhisherBrowse
                                    https://assets-usa.mkt.dynamics.com/3898f941-49bf-ee11-9075-6045bd003038/digitalassets/standaloneforms/6eda089b-bcc9-ee11-9078-000d3a37cb9aGet hashmaliciousUnknownBrowse
                                      239.255.255.250https://link.mail.beehiiv.com/ls/click?upn=u001.DTQiLe1mLQCNek4IXPrb3cd8am3-2BtbSaRRShUhZCbhF1FE2NDum-2B9YeqhMivZ-2FcIJGKdOjfqgyCSTZimAiOiNKkJG3N5vgYBNDNlk5YkmOU2XPb-2FKTFlF-2Fc7jFH7Nb8Q0JW6uJclJabjCcGs0cWdzdydwDpcxzScPZQBex7SofyQj6MGdYzEG8hbxGGqYt2bpR0NjPAx6JIYz6GJiSrQNg-3D-3DNN1n_VW5ZEdFpCuXmC2nf4fwMfiBmdui0O95PSMmp4s-2F2oS3jvSHISWr6XQl8RtHpD7TWmHpRBlT8NsCamUZaroeFibjayeskXeuNnFhPFOon1-2FD6SmbcpIEUC7jghzzXsggajKIODB16RJEeGNz4SFHe6mT-2Bn59v08ju13fD9NtKJQcr97qiQNjiGiaoQJcvN3gUurUBqLZp9I4f9bNW54ZUVVCzpwaogbLaWcL9oScbt8r4Ku34t9zOqlF27gTqXVf6T2MbNMKkoCYnb-2BuL8kIZdyoRM3EFOIuktrG5gMH3OTa1K2klBhmxFOQ2d7plqd5asAi8Ofl9YcYOh-2FL4f45riCQtSdd7jru06EkHcBuJahi-2BD3xm-2F7PbjpIpmn-2Bu7KYdjQeOSKE-2FSiD6UNxc7JQNRWkdnK1RTC7eoEMZms82uCa8fJQIoMgqBt91NrcdZIDONaGhhpHXRhQ1VbYp5h6Cow-3D-3D#?email=YWx5c2EuYUBjZW50dXJ5Yml6c29sdXRpb25zLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                        http://sagilityhealth.comGet hashmaliciousUnknownBrowse
                                          https://hr.economictimes.indiatimes.com/etl.php?url=//uiytrewrtyuiouyt.pages.dev/Get hashmaliciousUnknownBrowse
                                            https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3A%2F%2Flodgesonvashon.us11.list-manage.com%2Ftrack%2Fclick%3Fu%3D7bd9671a0b3250a7fef40b908%26id%3Dd8775abc58%26e%3D176d192631&umid=dd8a56c0-7dd4-4bb3-bb0e-81b56ebc53fa&auth=f59947c46ffdca8529044338828c8694fe545b0c-e8ce5e3cd8a069926d864ab292898eb1f0993e46Get hashmaliciousUnknownBrowse
                                              https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3A%2F%2Flodgesonvashon.us11.list-manage.com%2Ftrack%2Fclick%3Fu%3D7bd9671a0b3250a7fef40b908%26id%3Dd8775abc58%26e%3D176d192631&umid=dd8a56c0-7dd4-4bb3-bb0e-81b56ebc53fa&auth=f59947c46ffdca8529044338828c8694fe545b0c-e8ce5e3cd8a069926d864ab292898eb1f0993e46Get hashmaliciousHTMLPhisherBrowse
                                                23eb97f4-980c-745d-c5e2-6fdb70189e48.emlGet hashmaliciousHTMLPhisherBrowse
                                                  https://hr.economictimes.indiatimes.com/etl.php?url=https://hr.economictimes.indiatimes.com/etl.php?url=//uiytrewrtyuiouyt.pages.dev/#?email=a2V2aW4uai5oYW5zZW5AeGNlbGVuZXJneS5jb20=Get hashmaliciousHTMLPhisherBrowse
                                                    https://truecommerceedi-my.sharepoint.com/:o:/g/personal/doug_linek_truecommerce_com/EiyWH-QHx4BNkzCWTtkFfUIB_LOEdcSk9TIJqvvJ9XzR1g?e=5%3aMKiHAE&at=9Get hashmaliciousHTMLPhisherBrowse
                                                      payment.htmlGet hashmaliciousPhisherBrowse
                                                        Groupe ECADE_00_Paiement de facture_9911.pdfGet hashmaliciousUnknownBrowse
                                                          52.146.76.30The Siedenburg Group #24-051-553861 Project.pdfGet hashmaliciousUnknownBrowse
                                                            https://forms.office.com/Pages/ResponsePage.aspx?id=kZA3HqH2gEqpwIcJGXLNuDBzT6g5ZNhMmL9jEsYwErtUMzhHMkkxTzRBOUVVUEhRNFZQS1JVNFNLOS4uGet hashmaliciousUnknownBrowse
                                                              The Siedenburg Group #24-051-553861 Project.pdfGet hashmaliciousUnknownBrowse
                                                                https://www.linkedin.com/redir/redirect?url=https%3A%2F%2Fassets-usa.mkt.dynamics.com%2F12f924f7-8132-ef11-8e4b-0022482ab022%2Fdigitalassets%2Fstandaloneforms%2F5d3fb7d5-9432-ef11-8409-7c1e520bad93&urlhash=FTy9&trk=public_profile-settings_topcard-websiteGet hashmaliciousUnknownBrowse
                                                                  https://www.linkedin.com/redir/redirect?url=https%3A%2F%2Fassets-usa.mkt.dynamics.com%2F12f924f7-8132-ef11-8e4b-0022482ab022%2Fdigitalassets%2Fstandaloneforms%2F5d3fb7d5-9432-ef11-8409-7c1e520bad93&urlhash=FTy9&trk=public_profile-settings_topcard-websiteGet hashmaliciousUnknownBrowse
                                                                    https://www.linkedin.com/redir/redirect?url=https%3A%2F%2Fassets-usa%2Emkt%2Edynamics%2Ecom%2F5513f990-d232-ef11-8e4b-000d3a98a01a%2Fdigitalassets%2Fstandaloneforms%2F12aaa575-c233-ef11-8409-000d3a4effc3&urlhash=z-cH&trk=public_profile-settings_topcard-websiteGet hashmaliciousHTMLPhisherBrowse
                                                                      https://www.linkedin.com/redir/redirect?url=https%3A%2F%2Fassets-usa%2Emkt%2Edynamics%2Ecom%2F5513f990-d232-ef11-8e4b-000d3a98a01a%2Fdigitalassets%2Fstandaloneforms%2F12aaa575-c233-ef11-8409-000d3a4effc3&urlhash=z-cH&trk=public_profile-settings_topcard-websiteGet hashmaliciousHTMLPhisherBrowse
                                                                        https://contactmonkey.com/api/v1/tracker?cm_session=6cb0d7b4-7514-49ed-a422-137958b36105&cs=d01410f1-e93a-498a-bdf9-aed95ac45c9b&cm_type=link&cm_link=c38d4278-31b3-4240-b05e-868db3a168a7&cm_destination=https://contactmonkey.com/api/v1/tracker?cm_session=78cba606-2264-447f-bc39-Nationalraisin&cs=825ad42b-2c78-40c6-8587-3b0541fc1564&cm_type=link&cm_link=0da11854-d710-40c4-8250-bcd92bcc7ee9&cm_destination=//assets-usa.mkt.dynamics.com/2cd19119-032d-ef11-8406-000d3a342d2d/digitalassets/standaloneforms/1799700c-1f2d-ef11-840a-000d3a5c988f??Get hashmaliciousUnknownBrowse
                                                                          https://assets-usa.mkt.dynamics.com/abe70e4d-5c1e-ef11-8404-000d3a10682d/digitalassets/standaloneforms/a6de0794-2621-ef11-840a-0022481fd617Get hashmaliciousUnknownBrowse
                                                                            hXXps://url2.mailanyone%5B.%5Dnet/scanner?m=1s3cWM-0007Zq-3j&d=4%7Cmail%2F90%2F1714917600%2F1s3cWM-0007Zq-3j%7Cin2c%7C57e1b682%7C28613012%7C14303582%7C663792961556323F60CA7719E24FBD2A&o=%2Fphtu%3A%2Fptsacblmus.i-mdktcnai.ypos.%2F%2Faicm4sore6a1g%2F9-90e40-bd3-f16f8-193b04100e5di%2F5%2FKvEDrF30gZAMUpE-A4D1AQEAGZtaA%3F%25ge%3Dtrr27BeTag%252%25ltUA223r%25sh%2522tp%252tF%2553252%25A2fg52ueerFrornnz.c.es25a%25%25F%25222d22CrRei%252oOecstintp7%25%252%25A%25B233%2522n2%25A522%25ul1C%252l2u%25%252lAnl23d%25%257gD%26iD7U%3DesLtFOt8q8bqVJ1W8k02PQlIwVO4c2lKft5o%25BBn7e%25G1kRCes3DVcrt%26eaier8n%3D5so27754bdd9b3bbaf4343bee51eb8d6&s=WdYCVSQ9Sc0_DEjTfgsDBAJMLLEGet hashmaliciousHTMLPhisherBrowse
                                                                              13.107.246.6023eb97f4-980c-745d-c5e2-6fdb70189e48.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                https://sharesync.serverdata.net/us/s/kQGbuGpOyjwFkYowji449I003d1010Get hashmaliciousUnknownBrowse
                                                                                  https://m.exactag.com/ai.aspx?tc=d9550673bc40b07205bbd26a23a8d2e6b6b4f9&url=%68%74%74%70%25%33%41tuskerdigital.com%2Fwinner%2F24968%2F%2FdHJ1bXBzdWNrc2RpY2tAbWFpbC5ydQ==Get hashmaliciousHTMLPhisherBrowse
                                                                                    https://m.exactag.com/ai.aspx?tc=d9177038bc40b07205bbd26a23a8d2e6b6b4f9&url=http%253Atheannapolis250.org%2Fwinner%2F14136%2F%2FYnJhbndlbGwubW9mZmF0QGtwcy5jb20=Get hashmaliciousHTMLPhisherBrowse
                                                                                      pago pendientes.xlsGet hashmaliciousUnknownBrowse
                                                                                        457525.xlsGet hashmaliciousUnknownBrowse
                                                                                          https://emea.dcv.ms/xAUEwUn0yq&c=E,1,toHboUmwDMlhwr-wc7dBvpYkcIiHsLy6ICiYedy6zqFMHJPZP4VPyK8zV2e78vqw1ZiSYyf8djJ0Qg64xCBVUCvFvYwJhqpWb_urHJ65A88aoiyybtSIFaPo&typo=1Get hashmaliciousUnknownBrowse
                                                                                            https://pub-9445ce0d74714d1c934c51ffcf83c3f2.r2.dev/slnt.html?nycsbsGet hashmaliciousHTMLPhisherBrowse
                                                                                              The Siedenburg Group #24-051-553861 Project.pdfGet hashmaliciousUnknownBrowse
                                                                                                https://forms.office.com/Pages/ResponsePage.aspx?id=kZA3HqH2gEqpwIcJGXLNuDBzT6g5ZNhMmL9jEsYwErtUMzhHMkkxTzRBOUVVUEhRNFZQS1JVNFNLOS4uGet hashmaliciousUnknownBrowse

                                                                                                  Domains

                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                  s-part-0014.t-0009.t-msedge.nethttps://app.box.com/s/0818uk4femepnk27set00nsfufvakx91Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.246.42
                                                                                                  https://troy-acoustics.neetoform.com/25d7349ac44d8bc00661Get hashmaliciousPhisherBrowse
                                                                                                  • 13.107.246.42
                                                                                                  https://sharesync.serverdata.net/us/s/kQGbuGpOyjwFkYowji449I003d1010Get hashmaliciousUnknownBrowse
                                                                                                  • 13.107.246.42
                                                                                                  https://m.exactag.com/ai.aspx?tc=d9550673bc40b07205bbd26a23a8d2e6b6b4f9&url=%68%74%74%70%25%33%41tuskerdigital.com%2Fwinner%2F24968%2F%2FdHJ1bXBzdWNrc2RpY2tAbWFpbC5ydQ==Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.246.42
                                                                                                  https://lnkd.in/exwPeXjcGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.246.42
                                                                                                  https://netorg7716231-my.sharepoint.com/:f:/g/personal/schamness_jessenmfg_com/EpvvFD967V1ApGKFME3zg84BIzVZPMLc9RCaE7D0w7YFPA?e=hGdbPgGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.246.42
                                                                                                  https://u6071375.ct.sendgrid.net/ls/click?upn=u001.jNebCYco-2BJgBMGJDj1kJWP39IKixFvDeSBij1PLovvXT0hkMSWjEhuIEgwQ-2F309CwGFmoY6-2Bl45VLW7K9Sd8-2Fg-3D-3Dm1D8_bgsmQmhs-2BDkrnAcljUiGIti1-2F3303-2FliL2Lyr586-2FN9rAlBFKILfRyjObk6Iz5-2FtMSxC-2FhiWOZXbqnmzeZXBiy3CSpPIYxz2-2BTcFMtFX6z-2FFKaL9cuMNNsd9H8Soth9M-2BiGwIhw5kRyphke6a8RYyV0rtdDONsX7lNk6Cr796v-2FIJZ8nzBJ39o6b-2FDySakEM-2B9nvScrgUWzDogJp7LxfPQ-3D-3DGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.246.42
                                                                                                  The Siedenburg Group #24-051-553861 Project.pdfGet hashmaliciousUnknownBrowse
                                                                                                  • 13.107.246.42
                                                                                                  https://forms.office.com/Pages/ResponsePage.aspx?id=kZA3HqH2gEqpwIcJGXLNuDBzT6g5ZNhMmL9jEsYwErtUMzhHMkkxTzRBOUVVUEhRNFZQS1JVNFNLOS4uGet hashmaliciousUnknownBrowse
                                                                                                  • 13.107.246.42
                                                                                                  The Siedenburg Group #24-051-553861 Project.pdfGet hashmaliciousUnknownBrowse
                                                                                                  • 13.107.246.42
                                                                                                  s-part-0032.t-0009.t-msedge.net23eb97f4-980c-745d-c5e2-6fdb70189e48.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.246.60
                                                                                                  https://app.box.com/s/0818uk4femepnk27set00nsfufvakx91Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.246.60
                                                                                                  https://sharesync.serverdata.net/us/s/kQGbuGpOyjwFkYowji449I003d1010Get hashmaliciousUnknownBrowse
                                                                                                  • 13.107.246.60
                                                                                                  https://m.exactag.com/ai.aspx?tc=d9550673bc40b07205bbd26a23a8d2e6b6b4f9&url=%68%74%74%70%25%33%41tuskerdigital.com%2Fwinner%2F24968%2F%2FdHJ1bXBzdWNrc2RpY2tAbWFpbC5ydQ==Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.246.60
                                                                                                  https://m.exactag.com/ai.aspx?tc=d9177038bc40b07205bbd26a23a8d2e6b6b4f9&url=http%253Atheannapolis250.org%2Fwinner%2F14136%2F%2FYnJhbndlbGwubW9mZmF0QGtwcy5jb20=Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.246.60
                                                                                                  pago pendientes.xlsGet hashmaliciousUnknownBrowse
                                                                                                  • 13.107.246.60
                                                                                                  457525.xlsGet hashmaliciousUnknownBrowse
                                                                                                  • 13.107.246.60
                                                                                                  https://emea.dcv.ms/xAUEwUn0yq&c=E,1,toHboUmwDMlhwr-wc7dBvpYkcIiHsLy6ICiYedy6zqFMHJPZP4VPyK8zV2e78vqw1ZiSYyf8djJ0Qg64xCBVUCvFvYwJhqpWb_urHJ65A88aoiyybtSIFaPo&typo=1Get hashmaliciousUnknownBrowse
                                                                                                  • 13.107.246.60
                                                                                                  https://pub-9445ce0d74714d1c934c51ffcf83c3f2.r2.dev/slnt.html?nycsbsGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.246.60
                                                                                                  The Siedenburg Group #24-051-553861 Project.pdfGet hashmaliciousUnknownBrowse
                                                                                                  • 13.107.246.60
                                                                                                  bg.microsoft.map.fastly.nethttp://sagilityhealth.comGet hashmaliciousUnknownBrowse
                                                                                                  • 199.232.210.172
                                                                                                  https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3A%2F%2Flodgesonvashon.us11.list-manage.com%2Ftrack%2Fclick%3Fu%3D7bd9671a0b3250a7fef40b908%26id%3Dd8775abc58%26e%3D176d192631&umid=dd8a56c0-7dd4-4bb3-bb0e-81b56ebc53fa&auth=f59947c46ffdca8529044338828c8694fe545b0c-e8ce5e3cd8a069926d864ab292898eb1f0993e46Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 199.232.214.172
                                                                                                  Groupe ECADE_00_Paiement de facture_9911.pdfGet hashmaliciousUnknownBrowse
                                                                                                  • 199.232.214.172
                                                                                                  http://yournewstech.comGet hashmaliciousUnknownBrowse
                                                                                                  • 199.232.214.172
                                                                                                  ZS5.dllGet hashmaliciousBlackMoonBrowse
                                                                                                  • 199.232.210.172
                                                                                                  https://troy-acoustics.neetoform.com/25d7349ac44d8bc00661Get hashmaliciousPhisherBrowse
                                                                                                  • 199.232.214.172
                                                                                                  RFQ-099409.exeGet hashmaliciousFormBookBrowse
                                                                                                  • 199.232.210.172
                                                                                                  RFQ-099409.exeGet hashmaliciousFormBookBrowse
                                                                                                  • 199.232.210.172
                                                                                                  2cFFfHDG7D.msiGet hashmaliciousAteraAgentBrowse
                                                                                                  • 199.232.214.172
                                                                                                  BL Draft.exeGet hashmaliciousFormBookBrowse
                                                                                                  • 199.232.210.172
                                                                                                  prdia888eus0aks.mkt.dynamics.comThe Siedenburg Group #24-051-553861 Project.pdfGet hashmaliciousUnknownBrowse
                                                                                                  • 52.146.76.30
                                                                                                  https://forms.office.com/Pages/ResponsePage.aspx?id=kZA3HqH2gEqpwIcJGXLNuDBzT6g5ZNhMmL9jEsYwErtUMzhHMkkxTzRBOUVVUEhRNFZQS1JVNFNLOS4uGet hashmaliciousUnknownBrowse
                                                                                                  • 52.146.76.30
                                                                                                  The Siedenburg Group #24-051-553861 Project.pdfGet hashmaliciousUnknownBrowse
                                                                                                  • 52.146.76.30
                                                                                                  https://www.linkedin.com/redir/redirect?url=https%3A%2F%2Fassets-usa.mkt.dynamics.com%2F12f924f7-8132-ef11-8e4b-0022482ab022%2Fdigitalassets%2Fstandaloneforms%2F5d3fb7d5-9432-ef11-8409-7c1e520bad93&urlhash=FTy9&trk=public_profile-settings_topcard-websiteGet hashmaliciousUnknownBrowse
                                                                                                  • 52.146.76.30
                                                                                                  https://www.linkedin.com/redir/redirect?url=https%3A%2F%2Fassets-usa.mkt.dynamics.com%2F12f924f7-8132-ef11-8e4b-0022482ab022%2Fdigitalassets%2Fstandaloneforms%2F5d3fb7d5-9432-ef11-8409-7c1e520bad93&urlhash=FTy9&trk=public_profile-settings_topcard-websiteGet hashmaliciousUnknownBrowse
                                                                                                  • 52.146.76.30
                                                                                                  https://www.linkedin.com/redir/redirect?url=https%3A%2F%2Fassets-usa%2Emkt%2Edynamics%2Ecom%2F5513f990-d232-ef11-8e4b-000d3a98a01a%2Fdigitalassets%2Fstandaloneforms%2F12aaa575-c233-ef11-8409-000d3a4effc3&urlhash=z-cH&trk=public_profile-settings_topcard-websiteGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 52.146.76.30
                                                                                                  https://www.linkedin.com/redir/redirect?url=https%3A%2F%2Fassets-usa%2Emkt%2Edynamics%2Ecom%2F5513f990-d232-ef11-8e4b-000d3a98a01a%2Fdigitalassets%2Fstandaloneforms%2F12aaa575-c233-ef11-8409-000d3a4effc3&urlhash=z-cH&trk=public_profile-settings_topcard-websiteGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 52.146.76.30
                                                                                                  https://contactmonkey.com/api/v1/tracker?cm_session=6cb0d7b4-7514-49ed-a422-137958b36105&cs=d01410f1-e93a-498a-bdf9-aed95ac45c9b&cm_type=link&cm_link=c38d4278-31b3-4240-b05e-868db3a168a7&cm_destination=https://contactmonkey.com/api/v1/tracker?cm_session=78cba606-2264-447f-bc39-Nationalraisin&cs=825ad42b-2c78-40c6-8587-3b0541fc1564&cm_type=link&cm_link=0da11854-d710-40c4-8250-bcd92bcc7ee9&cm_destination=//assets-usa.mkt.dynamics.com/2cd19119-032d-ef11-8406-000d3a342d2d/digitalassets/standaloneforms/1799700c-1f2d-ef11-840a-000d3a5c988f??Get hashmaliciousUnknownBrowse
                                                                                                  • 52.146.76.30
                                                                                                  https://assets-usa.mkt.dynamics.com/abe70e4d-5c1e-ef11-8404-000d3a10682d/digitalassets/standaloneforms/a6de0794-2621-ef11-840a-0022481fd617Get hashmaliciousUnknownBrowse
                                                                                                  • 52.146.76.30
                                                                                                  hXXps://url2.mailanyone%5B.%5Dnet/scanner?m=1s3cWM-0007Zq-3j&d=4%7Cmail%2F90%2F1714917600%2F1s3cWM-0007Zq-3j%7Cin2c%7C57e1b682%7C28613012%7C14303582%7C663792961556323F60CA7719E24FBD2A&o=%2Fphtu%3A%2Fptsacblmus.i-mdktcnai.ypos.%2F%2Faicm4sore6a1g%2F9-90e40-bd3-f16f8-193b04100e5di%2F5%2FKvEDrF30gZAMUpE-A4D1AQEAGZtaA%3F%25ge%3Dtrr27BeTag%252%25ltUA223r%25sh%2522tp%252tF%2553252%25A2fg52ueerFrornnz.c.es25a%25%25F%25222d22CrRei%252oOecstintp7%25%252%25A%25B233%2522n2%25A522%25ul1C%252l2u%25%252lAnl23d%25%257gD%26iD7U%3DesLtFOt8q8bqVJ1W8k02PQlIwVO4c2lKft5o%25BBn7e%25G1kRCes3DVcrt%26eaier8n%3D5so27754bdd9b3bbaf4343bee51eb8d6&s=WdYCVSQ9Sc0_DEjTfgsDBAJMLLEGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 52.146.76.30

                                                                                                  ASNs

                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                  MICROSOFT-CORP-MSN-AS-BLOCKUS23eb97f4-980c-745d-c5e2-6fdb70189e48.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 52.109.76.243
                                                                                                  https://truecommerceedi-my.sharepoint.com/:o:/g/personal/doug_linek_truecommerce_com/EiyWH-QHx4BNkzCWTtkFfUIB_LOEdcSk9TIJqvvJ9XzR1g?e=5%3aMKiHAE&at=9Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.136.10
                                                                                                  Untitled.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 104.47.73.156
                                                                                                  Untitled.msgGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 52.109.28.46
                                                                                                  https://app.box.com/s/0818uk4femepnk27set00nsfufvakx91Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 52.98.242.242
                                                                                                  https://troy-acoustics.neetoform.com/25d7349ac44d8bc00661Get hashmaliciousPhisherBrowse
                                                                                                  • 13.107.246.42
                                                                                                  https://sharesync.serverdata.net/us/s/kQGbuGpOyjwFkYowji449I003d1010Get hashmaliciousUnknownBrowse
                                                                                                  • 13.107.246.60
                                                                                                  BDQfYL99b2.exeGet hashmaliciousRemcosBrowse
                                                                                                  • 52.168.117.173
                                                                                                  https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkAGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.136.10
                                                                                                  https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkAGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.136.10
                                                                                                  MICROSOFT-CORP-MSN-AS-BLOCKUS23eb97f4-980c-745d-c5e2-6fdb70189e48.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 52.109.76.243
                                                                                                  https://truecommerceedi-my.sharepoint.com/:o:/g/personal/doug_linek_truecommerce_com/EiyWH-QHx4BNkzCWTtkFfUIB_LOEdcSk9TIJqvvJ9XzR1g?e=5%3aMKiHAE&at=9Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.136.10
                                                                                                  Untitled.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 104.47.73.156
                                                                                                  Untitled.msgGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 52.109.28.46
                                                                                                  https://app.box.com/s/0818uk4femepnk27set00nsfufvakx91Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 52.98.242.242
                                                                                                  https://troy-acoustics.neetoform.com/25d7349ac44d8bc00661Get hashmaliciousPhisherBrowse
                                                                                                  • 13.107.246.42
                                                                                                  https://sharesync.serverdata.net/us/s/kQGbuGpOyjwFkYowji449I003d1010Get hashmaliciousUnknownBrowse
                                                                                                  • 13.107.246.60
                                                                                                  BDQfYL99b2.exeGet hashmaliciousRemcosBrowse
                                                                                                  • 52.168.117.173
                                                                                                  https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkAGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.136.10
                                                                                                  https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkAGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.136.10
                                                                                                  MICROSOFT-CORP-MSN-AS-BLOCKUS23eb97f4-980c-745d-c5e2-6fdb70189e48.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 52.109.76.243
                                                                                                  https://truecommerceedi-my.sharepoint.com/:o:/g/personal/doug_linek_truecommerce_com/EiyWH-QHx4BNkzCWTtkFfUIB_LOEdcSk9TIJqvvJ9XzR1g?e=5%3aMKiHAE&at=9Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.136.10
                                                                                                  Untitled.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 104.47.73.156
                                                                                                  Untitled.msgGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 52.109.28.46
                                                                                                  https://app.box.com/s/0818uk4femepnk27set00nsfufvakx91Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 52.98.242.242
                                                                                                  https://troy-acoustics.neetoform.com/25d7349ac44d8bc00661Get hashmaliciousPhisherBrowse
                                                                                                  • 13.107.246.42
                                                                                                  https://sharesync.serverdata.net/us/s/kQGbuGpOyjwFkYowji449I003d1010Get hashmaliciousUnknownBrowse
                                                                                                  • 13.107.246.60
                                                                                                  BDQfYL99b2.exeGet hashmaliciousRemcosBrowse
                                                                                                  • 52.168.117.173
                                                                                                  https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkAGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.136.10
                                                                                                  https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkAGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 13.107.136.10

                                                                                                  JA3 Fingerprints

                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                  1138de370e523e824bbca92d049a3777https://link.mail.beehiiv.com/ls/click?upn=u001.DTQiLe1mLQCNek4IXPrb3cd8am3-2BtbSaRRShUhZCbhF1FE2NDum-2B9YeqhMivZ-2FcIJGKdOjfqgyCSTZimAiOiNKkJG3N5vgYBNDNlk5YkmOU2XPb-2FKTFlF-2Fc7jFH7Nb8Q0JW6uJclJabjCcGs0cWdzdydwDpcxzScPZQBex7SofyQj6MGdYzEG8hbxGGqYt2bpR0NjPAx6JIYz6GJiSrQNg-3D-3DNN1n_VW5ZEdFpCuXmC2nf4fwMfiBmdui0O95PSMmp4s-2F2oS3jvSHISWr6XQl8RtHpD7TWmHpRBlT8NsCamUZaroeFibjayeskXeuNnFhPFOon1-2FD6SmbcpIEUC7jghzzXsggajKIODB16RJEeGNz4SFHe6mT-2Bn59v08ju13fD9NtKJQcr97qiQNjiGiaoQJcvN3gUurUBqLZp9I4f9bNW54ZUVVCzpwaogbLaWcL9oScbt8r4Ku34t9zOqlF27gTqXVf6T2MbNMKkoCYnb-2BuL8kIZdyoRM3EFOIuktrG5gMH3OTa1K2klBhmxFOQ2d7plqd5asAi8Ofl9YcYOh-2FL4f45riCQtSdd7jru06EkHcBuJahi-2BD3xm-2F7PbjpIpmn-2Bu7KYdjQeOSKE-2FSiD6UNxc7JQNRWkdnK1RTC7eoEMZms82uCa8fJQIoMgqBt91NrcdZIDONaGhhpHXRhQ1VbYp5h6Cow-3D-3D#?email=YWx5c2EuYUBjZW50dXJ5Yml6c29sdXRpb25zLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 23.1.237.91
                                                                                                  http://yournewstech.comGet hashmaliciousUnknownBrowse
                                                                                                  • 23.1.237.91
                                                                                                  https://troy-acoustics.neetoform.com/25d7349ac44d8bc00661Get hashmaliciousPhisherBrowse
                                                                                                  • 23.1.237.91
                                                                                                  BL Draft.exeGet hashmaliciousFormBookBrowse
                                                                                                  • 23.1.237.91
                                                                                                  https://url.us.m.mimecastprotect.com/s/GSubCpYn1pC4mvoJtD-hLP?domain=brileyfinancial-my.sharepoint.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 23.1.237.91
                                                                                                  https://www.filemail.com/t/RuKZYfeBGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 23.1.237.91
                                                                                                  osr730ky3m.exeGet hashmaliciousUnknownBrowse
                                                                                                  • 23.1.237.91
                                                                                                  https://hr.economictimes.indiatimes.com/etl.php?url=https://hr.economictimes.indiatimes.com/etl.php?url=//maansaa.com/new/auth//xp8tpwsulfhjn/%2F/YW5keS5ncmVmcmF0aEBrcHMuY29tGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 23.1.237.91
                                                                                                  https://liga-rosta.rest/Get hashmaliciousUnknownBrowse
                                                                                                  • 23.1.237.91
                                                                                                  https://drive.google.com/file/d/1hoYv9TPKcR0hItoqz6dLm86GrOGkF9F7/viewGet hashmaliciousUnknownBrowse
                                                                                                  • 23.1.237.91
                                                                                                  28a2c9bd18a11de089ef85a160da29e4https://link.mail.beehiiv.com/ls/click?upn=u001.DTQiLe1mLQCNek4IXPrb3cd8am3-2BtbSaRRShUhZCbhF1FE2NDum-2B9YeqhMivZ-2FcIJGKdOjfqgyCSTZimAiOiNKkJG3N5vgYBNDNlk5YkmOU2XPb-2FKTFlF-2Fc7jFH7Nb8Q0JW6uJclJabjCcGs0cWdzdydwDpcxzScPZQBex7SofyQj6MGdYzEG8hbxGGqYt2bpR0NjPAx6JIYz6GJiSrQNg-3D-3DNN1n_VW5ZEdFpCuXmC2nf4fwMfiBmdui0O95PSMmp4s-2F2oS3jvSHISWr6XQl8RtHpD7TWmHpRBlT8NsCamUZaroeFibjayeskXeuNnFhPFOon1-2FD6SmbcpIEUC7jghzzXsggajKIODB16RJEeGNz4SFHe6mT-2Bn59v08ju13fD9NtKJQcr97qiQNjiGiaoQJcvN3gUurUBqLZp9I4f9bNW54ZUVVCzpwaogbLaWcL9oScbt8r4Ku34t9zOqlF27gTqXVf6T2MbNMKkoCYnb-2BuL8kIZdyoRM3EFOIuktrG5gMH3OTa1K2klBhmxFOQ2d7plqd5asAi8Ofl9YcYOh-2FL4f45riCQtSdd7jru06EkHcBuJahi-2BD3xm-2F7PbjpIpmn-2Bu7KYdjQeOSKE-2FSiD6UNxc7JQNRWkdnK1RTC7eoEMZms82uCa8fJQIoMgqBt91NrcdZIDONaGhhpHXRhQ1VbYp5h6Cow-3D-3D#?email=YWx5c2EuYUBjZW50dXJ5Yml6c29sdXRpb25zLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 2.19.244.127
                                                                                                  • 52.165.165.26
                                                                                                  http://sagilityhealth.comGet hashmaliciousUnknownBrowse
                                                                                                  • 2.19.244.127
                                                                                                  • 52.165.165.26
                                                                                                  https://hr.economictimes.indiatimes.com/etl.php?url=//uiytrewrtyuiouyt.pages.dev/Get hashmaliciousUnknownBrowse
                                                                                                  • 2.19.244.127
                                                                                                  • 52.165.165.26
                                                                                                  https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3A%2F%2Flodgesonvashon.us11.list-manage.com%2Ftrack%2Fclick%3Fu%3D7bd9671a0b3250a7fef40b908%26id%3Dd8775abc58%26e%3D176d192631&umid=dd8a56c0-7dd4-4bb3-bb0e-81b56ebc53fa&auth=f59947c46ffdca8529044338828c8694fe545b0c-e8ce5e3cd8a069926d864ab292898eb1f0993e46Get hashmaliciousHTMLPhisherBrowse
                                                                                                  • 2.19.244.127
                                                                                                  • 52.165.165.26
                                                                                                  payment.htmlGet hashmaliciousPhisherBrowse
                                                                                                  • 2.19.244.127
                                                                                                  • 52.165.165.26
                                                                                                  Groupe ECADE_00_Paiement de facture_9911.pdfGet hashmaliciousUnknownBrowse
                                                                                                  • 2.19.244.127
                                                                                                  • 52.165.165.26
                                                                                                  http://yournewstech.comGet hashmaliciousUnknownBrowse
                                                                                                  • 2.19.244.127
                                                                                                  • 52.165.165.26
                                                                                                  Untitled.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                  • 2.19.244.127
                                                                                                  • 52.165.165.26
                                                                                                  https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2flodgesonvashon.us11.list%2dmanage.com%2ftrack%2fclick%3fu%3d7bd9671a0b3250a7fef40b908%26id%3d9037f6334e%26e%3d176d192631&umid=c3b5e576-eabb-43b1-b355-8b3314499765&auth=f59947c46ffdca8529044338828c8694fe545b0c-470863c8cfe4c44d03e20bf02e2ceab308b9cbffGet hashmaliciousUnknownBrowse
                                                                                                  • 2.19.244.127
                                                                                                  • 52.165.165.26
                                                                                                  PFbc2O8eXUJp.zipGet hashmaliciousUnknownBrowse
                                                                                                  • 2.19.244.127
                                                                                                  • 52.165.165.26

                                                                                                  Dropped Files

                                                                                                  No context

                                                                                                  Created / dropped Files

                                                                                                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:ASCII text
                                                                                                  Category:dropped
                                                                                                  Size (bytes):294
                                                                                                  Entropy (8bit):5.22855460423127
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:BOWI6VN+q2P92nKuAl9OmbnIFUt84OWI6CEjZZmw+4OWI6CEjNVkwO92nKuAl9Oe:EP0Iv4HAahFUt81PSZ/+1PSz5LHAaSJ
                                                                                                  MD5:FC994460537DB6163649FA837207A91B
                                                                                                  SHA1:C608092096CE5D6102CDC7338210676AA634C186
                                                                                                  SHA-256:85971453DCFED238A105078F29C3C6BC8CB2A78470C8D5DF47E4293E2C2C89A3
                                                                                                  SHA-512:9D20C66739D9DFC3A7060A7779579A73A24E2DD1564385C57C5E7ED53970698DF67FC0111C2721A585014A8A334CB9862C855BEC46B3C305E21D970423CF9033
                                                                                                  Malicious:false
                                                                                                  Reputation:low
                                                                                                  Preview:2024/07/03-15:16:41.261 1a68 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/07/03-15:16:41.263 1a68 Recovering log #3.2024/07/03-15:16:41.263 1a68 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                                                                                                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:ASCII text
                                                                                                  Category:dropped
                                                                                                  Size (bytes):294
                                                                                                  Entropy (8bit):5.22855460423127
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:BOWI6VN+q2P92nKuAl9OmbnIFUt84OWI6CEjZZmw+4OWI6CEjNVkwO92nKuAl9Oe:EP0Iv4HAahFUt81PSZ/+1PSz5LHAaSJ
                                                                                                  MD5:FC994460537DB6163649FA837207A91B
                                                                                                  SHA1:C608092096CE5D6102CDC7338210676AA634C186
                                                                                                  SHA-256:85971453DCFED238A105078F29C3C6BC8CB2A78470C8D5DF47E4293E2C2C89A3
                                                                                                  SHA-512:9D20C66739D9DFC3A7060A7779579A73A24E2DD1564385C57C5E7ED53970698DF67FC0111C2721A585014A8A334CB9862C855BEC46B3C305E21D970423CF9033
                                                                                                  Malicious:false
                                                                                                  Reputation:low
                                                                                                  Preview:2024/07/03-15:16:41.261 1a68 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/07/03-15:16:41.263 1a68 Recovering log #3.2024/07/03-15:16:41.263 1a68 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                                                                                                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:ASCII text
                                                                                                  Category:dropped
                                                                                                  Size (bytes):338
                                                                                                  Entropy (8bit):5.210673524353778
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:BOWI60iOq2P92nKuAl9Ombzo2jMGIFUt84OWI6SZZmw+4OWI66uLkwO92nKuAl97:EP9iOv4HAa8uFUt81Pd/+1P6L5LHAa8z
                                                                                                  MD5:84816A86D852C544988021C250B90B52
                                                                                                  SHA1:7D0C9150A9DF58716357ABC4FB73F89D1A920655
                                                                                                  SHA-256:370E21B30BF230C1C2B2F3D790DE16146E86708491E74217BF412061E92ACC1A
                                                                                                  SHA-512:34997F39AC1D3F886210E6529FF0A919FBA8A555A762911F893D1F78D419B274BBC4946DECB772496B9F3B830C7A7678496A0CCE718987058D72E01525C09AAA
                                                                                                  Malicious:false
                                                                                                  Reputation:low
                                                                                                  Preview:2024/07/03-15:16:41.307 1c94 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/07/03-15:16:41.308 1c94 Recovering log #3.2024/07/03-15:16:41.309 1c94 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                                                                                                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:ASCII text
                                                                                                  Category:dropped
                                                                                                  Size (bytes):338
                                                                                                  Entropy (8bit):5.210673524353778
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:BOWI60iOq2P92nKuAl9Ombzo2jMGIFUt84OWI6SZZmw+4OWI66uLkwO92nKuAl97:EP9iOv4HAa8uFUt81Pd/+1P6L5LHAa8z
                                                                                                  MD5:84816A86D852C544988021C250B90B52
                                                                                                  SHA1:7D0C9150A9DF58716357ABC4FB73F89D1A920655
                                                                                                  SHA-256:370E21B30BF230C1C2B2F3D790DE16146E86708491E74217BF412061E92ACC1A
                                                                                                  SHA-512:34997F39AC1D3F886210E6529FF0A919FBA8A555A762911F893D1F78D419B274BBC4946DECB772496B9F3B830C7A7678496A0CCE718987058D72E01525C09AAA
                                                                                                  Malicious:false
                                                                                                  Reputation:low
                                                                                                  Preview:2024/07/03-15:16:41.307 1c94 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/07/03-15:16:41.308 1c94 Recovering log #3.2024/07/03-15:16:41.309 1c94 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                                                                                                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):508
                                                                                                  Entropy (8bit):5.064511491330482
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:12:YH/um3RA8sqbMsBdOg2Hxcaq3QYiubxnP7E4T3OF+:Y2sRdsWxdMHI3QYhbxP7nbI+
                                                                                                  MD5:5D01E8C65DE4074F26A4405BCF62617F
                                                                                                  SHA1:7B840E03DE9C9EBDF08AAE9AA092B63E7A18E5CC
                                                                                                  SHA-256:E90F4F66B4B81BC434F55F0173E8EABC9848988C66F9C02F7123B2428CCAB5B9
                                                                                                  SHA-512:53173AA258708AC980A01B9BF1BD008A747F767D652A22BB24622A6DDDE884C41A701F67483C275A5F0286ECBCD8E667A0BCE28013D21AD1F8CD16A4DCF13879
                                                                                                  Malicious:false
                                                                                                  Reputation:low
                                                                                                  Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13364594207552729","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":386806},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.5","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G","CAYSABiAgICA+P////8B":"Offline"}}}

                                                                                                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\ea986e22-4085-4271-b273-72c08f55dec0.tmp

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:modified
                                                                                                  Size (bytes):508
                                                                                                  Entropy (8bit):5.064511491330482
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:12:YH/um3RA8sqbMsBdOg2Hxcaq3QYiubxnP7E4T3OF+:Y2sRdsWxdMHI3QYhbxP7nbI+
                                                                                                  MD5:5D01E8C65DE4074F26A4405BCF62617F
                                                                                                  SHA1:7B840E03DE9C9EBDF08AAE9AA092B63E7A18E5CC
                                                                                                  SHA-256:E90F4F66B4B81BC434F55F0173E8EABC9848988C66F9C02F7123B2428CCAB5B9
                                                                                                  SHA-512:53173AA258708AC980A01B9BF1BD008A747F767D652A22BB24622A6DDDE884C41A701F67483C275A5F0286ECBCD8E667A0BCE28013D21AD1F8CD16A4DCF13879
                                                                                                  Malicious:false
                                                                                                  Reputation:low
                                                                                                  Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13364594207552729","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":386806},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.5","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G","CAYSABiAgICA+P////8B":"Offline"}}}

                                                                                                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):4509
                                                                                                  Entropy (8bit):5.233015624110528
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:96:QqBpCqGp3Al+NehBmkID2w6bNMhugoKTNY+No/KTNcygLPGLLU/YPHEHiZ:rBpJGp3AoqBmki25ZEVoKTNY+NoCTNLP
                                                                                                  MD5:A18BF94EE16832DB06B05BF873C4A522
                                                                                                  SHA1:7D4428B400794F02ACE90381F6834BA3A2D1381F
                                                                                                  SHA-256:15DBFB07A6C69DD3CBAA55BD42B19B20DEF1CBCD6E599475012D6665737710D8
                                                                                                  SHA-512:C23FADE24363CF217A02916B6496A23DB1149CF60836F07EECA628F5944A9679812E1F0DC70596E4B3A3A1F0B62D7A6795BADE0EF5B645921D4E694D0E781AA5
                                                                                                  Malicious:false
                                                                                                  Reputation:low
                                                                                                  Preview:*...#................version.1..namespace-.1a.o................next-map-id.1.Pnamespace-047a745d_5c98_4926_b446_942fb948d072-https://rna-resource.acrobat.com/.0.K..r................next-map-id.2.Snamespace-bdf2fbfe_e08b_407d_8a81_9a6094e373a0-https://rna-v2-resource.acrobat.com/.1.m.Fr................next-map-id.3.Snamespace-24b9c7f4_3e31_4d11_a607_ac91d6485c9e-https://rna-v2-resource.acrobat.com/.2.8.o................next-map-id.4.Pnamespace-bc60f291_faa7_4492_8b22_e186b4ce62c1-https://rna-resource.acrobat.com/.3.A-N^...............Pnamespace-047a745d_5c98_4926_b446_942fb948d072-https://rna-resource.acrobat.com/-j..^...............Pnamespace-bc60f291_faa7_4492_8b22_e186b4ce62c1-https://rna-resource.acrobat.com/[.|.a...............Snamespace-bdf2fbfe_e08b_407d_8a81_9a6094e373a0-https://rna-v2-resource.acrobat.com/....a...............Snamespace-24b9c7f4_3e31_4d11_a607_ac91d6485c9e-https://rna-v2-resource.acrobat.com/.W.@o................next-map-id.5.Pnamespace-8fb46ac3_c992_47ca_bb04_

                                                                                                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:ASCII text
                                                                                                  Category:dropped
                                                                                                  Size (bytes):326
                                                                                                  Entropy (8bit):5.219733958030791
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:BOWI6Nq2P92nKuAl9OmbzNMxIFUt84OWI6d9Zmw+4OWI6LkwO92nKuAl9OmbzNMT:EPmv4HAa8jFUt81PA9/+1Pq5LHAa84J
                                                                                                  MD5:A40BA86F2283452C39102521B7893947
                                                                                                  SHA1:56168EA7D7FA54BF7F3BE58A4E2013E2F1206300
                                                                                                  SHA-256:9F96A52C07040332985F07BFF5EB13E1CB726C278DFF363C50DC98B524A64BB2
                                                                                                  SHA-512:FFB451D342F221C3047A83EAE415A2B0D4F831F9DF8997F47BBBDB3E605FA83B051259F2785E486FBF839E819277514DF40721D90AB484880993C0501D88C0BE
                                                                                                  Malicious:false
                                                                                                  Reputation:low
                                                                                                  Preview:2024/07/03-15:16:42.086 1c94 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/07/03-15:16:42.090 1c94 Recovering log #3.2024/07/03-15:16:42.092 1c94 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                                                                                                  C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:ASCII text
                                                                                                  Category:dropped
                                                                                                  Size (bytes):326
                                                                                                  Entropy (8bit):5.219733958030791
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:BOWI6Nq2P92nKuAl9OmbzNMxIFUt84OWI6d9Zmw+4OWI6LkwO92nKuAl9OmbzNMT:EPmv4HAa8jFUt81PA9/+1Pq5LHAa84J
                                                                                                  MD5:A40BA86F2283452C39102521B7893947
                                                                                                  SHA1:56168EA7D7FA54BF7F3BE58A4E2013E2F1206300
                                                                                                  SHA-256:9F96A52C07040332985F07BFF5EB13E1CB726C278DFF363C50DC98B524A64BB2
                                                                                                  SHA-512:FFB451D342F221C3047A83EAE415A2B0D4F831F9DF8997F47BBBDB3E605FA83B051259F2785E486FBF839E819277514DF40721D90AB484880993C0501D88C0BE
                                                                                                  Malicious:false
                                                                                                  Reputation:low
                                                                                                  Preview:2024/07/03-15:16:42.086 1c94 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/07/03-15:16:42.090 1c94 Recovering log #3.2024/07/03-15:16:42.092 1c94 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                                                                                                  C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240703191645Z-157.bmp

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:PC bitmap, Windows 3.x format, 107 x -152 x 32, cbSize 65110, bits offset 54
                                                                                                  Category:dropped
                                                                                                  Size (bytes):65110
                                                                                                  Entropy (8bit):1.0589790606632614
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:192:UZBcJXjaIAGx58a75k+PYjsYBzm4pjSm7:UUD58a75k+PHYXpp
                                                                                                  MD5:3AA0A0D807C2E242DE2464222CB7B93A
                                                                                                  SHA1:E954AD7F403083ACDD779FC3729B776FF3DCDB8D
                                                                                                  SHA-256:CDA3F48E57C25D970A5B0122619618F60D9CA237F6993BD056EF301372C477B7
                                                                                                  SHA-512:5D8EF1C30FEDBD872E1EA0B3879048C2DD7A349CB56CE7577C80E9A5F12DDCB8AF2D439B70D9A0A17AF51201F7C3EEFD9DC896B8E98FCA3A769F13EBF4D0ED75
                                                                                                  Malicious:false
                                                                                                  Reputation:low
                                                                                                  Preview:BMV.......6...(...k...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                  C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
                                                                                                  Category:dropped
                                                                                                  Size (bytes):71954
                                                                                                  Entropy (8bit):7.996617769952133
                                                                                                  Encrypted:true
                                                                                                  SSDEEP:1536:gc257bHnClJ3v5mnAQEBP+bfnW8Ctl8G1G4eu76NWDdB34w18R5cBWcJAm68+Q:gp2ld5jPqW8LgeulxB3fgcEfDQ
                                                                                                  MD5:49AEBF8CBD62D92AC215B2923FB1B9F5
                                                                                                  SHA1:1723BE06719828DDA65AD804298D0431F6AFF976
                                                                                                  SHA-256:B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F
                                                                                                  SHA-512:BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B
                                                                                                  Malicious:false
                                                                                                  Preview:MSCF............,...................I..................XaK .authroot.stl.[.i..6..CK..<Tk......4.cl!Kg..E..*Y.f_..".$mR"$.J.E.KB."..rKv.."{.g....3.W.....c..9.s...=....y6#..x..........D......\(.#.s.!.A.......cd.c........+^.ov...n.....3BL..0.......BPUR&.X..02.q...R...J.....w.....b.vy>....-.&..(..oe."."...J9...0U.6J..|U..S.....M.F8g...=.......p...........l.?3.J.x.G.Ep..$g..tj......)v]9(:.)W.8.Op.1Q..:.nPd........7.7..M].V F..g.....12..!7(...B.......h.RZ.......l.<.....6..Z^.`p?... .p.Gp.#.'.X..........|!.8.....".m.49r?.I...g...8.v.....a``.g.R4.i...J8q....NFW,E.6Y....!.o5%.Y.....R..<..S9....r....WO...(.....F..Q=*....-..7d..O(....-..+k.........K..........{Q....Z..j._.E...QZ.~.\.^......N.9.k..O.}dD.b1r...[}/....T..E..G..c.|.c.&>?..^t. ..;..X.d.E.0G....[Q.*,*......#.Dp..L.o|#syc.J............}G-.ou6.=52..XWi=...m.....^u......c..fc?&pR7S5....I...j.G........j.j..Tc.El.....B.pQ.,Bp....j...9g.. >..s..m#.Nb.o_u.M.V...........\#...v..Mo\sF..s....Y...

                                                                                                  C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):893
                                                                                                  Entropy (8bit):7.366016576663508
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24:hBntmDvKUQQDvKUr7C5fpqp8gPvXHmXvponXux:3ntmD5QQD5XC5RqHHXmXvp++x
                                                                                                  MD5:D4AE187B4574036C2D76B6DF8A8C1A30
                                                                                                  SHA1:B06F409FA14BAB33CBAF4A37811B8740B624D9E5
                                                                                                  SHA-256:A2CE3A0FA7D2A833D1801E01EC48E35B70D84F3467CC9F8FAB370386E13879C7
                                                                                                  SHA-512:1F44A360E8BB8ADA22BC5BFE001F1BABB4E72005A46BC2A94C33C4BD149FF256CCE6F35D65CA4F7FC2A5B9E15494155449830D2809C8CF218D0B9196EC646B0C
                                                                                                  Malicious:false
                                                                                                  Preview:0..y..*.H.........j0..f...1.0...*.H.........N0..J0..2.......D....'..09...@k0...*.H........0?1$0"..U....Digital Signature Trust Co.1.0...U....DST Root CA X30...000930211219Z..210930140115Z0?1$0"..U....Digital Signature Trust Co.1.0...U....DST Root CA X30.."0...*.H.............0..........P..W..be......,k0.[...}.@......3vI*.?!I..N..>H.e...!.e.*.2....w..{........s.z..2..~..0....*8.y.1.P..e.Qc...a.Ka..Rk...K.(.H......>.... .[.*....p....%.tr.{j.4.0...h.{T....Z...=d.....Ap..r.&.8U9C....\@........%.......:..n.>..\..<.i....*.)W..=....]......B0@0...U.......0....0...U...........0...U.........{,q...K.u...`...0...*.H...............,...\...(f7:...?K.... ]..YD.>.>..K.t.....t..~.....K. D....}..j.....N..:.pI...........:^H...X._..Z.....Y..n......f3.Y[...sG.+..7H..VK....r2...D.SrmC.&H.Rg.X..gvqx...V..9$1....Z0G..P.......dc`........}...=2.e..|.Wv..(9..e...w.j..w.......)...55.1.

                                                                                                  C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:data
                                                                                                  Category:modified
                                                                                                  Size (bytes):328
                                                                                                  Entropy (8bit):3.241800306278292
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:kKbWD9UswD8HGsL+N+SkQlPlEGYRMY9z+4KlDA3RUebT3:zWaDImsLNkPlE99SNxAhUe/3
                                                                                                  MD5:2981CADB643F41296141BA61D60CA0C2
                                                                                                  SHA1:138876575E583EBCF6C2F199A9B446D73FEC9046
                                                                                                  SHA-256:B1BDB3E4A35B316EC645322B18DBC83FC71B930385BCAA149C0C7826F12BDD3E
                                                                                                  SHA-512:408A75F69A0F903BED1E321994A586B4C5557134435296AA73142BA547EFF33BD9AF50AF2051BF2F3D2BBB7F102DA46EE668ABEBF49F1E6E838643134216B609
                                                                                                  Malicious:false
                                                                                                  Preview:p...... ........@..}...(....................................................... ........G..@.......&......X........h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".a.7.2.8.2.e.b.4.0.b.1.d.a.1.:.0."...

                                                                                                  C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):252
                                                                                                  Entropy (8bit):3.026467887142631
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:3:kkFklJMfllXlE/E/KRkzllPlzRkwWBARLNDU+ZMlKlBkvclcMlVHblB8V7lnklG3:kKeYxliBAIdQZV7I7kc3
                                                                                                  MD5:A0E0EBF11F8AD5CCBB8199DBD76A13FA
                                                                                                  SHA1:2198914F072E87984E5A025C5942E27CED555B4E
                                                                                                  SHA-256:D4D2C3F0E7E6D1C16A090A078E773040D9E9AA0DD008CE5D4636B4DAF0E81CC5
                                                                                                  SHA-512:2328864098F16B001F3D4A96DE48F15376690072F69217A42E8723A5D7065B1451D8D864934042389D51D24FF5EB96541D76820782EB86BE77C5299DD05F3012
                                                                                                  Malicious:false
                                                                                                  Preview:p...... ....`.......}...(....................................................... ........!.M........(...........}...h.t.t.p.:././.a.p.p.s...i.d.e.n.t.r.u.s.t...c.o.m./.r.o.o.t.s./.d.s.t.r.o.o.t.c.a.x.3...p.7.c...".3.7.d.-.6.0.7.9.b.8.c.0.9.2.9.c.0."...

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheAcro65536.dat

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):227002
                                                                                                  Entropy (8bit):3.392780893644728
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:1536:WKPC4iyzDtrh1cK3XEivK7VK/3AYvYwgF/rRoL+sn:DPCaJ/3AYvYwglFoL+sn
                                                                                                  MD5:87EDBEE38F56C20298F25D5D3D4D1B5C
                                                                                                  SHA1:7F904E9615AC3186A87472EF366DD8202855B0B7
                                                                                                  SHA-256:A46B56D3ABCC137D1872DDF20EED4BCD7D04518282282ADB32DDCCF70D7FFBA6
                                                                                                  SHA-512:BBEBC1FCD5BC9AE042DD5782425BA8C47BF3EAC283B2487FC4E3FF6BF8101306DAB081E5135594165D4DC1AC120FF125AADBC5B3FFE7C646183C04DF77865E0D
                                                                                                  Malicious:false
                                                                                                  Preview:Adobe Acrobat Reader (64-bit) 23.6.20320....?A12_AV2_Search_18px.............................................................................................................KKK KKK.KKK.KKK.KKK.KKK.KKK@........................................KKK`KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.............................KKKPKKK.KKK.KKK.KKK.........KKKPKKK.KKK.KKK.........................KKK.KKK.KKK.KKK0....................KKK.KKK.KKK.KKK`....................KKK`KKK.KKK.............................KKK@KKK.KKK.....................KKK.KKK.KKK0................................KKK.KKK.....................KKK.KKK.....................................KKK.KKK.....................KKK.KKK.KKK0................................KKK.KKK.....................KKK`KKK.KKK.............................KKK@KKK.KKK.....................KKK.KKK.KKK.KKK@....................KKK.KKK.KKK.KKK`........................KKKPKKK.KKK.KKK.KKK.........KKKPKKK.KKK.KKK.KKK.............................KKK`KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):295
                                                                                                  Entropy (8bit):5.31155578170946
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:YEQXJ2HXHQ/vsHK7+FIbRI6XVW7+0YOXltjeoAvJM3g98kUwPeUkwRe9:YvXKXJKyYpW79ltZGMbLUkee9
                                                                                                  MD5:1A9D081E8618E9B1CEEE2666B21F192E
                                                                                                  SHA1:DFDC2B5A1B9DA7ECFA490A948F67E2E9ED196679
                                                                                                  SHA-256:3F4BEFA191CFE98A6D1E7C8B7AB45CD12C0BB1C6B890602890A52EC8CAE78E1C
                                                                                                  SHA-512:C89EF1CAE42F345B00BD353626069FD1FAA964479F5EA3457C43E75CDB1764923810A2C1C21BA15EE9CD27886A2D27AFCF4BFF2E1169BC2667390B73FBD85918
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"ACROBAT_READER_MASTER_SURFACEID","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):294
                                                                                                  Entropy (8bit):5.247099812758576
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:YEQXJ2HXHQ/vsHK7+FIbRI6XVW7+0YOXltjeoAvJfBoTfXpnrPeUkwRe9:YvXKXJKyYpW79ltZGWTfXcUkee9
                                                                                                  MD5:FD7A778A86030C799A66827D582698FF
                                                                                                  SHA1:FC4F90D68D542CF8C7C9F841D57251836E65F3EF
                                                                                                  SHA-256:3CD1C7A8864FA6F350C45BC9ACFA7619DEC7895041B01256656F7A7A1B170C27
                                                                                                  SHA-512:8534357DBD7E539A9589A4174039A86C851F3F90F929121245CA1380F9E0896691EBF2DDCD71A414C9FC95150843551A985E0AC8118FA7E2A935CDDC684DCAB4
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"DC_FirstMile_Home_View_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):294
                                                                                                  Entropy (8bit):5.226179276963538
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:YEQXJ2HXHQ/vsHK7+FIbRI6XVW7+0YOXltjeoAvJfBD2G6UpnrPeUkwRe9:YvXKXJKyYpW79ltZGR22cUkee9
                                                                                                  MD5:4565793C4ABAB0E977F1FD43EEC43430
                                                                                                  SHA1:3836D3CEF897B87E365ED195E89FDE8A97CB20C5
                                                                                                  SHA-256:D50B8086A664F941FD980D6F991BAE950F2184D946BFF30E164C64D4A219726D
                                                                                                  SHA-512:4E296832849CC3D20C77621315B216397BBA0A0C1D9441FED21FD0B470777A0607739BD56757C7DA80625E0D39B483DB336C0ABD6A3B610812A6CD7EC956FADA
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"DC_FirstMile_Right_Sec_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):285
                                                                                                  Entropy (8bit):5.288630848675405
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:YEQXJ2HXHQ/vsHK7+FIbRI6XVW7+0YOXltjeoAvJfPmwrPeUkwRe9:YvXKXJKyYpW79ltZGH56Ukee9
                                                                                                  MD5:78581D92251A2590BF0518AB09B79D31
                                                                                                  SHA1:7A8CCEF0290773615BA5F967A86D71851E5D3713
                                                                                                  SHA-256:2E1485E558DB1451EC30DE637B2B82EA4E1A1554363AF3F7DB91803958C08CA1
                                                                                                  SHA-512:1F3A854EAF96DD972EDA0A337052E646273B7E36FB0763E74A53C1C44CBB01B87733BD78140F95B2E69DF9F3325340C88075E3B40243B43D1B85405CE0FBC18B
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"DC_READER_LAUNCH_CARD","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):292
                                                                                                  Entropy (8bit):5.246095643133934
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:YEQXJ2HXHQ/vsHK7+FIbRI6XVW7+0YOXltjeoAvJfJWCtMdPeUkwRe9:YvXKXJKyYpW79ltZGBS8Ukee9
                                                                                                  MD5:639989E0620A5A422B0B25263EED5F4B
                                                                                                  SHA1:111FD930400F31E480B00A231D9A0585219501CB
                                                                                                  SHA-256:2C6DA9FD0D6B1C714C276338E72048399CDB03E0ACA020CB5B2C796186C17879
                                                                                                  SHA-512:8387C4A72729FBBAC4EFADDB7F57345526C3991DBE5DBDFEBC62EFA50D179DF362CC5DB4E7E775B0C36B4A46739462EB83725F543BBFBFF6A8F49097B5C36B20
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"DC_Reader_Convert_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):289
                                                                                                  Entropy (8bit):5.2321827148040585
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:YEQXJ2HXHQ/vsHK7+FIbRI6XVW7+0YOXltjeoAvJf8dPeUkwRe9:YvXKXJKyYpW79ltZGU8Ukee9
                                                                                                  MD5:FDAEED65F7847F14D2A6B09B5ADB3CB4
                                                                                                  SHA1:AEDCB4F8461BC9BCE9FDA110D9C10A53EC180E20
                                                                                                  SHA-256:5B42A493CBB831505BF41D66FEADD6C764A7784E2C62BFA8ADB05DAF03155C9B
                                                                                                  SHA-512:E2A77F1036407C52104D956AC8B77FFBACE2604BECCBF7E8E1F577597429CCC9EFCEFAA9F66E7290311A5744E4309A00B34509359FFB77376F31B54DC3A59953
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):292
                                                                                                  Entropy (8bit):5.233009084093865
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:YEQXJ2HXHQ/vsHK7+FIbRI6XVW7+0YOXltjeoAvJfQ1rPeUkwRe9:YvXKXJKyYpW79ltZGY16Ukee9
                                                                                                  MD5:D9998594E787F9F026CF98074C5D8BB0
                                                                                                  SHA1:563B11DAFDE97A722385DDCC3E5484B926785345
                                                                                                  SHA-256:121CF8634043389174B18C6373B5D9C28DC4AAF50E517687F6027B015FA8D78A
                                                                                                  SHA-512:305FBD67D43C6F7085C3835545FF21625844021388A7B94126CF924D3BF204D5F6B59EA7D16A239FE0C612063942BC1C75622A16B7546957B61C31651F0E1597
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):289
                                                                                                  Entropy (8bit):5.252699773991931
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:YEQXJ2HXHQ/vsHK7+FIbRI6XVW7+0YOXltjeoAvJfFldPeUkwRe9:YvXKXJKyYpW79ltZGz8Ukee9
                                                                                                  MD5:0EA7F8E45A6531B5FCE69DF9ECA5B776
                                                                                                  SHA1:CAEB16F97F59B93F228BAE7BEFFB07EB79F82B00
                                                                                                  SHA-256:5CA490A9E8AA2C22FB357662D64092B71F9F5F701874276A0939921366AFD189
                                                                                                  SHA-512:3A21AC7B1C94DCDAFE72467FC7CEEE93186EF2ACD3323B069BAEFAD5BF9AEDC56E143EA05E204FE922C8B0681957950840564BE3ED48CEA428DAA697CFE7EB27
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"DC_Reader_Edit_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):1372
                                                                                                  Entropy (8bit):5.730045615456104
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24:Yv6XSi9dKLgENRcbrZbq00iCCBrwJo++ns8ct4mFJN/:YvGXEgigrNt0wSJn+ns8cvFJN
                                                                                                  MD5:B6D7A53FA4242485FD7B486353634F52
                                                                                                  SHA1:A88620E0082BC91803D7614017C9C30B40950637
                                                                                                  SHA-256:244EDA44131AED75A152FA86AF13441D09AA8BE42AB5382837159B044BF62337
                                                                                                  SHA-512:3ED35F9AC725305894B2394CFA0A2CFB6349BD29866271DCA3556970E7A5FF4A5AC85E209A851BD33A6E2C2A92CF1374F574671A655FEACEA12F05FC28BE2C8F
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"DC_Reader_Home_LHP_Trial_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Home_LHP_Trial_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"79887_247329ActionBlock_0","campaignId":79887,"containerId":"1","controlGroupId":"","treatmentId":"acc56846-d570-4500-a26e-7f8cf2b4acad","variationId":"247329"},"containerId":1,"containerLabel":"JSON for DC_Reader_Home_LHP_Trial_Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJUcnkgQWNyb2JhdCBQcm8ifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNSIsImZvbnRfc3R5bGUiOiIwIn0sImRlc2NyaXB0aW9uX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTMiLCJmb250X3N0eWxlIjoiLTEifSwidGl0bGUiOiJGcmVlIDctZGF5IHRyaWFsIiwiZGVzY3JpcHRpb24iOiJHZXQgdW5saW1pdGVkIGFjY2VzcyB0byBwcmVtaXVtIFBERiBhbmQgZS1zaWduaW5nIHRvb2xzLiIsImJ

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):289
                                                                                                  Entropy (8bit):5.239614551016775
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:YEQXJ2HXHQ/vsHK7+FIbRI6XVW7+0YOXltjeoAvJfYdPeUkwRe9:YvXKXJKyYpW79ltZGg8Ukee9
                                                                                                  MD5:48E7BD7D39720B720B3634A5388074D7
                                                                                                  SHA1:6A6624BE5B871D4E9C884204086D8A13B324C8EE
                                                                                                  SHA-256:7BC424CD9A43A6C848D25F67F696A298992BFDF2C1F248C1C93772510C44FB30
                                                                                                  SHA-512:F2D24ADC8E96569CB2CAF0D78C3A6FE8B74FFEBF6C3A6D18DB3FA3F041E075268789A370249CA41EB5B26FC5BD0EA3D35E01471FDD24A214CAFAC2632928C06A
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"DC_Reader_More_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):1395
                                                                                                  Entropy (8bit):5.7661139329047115
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24:Yv6XSi9grLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJNn:YvGqHgDv3W2aYQfgB5OUupHrQ9FJh
                                                                                                  MD5:F08DF20414EB546C61B56E4C2B584FBF
                                                                                                  SHA1:B95CAF63612F747023DEE8E6713B0678261C7AD8
                                                                                                  SHA-256:A6636498A2539B256F3EF5ECEAB8CCDEDA4572D71C1D340552A91DB22B85DCE9
                                                                                                  SHA-512:54F52ED808E0D18059D7E88189C73A3D4B794D46AD0B28DEFF4D5D28D8E53E06EC6382239AE36CA725BF305EB9D05128C677C1D303EE1238ABFB5C4CBCD404C9
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"DC_Reader_RHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_RHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"57802_176003ActionBlock_0","campaignId":57802,"containerId":"1","controlGroupId":"","treatmentId":"d0374f2d-08b2-49b9-9500-3392758c9e2e","variationId":"176003"},"containerId":1,"containerLabel":"JSON for Reader DC RHP Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctRGF5IFRyaWFsIiwiZ29fdXJsIjoiaHR0cHM6Ly9hY3JvYmF0LmFkb2JlLmNvbS9wcm94eS9wcmljaW5nL3VzL2VuL3NpZ24tZnJlZS10cmlhbC5odG1sP3RyYWNraW5naWQ9UEMxUFFMUVQmbXY9aW4tcHJvZHVjdCZtdjI9cmVhZGVyIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjEyIiwiZm9udF9zdHlsZSI6IjMifSwidGl0

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):291
                                                                                                  Entropy (8bit):5.223576668958563
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:YEQXJ2HXHQ/vsHK7+FIbRI6XVW7+0YOXltjeoAvJfbPtdPeUkwRe9:YvXKXJKyYpW79ltZGDV8Ukee9
                                                                                                  MD5:CA3083C484692EB4334681CB90F3A59B
                                                                                                  SHA1:792EE707B2B3EE69D86259E1A2E7D0C8FF4A5C6A
                                                                                                  SHA-256:CF5B86C9F68248D46BB31B6F52B4A706A2DA3B0B8B3DAE13B58F772E1F7C9E11
                                                                                                  SHA-512:5ABEE5FC4DEEE437B1A43C35A14391852458E13AE5D8C70506F6A1156FD4EE67827E09F904B0AE0FAFFE5479B6F8F85B97FAE2E75F92CEF24339AB1067908322
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"DC_Reader_RHP_Intent_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):287
                                                                                                  Entropy (8bit):5.224099682840371
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:YEQXJ2HXHQ/vsHK7+FIbRI6XVW7+0YOXltjeoAvJf21rPeUkwRe9:YvXKXJKyYpW79ltZG+16Ukee9
                                                                                                  MD5:69EFED5B494EA6E1E21B6B1479448EF4
                                                                                                  SHA1:44847B32E1B3719BF26F3D9C508755D5E59C0202
                                                                                                  SHA-256:35536CDD5D86489E013A99B754125D0C41A51F78C5FC4B52C7C786A926BB83DF
                                                                                                  SHA-512:2C2E3679BAE17C8E7633AB38AF504BEDB853C54ACD53E345A2E32E1043B90323B25A046D7B662F5B40462852CC1044597563CA90D6F6CB7073D2CE55B2300993
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"DC_Reader_RHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):289
                                                                                                  Entropy (8bit):5.24699001686009
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:YEQXJ2HXHQ/vsHK7+FIbRI6XVW7+0YOXltjeoAvJfbpatdPeUkwRe9:YvXKXJKyYpW79ltZGVat8Ukee9
                                                                                                  MD5:9BBFAF868B12A5D75008B1752F5A6215
                                                                                                  SHA1:3439C10FAE1D8DB413A896807C155A0781E12E84
                                                                                                  SHA-256:E7EA9ADB794692CEF3CCE3473F186003BD96ADD57BD611A523257D70E01648D9
                                                                                                  SHA-512:1ECACE1EF097733F157AE08A7B1DF1FE377667A9B867149F0A446E145A3C6D2B416316596324109C4974EDD189FB6D4C70EE0FE28E38F9DF2019D2B37268BA46
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"DC_Reader_Sign_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):286
                                                                                                  Entropy (8bit):5.199362678226748
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:YEQXJ2HXHQ/vsHK7+FIbRI6XVW7+0YOXltjeoAvJfshHHrPeUkwRe9:YvXKXJKyYpW79ltZGUUUkee9
                                                                                                  MD5:264601B2BB2C82332C3D9B14ED993A95
                                                                                                  SHA1:F702C3F82CC873027D577E5D96CD0D4DDE4347C7
                                                                                                  SHA-256:E04E13514EB8A1AC3E9B31553866D4E8E63F93B22DFD38D6B25DEFCE9939364D
                                                                                                  SHA-512:918F4FE0AC6DDC8F1E86BEF3B5CB66A0E13DE921D1014D0062CEF3D7D359964DC425E9F4621780B458612B8F8A30E57AE598DDBBB692B240FE3421AA73730B64
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"DC_Reader_Upsell_Cards","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):782
                                                                                                  Entropy (8bit):5.3473915831111665
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:12:YvXKXJKyYpW79ltZGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWj:Yv6XSi9N168CgEXX5kcIfANhS
                                                                                                  MD5:FCF8C25F27C9427E915D3F8A137A2AA5
                                                                                                  SHA1:0CE9EE52B7513E4DF1AF98BEAC71FAD32FA6C5F2
                                                                                                  SHA-256:4B71FDBBA2B8DBF94210E8D13749911FD46A8B5B3AA694F2717C39E7C496B258
                                                                                                  SHA-512:CED96413593C189716B7219A3917449347BD0C992DFCF2FB1A5B668E1E6FB0EDE2E85A0B35CCB6A321D95BC5DF103793DDF5E3A556C7D32B50AA5423BFF5EBF4
                                                                                                  Malicious:false
                                                                                                  Preview:{"analyticsData":{"responseGUID":"05ede370-7499-40ef-af4e-5dc0694b6c22","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1720210892464,"statusCode":200,"surfaceID":"Edit_InApp_Aug2020","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"Edit_InApp_Aug2020"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"20360_57769ActionBlock_0","campaignId":20360,"containerId":"1","controlGroupId":"","treatmentId":"3c07988a-9c54-409d-9d06-53885c9f21ec","variationId":"57769"},"containerId":1,"containerLabel":"JSON for switching in-app test","content":{"data":"eyJ1cHNlbGxleHBlcmltZW50Ijp7InRlc3RpZCI6IjEiLCJjb2hvcnQiOiJicm93c2VyIn19","dataType":"application\/json","encodingScheme":true},"endDTS":1735804679000,"startDTS":1720034207499}}}}

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):4
                                                                                                  Entropy (8bit):0.8112781244591328
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:3:e:e
                                                                                                  MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                                                                                                  SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                                                                                                  SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                                                                                                  SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                                                                                                  Malicious:false
                                                                                                  Preview:....

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):2814
                                                                                                  Entropy (8bit):5.1110818979195285
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:48:YJ2Qb1qA8p6R9LkcujtH/oqjfXPoO83tg9K:a8p6R9LkcuBfoq7AO8d+K
                                                                                                  MD5:C3ED7C28C1871E12C9BA7C61F73D50BC
                                                                                                  SHA1:DF82AD6FCC305AD32F8D4B5810D41231D53F29F7
                                                                                                  SHA-256:DE85EE41E9FC8D5728FBA54B00DE4D9ED69BB127858FB0A475FFC81C9C8CAE11
                                                                                                  SHA-512:BD393FB17923CCFF3FCCDD19849BFBEAFD35F36228F7F41F31E6C2CEE86CE5F179BF6F4763C385D0CECE2A15B93AC5CF492F55FF26D67D05584C58A5DE6D9673
                                                                                                  Malicious:false
                                                                                                  Preview:{"all":[{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"f9f8dd299b063b4f3bea6747b121e747","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":289,"ts":1720034207000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"aab65f0989d91ce6f030cbbd00e1de0d","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":1372,"ts":1720034206000},{"id":"Edit_InApp_Aug2020","info":{"dg":"49f7fac02ebf2fa729a66ea4cc96d9e0","sid":"Edit_InApp_Aug2020"},"mimeType":"file","size":782,"ts":1720034206000},{"id":"DC_Reader_RHP_Banner","info":{"dg":"fcb4706cf73f14e664d9cf2e0362570e","sid":"DC_Reader_RHP_Banner"},"mimeType":"file","size":1395,"ts":1720034206000},{"id":"DC_Reader_Disc_LHP_Retention","info":{"dg":"aeca1e086c663a181dce62627d7d34c5","sid":"DC_Reader_Disc_LHP_Retention"},"mimeType":"file","size":292,"ts":1720034206000},{"id":"DC_Reader_More_LHP_Banner","info":{"dg":"5a99c91fc2e07f52bf46eabb0dea8451","sid":"DC_Reader_More_LHP_Banner"},"mimeType":"file","size":289,"ts":1720034206000},

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 19, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 19
                                                                                                  Category:dropped
                                                                                                  Size (bytes):12288
                                                                                                  Entropy (8bit):0.9859735724745539
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24:TLHRx/XYKQvGJF7urs6I1RZKHs/Ds/Spn4zJwtNBwtNbRZ6bRZ4eF:TVl2GL7ms6ggOVp4zutYtp6P3
                                                                                                  MD5:3E08477A4824DB0CAAF70B394F00E08F
                                                                                                  SHA1:D877866F75169FA5D6CCBB787C03753679A57456
                                                                                                  SHA-256:5269BB2AC5BE593DA02E65BA32A06D9A7BE6B64E60FC98571F6A4DD7F789F33E
                                                                                                  SHA-512:0589296E353CEE3AFA207117E1E05580D1CE29752F70BA165C26651A789F93532F83F20969D6C19A0D62CE856D176243B427F07BB07FDFB8AF0140A7EE1955C1
                                                                                                  Malicious:false
                                                                                                  Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                  C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:SQLite Rollback Journal
                                                                                                  Category:dropped
                                                                                                  Size (bytes):8720
                                                                                                  Entropy (8bit):1.3400266662443079
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24:7+tfEAD1RZKHs/Ds/SpnPzJwtNBwtNbRZ6bRZWf1RZK2qLBx/XYKQvGJF7ursu:7MMGgOVpPzutYtp6PMbqll2GL7msu
                                                                                                  MD5:06DF64B5EA9C6FEC95EB3EC7105D519C
                                                                                                  SHA1:1EDF8A40A00909117406AB3EC290D79CCBE9D146
                                                                                                  SHA-256:52BBFFC957D648CDC841DC49DC31E7200021F10E0BA94A464D799675E45C407B
                                                                                                  SHA-512:0DB47BACC6CA9174874CA873B287BB7CA2F6D6B8ADD6A3EE1BCBF2BEAEDE9D358A51BAC50A53CB06EB2E6202670B44FFEB096E590C89259D5003A0403B9F0C9F
                                                                                                  Malicious:false
                                                                                                  Preview:.... .c......k........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................j...#..#.#.#.#.#.#.#.#.7.7........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                  C:\Users\user\AppData\Local\Temp\MSI71eea.LOG

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                  Category:dropped
                                                                                                  Size (bytes):246
                                                                                                  Entropy (8bit):3.5441332632710916
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K82AaRRAN9:Qw946cPbiOxDlbYnuRKXAkRe
                                                                                                  MD5:62EFE7D855050520A0F78D6BEF8887C2
                                                                                                  SHA1:8D64826AA731946E28F2626F187B6B6A0E77389E
                                                                                                  SHA-256:7A02D8D9107100EF69B565DD696E54FE71577F76F7AE02AF16F8E43A6FAD548D
                                                                                                  SHA-512:01E3DBBE557049C935B4C14690D6E9D3F5231E9EE902335ACA58D68D8AEB52A9DF6A5E163B475820BB697BA0FC79C4472BE8ECC1845CEC30731702FD88262D4C
                                                                                                  Malicious:false
                                                                                                  Preview:..E.r.r.o.r. .2.7.1.1...T.h.e. .s.p.e.c.i.f.i.e.d. .F.e.a.t.u.r.e. .n.a.m.e. .(.'.A.R.M.'.). .n.o.t. .f.o.u.n.d. .i.n. .F.e.a.t.u.r.e. .t.a.b.l.e.......=.=.=. .L.o.g.g.i.n.g. .s.t.o.p.p.e.d.:. .0.3./.0.7./.2.0.2.4. . .1.5.:.1.6.:.4.9. .=.=.=.....

                                                                                                  C:\Users\user\AppData\Local\Temp\acrobat_sbx\A918q8in7_ninilq_3g0.tmp

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:PDF document, version 1.6, 0 pages
                                                                                                  Category:dropped
                                                                                                  Size (bytes):358
                                                                                                  Entropy (8bit):5.073138238037697
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6:IngVMrexJzJT0y9VEQIFVmb/eu2g/86S1kxROOstFndS+gSbPtFndS+gScaCSyAX:IngVMre9T0HQIDmy9g06JX8tFdS+XbP5
                                                                                                  MD5:ADAD67338AEEEFA032514A9896586695
                                                                                                  SHA1:7D2EA9E531AD598CFD3F51A113B0F835872750C3
                                                                                                  SHA-256:FB68668147BE9A45A7A3EABAB4CE6147DF20EA1394DC96F81E8BC780B20E2AD4
                                                                                                  SHA-512:6E1505A6C86C38681ADFE5FE00496EFCC7E537B5FCB67454557E26B57242D77DC7F355A3DFDE577B4C0EF7CA4EBE4C099A416DFD0C4BEDC0A57699294C3CCA8D
                                                                                                  Malicious:false
                                                                                                  Preview:%PDF-1.6.%......1 0 obj.<</Pages 2 0 R/Type/Catalog>>.endobj.2 0 obj.<</Count 0/Kids[]/Type/Pages>>.endobj.3 0 obj.<<>>.endobj.xref..0 4..0000000000 65535 f..0000000016 00000 n..0000000061 00000 n..0000000107 00000 n..trailer..<</Size 4/Root 1 0 R/Info 3 0 R/ID[<2EED22EDD13AF44FB97526A7D0841BE7><2EED22EDD13AF44FB97526A7D0841BE7>]>>..startxref..127..%%EOF..

                                                                                                  C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-07-03 15-16-43-460.log

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:ASCII text, with very long lines (393)
                                                                                                  Category:dropped
                                                                                                  Size (bytes):16525
                                                                                                  Entropy (8bit):5.376360055978702
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:384:6b1sdmfenwop+WP21h2RPjRNg7JjO2on6oU6CyuJw1oaNIIu9EMuJuF6MKK9g9JQ:vIn
                                                                                                  MD5:1336667A75083BF81E2632FABAA88B67
                                                                                                  SHA1:46E40800B27D95DAED0DBB830E0D0BA85C031D40
                                                                                                  SHA-256:F81B7C83E0B979F04D3763B4F88CD05BC8FBB2F441EBFAB75826793B869F75D1
                                                                                                  SHA-512:D039D8650CF7B149799D42C7415CBF94D4A0A4BF389B615EF7D1B427BC51727D3441AA37D8C178E7E7E89D69C95666EB14C31B56CDFBD3937E4581A31A69081A
                                                                                                  Malicious:false
                                                                                                  Preview:SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:961+0200 ThreadID=6596 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:962+0200 ThreadID=6596 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:962+0200 ThreadID=6596 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:962+0200 ThreadID=6596 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:962+0200 ThreadID=6596 Component=ngl-lib_NglAppLib Description="SetConfig:

                                                                                                  C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:ASCII text, with very long lines (392), with CRLF line terminators
                                                                                                  Category:dropped
                                                                                                  Size (bytes):15090
                                                                                                  Entropy (8bit):5.328179866182767
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:384:av9kvhe9ebBRRUaZvktRPeDH4dB2gV5zknmMK2MyL3JzpTIvnQ/sJmJ0Rn7zB2+e:oWB
                                                                                                  MD5:39952F98933CE765E120753C44FA1185
                                                                                                  SHA1:CF2EB79FA8EBA791561003B66E59F8A5B7F0629D
                                                                                                  SHA-256:2F5718A96D3A60007D385916600F2C9412560A3DC84A221B890CA2F3861D6013
                                                                                                  SHA-512:31577FC6005976E17C44AB632AF5EF1F4461214CFB6BA2505D17DAC67C764C9A732F0BF1F0D56DEC1DAC079F277666718124885EDB0D3A2A6E67A088F2AC5CC4
                                                                                                  Malicious:false
                                                                                                  Preview:SessionID=103eacc7-55a8-43f9-909e-17cead089330.1720034203488 Timestamp=2024-07-03T15:16:43:488-0400 ThreadID=5364 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------"..SessionID=103eacc7-55a8-43f9-909e-17cead089330.1720034203488 Timestamp=2024-07-03T15:16:43:514-0400 ThreadID=5364 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found"..SessionID=103eacc7-55a8-43f9-909e-17cead089330.1720034203488 Timestamp=2024-07-03T15:16:43:514-0400 ThreadID=5364 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!"..SessionID=103eacc7-55a8-43f9-909e-17cead089330.1720034203488 Timestamp=2024-07-03T15:16:43:523-0400 ThreadID=5364 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1"..SessionID=103eacc7-55a8-43f9-909e-17cead089330.1720034203488 Timestamp=2024-07-03T15:16:43:523-0400 ThreadID=5364 Component=ngl-lib_NglAppLib Description="SetConf

                                                                                                  C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                  Category:dropped
                                                                                                  Size (bytes):29752
                                                                                                  Entropy (8bit):5.39999980006149
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:768:GLxxlyVUFcAzWL8VWL1ANSFld5YjMWLvJ8Uy++NSXl3WLd5WLrbhhVClkVMwDGbO:6
                                                                                                  MD5:96495C72ED37C6851DAE8E144F908A73
                                                                                                  SHA1:A03D0C378EA1A70771E46324CFC699D386F9726D
                                                                                                  SHA-256:0D0D756EEDF0F7901ECBBE819535A0EACB4FD9B0CD196FD26F5A4FC57B5DADFB
                                                                                                  SHA-512:9579BB9B765F1AA4BA077B4FE690913F34A7234F22FC264976B6ECF13718F00C2778EA7EF475ECEB41E0F7B8A057CA49383B405C3E5F96660830BD3F27BE1188
                                                                                                  Malicious:false
                                                                                                  Preview:04-10-2023 02:39:31:.---2---..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : ***************************************..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : ***************************************..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : Starting NGL..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..04-10-2023 02:39:31:.Closing File..04-10-

                                                                                                  C:\Users\user\AppData\Local\Temp\acrocef_low\379a2e62-3256-4fc6-a26b-5bb1eeedaafa.tmp

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
                                                                                                  Category:dropped
                                                                                                  Size (bytes):758601
                                                                                                  Entropy (8bit):7.98639316555857
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg
                                                                                                  MD5:3A49135134665364308390AC398006F1
                                                                                                  SHA1:28EF4CE5690BF8A9E048AF7D30688120DAC6F126
                                                                                                  SHA-256:D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B
                                                                                                  SHA-512:BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5
                                                                                                  Malicious:false
                                                                                                  Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....

                                                                                                  C:\Users\user\AppData\Local\Temp\acrocef_low\38ee6027-ee42-4ae8-af0a-4eeb0c036a51.tmp

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
                                                                                                  Category:dropped
                                                                                                  Size (bytes):1407294
                                                                                                  Entropy (8bit):7.97605879016224
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24576:/xA7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07/WLcGZtwYIGNPJe:JVB3mlind9i4ufFXpAXkrfUs0jWLcGZa
                                                                                                  MD5:22B260CB8C51C0D68C6550E4B061E25A
                                                                                                  SHA1:DF9A5999C58A8D5ADBB3F8D1111EAB9E4778637E
                                                                                                  SHA-256:DAB1231CC22DAB591EBB91C853E3EE41C10D3DA85D2EFAB67E9A52CCB3A3A5A0
                                                                                                  SHA-512:503218D83C511A7F7CEA8BC171921D1435664B964F01A8C77DC0F4D0196DD2815D9444DA98278E1369552D004E9B091DD9B89663209F0C52ACB97FCE6AFFE7A9
                                                                                                  Malicious:false
                                                                                                  Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                                                                                                  C:\Users\user\AppData\Local\Temp\acrocef_low\58c66d0b-0be7-4612-9afe-0bf3954343dc.tmp

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 57837
                                                                                                  Category:dropped
                                                                                                  Size (bytes):1419751
                                                                                                  Entropy (8bit):7.976496077007677
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24576:/xA7owWLaGZDwYIGNPJxdpy6mlind9j2kvhsfFXpAXDgrFBU2/R07c:JVwWLaGZDwZGV3mlind9i4ufFXpAXkrj
                                                                                                  MD5:96E2EE6506759519A5E3E5E550F28388
                                                                                                  SHA1:477522A699526F3EC2270AD0B3D3B8D6609F8BBB
                                                                                                  SHA-256:D135FEF8231B87D1F758B3D31FC5467BC933321F7E8EACB316F933DBA36474D5
                                                                                                  SHA-512:C84E93CB72ABC0742C44BF13608472EDD30BE64358C0DA350D9D54C0A88EC45931D48CE1DA823FC527E5134E7277B16AFE0521F2716C067A519FDD390DB315CC
                                                                                                  Malicious:false
                                                                                                  Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                                                                                                  C:\Users\user\AppData\Local\Temp\acrocef_low\a101ce50-11dd-4fcb-8220-fbd8ab7ef473.tmp

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
                                                                                                  Category:dropped
                                                                                                  Size (bytes):386528
                                                                                                  Entropy (8bit):7.9736851559892425
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m
                                                                                                  MD5:5C48B0AD2FEF800949466AE872E1F1E2
                                                                                                  SHA1:337D617AE142815EDDACB48484628C1F16692A2F
                                                                                                  SHA-256:F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
                                                                                                  SHA-512:44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324
                                                                                                  Malicious:false
                                                                                                  Preview:...........]s[G. Z...{....;...J$%K&..%.[..k...S....$,.`. )Z..m........a.......o..7.VfV...S..HY}Ba.<.NUVVV~W.].;qG4..b,N..#1.=1.#1..o.Fb.........IC.....Z...g_~.OO.l..g.uO...bY.,[..o.s.D<..W....w....?$4..+..%.[.?..h.w<.T.9.vM.!..h0......}..H..$[...lq,....>..K.)=..s.{.g.O...S9".....Q...#...+..)>=.....|6......<4W.'.U.j$....+..=9...l.....S..<.\.k.'....{.1<.?..<..uk.v;.7n.!...g....."P..4.U........c.KC..w._G..u..g./.g....{'^.-|..h#.g.\.PO.|...]x..Kf4..s..............+.Y.....@.K....zI..X......6e?[..u.g"{..h.vKbM<.?i6{%.q)i...v..<P8P3.......CW.fwd...{:@h...;........5..@.C.j.....a.. U.5...].$.L..wW....z...v.......".M.?c.......o..}.a.9..A..%V..o.d....'..|m.WC.....|.....e.[W.p.8...rm....^..x'......5!...|......z..#......X_..Gl..c..R..`...*.s-1f..]x......f...g...k........g....... ).3.B..{"4...!r....v+As...Zn.]K{.8[..M.r.Y..........+%...]...J}f]~}_..K....;.Z.[..V.&..g...>...{F..{I..@~.^.|P..G.R>....U..../HY...(.z.<.~.9OW.Sxo.Y

                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 18:17:08 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                  Category:dropped
                                                                                                  Size (bytes):2677
                                                                                                  Entropy (8bit):3.98561355307781
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:48:88dJjTRVRfHBidAKZdA19ehwiZUklqehKy+3:8GbFFy
                                                                                                  MD5:E80962F6E968830C3D1FB3A314A5D88B
                                                                                                  SHA1:40589DF39DF5864FBEE34DECDA10D7F48787E1A6
                                                                                                  SHA-256:2B9B7FBB0E536EE307F64A0037A0D21734BAA027E0487005044D73EE8551F22A
                                                                                                  SHA-512:9FFC11807341D0523C329CCBC8D65E0C37C797BCABA38173974274B95E0C0840CCB707C395490DDF79A4F53F4481BE2E96A1817E9DAD1AC7BF2C26A2CAC42FE2
                                                                                                  Malicious:false
                                                                                                  Preview:L..................F.@.. ...$+.,......h.}...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X#.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X#.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X#............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X%............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............=.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 18:17:08 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                  Category:dropped
                                                                                                  Size (bytes):2679
                                                                                                  Entropy (8bit):4.004244494520305
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:48:8KdJjTRVRfHBidAKZdA1weh/iZUkAQkqeh1y+2:8Ibf9Qoy
                                                                                                  MD5:1C41F9ECDB315E496CC75593E22DD091
                                                                                                  SHA1:9016D1DE0695D9F29463A6DADDEC87AC53507216
                                                                                                  SHA-256:39E48512FAB17A4E9C91D4A1E0646F899393AE19AFD1C59A7998A73155E1A360
                                                                                                  SHA-512:9DFB1742AB9F9582DE4AED531F0548E24C700F84E48BA365303E9510759AB265D4F80B7B65908FCC422441687CF305A8071E4B5F986321B648417D82B3683105
                                                                                                  Malicious:false
                                                                                                  Preview:L..................F.@.. ...$+.,......[.}...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X#.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X#.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X#............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X%............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............=.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                  Category:dropped
                                                                                                  Size (bytes):2693
                                                                                                  Entropy (8bit):4.009993995412797
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:48:8xMdJjTRVsHBidAKZdA14tseh7sFiZUkmgqeh7sby+BX:8xWbQn5y
                                                                                                  MD5:FE26B791C426E06B0999EF715BF77B23
                                                                                                  SHA1:CA0AE2ED972E7D65861ECF8A286A756469BE1A6A
                                                                                                  SHA-256:26DBC857EEEF32C846386EA1B794062D379F437BBD955FC52E22F10CE20BA6CF
                                                                                                  SHA-512:1909DB4056509E29D190C3C66D4D2B48DE6423496A38B9D738D120EC6AD2614C329E0FE010CC8B5CEFDE234756112286379BEAB977C45D1A7260EA2170AD6ECE
                                                                                                  Malicious:false
                                                                                                  Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X#.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X#.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X#............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............=.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 18:17:08 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                  Category:dropped
                                                                                                  Size (bytes):2681
                                                                                                  Entropy (8bit):3.9990576474530495
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:48:8lOdJjTRVRfHBidAKZdA1vehDiZUkwqehxy+R:8lcbczy
                                                                                                  MD5:297E8E7E9983A78DEBCA075D7676C250
                                                                                                  SHA1:AE1CC2DA58CB1DFF43574AB7D654D54081730A9C
                                                                                                  SHA-256:2EC0AAF22FACCF85300720E07CCFD12F722AC3BCE9AB8EBF395E1A3A17D7E496
                                                                                                  SHA-512:4A685B7E0525058AF0A11577CB9B187A157B0D4686849B8CF104F88B75086A8B0875FA6E0A427B2EDD07F095F4DED699A778B700A2E30E1FC1FC86761E5EACAC
                                                                                                  Malicious:false
                                                                                                  Preview:L..................F.@.. ...$+.,.....\U.}...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X#.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X#.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X#............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X%............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............=.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 18:17:08 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                  Category:dropped
                                                                                                  Size (bytes):2681
                                                                                                  Entropy (8bit):3.9866397629696477
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:48:8pdJjTRVRfHBidAKZdA1hehBiZUk1W1qehPy+C:8Vbs9vy
                                                                                                  MD5:2E54E260E177B99E45206C7EB58BB57E
                                                                                                  SHA1:C1EEA7A5182DBEE531DACBCB888723DAD82B96E9
                                                                                                  SHA-256:9EC845BDAE71BDB93166BE4FE573B519848B8DE1B9951DDBE09A3AF90767C193
                                                                                                  SHA-512:B5897869811872A9376BA119B4C8CAAA44A7AC931C80ACCC5492C78D616F16934F46C1DAECB39021EAF0D4E189BC5CA58029B7C2840699519AEF800FE5577E32
                                                                                                  Malicious:false
                                                                                                  Preview:L..................F.@.. ...$+.,.....4a.}...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X#.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X#.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X#............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X%............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............=.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 18:17:08 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                  Category:dropped
                                                                                                  Size (bytes):2683
                                                                                                  Entropy (8bit):3.9995929630594667
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:48:83dJjTRVRfHBidAKZdA1duT+ehOuTbbiZUk5OjqehOuTb5y+yT+:83bCT/TbxWOvTb5y7T
                                                                                                  MD5:0BA194A9BDE743FC50FA073D07A8AEB3
                                                                                                  SHA1:A4BA92948581A678736DCEA7A0A6F941A58DF341
                                                                                                  SHA-256:A3C2C6659972964F5D2B8D47C4C7AF591EF163D3F2CF68F45D7B3FAAC7ED2D36
                                                                                                  SHA-512:DFD949503EFDE0C7CE7E6E470B847CBD09461B49A71F9D6E0D5252D8D4C360AEB52E84CAC64A4EE660E841086690250AA6AE8783FE25F267A1DA2C0E6045E10F
                                                                                                  Malicious:false
                                                                                                  Preview:L..................F.@.. ...$+.,......J.}...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X#.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X#.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X#............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X%............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............=.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                  Chrome Cache Entry: 252

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (35861)
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):36099
                                                                                                  Entropy (8bit):5.316142828881082
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:768:0oGn9wAw0bz6AAtzK61ACmNlCmUlVLVzhlhbclAETqacc:0Zwobozhmym4LVzVbpEmacc
                                                                                                  MD5:2E0A5366524D9DADF705A10837C5DE13
                                                                                                  SHA1:374F79CE5A27CF1A54F69BAB7F082E18B9C223CC
                                                                                                  SHA-256:F2C85AF65952BDE6EABBE92BC9B40D3C17B6B2CC06A9F368AB06434F97A660A8
                                                                                                  SHA-512:5E1F24FD506894AD2C7A3CD22D799348AC5B72CCBDF2B2AD3EC200D751BA0666EFAC0A4F738709AE838E2EC63E18EC8971B33241FE9CF939E4DDCFFC4CF86B54
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.508f317.js
                                                                                                  Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[824],{85768:function(e,t,n){n.r(t),n.d(t,{initializeTelemetryLogger:function(){return be}});var i,a=n(92560),r=n(63061),s=n(60211),u=n(5809),o=function(e){for(var t=[],n=1;n<arguments.length;n++)t[n-1]=arguments[n]},l=n(73546),_=n(5699),m=n(59312),b=n(26261);!function(e){e.DataClassification={EssentialServiceMetadata:1,AccountData:2,SystemMetadata:4,OrganizationIdentifiableInformation:8,EndUserIdentifiableInformation:16,CustomerContent:32,AccessControl:64,PublicNonPersonalData:128,EndUserPseudonymousInformation:256,PublicPersonalData:512,SupportData:1024,DirectMeasurementData:2048,Everything:65535},e.DataFieldType={String:0,Boolean:1,Int64:2,Double:3,Guid:4},e.SamplingPolicy={NotSet:0,Measure:1,Diagnostics:2,CriticalBusinessImpact:191,CriticalCensus:192,CriticalExperimentation:193,CriticalUsage:194},e.PersistencePriority={NotSet:0,Normal:1,High:2},e.CostPriority={NotSet:0,Normal:1,High:2},e.DataCategories={NotSet:0,SoftwareS

                                                                                                  Chrome Cache Entry: 253

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:PNG image data, 206 x 58, 8-bit/color RGBA, non-interlaced
                                                                                                  Category:dropped
                                                                                                  Size (bytes):24532
                                                                                                  Entropy (8bit):7.964334220735629
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:384:/fd5+Vx/ZAwws2EkSW/gN4MK6Rku7C7QTPvdEo5dHogvt/rSSavNzqZ:/fP0Z5w3GC5j6k2vd5HtlTgvkZ
                                                                                                  MD5:FEFA2B103737887F3ED6FDE7E449E499
                                                                                                  SHA1:F3E0CDDE45D6FD735E3ED6CC961221C360D21A6B
                                                                                                  SHA-256:D514AA1BF3E028EF40CB35BB0879CD2560427F7522F2C6C66B3D6AD33C1DB0E8
                                                                                                  SHA-512:EDD2D2400D0B1129170BDB9B90F6E295B3CDCC32F6B5BA0F89F17B3E95AC81E8A882698D9DDE7E5AE12850C369765CA3D1C26B878F1490F3E220022663481EB6
                                                                                                  Malicious:false
                                                                                                  Preview:.PNG........IHDR.......:.......f.....gAMA....|.Q.... cHRM...........y..|...o*......<......H....>iCCPICC Profile..X.WgTS..>.$!....H..."5...Z...FH...c ..A....l....;bgPl.....8..]y'.,3..[.....g.o.{n.....D9.:...|ql.?}\r.....@.d....n............7.5.k.R..........8..... .x.W$...(.M..I1.@K...x..g.q.....^.M|,..V..T8.q...W..^......;.y.!...On.....[C...R~F.w<.?p..sr8..X..L...y...........K8T2.!..a.neO..b....i.Q.kB.^...C.R2%!.r{...5.:.;.8.a..@.$..W....Al...A.......B........,.....6..YL..<G,.+..@...T......jaf|...........B......[.....Kb..C.........tqP..47o(_ls.......3.C...Z..Y.0..._.L................q....|.X.Z.".V....`...b...8.Z<1.nH9?.......fqB.....A8`..@..8.......}.}.J>..8@.2...+4C+.d3Bx....O.. ox..l......V~......l...\..r.D.J8.-.<...?.s...xs.....~H.M..p.F2.6dI.$..C.AD.\.....px...g..Cy|.'<%t...n....'...?E... ....i........?...!3....{...a..+..qK.B.........;.#.%. ....^.j..:."......6\o.....Y.U...a?[b....9..v.;.5.:v.k..cR<....v..XY<.G...CwVZ.<.Z.^...|.t.;..

                                                                                                  Chrome Cache Entry: 254

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (36828), with no line terminators
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):36852
                                                                                                  Entropy (8bit):4.785064115419051
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:768:78zfymMS/I9ujl4wRsQuTl9/eQ0NR4a9WGYOEqSeyHKUPHo7d2lHEb45OIRxk:7H+A9+46sTl9/eQ0NR4a9WGYO7SRHKBv
                                                                                                  MD5:990801662534EE1721B5E13CBCE22204
                                                                                                  SHA1:FACFC3E0BCE8E3D852182ECC04B09C65B1A76107
                                                                                                  SHA-256:F8C726307112A55E1B8FF867A36FBCFB3B1B2AB1CC9D3FEEECEDD17773099624
                                                                                                  SHA-512:23E7431360D8301378A853DD13158A5EA33AC16EF303CD18BEB25BD166F850869D0CDE5C1F668235355702CD78E7F6E76525E4E8BF36AA8CDD8EE8C5BBF9AD00
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/scripts/dists/ls-response.en-us.838832a06.js
                                                                                                  Preview:window.FormsLsMap = (window.FormsLsMap || {});window.FormsLsMap["en-us"]={"mdbicgo":"Required to answer","lbnbnjb":"Please share your comments here","jchpiio":"Help improve phishing detection","hkplpef":"It's not collecting sensitive info","lifjakb":"It needs to collect sensitive info","eackega":"Other","mnpehin":"Did this form trigger a false positive? Click to provide details.","amlalmd":"Why did you unblock this form?","acmngdo":"This user is not currently restricted from using Microsoft Forms. No further action is needed..","pdnfcop":"Correct","gplbmcp":"Print response","pfjnaob":"Required","dlogacb":"Pause background music","oancfdj":"Play background music","pjgjcee":"Pause live background","dplcjia":"Play live background","giamlmc":"Please select at least {0} options.","ggbmbok":"Please select at most {0} options.","mbpambh":"Please select {0} options.","dagpjbe":"1 - Poor","bcndghh":"2","oamcaon":"3","lhfhejf":"4","amdplne":"5 - Excellent","ifphmkc":"1 - Very dissatisfied","hh

                                                                                                  Chrome Cache Entry: 255

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):72346
                                                                                                  Entropy (8bit):5.496636107953024
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:1536:okftateSFCUb1xpYOFB97ttElKly0HX9D:btaPbdtPtD
                                                                                                  MD5:5E1393F1D8E2D999381C350E48B84E8D
                                                                                                  SHA1:3DFB10E14F6DAABB3A2E4C8A4263826DF86B587E
                                                                                                  SHA-256:49028E4782067D8002FD116DBC201033C2B111F4D34FF317630374EE5C70CE6F
                                                                                                  SHA-512:648BFE3FBB8C60D5EE3245EA7595EC491724FBDF2D3B9C68236DA0976F100B7E38FA55252A3970640B5459EF92B09590D65474ADBE8EDACFBD4D0C0870DCD3D1
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.9b66b66.js
                                                                                                  Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[376],{86219:function(e,t,n){n.d(t,{l:function(){return o}});var i=n(35852);function o(e){for(var t=[],n=1;n<arguments.length;n++)t[n-1]=arguments[n];for(var o=[],r=0,_=t;r<_.length;r++){var a=_[r];a&&o.push("function"==typeof a?a(e):a)}return 1===o.length?o[0]:o.length?i.m.apply(void 0,o):{}}},82699:function(e,t,n){n.d(t,{j:function(){return _}});var i=n(65690),o=n(36178),r=n(49295);function _(e){var t=o.Y.getInstance(),n=(0,r.dH)((0,i.Eo)(),e);if(!t.classNameFromKey(n)){var _=t.getClassName();t.insertRule("@font-face{".concat(n,"}"),!0),t.cacheClassName(_,n,[],["font-face",n])}}},41633:function(e,t,n){n.d(t,{x:function(){return r}});var i={},o=void 0;try{o=window}catch(e){}function r(e,t){if(void 0!==o){var n=o.__packages__=o.__packages__||{};if(!n[e]||!i[e])i[e]=t,(n[e]=n[e]||[]).push(t)}}r("@fluentui/set-version","6.0.0")},20660:function(e,t,n){n.r(t),n.d(t,{AnimationClassNames:function(){return J},AnimationStyles:functio

                                                                                                  Chrome Cache Entry: 256

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:SVG Scalable Vector Graphics image
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):1795
                                                                                                  Entropy (8bit):5.2687859815811
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24:tO5SRuJ8QTmHOrW5LRqVsL+ek4KKeZvqHsL7ek4KZSY3+1AqHsLsek4KA6lWHxDT:gzE5lLZaLuY3+uLkWH1HMAHnf
                                                                                                  MD5:DF1CD3F2DAAEE5F629C10FBC609CAC35
                                                                                                  SHA1:7C4EADD1001AFA795442C3CA06B645CFC4831BC8
                                                                                                  SHA-256:C04BC4EE3D822B90BA1A8562DF69FC44E199E8E36D2FDAD3F3787FCF9C5163DD
                                                                                                  SHA-512:3F69A1B5B192C741167622A810A9CF59C071674C8014464A29E08E4BFB9546B33246D9E72CFD3E8AB5178FFF91749013B78E4BCD7A044FF309C2255425D578F6
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/images/aio/wave-pattern-v1.svg
                                                                                                  Preview:<svg width="1366" height="768" viewBox="0 0 1366 768" fill="none" xmlns="http://www.w3.org/2000/svg">..<g clip-path="url(#clip0_1395_123507)">..<path d="M-30 1060.71V411.179C326.5 316.179 440.5 774.207 852 532.207C1181.2 338.607 1397.5 429.207 1464.5 498.707V1060.71H-30Z" fill="white" fill-opacity="0.15" stroke="url(#paint0_linear_1395_123507)" stroke-opacity="0.4" stroke-width="3"/>..<path d="M-125 1066.76V504.755C53.5 613.255 334 418.255 529 415.755C724 413.255 846 471.255 1069 574.255C1247.4 656.655 1384.33 608.589 1430.5 574.255V1080.76L-125 1066.76Z" fill="white" fill-opacity="0.2" stroke="url(#paint1_linear_1395_123507)" stroke-opacity="0.4" stroke-width="3"/>..<path d="M-81 1256.47V701C277 467 360.5 747.652 683 540.47C1005.5 333.288 1317.67 573.97 1472.5 625.47L1491 1256.47H-81Z" fill="white" fill-opacity="0.2" stroke="url(#paint2_linear_1395_123507)" stroke-opacity="0.4" stroke-width="3"/>..</g>..<defs>..<linearGradient id="paint0_linear_1395_123507" x1="-104.5" y1="895.178" x2

                                                                                                  Chrome Cache Entry: 257

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:PNG image data, 490 x 180, 8-bit/color RGBA, non-interlaced
                                                                                                  Category:dropped
                                                                                                  Size (bytes):5895
                                                                                                  Entropy (8bit):7.720248605671278
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:96:n40H7NhvmuFFBL413wHGfZ1rsrohnXcF1BN8+PrfUFd0abvPsrXf:nbRFmuxcJfLrvnXcFjNRUFd00Wv
                                                                                                  MD5:311274C8C9C66E894F5AFA51FACD72CD
                                                                                                  SHA1:386D1FA0B2924DF2C21545CF2FF1DDE2CD985D33
                                                                                                  SHA-256:BC3C029408DAB6B5CB676B990B2E21BDD474E4B2E45DAF87E70210539390BF49
                                                                                                  SHA-512:2117BC16AC878BCC307CEA0DEFA0638800715330E83E9C8C1CAD7398BBF207E9432391B851E004308FB75C20C2D6F587D015FA3FB13F8630FE3E0C7E194979FC
                                                                                                  Malicious:false
                                                                                                  Preview:.PNG........IHDR.............[.o.....IDATx......U.....xi.#..l.%3J.t.D\If5h.......>.Ft.....].8f..A...(../....D..1b.%.9:1y.LD.3...~Y....?..........(.s....~.nh........................................................................................................................................................................@...6`.W.....z.m..z....@.:.`..e.agn..w[-..}O.L...Gf.h.V....Wlu......n.....ek...z...Z...lu..AMP..@P...........&... ..j..AMP..@P..............3f.X).K._.J..+....d...5A.t..c._...R6K.2....@P.6A=}...'O...WZ[[{....;~..w[..7.x9.....uR~-.....7GB..0a..e?.........S...R&.<..X.2..r..}.>.hii.]......Q.N.iL..]..>y.r.\.."..U.g..A......K....'....q.LP..o..O..-.l...{....{)...+.....\N...9...P.d..+....B.[.Z..d.....e>...#i~%D.8Y&.E...L..M.+..OX..J1...|.do&......9..+8.[......ady...P_.....m.....mA-.P...A......a.e.zW.w..EnbIX.3.j.....k....[..Y...q[.r4...xY.....+w.g....Sk\#F..;9&.....4....f...I.'X....n.r.$.APw.P.A....M..8=..).0_.h./...b.....g......e.S...

                                                                                                  Chrome Cache Entry: 258

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (34041)
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):101666
                                                                                                  Entropy (8bit):5.420011181790742
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:1536:nNcvqnpyazy2HPZdcyJ5ktvCINXLtBMSV+wHq:NcvRazy2Htj2vCSXMSUT
                                                                                                  MD5:69B53C08ACFD81CB8659BB5193E96BBA
                                                                                                  SHA1:439AE06C71C6CE8C01AF6599E3F7CEB7C96900CF
                                                                                                  SHA-256:78537CEE7626C092BBB0ABE5749C3D07FC0C03FDDB3ECF770EBFDA6EAE395BD6
                                                                                                  SHA-512:0DDD047F0C8420A819971CAB5927EC6D3AD9939A79CADADBAEA44D410BF6F86AD83A1EC6DE82CE5353A021C6B5C7E2FABEF8749574CBA61300301665B7EED000
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel_1ds.6255456.js
                                                                                                  Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[173],{79966:function(n,t,r){r.d(t,{Z:function(){return L}});var e=r(49577),u=r(71106),i=r(40154),o=r(80403),f=r(39523),c=r(61746),a=r(18449),l=r(72480),v=r(52863),s=r(86969),d=r(90962),h=r(58398),p=500;function y(n,t,r){t&&(0,f.kJ)(t)&&t[l.R5]>0&&(t=t.sort((function(n,t){return n[s.yi]-t[s.yi]})),(0,f.tO)(t,(function(n){n[s.yi]<p&&(0,f._y)("Channel has invalid priority - "+n[l.pZ])})),n[l.MW]({queue:(0,f.FL)(t),chain:(0,d.jV)(t,r[l.TC],r)}))}var g=r(47151),m=r(45480),S=r(66450),T=function(n){function t(){var r,e,u=n.call(this)||this;function o(){r=0,e=[]}return u.identifier="TelemetryInitializerPlugin",u.priority=199,o(),(0,a.Z)(t,u,(function(n,t){n.addTelemetryInitializer=function(n){var t={id:r++,fn:n};return e[l.MW](t),{remove:function(){(0,f.tO)(e,(function(n,r){if(n.id===t.id)return e[l.cb](r,1),-1}))}}},n[s.hL]=function(t,r){for(var u=!1,o=e[l.R5],a=0;a<o;++a){var v=e[a];if(v)try{if(!1===v.fn[l.ZV](null,[t])){u=!0;brea

                                                                                                  Chrome Cache Entry: 259

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):1282
                                                                                                  Entropy (8bit):4.695064346385326
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24:mioTJODICcnv8cKoexKc846vgBv19ZY8mlvOq8RvLNHVENggeGg:micaIPU7oeoc8xYBvLmlgRjNOen
                                                                                                  MD5:8D30025E69BC896ACC2064D1791F5A88
                                                                                                  SHA1:1F14560FD3D30F0A2C291CE503CCB490C94E0C3E
                                                                                                  SHA-256:769442A29597F6DB303853931D749780EF46D2855412843431DAC07A9D72CCB0
                                                                                                  SHA-512:7363382D59DF760A37A8C48F6D7037EF9C57CE97EFA0AFDDD19FE133952EE825B9043C84227F4E0B6D4AED310E9DF0053294BF6EB991CC3FBE7338C853C51888
                                                                                                  Malicious:false
                                                                                                  Preview:{.. "FormFailedToLoad": "Failed to load form",.. "FormFailedToLoadCors": "The form can not be loaded on a domain that hasn't been allowed for external form hosting or there is a network connectivity issue",.. "LearnMore": "Learn more",.. "FormSubmitted": "Form submitted",.. "FormSubmitError": "Error submitting the form",.. "Reload": "Reload",.. "LookupLoading": "loading...",.. "LookupGenericError": "There was a problem retrieving items. Try again later.",.. "ValidationRequiredField": "This field is required",.. "EventFailedToLoad": "Failed to load event.",.. "EventAtCapacity": "This event is fully booked",.. "EventNotLive": "We are still setting up this event. Please check again in some time or contact the event organizer ",.. "SubmissionErrorEventNotLive": "Registrations for this event have been closed. We look forward to seeing you at our next event.",.. "SubmissionErrorEventCapacityIsFull": "Registrations for this event have been closed. We.re at full capacity! We lo

                                                                                                  Chrome Cache Entry: 260

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):16
                                                                                                  Entropy (8bit):3.875
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:3:H6Kn:aKn
                                                                                                  MD5:C79ACB86AFB721AC49A511937F416F7A
                                                                                                  SHA1:08A998839C183DEBD73B820BF4DFE3D32523488B
                                                                                                  SHA-256:F7A08A0606E5A0C0657ED109900A6C2F29807852FB9EEB1EF582B007A72F4711
                                                                                                  SHA-512:B204142816ECD205CDAB749FE52FBEBB8588CE0F391005B1C2F5B65B4728D0AA66934A544BBE491A8A141C2864C39EFC3E3D7920189648D639D05606CD6F494D
                                                                                                  Malicious:false
                                                                                                  URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAn8x6IPVPqTEBIFDcROmWY=?alt=proto
                                                                                                  Preview:CgkKBw3ETplmGgA=

                                                                                                  Chrome Cache Entry: 261

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 216x96, components 3
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):8797
                                                                                                  Entropy (8bit):7.899897299402154
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:192:uz8J35kNMwNnSXlUMGy+CfCBHXy7gppuRZuPEgrDMTWayqnW/K:uovkNHNSXAy+C8HX9uRZuPEgrgi5qnT
                                                                                                  MD5:ACAD113FB1986EE9A02C1AA64EC5BAE6
                                                                                                  SHA1:DF2BF56ED38DBFDBF4F371485561EF773D9CBD0B
                                                                                                  SHA-256:75329C904364D41E578EF5CA6227B201429343D63100CBADB54BF236C6520961
                                                                                                  SHA-512:B2D2E4CC41DC0C255F248ED0558A4105D9ABEFEC998169CB10B3E94D55EB8946784BA94110E2FFF42445BACAA029C13B8193CC92BD987B47528D09CFB501C7DB
                                                                                                  Malicious:false
                                                                                                  URL:https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=b105fd92-33cc-447c-b000-df58cfaf4e89&rnd=48c46033440a4adcaad070e562fb0a2c&market=en
                                                                                                  Preview:......JFIF.....`.`.....C....................................................................C.......................................................................`...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...+3.(.._...,..|+.|Y.[^^X.....7..X/.=...T#).F;...j..........6.....c....P..,...[/...a...!..j.ls.^.WZ.JR...WAEs..>-xg..WW.f...wKiV....Xci..,yc.G'.T.K.............^...Ar..............NOi..{.O.9..u.W.|m..W..9...3.^..~#x.g.sc..[}!.G...U...R[...........o.j....`.Yk>#-u3..X....H..vQ.kTI...m...eV(......?.....K..<e...[..>..Lj..u...r... .6.MK...A.....?..+....>

                                                                                                  Chrome Cache Entry: 262

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (23130), with no line terminators
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):23130
                                                                                                  Entropy (8bit):5.457892936984755
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:384:Kf1tpttYrBYe8GeHqyAvyJn9Xfq2UnHPzymrVQ3ycQyPxZ3GyHyjyryUy4:Kf1tptirF8GINXJ9CZeASicfPjhSGuL4
                                                                                                  MD5:95C44936028D789DAF396F121565D63F
                                                                                                  SHA1:0DBE534E84555F92EECBFE75BFE4DC43E570C4CB
                                                                                                  SHA-256:BC505727B22AAB0EE031D6FA43D5A0DF29220C350CCE23775863FC2648D3B52B
                                                                                                  SHA-512:69C764FD2FA4314A85F2DEDA6EBD6E2E136A27397F44B6EECD20118068426E6D9B0110D30464A12A99DB69EAC610AAFC49866D996121421FDA40A784144BF81E
                                                                                                  Malicious:false
                                                                                                  URL:https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?fid=bbf60dad-072f-44d9-a6e7-e0931f50c482&type=visual&rnd=2de0e11d-da42-446f-a718-00c44672625d&mkt=en
                                                                                                  Preview:var GetWLSPHIP0=function(c){var o = c;var r = o.Renderer(arguments);return r;};var WLSPHIP0=GetWLSPHIP0((function(){var p="Renderer",i={},a={},c={},e={},f={},q={},b={},h={},g={},n={},d={};function l(){if(b(a)){alert("missing client HIP object");return false}if(b(a.holder)||b(a.scriptHolder)){alert("missing holder or scriptHolder in client HIP object");return false}if(b(a.postLoad)){alert("missing postLoad in client HIP object");return false}if(b(a.left)||a.left<0||a.left>1e3)a.left=0;if(b(a.done))a.done=0;if(b(a.count))a.count=0;if(b(a.type))a.type="visual";if(b(a.style))a.style="0";if(b(a.showInstruction))a.showInstruction=true;if(b(a.instructionsInside))a.instructionsInside=false;if(b(a.inputWidth)||a.inputWidth<240)a.inputWidth=240;if(b(a.showMenu))a.showMenu=true;if(b(a.showHelp))a.showHelp=true;if(b(a.showError))a.showError=true;if(b(a.showAddAccountOption))a.showAddAccountOption=true;if(b(a.errorMessage))a.errorMessage="";if(b(a.menuOutsideCallback))a.menuOutsideCallback=function

                                                                                                  Chrome Cache Entry: 263

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
                                                                                                  Category:dropped
                                                                                                  Size (bytes):7886
                                                                                                  Entropy (8bit):3.973130033666625
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:48:gzeweweQeQeQe2eWe+RjvChvL42Kcb/M96GgEfY86d:pNNttt3X8upiJvQFd
                                                                                                  MD5:9425D8E9313A692BB3F022E8055FAB82
                                                                                                  SHA1:EDDCF3EA767D4C3042D01AC88594D7E795D8615C
                                                                                                  SHA-256:F2A1ABCF12EBD0F329E5B66B811B0BD76C8E954CB283CE3B61E72FBF459EF6F1
                                                                                                  SHA-512:93B3EB3C4CE385D80D4A8F6902355BBD156AC1AA20B8869AF05C8E714E90E74C5630BB8DE34D5B8FC9F876AC44BE314F3A2A08B3163295ADADBC6DD7B8D23561
                                                                                                  Malicious:false
                                                                                                  Preview:...... .... .....6......... ............... .h...f...(... ...@..... .........................................................................................................................................................................................................................................................................................................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................ZV..ZV..ZV..ZV..ZV..ZV..ZV..ZV..^Z..pl..pl..pl..pl..................................|x..pl..pl..................................QN..QN..QN..QN..QN..QN..QN..QN..QN..c`..pl..pl..pl..................................|x..pl..pl............

                                                                                                  Chrome Cache Entry: 264

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:GIF image data, version 89a, 20 x 20
                                                                                                  Category:dropped
                                                                                                  Size (bytes):7615
                                                                                                  Entropy (8bit):7.096403551516808
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:96:y5183szmkC+p6ryjHYAal1l3BzYB4DVGTVmuNtB99iO7nLrpxOlOj9yEr7I:i83Am3y8dn1BY4DVGZmAB9o8rpxOINrM
                                                                                                  MD5:563A41948AA94C4FF6D5E918D846C488
                                                                                                  SHA1:803C01DE983417650B6780269699191D5AC73357
                                                                                                  SHA-256:20765C1AA45654ABA95D64A80B64434ED8F8FFBD77371E660291A7FB6AAEFB7A
                                                                                                  SHA-512:BFFB85AE116C0D7028968E1A692B7D500C5CC335FAAAA3A2DE8FE5D4A84C3936EC71A0D15CEF7404F77F9E3F9B989A89AD7497733AD8F6198A8B597C04921944
                                                                                                  Malicious:false
                                                                                                  Preview:GIF89a.......F...........G................................Z0......................b:..........J...........L......................H.....K...........M...............I..O"...................rN.\2...........U).J.............N!.G..........~]...R&.......^5.......}\..........`8.yW.....pL.........w...._..........{Y....{..._7.iC....zY......zX.Q%.......c.M ........lF.`...........a9..q.r.m..........t.U*.....h.........j.xV.n...[1.uR......wT...qM.]4...m...._6..v......lG.....^........oJ...e...W,..y.kE.\3.f?..g.mH.nI.wU.T(.d=.....k.c.f.a.x.~...|.z.jD.X..V+.tP.tQ.gA.s.hB.i.w...b.d.....u.g@....sO.Y/..o.W-..}....oK.P$.|Z.d<....O#....vS.|[.jD.e>.c;.S'........................................!..NETSCAPE2.0.....!.......,.........."....H......*\....#J.H....3j.h1 .!.......,.............1P@...]... P..."....!.......,..........0....H......*\....#J..P..w. ....O..(.P.I...#...!.......,..........?....H......*\.

                                                                                                  Chrome Cache Entry: 265

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (23130), with no line terminators
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):23130
                                                                                                  Entropy (8bit):5.457292410546807
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:384:Kf1tpttYrBYbPGeHqyAvyJn9Xfq2UnHPzymrVQ3ycQyPxZ3GyHyjyryUy4:Kf1tptir+PGINXJ9CZeASicfPjhSGuL4
                                                                                                  MD5:10A12385BCC4132E01EA03BCEFAB021C
                                                                                                  SHA1:E9BF7FD17737A38FA7641EAFF7ABB85853AE9AD1
                                                                                                  SHA-256:F2728B3945FF02DF1BBE21472927D65C3E7B8573ED930D34A8B9F1A49E059274
                                                                                                  SHA-512:2D3CF76E922ECBDE670418FDA11A6A9754A572A25C341D9D3CA84A381DCDD1739DCBE1DAFC860F47901AEAE75EDB459AF9C9F2179D554B1F0EF43C833D912C32
                                                                                                  Malicious:false
                                                                                                  URL:https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?fid=b105fd92-33cc-447c-b000-df58cfaf4e89&type=visual&rnd=c3b6d445-c55a-490e-a171-56d758d0beaf&mkt=en
                                                                                                  Preview:var GetWLSPHIP0=function(c){var o = c;var r = o.Renderer(arguments);return r;};var WLSPHIP0=GetWLSPHIP0((function(){var p="Renderer",i={},a={},c={},e={},f={},q={},b={},h={},g={},n={},d={};function l(){if(b(a)){alert("missing client HIP object");return false}if(b(a.holder)||b(a.scriptHolder)){alert("missing holder or scriptHolder in client HIP object");return false}if(b(a.postLoad)){alert("missing postLoad in client HIP object");return false}if(b(a.left)||a.left<0||a.left>1e3)a.left=0;if(b(a.done))a.done=0;if(b(a.count))a.count=0;if(b(a.type))a.type="visual";if(b(a.style))a.style="0";if(b(a.showInstruction))a.showInstruction=true;if(b(a.instructionsInside))a.instructionsInside=false;if(b(a.inputWidth)||a.inputWidth<240)a.inputWidth=240;if(b(a.showMenu))a.showMenu=true;if(b(a.showHelp))a.showHelp=true;if(b(a.showError))a.showError=true;if(b(a.showAddAccountOption))a.showAddAccountOption=true;if(b(a.errorMessage))a.errorMessage="";if(b(a.menuOutsideCallback))a.menuOutsideCallback=function

                                                                                                  Chrome Cache Entry: 266

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:HTML document, ASCII text, with very long lines (5844), with CRLF line terminators
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):7914
                                                                                                  Entropy (8bit):4.4735908000780045
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:192:SpQxQDWiOYDOBazx3Vg+V77dk7wxQNy5Z3DVSe:SozYDPzx3Vz7dpdZzV7
                                                                                                  MD5:56F9CD8A07135E776326431C8560F8F2
                                                                                                  SHA1:FCFF27C475A9FB014661B045B59C8BB4799A0392
                                                                                                  SHA-256:0E1D105D6EE902B7279AEFD9E8AF21AB3E5D0CF058332A2A0E53A351524C75E6
                                                                                                  SHA-512:E75E2B65828CDE51CA880AEE30A74A3EE04B25B0FC0D2AF5B4BB675B62B592CF12D284771A0CE0A8174295F93C4D9007DA5C407C65229456EC0F1A18A6C8EE28
                                                                                                  Malicious:false
                                                                                                  URL:https://forms.office.com/offline.aspx
                                                                                                  Preview:<!DOCTYPE html>....<html xmlns="http://www.w3.org/1999/xhtml" lang="en-us">..<head>.. <meta charset="utf-8" />.. <meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover" />.. <title>Microsoft Forms</title>.. <style>.. * {.. box-sizing: border-box;.. }.... body {.. height: 100vh;.. margin: 0 auto;.. background-color: #f3f2f1;.. font-family: "Segoe UI", "Segoe UI Web (West European)", "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", sans-serif;.. }.... .content-root {.. height: 100%;.. display: flex;.. align-items: center;.. justify-content: center;.. padding: 20px;.. }.... .offline-message {.. max-width: 600px;.. }.... .offline-title {.. font-size: 32px;.. line-height: 40px;.. margin-top: 24px;.. }...

                                                                                                  Chrome Cache Entry: 267

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 216x96, components 3
                                                                                                  Category:dropped
                                                                                                  Size (bytes):5938
                                                                                                  Entropy (8bit):7.8713284634188945
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:96:uEjq7fPfIwUY9JINC1pICdWdB6J8Na3ruqC1QFZ1PAL1COuVpHM+G:uimfnIwVrTpE6KNXqpoxcpst
                                                                                                  MD5:055839615F10371686A6416EEF493B1D
                                                                                                  SHA1:0C83A80C720CAC3F75C614ABF9D6DF2DBDC24283
                                                                                                  SHA-256:5DDFCD4BF4F95132BDA3C3C42A3D4A75B38F7F373C5FA7C2E78DB22050213117
                                                                                                  SHA-512:B28CEF7669872F6E139EDDC900D1927AF7FA4DB81CC75B1B17EC3B4590BEED3C4E4BC01CEA7998678E3B783566EE5691103AD5C85D4CAE3EEF238EE399473A91
                                                                                                  Malicious:false
                                                                                                  Preview:......JFIF.....`.`.....C....................................................................C.......................................................................`...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...+3.(...(...+..W........t.6.....Ud..%z.....G...._.y......Yj.....X...j....Le.V..X..t.cBU-...{.}~.L..N....P......k..hr}.nt...a.?Z..|w...%...........9..m.p..Q_......i.#.:.....m.....i...m...t.....n..m.<......>....vzO.t.-'E.7[[ZF.%V. .Z..a..i..nk.........'..X?....?....v.x.l.:b\.B..N....+...7z..."..~;.ZM.......|3..c..-.....B.. .....dm.s.z.R....%..H.P..)...

                                                                                                  Chrome Cache Entry: 268

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:HTML document, ASCII text, with very long lines (20912)
                                                                                                  Category:dropped
                                                                                                  Size (bytes):58044
                                                                                                  Entropy (8bit):5.360663360762408
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:768:v44iFMJ4gFrFlHUlm31E2vACKF2rvqXPdTD:wvFMOgRbHMIk1XPdTD
                                                                                                  MD5:FE0FDF3F5E52AB00FE9768809883DA4B
                                                                                                  SHA1:3322AA15DF09583A690DA1AD69D9DBAD7E6B13A2
                                                                                                  SHA-256:00A51DD7ED6F71E0FB2BEDAE92C429D5CA27E2708AC44B229950CE89DF98C8AE
                                                                                                  SHA-512:0F16480DC8F842DB6282372866AFB8F282B4CD8D7DEF0243A43CEF995A6A2033B7DBA2DF8D0F578361B87A8A9BD40BD4F4F421B21BAE16967401EF0AAAC09514
                                                                                                  Malicious:false
                                                                                                  Preview:<!DOCTYPE html><html><head>. <meta http-equiv="Content-Type" content="text/html; charset=utf-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <title>Marketing Form</title>. <meta name="referrer" content="never">. <meta type="xrm/designer/setting" name="type" value="marketing-designer-content-editor-document">. <meta type="xrm/designer/setting" name="layout-editable" value="marketing-designer-layout-editable">. <style>. .editor-control-layout html {. box-sizing: border-box;. background-color: #fff;. }. .editor-control-layout *,. .editor-control-layout *:before,. .editor-control-layout *:after {. box-sizing: inherit;. }.. .marketingForm h1 {. color: #000;. margin: 0px;. padding: 0px;. width: 100%;. font-family: "Segoe

                                                                                                  Chrome Cache Entry: 269

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:PNG image data, 192 x 192, 8-bit colormap, non-interlaced
                                                                                                  Category:dropped
                                                                                                  Size (bytes):1779
                                                                                                  Entropy (8bit):7.589819392147309
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24:zrait2296479bsDcRYPlA1yx91eaLHto1xrUU5sS8mR3VNADICk1bEk:HhtR9TUiWKaLHtUrt5sS8MAVsh
                                                                                                  MD5:4150A5D4F2B0284A9E62D247929DD2AA
                                                                                                  SHA1:97CA2D9ECE8F0855B2A93E6BFDFC4883685C51CB
                                                                                                  SHA-256:F058653DCBA7E8B00D4BDB9409E06817F098AB18125CE5A5821520F04030D176
                                                                                                  SHA-512:D034378E76D58A899047B4639115102CC8F89AEF3F300DDAF0C0B3EAE40C8381040D1656109632E9095ED3F399218F196087D070C099FD89B9605DFBC34FB585
                                                                                                  Malicious:false
                                                                                                  Preview:.PNG........IHDR.............e..5....PLTE....pp......@...pp......8...jp...:...lp...6..9......mp...8...kp...6..8...lp.lp7..7...mp...7...lp...7...lp.......lp.lp.lp7......mp...7...lp...6..7...68.;=.@B.AC.IL.NQ.SV.X[.DF.JM.NP.UX.X[.]`._b.ei.fj.hl.il.lp.pt.y}.z}....os.os.rv....uy....hl.x|.{.....{..~..............MP.......sx..............................................ch..........io.......ou... ..!..".."..#..#..#..$..%..%..&..'..'..'..(..(..)..*..*..*..*..+..,..,..,..-........0..0..1..1..2..2..3..3..4..4..4..5..5..6..6..6..6..7..B..b....................1tRNS..... 000@PPP````pp...........................hX....sIDATx....{.E....(.9T@n.V@@"r..jLDR9.TlK...J....J.G-.j...vj..KS...fvwv.......k........n...B.!..B(..xjs.mX.p..W..)..1...I._m..@.2.....0.#..9_.....`[.C..../...q..i............Umd".....b;.[{..H..V..g*\...0T`.z+..X..O._!.....U.F.P)0....X...q....J.q...L....J."....x.....".W}~.Q...b~...,..'.2.#gZU.Q....1gJ7.j..81......K7..?.......i......5......x.o.g...Q..V..SZ.xe-..}..

                                                                                                  Chrome Cache Entry: 270

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:HTML document, ASCII text, with CRLF line terminators
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):548
                                                                                                  Entropy (8bit):4.688532577858027
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:12:TjeRHVIdtklI5r8INGlTF5TF5TF5TF5TF5TFK:neRH68DTPTPTPTPTPTc
                                                                                                  MD5:370E16C3B7DBA286CFF055F93B9A94D8
                                                                                                  SHA1:65F3537C3C798F7DA146C55AEF536F7B5D0CB943
                                                                                                  SHA-256:D465172175D35D493FB1633E237700022BD849FA123164790B168B8318ACB090
                                                                                                  SHA-512:75CD6A0AC7D6081D35140ABBEA018D1A2608DD936E2E21F61BF69E063F6FA16DD31C62392F5703D7A7C828EE3D4ECC838E73BFF029A98CED8986ACB5C8364966
                                                                                                  Malicious:false
                                                                                                  URL:https://assets-usa.mkt.dynamics.com/favicon.ico
                                                                                                  Preview:<html>..<head><title>404 Not Found</title></head>..<body>..<center><h1>404 Not Found</h1></center>..<hr><center>nginx</center>..</body>..</html>.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->..

                                                                                                  Chrome Cache Entry: 271

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:PNG image data, 192 x 192, 8-bit colormap, non-interlaced
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):1779
                                                                                                  Entropy (8bit):7.589819392147309
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24:zrait2296479bsDcRYPlA1yx91eaLHto1xrUU5sS8mR3VNADICk1bEk:HhtR9TUiWKaLHtUrt5sS8MAVsh
                                                                                                  MD5:4150A5D4F2B0284A9E62D247929DD2AA
                                                                                                  SHA1:97CA2D9ECE8F0855B2A93E6BFDFC4883685C51CB
                                                                                                  SHA-256:F058653DCBA7E8B00D4BDB9409E06817F098AB18125CE5A5821520F04030D176
                                                                                                  SHA-512:D034378E76D58A899047B4639115102CC8F89AEF3F300DDAF0C0B3EAE40C8381040D1656109632E9095ED3F399218F196087D070C099FD89B9605DFBC34FB585
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-192.png
                                                                                                  Preview:.PNG........IHDR.............e..5....PLTE....pp......@...pp......8...jp...:...lp...6..9......mp...8...kp...6..8...lp.lp7..7...mp...7...lp...7...lp.......lp.lp.lp7......mp...7...lp...6..7...68.;=.@B.AC.IL.NQ.SV.X[.DF.JM.NP.UX.X[.]`._b.ei.fj.hl.il.lp.pt.y}.z}....os.os.rv....uy....hl.x|.{.....{..~..............MP.......sx..............................................ch..........io.......ou... ..!..".."..#..#..#..$..%..%..&..'..'..'..(..(..)..*..*..*..*..+..,..,..,..-........0..0..1..1..2..2..3..3..4..4..4..5..5..6..6..6..6..7..B..b....................1tRNS..... 000@PPP````pp...........................hX....sIDATx....{.E....(.9T@n.V@@"r..jLDR9.TlK...J....J.G-.j...vj..KS...fvwv.......k........n...B.!..B(..xjs.mX.p..W..)..1...I._m..@.2.....0.#..9_.....`[.C..../...q..i............Umd".....b;.[{..H..V..g*\...0T`.z+..X..O._!.....U.F.P)0....X...q....J.q...L....J."....x.....".W}~.Q...b~...,..'.2.#gZU.Q....1gJ7.j..81......K7..?.......i......5......x.o.g...Q..V..SZ.xe-..}..

                                                                                                  Chrome Cache Entry: 272

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):1282
                                                                                                  Entropy (8bit):4.695064346385326
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24:mioTJODICcnv8cKoexKc846vgBv19ZY8mlvOq8RvLNHVENggeGg:micaIPU7oeoc8xYBvLmlgRjNOen
                                                                                                  MD5:8D30025E69BC896ACC2064D1791F5A88
                                                                                                  SHA1:1F14560FD3D30F0A2C291CE503CCB490C94E0C3E
                                                                                                  SHA-256:769442A29597F6DB303853931D749780EF46D2855412843431DAC07A9D72CCB0
                                                                                                  SHA-512:7363382D59DF760A37A8C48F6D7037EF9C57CE97EFA0AFDDD19FE133952EE825B9043C84227F4E0B6D4AED310E9DF0053294BF6EB991CC3FBE7338C853C51888
                                                                                                  Malicious:false
                                                                                                  URL:https://cxppusa1formui01cdnsa01-endpoint.azureedge.net/usa/FormLoader/public/locales/en-us/translation.json
                                                                                                  Preview:{.. "FormFailedToLoad": "Failed to load form",.. "FormFailedToLoadCors": "The form can not be loaded on a domain that hasn't been allowed for external form hosting or there is a network connectivity issue",.. "LearnMore": "Learn more",.. "FormSubmitted": "Form submitted",.. "FormSubmitError": "Error submitting the form",.. "Reload": "Reload",.. "LookupLoading": "loading...",.. "LookupGenericError": "There was a problem retrieving items. Try again later.",.. "ValidationRequiredField": "This field is required",.. "EventFailedToLoad": "Failed to load event.",.. "EventAtCapacity": "This event is fully booked",.. "EventNotLive": "We are still setting up this event. Please check again in some time or contact the event organizer ",.. "SubmissionErrorEventNotLive": "Registrations for this event have been closed. We look forward to seeing you at our next event.",.. "SubmissionErrorEventCapacityIsFull": "Registrations for this event have been closed. We.re at full capacity! We lo

                                                                                                  Chrome Cache Entry: 273

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (917)
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):1151
                                                                                                  Entropy (8bit):5.369908043108395
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24:icYJ+bsfAITqq03JJKEDLlnMSrDDNGFauJkmbqdZu/pbpAJq:icZsfAicjKuLRDR9uJrbYcpA0
                                                                                                  MD5:436A7BC82156A644ED0206BFBC3A67BD
                                                                                                  SHA1:189C49265A47CBD4DDA7D86E785C9E9970C41F7E
                                                                                                  SHA-256:5E18809EF5C2DFEB8B35CB5CD230ED8C64CD04A564090761F24E5FB8F628C6CA
                                                                                                  SHA-512:CA54A7B2D60FC04D4E6D44287A1B5051DB9E843A10514142E1C79BA1091A9CB0DD1BBCCDFDEB5DF7BC845C648A5C0B798313D44A76ED48135BC64B0E1C0DEF35
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.a6ac500.js
                                                                                                  Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[670],{70082:function(r,e,n){n.r(e),n.d(e,{register:function(){return f}});var t=n(59312),i=n(16586),s=n(9947),u=n(90710),c=n(55890),o=n(10836),a=n(78457);function f(r){return(0,t.mG)(this,void 0,void 0,(function(){var e,n;return(0,t.Jh)(this,(function(t){switch(t.label){case 0:return t.trys.push([0,5,,6]),(0,a.qI)()?(0,o.KA)("UnregisterServiceWorker")?[4,navigator.serviceWorker.getRegistrations().then((function(r){return Promise.all(r.map((function(r){return r.unregister()})))}))]:[3,2]:[2];case 1:return t.sent(),[2];case 2:return(0,o.KA)("ServiceWorkerEnabled")||"1"===(0,u.NW)().fsw?(e=r?"Business":(0,s.k0)().ring,[4,navigator.serviceWorker.register((0,i.wT)("/sw.js?ring=".concat(e)))]):[3,4];case 3:t.sent(),t.label=4;case 4:return[3,6];case 5:return n=t.sent(),(0,c.$U)("ServiceWorker.Registration.Error",n),[3,6];case 6:return[2]}}))}))}}}]);..//# sourceMappingURL=https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/l

                                                                                                  Chrome Cache Entry: 274

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 216x96, components 3
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):7222
                                                                                                  Entropy (8bit):7.897312257014227
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:192:uFz1c17Iu0LzRptNq40pcgBxuCcL+T0irR0420gwJz:uXchIX3LjqBpcgeCci0irXlgMz
                                                                                                  MD5:18A03EB67AC67B96BDB599F3C631B6EE
                                                                                                  SHA1:BB35B2639261C8A2D08AE4DF5D07915791AF159A
                                                                                                  SHA-256:764402E63A011E381D14AB813CA7EF305B9827108158ED1588317B41DF2C6610
                                                                                                  SHA-512:734C5E4682ABA6FD6B44D0CE89D65B77C1B700AEE88394E07DD4839CDFCC9FE1654EBB11B4DB68333C67A002B3B80D5542C86EDC962D31040C5A186A2C6B338D
                                                                                                  Malicious:false
                                                                                                  URL:https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=bbf60dad-072f-44d9-a6e7-e0931f50c482&rnd=bfb5869cd5d147faa63611d80225b568&market=en
                                                                                                  Preview:......JFIF.....`.`.....C....................................................................C.......................................................................`...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...+3.(...(...(...(._.|J...+%..'.4_..%d.oc.V..7.......#.6.......4.../..'.r.....kTW....d..n.f......g..-6..x.@...-o..>....3...._......sk..r.v....V.B.#_E...xDV'./...T.......+~.?.&......v..O.j...<?.G..jrg.*...k.....'....|B...L.-.?...O..yss....|?..9..!uy7.*#4d....s........._.j...'....A.xwF.....Xma...?3.p\.$.@......|../..y...~5...|E...S.....:.P.../m.nc^..4(Q....

                                                                                                  Chrome Cache Entry: 275

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:GIF image data, version 89a, 16 x 16
                                                                                                  Category:dropped
                                                                                                  Size (bytes):1037
                                                                                                  Entropy (8bit):5.818249601446592
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24:Y6Muz2urs3NBrBblKvcpp0PJQkwZlrX3zthp:hMu6urs3NBBkvcpyt0zt
                                                                                                  MD5:4A4AC4A62EA5F3E19022F354AE737B0A
                                                                                                  SHA1:EF7FBABD1745A73D05650CC76643980AC496B323
                                                                                                  SHA-256:97AADED71C0575ACE10FABD282FBA4CFA72352C70349D86FB5F2F297A84834B1
                                                                                                  SHA-512:4320D0107599CB2406256F008C7D423FE89242968050F864F3B26AC13D99D492AA18DC8C63E709C69CA185E9074C72ABE79DE0D0AEC926E2A5A9C7AE519AC648
                                                                                                  Malicious:false
                                                                                                  Preview:GIF89a................v...........................??...?//....!!....vv.--..........WW.ff.............QQ...i...__....AAv..............ll....11....66.......^^................;;.SS.......##j...DD.xx......hh].....g.........cc...=,,......ss....ll...KK...qq.... .hh.MM.((s.................MM....KK..........AA?........................CC.dd.BBR.................QQ.............56....nn.MM.......aa.--.AA......//.UU............................}}.........[[....! ...ww}qq}cc.>?.44.]]....bb...................................................................................................................................................................................................................................................................................................!.......,............A........A}.....).$....S.B."5....>.....II..^.....@.'yD...h....T.CD!....$b..E..5p.1Q.....H.....;=..)xC.....|.....8.~..tF..M>>Y......l.JHSg..2/..Ha..(.....&..,9.....H...&%...........@......(P.@.EB

                                                                                                  Chrome Cache Entry: 276

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (65381)
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):998157
                                                                                                  Entropy (8bit):5.576555393703719
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6144:ApZImWu3FcobNyj/paLK45aLSlZABpnw0h3FcobNHj/g6LQ4n0LXdQG8bG6I3z:6aKNyj/p6isKNHj/gDQG8SfD
                                                                                                  MD5:672B4F23E0AD4EEA01AE3CCD3929BCD3
                                                                                                  SHA1:954D395D2572BE93E9756BD1F3DEE7C7A726CFCC
                                                                                                  SHA-256:D9ED2DCE9869EA81DA750F4BD6FD0011DDABB61F35C54AC8B9C871F590438124
                                                                                                  SHA-512:19FBF0ED78D95C263458FFA91E988058B67B01E8B018E013087A37292FA2E2CE1F1601DCD3B96ECFFED409C3EE26B89A355FC7A86FE166A75BF272898FBD9228
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.officebrowserfeedback.4ab23d7.js
                                                                                                  Preview:(self.webpackChunk=self.webpackChunk||[]).push([[18],{55074:function(){./*! For license information please see officebrowserfeedback.min.js.LICENSE.txt */.!function(A){var t={};function n(r){if(t[r])return t[r].exports;var e=t[r]={i:r,l:!1,exports:{}};return A[r].call(e.exports,e,e.exports,n),e.l=!0,e.exports}n.m=A,n.c=t,n.d=function(A,t,r){n.o(A,t)||Object.defineProperty(A,t,{enumerable:!0,get:r})},n.r=function(A){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(A,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(A,"__esModule",{value:!0})},n.t=function(A,t){if(1&t&&(A=n(A)),8&t)return A;if(4&t&&"object"==typeof A&&A&&A.__esModule)return A;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:A}),2&t&&"string"!=typeof A)for(var e in A)n.d(r,e,function(t){return A[t]}.bind(null,e));return r},n.n=function(A){var t=A&&A.__esModule?function(){return A.default}:function(){return A};return n.d(t,"a",t),t},n.o=function(A,t){r

                                                                                                  Chrome Cache Entry: 277

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:Java source, ASCII text, with very long lines (17610)
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):110678
                                                                                                  Entropy (8bit):5.425859733908257
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:1536:WRftJ/lZj97FyYmyzXUeGEAqOzgYBNKNb9NjQLzAKVQ:WR1J57FyYmA8EVOsCNK99KLEKQ
                                                                                                  MD5:07B98765F2550D83EEAEF5CB36A2E6A1
                                                                                                  SHA1:4F5CB9D05789079FA605E58546015C8A6969FFA6
                                                                                                  SHA-256:E86B0BF07871186DD32B20C7B4FD8E8729C717EABE73763847BE9CB091D348F7
                                                                                                  SHA-512:BBB2F8EFC7C12DF1B01DE74DF607B4E86CD6A5BF6FA6EC90C5D824D0D76E675616613040B578FE099AF5BE6FE728B919F014CAEE0DFA0E47714558DFD7AEFDE2
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
                                                                                                  Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[641],{28165:function(n,r,t){t.d(r,{Z:function(){return kn}});var e,u=t(49577),i=t(71106),o=t(80403),f=t(39523),c=t(40154),a=t(61746),l=t(79966),v=t(8823),s=t(93626),d=t(42256),p="locale",h="ver",y="name",g=(0,d.cc)({UserExt:[0,"user"],DeviceExt:[1,"device"],TraceExt:[2,"trace"],WebExt:[3,"web"],AppExt:[4,"app"],OSExt:[5,"os"],SdkExt:[6,"sdk"],IntWebExt:[7,"intweb"],UtcExt:[8,"utc"],LocExt:[9,"loc"],CloudExt:[10,"cloud"],DtExt:[11,"dt"]}),m=(0,d.cc)({id:[0,"id"],ver:[1,h],appName:[2,y],locale:[3,p],expId:[4,"expId"],env:[5,"env"]}),S=(0,d.cc)({domain:[0,"domain"],browser:[1,"browser"],browserVer:[2,"browserVer"],screenRes:[3,"screenRes"],userConsent:[4,"userConsent"],consentDetails:[5,"consentDetails"]}),w=(0,d.cc)({locale:[0,p],localId:[1,"localId"],id:[2,"id"]}),C=(0,d.cc)({osName:[0,y],ver:[1,h]}),T=(0,d.cc)({ver:[0,h],seq:[1,"seq"],installId:[2,"installId"],epoch:[3,"epoch"]}),b=(0,d.cc)({msfpc:[0,"msfpc"],anid:[1,"anid"]

                                                                                                  Chrome Cache Entry: 278

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):5042
                                                                                                  Entropy (8bit):5.243478321604499
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:96:plmO7bACdCm2hD7LHewgwcDlfwBeG+EfCc48PYozPcouzRSZmYXJ:zbAOGhDXewg3NwBeG+EfCKYozkwZmc
                                                                                                  MD5:0F6125D6420BBC10484A54641DEE8D6E
                                                                                                  SHA1:A5B587218C1D3CEF411C1F658E8C28C351F15D2A
                                                                                                  SHA-256:08C73971B4D4EBDC4818AAFE4A8BA3D864E1C7EF6E5C41AF0D1FC36A4D703A78
                                                                                                  SHA-512:E38FBA536AD66574FDAEB964586CE42552C5ABF6783BB92AE1DBA28AF84DC47C4EA6D3333AFFEC1DE7D2D6D47B9163108B9C9C91AEB42190E5AA51197207ACE6
                                                                                                  Malicious:false
                                                                                                  Preview:{"responses":null,"form":{"description":null,"onlineSafetyLevel":0,"reputationTier":1,"background":{"altText":null,"contentType":null,"fileIdentifier":null,"originalFileName":null,"resourceId":null,"resourceUrl":null,"height":null,"width":null,"size":null},"header":{"altText":null,"contentType":null,"fileIdentifier":null,"originalFileName":null,"resourceId":null,"resourceUrl":null,"height":null,"width":null,"size":null},"logo":{"altText":"","contentType":"image/png","fileIdentifier":"dd1b97e4-44a6-4cdb-a1d0-f2fee5aae67d","originalFileName":"6f4c3221-dfbb-42bf-abbb-47b42321e0f5","resourceId":"f24d995e-7c80-440b-91ac-da26063be5bd","resourceUrl":"https://lists.office.com/Images/dd18e69b-971b-47d9-92e2-cbe3f1a610dc/940d9737-eba1-4e9d-9634-8743e1cd723e/TCG5CXQLFEXTK82SRDWKZP5U61/f24d995e-7c80-440b-91ac-da26063be5bd","height":null,"width":null,"size":null},"tableId":"TCG5CXQLFEXTK82SRDWKZP5U61","otherInfo":"{\"LogoInfo\":{\"Size\":\"Small\",\"NaturalHeight\":58,\"NaturalWidth\":206}}","runti

                                                                                                  Chrome Cache Entry: 279

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (23130), with no line terminators
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):23130
                                                                                                  Entropy (8bit):5.4581557732743935
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:384:Kf1tpttYrBYJGeHqyAvyJn9Xfq2UnHPzymrVQ3ycQyPxZ3GyHyjyryUy4:Kf1tptiryGINXJ9CZeASicfPjhSGuL4
                                                                                                  MD5:D21208938AFFFC832741D24C74CB2FA4
                                                                                                  SHA1:81753B54582F109CDAAF5E6E77A4DC569EFE36E0
                                                                                                  SHA-256:B40173196EEC75669B82EB2DCF28FF5F8C347C81716DD4CA1DA14A02D68C39FB
                                                                                                  SHA-512:F447998B089F7A33C2D88213FAD4958B02E3D9BFE9620FA4672BAF7F091B8D5C367E2748F4681B3D7475D71DB7FA0F5A630251DF22A312CC5BDA06C3031F362E
                                                                                                  Malicious:false
                                                                                                  URL:https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?dc=EastUS&mkt=en&fid=bbf60dad-072f-44d9-a6e7-e0931f50c482&type=visual&c=1&rnd=0.5199867511130329
                                                                                                  Preview:var GetWLSPHIP0=function(c){var o = c;var r = o.Renderer(arguments);return r;};var WLSPHIP0=GetWLSPHIP0((function(){var p="Renderer",i={},a={},c={},e={},f={},q={},b={},h={},g={},n={},d={};function l(){if(b(a)){alert("missing client HIP object");return false}if(b(a.holder)||b(a.scriptHolder)){alert("missing holder or scriptHolder in client HIP object");return false}if(b(a.postLoad)){alert("missing postLoad in client HIP object");return false}if(b(a.left)||a.left<0||a.left>1e3)a.left=0;if(b(a.done))a.done=0;if(b(a.count))a.count=0;if(b(a.type))a.type="visual";if(b(a.style))a.style="0";if(b(a.showInstruction))a.showInstruction=true;if(b(a.instructionsInside))a.instructionsInside=false;if(b(a.inputWidth)||a.inputWidth<240)a.inputWidth=240;if(b(a.showMenu))a.showMenu=true;if(b(a.showHelp))a.showHelp=true;if(b(a.showError))a.showError=true;if(b(a.showAddAccountOption))a.showAddAccountOption=true;if(b(a.errorMessage))a.errorMessage="";if(b(a.menuOutsideCallback))a.menuOutsideCallback=function

                                                                                                  Chrome Cache Entry: 280

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (38720)
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):494276
                                                                                                  Entropy (8bit):5.468409863104658
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6144:hNTX77k6R5d6b0k1L7FdmItGtQxs6sYcDquME1BWeV/qcNm:rAIIJuIRYME1wO/qv
                                                                                                  MD5:908089000E55B48012AB0E475B7771D9
                                                                                                  SHA1:07D305BF20FA5E7B6C6139D8B9C5C8FFD420746B
                                                                                                  SHA-256:1F35D8332F429059754FC9AE3A9BE14A47EDA039EB4DD8871E7C39B627752375
                                                                                                  SHA-512:83DEC6E8C81F2D36F130417B6F2CDE86A7003DC7B95C5109B803C93C5C9185D550A69371311FA41AC4A2E532404FB08D4F99A63FD19F7292F479C0646544EFDF
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.32c356c.js
                                                                                                  Preview:!function(){var n,t,r,e,i,o={65690:function(n,t,r){"use strict";function e(n){o!==n&&(o=n)}function i(){return void 0===o&&(o="undefined"!=typeof document&&!!document.documentElement&&"rtl"===document.documentElement.getAttribute("dir")),o}var o;function u(){return{rtl:i()}}r.d(t,{Eo:function(){return u},ok:function(){return e}}),o=i()},36178:function(n,t,r){"use strict";r.d(t,{Y:function(){return c},q:function(){return o}});var e,i=r(59312),o={none:0,insertNode:1,appendChild:2},u="undefined"!=typeof navigator&&/rv:11.0/.test(navigator.userAgent),a={};try{a=window||{}}catch(n){}var c=function(){function n(n,t){var r,e,u,a,c,f;this._rules=[],this._preservedRules=[],this._counter=0,this._keyToClassName={},this._onInsertRuleCallbacks=[],this._onResetCallbacks=[],this._classNameToArgs={},this._config=(0,i.pi)({injectionMode:"undefined"==typeof document?o.none:o.insertNode,defaultPrefix:"css",namespace:void 0,cspSettings:void 0},n),this._classNameToArgs=null!==(r=null==t?void 0:t.classNameT

                                                                                                  Chrome Cache Entry: 281

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (64406), with no line terminators
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):402781
                                                                                                  Entropy (8bit):5.611451055564043
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6144:Q6WbNL+5c3kfrVYHY2QwenIEPq9VpO+rz8/lz6TOzRm+xnDU08:HWbNL+JkQIppOlR6TyRg
                                                                                                  MD5:6BB00815891EE192ACBA9D800DADF77D
                                                                                                  SHA1:E3B8D03955DA6BB85A9F83D9C60E52F0336AB27F
                                                                                                  SHA-256:496C86EAA4F4950D7935A105D98A06723D46F3C0FAA0B2F1B104792140E4AF93
                                                                                                  SHA-512:07DEC80FF3CD05902F10D157C1D22C3CBB279CC944E106E5F3D0FA658351A1939AA7B4DC88CB996D60F09A63B46945EDE15FFE77C61E6F4AF3A9E4AF3F24F3E4
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.1918055.js
                                                                                                  Preview:(self.webpackChunk=self.webpackChunk||[]).push([[920],{86219:function(n,t,e){"use strict";e.d(t,{l:function(){return i}});var r=e(35852);function i(n){for(var t=[],e=1;e<arguments.length;e++)t[e-1]=arguments[e];for(var i=[],o=0,a=t;o<a.length;o++){var u=a[o];u&&i.push("function"==typeof u?u(n):u)}return 1===i.length?i[0]:i.length?r.m.apply(void 0,i):{}}},82699:function(n,t,e){"use strict";e.d(t,{j:function(){return a}});var r=e(65690),i=e(36178),o=e(49295);function a(n){var t=i.Y.getInstance(),e=(0,o.dH)((0,r.Eo)(),n);if(!t.classNameFromKey(e)){var a=t.getClassName();t.insertRule("@font-face{".concat(e,"}"),!0),t.cacheClassName(a,e,[],["font-face",e])}}},41633:function(n,t,e){"use strict";e.d(t,{x:function(){return o}});var r={},i=void 0;try{i=window}catch(n){}function o(n,t){if(void 0!==i){var e=i.__packages__=i.__packages__||{};if(!e[n]||!r[n])r[n]=t,(e[n]=e[n]||[]).push(t)}}o("@fluentui/set-version","6.0.0")},20660:function(n,t,e){"use strict";e.r(t),e.d(t,{AnimationClassNames:funct

                                                                                                  Chrome Cache Entry: 282

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):5042
                                                                                                  Entropy (8bit):5.243478321604499
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:96:plmO7bACdCm2hD7LHewgwcDlfwBeG+EfCc48PYozPcouzRSZmYXJ:zbAOGhDXewg3NwBeG+EfCKYozkwZmc
                                                                                                  MD5:0F6125D6420BBC10484A54641DEE8D6E
                                                                                                  SHA1:A5B587218C1D3CEF411C1F658E8C28C351F15D2A
                                                                                                  SHA-256:08C73971B4D4EBDC4818AAFE4A8BA3D864E1C7EF6E5C41AF0D1FC36A4D703A78
                                                                                                  SHA-512:E38FBA536AD66574FDAEB964586CE42552C5ABF6783BB92AE1DBA28AF84DC47C4EA6D3333AFFEC1DE7D2D6D47B9163108B9C9C91AEB42190E5AA51197207ACE6
                                                                                                  Malicious:false
                                                                                                  URL:https://forms.office.com/formapi/api/dd18e69b-971b-47d9-92e2-cbe3f1a610dc/users/940d9737-eba1-4e9d-9634-8743e1cd723e/light/runtimeFormsWithResponses('m-YY3RuX2UeS4svj8aYQ3DeXDZSh651OljSHQ-HNcj5UQ0c1Q1hRTEZFWFRLODJTUkRXS1pQNVU2MS4u')?$expand=questions($expand=choices)&$top=1
                                                                                                  Preview:{"responses":null,"form":{"description":null,"onlineSafetyLevel":0,"reputationTier":1,"background":{"altText":null,"contentType":null,"fileIdentifier":null,"originalFileName":null,"resourceId":null,"resourceUrl":null,"height":null,"width":null,"size":null},"header":{"altText":null,"contentType":null,"fileIdentifier":null,"originalFileName":null,"resourceId":null,"resourceUrl":null,"height":null,"width":null,"size":null},"logo":{"altText":"","contentType":"image/png","fileIdentifier":"dd1b97e4-44a6-4cdb-a1d0-f2fee5aae67d","originalFileName":"6f4c3221-dfbb-42bf-abbb-47b42321e0f5","resourceId":"f24d995e-7c80-440b-91ac-da26063be5bd","resourceUrl":"https://lists.office.com/Images/dd18e69b-971b-47d9-92e2-cbe3f1a610dc/940d9737-eba1-4e9d-9634-8743e1cd723e/TCG5CXQLFEXTK82SRDWKZP5U61/f24d995e-7c80-440b-91ac-da26063be5bd","height":null,"width":null,"size":null},"tableId":"TCG5CXQLFEXTK82SRDWKZP5U61","otherInfo":"{\"LogoInfo\":{\"Size\":\"Small\",\"NaturalHeight\":58,\"NaturalWidth\":206}}","runti

                                                                                                  Chrome Cache Entry: 283

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (43631)
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):43797
                                                                                                  Entropy (8bit):5.3330082676730814
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:768:SviBoMfDzB95J8VHrMM9j1xPCLJKUlsO0atkRQlbRhOyhhOUrQe/CwpjTIhFbtSx:SvETB94J3xPC1KlO0ajbSy/pGGieEeey
                                                                                                  MD5:72BC74DBD7E2D7EC8098628569C7C8D1
                                                                                                  SHA1:CF83D74066EF9F807DB72B7985522E44A9DBE68E
                                                                                                  SHA-256:6DD99733E4AF8728ABF32904C57D8B884D75D3424011EC2C9AA255D942A8BFF6
                                                                                                  SHA-512:CA933824BE7CB9863946B247B79CCDAF8168A7C9982336DB25A5A2FE8376DA69F1C9B88E8D8A770AD6049BA388579704D49383B7190325518906908BF3F68BF2
                                                                                                  Malicious:false
                                                                                                  URL:https://forms.office.com/sw.js?ring=Business
                                                                                                  Preview:!function(){"use strict";var e={487:function(){try{self["workbox:core:6.1.0"]&&_()}catch(e){}},403:function(){try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},295:function(){try{self["workbox:core:6.4.0"]&&_()}catch(e){}},372:function(){try{self["workbox:navigation-preload:6.1.0"]&&_()}catch(e){}},815:function(){try{self["workbox:routing:6.1.0"]&&_()}catch(e){}},445:function(){try{self["workbox:strategies:6.1.0"]&&_()}catch(e){}}},t={};function n(r){var s=t[r];if(void 0!==s)return s.exports;var o=t[r]={exports:{}};return e[r](o,o.exports,n),o.exports}!function(){n(487);n(372);function e(){return Boolean(self.registration&&self.registration.navigationPreload)}const t=(e,...t)=>{let n=e;return t.length>0&&(n+=` :: ${JSON.stringify(t)}`),n};class r extends Error{constructor(e,n){super(t(e,n)),this.name=e,this.details=n}}const s={googleAnalytics:"googleAnalytics",precache:"precache-v2",prefix:"workbox",runtime:"runtime",suffix:"undefined"!=typeof registration?registration.scope:""},o=

                                                                                                  Chrome Cache Entry: 284

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:HTML document, ASCII text
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):491
                                                                                                  Entropy (8bit):5.060702702346766
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:12:s8IDPy8//qvSIg7jBoi2zg7jVnh6BAdexMAdb:gDPR/ivc7jBops7jV+Adexbb
                                                                                                  MD5:B4AFEF5020940379C6501CCF9B08719A
                                                                                                  SHA1:1F9FE8FA1F2F02B5DCC40756F41E3AF509DF6115
                                                                                                  SHA-256:332D29A9B8A67F7B455765DE9A53A99C2EF0BE9CA2DB36D3BD941400FB7BD9F9
                                                                                                  SHA-512:CF557E72CB9B2E4D17E61C31037C65F52EF737A7E98EF01D52E0B4BC509A471E3ADE3DD22216C6AB6AB7492ECC5EDEA9ABB9B0B01608C190DDC353FFD66D0595
                                                                                                  Malicious:false
                                                                                                  URL:https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499
                                                                                                  Preview:<div. data-form-id='ed6cc479-cc38-ef11-8409-7c1e520ba499'. data-form-api-url='https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms'. data-cached-form-url='https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499' ></div>. <script src = 'https://cxppusa1formui01cdnsa01-endpoint.azureedge.net/usa/FormLoader/FormLoader.bundle.js' ></script>

                                                                                                  Chrome Cache Entry: 285

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):72
                                                                                                  Entropy (8bit):4.241202481433726
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                                                                                  MD5:9E576E34B18E986347909C29AE6A82C6
                                                                                                  SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                                                                  SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                                                                  SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                                                                  Malicious:false
                                                                                                  Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                                                                  Chrome Cache Entry: 286

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:GIF image data, version 89a, 20 x 20
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):7615
                                                                                                  Entropy (8bit):7.096403551516808
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:96:y5183szmkC+p6ryjHYAal1l3BzYB4DVGTVmuNtB99iO7nLrpxOlOj9yEr7I:i83Am3y8dn1BY4DVGZmAB9o8rpxOINrM
                                                                                                  MD5:563A41948AA94C4FF6D5E918D846C488
                                                                                                  SHA1:803C01DE983417650B6780269699191D5AC73357
                                                                                                  SHA-256:20765C1AA45654ABA95D64A80B64434ED8F8FFBD77371E660291A7FB6AAEFB7A
                                                                                                  SHA-512:BFFB85AE116C0D7028968E1A692B7D500C5CC335FAAAA3A2DE8FE5D4A84C3936EC71A0D15CEF7404F77F9E3F9B989A89AD7497733AD8F6198A8B597C04921944
                                                                                                  Malicious:false
                                                                                                  URL:https://cxppusa1formui01cdnsa01-endpoint.azureedge.net/usa/Captcha/Images/hig_progcircle_animated.gif?vv=100
                                                                                                  Preview:GIF89a.......F...........G................................Z0......................b:..........J...........L......................H.....K...........M...............I..O"...................rN.\2...........U).J.............N!.G..........~]...R&.......^5.......}\..........`8.yW.....pL.........w...._..........{Y....{..._7.iC....zY......zX.Q%.......c.M ........lF.`...........a9..q.r.m..........t.U*.....h.........j.xV.n...[1.uR......wT...qM.]4...m...._6..v......lG.....^........oJ...e...W,..y.kE.\3.f?..g.mH.nI.wU.T(.d=.....k.c.f.a.x.~...|.z.jD.X..V+.tP.tQ.gA.s.hB.i.w...b.d.....u.g@....sO.Y/..o.W-..}....oK.P$.|Z.d<....O#....vS.|[.jD.e>.c;.S'........................................!..NETSCAPE2.0.....!.......,.........."....H......*\....#J.H....3j.h1 .!.......,.............1P@...]... P..."....!.......,..........0....H......*\....#J..P..w. ....O..(.P.I...#...!.......,..........?....H......*\.

                                                                                                  Chrome Cache Entry: 287

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):7886
                                                                                                  Entropy (8bit):3.973130033666625
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:48:gzeweweQeQeQe2eWe+RjvChvL42Kcb/M96GgEfY86d:pNNttt3X8upiJvQFd
                                                                                                  MD5:9425D8E9313A692BB3F022E8055FAB82
                                                                                                  SHA1:EDDCF3EA767D4C3042D01AC88594D7E795D8615C
                                                                                                  SHA-256:F2A1ABCF12EBD0F329E5B66B811B0BD76C8E954CB283CE3B61E72FBF459EF6F1
                                                                                                  SHA-512:93B3EB3C4CE385D80D4A8F6902355BBD156AC1AA20B8869AF05C8E714E90E74C5630BB8DE34D5B8FC9F876AC44BE314F3A2A08B3163295ADADBC6DD7B8D23561
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/images/favicon.ico
                                                                                                  Preview:...... .... .....6......... ............... .h...f...(... ...@..... .........................................................................................................................................................................................................................................................................................................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................ZV..ZV..ZV..ZV..ZV..ZV..ZV..ZV..^Z..pl..pl..pl..pl..................................|x..pl..pl..................................QN..QN..QN..QN..QN..QN..QN..QN..QN..c`..pl..pl..pl..................................|x..pl..pl............

                                                                                                  Chrome Cache Entry: 288

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:dropped
                                                                                                  Size (bytes):72
                                                                                                  Entropy (8bit):4.241202481433726
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                                                                                  MD5:9E576E34B18E986347909C29AE6A82C6
                                                                                                  SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                                                                  SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                                                                  SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                                                                  Malicious:false
                                                                                                  Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                                                                  Chrome Cache Entry: 289

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 216x96, components 3
                                                                                                  Category:dropped
                                                                                                  Size (bytes):5432
                                                                                                  Entropy (8bit):7.877282368043347
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:96:uEY1DwaFy7L5Fk8QV3GE6EE9KE7tytB5t5OV0CuF3ClXUWfZeyZH76pWRqOk:u1F3A7Lfk8AGviX5t5w0tF3uXBlSM6
                                                                                                  MD5:5FD66948E58DDBD23D04F45DB94A52FE
                                                                                                  SHA1:D5A5B202CA22144D85530A264E4D557B1E899C71
                                                                                                  SHA-256:901322389631CB994D2CF862985C1C54EC9D516B804422A36FAF1EBBF02BC717
                                                                                                  SHA-512:D806F1734632B1B740486F302237282C80F366F5E33BB262BA476423898514A4077F00B0C698A6E0D3F13895157EBD7A99D2EA01D0B9335F9F4F153C937E9C19
                                                                                                  Malicious:false
                                                                                                  Preview:......JFIF.....`.`.....C....................................................................C.......................................................................`...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...+3.(...(...+..j.z..............2Ce..*4....=+....Y..D..u.x...B.....Vh.J..b....F5.....]..=...W^.....x..6.....x.Zs...np.p..p.WB[i#.A..+...X.v.h.-../...h..x...`..i.3.:+..<..O../.~ xKM.t{.....h..'^.F...Py..A..V6......3Z...E9]Y.TQ^?.......'../...O}V..O.<Z}.:.9_.!..*. d.5.3..Zj.I-.`..xs..0.uM....>...O......A..Wk&.ve..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..Q@..

                                                                                                  Chrome Cache Entry: 290

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (15444)
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):15700
                                                                                                  Entropy (8bit):5.462645078793648
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:192:OS5DpwNQLqqDYQk1xvjm6W0f2XnpMo+MD+iJvJDeuch+Yfy9mpLFSTj6ih8:OgDn0Ltuao+RiJvJDeuch+SpO8
                                                                                                  MD5:7C8A1F58ECF768F500C9A7C390480410
                                                                                                  SHA1:7E51AC97662B68A3DED9A36FD012BD8A0EEFB2AB
                                                                                                  SHA-256:ED6CB71AC205AA299C61293A1090825B437F985FC2500F152C34D5E869F7F200
                                                                                                  SHA-512:2B1F5861982420A60E3DD8E5EFF35E7887E640DD47EDAFDF454CE993D92CBE9A2194C27BF5CE39D27855882C06AD30D0BB66CAD7E8B86F721F3085F07FDEFEA2
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.40b6820.js
                                                                                                  Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[537],{85708:function(n,e,r){function t(){return Date.now||(Date.now=function(){return(new Date).getTime()}),Math.floor(Date.now())}r.d(e,{dg:function(){return t}})},38264:function(n,e,r){r.r(e),r.d(e,{BrandingFooter:function(){return M}});var t=r(59312),o=r(69686),i=r(69065),a=r(80820),u=r(46411),c=r(35995),l=r(80098),f=r(28729),s=r(36082),d=r(262),p=r(51710),$=r(39886),_=r(15463),m=r(82610),g=r(58926),v=r(6700),h=r(49303),w=r(1521),b=r(8083),k=function(n,e){return function(r,t){var o=t();return r((0,b.n)("Branding.Footer.M365.Click",{isShare:(0,m.ET)(o),isPreview:(0,m.qM)(o),fullScreen:n,isFormRuntime:(0,w.Lx)(o),pageType:e}))}},y=r(457),x=r(96926),R=r(48978),N=r(10282),C=function(n,e,r,o,i){var u;return[{$r:{background:r,width:"100%","@media print":{background:s.s.$g,color:s.s.$h},paddingTop:0},$a:{width:"100%"},$cW:{width:"100%",lineHeight:"1.3",fontSize:12,color:s.s.$h,marginTop:0,marginBottom:4},$ke:{display:"inline-blo

                                                                                                  Chrome Cache Entry: 291

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:PNG image data, 490 x 180, 8-bit/color RGBA, non-interlaced
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):5895
                                                                                                  Entropy (8bit):7.720248605671278
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:96:n40H7NhvmuFFBL413wHGfZ1rsrohnXcF1BN8+PrfUFd0abvPsrXf:nbRFmuxcJfLrvnXcFjNRUFd00Wv
                                                                                                  MD5:311274C8C9C66E894F5AFA51FACD72CD
                                                                                                  SHA1:386D1FA0B2924DF2C21545CF2FF1DDE2CD985D33
                                                                                                  SHA-256:BC3C029408DAB6B5CB676B990B2E21BDD474E4B2E45DAF87E70210539390BF49
                                                                                                  SHA-512:2117BC16AC878BCC307CEA0DEFA0638800715330E83E9C8C1CAD7398BBF207E9432391B851E004308FB75C20C2D6F587D015FA3FB13F8630FE3E0C7E194979FC
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/images/microsoft365logo_v1.png
                                                                                                  Preview:.PNG........IHDR.............[.o.....IDATx......U.....xi.#..l.%3J.t.D\If5h.......>.Ft.....].8f..A...(../....D..1b.%.9:1y.LD.3...~Y....?..........(.s....~.nh........................................................................................................................................................................@...6`.W.....z.m..z....@.:.`..e.agn..w[-..}O.L...Gf.h.V....Wlu......n.....ek...z...Z...lu..AMP..@P...........&... ..j..AMP..@P..............3f.X).K._.J..+....d...5A.t..c._...R6K.2....@P.6A=}...'O...WZ[[{....;~..w[..7.x9.....uR~-.....7GB..0a..e?.........S...R&.<..X.2..r..}.>.hii.]......Q.N.iL..]..>y.r.\.."..U.g..A......K....'....q.LP..o..O..-.l...{....{)...+.....\N...9...P.d..+....B.[.Z..d.....e>...#i~%D.8Y&.E...L..M.+..OX..J1...|.do&......9..+8.[......ady...P_.....m.....mA-.P...A......a.e.zW.w..EnbIX.3.j.....k....[..Y...q[.r4...xY.....+w.g....Sk\#F..;9&.....4....f...I.'X....n.r.$.APw.P.A....M..8=..).0_.h./...b.....g......e.S...

                                                                                                  Chrome Cache Entry: 292

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (4357)
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):4613
                                                                                                  Entropy (8bit):5.402597138323048
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:96:1U8m/y1eNYB/peNjEz5M5oSea91Zzq9F+58qz9U1Stp5dU8IP8TWYR87:mfq1eNYBheNd5oC2F+WqpXpoOc
                                                                                                  MD5:2951C1ABC1AACF76A3C41D188D03D5DE
                                                                                                  SHA1:1904DC8FF6AB1701C6C07C481C0F8B1627CBE159
                                                                                                  SHA-256:7FC8882A07B8AB721E55531EE407AD28735A55A123ADB4520CCAD1AFBC4BCB6A
                                                                                                  SHA-512:EBF73BB9DE78EAAEE1259889BA6BB94BE1445F226E6EFA9DBF9816A809A7B2A19510D54179AA8ECC83C19A364900377632CFD65D07C28BDD0441DA8DAA9ECFFC
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_groupnote.f265173.js
                                                                                                  Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[341],{64289:function(e,t,n){n.r(t),n.d(t,{GroupNoteResponsesView:function(){return w}});var i=n(59312),a=n(69686),o=n(35995),l=n(36082),r=n(51710),s=n(6700),c=n(40374),d=n(82610),p=n(56498),u=n(89397),_=n(39886),f=n(68258),h=function(e){var t=e.$s$,n=void 0===t?[]:t,i=e.$iG,r=void 0===i?[]:i,s=e.$_g,d=e.$pn,p=(0,o.d)((function(e){return{$a:{},$qP:{display:"block",width:e?"calc(100% - 30px)":"calc(100% - 40px)",margin:e?"0 15px":"0 20px"},$cf:{display:"block",width:"100%"},$qQ:{display:"flex",justifyContent:"space-between",alignItems:"center",fontSize:12,fontWeight:600,lineHeight:"20px",color:l.s.$h,background:l.s.$B,height:e?25:32,width:"100%"},$pX:{width:"100%",padding:"0 10px",textOverflow:"ellipsis",whiteSpace:"nowrap",overflow:"hidden"},$ts:{background:l.s.$g,maxHeight:e?90:120,overflowY:"auto",display:"block","::-webkit-scrollbar":{width:2},"::-webkit-scrollbar-thumb":{background:"#adadad",borderRadius:2}},$tU:{display:

                                                                                                  Chrome Cache Entry: 293

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 216x96, components 3
                                                                                                  Category:dropped
                                                                                                  Size (bytes):7070
                                                                                                  Entropy (8bit):7.882338471761657
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:96:uEb6qQaiVchzYehMLfMU4HVQom1IhE+hSRV96UWa4+0+bfombnd9asVjDYLU7yge:uIXVOfP8VOAE2Ln+TnQsVjkLUJkeE
                                                                                                  MD5:08F1F7C59CA2C9734F2F762F16852C07
                                                                                                  SHA1:881007CA8C946883D19A5AC247B8DE73578FEF61
                                                                                                  SHA-256:63757A566DF61A4E622F9D08B05E85152A592AEE37770B45C898FA2443366F93
                                                                                                  SHA-512:2B98F5F7B08FA63881391B476A645439D419948340BCB0C5FCBC1238398D9941EF50BCC027BA69DD613A6E439B20E498BA95C6DC3DBA6886B351540191C8F45E
                                                                                                  Malicious:false
                                                                                                  Preview:......JFIF.....`.`.....C....................................................................C.......................................................................`...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...+3.(...(...(...(...(.&.?.?.t....]S].o......Fk.Bc.b.%....N......'.W.f.#x...~.S..:..F.2.d...0...~....8YM)=..}......Z.../..?..........m.1Iut..V~}H...S...o......;.....Eu{.i......1...*.........a.....w...1f.5F.*...1i.=s.T.4...i..:\....OK]-F.KMUe...,1.....lt.jy|..*O..Q...S...=....gS...h.4..~.[.6.p.....0....R..V.........W.....<-.x...[.p.H.Z0{.9.p..z...HY..........r

                                                                                                  Chrome Cache Entry: 294

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:GIF image data, version 89a, 16 x 16
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):1037
                                                                                                  Entropy (8bit):5.818249601446592
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24:Y6Muz2urs3NBrBblKvcpp0PJQkwZlrX3zthp:hMu6urs3NBBkvcpyt0zt
                                                                                                  MD5:4A4AC4A62EA5F3E19022F354AE737B0A
                                                                                                  SHA1:EF7FBABD1745A73D05650CC76643980AC496B323
                                                                                                  SHA-256:97AADED71C0575ACE10FABD282FBA4CFA72352C70349D86FB5F2F297A84834B1
                                                                                                  SHA-512:4320D0107599CB2406256F008C7D423FE89242968050F864F3B26AC13D99D492AA18DC8C63E709C69CA185E9074C72ABE79DE0D0AEC926E2A5A9C7AE519AC648
                                                                                                  Malicious:false
                                                                                                  URL:https://cxppusa1formui01cdnsa01-endpoint.azureedge.net/usa/Captcha/Images/icon_err.gif?vv=100
                                                                                                  Preview:GIF89a................v...........................??...?//....!!....vv.--..........WW.ff.............QQ...i...__....AAv..............ll....11....66.......^^................;;.SS.......##j...DD.xx......hh].....g.........cc...=,,......ss....ll...KK...qq.... .hh.MM.((s.................MM....KK..........AA?........................CC.dd.BBR.................QQ.............56....nn.MM.......aa.--.AA......//.UU............................}}.........[[....! ...ww}qq}cc.>?.44.]]....bb...................................................................................................................................................................................................................................................................................................!.......,............A........A}.....).$....S.B."5....>.....II..^.....@.'yD...h....T.CD!....$b..E..5p.1Q.....H.....;=..)xC.....|.....8.~..tF..M>>Y......l.JHSg..2/..Ha..(.....&..,9.....H...&%...........@......(P.@.EB

                                                                                                  Chrome Cache Entry: 295

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:PNG image data, 206 x 58, 8-bit/color RGBA, non-interlaced
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):24532
                                                                                                  Entropy (8bit):7.964334220735629
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:384:/fd5+Vx/ZAwws2EkSW/gN4MK6Rku7C7QTPvdEo5dHogvt/rSSavNzqZ:/fP0Z5w3GC5j6k2vd5HtlTgvkZ
                                                                                                  MD5:FEFA2B103737887F3ED6FDE7E449E499
                                                                                                  SHA1:F3E0CDDE45D6FD735E3ED6CC961221C360D21A6B
                                                                                                  SHA-256:D514AA1BF3E028EF40CB35BB0879CD2560427F7522F2C6C66B3D6AD33C1DB0E8
                                                                                                  SHA-512:EDD2D2400D0B1129170BDB9B90F6E295B3CDCC32F6B5BA0F89F17B3E95AC81E8A882698D9DDE7E5AE12850C369765CA3D1C26B878F1490F3E220022663481EB6
                                                                                                  Malicious:false
                                                                                                  URL:https://lists.office.com/Images/dd18e69b-971b-47d9-92e2-cbe3f1a610dc/940d9737-eba1-4e9d-9634-8743e1cd723e/TCG5CXQLFEXTK82SRDWKZP5U61/f24d995e-7c80-440b-91ac-da26063be5bd
                                                                                                  Preview:.PNG........IHDR.......:.......f.....gAMA....|.Q.... cHRM...........y..|...o*......<......H....>iCCPICC Profile..X.WgTS..>.$!....H..."5...Z...FH...c ..A....l....;bgPl.....8..]y'.,3..[.....g.o.{n.....D9.:...|ql.?}\r.....@.d....n............7.5.k.R..........8..... .x.W$...(.M..I1.@K...x..g.q.....^.M|,..V..T8.q...W..^......;.y.!...On.....[C...R~F.w<.?p..sr8..X..L...y...........K8T2.!..a.neO..b....i.Q.kB.^...C.R2%!.r{...5.:.;.8.a..@.$..W....Al...A.......B........,.....6..YL..<G,.+..@...T......jaf|...........B......[.....Kb..C.........tqP..47o(_ls.......3.C...Z..Y.0..._.L................q....|.X.Z.".V....`...b...8.Z<1.nH9?.......fqB.....A8`..@..8.......}.}.J>..8@.2...+4C+.d3Bx....O.. ox..l......V~......l...\..r.D.J8.-.<...?.s...xs.....~H.M..p.F2.6dI.$..C.AD.\.....px...g..Cy|.'<%t...n....'...?E... ....i........?...!3....{...a..+..qK.B.........;.#.%. ....^.j..:."......6\o.....Y.U...a?[b....9..v.;.5.:v.k..cR<....v..XY<.G...CwVZ.<.Z.^...|.t.;..

                                                                                                  Chrome Cache Entry: 296

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (65461)
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):742296
                                                                                                  Entropy (8bit):5.442960982190392
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:6144:BUD6OzlmhnilS3b2b7/9ik9ag3OlNgxkd:SOOBFlSrk9ag3OluxU
                                                                                                  MD5:545A1BBC31581E3D1B1EB383DD3E9B98
                                                                                                  SHA1:09249350A3B3EA2665724E0A789096BBA27E0E16
                                                                                                  SHA-256:C3D9901D45BE8548749013D46A5FD17A564495A52DF6E265668E0D2401915165
                                                                                                  SHA-512:BE38C2CEBFFFEEE6F6EFD6071F65C8C047D79133119C60409E89480762F3B4677407E452BE702851E5BFB33B8E8DE8077159038049D86B7C85FDB03F64046133
                                                                                                  Malicious:false
                                                                                                  URL:https://cxppusa1formui01cdnsa01-endpoint.azureedge.net/usa/FormLoader/FormLoader.bundle.js
                                                                                                  Preview:/*! For license information please see FormLoader.bundle.js.LICENSE.txt */.var d365mktforms;(()=>{var e,t,n={317:function(e,t){var n="undefined"!=typeof self?self:this,r=function(){function e(){this.fetch=!1,this.DOMException=n.DOMException}return e.prototype=n,new e}();!function(e){!function(t){var n="URLSearchParams"in e,r="Symbol"in e&&"iterator"in Symbol,i="FileReader"in e&&"Blob"in e&&function(){try{return new Blob,!0}catch(e){return!1}}(),a="FormData"in e,o="ArrayBuffer"in e;if(o)var s=["[object Int8Array]","[object Uint8Array]","[object Uint8ClampedArray]","[object Int16Array]","[object Uint16Array]","[object Int32Array]","[object Uint32Array]","[object Float32Array]","[object Float64Array]"],u=ArrayBuffer.isView||function(e){return e&&s.indexOf(Object.prototype.toString.call(e))>-1};function c(e){if("string"!=typeof e&&(e=String(e)),/[^a-z0-9\-#$%&'*+.^_`|~]/i.test(e))throw new TypeError("Invalid character in header field name");return e.toLowerCase()}function l(e){return"strin

                                                                                                  Chrome Cache Entry: 297

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (16094)
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):38124
                                                                                                  Entropy (8bit):5.310312368406633
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:768:yqv6dXv8pMh0PcvWVtJIAaf57y3/9g570+7zpbphHUSMKd/FgrLp1pWr0qepjW8s:c8S0PekJZO57y3/9g57tpi9np1pmNZ
                                                                                                  MD5:F85DF0DB3B351E61F18DD9CA98A3C999
                                                                                                  SHA1:055AB43C220151E0C8B521A39D40DC54C50F988D
                                                                                                  SHA-256:5BEA34A1B8999FB53F5B3B8541BE6A2C6F8C75A8932BCB7A05E3FD5B91D78608
                                                                                                  SHA-512:1FB8F1989F9DD1F6C0C327F5B4808465F679793697EC486A7B18F2345DCF8DECDDCCFEEC65CC586B0F51E62BDD9C2EB035CE9C6CC23165F791181F4E0EB0DF0C
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.bcf1a85.js
                                                                                                  Preview:var _dll_dompurify_e7d452d73246f470bc6d;(()=>{var t={699:function(t){./*! @license DOMPurify | (c) Cure53 and other contributors | Released under the Apache license 2.0 and Mozilla Public License 2.0 | github.com/cure53/DOMPurify/blob/2.2.2/LICENSE */.t.exports=function(){"use strict";function t(t){if(Array.isArray(t)){for(var e=0,n=Array(t.length);e<t.length;e++)n[e]=t[e];return n}return Array.from(t)}var e=Object.hasOwnProperty,n=Object.setPrototypeOf,o=Object.isFrozen,r=Object.freeze,i=Object.seal,s=Object.create,a="undefined"!=typeof Reflect&&Reflect,c=a.apply,l=a.construct;c||(c=function(t,e,n){return t.apply(e,n)}),r||(r=function(t){return t}),i||(i=function(t){return t}),l||(l=function(e,n){return new(Function.prototype.bind.apply(e,[null].concat(t(n))))});var u=T(Array.prototype.forEach),p=T(Array.prototype.pop),d=T(Array.prototype.push),f=T(String.prototype.toLowerCase),m=T(String.prototype.match),h=T(String.prototype.replace),y=T(String.prototype.indexOf),w=T(String.prototype

                                                                                                  Chrome Cache Entry: 298

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:JSON data
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):530
                                                                                                  Entropy (8bit):4.860983185588505
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:12:YQkMf5WwJJqjJs1JJ7vIL1JJfde3s+Fwb8:Yaf5WwJJqiJJ7qJJ6snb8
                                                                                                  MD5:4D945878F36DCBBF35C41B5BB6E5513E
                                                                                                  SHA1:786EDE7740452B1C38B1FFA47C28F4E70140EC5F
                                                                                                  SHA-256:19DADB739E9886DBDDC79E9E916B753AC53A2C8C1A9560EF14AF28B400C234E0
                                                                                                  SHA-512:37E16ACE0F5DF65065C150FB05E7968A5B3AA828F66EFDEF29DD78EF4C2D4B29D0C4F81502CDA069F1EFB0B0329FA69BC309579D74A447E2B7FE9E27AC9CCD99
                                                                                                  Malicious:false
                                                                                                  URL:https://forms.office.com/pwa/en-us/app.webmanifest
                                                                                                  Preview:{"lang":"en-us","name":"Microsoft Forms","short_name":"Forms","icons":[{"src":"https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-192.png","sizes":"192x192","type":"image/png"},{"src":"https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-256.png","sizes":"256x256","type":"image/png"},{"src":"https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-512.png","sizes":"512x512","type":"image/png"}],"scope":"/","start_url":"/?pwa=1","display":"minimal-ui","theme_color":"#03787c","background_color":"#ffffff"}

                                                                                                  Chrome Cache Entry: 299

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:SVG Scalable Vector Graphics image
                                                                                                  Category:dropped
                                                                                                  Size (bytes):1795
                                                                                                  Entropy (8bit):5.2687859815811
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:24:tO5SRuJ8QTmHOrW5LRqVsL+ek4KKeZvqHsL7ek4KZSY3+1AqHsLsek4KA6lWHxDT:gzE5lLZaLuY3+uLkWH1HMAHnf
                                                                                                  MD5:DF1CD3F2DAAEE5F629C10FBC609CAC35
                                                                                                  SHA1:7C4EADD1001AFA795442C3CA06B645CFC4831BC8
                                                                                                  SHA-256:C04BC4EE3D822B90BA1A8562DF69FC44E199E8E36D2FDAD3F3787FCF9C5163DD
                                                                                                  SHA-512:3F69A1B5B192C741167622A810A9CF59C071674C8014464A29E08E4BFB9546B33246D9E72CFD3E8AB5178FFF91749013B78E4BCD7A044FF309C2255425D578F6
                                                                                                  Malicious:false
                                                                                                  Preview:<svg width="1366" height="768" viewBox="0 0 1366 768" fill="none" xmlns="http://www.w3.org/2000/svg">..<g clip-path="url(#clip0_1395_123507)">..<path d="M-30 1060.71V411.179C326.5 316.179 440.5 774.207 852 532.207C1181.2 338.607 1397.5 429.207 1464.5 498.707V1060.71H-30Z" fill="white" fill-opacity="0.15" stroke="url(#paint0_linear_1395_123507)" stroke-opacity="0.4" stroke-width="3"/>..<path d="M-125 1066.76V504.755C53.5 613.255 334 418.255 529 415.755C724 413.255 846 471.255 1069 574.255C1247.4 656.655 1384.33 608.589 1430.5 574.255V1080.76L-125 1066.76Z" fill="white" fill-opacity="0.2" stroke="url(#paint1_linear_1395_123507)" stroke-opacity="0.4" stroke-width="3"/>..<path d="M-81 1256.47V701C277 467 360.5 747.652 683 540.47C1005.5 333.288 1317.67 573.97 1472.5 625.47L1491 1256.47H-81Z" fill="white" fill-opacity="0.2" stroke="url(#paint2_linear_1395_123507)" stroke-opacity="0.4" stroke-width="3"/>..</g>..<defs>..<linearGradient id="paint0_linear_1395_123507" x1="-104.5" y1="895.178" x2

                                                                                                  Chrome Cache Entry: 300

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:HTML document, ASCII text, with very long lines (20912)
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):58044
                                                                                                  Entropy (8bit):5.360663360762408
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:768:v44iFMJ4gFrFlHUlm31E2vACKF2rvqXPdTD:wvFMOgRbHMIk1XPdTD
                                                                                                  MD5:FE0FDF3F5E52AB00FE9768809883DA4B
                                                                                                  SHA1:3322AA15DF09583A690DA1AD69D9DBAD7E6B13A2
                                                                                                  SHA-256:00A51DD7ED6F71E0FB2BEDAE92C429D5CA27E2708AC44B229950CE89DF98C8AE
                                                                                                  SHA-512:0F16480DC8F842DB6282372866AFB8F282B4CD8D7DEF0243A43CEF995A6A2033B7DBA2DF8D0F578361B87A8A9BD40BD4F4F421B21BAE16967401EF0AAAC09514
                                                                                                  Malicious:false
                                                                                                  URL:https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499
                                                                                                  Preview:<!DOCTYPE html><html><head>. <meta http-equiv="Content-Type" content="text/html; charset=utf-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <title>Marketing Form</title>. <meta name="referrer" content="never">. <meta type="xrm/designer/setting" name="type" value="marketing-designer-content-editor-document">. <meta type="xrm/designer/setting" name="layout-editable" value="marketing-designer-layout-editable">. <style>. .editor-control-layout html {. box-sizing: border-box;. background-color: #fff;. }. .editor-control-layout *,. .editor-control-layout *:before,. .editor-control-layout *:after {. box-sizing: inherit;. }.. .marketingForm h1 {. color: #000;. margin: 0px;. padding: 0px;. width: 100%;. font-family: "Segoe

                                                                                                  Chrome Cache Entry: 301

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:ASCII text, with very long lines (32830)
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):33092
                                                                                                  Entropy (8bit):5.519174045403285
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:768:e+SQ6OYGBcO0dbYNZR5idqXIgcS9ls97k:e5OYxPaNtBXrcS9ls97k
                                                                                                  MD5:A37D839AC70099E3BFFF93C7AB5C0389
                                                                                                  SHA1:9D5BF9F441C13C5016A0E53ABCF12AF3549AE0A3
                                                                                                  SHA-256:7F3B08D7908F9E4F36F7DE5ACA9DB5AADCD3098F0C7E081DCB96255C830B1B02
                                                                                                  SHA-512:623683AB7C4CAA9D6FEFF479EBFA42649E7E85C2924677C06737C9EE04AE3812371314DC37DFA399C90BFAB191A7C00812F62628FCD514C8ADEF548B4DDC556D
                                                                                                  Malicious:false
                                                                                                  URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.aac7fe7.js
                                                                                                  Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[852],{61029:function(n,e,i){i.d(e,{iF:function(){return o}});var t=i(94290),r=i(48186);function o(n){var e=n.redirectURLAfterSignIn,i=n.idp,o=n.origin,a=n.authProvider,u=n.enableEmailHrd,d=void 0===u||u,s=window.location.origin,c=[];if(e){var l=encodeURIComponent(e);c.push("redirecturl=".concat(l))}(0,r.l)(i)||c.push("idp=".concat(i)),(0,r.l)(o)||c.push("origin=".concat(o)),(0,r.l)(a)||c.push("".concat(t.gx,"=").concat(a));var f=c.length?"/?".concat(c.join("&")):"";return d?"".concat(s).concat(f,"#Login=True"):"".concat(s).concat(f)}},92658:function(n,e,i){i.d(e,{b:function(){return r}});var t=i(68289),r=function(n){var e=void 0===n?{}:n,i=e.$tB,r=e.$rM,o=e.$sM,a=e.$fZ,u=e.$i$,d=e.$i_,s=e.$oR,c=e.$jt,l=e.$nC,f=e.$kH,g=e.$uw,p=e.$mU,_=e.$jU,h=[];return i&&h.push("CollectionId=".concat(i)),r&&h.push("GroupId=".concat(r)),o&&h.push("Token=".concat(o)),c&&h.push("ResponseTime=".concat(c)),a&&h.push("SaveResponseFormId=".concat(a

                                                                                                  Chrome Cache Entry: 302

                                                                                                  Download File
                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 216x96, components 3
                                                                                                  Category:downloaded
                                                                                                  Size (bytes):5947
                                                                                                  Entropy (8bit):7.885894959287534
                                                                                                  Encrypted:false
                                                                                                  SSDEEP:96:uEthw95+k5Rlp+y36qPCNnuSPN3M7IF9Ekdb+OIHE2sO3sgJ49lh3OYs:uBb+u8uUFMYfMOIksr+g
                                                                                                  MD5:2B3AB61E12FB447D62493755A5B4C10C
                                                                                                  SHA1:9B2768B90D9A425DCBDD738B272D7AD4286DD4A4
                                                                                                  SHA-256:B8F0F51F80EF711C18D7109529A138E754E17D3AAEDC78FDF0B7F01F43A85E13
                                                                                                  SHA-512:54CB62A5065294FDF94C81613678159F421E1953FE967C5BCBAF8DA9962791D64FFF94FE790AA667BC1AB32546AF246CA2AB51DE9DD9142C6774D170AE95320D
                                                                                                  Malicious:false
                                                                                                  URL:https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=bbf60dad-072f-44d9-a6e7-e0931f50c482&rnd=457e8b8c9dd1497ba62a5c55b5b0b82d&market=en
                                                                                                  Preview:......JFIF.....`.`.....C....................................................................C.......................................................................`...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...+3.(...(.......M.........C...x...ZV....qfU....1!...w.0k.S.|..C...g.WE.............p.....|W...uk.?...K..g.XA.E....>.8#...c..5`.N.z'.k.cNN.f.6Y.].H.. ...d.......u...1.my..=..7Z+.......&]<.8.i.B.wr.1\.j..E........}.F...7.C....z/.|E...K={...*.5+..PT;c...).C#F.......'.x.<.T.}.2.W.(....x.M.>.q.k...~.h..f.+...F...6...Q....3...4[..A...}.r.8..H.rOe.z..o

                                                                                                  Static File Info

                                                                                                  General

                                                                                                  File type:PDF document, version 1.7, 1 pages
                                                                                                  Entropy (8bit):7.926837840288049
                                                                                                  TrID:
                                                                                                  • Adobe Portable Document Format (5005/1) 100.00%
                                                                                                  File name:URBAN CORPS.pdf
                                                                                                  File size:155'988 bytes
                                                                                                  MD5:ae7cb9463b29e62eca0e9e0e03bb6fb5
                                                                                                  SHA1:785afd91cc7bfe3e1a8339154d602f0c66bbf9cc
                                                                                                  SHA256:a8cf6092efd02a772c56a3ab265844c3fb329b165ad901d1c6ffc2d52040a1e1
                                                                                                  SHA512:da10fc69afd448e0be32966a9408dfef563cdcfe2812587434c193eb8df8e3b2d1d9346408911c9559236bdf5e73074363007208e2fc417af4e1926f9c2fb5f2
                                                                                                  SSDEEP:3072:LbBLeNy9pPlIRbF+sa53CUFh7LEmkSeYyVclWNQyPi+pxugiUp:PBLeNy9pPlIRdu3vSSQVclWvP1qUp
                                                                                                  TLSH:52E3F194E6056ECDD3A79F921B47791DF46EB261B9CD42813C7CCB838388E2AC42350B
                                                                                                  File Content Preview:%PDF-1.7..%......1 0 obj..<</Type/Catalog/Pages 2 0 R/Lang(en) /StructTreeRoot 44 0 R/MarkInfo<</Marked true>>/Metadata 139 0 R/ViewerPreferences 140 0 R>>..endobj..2 0 obj..<</Type/Pages/Count 1/Kids[ 3 0 R] >>..endobj..3 0 obj..<</Type/Page/Parent 2 0 R

                                                                                                  File Icon

                                                                                                  Icon Hash:62cc8caeb29e8ae0

                                                                                                  Static PDF Info

                                                                                                  General

                                                                                                  Header:%PDF-1.7
                                                                                                  Total Entropy:7.926838
                                                                                                  Total Bytes:155988
                                                                                                  Stream Entropy:7.979048
                                                                                                  Stream Bytes:142472
                                                                                                  Entropy outside Streams:5.265387
                                                                                                  Bytes outside Streams:13516
                                                                                                  Number of EOF found:2
                                                                                                  Bytes after EOF:

                                                                                                  Keywords Statistics

                                                                                                  NameCount
                                                                                                  obj60
                                                                                                  endobj60
                                                                                                  stream11
                                                                                                  endstream11
                                                                                                  xref2
                                                                                                  trailer2
                                                                                                  startxref2
                                                                                                  /Page1
                                                                                                  /Encrypt0
                                                                                                  /ObjStm1
                                                                                                  /URI24
                                                                                                  /JS0
                                                                                                  /JavaScript0
                                                                                                  /AA0
                                                                                                  /OpenAction0
                                                                                                  /AcroForm0
                                                                                                  /JBIG2Decode0
                                                                                                  /RichMedia0
                                                                                                  /Launch0
                                                                                                  /EmbeddedFile0

                                                                                                  Image Streams

                                                                                                  IDDHASHMD5Preview
                                                                                                  4248b472439bf1f162bf4026409468bc137e9cd35772f0899c

                                                                                                  Network Behavior

                                                                                                  Network Port Distribution

                                                                                                  TCP Packets

                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                  Jul 3, 2024 21:16:37.259825945 CEST49675443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:16:37.275424004 CEST49674443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:16:37.353538036 CEST49673443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:16:46.870744944 CEST49675443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:16:46.885549068 CEST49674443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:16:46.962888002 CEST49673443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:16:47.911021948 CEST49712443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:47.911042929 CEST443497122.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:47.911123991 CEST49712443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:47.921772003 CEST49712443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:47.921785116 CEST443497122.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:48.620888948 CEST443497122.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:48.620982885 CEST49712443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:48.625014067 CEST49712443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:48.625020981 CEST443497122.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:48.625437021 CEST443497122.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:48.628038883 CEST4434970323.1.237.91192.168.2.5
                                                                                                  Jul 3, 2024 21:16:48.628139973 CEST49703443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:16:48.674904108 CEST49712443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:48.720505953 CEST443497122.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:48.930368900 CEST443497122.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:48.930438995 CEST443497122.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:48.930515051 CEST49712443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:49.008327007 CEST49712443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:49.008364916 CEST443497122.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:49.008388042 CEST49712443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:49.008394003 CEST443497122.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:49.473910093 CEST49713443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:49.473958015 CEST443497132.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:49.474037886 CEST49713443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:49.474479914 CEST49713443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:49.474495888 CEST443497132.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:50.115586996 CEST443497132.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:50.116158962 CEST49713443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:50.117440939 CEST49713443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:50.117454052 CEST443497132.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:50.117692947 CEST443497132.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:50.118876934 CEST49713443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:50.160515070 CEST443497132.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:50.388839006 CEST443497132.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:50.388914108 CEST443497132.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:50.389075041 CEST49713443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:50.391052961 CEST49713443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:50.391074896 CEST443497132.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:50.391103983 CEST49713443192.168.2.52.19.244.127
                                                                                                  Jul 3, 2024 21:16:50.391109943 CEST443497132.19.244.127192.168.2.5
                                                                                                  Jul 3, 2024 21:16:57.268074036 CEST49717443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:16:57.268146992 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:57.268249989 CEST49717443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:16:57.269778967 CEST49717443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:16:57.269820929 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:57.990947008 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:57.991039038 CEST49717443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:16:57.995604992 CEST49717443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:16:57.995621920 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:57.995969057 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:58.045237064 CEST49717443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:16:58.580462933 CEST49717443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:16:58.620557070 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:58.819230080 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:58.819257021 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:58.819272995 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:58.819367886 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:58.819421053 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:58.819427013 CEST49717443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:16:58.819456100 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:58.819566011 CEST49717443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:16:58.820017099 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:58.820082903 CEST49717443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:16:58.820089102 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:58.820116043 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:58.820153952 CEST49717443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:16:59.316766977 CEST49717443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:16:59.316808939 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:16:59.316823959 CEST49717443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:16:59.316833019 CEST4434971752.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:11.873292923 CEST49740443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:17:11.873315096 CEST44349740142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:17:11.873404026 CEST49740443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:17:11.873608112 CEST49740443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:17:11.873626947 CEST44349740142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:17:12.532671928 CEST44349740142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:17:12.534789085 CEST49740443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:17:12.534804106 CEST44349740142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:17:12.535861015 CEST44349740142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:17:12.535945892 CEST49740443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:17:12.537261009 CEST49740443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:17:12.537327051 CEST44349740142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:17:12.588334084 CEST49740443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:17:12.588340998 CEST44349740142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:17:12.642941952 CEST49740443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:17:19.721959114 CEST49775443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:19.721970081 CEST4434977513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:19.722038984 CEST49775443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:19.722237110 CEST49775443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:19.722248077 CEST4434977513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:19.722595930 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:19.722649097 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:19.722703934 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:19.722913980 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:19.722923994 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.386255980 CEST4434977513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.386616945 CEST49775443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.386629105 CEST4434977513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.387644053 CEST4434977513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.387718916 CEST49775443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.387753010 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.388252974 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.388273001 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.388794899 CEST49775443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.388864994 CEST4434977513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.389014959 CEST49775443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.389022112 CEST4434977513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.389302969 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.389367104 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.390111923 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.390176058 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.441271067 CEST49775443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.441304922 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.441313982 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.487780094 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.827287912 CEST4434977513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.827380896 CEST4434977513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.827434063 CEST49775443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.828113079 CEST49775443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.828145027 CEST4434977513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.880009890 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.880063057 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:20.880146980 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.880415916 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:20.880429029 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:21.550328970 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:21.550726891 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:21.550757885 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:21.551819086 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:21.551904917 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:21.552963972 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:21.553021908 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:21.553139925 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:21.553147078 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:21.604032993 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:21.918029070 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:21.918062925 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:21.918071032 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:21.918103933 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:21.918140888 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:21.918143988 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:21.918169975 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:21.918185949 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:21.918212891 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.009893894 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.009918928 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.010036945 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.010065079 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.010112047 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.012243986 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.012259960 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.012314081 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.012320995 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.012361050 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.108473063 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.108521938 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.108587027 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.108622074 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.108637094 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.108670950 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.109313965 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.109349966 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.109380960 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.109386921 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.109416962 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.109432936 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.110255003 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.110269070 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.110321045 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.110327005 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.110368967 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.111675024 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.111690044 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.111768007 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.111773968 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.111821890 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.197879076 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.197901011 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.198014975 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.198048115 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.198095083 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.198848009 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.198867083 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.198924065 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.198930025 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.198960066 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.198980093 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.200048923 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.200081110 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.200115919 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.200122118 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.200155973 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.200170040 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.201080084 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.201098919 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.201136112 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.201139927 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.201164961 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.201183081 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.201888084 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.201904058 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.201967955 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.201972008 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.202024937 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.221009016 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.287404060 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.287425995 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.287578106 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.287605047 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.287657976 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.288333893 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.288371086 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.288408995 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.288417101 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.288445950 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.288459063 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.289478064 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.289494038 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.289567947 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.289575100 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.289619923 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.290582895 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.290599108 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.290667057 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.290673018 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.290718079 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.291584969 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.291600943 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.291665077 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.291671038 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.291713953 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.292557955 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.292573929 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.292639017 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.292646885 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.292689085 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.294118881 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.294133902 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.294208050 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.294214010 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.294255018 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.303352118 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.327836037 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.327853918 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.327939034 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.327955961 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.328020096 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.379807949 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.379826069 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.379934072 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.379949093 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.379993916 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.381097078 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.381113052 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.381170034 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.381176949 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.381215096 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.381757975 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.381772995 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.381827116 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.381834030 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.381875038 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.383264065 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.383294106 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.383326054 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.383331060 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.383368015 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.383385897 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.384371996 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.384387016 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.384438992 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.384443998 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.384471893 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.384489059 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.385324001 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.385339975 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.385433912 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.385441065 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.385474920 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.386332035 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.386348963 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.386404037 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.386409998 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.386449099 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.424309969 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.433927059 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.433957100 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.434077978 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.434094906 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.434144974 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.436803102 CEST44349740142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.436891079 CEST44349740142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.436965942 CEST49740443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:17:22.470071077 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.470094919 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.470238924 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.470257998 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.470304966 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.470747948 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.470777988 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.470820904 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.470829964 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.470858097 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.470865965 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.472388983 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.472407103 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.472476959 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.472495079 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.472544909 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.473314047 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.473330021 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.473392963 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.473400116 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.473464012 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.475053072 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.475068092 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.475146055 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.475151062 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.475197077 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.476139069 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.476154089 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.476228952 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.476234913 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.476278067 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.477133036 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.477149010 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.477225065 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.477231979 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.477271080 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.534758091 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.534780025 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.534930944 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.534948111 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.534996986 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.560198069 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.560230017 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.560337067 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.560343981 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.560369968 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.560386896 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.561290026 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.561311960 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.561364889 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.561371088 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.561407089 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.561417103 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.562122107 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.562136889 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.562207937 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.562213898 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.562273979 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.562644958 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.562669039 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.562709093 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.562714100 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.562746048 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.562761068 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.563663006 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.563694000 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.563728094 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.563733101 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.563772917 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.564522982 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.564538956 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.564584970 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.564589977 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.564630985 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.564649105 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.565342903 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.565378904 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.565411091 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.565421104 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.565447092 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.565469980 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.624336958 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.624356985 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.624422073 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.624430895 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.624475956 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.650242090 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.650279999 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.650316954 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.650326014 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.650372982 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.650852919 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.650914907 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.650918961 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.650935888 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.650990963 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.668509007 CEST49780443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.668525934 CEST4434978013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.709515095 CEST49740443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:17:22.709543943 CEST44349740142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.709836006 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.710735083 CEST49784443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.710763931 CEST4434978413.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.710815907 CEST49784443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.711514950 CEST49784443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.711529016 CEST4434978413.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.725270987 CEST49785443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.725323915 CEST4434978513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.725409031 CEST49785443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.725775003 CEST49785443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.725789070 CEST4434978513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.756510973 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.845388889 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.845421076 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.845428944 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.845446110 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.845453978 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.845459938 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.845505953 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.845542908 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.845557928 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.845594883 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.937611103 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.937624931 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.937644958 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.937767029 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.937800884 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.937851906 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.940071106 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.940095901 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.940165997 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.940176010 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.940216064 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.940671921 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.940737963 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.940746069 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.940757990 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.940804005 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.940944910 CEST49776443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.940959930 CEST4434977613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.968029976 CEST49786443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:22.968080997 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.968167067 CEST49786443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:22.968355894 CEST49786443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:22.968369007 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.975863934 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.975905895 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:22.975965023 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.976162910 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:22.976176977 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.413260937 CEST4434978413.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.413674116 CEST49784443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.413707972 CEST4434978413.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.414767027 CEST4434978413.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.414849043 CEST49784443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.415168047 CEST49784443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.415230989 CEST4434978413.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.415319920 CEST49784443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.415328026 CEST4434978413.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.436404943 CEST4434978513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.436681032 CEST49785443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.436712027 CEST4434978513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.437158108 CEST4434978513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.437460899 CEST49785443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.437526941 CEST4434978513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.437597036 CEST49785443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.462852955 CEST49784443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.484508991 CEST4434978513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.529211998 CEST4434978413.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.529293060 CEST4434978413.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.529373884 CEST49784443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.530117989 CEST49784443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.530138016 CEST4434978413.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.535597086 CEST49789443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.535619974 CEST4434978952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.535700083 CEST49789443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.536130905 CEST49789443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.536144972 CEST4434978952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.569238901 CEST49790443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.569255114 CEST4434979013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.569324970 CEST49790443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.569669962 CEST49790443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.569686890 CEST4434979013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.582699060 CEST4434978513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.582756996 CEST4434978513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.582809925 CEST49785443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.586122036 CEST49785443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.586146116 CEST4434978513.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.640104055 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.640352011 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.640364885 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.641422033 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.641479969 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.642025948 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.642087936 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.642335892 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.642343044 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.664649010 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.664853096 CEST49786443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.664881945 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.665941954 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.665996075 CEST49786443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.667026043 CEST49786443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.667093039 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.667224884 CEST49786443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.667241096 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.688287973 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.719532013 CEST49786443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.753400087 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.753429890 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.753437042 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.753457069 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.753487110 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.753506899 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.753523111 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.753539085 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.753563881 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.812669992 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.812695980 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.812704086 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.812733889 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.812751055 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.812762976 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.812784910 CEST49786443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.812798977 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.812822104 CEST49786443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.812849998 CEST49786443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.841897964 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.841918945 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.842046022 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.842070103 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.842118025 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.844216108 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.844230890 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.844283104 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.844293118 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.844332933 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.878288031 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.878375053 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.878407955 CEST49786443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.878451109 CEST49786443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.878838062 CEST49786443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.878856897 CEST4434978652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.885926008 CEST49791443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.885946035 CEST4434979113.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.886023998 CEST49791443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.886221886 CEST49791443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.886234999 CEST4434979113.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.886620045 CEST49792443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.886657953 CEST4434979252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.886714935 CEST49792443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.886908054 CEST49792443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:23.886925936 CEST4434979252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.887362003 CEST49793443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.887401104 CEST4434979313.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.887460947 CEST49793443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.887619019 CEST49793443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.887635946 CEST4434979313.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.937566996 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.937625885 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.937638998 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.937649965 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:23.937694073 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.937948942 CEST49787443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:23.937963963 CEST4434978713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.240694046 CEST4434978952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.245076895 CEST49789443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.245105028 CEST4434978952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.246368885 CEST4434978952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.246433973 CEST49789443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.246759892 CEST49789443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.246835947 CEST4434978952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.246958017 CEST49789443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.246964931 CEST4434978952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.268840075 CEST4434979013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.269324064 CEST49790443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.269340992 CEST4434979013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.271315098 CEST4434979013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.271394968 CEST49790443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.272411108 CEST49790443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.272749901 CEST4434979013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.272902012 CEST49790443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.272910118 CEST4434979013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.298331976 CEST49789443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.313822985 CEST49790443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.375336885 CEST4434979013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.375667095 CEST4434979013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.375755072 CEST49790443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.376669884 CEST49790443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.376702070 CEST4434979013.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.478328943 CEST4434978952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.478416920 CEST4434978952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.478472948 CEST49789443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.478892088 CEST49789443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.478915930 CEST4434978952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.478929043 CEST49789443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.478965998 CEST49789443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.479846954 CEST49795443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.479882956 CEST4434979552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.479947090 CEST49795443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.480397940 CEST49795443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.480410099 CEST4434979552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.565299034 CEST4434979313.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.569317102 CEST49793443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.569348097 CEST4434979313.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.569781065 CEST4434979313.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.570096970 CEST49793443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.570174932 CEST4434979313.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.570240974 CEST49793443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.598558903 CEST4434979113.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.606664896 CEST4434979252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.613445044 CEST49792443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.613460064 CEST4434979252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.613874912 CEST4434979252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.614828110 CEST49791443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.614860058 CEST4434979113.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.615256071 CEST4434979113.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.615951061 CEST49792443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.616035938 CEST4434979252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.616511106 CEST4434979313.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.616774082 CEST49791443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.616849899 CEST4434979113.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.621208906 CEST49792443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.622366905 CEST49791443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.668499947 CEST4434979113.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.668508053 CEST4434979252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.704689980 CEST4434979313.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.704771042 CEST4434979313.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.704821110 CEST49793443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.705575943 CEST49793443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.705590010 CEST4434979313.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.708743095 CEST49796443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.708764076 CEST4434979613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.708832979 CEST49796443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.709081888 CEST49796443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.709095955 CEST4434979613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.752845049 CEST4434979252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.752880096 CEST4434979252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.752921104 CEST4434979252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.752944946 CEST49792443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.752960920 CEST4434979252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.753000021 CEST49792443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.753005028 CEST4434979252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.753047943 CEST49792443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.757282972 CEST49792443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.757299900 CEST4434979252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.765149117 CEST4434979113.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.765186071 CEST4434979113.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.765245914 CEST49791443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.765278101 CEST4434979113.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.765692949 CEST4434979113.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.765743017 CEST49791443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.765774965 CEST49791443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.765789986 CEST4434979113.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.765799046 CEST49791443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.765832901 CEST49791443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.768848896 CEST49797443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.768868923 CEST4434979713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.768929005 CEST49797443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.769155025 CEST49797443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:24.769166946 CEST4434979713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.781725883 CEST49798443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.781748056 CEST4434979852.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.781801939 CEST49798443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.782593966 CEST49798443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:24.782604933 CEST4434979852.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.157344103 CEST4434979552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.157614946 CEST49795443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.157644033 CEST4434979552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.158015966 CEST4434979552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.158327103 CEST49795443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.158396006 CEST4434979552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.158467054 CEST49795443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.204509974 CEST4434979552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.384078026 CEST4434979613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.384407997 CEST49796443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:25.384434938 CEST4434979613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.384814978 CEST4434979613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.385135889 CEST49796443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:25.385209084 CEST4434979613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.385286093 CEST49796443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:25.396450996 CEST4434979552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.396538019 CEST4434979552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.396610022 CEST49795443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.397423983 CEST49795443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.397442102 CEST4434979552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.400393009 CEST49799443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.400422096 CEST4434979952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.400526047 CEST49799443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.400939941 CEST49799443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.400953054 CEST4434979952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.432502031 CEST4434979613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.443876028 CEST4434979713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.444279909 CEST49797443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:25.444308996 CEST4434979713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.444681883 CEST4434979713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.445111990 CEST49797443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:25.445179939 CEST4434979713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.445296049 CEST49797443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:25.462146997 CEST4434979852.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.462378979 CEST49798443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.462409019 CEST4434979852.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.463552952 CEST4434979852.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.463613033 CEST49798443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.464015961 CEST49798443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.464080095 CEST4434979852.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.464168072 CEST49798443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.464178085 CEST4434979852.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.488509893 CEST4434979713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.491614103 CEST4434979613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.491709948 CEST4434979613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.491821051 CEST49796443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:25.493047953 CEST49796443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:25.493068933 CEST4434979613.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.517540932 CEST49798443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.547771931 CEST4434979713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.547796965 CEST4434979713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.547871113 CEST49797443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:25.547903061 CEST4434979713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.548777103 CEST4434979713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.548863888 CEST49797443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:25.549314022 CEST49797443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:25.549330950 CEST4434979713.107.246.60192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.549374104 CEST49797443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:25.549374104 CEST49797443192.168.2.513.107.246.60
                                                                                                  Jul 3, 2024 21:17:25.592314959 CEST4434979852.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.592341900 CEST4434979852.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.592350006 CEST4434979852.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.592407942 CEST4434979852.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:25.592417955 CEST49798443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.592472076 CEST49798443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.593228102 CEST49798443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:25.593249083 CEST4434979852.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:26.091327906 CEST4434979952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:26.091579914 CEST49799443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:26.091599941 CEST4434979952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:26.092708111 CEST4434979952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:26.092767000 CEST49799443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:26.093097925 CEST49799443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:26.093163967 CEST4434979952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:26.093262911 CEST49799443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:26.093269110 CEST4434979952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:26.142478943 CEST49799443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:26.200026035 CEST4434979952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:26.200539112 CEST4434979952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:26.200620890 CEST49799443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:26.200664043 CEST49799443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:26.200684071 CEST4434979952.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:17:26.200692892 CEST49799443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:26.200731039 CEST49799443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:17:27.920777082 CEST49703443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:17:27.920850992 CEST49703443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:17:27.921276093 CEST49800443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:17:27.921325922 CEST4434980023.1.237.91192.168.2.5
                                                                                                  Jul 3, 2024 21:17:27.921412945 CEST49800443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:17:27.922290087 CEST49800443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:17:27.922303915 CEST4434980023.1.237.91192.168.2.5
                                                                                                  Jul 3, 2024 21:17:27.926883936 CEST4434970323.1.237.91192.168.2.5
                                                                                                  Jul 3, 2024 21:17:27.926897049 CEST4434970323.1.237.91192.168.2.5
                                                                                                  Jul 3, 2024 21:17:28.552194118 CEST4434980023.1.237.91192.168.2.5
                                                                                                  Jul 3, 2024 21:17:28.552449942 CEST49800443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:17:28.573079109 CEST49800443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:17:28.573096037 CEST4434980023.1.237.91192.168.2.5
                                                                                                  Jul 3, 2024 21:17:28.573463917 CEST4434980023.1.237.91192.168.2.5
                                                                                                  Jul 3, 2024 21:17:28.573530912 CEST49800443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:17:28.574145079 CEST49800443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:17:28.574187040 CEST4434980023.1.237.91192.168.2.5
                                                                                                  Jul 3, 2024 21:17:28.574377060 CEST49800443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:17:28.574383020 CEST4434980023.1.237.91192.168.2.5
                                                                                                  Jul 3, 2024 21:17:28.814867973 CEST4434980023.1.237.91192.168.2.5
                                                                                                  Jul 3, 2024 21:17:28.814934015 CEST4434980023.1.237.91192.168.2.5
                                                                                                  Jul 3, 2024 21:17:28.814949036 CEST49800443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:17:28.815017939 CEST49800443192.168.2.523.1.237.91
                                                                                                  Jul 3, 2024 21:17:35.706816912 CEST49801443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:17:35.706856966 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:35.706948042 CEST49801443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:17:35.707313061 CEST49801443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:17:35.707321882 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:36.525616884 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:36.525738001 CEST49801443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:17:36.527309895 CEST49801443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:17:36.527314901 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:36.527529001 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:36.535639048 CEST49801443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:17:36.576513052 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:36.793770075 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:36.793792009 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:36.793808937 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:36.793864012 CEST49801443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:17:36.793875933 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:36.793889999 CEST49801443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:17:36.793921947 CEST49801443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:17:36.794315100 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:36.794363976 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:36.794379950 CEST49801443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:17:36.794387102 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:36.794409990 CEST49801443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:17:36.795021057 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:36.795063972 CEST49801443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:17:36.821702003 CEST49801443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:17:36.821717024 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:17:36.821729898 CEST49801443192.168.2.552.165.165.26
                                                                                                  Jul 3, 2024 21:17:36.821741104 CEST4434980152.165.165.26192.168.2.5
                                                                                                  Jul 3, 2024 21:18:11.927148104 CEST49803443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:18:11.927190065 CEST44349803142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:18:11.927401066 CEST49803443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:18:11.928026915 CEST49803443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:18:11.928040981 CEST44349803142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:18:12.648948908 CEST44349803142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:18:12.649315119 CEST49803443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:18:12.649339914 CEST44349803142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:18:12.649760008 CEST44349803142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:18:12.650108099 CEST49803443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:18:12.650173903 CEST44349803142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:18:12.704401970 CEST49803443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:18:22.490732908 CEST44349803142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:18:22.490813971 CEST44349803142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:18:22.490911007 CEST49803443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:18:23.660201073 CEST49803443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:18:23.660228014 CEST44349803142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:18:23.847965956 CEST49804443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:23.848022938 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:23.848098993 CEST49805443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:23.848115921 CEST49804443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:23.848140001 CEST4434980552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:23.848191023 CEST49805443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:23.848413944 CEST49804443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:23.848427057 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:23.848628044 CEST49805443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:23.848639965 CEST4434980552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.552542925 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.553344011 CEST49804443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.553373098 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.553721905 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.554164886 CEST49804443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.554220915 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.554306030 CEST49804443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.571877003 CEST4434980552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.572274923 CEST49805443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.572304964 CEST4434980552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.572676897 CEST4434980552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.573064089 CEST49805443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.573122978 CEST4434980552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.574238062 CEST49805443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.594347000 CEST49804443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.594369888 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.620507956 CEST4434980552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.678869009 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.678888083 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.678896904 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.678944111 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.678973913 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.678991079 CEST49804443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.679022074 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.679095984 CEST49804443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.689771891 CEST4434980552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.689863920 CEST4434980552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.689923048 CEST49805443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.697324038 CEST49805443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.697339058 CEST4434980552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.700685978 CEST49806443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.700705051 CEST4434980652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.700763941 CEST49806443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.702227116 CEST49806443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.702239990 CEST4434980652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.773787975 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.773885965 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.773900032 CEST49804443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.773946047 CEST49804443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.783046961 CEST49804443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.783071041 CEST4434980452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.829718113 CEST49807443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.829771996 CEST4434980752.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:24.829855919 CEST49807443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.830075979 CEST49807443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:24.830089092 CEST4434980752.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.385107040 CEST4434980652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.385507107 CEST49806443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:25.385524035 CEST4434980652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.385831118 CEST4434980652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.386214018 CEST49806443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:25.386267900 CEST4434980652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.386403084 CEST49806443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:25.432497025 CEST4434980652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.525275946 CEST4434980752.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.526009083 CEST49807443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:25.526086092 CEST4434980752.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.526429892 CEST4434980752.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.527303934 CEST49807443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:25.527374983 CEST4434980752.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.527748108 CEST49807443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:25.572504997 CEST4434980752.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.612000942 CEST4434980652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.612128973 CEST4434980652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.612221956 CEST49806443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:25.614654064 CEST49806443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:25.614680052 CEST4434980652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.654321909 CEST4434980752.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.654345989 CEST4434980752.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.654434919 CEST4434980752.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.654504061 CEST49807443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:25.654623985 CEST49807443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:25.656672955 CEST49807443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:18:25.656718016 CEST4434980752.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.668127060 CEST49808443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:25.668168068 CEST4434980820.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.668243885 CEST49808443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:25.668330908 CEST49809443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:25.668370962 CEST4434980920.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.668426991 CEST49809443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:25.668848038 CEST49808443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:25.668870926 CEST4434980820.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:25.669095039 CEST49809443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:25.669109106 CEST4434980920.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.546629906 CEST4434980920.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.547529936 CEST49809443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:26.547545910 CEST4434980920.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.547911882 CEST4434980920.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.549114943 CEST49809443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:26.549185991 CEST4434980920.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.549658060 CEST49809443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:26.576414108 CEST4434980820.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.577156067 CEST49808443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:26.577187061 CEST4434980820.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.577548981 CEST4434980820.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.578478098 CEST49808443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:26.578551054 CEST4434980820.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.578722000 CEST49808443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:26.592505932 CEST4434980920.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.624489069 CEST4434980820.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.736644983 CEST4434980920.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.736726046 CEST4434980920.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.736943007 CEST49809443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:26.739665031 CEST49809443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:26.739684105 CEST4434980920.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.897878885 CEST4434980820.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.897902966 CEST4434980820.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.897988081 CEST4434980820.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:18:26.898085117 CEST49808443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:26.898194075 CEST49808443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:26.901901007 CEST49808443192.168.2.520.49.124.158
                                                                                                  Jul 3, 2024 21:18:26.901918888 CEST4434980820.49.124.158192.168.2.5
                                                                                                  Jul 3, 2024 21:19:11.987737894 CEST49811443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:19:11.987786055 CEST44349811142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:19:11.987929106 CEST49811443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:19:11.988203049 CEST49811443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:19:11.988219023 CEST44349811142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:19:12.662400007 CEST44349811142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:19:12.663115025 CEST49811443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:19:12.663141966 CEST44349811142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:19:12.663616896 CEST44349811142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:19:12.664441109 CEST49811443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:19:12.664552927 CEST44349811142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:19:12.705045938 CEST49811443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:19:22.548422098 CEST44349811142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:19:22.548511028 CEST44349811142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:19:22.548568010 CEST49811443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:19:23.813560009 CEST49811443192.168.2.5142.250.186.164
                                                                                                  Jul 3, 2024 21:19:23.813586950 CEST44349811142.250.186.164192.168.2.5
                                                                                                  Jul 3, 2024 21:19:30.596451044 CEST49812443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:30.596493959 CEST4434981252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:30.596580982 CEST49812443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:30.596816063 CEST49812443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:30.596829891 CEST4434981252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:31.275852919 CEST4434981252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:31.280678034 CEST49812443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:31.280708075 CEST4434981252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:31.281052113 CEST4434981252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:31.311362028 CEST49812443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:31.311453104 CEST4434981252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:31.312141895 CEST49812443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:31.356508970 CEST4434981252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:31.419308901 CEST4434981252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:31.419389963 CEST4434981252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:31.419456959 CEST49812443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:31.420373917 CEST49812443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:31.420401096 CEST4434981252.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:31.422144890 CEST49813443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:31.422177076 CEST4434981352.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:31.422235966 CEST49813443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:31.422920942 CEST49813443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:31.422930002 CEST4434981352.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:32.117252111 CEST4434981352.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:32.117542982 CEST49813443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:32.117558956 CEST4434981352.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:32.118037939 CEST4434981352.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:32.118741035 CEST49813443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:32.118834019 CEST4434981352.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:32.118987083 CEST49813443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:32.164504051 CEST4434981352.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:33.245064020 CEST4434981352.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:33.245146036 CEST4434981352.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:33.246561050 CEST49813443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:33.246877909 CEST49813443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:33.246891022 CEST4434981352.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:33.250319004 CEST49814443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:33.250340939 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:33.250507116 CEST49814443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:33.254021883 CEST49814443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:33.254035950 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.367815018 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.368096113 CEST49814443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:34.368104935 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.368443012 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.368726015 CEST49814443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:34.368787050 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.368863106 CEST49814443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:34.416496992 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.480976105 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.481007099 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.481021881 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.481071949 CEST49814443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:34.481081009 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.481131077 CEST49814443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:34.563885927 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.563966036 CEST49814443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:34.563972950 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.563987970 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.564026117 CEST49814443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:34.564500093 CEST49814443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:34.564518929 CEST4434981452.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.577152967 CEST49815443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:34.577192068 CEST4434981552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:34.577289104 CEST49815443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:34.577948093 CEST49815443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:34.577963114 CEST4434981552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:35.340673923 CEST4434981552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:35.340946913 CEST49815443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:35.340965986 CEST4434981552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:35.341312885 CEST4434981552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:35.341826916 CEST49815443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:35.341826916 CEST49815443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:35.341840982 CEST4434981552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:35.341888905 CEST4434981552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:35.384293079 CEST49815443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:35.473517895 CEST4434981552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:35.473546982 CEST4434981552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:35.473575115 CEST4434981552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:35.473619938 CEST4434981552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:35.473640919 CEST49815443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:35.473822117 CEST49815443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:35.475965023 CEST49815443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:35.475979090 CEST4434981552.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:35.511559963 CEST49816443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:35.511591911 CEST4434981652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:35.511781931 CEST49816443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:35.511914015 CEST49816443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:35.511924982 CEST4434981652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:36.211560011 CEST4434981652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:36.211884975 CEST49816443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:36.211921930 CEST4434981652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:36.212260008 CEST4434981652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:36.212759972 CEST49816443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:36.212819099 CEST4434981652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:36.212913036 CEST49816443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:36.260509014 CEST4434981652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:36.349669933 CEST4434981652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:36.349689960 CEST4434981652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:36.349747896 CEST49816443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:36.349759102 CEST4434981652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:36.349767923 CEST4434981652.146.76.30192.168.2.5
                                                                                                  Jul 3, 2024 21:19:36.349819899 CEST49816443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:36.351095915 CEST49816443192.168.2.552.146.76.30
                                                                                                  Jul 3, 2024 21:19:36.351108074 CEST4434981652.146.76.30192.168.2.5

                                                                                                  UDP Packets

                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                  Jul 3, 2024 21:17:07.306891918 CEST6458553192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:07.307059050 CEST5330953192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:07.313741922 CEST53584301.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:17:07.315524101 CEST53533091.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:17:07.326272011 CEST53556581.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:17:08.419742107 CEST53620461.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:17:08.993967056 CEST5980153192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:08.994127989 CEST5809853192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:09.899377108 CEST6352453192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:09.899528980 CEST5761153192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:09.908993006 CEST53576111.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:17:11.862510920 CEST5491553192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:11.862667084 CEST6257853192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:11.869992018 CEST53549151.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:17:11.870245934 CEST53625781.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:17:12.280627966 CEST53621391.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:17:12.399488926 CEST5720853192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:12.399709940 CEST5825453192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:12.407987118 CEST53582541.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:17:12.847022057 CEST6319453192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:12.847177982 CEST5985853192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:12.858705997 CEST6544653192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:12.858926058 CEST4921953192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:12.898323059 CEST53492191.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:17:13.805820942 CEST6281753192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:13.805984020 CEST6371653192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:13.813648939 CEST53637161.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:17:15.749774933 CEST5944053192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:15.749983072 CEST5225253192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:15.794848919 CEST53522521.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:17:19.681870937 CEST4958753192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:19.682177067 CEST6398753192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:22.947467089 CEST5234753192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:22.947606087 CEST5474553192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:22.948967934 CEST5158153192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:22.949112892 CEST6177553192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:24.000880003 CEST53635741.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:17:24.765070915 CEST4962253192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:24.765217066 CEST4969153192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:17:25.544037104 CEST53579541.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:17:44.479185104 CEST53654921.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:18:06.807096004 CEST53622471.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:18:07.230304956 CEST53551661.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:18:23.717278004 CEST6106653192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:18:23.717425108 CEST6252953192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:18:23.824600935 CEST5915153192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:18:23.824811935 CEST5848053192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:18:25.622999907 CEST5728853192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:18:25.623430967 CEST5442753192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:18:35.613509893 CEST53643941.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:19:19.651279926 CEST53613771.1.1.1192.168.2.5
                                                                                                  Jul 3, 2024 21:19:30.572201967 CEST5985853192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:19:30.572413921 CEST6111653192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:19:35.479446888 CEST6480653192.168.2.51.1.1.1
                                                                                                  Jul 3, 2024 21:19:35.479446888 CEST6139653192.168.2.51.1.1.1

                                                                                                  ICMP Packets

                                                                                                  TimestampSource IPDest IPChecksumCodeType
                                                                                                  Jul 3, 2024 21:17:20.887547970 CEST192.168.2.51.1.1.1c2da(Port unreachable)Destination Unreachable
                                                                                                  Jul 3, 2024 21:17:22.975197077 CEST192.168.2.51.1.1.1c2be(Port unreachable)Destination Unreachable
                                                                                                  Jul 3, 2024 21:17:24.818578005 CEST192.168.2.51.1.1.1c2be(Port unreachable)Destination Unreachable
                                                                                                  Jul 3, 2024 21:18:23.853801966 CEST192.168.2.51.1.1.1c2be(Port unreachable)Destination Unreachable

                                                                                                  DNS Queries

                                                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                  Jul 3, 2024 21:17:07.306891918 CEST192.168.2.51.1.1.10x14dfStandard query (0)forms.office.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:07.307059050 CEST192.168.2.51.1.1.10x328cStandard query (0)forms.office.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:08.993967056 CEST192.168.2.51.1.1.10xef5Standard query (0)cdn.forms.office.netA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:08.994127989 CEST192.168.2.51.1.1.10xb7d0Standard query (0)cdn.forms.office.net65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:09.899377108 CEST192.168.2.51.1.1.10xdcd5Standard query (0)forms.office.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:09.899528980 CEST192.168.2.51.1.1.10xac2dStandard query (0)forms.office.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:11.862510920 CEST192.168.2.51.1.1.10x7d91Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:11.862667084 CEST192.168.2.51.1.1.10x5a72Standard query (0)www.google.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:12.399488926 CEST192.168.2.51.1.1.10xe225Standard query (0)lists.office.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:12.399709940 CEST192.168.2.51.1.1.10x6fc0Standard query (0)lists.office.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:12.847022057 CEST192.168.2.51.1.1.10x3cbdStandard query (0)cdn.forms.office.netA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:12.847177982 CEST192.168.2.51.1.1.10xb5Standard query (0)cdn.forms.office.net65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:12.858705997 CEST192.168.2.51.1.1.10x1aStandard query (0)c.office.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:12.858926058 CEST192.168.2.51.1.1.10x5847Standard query (0)c.office.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:13.805820942 CEST192.168.2.51.1.1.10x2120Standard query (0)lists.office.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:13.805984020 CEST192.168.2.51.1.1.10x1e14Standard query (0)lists.office.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:15.749774933 CEST192.168.2.51.1.1.10x6055Standard query (0)c.office.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:15.749983072 CEST192.168.2.51.1.1.10xf1b8Standard query (0)c.office.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:19.681870937 CEST192.168.2.51.1.1.10x1e7bStandard query (0)assets-usa.mkt.dynamics.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:19.682177067 CEST192.168.2.51.1.1.10x18e6Standard query (0)assets-usa.mkt.dynamics.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:22.947467089 CEST192.168.2.51.1.1.10xc792Standard query (0)public-usa.mkt.dynamics.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:22.947606087 CEST192.168.2.51.1.1.10xd032Standard query (0)public-usa.mkt.dynamics.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:22.948967934 CEST192.168.2.51.1.1.10x2b22Standard query (0)assets-usa.mkt.dynamics.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:22.949112892 CEST192.168.2.51.1.1.10xfc42Standard query (0)assets-usa.mkt.dynamics.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:24.765070915 CEST192.168.2.51.1.1.10xb342Standard query (0)public-usa.mkt.dynamics.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:24.765217066 CEST192.168.2.51.1.1.10x651fStandard query (0)public-usa.mkt.dynamics.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.717278004 CEST192.168.2.51.1.1.10x4a2dStandard query (0)assets-usa.mkt.dynamics.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.717425108 CEST192.168.2.51.1.1.10x26c8Standard query (0)assets-usa.mkt.dynamics.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.824600935 CEST192.168.2.51.1.1.10x5fd9Standard query (0)public-usa.mkt.dynamics.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.824811935 CEST192.168.2.51.1.1.10xa812Standard query (0)public-usa.mkt.dynamics.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:25.622999907 CEST192.168.2.51.1.1.10x2ea6Standard query (0)public-usa.mkt.dynamics.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:25.623430967 CEST192.168.2.51.1.1.10x9191Standard query (0)public-usa.mkt.dynamics.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:19:30.572201967 CEST192.168.2.51.1.1.10xbd38Standard query (0)public-usa.mkt.dynamics.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:19:30.572413921 CEST192.168.2.51.1.1.10xe7dStandard query (0)public-usa.mkt.dynamics.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:19:35.479446888 CEST192.168.2.51.1.1.10x658cStandard query (0)public-usa.mkt.dynamics.comA (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:19:35.479446888 CEST192.168.2.51.1.1.10x9207Standard query (0)public-usa.mkt.dynamics.com65IN (0x0001)false

                                                                                                  DNS Answers

                                                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                  Jul 3, 2024 21:16:55.145126104 CEST1.1.1.1192.168.2.50x7ef6No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:16:55.145126104 CEST1.1.1.1192.168.2.50x7ef6No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:07.313939095 CEST1.1.1.1192.168.2.50x14dfNo error (0)forms.office.comforms.office.com.b-0039.b-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:07.315524101 CEST1.1.1.1192.168.2.50x328cNo error (0)forms.office.comforms.office.com.b-0039.b-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:09.002104998 CEST1.1.1.1192.168.2.50xef5No error (0)cdn.forms.office.netcdn.forms.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:09.003314018 CEST1.1.1.1192.168.2.50xb7d0No error (0)cdn.forms.office.netcdn.forms.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:09.906657934 CEST1.1.1.1192.168.2.50xdcd5No error (0)forms.office.comforms.office.com.b-0039.b-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:09.908993006 CEST1.1.1.1192.168.2.50xac2dNo error (0)forms.office.comforms.office.com.b-0039.b-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:11.869992018 CEST1.1.1.1192.168.2.50x7d91No error (0)www.google.com142.250.186.164A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:11.870245934 CEST1.1.1.1192.168.2.50x5a72No error (0)www.google.com65IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:12.407675982 CEST1.1.1.1192.168.2.50xe225No error (0)lists.office.comprod.lists.office.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:12.407987118 CEST1.1.1.1192.168.2.50x6fc0No error (0)lists.office.comprod.lists.office.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:12.855087996 CEST1.1.1.1192.168.2.50x3cbdNo error (0)cdn.forms.office.netcdn.forms.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:12.857323885 CEST1.1.1.1192.168.2.50xb5No error (0)cdn.forms.office.netcdn.forms.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:12.898323059 CEST1.1.1.1192.168.2.50x5847No error (0)c.office.comc.msn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:12.898323059 CEST1.1.1.1192.168.2.50x5847No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:12.900726080 CEST1.1.1.1192.168.2.50x1aNo error (0)c.office.comc.msn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:12.900726080 CEST1.1.1.1192.168.2.50x1aNo error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:13.813648939 CEST1.1.1.1192.168.2.50x1e14No error (0)lists.office.comprod.lists.office.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:13.815012932 CEST1.1.1.1192.168.2.50x2120No error (0)lists.office.comprod.lists.office.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:15.794848919 CEST1.1.1.1192.168.2.50xf1b8No error (0)c.office.comc.msn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:15.794848919 CEST1.1.1.1192.168.2.50xf1b8No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:15.872154951 CEST1.1.1.1192.168.2.50x6055No error (0)c.office.comc.msn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:15.872154951 CEST1.1.1.1192.168.2.50x6055No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:19.718585014 CEST1.1.1.1192.168.2.50x1e7bNo error (0)assets-usa.mkt.dynamics.comassets-mkt-usa.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:19.718585014 CEST1.1.1.1192.168.2.50x1e7bNo error (0)shed.dual-low.s-part-0032.t-0009.t-msedge.nets-part-0032.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:19.718585014 CEST1.1.1.1192.168.2.50x1e7bNo error (0)s-part-0032.t-0009.t-msedge.net13.107.246.60A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:19.721327066 CEST1.1.1.1192.168.2.50x18e6No error (0)assets-usa.mkt.dynamics.comassets-mkt-usa.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:20.870451927 CEST1.1.1.1192.168.2.50x5553No error (0)shed.dual-low.s-part-0032.t-0009.t-msedge.nets-part-0032.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:20.870451927 CEST1.1.1.1192.168.2.50x5553No error (0)s-part-0032.t-0009.t-msedge.net13.107.246.60A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:22.956541061 CEST1.1.1.1192.168.2.50xc792No error (0)public-usa.mkt.dynamics.comcxppusa1im4t7x7z5iubq.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:22.956541061 CEST1.1.1.1192.168.2.50xc792No error (0)public-prdia888eus0aks.mkt.dynamics.comprdia888eus0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:22.956541061 CEST1.1.1.1192.168.2.50xc792No error (0)prdia888eus0aks.mkt.dynamics.com52.146.76.30A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:22.958291054 CEST1.1.1.1192.168.2.50xfc42No error (0)assets-usa.mkt.dynamics.comassets-mkt-usa.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:22.975110054 CEST1.1.1.1192.168.2.50xd032No error (0)public-usa.mkt.dynamics.comcxppusa1im4t7x7z5iubq.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:22.975110054 CEST1.1.1.1192.168.2.50xd032No error (0)public-prdia888eus0aks.mkt.dynamics.comprdia888eus0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:22.975389004 CEST1.1.1.1192.168.2.50x2b22No error (0)assets-usa.mkt.dynamics.comassets-mkt-usa.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:22.975389004 CEST1.1.1.1192.168.2.50x2b22No error (0)shed.dual-low.s-part-0032.t-0009.t-msedge.nets-part-0032.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:22.975389004 CEST1.1.1.1192.168.2.50x2b22No error (0)s-part-0032.t-0009.t-msedge.net13.107.246.60A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:23.568331003 CEST1.1.1.1192.168.2.50x9169No error (0)shed.dual-low.s-part-0032.t-0009.t-msedge.nets-part-0032.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:23.568331003 CEST1.1.1.1192.168.2.50x9169No error (0)s-part-0032.t-0009.t-msedge.net13.107.246.60A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:24.773603916 CEST1.1.1.1192.168.2.50xb342No error (0)public-usa.mkt.dynamics.comcxppusa1im4t7x7z5iubq.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:24.773603916 CEST1.1.1.1192.168.2.50xb342No error (0)public-prdia888eus0aks.mkt.dynamics.comprdia888eus0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:24.773603916 CEST1.1.1.1192.168.2.50xb342No error (0)prdia888eus0aks.mkt.dynamics.com52.146.76.30A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:24.818459988 CEST1.1.1.1192.168.2.50x651fNo error (0)public-usa.mkt.dynamics.comcxppusa1im4t7x7z5iubq.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:17:24.818459988 CEST1.1.1.1192.168.2.50x651fNo error (0)public-prdia888wus0aks.mkt.dynamics.comprdia888wus0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.738275051 CEST1.1.1.1192.168.2.50x26c8No error (0)assets-usa.mkt.dynamics.comassets-mkt-usa.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.740842104 CEST1.1.1.1192.168.2.50x6ca1No error (0)shed.dual-low.s-part-0014.t-0009.t-msedge.nets-part-0014.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.740842104 CEST1.1.1.1192.168.2.50x6ca1No error (0)s-part-0014.t-0009.t-msedge.net13.107.246.42A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.749876022 CEST1.1.1.1192.168.2.50x4a2dNo error (0)assets-usa.mkt.dynamics.comassets-mkt-usa.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.749876022 CEST1.1.1.1192.168.2.50x4a2dNo error (0)shed.dual-low.s-part-0014.t-0009.t-msedge.nets-part-0014.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.749876022 CEST1.1.1.1192.168.2.50x4a2dNo error (0)s-part-0014.t-0009.t-msedge.net13.107.246.42A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.832426071 CEST1.1.1.1192.168.2.50x5fd9No error (0)public-usa.mkt.dynamics.comcxppusa1im4t7x7z5iubq.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.832426071 CEST1.1.1.1192.168.2.50x5fd9No error (0)public-prdia888eus0aks.mkt.dynamics.comprdia888eus0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.832426071 CEST1.1.1.1192.168.2.50x5fd9No error (0)prdia888eus0aks.mkt.dynamics.com52.146.76.30A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.853710890 CEST1.1.1.1192.168.2.50xa812No error (0)public-usa.mkt.dynamics.comcxppusa1im4t7x7z5iubq.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:23.853710890 CEST1.1.1.1192.168.2.50xa812No error (0)public-prdia888eus0aks.mkt.dynamics.comprdia888eus0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:25.632719040 CEST1.1.1.1192.168.2.50x9191No error (0)public-usa.mkt.dynamics.comcxppusa1im4t7x7z5iubq.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:25.632719040 CEST1.1.1.1192.168.2.50x9191No error (0)public-prdia888eus0aks.mkt.dynamics.comprdia888eus0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:25.667222023 CEST1.1.1.1192.168.2.50x2ea6No error (0)public-usa.mkt.dynamics.comcxppusa1im4t7x7z5iubq.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:25.667222023 CEST1.1.1.1192.168.2.50x2ea6No error (0)public-prdia888wus0aks.mkt.dynamics.comprdia888wus0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:18:25.667222023 CEST1.1.1.1192.168.2.50x2ea6No error (0)prdia888wus0aks.mkt.dynamics.com20.49.124.158A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:19:30.595284939 CEST1.1.1.1192.168.2.50xe7dNo error (0)public-usa.mkt.dynamics.comcxppusa1im4t7x7z5iubq.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:19:30.595284939 CEST1.1.1.1192.168.2.50xe7dNo error (0)public-prdia888eus0aks.mkt.dynamics.comprdia888eus0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:19:30.595972061 CEST1.1.1.1192.168.2.50xbd38No error (0)public-usa.mkt.dynamics.comcxppusa1im4t7x7z5iubq.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:19:30.595972061 CEST1.1.1.1192.168.2.50xbd38No error (0)public-prdia888eus0aks.mkt.dynamics.comprdia888eus0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:19:30.595972061 CEST1.1.1.1192.168.2.50xbd38No error (0)prdia888eus0aks.mkt.dynamics.com52.146.76.30A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:19:35.507608891 CEST1.1.1.1192.168.2.50x658cNo error (0)public-usa.mkt.dynamics.comcxppusa1im4t7x7z5iubq.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:19:35.507608891 CEST1.1.1.1192.168.2.50x658cNo error (0)public-prdia888eus0aks.mkt.dynamics.comprdia888eus0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:19:35.507608891 CEST1.1.1.1192.168.2.50x658cNo error (0)prdia888eus0aks.mkt.dynamics.com52.146.76.30A (IP address)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:19:35.510972023 CEST1.1.1.1192.168.2.50x9207No error (0)public-usa.mkt.dynamics.comcxppusa1im4t7x7z5iubq.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                  Jul 3, 2024 21:19:35.510972023 CEST1.1.1.1192.168.2.50x9207No error (0)public-prdia888eus0aks.mkt.dynamics.comprdia888eus0aks.mkt.dynamics.comCNAME (Canonical name)IN (0x0001)false

                                                                                                  HTTP Request Dependency Graph

                                                                                                  • fs.microsoft.com
                                                                                                  • slscr.update.microsoft.com
                                                                                                  • assets-usa.mkt.dynamics.com
                                                                                                  • https:
                                                                                                    • cxppusa1formui01cdnsa01-endpoint.azureedge.net
                                                                                                    • www.bing.com
                                                                                                  • public-usa.mkt.dynamics.com

                                                                                                  HTTPS Proxied Packets

                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  0192.168.2.5497122.19.244.127443
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:16:48 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                                  Connection: Keep-Alive
                                                                                                  Accept: */*
                                                                                                  Accept-Encoding: identity
                                                                                                  User-Agent: Microsoft BITS/7.8
                                                                                                  Host: fs.microsoft.com
                                                                                                  2024-07-03 19:16:48 UTC466INHTTP/1.1 200 OK
                                                                                                  Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                  Content-Type: application/octet-stream
                                                                                                  ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                  Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                  Server: ECAcc (lpl/EF06)
                                                                                                  X-CID: 11
                                                                                                  X-Ms-ApiVersion: Distribute 1.2
                                                                                                  X-Ms-Region: prod-neu-z1
                                                                                                  Cache-Control: public, max-age=75196
                                                                                                  Date: Wed, 03 Jul 2024 19:16:48 GMT
                                                                                                  Connection: close
                                                                                                  X-CID: 2


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  1192.168.2.5497132.19.244.127443
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:16:50 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                                  Connection: Keep-Alive
                                                                                                  Accept: */*
                                                                                                  Accept-Encoding: identity
                                                                                                  If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                                  Range: bytes=0-2147483646
                                                                                                  User-Agent: Microsoft BITS/7.8
                                                                                                  Host: fs.microsoft.com
                                                                                                  2024-07-03 19:16:50 UTC534INHTTP/1.1 200 OK
                                                                                                  Content-Type: application/octet-stream
                                                                                                  Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                  ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                  ApiVersion: Distribute 1.1
                                                                                                  Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                  X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y=
                                                                                                  Cache-Control: public, max-age=75182
                                                                                                  Date: Wed, 03 Jul 2024 19:16:50 GMT
                                                                                                  Content-Length: 55
                                                                                                  Connection: close
                                                                                                  X-CID: 2
                                                                                                  2024-07-03 19:16:50 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                                  Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  2192.168.2.54971752.165.165.26443
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:16:58 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=eOC3AR1WH78oNKD&MD=fbg56d3d HTTP/1.1
                                                                                                  Connection: Keep-Alive
                                                                                                  Accept: */*
                                                                                                  User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                  Host: slscr.update.microsoft.com
                                                                                                  2024-07-03 19:16:58 UTC560INHTTP/1.1 200 OK
                                                                                                  Cache-Control: no-cache
                                                                                                  Pragma: no-cache
                                                                                                  Content-Type: application/octet-stream
                                                                                                  Expires: -1
                                                                                                  Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                  ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                  MS-CorrelationId: 2527075d-0e8d-4980-808e-31b35634aa2c
                                                                                                  MS-RequestId: 53d3fdb2-8f1a-4410-8e0c-6bbe9bde9a73
                                                                                                  MS-CV: rIEa93bsskeok7Ze.0
                                                                                                  X-Microsoft-SLSClientCache: 2880
                                                                                                  Content-Disposition: attachment; filename=environment.cab
                                                                                                  X-Content-Type-Options: nosniff
                                                                                                  Date: Wed, 03 Jul 2024 19:16:57 GMT
                                                                                                  Connection: close
                                                                                                  Content-Length: 24490
                                                                                                  2024-07-03 19:16:58 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                  Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                  2024-07-03 19:16:58 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                  Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  3192.168.2.54977513.107.246.604434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:20 UTC753OUTGET /8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499 HTTP/1.1
                                                                                                  Host: assets-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                  Sec-Fetch-Site: none
                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                  Sec-Fetch-Dest: document
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:20 UTC495INHTTP/1.1 200 OK
                                                                                                  Date: Wed, 03 Jul 2024 19:17:20 GMT
                                                                                                  Content-Type: text/html
                                                                                                  Content-Length: 491
                                                                                                  Connection: close
                                                                                                  Access-Control-Allow-Origin: *
                                                                                                  Cache-Control: public, max-age=900, must-revalidate
                                                                                                  x-ms-trace-id: 57dada2948421a5ea4873c724e11087d
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff
                                                                                                  x-azure-ref: 20240703T191720Z-157bfc59976km2zhyg5xsdxufn0000000f8g00000000bff7
                                                                                                  x-fd-int-roxy-purgeid: 72378317
                                                                                                  X-Cache: TCP_MISS
                                                                                                  Accept-Ranges: bytes
                                                                                                  2024-07-03 19:17:20 UTC491INData Raw: 3c 64 69 76 0a 20 20 20 20 20 20 20 20 64 61 74 61 2d 66 6f 72 6d 2d 69 64 3d 27 65 64 36 63 63 34 37 39 2d 63 63 33 38 2d 65 66 31 31 2d 38 34 30 39 2d 37 63 31 65 35 32 30 62 61 34 39 39 27 0a 20 20 20 20 20 20 20 20 64 61 74 61 2d 66 6f 72 6d 2d 61 70 69 2d 75 72 6c 3d 27 68 74 74 70 73 3a 2f 2f 70 75 62 6c 69 63 2d 75 73 61 2e 6d 6b 74 2e 64 79 6e 61 6d 69 63 73 2e 63 6f 6d 2f 61 70 69 2f 76 31 2e 30 2f 6f 72 67 73 2f 38 65 61 66 64 34 35 38 2d 66 38 33 37 2d 65 66 31 31 2d 38 65 34 62 2d 30 30 32 32 34 38 32 61 61 63 32 63 2f 6c 61 6e 64 69 6e 67 70 61 67 65 66 6f 72 6d 73 27 0a 20 20 20 20 20 20 20 20 64 61 74 61 2d 63 61 63 68 65 64 2d 66 6f 72 6d 2d 75 72 6c 3d 27 68 74 74 70 73 3a 2f 2f 61 73 73 65 74 73 2d 75 73 61 2e 6d 6b 74 2e 64 79 6e 61 6d
                                                                                                  Data Ascii: <div data-form-id='ed6cc479-cc38-ef11-8409-7c1e520ba499' data-form-api-url='https://public-usa.mkt.dynamics.com/api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms' data-cached-form-url='https://assets-usa.mkt.dynam


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  4192.168.2.54978013.107.246.604434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:21 UTC592OUTGET /usa/FormLoader/FormLoader.bundle.js HTTP/1.1
                                                                                                  Host: cxppusa1formui01cdnsa01-endpoint.azureedge.net
                                                                                                  Connection: keep-alive
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Accept: */*
                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                  Sec-Fetch-Dest: script
                                                                                                  Referer: https://assets-usa.mkt.dynamics.com/
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:21 UTC623INHTTP/1.1 200 OK
                                                                                                  Date: Wed, 03 Jul 2024 19:17:21 GMT
                                                                                                  Content-Type: application/javascript
                                                                                                  Content-Length: 742296
                                                                                                  Connection: close
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Last-Modified: Thu, 30 May 2024 14:20:56 GMT
                                                                                                  ETag: 0x8DC80B3B8B63B4B
                                                                                                  x-ms-request-id: 9c21b8a0-d01e-0039-627d-cd5f9a000000
                                                                                                  x-ms-version: 2009-09-19
                                                                                                  x-ms-lease-status: unlocked
                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                  Access-Control-Allow-Origin: *
                                                                                                  x-azure-ref: 20240703T191721Z-157bfc599769bbcfn5fpqda8ws0000000b9g00000000npt7
                                                                                                  x-fd-int-roxy-purgeid: 71076481
                                                                                                  X-Cache: TCP_MISS
                                                                                                  Accept-Ranges: bytes
                                                                                                  2024-07-03 19:17:21 UTC15761INData Raw: 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 46 6f 72 6d 4c 6f 61 64 65 72 2e 62 75 6e 64 6c 65 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 76 61 72 20 64 33 36 35 6d 6b 74 66 6f 72 6d 73 3b 28 28 29 3d 3e 7b 76 61 72 20 65 2c 74 2c 6e 3d 7b 33 31 37 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 73 65 6c 66 3f 73 65 6c 66 3a 74 68 69 73 2c 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 74 68 69 73 2e 66 65 74 63 68 3d 21 31 2c 74 68 69 73 2e 44 4f 4d 45 78 63 65 70 74 69 6f 6e 3d 6e 2e 44 4f 4d 45 78 63 65 70 74 69 6f 6e 7d 72 65 74 75 72 6e 20 65 2e 70 72 6f 74 6f
                                                                                                  Data Ascii: /*! For license information please see FormLoader.bundle.js.LICENSE.txt */var d365mktforms;(()=>{var e,t,n={317:function(e,t){var n="undefined"!=typeof self?self:this,r=function(){function e(){this.fetch=!1,this.DOMException=n.DOMException}return e.proto
                                                                                                  2024-07-03 19:17:22 UTC16384INData Raw: 2c 6c 3d 64 28 22 72 65 61 63 74 2e 6c 61 7a 79 22 29 7d 76 61 72 20 66 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 3b 66 75 6e 63 74 69 6f 6e 20 70 28 65 29 7b 66 6f 72 28 76 61 72 20 74 3d 22 68 74 74 70 73 3a 2f 2f 72 65 61 63 74 6a 73 2e 6f 72 67 2f 64 6f 63 73 2f 65 72 72 6f 72 2d 64 65 63 6f 64 65 72 2e 68 74 6d 6c 3f 69 6e 76 61 72 69 61 6e 74 3d 22 2b 65 2c 6e 3d 31 3b 6e 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 74 2b 3d 22 26 61 72 67 73 5b 5d 3d 22 2b 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 61 72 67 75 6d 65 6e 74 73 5b 6e 5d 29 3b 72 65 74 75 72 6e 22 4d 69 6e 69 66 69 65 64 20 52 65 61 63 74 20 65 72 72 6f 72 20 23 22
                                                                                                  Data Ascii: ,l=d("react.lazy")}var f="function"==typeof Symbol&&Symbol.iterator;function p(e){for(var t="https://reactjs.org/docs/error-decoder.html?invariant="+e,n=1;n<arguments.length;n++)t+="&args[]="+encodeURIComponent(arguments[n]);return"Minified React error #"
                                                                                                  2024-07-03 19:17:22 UTC16384INData Raw: 70 36 48 41 44 6d 51 66 44 70 53 51 45 58 63 77 69 41 78 55 61 69 78 47 79 49 4b 47 67 48 6b 4d 6c 41 71 65 43 77 4a 41 67 44 73 74 5a 41 67 51 77 4b 45 6a 68 5a 39 41 52 34 4d 41 41 53 47 46 72 67 30 6d 47 44 43 67 51 49 46 6d 62 4d 73 41 47 42 69 2b 38 36 4b 46 42 68 49 34 63 50 77 6d 7a 61 48 41 30 57 51 66 64 75 53 77 49 53 47 69 43 41 4d 70 56 6a 77 6e 45 67 51 41 49 66 6b 45 43 51 6b 41 4e 41 41 73 41 41 41 41 41 42 34 41 48 67 43 46 42 41 59 45 68 49 61 45 78 4d 62 45 52 45 4a 45 70 4b 61 6b 35 4f 62 6b 5a 47 4a 6b 4c 43 6f 73 6c 4a 61 55 31 4e 62 55 74 4c 61 30 39 50 62 30 48 42 6f 63 56 46 4a 55 64 48 4a 30 6a 49 36 4d 7a 4d 37 4d 72 4b 36 73 37 4f 37 73 50 44 34 38 6e 4a 36 63 33 4e 37 63 76 4c 36 38 44 41 34 4d 54 45 70 4d 4e 44 49 30 2f 50 37
                                                                                                  Data Ascii: p6HADmQfDpSQEXcwiAxUaixGyIKGgHkMlAqeCwJAgDstZAgQwKEjhZ9AR4MAASGFrg0mGDCgQIFmbMsAGBi+86KFBhI4cPwmzaHA0WQfduSwISGiCAMpVjwnEgQAIfkECQkANAAsAAAAAB4AHgCFBAYEhIaExMbEREJEpKak5ObkZGJkLCoslJaU1NbUtLa09Pb0HBocVFJUdHJ0jI6MzM7MrK6s7O7sPD48nJ6c3N7cvL68DA4MTEpMNDI0/P7
                                                                                                  2024-07-03 19:17:22 UTC16384INData Raw: 28 76 61 72 20 69 20 69 6e 20 6e 29 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 6e 5b 69 5d 26 26 22 5b 6f 62 6a 65 63 74 20 41 72 72 61 79 5d 22 21 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 2e 61 70 70 6c 79 28 6e 5b 69 5d 29 7c 7c 74 68 69 73 2e 61 64 64 52 65 73 6f 75 72 63 65 28 65 2c 74 2c 69 2c 6e 5b 69 5d 2c 7b 73 69 6c 65 6e 74 3a 21 30 7d 29 3b 72 2e 73 69 6c 65 6e 74 7c 7c 74 68 69 73 2e 65 6d 69 74 28 22 61 64 64 65 64 22 2c 65 2c 74 2c 6e 29 7d 7d 2c 7b 6b 65 79 3a 22 61 64 64 52 65 73 6f 75 72 63 65 42 75 6e 64 6c 65 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 2c 69 29 7b 76 61 72 20 61 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 35 26 26 76 6f 69 64 20 30 21
                                                                                                  Data Ascii: (var i in n)"string"!=typeof n[i]&&"[object Array]"!==Object.prototype.toString.apply(n[i])||this.addResource(e,t,i,n[i],{silent:!0});r.silent||this.emit("added",e,t,n)}},{key:"addResourceBundle",value:function(e,t,n,r,i){var a=arguments.length>5&&void 0!
                                                                                                  2024-07-03 19:17:22 UTC16384INData Raw: 3f 31 3a 65 3c 37 3f 32 3a 65 3c 31 31 3f 33 3a 34 29 7d 2c 31 31 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4e 75 6d 62 65 72 28 31 3d 3d 65 7c 7c 31 31 3d 3d 65 3f 30 3a 32 3d 3d 65 7c 7c 31 32 3d 3d 65 3f 31 3a 65 3e 32 26 26 65 3c 32 30 3f 32 3a 33 29 7d 2c 31 32 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4e 75 6d 62 65 72 28 65 25 31 30 21 3d 31 7c 7c 65 25 31 30 30 3d 3d 31 31 29 7d 2c 31 33 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4e 75 6d 62 65 72 28 30 21 3d 3d 65 29 7d 2c 31 34 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4e 75 6d 62 65 72 28 31 3d 3d 65 3f 30 3a 32 3d 3d 65 3f 31 3a 33 3d 3d 65 3f 32 3a 33 29 7d 2c 31 35 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e
                                                                                                  Data Ascii: ?1:e<7?2:e<11?3:4)},11:function(e){return Number(1==e||11==e?0:2==e||12==e?1:e>2&&e<20?2:3)},12:function(e){return Number(e%10!=1||e%100==11)},13:function(e){return Number(0!==e)},14:function(e){return Number(1==e?0:2==e?1:3==e?2:3)},15:function(e){return
                                                                                                  2024-07-03 19:17:22 UTC16384INData Raw: 3f 74 68 69 73 2e 6c 6f 67 67 65 72 2e 77 61 72 6e 28 27 64 69 64 20 6e 6f 74 20 73 61 76 65 20 6b 65 79 20 22 27 2e 63 6f 6e 63 61 74 28 6e 2c 27 22 20 61 73 20 74 68 65 20 6e 61 6d 65 73 70 61 63 65 20 22 27 29 2e 63 6f 6e 63 61 74 28 74 2c 27 22 20 77 61 73 20 6e 6f 74 20 79 65 74 20 6c 6f 61 64 65 64 27 29 2c 22 54 68 69 73 20 6d 65 61 6e 73 20 73 6f 6d 65 74 68 69 6e 67 20 49 53 20 57 52 4f 4e 47 20 69 6e 20 79 6f 75 72 20 73 65 74 75 70 2e 20 59 6f 75 20 61 63 63 65 73 73 20 74 68 65 20 74 20 66 75 6e 63 74 69 6f 6e 20 62 65 66 6f 72 65 20 69 31 38 6e 65 78 74 2e 69 6e 69 74 20 2f 20 69 31 38 6e 65 78 74 2e 6c 6f 61 64 4e 61 6d 65 73 70 61 63 65 20 2f 20 69 31 38 6e 65 78 74 2e 63 68 61 6e 67 65 4c 61 6e 67 75 61 67 65 20 77 61 73 20 64 6f 6e 65 2e
                                                                                                  Data Ascii: ?this.logger.warn('did not save key "'.concat(n,'" as the namespace "').concat(t,'" was not yet loaded'),"This means something IS WRONG in your setup. You access the t function before i18next.init / i18next.loadNamespace / i18next.changeLanguage was done.
                                                                                                  2024-07-03 19:17:22 UTC16384INData Raw: 6e 28 65 2c 74 2c 6e 2c 72 29 7b 6e 26 26 22 6f 62 6a 65 63 74 22 3d 3d 3d 77 65 28 6e 29 26 26 28 6e 3d 53 65 28 22 22 2c 6e 29 2e 73 6c 69 63 65 28 31 29 29 2c 65 2e 71 75 65 72 79 53 74 72 69 6e 67 50 61 72 61 6d 73 26 26 28 74 3d 53 65 28 74 2c 65 2e 71 75 65 72 79 53 74 72 69 6e 67 50 61 72 61 6d 73 29 29 3b 74 72 79 7b 76 61 72 20 69 3b 28 69 3d 76 65 3f 6e 65 77 20 76 65 3a 6e 65 77 20 62 65 28 22 4d 53 58 4d 4c 32 2e 58 4d 4c 48 54 54 50 2e 33 2e 30 22 29 29 2e 6f 70 65 6e 28 6e 3f 22 50 4f 53 54 22 3a 22 47 45 54 22 2c 74 2c 31 29 2c 65 2e 63 72 6f 73 73 44 6f 6d 61 69 6e 7c 7c 69 2e 73 65 74 52 65 71 75 65 73 74 48 65 61 64 65 72 28 22 58 2d 52 65 71 75 65 73 74 65 64 2d 57 69 74 68 22 2c 22 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 22 29 2c 69
                                                                                                  Data Ascii: n(e,t,n,r){n&&"object"===we(n)&&(n=Se("",n).slice(1)),e.queryStringParams&&(t=Se(t,e.queryStringParams));try{var i;(i=ve?new ve:new be("MSXML2.XMLHTTP.3.0")).open(n?"POST":"GET",t,1),e.crossDomain||i.setRequestHeader("X-Requested-With","XMLHttpRequest"),i
                                                                                                  2024-07-03 19:17:22 UTC16384INData Raw: 66 61 75 6c 74 4f 77 6e 65 72 22 2c 65 2e 44 75 65 44 61 74 65 41 66 74 65 72 3d 22 73 63 68 65 64 75 6c 65 64 65 6e 64 22 2c 65 2e 4e 6f 74 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 2c 65 2e 44 69 73 70 6c 61 79 4e 61 6d 65 3d 22 74 6f 70 69 63 22 2c 65 2e 43 75 72 72 65 6e 63 79 49 64 3d 22 74 72 61 6e 73 61 63 74 69 6f 6e 43 75 72 72 65 6e 63 79 49 64 22 2c 65 2e 49 73 4d 61 72 6b 65 74 69 6e 67 51 75 61 6c 69 66 69 65 64 3d 22 69 73 4d 61 72 6b 65 74 69 6e 67 51 75 61 6c 69 66 69 65 64 22 2c 65 2e 4d 61 74 63 68 69 6e 67 53 74 72 61 74 65 67 79 3d 22 6d 61 74 63 68 69 6e 67 53 74 72 61 74 65 67 79 22 2c 65 2e 50 72 65 64 65 63 65 73 73 6f 72 53 61 6c 65 73 41 63 74 69 6f 6e 49 64 3d 22 70 72 65 64 65 63 65 73 73 6f 72 53 61 6c 65 73 41 63 74 69 6f
                                                                                                  Data Ascii: faultOwner",e.DueDateAfter="scheduledend",e.Note="description",e.DisplayName="topic",e.CurrencyId="transactionCurrencyId",e.IsMarketingQualified="isMarketingQualified",e.MatchingStrategy="matchingStrategy",e.PredecessorSalesActionId="predecessorSalesActio
                                                                                                  2024-07-03 19:17:22 UTC16384INData Raw: 54 69 6d 65 6f 75 74 3e 74 68 69 73 2e 6e 6f 77 28 29 3f 5b 34 2c 74 2e 67 65 74 56 61 6c 75 65 28 65 2c 72 29 5d 3a 5b 33 2c 33 5d 3b 63 61 73 65 20 31 3a 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 28 69 3d 73 2e 73 65 6e 74 28 29 29 26 26 61 28 69 29 2c 5b 34 2c 28 35 30 30 2c 6e 65 77 20 50 72 6f 6d 69 73 65 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 73 65 74 54 69 6d 65 6f 75 74 28 65 2c 35 30 30 29 7d 29 29 29 5d 3b 63 61 73 65 20 32 3a 72 65 74 75 72 6e 20 73 2e 73 65 6e 74 28 29 2c 5b 33 2c 30 5d 3b 63 61 73 65 20 33 3a 72 65 74 75 72 6e 20 6f 28 29 2c 5b 32 5d 7d 7d 29 29 7d 29 29 7d 29 29 7d 2c 65 2e 70 72 6f 74 6f 74 79 70 65 2e 74 72 79 52 65 74 72 69 65 76 65 4d 75 6c 74 69 70 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e
                                                                                                  Data Ascii: Timeout>this.now()?[4,t.getValue(e,r)]:[3,3];case 1:return null!=(i=s.sent())&&a(i),[4,(500,new Promise((function(e){return setTimeout(e,500)})))];case 2:return s.sent(),[3,0];case 3:return o(),[2]}}))}))}))},e.prototype.tryRetrieveMultiple=function(e,t,n
                                                                                                  2024-07-03 19:17:22 UTC16384INData Raw: 2c 6f 2e 6f 70 73 2e 70 75 73 68 28 73 29 3b 62 72 65 61 6b 7d 69 5b 32 5d 26 26 6f 2e 6f 70 73 2e 70 6f 70 28 29 2c 6f 2e 74 72 79 73 2e 70 6f 70 28 29 3b 63 6f 6e 74 69 6e 75 65 7d 73 3d 74 2e 63 61 6c 6c 28 65 2c 6f 29 7d 63 61 74 63 68 28 65 29 7b 73 3d 5b 36 2c 65 5d 2c 72 3d 30 7d 66 69 6e 61 6c 6c 79 7b 6e 3d 69 3d 30 7d 69 66 28 35 26 73 5b 30 5d 29 74 68 72 6f 77 20 73 5b 31 5d 3b 72 65 74 75 72 6e 7b 76 61 6c 75 65 3a 73 5b 30 5d 3f 73 5b 31 5d 3a 76 6f 69 64 20 30 2c 64 6f 6e 65 3a 21 30 7d 7d 28 5b 73 2c 75 5d 29 7d 7d 7d 2c 6a 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 74 68 69 73 2e 68 65 61 64 65 72 73 3d 7b 41 63 63 65 70 74 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 73 6f 6e 22 2c 22 43 6f 6e 74 65 6e
                                                                                                  Data Ascii: ,o.ops.push(s);break}i[2]&&o.ops.pop(),o.trys.pop();continue}s=t.call(e,o)}catch(e){s=[6,e],r=0}finally{n=i=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,u])}}},jn=function(){function e(){this.headers={Accept:"application/json","Conten


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  5192.168.2.54977613.107.246.604434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:22 UTC738OUTGET /8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499 HTTP/1.1
                                                                                                  Host: assets-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  Accept: text/plain
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Referer: https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:22 UTC609INHTTP/1.1 200 OK
                                                                                                  Date: Wed, 03 Jul 2024 19:17:22 GMT
                                                                                                  Content-Type: text/html
                                                                                                  Content-Length: 58044
                                                                                                  Connection: close
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Access-Control-Allow-Origin: *
                                                                                                  Cache-Control: public, max-age=900, must-revalidate
                                                                                                  x-ms-trace-id: 97b9d05c8d539938ddb3783b41685e21
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff
                                                                                                  x-azure-ref: 20240703T191722Z-157bfc599766h8g7dkyv7cbawn0000000fa000000000h8kg
                                                                                                  x-fd-int-roxy-purgeid: 72378317
                                                                                                  X-Cache-Info: L1_T2
                                                                                                  X-Cache: TCP_HIT
                                                                                                  Accept-Ranges: bytes
                                                                                                  2024-07-03 19:17:22 UTC15775INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 4d 61 72 6b 65 74 69 6e 67 20 46 6f 72 6d 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74
                                                                                                  Data Ascii: <!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Marketing Form</title> <meta name="referrer" cont
                                                                                                  2024-07-03 19:17:22 UTC16384INData Raw: 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 74 77 6f 4f 70 74 69 6f 6e 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 64 69 76 2e 72 61 64 69 6f 62 75 74 74 6f 6e 73 20 3e 20 64 69 76 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 74 77 6f 4f 70 74 69 6f 6e 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 64 69 76 2e 74 77 6f 6f 70 74 69 6f 6e 5f 63 68 65 63 6b 62 6f 78 20 3e 20 64 69 76 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6f 70 74 69 6f 6e 53 65 74 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 64 69 76 2e 72 61 64 69 6f 62 75 74 74 6f 6e 73 20 3e 20 64 69 76 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6d 75 6c 74 69 4f 70 74 69 6f 6e 53 65 74 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 66 69 65 6c 64 73 65 74 20 3e 20 64 69 76 2c 0a 20 20
                                                                                                  Data Ascii: } .twoOptionFormFieldBlock div.radiobuttons > div, .twoOptionFormFieldBlock div.twooption_checkbox > div, .optionSetFormFieldBlock div.radiobuttons > div, .multiOptionSetFormFieldBlock fieldset > div,
                                                                                                  2024-07-03 19:17:22 UTC16384INData Raw: 6c 65 22 20 73 74 79 6c 65 3d 22 6d 69 6e 2d 77 69 64 74 68 3a 20 35 70 78 3b 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 74 6f 70 3b 20 77 6f 72 64 2d 77 72 61 70 3a 20 62 72 65 61 6b 2d 77 6f 72 64 3b 20 77 6f 72 64 2d 62 72 65 61 6b 3a 20 62 72 65 61 6b 2d 77 6f 72 64 3b 20 77 6f 72 64 2d 77 72 61 70 3a 20 62 72 65 61 6b 2d 77 6f 72 64 3b 20 77 6f 72 64 2d 62 72 65 61 6b 3a 20 62 72 65 61 6b 2d 77 6f 72 64 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 64 61 74 61 2d 65
                                                                                                  Data Ascii: le" style="min-width: 5px; padding: 10px; vertical-align: top; word-wrap: break-word; word-break: break-word; word-wrap: break-word; word-break: break-word; font-weight: normal;"> <div data-e
                                                                                                  2024-07-03 19:17:22 UTC9501INData Raw: 6b 58 4b 2f 53 75 69 7a 4f 4d 75 69 6e 4a 79 47 4c 56 6b 39 6f 6a 72 59 70 50 43 54 73 53 39 4a 68 36 74 43 6b 4e 69 2f 4e 4c 59 47 45 47 6a 65 63 57 57 48 2f 2b 6c 66 50 68 72 35 42 33 71 4b 7a 71 75 31 51 37 6d 59 73 6d 59 71 76 62 38 52 57 45 2f 37 35 70 63 44 43 57 6d 54 6c 5a 43 76 54 71 62 54 68 44 55 75 58 70 65 54 53 35 76 46 65 70 6c 4b 71 41 65 43 43 41 4a 51 51 56 52 41 61 41 49 4d 36 2b 35 6f 4f 45 77 57 41 67 47 44 41 66 4b 64 5a 62 52 61 75 62 70 76 56 42 76 6f 6d 77 30 44 75 4f 52 4b 45 6b 2b 50 54 77 34 4f 6a 71 34 74 72 42 41 4c 6f 36 74 31 4e 71 58 68 64 62 46 52 70 71 5a 64 35 50 77 59 67 6c 73 79 2f 57 32 6a 6d 6f 73 37 52 34 65 6e 77 34 4c 6a 48 35 75 4e 4b 54 59 79 75 63 48 6f 64 39 30 61 39 56 73 2f 35 30 54 6e 42 45 62 47 39 77 45
                                                                                                  Data Ascii: kXK/SuizOMuinJyGLVk9ojrYpPCTsS9Jh6tCkNi/NLYGEGjecWWH/+lfPhr5B3qKzqu1Q7mYsmYqvb8RWE/75pcDCWmTlZCvTqbThDUuXpeTS5vFeplKqAeCCAJQQVRAaAIM6+5oOEwWAgGDAfKdZbRaubpvVBvomw0DuORKEk+PTw4Ojq4trBALo6t1NqXhdbFRpqZd5PwYglsy/W2jmos7R4enw4LjH5uNKTYyucHod90a9Vs/50TnBEbG9wE


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  6192.168.2.54978413.107.246.604434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:23 UTC650OUTGET /usa/FormLoader/public/locales/en-us/translation.json HTTP/1.1
                                                                                                  Host: cxppusa1formui01cdnsa01-endpoint.azureedge.net
                                                                                                  Connection: keep-alive
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Accept: */*
                                                                                                  Origin: https://assets-usa.mkt.dynamics.com
                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Referer: https://assets-usa.mkt.dynamics.com/
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:23 UTC635INHTTP/1.1 200 OK
                                                                                                  Date: Wed, 03 Jul 2024 19:17:23 GMT
                                                                                                  Content-Type: application/json
                                                                                                  Content-Length: 1282
                                                                                                  Connection: close
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Last-Modified: Thu, 30 May 2024 14:20:57 GMT
                                                                                                  ETag: 0x8DC80B3B914048A
                                                                                                  x-ms-request-id: e75ed218-201e-0056-120f-cd94a7000000
                                                                                                  x-ms-version: 2009-09-19
                                                                                                  x-ms-lease-status: unlocked
                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                  Access-Control-Allow-Origin: *
                                                                                                  x-azure-ref: 20240703T191723Z-157bfc59976jcqxbycr83vx54400000009e000000000g5kc
                                                                                                  x-fd-int-roxy-purgeid: 71076481
                                                                                                  X-Cache: TCP_HIT
                                                                                                  X-Cache-Info: L1_T2
                                                                                                  Accept-Ranges: bytes
                                                                                                  2024-07-03 19:17:23 UTC1282INData Raw: 7b 0d 0a 20 20 22 46 6f 72 6d 46 61 69 6c 65 64 54 6f 4c 6f 61 64 22 3a 20 22 46 61 69 6c 65 64 20 74 6f 20 6c 6f 61 64 20 66 6f 72 6d 22 2c 0d 0a 20 20 22 46 6f 72 6d 46 61 69 6c 65 64 54 6f 4c 6f 61 64 43 6f 72 73 22 3a 20 22 54 68 65 20 66 6f 72 6d 20 63 61 6e 20 6e 6f 74 20 62 65 20 6c 6f 61 64 65 64 20 6f 6e 20 61 20 64 6f 6d 61 69 6e 20 74 68 61 74 20 68 61 73 6e 27 74 20 62 65 65 6e 20 61 6c 6c 6f 77 65 64 20 66 6f 72 20 65 78 74 65 72 6e 61 6c 20 66 6f 72 6d 20 68 6f 73 74 69 6e 67 20 6f 72 20 74 68 65 72 65 20 69 73 20 61 20 6e 65 74 77 6f 72 6b 20 63 6f 6e 6e 65 63 74 69 76 69 74 79 20 69 73 73 75 65 22 2c 0d 0a 20 20 22 4c 65 61 72 6e 4d 6f 72 65 22 3a 20 22 4c 65 61 72 6e 20 6d 6f 72 65 22 2c 0d 0a 20 20 22 46 6f 72 6d 53 75 62 6d 69 74 74 65
                                                                                                  Data Ascii: { "FormFailedToLoad": "Failed to load form", "FormFailedToLoadCors": "The form can not be loaded on a domain that hasn't been allowed for external form hosting or there is a network connectivity issue", "LearnMore": "Learn more", "FormSubmitte


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  7192.168.2.54978513.107.246.604434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:23 UTC713OUTGET /favicon.ico HTTP/1.1
                                                                                                  Host: assets-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                  Sec-Fetch-Dest: image
                                                                                                  Referer: https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:23 UTC313INHTTP/1.1 404 Not Found
                                                                                                  Date: Wed, 03 Jul 2024 19:17:23 GMT
                                                                                                  Content-Type: text/html
                                                                                                  Content-Length: 548
                                                                                                  Connection: close
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-azure-ref: 20240703T191723Z-157bfc59976pjpd267bfvppp200000000ff0000000005fuw
                                                                                                  x-fd-int-roxy-purgeid: 72378317
                                                                                                  X-Cache: TCP_MISS
                                                                                                  2024-07-03 19:17:23 UTC548INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20
                                                                                                  Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  8192.168.2.54978713.107.246.604434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:23 UTC444OUTGET /8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499 HTTP/1.1
                                                                                                  Host: assets-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  Accept: */*
                                                                                                  Sec-Fetch-Site: none
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:23 UTC609INHTTP/1.1 200 OK
                                                                                                  Date: Wed, 03 Jul 2024 19:17:23 GMT
                                                                                                  Content-Type: text/html
                                                                                                  Content-Length: 58044
                                                                                                  Connection: close
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Access-Control-Allow-Origin: *
                                                                                                  Cache-Control: public, max-age=900, must-revalidate
                                                                                                  x-ms-trace-id: 97b9d05c8d539938ddb3783b41685e21
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff
                                                                                                  x-azure-ref: 20240703T191723Z-157bfc59976wsl99mfvvz7p09s0000000f6000000000h8qk
                                                                                                  x-fd-int-roxy-purgeid: 72378317
                                                                                                  X-Cache-Info: L1_T2
                                                                                                  X-Cache: TCP_HIT
                                                                                                  Accept-Ranges: bytes
                                                                                                  2024-07-03 19:17:23 UTC15775INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 4d 61 72 6b 65 74 69 6e 67 20 46 6f 72 6d 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74
                                                                                                  Data Ascii: <!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Marketing Form</title> <meta name="referrer" cont
                                                                                                  2024-07-03 19:17:23 UTC16384INData Raw: 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 74 77 6f 4f 70 74 69 6f 6e 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 64 69 76 2e 72 61 64 69 6f 62 75 74 74 6f 6e 73 20 3e 20 64 69 76 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 74 77 6f 4f 70 74 69 6f 6e 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 64 69 76 2e 74 77 6f 6f 70 74 69 6f 6e 5f 63 68 65 63 6b 62 6f 78 20 3e 20 64 69 76 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6f 70 74 69 6f 6e 53 65 74 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 64 69 76 2e 72 61 64 69 6f 62 75 74 74 6f 6e 73 20 3e 20 64 69 76 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6d 75 6c 74 69 4f 70 74 69 6f 6e 53 65 74 46 6f 72 6d 46 69 65 6c 64 42 6c 6f 63 6b 20 66 69 65 6c 64 73 65 74 20 3e 20 64 69 76 2c 0a 20 20
                                                                                                  Data Ascii: } .twoOptionFormFieldBlock div.radiobuttons > div, .twoOptionFormFieldBlock div.twooption_checkbox > div, .optionSetFormFieldBlock div.radiobuttons > div, .multiOptionSetFormFieldBlock fieldset > div,
                                                                                                  2024-07-03 19:17:23 UTC16384INData Raw: 6c 65 22 20 73 74 79 6c 65 3d 22 6d 69 6e 2d 77 69 64 74 68 3a 20 35 70 78 3b 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 74 6f 70 3b 20 77 6f 72 64 2d 77 72 61 70 3a 20 62 72 65 61 6b 2d 77 6f 72 64 3b 20 77 6f 72 64 2d 62 72 65 61 6b 3a 20 62 72 65 61 6b 2d 77 6f 72 64 3b 20 77 6f 72 64 2d 77 72 61 70 3a 20 62 72 65 61 6b 2d 77 6f 72 64 3b 20 77 6f 72 64 2d 62 72 65 61 6b 3a 20 62 72 65 61 6b 2d 77 6f 72 64 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 64 61 74 61 2d 65
                                                                                                  Data Ascii: le" style="min-width: 5px; padding: 10px; vertical-align: top; word-wrap: break-word; word-break: break-word; word-wrap: break-word; word-break: break-word; font-weight: normal;"> <div data-e
                                                                                                  2024-07-03 19:17:23 UTC9501INData Raw: 6b 58 4b 2f 53 75 69 7a 4f 4d 75 69 6e 4a 79 47 4c 56 6b 39 6f 6a 72 59 70 50 43 54 73 53 39 4a 68 36 74 43 6b 4e 69 2f 4e 4c 59 47 45 47 6a 65 63 57 57 48 2f 2b 6c 66 50 68 72 35 42 33 71 4b 7a 71 75 31 51 37 6d 59 73 6d 59 71 76 62 38 52 57 45 2f 37 35 70 63 44 43 57 6d 54 6c 5a 43 76 54 71 62 54 68 44 55 75 58 70 65 54 53 35 76 46 65 70 6c 4b 71 41 65 43 43 41 4a 51 51 56 52 41 61 41 49 4d 36 2b 35 6f 4f 45 77 57 41 67 47 44 41 66 4b 64 5a 62 52 61 75 62 70 76 56 42 76 6f 6d 77 30 44 75 4f 52 4b 45 6b 2b 50 54 77 34 4f 6a 71 34 74 72 42 41 4c 6f 36 74 31 4e 71 58 68 64 62 46 52 70 71 5a 64 35 50 77 59 67 6c 73 79 2f 57 32 6a 6d 6f 73 37 52 34 65 6e 77 34 4c 6a 48 35 75 4e 4b 54 59 79 75 63 48 6f 64 39 30 61 39 56 73 2f 35 30 54 6e 42 45 62 47 39 77 45
                                                                                                  Data Ascii: kXK/SuizOMuinJyGLVk9ojrYpPCTsS9Jh6tCkNi/NLYGEGjecWWH/+lfPhr5B3qKzqu1Q7mYsmYqvb8RWE/75pcDCWmTlZCvTqbThDUuXpeTS5vFeplKqAeCCAJQQVRAaAIM6+5oOEwWAgGDAfKdZbRaubpvVBvomw0DuORKEk+PTw4Ojq4trBALo6t1NqXhdbFRpqZd5PwYglsy/W2jmos7R4enw4LjH5uNKTYyucHod90a9Vs/50TnBEbG9wE


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  9192.168.2.54978652.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:23 UTC673OUTGET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?fid=b105fd92-33cc-447c-b000-df58cfaf4e89&type=visual&rnd=c3b6d445-c55a-490e-a171-56d758d0beaf&mkt=en HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Accept: */*
                                                                                                  Sec-Fetch-Site: same-site
                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                  Sec-Fetch-Dest: script
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:23 UTC286INHTTP/1.1 200 OK
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:17:23 GMT
                                                                                                  Content-Type: application/javascript
                                                                                                  Content-Length: 23130
                                                                                                  Connection: close
                                                                                                  x-ms-trace-id: f2e2ce06fdfecb1bf47321daa43137d0
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff
                                                                                                  2024-07-03 19:17:23 UTC16098INData Raw: 76 61 72 20 47 65 74 57 4c 53 50 48 49 50 30 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 6f 20 3d 20 63 3b 76 61 72 20 72 20 3d 20 6f 2e 52 65 6e 64 65 72 65 72 28 61 72 67 75 6d 65 6e 74 73 29 3b 72 65 74 75 72 6e 20 72 3b 7d 3b 76 61 72 20 57 4c 53 50 48 49 50 30 3d 47 65 74 57 4c 53 50 48 49 50 30 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 70 3d 22 52 65 6e 64 65 72 65 72 22 2c 69 3d 7b 7d 2c 61 3d 7b 7d 2c 63 3d 7b 7d 2c 65 3d 7b 7d 2c 66 3d 7b 7d 2c 71 3d 7b 7d 2c 62 3d 7b 7d 2c 68 3d 7b 7d 2c 67 3d 7b 7d 2c 6e 3d 7b 7d 2c 64 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 6c 28 29 7b 69 66 28 62 28 61 29 29 7b 61 6c 65 72 74 28 22 6d 69 73 73 69 6e 67 20 63 6c 69 65 6e 74 20 48 49 50 20 6f 62 6a 65 63 74 22 29 3b 72 65 74 75 72 6e 20 66 61 6c
                                                                                                  Data Ascii: var GetWLSPHIP0=function(c){var o = c;var r = o.Renderer(arguments);return r;};var WLSPHIP0=GetWLSPHIP0((function(){var p="Renderer",i={},a={},c={},e={},f={},q={},b={},h={},g={},n={},d={};function l(){if(b(a)){alert("missing client HIP object");return fal
                                                                                                  2024-07-03 19:17:23 UTC7032INData Raw: 43 68 69 6c 64 28 68 29 7d 67 28 61 2e 68 6f 6c 64 65 72 29 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 63 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 6e 28 62 2c 63 29 7b 2b 2b 61 2e 63 6f 75 6e 74 3b 69 66 28 21 64 28 63 29 29 61 2e 64 61 74 61 43 65 6e 74 65 72 3d 63 3b 65 6c 73 65 20 69 66 28 21 64 28 62 29 29 7b 76 61 72 20 65 3d 62 2e 69 6e 64 65 78 4f 66 28 22 2e 22 29 3b 69 66 28 65 21 3d 2d 31 29 61 2e 64 61 74 61 43 65 6e 74 65 72 3d 62 2e 73 75 62 73 74 72 69 6e 67 28 30 2c 65 29 7d 69 66 28 21 64 28 62 29 29 61 2e 75 72 6c 46 69 64 3d 62 3b 69 66 28 21 64 28 62 29 7c 7c 21 64 28 63 29 29 61 2e 63 6f 6d 65 69 6e 55 52 4c 3d 61 2e 63 6f 6e 73 74 72 75 63 74 55 52 4c 28 29 3b 72 65 74 75 72 6e 20 61 2e 63 6f 6d 65 69 6e 55 52 4c 2b 22 26 74 79 70 65 3d 22 2b
                                                                                                  Data Ascii: Child(h)}g(a.holder).appendChild(c)}}function n(b,c){++a.count;if(!d(c))a.dataCenter=c;else if(!d(b)){var e=b.indexOf(".");if(e!=-1)a.dataCenter=b.substring(0,e)}if(!d(b))a.urlFid=b;if(!d(b)||!d(c))a.comeinURL=a.constructURL();return a.comeinURL+"&type="+


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  10192.168.2.54978952.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:24 UTC605OUTOPTIONS /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499/visits HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  Accept: */*
                                                                                                  Access-Control-Request-Method: POST
                                                                                                  Access-Control-Request-Headers: content-type
                                                                                                  Origin: https://assets-usa.mkt.dynamics.com
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Site: same-site
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:24 UTC383INHTTP/1.1 204 No Content
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:17:24 GMT
                                                                                                  Connection: close
                                                                                                  Access-Control-Allow-Headers: content-type
                                                                                                  Access-Control-Allow-Methods: GET,POST
                                                                                                  Access-Control-Allow-Origin: https://assets-usa.mkt.dynamics.com
                                                                                                  x-ms-trace-id: 3b0a7db3b1906e286df0f7ca7108a1fc
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  11192.168.2.54979013.107.246.604434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:24 UTC422OUTGET /usa/FormLoader/public/locales/en-us/translation.json HTTP/1.1
                                                                                                  Host: cxppusa1formui01cdnsa01-endpoint.azureedge.net
                                                                                                  Connection: keep-alive
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  Accept: */*
                                                                                                  Sec-Fetch-Site: none
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:24 UTC635INHTTP/1.1 200 OK
                                                                                                  Date: Wed, 03 Jul 2024 19:17:24 GMT
                                                                                                  Content-Type: application/json
                                                                                                  Content-Length: 1282
                                                                                                  Connection: close
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Vary: Accept-Encoding
                                                                                                  Last-Modified: Thu, 30 May 2024 14:20:57 GMT
                                                                                                  ETag: 0x8DC80B3B914048A
                                                                                                  x-ms-request-id: e75ed218-201e-0056-120f-cd94a7000000
                                                                                                  x-ms-version: 2009-09-19
                                                                                                  x-ms-lease-status: unlocked
                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                  Access-Control-Allow-Origin: *
                                                                                                  x-azure-ref: 20240703T191724Z-157bfc599762h8k9re6q64dkws0000000f2g00000000hph3
                                                                                                  x-fd-int-roxy-purgeid: 71076481
                                                                                                  X-Cache: TCP_HIT
                                                                                                  X-Cache-Info: L1_T2
                                                                                                  Accept-Ranges: bytes
                                                                                                  2024-07-03 19:17:24 UTC1282INData Raw: 7b 0d 0a 20 20 22 46 6f 72 6d 46 61 69 6c 65 64 54 6f 4c 6f 61 64 22 3a 20 22 46 61 69 6c 65 64 20 74 6f 20 6c 6f 61 64 20 66 6f 72 6d 22 2c 0d 0a 20 20 22 46 6f 72 6d 46 61 69 6c 65 64 54 6f 4c 6f 61 64 43 6f 72 73 22 3a 20 22 54 68 65 20 66 6f 72 6d 20 63 61 6e 20 6e 6f 74 20 62 65 20 6c 6f 61 64 65 64 20 6f 6e 20 61 20 64 6f 6d 61 69 6e 20 74 68 61 74 20 68 61 73 6e 27 74 20 62 65 65 6e 20 61 6c 6c 6f 77 65 64 20 66 6f 72 20 65 78 74 65 72 6e 61 6c 20 66 6f 72 6d 20 68 6f 73 74 69 6e 67 20 6f 72 20 74 68 65 72 65 20 69 73 20 61 20 6e 65 74 77 6f 72 6b 20 63 6f 6e 6e 65 63 74 69 76 69 74 79 20 69 73 73 75 65 22 2c 0d 0a 20 20 22 4c 65 61 72 6e 4d 6f 72 65 22 3a 20 22 4c 65 61 72 6e 20 6d 6f 72 65 22 2c 0d 0a 20 20 22 46 6f 72 6d 53 75 62 6d 69 74 74 65
                                                                                                  Data Ascii: { "FormFailedToLoad": "Failed to load form", "FormFailedToLoadCors": "The form can not be loaded on a domain that hasn't been allowed for external form hosting or there is a network connectivity issue", "LearnMore": "Learn more", "FormSubmitte


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  12192.168.2.54979313.107.246.604434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:24 UTC608OUTGET /usa/Captcha/Images/icon_err.gif?vv=100 HTTP/1.1
                                                                                                  Host: cxppusa1formui01cdnsa01-endpoint.azureedge.net
                                                                                                  Connection: keep-alive
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                  Sec-Fetch-Dest: image
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:24 UTC509INHTTP/1.1 200 OK
                                                                                                  Date: Wed, 03 Jul 2024 19:17:24 GMT
                                                                                                  Content-Type: image/gif
                                                                                                  Content-Length: 1037
                                                                                                  Connection: close
                                                                                                  Last-Modified: Tue, 27 Feb 2024 09:22:39 GMT
                                                                                                  ETag: 0x8DC3775A4C2973C
                                                                                                  x-ms-request-id: 0701e688-201e-0012-587d-cdebbe000000
                                                                                                  x-ms-version: 2009-09-19
                                                                                                  x-ms-lease-status: unlocked
                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                  Access-Control-Allow-Origin: *
                                                                                                  x-azure-ref: 20240703T191724Z-157bfc59976mnqs85rnhh4gqgs000000033g00000000rm24
                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                  X-Cache: TCP_MISS
                                                                                                  Accept-Ranges: bytes
                                                                                                  2024-07-03 19:17:24 UTC1037INData Raw: 47 49 46 38 39 61 10 00 10 00 f7 a0 00 f0 ef ef fe fe fe 81 00 00 76 00 00 a9 01 01 95 00 00 a1 00 00 a6 00 00 94 00 00 8d 00 00 e4 10 10 e9 c9 c9 fe 3f 3f ff 9c 9c 3f 2f 2f fb 8a 8a ab 21 21 f6 f1 f1 d2 76 76 a9 2d 2d f4 ab ab f0 f2 f2 fe ff ff 95 57 57 84 66 66 fd f7 f7 a2 0c 0c b4 02 02 bc 00 00 d3 51 51 d8 00 00 69 00 00 db 5f 5f 8e 00 00 fb 41 41 76 06 06 ea d9 d9 97 00 00 d7 d1 d1 d5 d0 d0 fe 6c 6c bc 89 89 f5 31 31 f3 ff ff bb 36 36 e9 eb eb f5 18 18 d6 5e 5e a4 00 00 fb fc fc ed f0 f0 cc 00 00 fe ea ea e1 3b 3b cf 53 53 c8 1e 1e da 09 09 b7 23 23 6a 00 00 c2 44 44 c5 78 78 ce 09 09 e4 e2 e2 8f 68 68 5d 00 00 a6 a8 a8 67 00 00 f1 00 00 f9 fc fc ff 63 63 b0 06 06 3d 2c 2c e8 d3 d3 d3 b9 b9 fa 73 73 db d8 d8 cd 6c 6c ce cd cd b6 4b 4b fd ec ec 80 71
                                                                                                  Data Ascii: GIF89av???//!!vv--WWffQQi__AAvll1166^^;;SS##jDDxxhh]gcc=,,ssllKKq


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  13192.168.2.54979252.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:24 UTC733OUTGET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=b105fd92-33cc-447c-b000-df58cfaf4e89&rnd=48c46033440a4adcaad070e562fb0a2c&market=en HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                  Sec-Fetch-Site: same-site
                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                  Sec-Fetch-Dest: image
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:24 UTC273INHTTP/1.1 200 OK
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:17:24 GMT
                                                                                                  Content-Type: image/jpeg
                                                                                                  Content-Length: 8797
                                                                                                  Connection: close
                                                                                                  x-ms-trace-id: 289b4caf63525ea44bcdb5f3606cfee0
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff
                                                                                                  2024-07-03 19:17:24 UTC8797INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08 00 60 00 d8 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08
                                                                                                  Data Ascii: JFIF``CC`"}!1AQa"q2


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  14192.168.2.54979113.107.246.604434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:24 UTC623OUTGET /usa/Captcha/Images/hig_progcircle_animated.gif?vv=100 HTTP/1.1
                                                                                                  Host: cxppusa1formui01cdnsa01-endpoint.azureedge.net
                                                                                                  Connection: keep-alive
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                  Sec-Fetch-Dest: image
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:24 UTC516INHTTP/1.1 200 OK
                                                                                                  Date: Wed, 03 Jul 2024 19:17:24 GMT
                                                                                                  Content-Type: image/gif
                                                                                                  Content-Length: 7615
                                                                                                  Connection: close
                                                                                                  Last-Modified: Tue, 27 Feb 2024 09:22:39 GMT
                                                                                                  ETag: 0x8DC3775A4B1F7E0
                                                                                                  x-ms-request-id: 01a5ebf3-c01e-00cc-1a7d-cd7dc5000000
                                                                                                  x-ms-version: 2009-09-19
                                                                                                  x-ms-lease-status: unlocked
                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                  Access-Control-Allow-Origin: *
                                                                                                  x-azure-ref: 20240703T191724Z-157bfc599769bbcfn5fpqda8ws0000000bbg00000000f60d
                                                                                                  x-fd-int-roxy-purgeid: 71076481
                                                                                                  X-Cache: TCP_MISS
                                                                                                  Accept-Ranges: bytes
                                                                                                  2024-07-03 19:17:24 UTC7615INData Raw: 47 49 46 38 39 61 14 00 14 00 f7 f4 00 46 17 b4 eb e6 f7 f8 f6 fc fe fd fe 47 19 b5 e9 e4 f6 fd fc fe f8 f7 fc fb fa fd f3 f0 fa fc fb fe d6 cb ee f9 f8 fd e5 de f4 e3 dc f4 5a 30 bc f2 ef fa f7 f5 fc f5 f2 fb f0 ec f9 f0 ed f9 fb fa fe f6 f3 fb 62 3a bf f4 f1 fb b4 a0 e0 ee e9 f8 4a 1c b6 df d7 f2 ea e5 f6 e8 e2 f6 4c 1e b6 d8 ce ef da d1 f0 d3 c8 ed de d5 f1 c2 b3 e6 ee ea f8 e2 db f3 48 1a b5 9b 81 d6 4b 1d b6 f6 f4 fb a6 8f db d0 c4 ec 4d 1f b7 e6 e0 f5 ec e7 f7 fa f9 fd d4 c9 ee b4 a1 e1 49 1b b5 4f 22 b8 e1 d9 f3 d9 cf ef f1 ee f9 db d2 f1 d7 cd ef c1 b2 e6 72 4e c6 5c 32 bd e0 d8 f2 a4 8c da bc aa e4 d9 d0 f0 a2 8b d9 55 29 ba 4a 1c b5 cc bf ea d5 ca ee ef eb f9 d6 cc ef 4e 21 b7 47 18 b4 a1 89 d9 9e 85 d8 cd c0 eb 7e 5d cb b5 a2 e1 52 26 b9 e4 dd
                                                                                                  Data Ascii: GIF89aFGZ0b:JLHKMIO"rN\2U)JN!G~]R&


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  15192.168.2.54979552.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:25 UTC715OUTPOST /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499/visits HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  Content-Length: 153
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  Accept: application/json
                                                                                                  Content-Type: application/json
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Origin: https://assets-usa.mkt.dynamics.com
                                                                                                  Sec-Fetch-Site: same-site
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:25 UTC153OUTData Raw: 7b 22 70 61 67 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 61 73 73 65 74 73 2d 75 73 61 2e 6d 6b 74 2e 64 79 6e 61 6d 69 63 73 2e 63 6f 6d 2f 38 65 61 66 64 34 35 38 2d 66 38 33 37 2d 65 66 31 31 2d 38 65 34 62 2d 30 30 32 32 34 38 32 61 61 63 32 63 2f 64 69 67 69 74 61 6c 61 73 73 65 74 73 2f 73 74 61 6e 64 61 6c 6f 6e 65 66 6f 72 6d 73 2f 65 64 36 63 63 34 37 39 2d 63 63 33 38 2d 65 66 31 31 2d 38 34 30 39 2d 37 63 31 65 35 32 30 62 61 34 39 39 22 7d
                                                                                                  Data Ascii: {"pageUrl":"https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499"}
                                                                                                  2024-07-03 19:17:25 UTC366INHTTP/1.1 200 OK
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:17:25 GMT
                                                                                                  Content-Type: application/json; charset=utf-8
                                                                                                  Transfer-Encoding: chunked
                                                                                                  Connection: close
                                                                                                  Access-Control-Allow-Origin: https://assets-usa.mkt.dynamics.com
                                                                                                  x-ms-trace-id: 42bc197944506d075089bbb3d10a42c6
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff
                                                                                                  2024-07-03 19:17:25 UTC54INData Raw: 32 62 0d 0a 7b 22 69 6e 74 65 72 61 63 74 69 6f 6e 53 74 61 74 75 73 22 3a 30 2c 22 65 72 72 6f 72 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                  Data Ascii: 2b{"interactionStatus":0,"errorMessage":null}0


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  16192.168.2.54979613.107.246.604434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:25 UTC408OUTGET /usa/Captcha/Images/icon_err.gif?vv=100 HTTP/1.1
                                                                                                  Host: cxppusa1formui01cdnsa01-endpoint.azureedge.net
                                                                                                  Connection: keep-alive
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  Accept: */*
                                                                                                  Sec-Fetch-Site: none
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:25 UTC529INHTTP/1.1 200 OK
                                                                                                  Date: Wed, 03 Jul 2024 19:17:25 GMT
                                                                                                  Content-Type: image/gif
                                                                                                  Content-Length: 1037
                                                                                                  Connection: close
                                                                                                  Last-Modified: Tue, 27 Feb 2024 09:22:39 GMT
                                                                                                  ETag: 0x8DC3775A4C2973C
                                                                                                  x-ms-request-id: 0701e688-201e-0012-587d-cdebbe000000
                                                                                                  x-ms-version: 2009-09-19
                                                                                                  x-ms-lease-status: unlocked
                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                  Access-Control-Allow-Origin: *
                                                                                                  x-azure-ref: 20240703T191725Z-157bfc59976788djms3qunwv7s0000000fbg000000005bbg
                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                  X-Cache: TCP_HIT
                                                                                                  X-Cache-Info: L1_T2
                                                                                                  Accept-Ranges: bytes
                                                                                                  2024-07-03 19:17:25 UTC1037INData Raw: 47 49 46 38 39 61 10 00 10 00 f7 a0 00 f0 ef ef fe fe fe 81 00 00 76 00 00 a9 01 01 95 00 00 a1 00 00 a6 00 00 94 00 00 8d 00 00 e4 10 10 e9 c9 c9 fe 3f 3f ff 9c 9c 3f 2f 2f fb 8a 8a ab 21 21 f6 f1 f1 d2 76 76 a9 2d 2d f4 ab ab f0 f2 f2 fe ff ff 95 57 57 84 66 66 fd f7 f7 a2 0c 0c b4 02 02 bc 00 00 d3 51 51 d8 00 00 69 00 00 db 5f 5f 8e 00 00 fb 41 41 76 06 06 ea d9 d9 97 00 00 d7 d1 d1 d5 d0 d0 fe 6c 6c bc 89 89 f5 31 31 f3 ff ff bb 36 36 e9 eb eb f5 18 18 d6 5e 5e a4 00 00 fb fc fc ed f0 f0 cc 00 00 fe ea ea e1 3b 3b cf 53 53 c8 1e 1e da 09 09 b7 23 23 6a 00 00 c2 44 44 c5 78 78 ce 09 09 e4 e2 e2 8f 68 68 5d 00 00 a6 a8 a8 67 00 00 f1 00 00 f9 fc fc ff 63 63 b0 06 06 3d 2c 2c e8 d3 d3 d3 b9 b9 fa 73 73 db d8 d8 cd 6c 6c ce cd cd b6 4b 4b fd ec ec 80 71
                                                                                                  Data Ascii: GIF89av???//!!vv--WWffQQi__AAvll1166^^;;SS##jDDxxhh]gcc=,,ssllKKq


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  17192.168.2.54979713.107.246.604434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:25 UTC423OUTGET /usa/Captcha/Images/hig_progcircle_animated.gif?vv=100 HTTP/1.1
                                                                                                  Host: cxppusa1formui01cdnsa01-endpoint.azureedge.net
                                                                                                  Connection: keep-alive
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  Accept: */*
                                                                                                  Sec-Fetch-Site: none
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:25 UTC536INHTTP/1.1 200 OK
                                                                                                  Date: Wed, 03 Jul 2024 19:17:25 GMT
                                                                                                  Content-Type: image/gif
                                                                                                  Content-Length: 7615
                                                                                                  Connection: close
                                                                                                  Last-Modified: Tue, 27 Feb 2024 09:22:39 GMT
                                                                                                  ETag: 0x8DC3775A4B1F7E0
                                                                                                  x-ms-request-id: 01a5ebf3-c01e-00cc-1a7d-cd7dc5000000
                                                                                                  x-ms-version: 2009-09-19
                                                                                                  x-ms-lease-status: unlocked
                                                                                                  x-ms-blob-type: BlockBlob
                                                                                                  Access-Control-Allow-Origin: *
                                                                                                  x-azure-ref: 20240703T191725Z-157bfc599766h8g7dkyv7cbawn0000000fg0000000003b3e
                                                                                                  x-fd-int-roxy-purgeid: 71076481
                                                                                                  X-Cache: TCP_HIT
                                                                                                  X-Cache-Info: L1_T2
                                                                                                  Accept-Ranges: bytes
                                                                                                  2024-07-03 19:17:25 UTC7615INData Raw: 47 49 46 38 39 61 14 00 14 00 f7 f4 00 46 17 b4 eb e6 f7 f8 f6 fc fe fd fe 47 19 b5 e9 e4 f6 fd fc fe f8 f7 fc fb fa fd f3 f0 fa fc fb fe d6 cb ee f9 f8 fd e5 de f4 e3 dc f4 5a 30 bc f2 ef fa f7 f5 fc f5 f2 fb f0 ec f9 f0 ed f9 fb fa fe f6 f3 fb 62 3a bf f4 f1 fb b4 a0 e0 ee e9 f8 4a 1c b6 df d7 f2 ea e5 f6 e8 e2 f6 4c 1e b6 d8 ce ef da d1 f0 d3 c8 ed de d5 f1 c2 b3 e6 ee ea f8 e2 db f3 48 1a b5 9b 81 d6 4b 1d b6 f6 f4 fb a6 8f db d0 c4 ec 4d 1f b7 e6 e0 f5 ec e7 f7 fa f9 fd d4 c9 ee b4 a1 e1 49 1b b5 4f 22 b8 e1 d9 f3 d9 cf ef f1 ee f9 db d2 f1 d7 cd ef c1 b2 e6 72 4e c6 5c 32 bd e0 d8 f2 a4 8c da bc aa e4 d9 d0 f0 a2 8b d9 55 29 ba 4a 1c b5 cc bf ea d5 ca ee ef eb f9 d6 cc ef 4e 21 b7 47 18 b4 a1 89 d9 9e 85 d8 cd c0 eb 7e 5d cb b5 a2 e1 52 26 b9 e4 dd
                                                                                                  Data Ascii: GIF89aFGZ0b:JLHKMIO"rN\2U)JN!G~]R&


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  18192.168.2.54979852.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:25 UTC534OUTGET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=b105fd92-33cc-447c-b000-df58cfaf4e89&rnd=48c46033440a4adcaad070e562fb0a2c&market=en HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  Accept: */*
                                                                                                  Sec-Fetch-Site: none
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:25 UTC273INHTTP/1.1 200 OK
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:17:25 GMT
                                                                                                  Content-Type: image/jpeg
                                                                                                  Content-Length: 5938
                                                                                                  Connection: close
                                                                                                  x-ms-trace-id: b9b635645a1f11b869cd765fe3b68309
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff
                                                                                                  2024-07-03 19:17:25 UTC5938INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08 00 60 00 d8 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08
                                                                                                  Data Ascii: JFIF``CC`"}!1AQa"q2


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  19192.168.2.54979952.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:26 UTC468OUTGET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499/visits HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  Accept: */*
                                                                                                  Sec-Fetch-Site: none
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:17:26 UTC218INHTTP/1.1 403 Forbidden
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:17:26 GMT
                                                                                                  Content-Length: 0
                                                                                                  Connection: close
                                                                                                  x-ms-trace-id: 3a757724eac03d86c6071ba177122c6d
                                                                                                  Strict-Transport-Security: max-age=2592000; preload


                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                  20192.168.2.54980023.1.237.91443
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:28 UTC2148OUTPOST /threshold/xls.aspx HTTP/1.1
                                                                                                  Origin: https://www.bing.com
                                                                                                  Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                  Accept: */*
                                                                                                  Accept-Language: en-CH
                                                                                                  Content-type: text/xml
                                                                                                  X-Agent-DeviceId: 01000A410900D492
                                                                                                  X-BM-CBT: 1696428841
                                                                                                  X-BM-DateFormat: dd/MM/yyyy
                                                                                                  X-BM-DeviceDimensions: 784x984
                                                                                                  X-BM-DeviceDimensionsLogical: 784x984
                                                                                                  X-BM-DeviceScale: 100
                                                                                                  X-BM-DTZ: 120
                                                                                                  X-BM-Market: CH
                                                                                                  X-BM-Theme: 000000;0078d7
                                                                                                  X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E
                                                                                                  X-Device-ClientSession: DB0AFB19004F47BC80E5208C7478FF22
                                                                                                  X-Device-isOptin: false
                                                                                                  X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                  X-Device-OSSKU: 48
                                                                                                  X-Device-Touch: false
                                                                                                  X-DeviceID: 01000A410900D492
                                                                                                  X-MSEdge-ExternalExp: d-thshld39,d-thshld42,d-thshld77,d-thshld78,staticsh
                                                                                                  X-MSEdge-ExternalExpType: JointCoord
                                                                                                  X-PositionerType: Desktop
                                                                                                  X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                  X-Search-CortanaAvailableCapabilities: None
                                                                                                  X-Search-SafeSearch: Moderate
                                                                                                  X-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard Time
                                                                                                  X-UserAgeClass: Unknown
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                  Host: www.bing.com
                                                                                                  Content-Length: 2484
                                                                                                  Connection: Keep-Alive
                                                                                                  Cache-Control: no-cache
                                                                                                  Cookie: MUID=2F4E96DB8B7049E59AD4484C3C00F7CF; _SS=SID=1A6DEABB468B65843EB5F91B47916435&CPID=1720034187026&AC=1&CPH=d1a4eb75; _EDGE_S=SID=1A6DEABB468B65843EB5F91B47916435; SRCHUID=V=2&GUID=3D32B8AC657C4AD781A584E283227995&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20231004; SRCHHPGUSR=SRCHLANG=en&IPMH=986d886c&IPMID=1696428841029&HV=1696428756; CortanaAppUID=5A290E2CC4B523E2D8B5E2E3E4CB7CB7; MUIDB=2F4E96DB8B7049E59AD4484C3C00F7CF
                                                                                                  2024-07-03 19:17:28 UTC1OUTData Raw: 3c
                                                                                                  Data Ascii: <
                                                                                                  2024-07-03 19:17:28 UTC2483OUTData Raw: 43 6c 69 65 6e 74 49 6e 73 74 52 65 71 75 65 73 74 3e 3c 43 49 44 3e 33 36 34 34 46 44 37 34 44 46 31 36 36 31 38 46 30 38 46 37 45 43 30 33 44 45 35 35 36 30 30 31 3c 2f 43 49 44 3e 3c 45 76 65 6e 74 73 3e 3c 45 3e 3c 54 3e 45 76 65 6e 74 2e 43 6c 69 65 6e 74 49 6e 73 74 3c 2f 54 3e 3c 49 47 3e 37 35 32 32 38 31 35 36 37 30 33 41 34 30 44 35 42 39 37 45 35 41 36 38 33 36 46 32 41 31 43 45 3c 2f 49 47 3e 3c 44 3e 3c 21 5b 43 44 41 54 41 5b 7b 22 43 75 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 22 2c 22 50 69 76 6f 74 22 3a 22 51 46 22 2c 22 54 22 3a 22 43 49 2e 42 6f 78 4d 6f 64 65 6c 22 2c 22 46 49 44 22 3a 22 43 49
                                                                                                  Data Ascii: ClientInstRequest><CID>3644FD74DF16618F08F7EC03DE556001</CID><Events><E><T>Event.ClientInst</T><IG>75228156703A40D5B97E5A6836F2A1CE</IG><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init","Pivot":"QF","T":"CI.BoxModel","FID":"CI
                                                                                                  2024-07-03 19:17:28 UTC480INHTTP/1.1 204 No Content
                                                                                                  Access-Control-Allow-Origin: *
                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                  X-MSEdge-Ref: Ref A: 9BAACE8E01A14FF783A8F62D67B12B53 Ref B: LAX311000114049 Ref C: 2024-07-03T19:17:28Z
                                                                                                  Date: Wed, 03 Jul 2024 19:17:28 GMT
                                                                                                  Connection: close
                                                                                                  Alt-Svc: h3=":443"; ma=93600
                                                                                                  X-CDN-TraceID: 0.57ed0117.1720034248.1cfe84b7


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  21192.168.2.54980152.165.165.26443
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:17:36 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=eOC3AR1WH78oNKD&MD=fbg56d3d HTTP/1.1
                                                                                                  Connection: Keep-Alive
                                                                                                  Accept: */*
                                                                                                  User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                  Host: slscr.update.microsoft.com
                                                                                                  2024-07-03 19:17:36 UTC560INHTTP/1.1 200 OK
                                                                                                  Cache-Control: no-cache
                                                                                                  Pragma: no-cache
                                                                                                  Content-Type: application/octet-stream
                                                                                                  Expires: -1
                                                                                                  Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                  ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                                                                                  MS-CorrelationId: 9768f367-5d94-4f54-8e44-995415bce37b
                                                                                                  MS-RequestId: 8f7b543a-825f-4ab9-95e3-cb33b5b316e0
                                                                                                  MS-CV: bqSdiKFT4Uic0KjI.0
                                                                                                  X-Microsoft-SLSClientCache: 1440
                                                                                                  Content-Disposition: attachment; filename=environment.cab
                                                                                                  X-Content-Type-Options: nosniff
                                                                                                  Date: Wed, 03 Jul 2024 19:17:36 GMT
                                                                                                  Connection: close
                                                                                                  Content-Length: 30005
                                                                                                  2024-07-03 19:17:36 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                                                                                  Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                                                                                  2024-07-03 19:17:36 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                                                                                  Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  22192.168.2.54980452.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:18:24 UTC673OUTGET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?fid=bbf60dad-072f-44d9-a6e7-e0931f50c482&type=visual&rnd=2de0e11d-da42-446f-a718-00c44672625d&mkt=en HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Accept: */*
                                                                                                  Sec-Fetch-Site: same-site
                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                  Sec-Fetch-Dest: script
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:18:24 UTC286INHTTP/1.1 200 OK
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:18:24 GMT
                                                                                                  Content-Type: application/javascript
                                                                                                  Content-Length: 23130
                                                                                                  Connection: close
                                                                                                  x-ms-trace-id: fedb6fbad8b0533ea7fce44d78f36d03
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff
                                                                                                  2024-07-03 19:18:24 UTC16098INData Raw: 76 61 72 20 47 65 74 57 4c 53 50 48 49 50 30 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 6f 20 3d 20 63 3b 76 61 72 20 72 20 3d 20 6f 2e 52 65 6e 64 65 72 65 72 28 61 72 67 75 6d 65 6e 74 73 29 3b 72 65 74 75 72 6e 20 72 3b 7d 3b 76 61 72 20 57 4c 53 50 48 49 50 30 3d 47 65 74 57 4c 53 50 48 49 50 30 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 70 3d 22 52 65 6e 64 65 72 65 72 22 2c 69 3d 7b 7d 2c 61 3d 7b 7d 2c 63 3d 7b 7d 2c 65 3d 7b 7d 2c 66 3d 7b 7d 2c 71 3d 7b 7d 2c 62 3d 7b 7d 2c 68 3d 7b 7d 2c 67 3d 7b 7d 2c 6e 3d 7b 7d 2c 64 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 6c 28 29 7b 69 66 28 62 28 61 29 29 7b 61 6c 65 72 74 28 22 6d 69 73 73 69 6e 67 20 63 6c 69 65 6e 74 20 48 49 50 20 6f 62 6a 65 63 74 22 29 3b 72 65 74 75 72 6e 20 66 61 6c
                                                                                                  Data Ascii: var GetWLSPHIP0=function(c){var o = c;var r = o.Renderer(arguments);return r;};var WLSPHIP0=GetWLSPHIP0((function(){var p="Renderer",i={},a={},c={},e={},f={},q={},b={},h={},g={},n={},d={};function l(){if(b(a)){alert("missing client HIP object");return fal
                                                                                                  2024-07-03 19:18:24 UTC7032INData Raw: 43 68 69 6c 64 28 68 29 7d 67 28 61 2e 68 6f 6c 64 65 72 29 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 63 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 6e 28 62 2c 63 29 7b 2b 2b 61 2e 63 6f 75 6e 74 3b 69 66 28 21 64 28 63 29 29 61 2e 64 61 74 61 43 65 6e 74 65 72 3d 63 3b 65 6c 73 65 20 69 66 28 21 64 28 62 29 29 7b 76 61 72 20 65 3d 62 2e 69 6e 64 65 78 4f 66 28 22 2e 22 29 3b 69 66 28 65 21 3d 2d 31 29 61 2e 64 61 74 61 43 65 6e 74 65 72 3d 62 2e 73 75 62 73 74 72 69 6e 67 28 30 2c 65 29 7d 69 66 28 21 64 28 62 29 29 61 2e 75 72 6c 46 69 64 3d 62 3b 69 66 28 21 64 28 62 29 7c 7c 21 64 28 63 29 29 61 2e 63 6f 6d 65 69 6e 55 52 4c 3d 61 2e 63 6f 6e 73 74 72 75 63 74 55 52 4c 28 29 3b 72 65 74 75 72 6e 20 61 2e 63 6f 6d 65 69 6e 55 52 4c 2b 22 26 74 79 70 65 3d 22 2b
                                                                                                  Data Ascii: Child(h)}g(a.holder).appendChild(c)}}function n(b,c){++a.count;if(!d(c))a.dataCenter=c;else if(!d(b)){var e=b.indexOf(".");if(e!=-1)a.dataCenter=b.substring(0,e)}if(!d(b))a.urlFid=b;if(!d(b)||!d(c))a.comeinURL=a.constructURL();return a.comeinURL+"&type="+


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  23192.168.2.54980552.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:18:24 UTC605OUTOPTIONS /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499/visits HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  Accept: */*
                                                                                                  Access-Control-Request-Method: POST
                                                                                                  Access-Control-Request-Headers: content-type
                                                                                                  Origin: https://assets-usa.mkt.dynamics.com
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Site: same-site
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:18:24 UTC383INHTTP/1.1 204 No Content
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:18:24 GMT
                                                                                                  Connection: close
                                                                                                  Access-Control-Allow-Headers: content-type
                                                                                                  Access-Control-Allow-Methods: GET,POST
                                                                                                  Access-Control-Allow-Origin: https://assets-usa.mkt.dynamics.com
                                                                                                  x-ms-trace-id: 2814138219266b50f46a2b41cde438ce
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  24192.168.2.54980652.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:18:25 UTC715OUTPOST /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499/visits HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  Content-Length: 153
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  Accept: application/json
                                                                                                  Content-Type: application/json
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Origin: https://assets-usa.mkt.dynamics.com
                                                                                                  Sec-Fetch-Site: same-site
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:18:25 UTC153OUTData Raw: 7b 22 70 61 67 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 61 73 73 65 74 73 2d 75 73 61 2e 6d 6b 74 2e 64 79 6e 61 6d 69 63 73 2e 63 6f 6d 2f 38 65 61 66 64 34 35 38 2d 66 38 33 37 2d 65 66 31 31 2d 38 65 34 62 2d 30 30 32 32 34 38 32 61 61 63 32 63 2f 64 69 67 69 74 61 6c 61 73 73 65 74 73 2f 73 74 61 6e 64 61 6c 6f 6e 65 66 6f 72 6d 73 2f 65 64 36 63 63 34 37 39 2d 63 63 33 38 2d 65 66 31 31 2d 38 34 30 39 2d 37 63 31 65 35 32 30 62 61 34 39 39 22 7d
                                                                                                  Data Ascii: {"pageUrl":"https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499"}
                                                                                                  2024-07-03 19:18:25 UTC366INHTTP/1.1 200 OK
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:18:25 GMT
                                                                                                  Content-Type: application/json; charset=utf-8
                                                                                                  Transfer-Encoding: chunked
                                                                                                  Connection: close
                                                                                                  Access-Control-Allow-Origin: https://assets-usa.mkt.dynamics.com
                                                                                                  x-ms-trace-id: b56c11b738610b9bbfe04b07e695fe37
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff
                                                                                                  2024-07-03 19:18:25 UTC54INData Raw: 32 62 0d 0a 7b 22 69 6e 74 65 72 61 63 74 69 6f 6e 53 74 61 74 75 73 22 3a 30 2c 22 65 72 72 6f 72 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                  Data Ascii: 2b{"interactionStatus":0,"errorMessage":null}0


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  25192.168.2.54980752.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:18:25 UTC733OUTGET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=bbf60dad-072f-44d9-a6e7-e0931f50c482&rnd=457e8b8c9dd1497ba62a5c55b5b0b82d&market=en HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                  Sec-Fetch-Site: same-site
                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                  Sec-Fetch-Dest: image
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:18:25 UTC273INHTTP/1.1 200 OK
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:18:25 GMT
                                                                                                  Content-Type: image/jpeg
                                                                                                  Content-Length: 5947
                                                                                                  Connection: close
                                                                                                  x-ms-trace-id: c59fad8093f939f67543948eb419e518
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff
                                                                                                  2024-07-03 19:18:25 UTC5947INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08 00 60 00 d8 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08
                                                                                                  Data Ascii: JFIF``CC`"}!1AQa"q2


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  26192.168.2.54980920.49.124.1584434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:18:26 UTC468OUTGET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499/visits HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  Accept: */*
                                                                                                  Sec-Fetch-Site: none
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:18:26 UTC218INHTTP/1.1 403 Forbidden
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:18:26 GMT
                                                                                                  Content-Length: 0
                                                                                                  Connection: close
                                                                                                  x-ms-trace-id: 08b06769535da11a1dffe787e15c6c7a
                                                                                                  Strict-Transport-Security: max-age=2592000; preload


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  27192.168.2.54980820.49.124.1584434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:18:26 UTC534OUTGET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=bbf60dad-072f-44d9-a6e7-e0931f50c482&rnd=457e8b8c9dd1497ba62a5c55b5b0b82d&market=en HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  Accept: */*
                                                                                                  Sec-Fetch-Site: none
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:18:26 UTC273INHTTP/1.1 200 OK
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:18:26 GMT
                                                                                                  Content-Type: image/jpeg
                                                                                                  Content-Length: 5432
                                                                                                  Connection: close
                                                                                                  x-ms-trace-id: f8be4810225faaf9e91b5b7eda66149d
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff
                                                                                                  2024-07-03 19:18:26 UTC5432INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08 00 60 00 d8 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08
                                                                                                  Data Ascii: JFIF``CC`"}!1AQa"q2


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  28192.168.2.54981252.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:19:31 UTC598OUTOPTIONS /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499 HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  Accept: */*
                                                                                                  Access-Control-Request-Method: POST
                                                                                                  Access-Control-Request-Headers: content-type
                                                                                                  Origin: https://assets-usa.mkt.dynamics.com
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Site: same-site
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:19:31 UTC383INHTTP/1.1 204 No Content
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:19:31 GMT
                                                                                                  Connection: close
                                                                                                  Access-Control-Allow-Headers: content-type
                                                                                                  Access-Control-Allow-Methods: GET,POST
                                                                                                  Access-Control-Allow-Origin: https://assets-usa.mkt.dynamics.com
                                                                                                  x-ms-trace-id: 48240d3c14dcaf8f92520508b0611b9c
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  29192.168.2.54981352.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:19:32 UTC708OUTPOST /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/forms/ed6cc479-cc38-ef11-8409-7c1e520ba499 HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  Content-Length: 333
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  Accept: application/json
                                                                                                  Content-Type: application/json
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Origin: https://assets-usa.mkt.dynamics.com
                                                                                                  Sec-Fetch-Site: same-site
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:19:32 UTC333OUTData Raw: 7b 22 70 75 62 6c 69 73 68 65 64 46 6f 72 6d 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 61 73 73 65 74 73 2d 75 73 61 2e 6d 6b 74 2e 64 79 6e 61 6d 69 63 73 2e 63 6f 6d 2f 38 65 61 66 64 34 35 38 2d 66 38 33 37 2d 65 66 31 31 2d 38 65 34 62 2d 30 30 32 32 34 38 32 61 61 63 32 63 2f 64 69 67 69 74 61 6c 61 73 73 65 74 73 2f 73 74 61 6e 64 61 6c 6f 6e 65 66 6f 72 6d 73 2f 65 64 36 63 63 34 37 39 2d 63 63 33 38 2d 65 66 31 31 2d 38 34 30 39 2d 37 63 31 65 35 32 30 62 61 34 39 39 22 2c 22 66 69 65 6c 64 73 22 3a 5b 7b 22 6b 65 79 22 3a 22 6d 73 5f 63 61 70 74 63 68 61 5f 73 6f 6c 75 74 69 6f 6e 22 2c 22 76 61 6c 75 65 22 3a 22 22 7d 2c 7b 22 6b 65 79 22 3a 22 6d 73 5f 63 61 70 74 63 68 61 5f 74 79 70 65 22 2c 22 76 61 6c 75 65 22 3a 22 76 69 73 75 61 6c 22 7d
                                                                                                  Data Ascii: {"publishedFormUrl":"https://assets-usa.mkt.dynamics.com/8eafd458-f837-ef11-8e4b-0022482aac2c/digitalassets/standaloneforms/ed6cc479-cc38-ef11-8409-7c1e520ba499","fields":[{"key":"ms_captcha_solution","value":""},{"key":"ms_captcha_type","value":"visual"}
                                                                                                  2024-07-03 19:19:33 UTC342INHTTP/1.1 400 Bad Request
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:19:33 GMT
                                                                                                  Content-Type: application/json; charset=utf-8
                                                                                                  Transfer-Encoding: chunked
                                                                                                  Connection: close
                                                                                                  Access-Control-Allow-Origin: https://assets-usa.mkt.dynamics.com
                                                                                                  x-ms-trace-id: ca606f42cda915ccec0a419e4a2057fe
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  2024-07-03 19:19:33 UTC78INData Raw: 34 33 0d 0a 7b 22 73 75 62 6d 69 73 73 69 6f 6e 53 74 61 74 75 73 22 3a 31 2c 22 65 72 72 6f 72 4d 65 73 73 61 67 65 22 3a 22 43 61 70 74 63 68 61 20 56 65 72 69 66 69 63 61 74 69 6f 6e 20 46 61 69 6c 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                  Data Ascii: 43{"submissionStatus":1,"errorMessage":"Captcha Verification Failed"}0


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  30192.168.2.54981452.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:19:34 UTC669OUTGET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/script?dc=EastUS&mkt=en&fid=bbf60dad-072f-44d9-a6e7-e0931f50c482&type=visual&c=1&rnd=0.5199867511130329 HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Accept: */*
                                                                                                  Sec-Fetch-Site: same-site
                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                  Sec-Fetch-Dest: script
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:19:34 UTC286INHTTP/1.1 200 OK
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:19:34 GMT
                                                                                                  Content-Type: application/javascript
                                                                                                  Content-Length: 23130
                                                                                                  Connection: close
                                                                                                  x-ms-trace-id: 5bc135de47cb8efcd23a109c6a7328d8
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff
                                                                                                  2024-07-03 19:19:34 UTC16098INData Raw: 76 61 72 20 47 65 74 57 4c 53 50 48 49 50 30 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 6f 20 3d 20 63 3b 76 61 72 20 72 20 3d 20 6f 2e 52 65 6e 64 65 72 65 72 28 61 72 67 75 6d 65 6e 74 73 29 3b 72 65 74 75 72 6e 20 72 3b 7d 3b 76 61 72 20 57 4c 53 50 48 49 50 30 3d 47 65 74 57 4c 53 50 48 49 50 30 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 70 3d 22 52 65 6e 64 65 72 65 72 22 2c 69 3d 7b 7d 2c 61 3d 7b 7d 2c 63 3d 7b 7d 2c 65 3d 7b 7d 2c 66 3d 7b 7d 2c 71 3d 7b 7d 2c 62 3d 7b 7d 2c 68 3d 7b 7d 2c 67 3d 7b 7d 2c 6e 3d 7b 7d 2c 64 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 6c 28 29 7b 69 66 28 62 28 61 29 29 7b 61 6c 65 72 74 28 22 6d 69 73 73 69 6e 67 20 63 6c 69 65 6e 74 20 48 49 50 20 6f 62 6a 65 63 74 22 29 3b 72 65 74 75 72 6e 20 66 61 6c
                                                                                                  Data Ascii: var GetWLSPHIP0=function(c){var o = c;var r = o.Renderer(arguments);return r;};var WLSPHIP0=GetWLSPHIP0((function(){var p="Renderer",i={},a={},c={},e={},f={},q={},b={},h={},g={},n={},d={};function l(){if(b(a)){alert("missing client HIP object");return fal
                                                                                                  2024-07-03 19:19:34 UTC7032INData Raw: 43 68 69 6c 64 28 68 29 7d 67 28 61 2e 68 6f 6c 64 65 72 29 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 63 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 6e 28 62 2c 63 29 7b 2b 2b 61 2e 63 6f 75 6e 74 3b 69 66 28 21 64 28 63 29 29 61 2e 64 61 74 61 43 65 6e 74 65 72 3d 63 3b 65 6c 73 65 20 69 66 28 21 64 28 62 29 29 7b 76 61 72 20 65 3d 62 2e 69 6e 64 65 78 4f 66 28 22 2e 22 29 3b 69 66 28 65 21 3d 2d 31 29 61 2e 64 61 74 61 43 65 6e 74 65 72 3d 62 2e 73 75 62 73 74 72 69 6e 67 28 30 2c 65 29 7d 69 66 28 21 64 28 62 29 29 61 2e 75 72 6c 46 69 64 3d 62 3b 69 66 28 21 64 28 62 29 7c 7c 21 64 28 63 29 29 61 2e 63 6f 6d 65 69 6e 55 52 4c 3d 61 2e 63 6f 6e 73 74 72 75 63 74 55 52 4c 28 29 3b 72 65 74 75 72 6e 20 61 2e 63 6f 6d 65 69 6e 55 52 4c 2b 22 26 74 79 70 65 3d 22 2b
                                                                                                  Data Ascii: Child(h)}g(a.holder).appendChild(c)}}function n(b,c){++a.count;if(!d(c))a.dataCenter=c;else if(!d(b)){var e=b.indexOf(".");if(e!=-1)a.dataCenter=b.substring(0,e)}if(!d(b))a.urlFid=b;if(!d(b)||!d(c))a.comeinURL=a.constructURL();return a.comeinURL+"&type="+


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  31192.168.2.54981552.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:19:35 UTC733OUTGET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=bbf60dad-072f-44d9-a6e7-e0931f50c482&rnd=bfb5869cd5d147faa63611d80225b568&market=en HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                  Sec-Fetch-Site: same-site
                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                  Sec-Fetch-Dest: image
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:19:35 UTC273INHTTP/1.1 200 OK
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:19:35 GMT
                                                                                                  Content-Type: image/jpeg
                                                                                                  Content-Length: 7222
                                                                                                  Connection: close
                                                                                                  x-ms-trace-id: 7bbd8f8c4aa4b0b70cd19a82de577818
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff
                                                                                                  2024-07-03 19:19:35 UTC7222INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08 00 60 00 d8 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08
                                                                                                  Data Ascii: JFIF``CC`"}!1AQa"q2


                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                  32192.168.2.54981652.146.76.304434676C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  TimestampBytes transferredDirectionData
                                                                                                  2024-07-03 19:19:36 UTC534OUTGET /api/v1.0/orgs/8eafd458-f837-ef11-8e4b-0022482aac2c/landingpageforms/captcha/challenge/visual?flowId=bbf60dad-072f-44d9-a6e7-e0931f50c482&rnd=bfb5869cd5d147faa63611d80225b568&market=en HTTP/1.1
                                                                                                  Host: public-usa.mkt.dynamics.com
                                                                                                  Connection: keep-alive
                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                  Accept: */*
                                                                                                  Sec-Fetch-Site: none
                                                                                                  Sec-Fetch-Mode: cors
                                                                                                  Sec-Fetch-Dest: empty
                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                  2024-07-03 19:19:36 UTC273INHTTP/1.1 200 OK
                                                                                                  Server: nginx
                                                                                                  Date: Wed, 03 Jul 2024 19:19:36 GMT
                                                                                                  Content-Type: image/jpeg
                                                                                                  Content-Length: 7070
                                                                                                  Connection: close
                                                                                                  x-ms-trace-id: 50d3d0b0575eec1c947f98a0aaec2c0b
                                                                                                  Strict-Transport-Security: max-age=2592000; preload
                                                                                                  x-content-type-options: nosniff
                                                                                                  2024-07-03 19:19:36 UTC7070INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08 00 60 00 d8 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08
                                                                                                  Data Ascii: JFIF``CC`"}!1AQa"q2


                                                                                                  Statistics

                                                                                                  CPU Usage

                                                                                                  Click to jump to process

                                                                                                  Memory Usage

                                                                                                  Click to jump to process

                                                                                                  High Level Behavior Distribution

                                                                                                  Click to dive into process behavior distribution

                                                                                                  Behavior

                                                                                                  Click to jump to process

                                                                                                  System Behavior

                                                                                                  General

                                                                                                  Target ID:0
                                                                                                  Start time:15:16:40
                                                                                                  Start date:03/07/2024
                                                                                                  Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                  Wow64 process (32bit):false
                                                                                                  Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\URBAN CORPS.pdf"
                                                                                                  Imagebase:0x7ff686a00000
                                                                                                  File size:5'641'176 bytes
                                                                                                  MD5 hash:24EAD1C46A47022347DC0F05F6EFBB8C
                                                                                                  Has elevated privileges:true
                                                                                                  Has administrator privileges:true
                                                                                                  Programmed in:C, C++ or other language
                                                                                                  Reputation:moderate
                                                                                                  Has exited:true

                                                                                                  General

                                                                                                  Target ID:2
                                                                                                  Start time:15:16:40
                                                                                                  Start date:03/07/2024
                                                                                                  Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  Wow64 process (32bit):false
                                                                                                  Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
                                                                                                  Imagebase:0x7ff6413e0000
                                                                                                  File size:3'581'912 bytes
                                                                                                  MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                                                                                  Has elevated privileges:true
                                                                                                  Has administrator privileges:true
                                                                                                  Programmed in:C, C++ or other language
                                                                                                  Reputation:moderate
                                                                                                  Has exited:true

                                                                                                  General

                                                                                                  Target ID:4
                                                                                                  Start time:15:16:41
                                                                                                  Start date:03/07/2024
                                                                                                  Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                  Wow64 process (32bit):false
                                                                                                  Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2104 --field-trial-handle=1740,i,16772849399050595403,9305864139534860805,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
                                                                                                  Imagebase:0x7ff6413e0000
                                                                                                  File size:3'581'912 bytes
                                                                                                  MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                                                                                  Has elevated privileges:true
                                                                                                  Has administrator privileges:true
                                                                                                  Programmed in:C, C++ or other language
                                                                                                  Reputation:moderate
                                                                                                  Has exited:true

                                                                                                  General

                                                                                                  Target ID:8
                                                                                                  Start time:15:17:05
                                                                                                  Start date:03/07/2024
                                                                                                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  Wow64 process (32bit):false
                                                                                                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://forms.office.com/r/4i3EYM0R1S"
                                                                                                  Imagebase:0x7ff715980000
                                                                                                  File size:3'242'272 bytes
                                                                                                  MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                  Has elevated privileges:true
                                                                                                  Has administrator privileges:true
                                                                                                  Programmed in:C, C++ or other language
                                                                                                  Reputation:high
                                                                                                  Has exited:false

                                                                                                  General

                                                                                                  Target ID:9
                                                                                                  Start time:15:17:05
                                                                                                  Start date:03/07/2024
                                                                                                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  Wow64 process (32bit):false
                                                                                                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1988,i,14556554370102153334,10441946139869340800,262144 /prefetch:8
                                                                                                  Imagebase:0x7ff715980000
                                                                                                  File size:3'242'272 bytes
                                                                                                  MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                  Has elevated privileges:true
                                                                                                  Has administrator privileges:true
                                                                                                  Programmed in:C, C++ or other language
                                                                                                  Reputation:high
                                                                                                  Has exited:false

                                                                                                  Disassembly

                                                                                                  No disassembly