Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://rules-pear-kft5d2.mystrikingly.com/

Overview

General Information

Sample URL:https://rules-pear-kft5d2.mystrikingly.com/
Analysis ID:1467915
Infos:
Errors
  • URL not reachable

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 3496 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6020 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 --field-trial-handle=2164,i,10644117303354091039,2518522412267785527,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6448 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://rules-pear-kft5d2.mystrikingly.com/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://rules-pear-kft5d2.mystrikingly.com/Avira URL Cloud: detection malicious, Label: malware
Source: https://rules-pear-kft5d2.mystrikingly.com/SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering
Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: rules-pear-kft5d2.mystrikingly.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /themes/glow/main_v4.21abecd37ebeca3fbae1.bundle.css HTTP/1.1Host: static-assets.strikinglycdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://rules-pear-kft5d2.mystrikingly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /css?family=Montserrat:400,700|Roboto:300,700,300italic,700italic&subset=latin,latin-ext&display=swap HTTP/1.1Host: static-fonts-css.strikinglycdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: fontReferer: https://rules-pear-kft5d2.mystrikingly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/fb_images/default.png HTTP/1.1Host: static-assets.strikinglycdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rules-pear-kft5d2.mystrikingly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /res/hrscywv4p/image/upload/c_limit,fl_lossy,h_300,w_300,f_auto,q_auto/16631263/456324_931227.png HTTP/1.1Host: custom-images.strikinglycdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rules-pear-kft5d2.mystrikingly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /res/hrscywv4p/image/upload/c_limit,fl_lossy,h_300,w_300,f_auto,q_auto/16631263/456324_931227.png HTTP/1.1Host: custom-images.strikinglycdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/fb_images/default.png HTTP/1.1Host: static-assets.strikinglycdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /detectIE-c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4.js HTTP/1.1Host: static-assets.strikinglycdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rules-pear-kft5d2.mystrikingly.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: rules-pear-kft5d2.mystrikingly.com
Source: global trafficDNS traffic detected: DNS query: static-fonts-css.strikinglycdn.com
Source: global trafficDNS traffic detected: DNS query: static-assets.strikinglycdn.com
Source: global trafficDNS traffic detected: DNS query: custom-images.strikinglycdn.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WRhyzbi.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc-CsTKlA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc0CsTKlA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc1CsTKlA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc2CsTKlA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc3CsTKlA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc5CsTKlA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic0CsTKlA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic1CsTKlA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic2CsTKlA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic3CsTKlA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic5CsTKlA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_36.2.drString found in binary or memory: https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: classification engineClassification label: mal48.win@16/12@14/8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 --field-trial-handle=2164,i,10644117303354091039,2518522412267785527,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://rules-pear-kft5d2.mystrikingly.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 --field-trial-handle=2164,i,10644117303354091039,2518522412267785527,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://rules-pear-kft5d2.mystrikingly.com/100%Avira URL Cloudmalware
https://rules-pear-kft5d2.mystrikingly.com/100%SlashNextCredential Stealing type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WRhyzbi.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic5CsTKlA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)0%Avira URL Cloudsafe
https://static-assets.strikinglycdn.com/detectIE-c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4.js0%Avira URL Cloudsafe
https://custom-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_300,w_300,f_auto,q_auto/16631263/456324_931227.png0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc0CsTKlA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc1CsTKlA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc3CsTKlA.woff2)0%Avira URL Cloudsafe
https://static-assets.strikinglycdn.com/themes/glow/main_v4.21abecd37ebeca3fbae1.bundle.css0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc-CsTKlA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc2CsTKlA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic3CsTKlA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2)0%Avira URL Cloudsafe
https://static-fonts-css.strikinglycdn.com/css?family=Montserrat:400,700|Roboto:300,700,300italic,700italic&subset=latin,latin-ext&display=swap0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic2CsTKlA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic1CsTKlA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic0CsTKlA.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)0%Avira URL Cloudsafe
https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc5CsTKlA.woff2)0%Avira URL Cloudsafe
https://static-assets.strikinglycdn.com/images/fb_images/default.png0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
d1zzi8yv54jueq.cloudfront.net
13.32.27.122
truefalse
    		unknown
    bg.microsoft.map.fastly.net
    		199.232.214.172
    		truefalse
      		unknown
      dy7t0zkjx7o42.cloudfront.net
      		18.164.68.71
      		truefalse
        		unknown
        dukt9g6vj8lpb.cloudfront.net
        		52.84.150.43
        		truefalse
          		unknown
          www.google.com
          		142.250.185.100
          		truefalse
            		unknown
            d29twgdo50231s.cloudfront.net
            		143.204.176.115
            		truefalse
              		unknown
              fp2e7a.wpc.phicdn.net
              		192.229.221.95
              		truefalse
                		unknown
                rules-pear-kft5d2.mystrikingly.com
                		unknown
                		unknownfalse
                  		unknown
                  static-assets.strikinglycdn.com
                  		unknown
                  		unknownfalse
                    		unknown
                    custom-images.strikinglycdn.com
                    		unknown
                    		unknownfalse
                      		unknown
                      static-fonts-css.strikinglycdn.com
                      		unknown
                      		unknownfalse
                        		unknown

                        Contacted URLs

                        NameMaliciousAntivirus DetectionReputation
                        https://rules-pear-kft5d2.mystrikingly.com/true
                          		unknown
                          https://static-assets.strikinglycdn.com/detectIE-c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4.jsfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://custom-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_300,w_300,f_auto,q_auto/16631263/456324_931227.pngfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-assets.strikinglycdn.com/themes/glow/main_v4.21abecd37ebeca3fbae1.bundle.cssfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts-css.strikinglycdn.com/css?family=Montserrat:400,700|Roboto:300,700,300italic,700italic&subset=latin,latin-ext&display=swapfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-assets.strikinglycdn.com/images/fb_images/default.pngfalse
                          • Avira URL Cloud: safe
                          		unknown

                          URLs from Memory and Binaries

                          NameSourceMaliciousAntivirus DetectionReputation
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WRhyzbi.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic5CsTKlA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc0CsTKlA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc1CsTKlA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc3CsTKlA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc-CsTKlA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc2CsTKlA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic3CsTKlA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic2CsTKlA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic1CsTKlA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic0CsTKlA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://static-fonts.strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc5CsTKlA.woff2)chromecache_36.2.drfalse
                          • Avira URL Cloud: safe
                          		unknown

                          World Map of Contacted IPs

                          • No. of IPs < 25%
                          • 25% < No. of IPs < 50%
                          • 50% < No. of IPs < 75%
                          • 75% < No. of IPs

                          Public IPs

                          IPDomainCountryFlagASNASN NameMalicious
                          18.239.69.60
                          		unknownUnited States
                          		16509AMAZON-02USfalse
                          239.255.255.250
                          		unknownReserved
                          		unknownunknownfalse
                          52.84.150.43
                          		dukt9g6vj8lpb.cloudfront.netUnited States
                          		16509AMAZON-02USfalse
                          13.32.27.122
                          		d1zzi8yv54jueq.cloudfront.netUnited States
                          		7018ATT-INTERNET4USfalse
                          18.164.68.71
                          		dy7t0zkjx7o42.cloudfront.netUnited States
                          		3MIT-GATEWAYSUSfalse
                          143.204.176.115
                          		d29twgdo50231s.cloudfront.netUnited States
                          		16509AMAZON-02USfalse
                          142.250.185.100
                          		www.google.comUnited States
                          		15169GOOGLEUSfalse

                          Private

                          IP
                          192.168.2.4

                          General Information

                          Joe Sandbox version:40.0.0 Tourmaline
                          Analysis ID:1467915
                          Start date and time:2024-07-05 00:59:45 +02:00
                          Joe Sandbox product:CloudBasic
                          Overall analysis duration:0h 1m 52s
                          Hypervisor based Inspection enabled:false
                          Report type:full
                          Cookbook file name:browseurl.jbs
                          Sample URL:https://rules-pear-kft5d2.mystrikingly.com/
                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                          Number of analysed new started processes analysed:5
                          Number of new started drivers analysed:0
                          Number of existing processes analysed:0
                          Number of existing drivers analysed:0
                          Number of injected processes analysed:0
                          Technologies:
                          • HCA enabled
                          • EGA enabled
                          • AMSI enabled
                          Analysis Mode:default
                          Analysis stop reason:Timeout
                          Detection:MAL
                          Classification:mal48.win@16/12@14/8
                          EGA Information:Failed
                          HCA Information:
                          • Successful, ratio: 100%
                          • Number of executed functions: 0
                          • Number of non-executed functions: 0
                          Cookbook Comments:
                          • URL browsing timeout or error

                          Errors

                          • URL not reachable

                          Warnings

                          • Exclude process from analysis (whitelisted): SIHClient.exe, svchost.exe
                          • Excluded IPs from analysis (whitelisted): 142.250.185.99, 64.233.184.84, 142.250.184.238, 34.104.35.123, 23.211.4.90, 20.12.23.50, 199.232.214.172, 192.229.221.95, 13.85.23.206
                          • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, e16604.g.akamaiedge.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, clients.l.google.com, prod.fs.microsoft.com.akadns.net, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
                          • Not all processes where analyzed, report is missing behavior information
                          • Report size getting too big, too many NtSetInformationFile calls found.
                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                          • VT rate limit hit for: https://rules-pear-kft5d2.mystrikingly.com/

                          Simulations

                          Behavior and APIs

                          No simulations

                          Joe Sandbox View / Context

                          IPs

                          No context

                          Domains

                          No context

                          ASNs

                          No context

                          JA3 Fingerprints

                          No context

                          Dropped Files

                          No context

                          Created / dropped Files

                          Chrome Cache Entry: 34

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 1200 x 1200, 4-bit colormap, non-interlaced
                          Category:dropped
                          Size (bytes):6992
                          Entropy (8bit):7.632584464217112
                          Encrypted:false
                          SSDEEP:192:nG7iWtsh4Pl6VW8EkCzDwMkBBYZAhBVDszf9mJu:nAiAFl6UwYDw3cehYf9ou
                          MD5:6A4CE874C3BCAD1CF569CD7C3A6EEA1A
                          SHA1:FE96F1D6059FD7F232CBCAE3C75D13A91288FCE0
                          SHA-256:98A0CACCA0D1FB08B998161B9E8262F857A6C9D5B2797B05F2AD1682D95CE158
                          SHA-512:18AF829F4346B6447451D980B45C6B35D08E9700A905D92B7C318388E2C62A46742B62AF506C481AC1E5A471FE64DDA7682F0E3A442C2A449E20F4F1BEBF1254
                          Malicious:false
                          Reputation:low
                          Preview:.PNG........IHDR....................!PLTE.x...............................IDATx....s..y.p....O\b..p...Nt"L%.s..:Jr.dEv.D8v).....s..,....Y..`E%....x...7.'...N$.....__................................................................................................................................................................................................................................................................................................................L..O....CA....w..QF...i..5.vN.q-...,........{X..Wu.|....W..#.R.................o..w..>_.k..0l.a......V...m..t.....T}.*f..t..{.W'...x.....{....B_..c.0.......N.-\..U...U......F....mv....5....zy..@.~...._.X.k.s.C.~...o...1..%.... .9.H...u[....g.....Z...}..Ow.+9.O.J<....|...i..+W....?y...c[...1.~..m..5....O..._.Y8S`.L..*?..[.q....h......f'...}e.....a....b..z.....k..a*..*.......uU.g..L'..(...J6.&.nv.....V3"c).;.'y..fV(Uxqf...).rl..y..U.).m...%.....h.k..w5+.7:.?.=.]O..`..s.d.J..../..

                          Chrome Cache Entry: 35

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 300x98, Scaling: [none]x[none], YUV color, decoders should clamp
                          Category:dropped
                          Size (bytes):2532
                          Entropy (8bit):7.915826601149609
                          Encrypted:false
                          SSDEEP:48:sdo8A+WEUYUq1WqnFbjarH7l0zleHseQF1wo9FtgqzMnkJxJNdZaoax5+994QAlo:setYU5qnVmrHqRlF1woztgsDJxJ1aZxa
                          MD5:5A2BBDC097843D685D21CEF0882853D3
                          SHA1:3654A08FBD51D88F46A20EC5EF23169DC939DB59
                          SHA-256:924C957FEDE7AB38037FCCE36841F4FB984A53CCCCB6D11B3C31743EF5FB78CF
                          SHA-512:9144502163ED28E38916A4CF4DE8F30502A30F0B6810DDA3044EDCCF36CA915CFA09E4F110D81A50C126687F07E31F615C9AD94A6D7F8B895FFD79F8A43420F4
                          Malicious:false
                          Reputation:low
                          Preview:RIFF....WEBPVP8 ....p8...*,.b.>1..C"!!.,.| ....n....._..6.......5.?.?&..|...._.u......O............'..Z.....w../..............V}_..7...'._..~er...P.b......X...zY..|.pC.ZJ.d.!#4..ys5IWvB(.....rIP.Q.".O..^IX..(..?a......).i\u.....R..Zx.R_....u.Zs..).r .X..h.tS..g ..(.......bxS...&...=F.E.]..(t..D......0P.6.m*.....*..i..J..;.l......9....Y...c3!.P...0..V.cxL.R4....%Q.8.....+... ....9.... .x..O#;.f..W'+.3&.=,{F.0.T+..a..~....T....OE.38p...)...4..v...$.J.,Z.......m..Z..Q....&..H. u".d...Sz[`}.h...WI..cvo,.n....-_,.n.'.o:..`.V..F..Y..N.....e..%gf@..9.*#JU.!^....3. ....1#&.3D..^)..u$..gM....H.. oQf.)"a.4Y...x....Z._hq.|.....*...............~....[.H._).........t.}7...u...<.-.p.[..)..l|*.../2...9|.S&...u....oY.gQ.oL.C..@.j.B]Bv'..bH...........e..W.d.y.qZ....|..9..K..5...{.v.bf^...9...TJ.E.=..R...i....o.[.t5...U.."3.8........"')..W.~<.%&..~.Y. ..v4z.d...d8...f..;H...$.[ r^......P.G..)..J-.....!;...m..........."...."....x....M.&8!R..o.u...9&^^.UG..Bq ..

                          Chrome Cache Entry: 36

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text
                          Category:downloaded
                          Size (bytes):13572
                          Entropy (8bit):5.445799048469965
                          Encrypted:false
                          SSDEEP:384:3vHOkdp3vuOhgM1gbOCgb1gbzgbnngbLgbsgbOMbTRCMbQMb2MbqnMb0MbxMbpb7:3fpdp3GMgMebMbebcbgbEb9bjbThb1bu
                          MD5:279D972A69392461120AC4B085E5CED9
                          SHA1:8D3EF7BAA8622620DCA965CC6EA580EC5C03D0E0
                          SHA-256:DBDB4C16D25F8DA64D6C9E9E12FA798962E14F6FB29E485950418D62853120C2
                          SHA-512:5662ADC3793BD786C36B46F680E6EF05424FEBD0428FF00FD37BEE169C4CB3838A066EC034C2279D52D0BCBC9BB653027F1DFD7782A68DA3F9261F4932D646C4
                          Malicious:false
                          Reputation:low
                          URL:"https://static-fonts-css.strikinglycdn.com/css?family=Montserrat:400,700|Roboto:300,700,300italic,700italic&subset=latin,latin-ext&display=swap"
                          Preview:/* cyrillic-ext */.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WRhyzbi.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* vietnamese */.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-030

                          Chrome Cache Entry: 37

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:gzip compressed data, from Unix, original size modulo 2^32 1070242
                          Category:downloaded
                          Size (bytes):120458
                          Entropy (8bit):7.997521191802403
                          Encrypted:true
                          SSDEEP:3072:dyClvuShTh92/4wRluUq541uYi71Hj83fO/fh6MzXj5vOqx:d9lvJRhoQ44U5u/ZD83W/IMzjcqx
                          MD5:C459F393D681752D8D4115AAAA5ED7F7
                          SHA1:E01C75B32B82CCFF81620206C2A559493153D843
                          SHA-256:A06F8A527512ECBDA680626061E35DC2016641F32B1F6ADCA9115BBA34025DAB
                          SHA-512:29E8F2C3DBEDD3440CA4284E5A4F1325BCFC5542D0FF42B2CD6718FDEE8436FF3F23B4B9F8EDE840390C4217A0FA760DEE98D9676E03EC58DF76270F875A01CA
                          Malicious:false
                          Reputation:low
                          URL:https://static-assets.strikinglycdn.com/themes/glow/main_v4.21abecd37ebeca3fbae1.bundle.css
                          Preview:...........]..H..........3*V.X.`...H#.j..1<..A...s8..XC...W....d......0l...I.l......X......L23..".X....w.O%##########......7E...o.D.7q....,.|;.....G_c....@k...M.5..c..i....)...a..Y..=b..>.O..0.PqH.r.....0Z..8.Vh[=~....{....."...l....y....<.<Z..b.%...>....pm...y..J?-........O.N.D.....M..|..wy.%.......'.Y.+...X.U.n.4/6.....1f.n'{~..]...H.?-.(.>.R........P...t.....S...=.'..E.3.F...B.~g`..'.'..#]g.C.K...~....B!..fkL..O1...$.....[.8.f....H....qa.O...p..S,7X.........=.,....M.}6..6.......0AD.0..~.?.Goi.I(g5...C...z.Y..O..@.{.5/....A.?..."\......b...E.;.....%..X.",'T ..|b.C...z.d.+../........`>..D|...Y..Io..P....!,.h.(.W.......cIN.....m..5K..L...KH..A.$..~?..#*X..y>A?".`.x|.._.l..................KU.....+,f.A.n.(."{..r..'[<x......~.5.W~.0.DF.... 2I.-.....j.D...~.Z...#3.b..x...0#s4..}A.~.0..1...P..~.....Zv.x(N.8.1].%F..'.W.L.4.o>(.+..k2.D.,..I..y.BV.$...a...........r.CM..i...eY..,...&.m.I...x.Y...R...Nh..Oc/^.+..<.+.efb^...%..X(r},..k..r..m?u.;.0...v

                          Chrome Cache Entry: 38

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 1200 x 1200, 4-bit colormap, non-interlaced
                          Category:downloaded
                          Size (bytes):6992
                          Entropy (8bit):7.632584464217112
                          Encrypted:false
                          SSDEEP:192:nG7iWtsh4Pl6VW8EkCzDwMkBBYZAhBVDszf9mJu:nAiAFl6UwYDw3cehYf9ou
                          MD5:6A4CE874C3BCAD1CF569CD7C3A6EEA1A
                          SHA1:FE96F1D6059FD7F232CBCAE3C75D13A91288FCE0
                          SHA-256:98A0CACCA0D1FB08B998161B9E8262F857A6C9D5B2797B05F2AD1682D95CE158
                          SHA-512:18AF829F4346B6447451D980B45C6B35D08E9700A905D92B7C318388E2C62A46742B62AF506C481AC1E5A471FE64DDA7682F0E3A442C2A449E20F4F1BEBF1254
                          Malicious:false
                          Reputation:low
                          URL:https://static-assets.strikinglycdn.com/images/fb_images/default.png
                          Preview:.PNG........IHDR....................!PLTE.x...............................IDATx....s..y.p....O\b..p...Nt"L%.s..:Jr.dEv.D8v).....s..,....Y..`E%....x...7.'...N$.....__................................................................................................................................................................................................................................................................................................................L..O....CA....w..QF...i..5.vN.q-...,........{X..Wu.|....W..#.R.................o..w..>_.k..0l.a......V...m..t.....T}.*f..t..{.W'...x.....{....B_..c.0.......N.-\..U...U......F....mv....5....zy..@.~...._.X.k.s.C.~...o...1..%.... .9.H...u[....g.....Z...}..Ow.+9.O.J<....|...i..+W....?y...c[...1.~..m..5....O..._.Y8S`.L..*?..[.q....h......f'...}e.....a....b..z.....k..a*..*.......uU.g..L'..(...J6.&.nv.....V3"c).;.'y..fV(Uxqf...).rl..y..U.).m...%.....h.k..w5+.7:.?.=.]O..`..s.d.J..../..

                          Chrome Cache Entry: 39

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 300x98, Scaling: [none]x[none], YUV color, decoders should clamp
                          Category:downloaded
                          Size (bytes):2532
                          Entropy (8bit):7.915826601149609
                          Encrypted:false
                          SSDEEP:48:sdo8A+WEUYUq1WqnFbjarH7l0zleHseQF1wo9FtgqzMnkJxJNdZaoax5+994QAlo:setYU5qnVmrHqRlF1woztgsDJxJ1aZxa
                          MD5:5A2BBDC097843D685D21CEF0882853D3
                          SHA1:3654A08FBD51D88F46A20EC5EF23169DC939DB59
                          SHA-256:924C957FEDE7AB38037FCCE36841F4FB984A53CCCCB6D11B3C31743EF5FB78CF
                          SHA-512:9144502163ED28E38916A4CF4DE8F30502A30F0B6810DDA3044EDCCF36CA915CFA09E4F110D81A50C126687F07E31F615C9AD94A6D7F8B895FFD79F8A43420F4
                          Malicious:false
                          Reputation:low
                          URL:"https://custom-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_300,w_300,f_auto,q_auto/16631263/456324_931227.png"
                          Preview:RIFF....WEBPVP8 ....p8...*,.b.>1..C"!!.,.| ....n....._..6.......5.?.?&..|...._.u......O............'..Z.....w../..............V}_..7...'._..~er...P.b......X...zY..|.pC.ZJ.d.!#4..ys5IWvB(.....rIP.Q.".O..^IX..(..?a......).i\u.....R..Zx.R_....u.Zs..).r .X..h.tS..g ..(.......bxS...&...=F.E.]..(t..D......0P.6.m*.....*..i..J..;.l......9....Y...c3!.P...0..V.cxL.R4....%Q.8.....+... ....9.... .x..O#;.f..W'+.3&.=,{F.0.T+..a..~....T....OE.38p...)...4..v...$.J.,Z.......m..Z..Q....&..H. u".d...Sz[`}.h...WI..cvo,.n....-_,.n.'.o:..`.V..F..Y..N.....e..%gf@..9.*#JU.!^....3. ....1#&.3D..^)..u$..gM....H.. oQf.)"a.4Y...x....Z._hq.|.....*...............~....[.H._).........t.}7...u...<.-.p.[..)..l|*.../2...9|.S&...u....oY.gQ.oL.C..@.j.B]Bv'..bH...........e..W.d.y.qZ....|..9..K..5...{.v.bf^...9...TJ.E.=..R...i....o.[.t5...U.."3.8........"')..W.~<.%&..~.Y. ..v4z.d...d8...f..;H...$.[ r^......P.G..)..J-.....!;...m..........."...."....x....M.&8!R..o.u...9&^^.UG..Bq ..

                          Chrome Cache Entry: 40

                          Download File
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:gzip compressed data, from Unix, original size modulo 2^32 2142
                          Category:downloaded
                          Size (bytes):1094
                          Entropy (8bit):7.8547577495232686
                          Encrypted:false
                          SSDEEP:24:XQnnE1CkL9+KNe/ZAtWHl3tidXHSvk7eVCLolxOjTQopl1j:XQnEV+KNe/uUUHSsTcxOXB
                          MD5:1A1CCB664791DD666F6F567C685DCC6C
                          SHA1:F84B457C4725BFE17A4D390CD3D6191993B2C83A
                          SHA-256:97D27ACF3F28AC1DCDEEFC731A237A7B7C437A930D8D9DB5620DC10552C06A68
                          SHA-512:B0BAB714F0E16855C93B76293B92BD18D42A51BD0289AD1CE140E1D419364BFFA88EFA72FCB027777D380587EDED83E874F7DA930990D57640CFC42E2EFC12A4
                          Malicious:false
                          Reputation:low
                          URL:https://static-assets.strikinglycdn.com/detectIE-c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4.js
                          Preview:...........U..D....[.k#.I.....P.J..C<T.'..6....4....$.x...ju. ^....k....`....w...(...o~3..Jg S.t....(|8d..d......0.=p..1...fb?U....+.!7.f$.k.o....n-.d...X....q4.<7.}_.3@.yW...X.4ik54..U....7.p.$.*.-.!.>.jyOi......E.z...\i..3....{i.d00u.-O...jccu}c......lD..|.4._.?'...?O........?.=...../..8........./O.{..g/.....?..!...C..SY.z...Peuss.......g/.~9....'.K...5..2U;P.FP).X...:....!I.3&.......A.P]b....*c..c....q..6..B..1..N..#..#.b.f.AW...T...7a...Mb2..Ed..VL.tlD..xl+kU?".|.....L..B. -.n....9.2,)"7...%m`.#@.5.EW.Z....Ln..*Z..S....NBk..0.J,.]...o.&..v..7..m..C.s.a..o,...t...&.$h.:..!....B\....q..wnSo%A...Cq...Q>{C..`.I./...S./<.E.8t..IY.4I.....y.....2^D....o.....<_;NI.!t.#H].!.<_.i.w.ug.a..1r......c..5-.p.h.....@x.quC.\...p-_X....7..w....u.^(@vmoV.O.J.m..Ra..CUS>..J..&..1.fh.l..,.Af..5.R...`.o...\}q..T...k.H.q...R...Qb`.z...I{.9M/....&..|..8....b..Z..V.Ms.........<?;Og....QI....t.G..e#..{*.y.=./....6.I.g....v.a.S#.z..\ox.W,.c...,...(.!

                          Static File Info

                          No static file info

                          Network Behavior

                          Network Port Distribution

                          TCP Packets

                          TimestampSource PortDest PortSource IPDest IP
                          Jul 5, 2024 01:00:27.583317041 CEST49678443192.168.2.4104.46.162.224
                          Jul 5, 2024 01:00:28.130306005 CEST49675443192.168.2.4173.222.162.32
                          Jul 5, 2024 01:00:39.406439066 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:39.406483889 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:39.406557083 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:39.406737089 CEST49736443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:39.406744003 CEST4434973652.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:39.406800032 CEST49736443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:39.406913042 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:39.406924963 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:39.407128096 CEST49736443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:39.407135963 CEST4434973652.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:40.007950068 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:40.008765936 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:40.008793116 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:40.009772062 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:40.009854078 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:40.010335922 CEST4434973652.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:40.010536909 CEST49736443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:40.010545015 CEST4434973652.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:40.010777950 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:40.010837078 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:40.010941029 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:40.010946989 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:40.011557102 CEST4434973652.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:40.011616945 CEST49736443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:40.012478113 CEST49736443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:40.012542009 CEST4434973652.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:40.051942110 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:40.058238983 CEST49736443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:40.058245897 CEST4434973652.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:40.103277922 CEST49736443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.268738985 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.268767118 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.268774986 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.268807888 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.268836975 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.268851995 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.268872976 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.268892050 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.268914938 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.280035019 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.280052900 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.280080080 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.280124903 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.280139923 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.280282021 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.284974098 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.284992933 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.285049915 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.285062075 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.285078049 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.289302111 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.289344072 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.289382935 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.289393902 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.289424896 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.289921999 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.289975882 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.289983034 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.290029049 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.291311979 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.291379929 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.291387081 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.291457891 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.291501045 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.297684908 CEST49735443192.168.2.452.84.150.43
                          Jul 5, 2024 01:00:41.297708988 CEST4434973552.84.150.43192.168.2.4
                          Jul 5, 2024 01:00:41.349649906 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:41.349678040 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:41.349742889 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:41.349843979 CEST49740443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:41.349941969 CEST4434974018.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:41.350029945 CEST49740443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:41.350275993 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:41.350287914 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:41.356093884 CEST49741443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:41.356123924 CEST4434974113.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:41.356190920 CEST49741443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:41.356889963 CEST49740443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:41.356931925 CEST4434974018.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:41.357180119 CEST49741443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:41.357206106 CEST4434974113.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:41.357680082 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:41.357713938 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:41.357762098 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:41.359837055 CEST49743443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:41.359867096 CEST44349743143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:41.359918118 CEST49743443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:41.360415936 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:41.360431910 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:41.360934019 CEST49743443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:41.360948086 CEST44349743143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:41.682693005 CEST49744443192.168.2.4142.250.185.100
                          Jul 5, 2024 01:00:41.682737112 CEST44349744142.250.185.100192.168.2.4
                          Jul 5, 2024 01:00:41.682811022 CEST49744443192.168.2.4142.250.185.100
                          Jul 5, 2024 01:00:41.683208942 CEST49744443192.168.2.4142.250.185.100
                          Jul 5, 2024 01:00:41.683231115 CEST44349744142.250.185.100192.168.2.4
                          Jul 5, 2024 01:00:42.062120914 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.062361002 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:42.062407017 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:42.062431097 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.062568903 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:42.062582970 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:42.063452005 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.063508034 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:42.063641071 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:42.063689947 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:42.064285994 CEST44349743143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:42.064460993 CEST49743443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:42.064486027 CEST44349743143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:42.065558910 CEST44349743143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:42.065612078 CEST49743443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:42.083146095 CEST4434974018.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.083581924 CEST49740443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:42.083648920 CEST4434974018.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.084723949 CEST4434974018.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.084796906 CEST49740443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:42.135683060 CEST4434974113.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:42.135905027 CEST49741443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:42.135946989 CEST4434974113.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:42.136945009 CEST4434974113.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:42.137010098 CEST49741443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:42.289474964 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:42.289568901 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.289633989 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:42.289649963 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.291014910 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:42.291169882 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:42.291194916 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:42.291426897 CEST49743443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:42.291569948 CEST44349743143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:42.292213917 CEST49740443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:42.292335987 CEST4434974018.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.292351007 CEST49740443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:42.292468071 CEST49741443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:42.292536020 CEST4434974113.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:42.292711020 CEST49741443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:42.292764902 CEST4434974113.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:42.332503080 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:42.332523108 CEST4434974018.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.333077908 CEST49743443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:42.333082914 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:42.333089113 CEST44349743143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:42.333127022 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:42.333137035 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:42.333137989 CEST49740443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:42.333137989 CEST49741443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:42.333164930 CEST4434974018.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.341773033 CEST44349744142.250.185.100192.168.2.4
                          Jul 5, 2024 01:00:42.372143984 CEST49744443192.168.2.4142.250.185.100
                          Jul 5, 2024 01:00:42.372200966 CEST44349744142.250.185.100192.168.2.4
                          Jul 5, 2024 01:00:42.373191118 CEST44349744142.250.185.100192.168.2.4
                          Jul 5, 2024 01:00:42.373260021 CEST49744443192.168.2.4142.250.185.100
                          Jul 5, 2024 01:00:42.374412060 CEST49744443192.168.2.4142.250.185.100
                          Jul 5, 2024 01:00:42.374474049 CEST44349744142.250.185.100192.168.2.4
                          Jul 5, 2024 01:00:42.379990101 CEST49743443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:42.379998922 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:42.380017996 CEST49740443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:42.426836014 CEST49744443192.168.2.4142.250.185.100
                          Jul 5, 2024 01:00:42.426870108 CEST44349744142.250.185.100192.168.2.4
                          Jul 5, 2024 01:00:42.465240955 CEST4434974018.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.468224049 CEST4434974018.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.468233109 CEST4434974018.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.468296051 CEST49740443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:42.468303919 CEST4434974018.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.468350887 CEST49740443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:42.473706961 CEST49744443192.168.2.4142.250.185.100
                          Jul 5, 2024 01:00:42.511384964 CEST4434974113.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:42.511406898 CEST4434974113.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:42.511451960 CEST49741443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:42.511478901 CEST4434974113.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:42.511508942 CEST4434974113.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:42.511558056 CEST49741443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:42.526380062 CEST49741443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:42.526431084 CEST4434974113.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:42.532659054 CEST49740443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:42.532679081 CEST4434974018.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:42.599124908 CEST49745443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:42.599170923 CEST4434974513.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:42.599330902 CEST49745443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:42.599800110 CEST49745443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:42.599816084 CEST4434974513.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:42.608417034 CEST49746443192.168.2.418.239.69.60
                          Jul 5, 2024 01:00:42.608444929 CEST4434974618.239.69.60192.168.2.4
                          Jul 5, 2024 01:00:42.608761072 CEST49746443192.168.2.418.239.69.60
                          Jul 5, 2024 01:00:42.610649109 CEST49746443192.168.2.418.239.69.60
                          Jul 5, 2024 01:00:42.610661983 CEST4434974618.239.69.60192.168.2.4
                          Jul 5, 2024 01:00:43.357544899 CEST4434974513.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:43.357784033 CEST49745443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:43.357805967 CEST4434974513.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:43.358679056 CEST4434974513.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:43.358742952 CEST49745443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:43.359091997 CEST49745443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:43.359149933 CEST4434974513.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:43.359239101 CEST49745443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:43.366689920 CEST4434974618.239.69.60192.168.2.4
                          Jul 5, 2024 01:00:43.366885900 CEST49746443192.168.2.418.239.69.60
                          Jul 5, 2024 01:00:43.366903067 CEST4434974618.239.69.60192.168.2.4
                          Jul 5, 2024 01:00:43.367889881 CEST4434974618.239.69.60192.168.2.4
                          Jul 5, 2024 01:00:43.368010044 CEST49746443192.168.2.418.239.69.60
                          Jul 5, 2024 01:00:43.368351936 CEST49746443192.168.2.418.239.69.60
                          Jul 5, 2024 01:00:43.368351936 CEST49746443192.168.2.418.239.69.60
                          Jul 5, 2024 01:00:43.368407011 CEST4434974618.239.69.60192.168.2.4
                          Jul 5, 2024 01:00:43.368895054 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.368917942 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.368925095 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.368954897 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.368994951 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.369019985 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.369046926 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.370929003 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.371090889 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.371098042 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.400501013 CEST4434974513.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:43.411209106 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.411212921 CEST49746443192.168.2.418.239.69.60
                          Jul 5, 2024 01:00:43.411220074 CEST49745443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:43.411226034 CEST4434974618.239.69.60192.168.2.4
                          Jul 5, 2024 01:00:43.411231995 CEST4434974513.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:43.428113937 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:43.428137064 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:43.428271055 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:43.428280115 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:43.428535938 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:43.429487944 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:43.429496050 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:43.429537058 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:43.429549932 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:43.429570913 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:43.429574013 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:43.429604053 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:43.429749966 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:43.429754972 CEST44349742143.204.176.115192.168.2.4
                          Jul 5, 2024 01:00:43.429781914 CEST49742443192.168.2.4143.204.176.115
                          Jul 5, 2024 01:00:43.458095074 CEST49746443192.168.2.418.239.69.60
                          Jul 5, 2024 01:00:43.458098888 CEST49745443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:43.542052984 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.574573040 CEST4434974513.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:43.574599028 CEST4434974513.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:43.574651957 CEST49745443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:43.574665070 CEST4434974513.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:43.574676991 CEST4434974513.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:43.574847937 CEST49745443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:43.575611115 CEST49745443192.168.2.413.32.27.122
                          Jul 5, 2024 01:00:43.575627089 CEST4434974513.32.27.122192.168.2.4
                          Jul 5, 2024 01:00:43.580311060 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.580319881 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.580331087 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.580355883 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.580399036 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.580418110 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.580447912 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.592273951 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.592282057 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.592314959 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.592344999 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.592350960 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.592360020 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.592370987 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.592386007 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.628314972 CEST4434974618.239.69.60192.168.2.4
                          Jul 5, 2024 01:00:43.631659031 CEST4434974618.239.69.60192.168.2.4
                          Jul 5, 2024 01:00:43.631666899 CEST4434974618.239.69.60192.168.2.4
                          Jul 5, 2024 01:00:43.631717920 CEST4434974618.239.69.60192.168.2.4
                          Jul 5, 2024 01:00:43.631726027 CEST49746443192.168.2.418.239.69.60
                          Jul 5, 2024 01:00:43.631783009 CEST49746443192.168.2.418.239.69.60
                          Jul 5, 2024 01:00:43.631968021 CEST49746443192.168.2.418.239.69.60
                          Jul 5, 2024 01:00:43.631983042 CEST4434974618.239.69.60192.168.2.4
                          Jul 5, 2024 01:00:43.645580053 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.645590067 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.692457914 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.743146896 CEST49748443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.743187904 CEST4434974818.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.743259907 CEST49748443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.743916988 CEST49748443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.743937016 CEST4434974818.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.789473057 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.789489031 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.789526939 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.789544106 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.789555073 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.789566040 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.789586067 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.789645910 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.801373959 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.801382065 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.801403999 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.801417112 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.801433086 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.801547050 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.801554918 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.801691055 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.813534975 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.813544035 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.813571930 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.813585997 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.813632011 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.813637972 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.813678026 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.871123075 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.871144056 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.871187925 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.871191978 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.871201992 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.871244907 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.871251106 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.871294975 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:43.871299982 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:43.871335030 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:44.059639931 CEST49739443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:44.059653997 CEST4434973918.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:44.442953110 CEST4434974818.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:44.445787907 CEST49748443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:44.445806980 CEST4434974818.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:44.446096897 CEST4434974818.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:44.446932077 CEST49748443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:44.446988106 CEST4434974818.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:44.447387934 CEST49748443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:44.488507986 CEST4434974818.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:45.560173988 CEST4434974818.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:45.560283899 CEST4434974818.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:45.566659927 CEST49748443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:45.659995079 CEST49748443192.168.2.418.164.68.71
                          Jul 5, 2024 01:00:45.660013914 CEST4434974818.164.68.71192.168.2.4
                          Jul 5, 2024 01:00:52.250262976 CEST44349744142.250.185.100192.168.2.4
                          Jul 5, 2024 01:00:52.250312090 CEST44349744142.250.185.100192.168.2.4
                          Jul 5, 2024 01:00:52.250358105 CEST49744443192.168.2.4142.250.185.100
                          Jul 5, 2024 01:00:54.087496042 CEST49744443192.168.2.4142.250.185.100
                          Jul 5, 2024 01:00:54.087522030 CEST44349744142.250.185.100192.168.2.4

                          UDP Packets

                          TimestampSource PortDest PortSource IPDest IP
                          Jul 5, 2024 01:00:37.932207108 CEST53504931.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:37.932665110 CEST53599531.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:38.918304920 CEST53568601.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:39.385476112 CEST4931853192.168.2.41.1.1.1
                          Jul 5, 2024 01:00:39.385631084 CEST5522353192.168.2.41.1.1.1
                          Jul 5, 2024 01:00:39.405363083 CEST53493181.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:39.405778885 CEST53552231.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:41.309890985 CEST5433653192.168.2.41.1.1.1
                          Jul 5, 2024 01:00:41.310209036 CEST6190453192.168.2.41.1.1.1
                          Jul 5, 2024 01:00:41.313625097 CEST6337353192.168.2.41.1.1.1
                          Jul 5, 2024 01:00:41.313867092 CEST6074053192.168.2.41.1.1.1
                          Jul 5, 2024 01:00:41.314532042 CEST5939053192.168.2.41.1.1.1
                          Jul 5, 2024 01:00:41.314867020 CEST5099953192.168.2.41.1.1.1
                          Jul 5, 2024 01:00:41.338709116 CEST53633731.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:41.347515106 CEST53607401.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:41.348757029 CEST53593901.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:41.350585938 CEST53619041.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:41.350697041 CEST53509991.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:41.355634928 CEST53543361.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:41.672077894 CEST6349353192.168.2.41.1.1.1
                          Jul 5, 2024 01:00:41.672600031 CEST6125353192.168.2.41.1.1.1
                          Jul 5, 2024 01:00:41.678940058 CEST53634931.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:41.679570913 CEST53612531.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:42.571655989 CEST5430753192.168.2.41.1.1.1
                          Jul 5, 2024 01:00:42.572191954 CEST5497653192.168.2.41.1.1.1
                          Jul 5, 2024 01:00:42.573383093 CEST5503453192.168.2.41.1.1.1
                          Jul 5, 2024 01:00:42.574101925 CEST5618653192.168.2.41.1.1.1
                          Jul 5, 2024 01:00:42.591097116 CEST53543071.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:42.597714901 CEST53561861.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:42.600708008 CEST53549761.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:42.607417107 CEST53550341.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:55.923573017 CEST53621121.1.1.1192.168.2.4
                          Jul 5, 2024 01:00:58.104572058 CEST138138192.168.2.4192.168.2.255

                          ICMP Packets

                          TimestampSource IPDest IPChecksumCodeType
                          Jul 5, 2024 01:00:41.347572088 CEST192.168.2.41.1.1.1c26d(Port unreachable)Destination Unreachable
                          Jul 5, 2024 01:00:42.600939989 CEST192.168.2.41.1.1.1c26e(Port unreachable)Destination Unreachable

                          DNS Queries

                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                          Jul 5, 2024 01:00:39.385476112 CEST192.168.2.41.1.1.10xe0f3Standard query (0)rules-pear-kft5d2.mystrikingly.comA (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:39.385631084 CEST192.168.2.41.1.1.10xa683Standard query (0)rules-pear-kft5d2.mystrikingly.com65IN (0x0001)false
                          Jul 5, 2024 01:00:41.309890985 CEST192.168.2.41.1.1.10x5bcfStandard query (0)static-fonts-css.strikinglycdn.comA (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.310209036 CEST192.168.2.41.1.1.10x1554Standard query (0)static-fonts-css.strikinglycdn.com65IN (0x0001)false
                          Jul 5, 2024 01:00:41.313625097 CEST192.168.2.41.1.1.10x94ebStandard query (0)static-assets.strikinglycdn.comA (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.313867092 CEST192.168.2.41.1.1.10x11b1Standard query (0)static-assets.strikinglycdn.com65IN (0x0001)false
                          Jul 5, 2024 01:00:41.314532042 CEST192.168.2.41.1.1.10xacadStandard query (0)custom-images.strikinglycdn.comA (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.314867020 CEST192.168.2.41.1.1.10x5ef2Standard query (0)custom-images.strikinglycdn.com65IN (0x0001)false
                          Jul 5, 2024 01:00:41.672077894 CEST192.168.2.41.1.1.10x291Standard query (0)www.google.comA (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.672600031 CEST192.168.2.41.1.1.10x280aStandard query (0)www.google.com65IN (0x0001)false
                          Jul 5, 2024 01:00:42.571655989 CEST192.168.2.41.1.1.10x33edStandard query (0)custom-images.strikinglycdn.comA (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:42.572191954 CEST192.168.2.41.1.1.10x1a81Standard query (0)custom-images.strikinglycdn.com65IN (0x0001)false
                          Jul 5, 2024 01:00:42.573383093 CEST192.168.2.41.1.1.10xef30Standard query (0)static-assets.strikinglycdn.comA (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:42.574101925 CEST192.168.2.41.1.1.10x3118Standard query (0)static-assets.strikinglycdn.com65IN (0x0001)false

                          DNS Answers

                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                          Jul 5, 2024 01:00:39.405363083 CEST1.1.1.1192.168.2.40xe0f3No error (0)rules-pear-kft5d2.mystrikingly.comdukt9g6vj8lpb.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                          Jul 5, 2024 01:00:39.405363083 CEST1.1.1.1192.168.2.40xe0f3No error (0)dukt9g6vj8lpb.cloudfront.net52.84.150.43A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:39.405363083 CEST1.1.1.1192.168.2.40xe0f3No error (0)dukt9g6vj8lpb.cloudfront.net52.84.150.39A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:39.405363083 CEST1.1.1.1192.168.2.40xe0f3No error (0)dukt9g6vj8lpb.cloudfront.net52.84.150.63A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:39.405363083 CEST1.1.1.1192.168.2.40xe0f3No error (0)dukt9g6vj8lpb.cloudfront.net52.84.150.45A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:39.405778885 CEST1.1.1.1192.168.2.40xa683No error (0)rules-pear-kft5d2.mystrikingly.comdukt9g6vj8lpb.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                          Jul 5, 2024 01:00:41.338709116 CEST1.1.1.1192.168.2.40x94ebNo error (0)static-assets.strikinglycdn.comdy7t0zkjx7o42.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                          Jul 5, 2024 01:00:41.338709116 CEST1.1.1.1192.168.2.40x94ebNo error (0)dy7t0zkjx7o42.cloudfront.net18.164.68.71A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.338709116 CEST1.1.1.1192.168.2.40x94ebNo error (0)dy7t0zkjx7o42.cloudfront.net18.164.68.56A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.338709116 CEST1.1.1.1192.168.2.40x94ebNo error (0)dy7t0zkjx7o42.cloudfront.net18.164.68.91A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.338709116 CEST1.1.1.1192.168.2.40x94ebNo error (0)dy7t0zkjx7o42.cloudfront.net18.164.68.129A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.347515106 CEST1.1.1.1192.168.2.40x11b1No error (0)static-assets.strikinglycdn.comdy7t0zkjx7o42.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                          Jul 5, 2024 01:00:41.348757029 CEST1.1.1.1192.168.2.40xacadNo error (0)custom-images.strikinglycdn.comd1zzi8yv54jueq.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                          Jul 5, 2024 01:00:41.348757029 CEST1.1.1.1192.168.2.40xacadNo error (0)d1zzi8yv54jueq.cloudfront.net13.32.27.122A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.348757029 CEST1.1.1.1192.168.2.40xacadNo error (0)d1zzi8yv54jueq.cloudfront.net13.32.27.37A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.348757029 CEST1.1.1.1192.168.2.40xacadNo error (0)d1zzi8yv54jueq.cloudfront.net13.32.27.59A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.348757029 CEST1.1.1.1192.168.2.40xacadNo error (0)d1zzi8yv54jueq.cloudfront.net13.32.27.18A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.350585938 CEST1.1.1.1192.168.2.40x1554No error (0)static-fonts-css.strikinglycdn.comd29twgdo50231s.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                          Jul 5, 2024 01:00:41.350697041 CEST1.1.1.1192.168.2.40x5ef2No error (0)custom-images.strikinglycdn.comd1zzi8yv54jueq.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                          Jul 5, 2024 01:00:41.355634928 CEST1.1.1.1192.168.2.40x5bcfNo error (0)static-fonts-css.strikinglycdn.comd29twgdo50231s.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                          Jul 5, 2024 01:00:41.355634928 CEST1.1.1.1192.168.2.40x5bcfNo error (0)d29twgdo50231s.cloudfront.net143.204.176.115A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.355634928 CEST1.1.1.1192.168.2.40x5bcfNo error (0)d29twgdo50231s.cloudfront.net143.204.176.118A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.355634928 CEST1.1.1.1192.168.2.40x5bcfNo error (0)d29twgdo50231s.cloudfront.net143.204.176.110A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.355634928 CEST1.1.1.1192.168.2.40x5bcfNo error (0)d29twgdo50231s.cloudfront.net143.204.176.32A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.678940058 CEST1.1.1.1192.168.2.40x291No error (0)www.google.com142.250.185.100A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:41.679570913 CEST1.1.1.1192.168.2.40x280aNo error (0)www.google.com65IN (0x0001)false
                          Jul 5, 2024 01:00:42.591097116 CEST1.1.1.1192.168.2.40x33edNo error (0)custom-images.strikinglycdn.comd1zzi8yv54jueq.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                          Jul 5, 2024 01:00:42.591097116 CEST1.1.1.1192.168.2.40x33edNo error (0)d1zzi8yv54jueq.cloudfront.net13.32.27.122A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:42.591097116 CEST1.1.1.1192.168.2.40x33edNo error (0)d1zzi8yv54jueq.cloudfront.net13.32.27.59A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:42.591097116 CEST1.1.1.1192.168.2.40x33edNo error (0)d1zzi8yv54jueq.cloudfront.net13.32.27.37A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:42.591097116 CEST1.1.1.1192.168.2.40x33edNo error (0)d1zzi8yv54jueq.cloudfront.net13.32.27.18A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:42.597714901 CEST1.1.1.1192.168.2.40x3118No error (0)static-assets.strikinglycdn.comdy7t0zkjx7o42.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                          Jul 5, 2024 01:00:42.600708008 CEST1.1.1.1192.168.2.40x1a81No error (0)custom-images.strikinglycdn.comd1zzi8yv54jueq.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                          Jul 5, 2024 01:00:42.607417107 CEST1.1.1.1192.168.2.40xef30No error (0)static-assets.strikinglycdn.comdy7t0zkjx7o42.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                          Jul 5, 2024 01:00:42.607417107 CEST1.1.1.1192.168.2.40xef30No error (0)dy7t0zkjx7o42.cloudfront.net18.239.69.60A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:42.607417107 CEST1.1.1.1192.168.2.40xef30No error (0)dy7t0zkjx7o42.cloudfront.net18.239.69.54A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:42.607417107 CEST1.1.1.1192.168.2.40xef30No error (0)dy7t0zkjx7o42.cloudfront.net18.239.69.21A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:42.607417107 CEST1.1.1.1192.168.2.40xef30No error (0)dy7t0zkjx7o42.cloudfront.net18.239.69.108A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:51.435678959 CEST1.1.1.1192.168.2.40x902cNo error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:51.435678959 CEST1.1.1.1192.168.2.40x902cNo error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                          Jul 5, 2024 01:00:52.086525917 CEST1.1.1.1192.168.2.40x47feNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                          Jul 5, 2024 01:00:52.086525917 CEST1.1.1.1192.168.2.40x47feNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false

                          HTTP Request Dependency Graph

                          • rules-pear-kft5d2.mystrikingly.com
                          • https:
                            • static-assets.strikinglycdn.com
                            • static-fonts-css.strikinglycdn.com
                            • custom-images.strikinglycdn.com

                          HTTPS Proxied Packets

                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          0192.168.2.44973552.84.150.434436020C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampBytes transferredDirectionData
                          2024-07-04 23:00:40 UTC677OUTGET / HTTP/1.1
                          Host: rules-pear-kft5d2.mystrikingly.com
                          Connection: keep-alive
                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                          sec-ch-ua-mobile: ?0
                          sec-ch-ua-platform: "Windows"
                          Upgrade-Insecure-Requests: 1
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                          Sec-Fetch-Site: none
                          Sec-Fetch-Mode: navigate
                          Sec-Fetch-User: ?1
                          Sec-Fetch-Dest: document
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9
                          2024-07-04 23:00:41 UTC855INHTTP/1.1 200 OK
                          Server: CloudFront
                          Content-Type: text/html; charset=utf-8
                          Content-Length: 93740
                          Connection: close
                          Vary: Accept-Encoding
                          Date: Thu, 04 Jul 2024 23:00:40 GMT
                          Strikingly-Cache: current
                          Strikingly-Cache-Version: 1617785083-0
                          Strikingly-Cache-Region: ap-northeast-1
                          Strict-Transport-Security: max-age=15724800; includeSubDomains
                          Via: 1.1 92582d9f8616f06b5cd2829d249d42c6.cloudfront.net (CloudFront)
                          Set-Cookie: __strk_cookie_eu_visitor=false; Secure; Path=/;
                          Set-Cookie: __strk_viewer_info=eyJpcCI6IjguNDYuMTIzLjMzIiwiY291bnRyeUNvZGUiOiJVUyIsImNvdW50cnlOYW1lIjoiVW5pdGVkIFN0YXRlcyIsInJlZ2lvbk5hbWUiOiJOZXcgWW9yayIsImNpdHlOYW1lIjoiTmV3IFlvcmsifQ==; Secure; Path=/; Expires=Fri, 04 Jul 2025 23:00:40 GMT
                          X-Cache: Miss from cloudfront
                          X-Amz-Cf-Pop: ATL56-P1
                          X-Amz-Cf-Id: 4hlzIfajOe7GEWzx8ltKpLiTyO8m06OGn-BPqSj4LMR60s1ThiMXdQ==
                          2024-07-04 23:00:41 UTC15529INData Raw: 3c 21 2d 2d 20 50 6f 77 65 72 65 64 20 62 79 20 53 74 72 69 6b 69 6e 67 6c 79 2e 63 6f 6d 20 34 20 28 31 29 20 4a 75 6c 20 30 33 2c 20 32 30 32 34 20 61 74 20 31 33 3a 35 39 2d 2d 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 69 74 65 6d 73 63 6f 70 65 20 69 74 65 6d 74 79 70 65 3d 27 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 2e 6f 72 67 2f 57 65 62 50 61 67 65 27 20 6c 61 6e 67 3d 27 65 6e 27 20 78 6d 6c 6e 73 3a 66 62 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 2f 32 30 30 38 2f 66 62 6d 6c 27 20 78 6d 6c 6e 73 3a 6f 67 3d 27 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 27 20 78 6d 6c 6e 73 3d 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 27 3e 0a 3c
                          Data Ascii: ... Powered by Strikingly.com 4 (1) Jul 03, 2024 at 13:59--><!DOCTYPE html><html itemscope itemtype='http://schema.org/WebPage' lang='en' xmlns:fb='https://www.facebook.com/2008/fbml' xmlns:og='http://ogp.me/ns#' xmlns='http://www.w3.org/1999/xhtml'><
                          2024-07-04 23:00:41 UTC16384INData Raw: 44 6f 6c 6c 61 72 22 7d 2c 7b 22 63 6f 64 65 22 3a 22 55 59 55 22 2c 22 73 79 6d 62 6f 6c 22 3a 22 24 55 22 2c 22 64 65 63 69 6d 61 6c 22 3a 22 2c 22 2c 22 74 68 6f 75 73 61 6e 64 22 3a 22 2e 22 2c 22 70 72 65 63 69 73 69 6f 6e 22 3a 32 2c 22 6e 61 6d 65 22 3a 22 55 72 75 67 75 61 79 61 6e 20 70 65 73 6f 22 7d 2c 7b 22 63 6f 64 65 22 3a 22 55 5a 53 22 2c 22 73 79 6d 62 6f 6c 22 3a 22 5c 75 30 34 33 62 5c 75 30 34 33 32 22 2c 22 64 65 63 69 6d 61 6c 22 3a 22 2c 22 2c 22 74 68 6f 75 73 61 6e 64 22 3a 22 2e 22 2c 22 70 72 65 63 69 73 69 6f 6e 22 3a 32 2c 22 6e 61 6d 65 22 3a 22 55 7a 62 65 6b 69 73 74 61 6e 69 20 73 6f 5c 75 30 32 62 62 6d 22 7d 2c 7b 22 63 6f 64 65 22 3a 22 56 45 53 22 2c 22 73 79 6d 62 6f 6c 22 3a 22 42 73 2e 53 2e 22 2c 22 64 65 63 69 6d
                          Data Ascii: Dollar"},{"code":"UYU","symbol":"$U","decimal":",","thousand":".","precision":2,"name":"Uruguayan peso"},{"code":"UZS","symbol":"\u043b\u0432","decimal":",","thousand":".","precision":2,"name":"Uzbekistani so\u02bbm"},{"code":"VES","symbol":"Bs.S.","decim
                          2024-07-04 23:00:41 UTC590INData Raw: 22 70 73 22 3a 7b 22 6e 61 6d 65 22 3a 22 50 61 6c 65 73 74 69 6e 65 2c 20 53 74 61 74 65 20 6f 66 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 61 73 69 61 22 7d 2c 22 70 74 22 3a 7b 22 6e 61 6d 65 22 3a 22 50 6f 72 74 75 67 61 6c 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 65 75 72 6f 70 65 22 7d 2c 22 70 77 22 3a 7b 22 6e 61 6d 65 22 3a 22 50 61 6c 61 75 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 61 75 73 74 72 61 6c 69 61 22 7d 2c 22 70 79 22 3a 7b 22 6e 61 6d 65 22 3a 22 50 61 72 61 67 75 61 79 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 73 6f 75 74 68 61 6d 65 72 69 63 61 22 7d 2c 22 71 61 22 3a 7b 22 6e 61 6d 65 22 3a 22 51 61 74 61 72 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 61 73 69 61 22 7d 2c 22 72 65 22 3a 7b 22 6e 61 6d 65 22 3a 22 52
                          Data Ascii: "ps":{"name":"Palestine, State of","continent":"asia"},"pt":{"name":"Portugal","continent":"europe"},"pw":{"name":"Palau","continent":"australia"},"py":{"name":"Paraguay","continent":"southamerica"},"qa":{"name":"Qatar","continent":"asia"},"re":{"name":"R
                          2024-07-04 23:00:41 UTC16384INData Raw: 6e 61 6d 65 22 3a 22 53 65 79 63 68 65 6c 6c 65 73 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 61 66 72 69 63 61 22 7d 2c 22 73 64 22 3a 7b 22 6e 61 6d 65 22 3a 22 53 75 64 61 6e 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 61 66 72 69 63 61 22 7d 2c 22 73 65 22 3a 7b 22 6e 61 6d 65 22 3a 22 53 77 65 64 65 6e 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 65 75 72 6f 70 65 22 7d 2c 22 73 67 22 3a 7b 22 6e 61 6d 65 22 3a 22 53 69 6e 67 61 70 6f 72 65 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 61 73 69 61 22 7d 2c 22 73 68 22 3a 7b 22 6e 61 6d 65 22 3a 22 53 61 69 6e 74 20 48 65 6c 65 6e 61 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 61 66 72 69 63 61 22 7d 2c 22 73 69 22 3a 7b 22 6e 61 6d 65 22 3a 22 53 6c 6f 76 65 6e 69 61 22 2c 22 63 6f 6e 74 69 6e 65
                          Data Ascii: name":"Seychelles","continent":"africa"},"sd":{"name":"Sudan","continent":"africa"},"se":{"name":"Sweden","continent":"europe"},"sg":{"name":"Singapore","continent":"asia"},"sh":{"name":"Saint Helena","continent":"africa"},"si":{"name":"Slovenia","contine
                          2024-07-04 23:00:41 UTC1024INData Raw: 69 61 74 69 6f 6e 22 3a 22 76 65 72 74 69 63 61 6c 22 7d 2c 22 73 75 62 6d 65 6e 75 22 3a 7b 22 74 79 70 65 22 3a 22 53 75 62 4d 65 6e 75 22 2c 22 69 64 22 3a 22 66 5f 33 37 63 63 63 61 37 39 2d 30 31 64 34 2d 34 39 37 34 2d 61 36 39 35 2d 37 66 37 62 38 32 61 31 65 61 66 37 22 2c 22 64 65 66 61 75 6c 74 56 61 6c 75 65 22 3a 6e 75 6c 6c 2c 22 6c 69 73 74 22 3a 5b 5d 2c 22 63 6f 6d 70 6f 6e 65 6e 74 73 22 3a 7b 22 6c 69 6e 6b 22 3a 7b 22 74 79 70 65 22 3a 22 42 75 74 74 6f 6e 22 2c 22 69 64 22 3a 22 66 5f 30 30 30 64 65 30 30 38 2d 64 30 34 64 2d 34 30 63 35 2d 61 63 65 38 2d 33 33 32 63 33 32 66 65 62 37 64 34 22 2c 22 64 65 66 61 75 6c 74 56 61 6c 75 65 22 3a 6e 75 6c 6c 2c 22 74 65 78 74 22 3a 22 46 61 63 65 62 6f 6f 6b 22 2c 22 6c 69 6e 6b 5f 74 79 70
                          Data Ascii: iation":"vertical"},"submenu":{"type":"SubMenu","id":"f_37ccca79-01d4-4974-a695-7f7b82a1eaf7","defaultValue":null,"list":[],"components":{"link":{"type":"Button","id":"f_000de008-d04d-40c5-ace8-332c32feb7d4","defaultValue":null,"text":"Facebook","link_typ
                          2024-07-04 23:00:41 UTC15360INData Raw: 65 64 69 75 6d 22 2c 22 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 31 22 3a 22 23 64 64 64 64 64 64 22 2c 22 68 69 67 68 6c 69 67 68 74 43 6f 6c 6f 72 22 3a 6e 75 6c 6c 2c 22 70 72 65 73 65 74 43 6f 6c 6f 72 4e 61 6d 65 22 3a 22 74 72 61 6e 73 70 61 72 65 6e 74 22 2c 22 69 74 65 6d 53 70 61 63 69 6e 67 22 3a 22 63 6f 6d 70 61 63 74 22 2c 22 64 72 6f 70 53 68 61 64 6f 77 22 3a 22 6e 6f 22 2c 22 73 6f 63 69 61 6c 4d 65 64 69 61 4c 69 73 74 54 79 70 65 22 3a 22 6c 69 6e 6b 22 2c 22 69 73 54 72 61 6e 73 70 61 72 65 6e 74 22 3a 74 72 75 65 2c 22 69 73 53 74 69 63 6b 79 22 3a 74 72 75 65 2c 22 73 68 6f 77 53 6f 63 69 61 6c 4d 65 64 69 61 22 3a 66 61 6c 73 65 2c 22 68 69 67 68 6c 69 67 68 74 22 3a 7b 22 74 79 70 65 22 3a 22 75 6e 64 65 72 6c 69 6e 65 22 2c 22
                          Data Ascii: edium","backgroundColor1":"#dddddd","highlightColor":null,"presetColorName":"transparent","itemSpacing":"compact","dropShadow":"no","socialMediaListType":"link","isTransparent":true,"isSticky":true,"showSocialMedia":false,"highlight":{"type":"underline","
                          2024-07-04 23:00:41 UTC4096INData Raw: 69 6b 65 2c 73 74 72 6f 6e 67 2c 73 75 62 2c 73 75 70 2c 74 74 2c 76 61 72 2c 64 64 2c 64 6c 2c 64 74 2c 6c 69 2c 6f 6c 2c 75 6c 2c 66 69 65 6c 64 73 65 74 2c 66 6f 72 6d 2c 6c 61 62 65 6c 2c 69 6e 70 75 74 2c 74 65 78 74 61 72 65 61 2c 6c 65 67 65 6e 64 2c 62 75 74 74 6f 6e 2c 74 61 62 6c 65 2c 63 61 70 74 69 6f 6e 2c 74 62 6f 64 79 2c 74 66 6f 6f 74 2c 74 68 65 61 64 2c 74 72 2c 74 68 2c 74 64 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 62 6f 72 64 65 72 3a 30 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 30 25 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 69 6e 68 65 72 69 74 7d 74 61 62 6c 65 7b 62
                          Data Ascii: ike,strong,sub,sup,tt,var,dd,dl,dt,li,ol,ul,fieldset,form,label,input,textarea,legend,button,table,caption,tbody,tfoot,thead,tr,th,td{margin:0;padding:0;border:0;font-weight:normal;font-style:normal;font-size:100%;line-height:1;font-family:inherit}table{b
                          2024-07-04 23:00:41 UTC8192INData Raw: 2f 73 74 61 74 69 63 2d 61 73 73 65 74 73 2e 73 74 72 69 6b 69 6e 67 6c 79 63 64 6e 2e 63 6f 6d 22 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 28 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 24 42 20 7c 7c 20 28 77 69 6e 64 6f 77 2e 24 42 20 3d 20 7b 7d 29 3b 0a 20 20 0a 20 20 20 20 77 69 6e 64 6f 77 2e 75 74 69 6c 73 20 7c 7c 20 28 77 69 6e 64 6f 77 2e 75 74 69 6c 73 20 3d 20 7b 7d 29 3b 0a 20 20 0a 20 20 20 20 77 69 6e 64 6f 77 2e 75 74 69 6c 73 2e 67 65 74 43 6f 6f 6b 69 65 56 61 6c 75 65 20 3d 20 66 75 6e 63 74 69 6f 6e 28 6e 61 6d 65 29 20 7b 0a 20 20 20 20 20 20 76 61 72 20 63 6f 6f 6b 69 65 2c 20 63 6f 6f 6b 69 65 73 2c 20 6b 65 79 2c 20 76 61 6c 75 65 2c 20 5f 69 2c 20 5f 6c 65 6e 2c 20 5f 72 65 66 3b 0a 20 20 20 20 20 20 63
                          Data Ascii: /static-assets.strikinglycdn.com"><script> (function() { window.$B || (window.$B = {}); window.utils || (window.utils = {}); window.utils.getCookieValue = function(name) { var cookie, cookies, key, value, _i, _len, _ref; c


                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          1192.168.2.44973918.164.68.714436020C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampBytes transferredDirectionData
                          2024-07-04 23:00:42 UTC614OUTGET /themes/glow/main_v4.21abecd37ebeca3fbae1.bundle.css HTTP/1.1
                          Host: static-assets.strikinglycdn.com
                          Connection: keep-alive
                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                          sec-ch-ua-mobile: ?0
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          sec-ch-ua-platform: "Windows"
                          Accept: text/css,*/*;q=0.1
                          Sec-Fetch-Site: cross-site
                          Sec-Fetch-Mode: no-cors
                          Sec-Fetch-Dest: style
                          Referer: https://rules-pear-kft5d2.mystrikingly.com/
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9
                          2024-07-04 23:00:43 UTC801INHTTP/1.1 200 OK
                          Content-Type: text/css; charset=utf-8
                          Content-Length: 120458
                          Connection: close
                          Date: Thu, 04 Jul 2024 23:00:44 GMT
                          Last-Modified: Tue, 02 Jul 2024 17:52:08 GMT
                          ETag: "c459f393d681752d8d4115aaaa5ed7f7"
                          x-amz-server-side-encryption: AES256
                          Cache-Control: max-age=315360000, public
                          Content-Encoding: gzip
                          Accept-Ranges: bytes
                          Server: AmazonS3
                          X-Cache: Miss from cloudfront
                          Via: 1.1 c3941d2249641ec51690205d7b1084ac.cloudfront.net (CloudFront)
                          X-Amz-Cf-Pop: LHR50-P4
                          Alt-Svc: h3=":443"; ma=86400
                          X-Amz-Cf-Id: _PtZR0HzXwyEyalCdiPYtEZRuDPMpJt4Chj2y6gM9NH0IecVvd3QPQ==
                          X-XSS-Protection: 1; mode=block
                          X-Frame-Options: SAMEORIGIN
                          Referrer-Policy: strict-origin-when-cross-origin
                          X-Content-Type-Options: nosniff
                          Strict-Transport-Security: max-age=31536000
                          Vary: Origin
                          2024-07-04 23:00:43 UTC10411INData Raw: 1f 8b 08 00 00 00 00 00 00 03 ec bd 5d af ec 48 92 18 f6 be bf a2 b6 1b 0d dc 33 2a 56 f3 bb 58 e7 60 c7 a3 99 d5 48 23 cf 6a 17 9a 31 3c a3 dd 41 83 1f c9 73 38 b7 aa 58 43 b2 ee b9 a7 0b 57 0f bb b0 fd 64 01 16 0c bf f8 c1 30 6c c0 b0 0c 49 06 6c c0 0f bb f6 9f 19 58 96 9e f4 17 9c 1f 4c 32 33 19 c9 22 ab 58 1f b7 a7 a7 77 bb 4f 25 23 23 23 23 23 23 23 23 23 23 bf fe c1 1f cf b6 f9 37 45 98 ad cb 6f c2 b2 44 d5 37 71 be d9 15 a8 2c b3 7c 3b fb c1 d7 7f f4 47 5f 63 90 9f fc ac 40 6b 14 96 c8 b0 4d db 35 97 a6 63 98 96 69 d2 ef 8b 18 7f 29 d2 ec e3 61 97 97 59 85 ab 3d 62 e0 b0 ca 3e a0 4f cd b7 c7 30 ad 50 71 48 b2 72 b7 0e df 1e ab 30 5a a3 a7 38 df 56 68 5b 3d 7e f1 c5 13 85 7b 8c f2 ea e5 d3 22 8b 1a b8 6c bb ce b6 c8 88 d6 79 fc fe e9 db 3c df 3c 5a
                          Data Ascii: ]H3*VX`H#j1<As8XCWd0lIlXL23"XwO%##########7EoD7q,|;G_c@kM5ci)aY=b>O0PqHr0Z8Vh[=~{"ly<<Z
                          2024-07-04 23:00:43 UTC7435INData Raw: 80 f6 bf 32 43 41 17 4c f7 35 35 e9 c3 3d f0 89 a4 06 43 5d 45 1b c5 2f bf 41 26 54 c1 bc fc dd 3e 2b 1a 43 b6 d9 90 fc e0 0b 60 0f 52 9f 79 52 35 4b cd 13 47 78 53 b2 09 93 15 b0 33 da 7b bb 52 fb a9 09 4a 45 c3 e3 16 40 74 f5 23 aa 73 e8 db 0f d9 a3 26 f2 66 0a 4e 3c 02 e0 15 0b 0d b6 be 77 12 dc b4 10 03 46 b6 c6 ff 1a 16 82 3b 30 30 7d 15 80 b5 d5 c7 49 7e e8 70 b5 8c ba 42 db 25 22 29 1e 3a e1 33 e2 1b 38 34 b1 2d 58 8d ef 0f 45 b5 f4 53 fc f7 ec ef bf a2 32 df a0 bf 9a 79 b3 9f 16 78 b3 ad d9 f2 5a fc 69 17 8b 05 1b 34 ce 4f d3 b4 bf 50 df ba e4 66 b6 4f fe 81 7b b1 a0 8f 0e b1 27 11 a0 1b 2b 27 d0 29 1c b5 34 9b 6e 89 d0 44 22 d4 3f 46 68 bd b8 0b 51 48 c7 a5 5a be f2 36 10 a3 94 69 4b d8 9b f4 d6 ac 5f fd 6a 36 91 d8 cc 0b 0b 12 4b c0 8c 11 f5 37
                          Data Ascii: 2CAL55=C]E/A&T>+C`RyR5KGxS3{RJE@t#s&fN<wF;00}I~pB%"):384-XES2yxZi4OPfO{'+')4nD"?FhQHZ6iK_j6K7
                          2024-07-04 23:00:43 UTC1024INData Raw: b4 0b a1 d3 52 23 62 2c 62 86 8e 10 43 cd 4f 9a c7 12 0f da 44 ca b5 e4 51 78 f8 0d e5 b3 70 88 84 1c ba 77 00 5d 7a 07 50 79 21 f0 94 86 c6 4d 59 45 cf 5e 76 0a b7 ef 64 9c 3a 99 6d 68 32 9f 2d 83 3a 0d 21 39 d8 a6 1e 2c 7d 83 5d e5 24 ac bd 92 9e d2 9b 7f e3 08 72 e0 f5 a3 0e 31 c4 26 6e 7b 83 f3 49 7e 88 43 f8 d0 4e d7 fa 76 51 be 5d bf e9 ae 18 f9 41 27 c5 f9 18 22 5f c2 52 10 74 91 64 9a a5 db 14 29 fe 34 96 17 82 46 92 9e a5 27 f7 af 5a 19 be 58 2f c5 e6 c5 c8 ce 69 7a 04 d9 2c a2 ab 5b b8 88 cb af 2e 0b 44 18 dd 04 e8 47 5b bf 86 66 12 27 27 16 d7 07 8d 9a ea 82 5d cc ec 70 06 29 95 01 9b a3 71 78 af af 3b dc cb da 38 2a fa 1e 1b e7 58 ec d7 d9 4d 4d 66 f5 b8 ea 8c 94 bc 8e 87 53 65 4e ec 40 bf 86 24 89 08 e4 5b f9 23 5a 91 6d 9a 2e 2f 5a 39 5b d2
                          Data Ascii: R#b,bCODQxpw]zPy!MYE^vd:mh2-:!9,}]$r1&n{I~CNvQ]A'"_Rtd)4F'ZX/iz,[.DG[f'']p)qx;8*XMMfSeN@$[#Zm./Z9[
                          2024-07-04 23:00:43 UTC16384INData Raw: b0 7e 9e 29 1b d3 8f cb 7d ac 9f e7 92 72 ed f5 f3 fc d9 35 a5 ba 9f 40 a8 6e bd 7e fe c1 30 f4 dc f5 d3 e3 f1 4d d6 a5 dd b6 de ad d6 4f ef 1e d6 cf f3 7a 3f a9 9e 3e 93 94 09 d5 f4 99 94 4c b0 7e 9e 29 1b d3 8f cb 7d ac 9f e7 92 72 ed f5 f3 fc d9 35 a5 ba 9f 40 a8 6e bd 7e fe c1 30 f4 dc f5 d3 af f1 90 6c 02 17 59 36 fd 5b 2d 9b fe 3d 2c 9b e7 f5 7e 52 f5 7c 26 29 13 6a e7 33 29 99 60 d9 3c 53 36 a6 1f 97 fb 58 36 cf 25 e5 da cb e6 f9 b3 6b 4a 2d 3f 81 50 dd 7a d9 fc 83 61 e8 b9 cb e6 92 2f 9b 17 8f b6 0d f8 e3 ad 17 8f 4b 5a d5 2d 2d 2f 75 82 6b 99 3c 44 f9 e2 ce 6e 8b 47 43 af 2e ee 17 b0 6c 41 a6 a6 6f 22 cd 3e 90 94 bd c2 d5 9e 93 0d 92 32 fb 28 61 a2 a1 6e cb b3 83 b9 c8 c5 12 aa 9a ce 0d 6c 38 7a b9 e5 38 1e 67 2a 82 1c 91 a0 09 23 df d8 2d 87 fa
                          Data Ascii: ~)}r5@n~0MOz?>L~)}r5@n~0lY6[-=,~R|&)j3)`<S6X6%kJ-?Pza/KZ--/uk<DnGC.lAo">2(anl8z8g*#-
                          2024-07-04 23:00:43 UTC1024INData Raw: e6 da c3 5a 96 c4 a4 c7 1c cd f1 03 7c 84 36 8d b8 01 81 f4 8f 68 7c ac 35 98 52 1d 4b 34 2a 27 dc 44 69 22 f9 cb 64 d7 fc bd ce 21 07 92 00 01 46 cb 81 39 20 b8 d7 48 ae 9f 4b c9 11 77 82 f0 15 a4 ee 7a c8 81 e8 00 35 4a ab cf 85 5b 99 1a a6 99 57 27 ea a0 d0 7b 7f 07 44 5a 81 a1 b8 89 be 03 8c b1 00 45 45 4c 71 97 2a d7 30 14 5c 93 b8 0f 55 71 41 bc 16 01 8c d3 4f 47 9c 7f 5d 83 c2 56 e0 34 dd 74 25 79 e3 a0 03 ba a4 22 b5 61 3a 73 48 57 12 39 8e 4a 59 b3 d0 cb 45 b9 c9 05 ea 88 a7 bd d8 58 ea 90 e9 d2 30 da 6a 51 25 0d 0a dc ca cc 54 97 4e 6d a0 87 36 cc 55 61 3a 99 a1 b3 b6 71 15 91 db d9 23 55 8c 4f e1 a6 83 c1 e5 21 cb 56 da 84 0a 4c 81 32 33 a5 66 91 ba a0 23 a8 41 7a 51 41 ce 9f 86 72 c8 55 57 1e d3 14 65 f4 1d d9 75 f6 a4 8c 13 7e 7f 8a cb 43 e0
                          Data Ascii: Z|6h|5RK4*'Di"d!F9 HKwz5J[W'{DZEELq*0\UqAOG]V4t%y"a:sHW9JYEX0jQ%TNm6Ua:q#UO!VL23f#AzQArUWeu~C
                          2024-07-04 23:00:43 UTC16384INData Raw: c1 dc c7 61 48 d3 87 9c 84 42 21 6d 3c e4 59 29 a2 83 7e 24 7e c9 58 a0 8a 3e d4 97 cf ec 2b 59 e3 32 ca 82 63 29 8c 37 48 50 c5 4f f4 1e 79 23 fe 7a 15 4d 22 c7 2a 83 96 88 bf 9b a6 18 6d 3b 78 b2 07 f6 55 5b bd 08 24 14 34 95 f3 8f be fd 07 5f ff e8 1f fe 83 c5 8f 16 3f 67 e3 b0 f8 47 cf b4 cc 0e 74 f1 f3 82 d2 85 bb 32 dd 95 bd f0 5f 16 3f 8d d8 4b d2 bc 5b 2e f6 55 c5 44 d1 af bf 56 9e ae d8 26 e0 a5 fc 31 63 51 d3 72 04 f4 75 52 23 be 8e 78 15 1f fe 28 e0 c9 00 17 3f fb d9 e2 1f ff d5 c2 59 19 f7 a2 1d ec c9 9f ff d1 1f 2f fe f4 e7 7f bc 30 57 e6 fd e2 67 3c 9e c9 e2 4f fe e8 17 50 fe 1d ab eb 6b d1 aa 65 44 02 fa da fc 75 88 19 23 a3 76 e4 3f 5b b8 a2 2f 0f 02 50 56 2f 6c 04 53 1e ad 20 a9 9f 34 8c 8b 63 18 f5 ef 30 2e eb a8 4d 5c 2b f3 50 16 c1 c7
                          Data Ascii: aHB!m<Y)~$~X>+Y2c)7HPOy#zM"*m;xU[$4_?gGt2_?K[.UDV&1cQruR#x(?Y/0Wg<OPkeDu#v?[/PV/lS 4c0.M\+P
                          2024-07-04 23:00:43 UTC1024INData Raw: a0 69 d7 34 8a 3b bf fa bf 37 92 bb c1 21 fc 2e 8c e6 26 b4 f7 5a 46 74 97 55 79 35 a3 ba cb aa bf 9e 91 dd 85 f5 7f 17 7c fd d0 25 ff 0d f6 43 55 c4 4c 8e e3 27 50 7d e3 be a4 4f ac bc b2 5e ee 43 35 4c 97 90 b4 b9 af 3b 14 c9 b9 a9 cc d5 1c d1 f4 40 e2 64 79 6b ee b6 ae 2b 25 07 5a 57 f5 d6 c6 8b ce 50 91 7b 4d db c5 19 83 2e 55 52 6f 38 fa 7f 70 6a b0 73 a6 e0 fa 4a b2 73 6a bd ba 0a ed bc 4a b9 82 ed cd 17 dc 9b 8c 70 bf d2 b7 18 e0 61 9d df 63 05 e6 99 0b a8 7a fe 4e c6 f5 7b ae 55 45 06 f4 d6 da 8e c1 50 5e d1 d2 77 aa 2c b6 3a 64 59 d8 44 1c 9e c7 02 cc 11 37 f4 62 dc 08 f3 a0 b2 0b b5 11 c5 49 a1 ef a3 b0 b1 cb 99 04 cc 0d 67 86 b2 5a 18 9a a1 73 be 22 ee 4d 67 e7 0f 9b 45 d0 8d c7 8d 4f 30 5d b5 b7 3d c3 f4 b5 fe be 9c 62 23 3d fc be 9f 27 48 d7
                          Data Ascii: i4;7!.&ZFtUy5|%CUL'P}O^C5L;@dyk+%ZWP{M.URo8pjsJsjJpaczN{UEP^w,:dYD7bIgZs"MgEO0]=b#='H
                          2024-07-04 23:00:43 UTC16384INData Raw: bc 4c 7e 8f 1d d8 a7 0d f1 85 16 dd 93 07 fa 66 ee eb d3 ba 7b 99 f7 fa e4 de ce 77 5e 9f d8 ad 0b 7d d7 a7 77 ec da ae eb d3 fa f9 86 9e eb 97 34 ec 9a 8e eb d3 49 d9 35 fd d6 cf ae fd ef dd d6 af 7f ee be 0b af f5 f3 9b 7b 2d a7 f5 8b 6a bc 9a cf fa 45 b5 5f cf 65 fd b2 ea bf 03 0e fe 0a 0e eb 93 77 c2 bb f1 57 9f 78 2a cf 71 57 9f 58 d5 ef ad b7 fa e5 43 7e b9 b3 fa c5 63 ff 87 a6 e4 ba 99 ab fa dc 4a af ad 20 bb a1 a3 fa cc c5 f6 16 c3 7b 0d 37 f5 d9 55 7e 7f 75 93 37 74 52 9f 3f aa df 6f 7d e9 d5 5c d4 2f 1f c8 2b 7a a2 4c 94 ba fe de 41 fd 2d 1d d4 67 4c ce 1f 34 5b 70 55 f7 f4 d9 b5 de f4 e8 fa be 3a a7 5f a3 83 df f3 73 e4 0d 5d d3 e7 b4 e9 ad 3c d3 a7 2b 86 7f ef 1d d3 af 30 24 7f d0 e7 c0 4d dc d2 af 56 fb 4d cf 85 ef bb 53 fa 35 3b fa 3d 3f 27
                          Data Ascii: L~f{w^}w4I5{-jE_ewWx*qWXC~cJ {7U~u7tR?o}\/+zLA-gL4[pU:_s]<+0$MVMS5;=?'
                          2024-07-04 23:00:43 UTC15990INData Raw: 40 80 8c 18 0f 61 21 27 8c 61 fd 14 61 12 58 36 3a 35 1a 38 30 6a e4 79 c1 9a ce 90 f1 67 3a 11 7a 30 cd f3 c5 74 cd da 6a 19 6e 2c e6 a6 49 b2 71 9b 14 60 be 00 4d d9 a5 33 0a d3 e8 7c bc 19 cf 27 5c 65 28 f6 6f f6 40 12 62 ea ff 7a d8 fc 56 1c d6 c5 f6 37 ac 3f 5c 65 c2 12 94 97 cb a5 9c bb cd 17 7c 92 e5 40 30 6f ca f6 9b d6 35 b5 07 58 1e db 73 fe 0c 66 8b 3c 7b 18 37 55 ae ca 29 7f 3b e5 15 53 1e 2e bf 8c bc 25 03 6f 9e af 12 04 5c 4b 80 c1 8d 35 9c ad ec 71 82 b0 57 8d ba 8c 62 5d 62 03 a6 b4 90 d8 8d b3 78 f6 58 b5 60 07 29 00 e1 9b 82 3d de 90 e4 a5 5e ea e7 a3 3c 2d e7 5f ac e0 f4 c2 bb 51 6c a7 3b 1d 89 c1 2a ef 63 30 ac 37 13 b4 9e a2 34 57 d9 05 7b 0c c1 46 74 51 9c e4 4c 15 8c 81 ab 07 0d ca 30 7d 07 b5 a7 2b 60 48 d2 83 08 83 f8 46 83 b9 59
                          Data Ascii: @a!'aaX6:580jyg:z0tjn,Iq`M3|'\e(o@bzV7?\e|@0o5Xsf<{7U);S.%o\K5qWb]bxX`)=^<-_Ql;*c074W{FtQL0}+`HFY
                          2024-07-04 23:00:43 UTC394INData Raw: 48 bd 37 2a fc f2 a7 ab ee a8 3d 12 d1 01 31 a6 90 d8 80 f0 4f c7 f3 3e ed 39 c1 d7 c9 dd 7b b5 f3 ff 09 04 1c 7c 44 6e 37 d6 b7 26 a0 57 73 22 1d 69 08 77 92 0e f4 67 9c 84 d3 77 9a 84 d3 bf d4 49 38 04 01 bd 9a d3 4c c2 69 1f 66 2a 50 8a ef 9e 8f 7d b4 2b 2c 41 38 ee 84 21 c1 b6 6e 87 8e d7 8a 1a ac b1 60 7e f5 4e 18 78 ac c2 77 c1 c8 b8 7c de 09 83 f7 a4 49 00 cf 1a ba cd 8f 9b a2 51 9b ed 27 41 ec b6 13 76 88 9d 00 45 1c 14 8c b1 7c 58 5b be 07 5c 80 5a 9b c2 e5 12 d9 57 0f dd 55 2f 77 6a b2 27 9b 4b 8b cc 3e e5 10 70 d7 86 00 b5 03 f8 23 63 a8 69 b6 0d 28 b0 40 55 55 be f5 52 ab fa 92 42 f0 5a 6d 41 c9 b8 a0 2d 29 9a 6d b4 05 45 8b 0d 53 50 1c a3 1f c6 ee 1d f2 aa c2 2f c9 12 40 a1 07 55 a9 23 19 c7 f5 3e e7 94 ee c2 88 be 19 83 89 de 50 09 67 21 ee
                          Data Ascii: H7*=1O>9{|Dn7&Ws"iwgwI8Lif*P}+,A8!n`~Nxw|IQ'AvE|X[\ZWU/wj'K>p#ci(@UURBZmA-)mESP/@U#>Pg!


                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          2192.168.2.449742143.204.176.1154436020C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampBytes transferredDirectionData
                          2024-07-04 23:00:42 UTC650OUTGET /css?family=Montserrat:400,700|Roboto:300,700,300italic,700italic&subset=latin,latin-ext&display=swap HTTP/1.1
                          Host: static-fonts-css.strikinglycdn.com
                          Connection: keep-alive
                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                          sec-ch-ua-mobile: ?0
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          sec-ch-ua-platform: "Windows"
                          Accept: */*
                          Sec-Fetch-Site: cross-site
                          Sec-Fetch-Mode: no-cors
                          Sec-Fetch-Dest: font
                          Referer: https://rules-pear-kft5d2.mystrikingly.com/
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9
                          2024-07-04 23:00:43 UTC463INHTTP/1.1 200 OK
                          Content-Type: text/css; charset=utf-8
                          Content-Length: 13572
                          Connection: close
                          Date: Thu, 04 Jul 2024 23:00:43 GMT
                          Apigw-Requestid: aaNwQiktNjMEJMQ=
                          Vary: Accept-Encoding
                          X-Cache: Miss from cloudfront
                          Via: 1.1 5888b5d9247925eeec6b1cf1ebf8aa8c.cloudfront.net (CloudFront)
                          X-Amz-Cf-Pop: LHR50-C1
                          X-Amz-Cf-Id: 1fLROvuSCZApxTl3Sw3rcsRzqU-I0gtbNnWlmdN8VMnNStV2tycn3Q==
                          cache-control: max-age=7776000, public, must-revalidate
                          Vary: Origin
                          2024-07-04 23:00:43 UTC3943INData Raw: 2f 2a 20 63 79 72 69 6c 6c 69 63 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4d 6f 6e 74 73 65 72 72 61 74 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2d 66 6f 6e 74 73 2e 73 74 72 69 6b 69 6e 67 6c 79 63 64 6e 2e 63 6f 6d 2f 73 2f 6d 6f 6e 74 73 65 72 72 61 74 2f 76 32 36 2f 4a 54 55 53 6a 49 67 31 5f 69 36 74 38 6b 43 48 4b 6d 34 35 39 57 52 68 79 7a 62 69 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d
                          Data Ascii: /* cyrillic-ext */@font-face { font-family: 'Montserrat'; font-style: normal; font-weight: 400; font-display: swap; src: url(https://static-fonts.strikinglycdn.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WRhyzbi.woff2) format('woff2'); unicode-
                          2024-07-04 23:00:43 UTC9629INData Raw: 73 74 72 69 6b 69 6e 67 6c 79 63 64 6e 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 33 30 2f 4b 46 4f 6a 43 6e 71 45 75 39 32 46 72 31 4d 75 35 31 54 6a 41 53 63 33 43 73 54 4b 6c 41 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 34 36 30 2d 30 35 32 46 2c 20 55 2b 31 43 38 30 2d 31 43 38 38 2c 20 55 2b 32 30 42 34 2c 20 55 2b 32 44 45 30 2d 32 44 46 46 2c 20 55 2b 41 36 34 30 2d 41 36 39 46 2c 20 55 2b 46 45 32 45 2d 46 45 32 46 3b 0a 7d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 69 74 61 6c 69 63 3b 0a 20 20
                          Data Ascii: strikinglycdn.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc3CsTKlA.woff2) format('woff2'); unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;}/* cyrillic */@font-face { font-family: 'Roboto'; font-style: italic;


                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          3192.168.2.44974018.164.68.714436020C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampBytes transferredDirectionData
                          2024-07-04 23:00:42 UTC637OUTGET /images/fb_images/default.png HTTP/1.1
                          Host: static-assets.strikinglycdn.com
                          Connection: keep-alive
                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                          sec-ch-ua-mobile: ?0
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          sec-ch-ua-platform: "Windows"
                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                          Sec-Fetch-Site: cross-site
                          Sec-Fetch-Mode: no-cors
                          Sec-Fetch-Dest: image
                          Referer: https://rules-pear-kft5d2.mystrikingly.com/
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9
                          2024-07-04 23:00:42 UTC737INHTTP/1.1 200 OK
                          Content-Type: image/png
                          Content-Length: 6992
                          Connection: close
                          Date: Mon, 18 Dec 2023 00:21:46 GMT
                          Last-Modified: Wed, 15 Jan 2020 07:52:01 GMT
                          ETag: "6a4ce874c3bcad1cf569cd7c3a6eea1a"
                          Cache-Control: max-age=315360000, public
                          Accept-Ranges: bytes
                          Server: AmazonS3
                          X-Cache: Hit from cloudfront
                          Via: 1.1 8939944fc38fd924b1fd4243119debb8.cloudfront.net (CloudFront)
                          X-Amz-Cf-Pop: LHR50-P4
                          Alt-Svc: h3=":443"; ma=86400
                          X-Amz-Cf-Id: lmD736lmLEOJpDBeVLo-yqxhAQCNJU6UIqiyjfgd2GlhLOx2BIqsYw==
                          Age: 17275137
                          X-XSS-Protection: 1; mode=block
                          X-Frame-Options: SAMEORIGIN
                          Referrer-Policy: strict-origin-when-cross-origin
                          X-Content-Type-Options: nosniff
                          Strict-Transport-Security: max-age=31536000
                          Vary: Origin
                          2024-07-04 23:00:42 UTC6992INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 04 b0 00 00 04 b0 04 03 00 00 00 19 0f ae fc 00 00 00 21 50 4c 54 45 9b 78 c7 ff ff ff b6 9c d6 cd bc e3 e5 dc f1 ab 8d d0 f0 eb f7 c4 ae de d8 ca e9 a1 80 cb f9 f8 fc e7 8e 94 a0 00 00 1a ea 49 44 41 54 78 da ed dd cb 73 1c c7 79 00 70 10 e4 12 00 4f 5c 62 b5 84 70 02 a8 d8 4e 74 22 4c 25 b6 73 02 12 3a 4a 72 02 64 45 76 f1 44 38 76 29 bc 01 b2 93 b2 73 02 fc 2c f9 04 da 2e 59 a5 93 60 45 25 fb bf 0c b9 78 ed cc f4 37 dd 83 27 89 fd fd 4e 24 80 ed dd 9d fe a6 5f 5f cf cc d4 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Data Ascii: PNGIHDR!PLTExIDATxsypO\bpNt"L%s:JrdEvD8v)s,.Y`E%x7'N$__


                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          4192.168.2.44974113.32.27.1224436020C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampBytes transferredDirectionData
                          2024-07-04 23:00:42 UTC705OUTGET /res/hrscywv4p/image/upload/c_limit,fl_lossy,h_300,w_300,f_auto,q_auto/16631263/456324_931227.png HTTP/1.1
                          Host: custom-images.strikinglycdn.com
                          Connection: keep-alive
                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                          sec-ch-ua-mobile: ?0
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          sec-ch-ua-platform: "Windows"
                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                          Sec-Fetch-Site: cross-site
                          Sec-Fetch-Mode: no-cors
                          Sec-Fetch-Dest: image
                          Referer: https://rules-pear-kft5d2.mystrikingly.com/
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9
                          2024-07-04 23:00:42 UTC739INHTTP/1.1 200 OK
                          Content-Type: image/webp
                          Content-Length: 2532
                          Connection: close
                          Server: CloudFront
                          Date: Tue, 02 Jul 2024 23:00:40 GMT
                          Access-Control-Allow-Origin: *
                          x-amz-apigw-id: aTn33EsENjMEDWg=
                          X-Amzn-Trace-Id: Root=1-66848698-639b8a062eb208da00c473f7;Parent=52ce7359362a1e3c;Sampled=0;lineage=f935ec17:0
                          Via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront), 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
                          Cache-Control: max-age=31536000
                          x-amzn-RequestId: 194659a7-4a9f-4931-b9d6-02ee5d0bc351
                          X-Amz-Cf-Pop: FRA60-P2
                          X-Cache: Hit from cloudfront
                          X-Amz-Cf-Pop: FRA56-C2
                          Alt-Svc: h3=":443"; ma=86400
                          X-Amz-Cf-Id: AyKLiZv6rdNWxmSqP6bAni2I3pbEACwQvhvq9Ce3-74qy2rGbO6xsQ==
                          Age: 172802
                          2024-07-04 23:00:42 UTC2532INData Raw: 52 49 46 46 dc 09 00 00 57 45 42 50 56 50 38 20 d0 09 00 00 70 38 00 9d 01 2a 2c 01 62 00 3e 31 16 89 43 22 21 21 16 2c dc 7c 20 03 04 b3 b7 6e af 84 e7 e5 ad e6 5f 87 dc 36 1d a6 fd b9 fe f9 97 35 c6 3f cc 3f 26 7f b7 7c 15 fe 89 f8 5f d4 75 fd af f2 df 80 9f f1 4f ea bf f2 bf d7 fb bc ff 87 fe e5 d6 01 fd 27 fa af 5a d7 a0 07 ea 07 a6 77 eb 97 c4 2f eb e7 fc 0f ea be cd 1a ad 8c f3 fc 8f 87 be 56 7d 5f ed 7f 37 fe a2 f3 27 f9 5f de 9f d0 7e 65 72 c7 f1 cf 50 8f 62 ff a2 df fd 00 bf 58 bc 06 f5 7a 59 ec d6 7c ec bb bb 70 43 b1 5a 4a c8 64 90 21 23 34 91 99 79 73 35 49 57 76 42 28 8d 10 ce f0 ed 72 49 50 9d 51 a0 22 e6 4f c3 ca 5e 49 58 ec 89 c1 28 82 0e 3f 61 10 fd ea 9c 12 a4 9a 29 15 69 5c 75 ba d6 0e a1 06 52 e7 e8 5a 78 d8 52 5f 82 00 c5 12 75 0f 5a
                          Data Ascii: RIFFWEBPVP8 p8*,b>1C"!!,| n_65??&|_uO'Zw/V}_7'_~erPbXzY|pCZJd!#4ys5IWvB(rIPQ"O^IX(?a)i\uRZxR_uZ


                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          5192.168.2.44974513.32.27.1224436020C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampBytes transferredDirectionData
                          2024-07-04 23:00:43 UTC451OUTGET /res/hrscywv4p/image/upload/c_limit,fl_lossy,h_300,w_300,f_auto,q_auto/16631263/456324_931227.png HTTP/1.1
                          Host: custom-images.strikinglycdn.com
                          Connection: keep-alive
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          Accept: */*
                          Sec-Fetch-Site: none
                          Sec-Fetch-Mode: cors
                          Sec-Fetch-Dest: empty
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9
                          2024-07-04 23:00:43 UTC739INHTTP/1.1 200 OK
                          Content-Type: image/webp
                          Content-Length: 2532
                          Connection: close
                          Server: CloudFront
                          Date: Tue, 02 Jul 2024 23:00:40 GMT
                          Access-Control-Allow-Origin: *
                          x-amz-apigw-id: aTn33EsENjMEDWg=
                          X-Amzn-Trace-Id: Root=1-66848698-639b8a062eb208da00c473f7;Parent=52ce7359362a1e3c;Sampled=0;lineage=f935ec17:0
                          Via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront), 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
                          Cache-Control: max-age=31536000
                          x-amzn-RequestId: 194659a7-4a9f-4931-b9d6-02ee5d0bc351
                          X-Amz-Cf-Pop: FRA60-P2
                          X-Cache: Hit from cloudfront
                          X-Amz-Cf-Pop: FRA56-C2
                          Alt-Svc: h3=":443"; ma=86400
                          X-Amz-Cf-Id: xYL-kh1JqycQALo1oksXZ6gRQvD-Uxkj3A8i6DbWpF1ayBK7OiMWGw==
                          Age: 172803
                          2024-07-04 23:00:43 UTC2532INData Raw: 52 49 46 46 dc 09 00 00 57 45 42 50 56 50 38 20 d0 09 00 00 70 38 00 9d 01 2a 2c 01 62 00 3e 31 16 89 43 22 21 21 16 2c dc 7c 20 03 04 b3 b7 6e af 84 e7 e5 ad e6 5f 87 dc 36 1d a6 fd b9 fe f9 97 35 c6 3f cc 3f 26 7f b7 7c 15 fe 89 f8 5f d4 75 fd af f2 df 80 9f f1 4f ea bf f2 bf d7 fb bc ff 87 fe e5 d6 01 fd 27 fa af 5a d7 a0 07 ea 07 a6 77 eb 97 c4 2f eb e7 fc 0f ea be cd 1a ad 8c f3 fc 8f 87 be 56 7d 5f ed 7f 37 fe a2 f3 27 f9 5f de 9f d0 7e 65 72 c7 f1 cf 50 8f 62 ff a2 df fd 00 bf 58 bc 06 f5 7a 59 ec d6 7c ec bb bb 70 43 b1 5a 4a c8 64 90 21 23 34 91 99 79 73 35 49 57 76 42 28 8d 10 ce f0 ed 72 49 50 9d 51 a0 22 e6 4f c3 ca 5e 49 58 ec 89 c1 28 82 0e 3f 61 10 fd ea 9c 12 a4 9a 29 15 69 5c 75 ba d6 0e a1 06 52 e7 e8 5a 78 d8 52 5f 82 00 c5 12 75 0f 5a
                          Data Ascii: RIFFWEBPVP8 p8*,b>1C"!!,| n_65??&|_uO'Zw/V}_7'_~erPbXzY|pCZJd!#4ys5IWvB(rIPQ"O^IX(?a)i\uRZxR_uZ


                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          6192.168.2.44974618.239.69.604436020C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampBytes transferredDirectionData
                          2024-07-04 23:00:43 UTC383OUTGET /images/fb_images/default.png HTTP/1.1
                          Host: static-assets.strikinglycdn.com
                          Connection: keep-alive
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          Accept: */*
                          Sec-Fetch-Site: none
                          Sec-Fetch-Mode: cors
                          Sec-Fetch-Dest: empty
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9
                          2024-07-04 23:00:43 UTC737INHTTP/1.1 200 OK
                          Content-Type: image/png
                          Content-Length: 6992
                          Connection: close
                          Date: Wed, 13 Sep 2023 16:48:42 GMT
                          Last-Modified: Wed, 15 Jan 2020 07:52:01 GMT
                          ETag: "6a4ce874c3bcad1cf569cd7c3a6eea1a"
                          Cache-Control: max-age=315360000, public
                          Accept-Ranges: bytes
                          Server: AmazonS3
                          X-Cache: Hit from cloudfront
                          Via: 1.1 391671221007e4a70643cc0de549779c.cloudfront.net (CloudFront)
                          X-Amz-Cf-Pop: AMS58-P4
                          Alt-Svc: h3=":443"; ma=86400
                          X-Amz-Cf-Id: DaIfrqVOr31iYYaE2IMOlXqSSdaAWWIqUf2OT_xpAI8s3DY0UY7yCw==
                          Age: 25510322
                          X-XSS-Protection: 1; mode=block
                          X-Frame-Options: SAMEORIGIN
                          Referrer-Policy: strict-origin-when-cross-origin
                          X-Content-Type-Options: nosniff
                          Strict-Transport-Security: max-age=31536000
                          Vary: Origin
                          2024-07-04 23:00:43 UTC6992INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 04 b0 00 00 04 b0 04 03 00 00 00 19 0f ae fc 00 00 00 21 50 4c 54 45 9b 78 c7 ff ff ff b6 9c d6 cd bc e3 e5 dc f1 ab 8d d0 f0 eb f7 c4 ae de d8 ca e9 a1 80 cb f9 f8 fc e7 8e 94 a0 00 00 1a ea 49 44 41 54 78 da ed dd cb 73 1c c7 79 00 70 10 e4 12 00 4f 5c 62 b5 84 70 02 a8 d8 4e 74 22 4c 25 b6 73 02 12 3a 4a 72 02 64 45 76 f1 44 38 76 29 bc 01 b2 93 b2 73 02 fc 2c f9 04 da 2e 59 a5 93 60 45 25 fb bf 0c b9 78 ed cc f4 37 dd 83 27 89 fd fd 4e 24 80 ed dd 9d fe a6 5f 5f cf cc d4 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Data Ascii: PNGIHDR!PLTExIDATxsypO\bpNt"L%s:JrdEvD8v)s,.Y`E%x7'N$__


                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                          7192.168.2.44974818.164.68.714436020C:\Program Files\Google\Chrome\Application\chrome.exe
                          TimestampBytes transferredDirectionData
                          2024-07-04 23:00:44 UTC625OUTGET /detectIE-c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4.js HTTP/1.1
                          Host: static-assets.strikinglycdn.com
                          Connection: keep-alive
                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                          sec-ch-ua-mobile: ?0
                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                          sec-ch-ua-platform: "Windows"
                          Accept: */*
                          Sec-Fetch-Site: cross-site
                          Sec-Fetch-Mode: no-cors
                          Sec-Fetch-Dest: script
                          Referer: https://rules-pear-kft5d2.mystrikingly.com/
                          Accept-Encoding: gzip, deflate, br
                          Accept-Language: en-US,en;q=0.9
                          2024-07-04 23:00:45 UTC775INHTTP/1.1 200 OK
                          Content-Type: application/javascript; charset=utf-8
                          Content-Length: 1094
                          Connection: close
                          Date: Thu, 04 Jul 2024 23:00:46 GMT
                          Last-Modified: Tue, 26 Feb 2019 04:11:38 GMT
                          ETag: "1a1ccb664791dd666f6f567c685dcc6c"
                          Cache-Control: max-age=315360000, public
                          Content-Encoding: gzip
                          Accept-Ranges: bytes
                          Server: AmazonS3
                          X-Cache: Miss from cloudfront
                          Via: 1.1 e07eaca13d23fcce8009fc507befcefa.cloudfront.net (CloudFront)
                          X-Amz-Cf-Pop: LHR50-P4
                          Alt-Svc: h3=":443"; ma=86400
                          X-Amz-Cf-Id: vfw5TjJOvae68tibqR8x7q0R_1yyxktM6VvcVcz8amJ96xf0N4u91A==
                          X-XSS-Protection: 1; mode=block
                          X-Frame-Options: SAMEORIGIN
                          Referrer-Policy: strict-origin-when-cross-origin
                          X-Content-Type-Options: nosniff
                          Strict-Transport-Security: max-age=31536000
                          Vary: Origin
                          2024-07-04 23:00:45 UTC1094INData Raw: 1f 8b 08 00 00 00 00 00 00 03 95 55 dd 8f db 44 10 7f e7 af d8 5b 82 6b 23 db 49 ae f7 c1 d9 f1 9d 50 d5 87 4a ed 81 da 43 3c 54 e8 b4 b1 27 c9 ea 36 bb d6 ee e6 92 34 b2 84 10 02 24 84 78 a6 80 f8 6a 75 bc 20 5e a8 90 8a f8 6b b8 8f f6 bf 60 9c e4 12 1f 77 bd 8a 87 28 eb f1 cc 6f 7e 33 f3 9b f5 4a 67 20 53 cb 95 74 bd c9 f9 91 28 7c 38 64 9a a8 64 a5 19 0f b9 cc d4 30 ac 3d 70 9c c5 31 ec 0a d5 66 62 3f 55 b2 b3 a3 92 2b ed 21 37 fb 66 24 a2 6b e2 6f a1 9b e3 b8 97 01 6e 2d e3 bd b8 64 02 c9 c4 58 cd 0f b8 ec 8a 71 34 b1 3c 37 11 7d 5f 00 33 40 06 79 57 b3 0c c8 58 0d 34 69 6b 35 34 a0 89 55 e4 90 c3 90 d8 1e 37 c4 70 0b 24 d7 2a 07 2d c6 21 a1 3e 06 6a 79 4f 69 f8 e0 fe dd 88 f6 ac 45 b8 7a dd 0c f2 5c 69 1b 2e 33 85 a9 ea d7 7b 69 1d 64 30 30 75 a6 2d
                          Data Ascii: UD[k#IPJC<T'64$xju ^k`w(o~3Jg St(|8dd0=p1fb?U+!7f$kon-dXq4<7}_3@yWX4ik54U7p$*-!>jyOiEz\i.3{id00u-


                          Statistics

                          CPU Usage

                          Click to jump to process

                          Memory Usage

                          Click to jump to process

                          Behavior

                          Click to jump to process

                          System Behavior

                          General

                          Target ID:0
                          Start time:19:00:31
                          Start date:04/07/2024
                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                          Wow64 process (32bit):false
                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                          Imagebase:0x7ff76e190000
                          File size:3'242'272 bytes
                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low
                          Has exited:false

                          General

                          Target ID:2
                          Start time:19:00:35
                          Start date:04/07/2024
                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                          Wow64 process (32bit):false
                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 --field-trial-handle=2164,i,10644117303354091039,2518522412267785527,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                          Imagebase:0x7ff76e190000
                          File size:3'242'272 bytes
                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low
                          Has exited:false

                          General

                          Target ID:3
                          Start time:19:00:38
                          Start date:04/07/2024
                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                          Wow64 process (32bit):false
                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://rules-pear-kft5d2.mystrikingly.com/"
                          Imagebase:0x7ff76e190000
                          File size:3'242'272 bytes
                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                          Has elevated privileges:true
                          Has administrator privileges:true
                          Programmed in:C, C++ or other language
                          Reputation:low
                          Has exited:true

                          Disassembly

                          No disassembly