Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/

Overview

General Information

Sample URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/
Analysis ID:	1589273
Infos:

Detection

Score:	68
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

AI detected landing page (webpage, office document or email)

Form action URLs do not match main URL

HTML body contains low number of good links

Invalid T&C link found

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 5332 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 7084 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 --field-trial-handle=2520,i,14649947336694683425,5017290247439971393,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 6628 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/

Avira URL Cloud: detection malicious, Label: phishing

Antivirus detection for URL or domain

Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/styles/style.css	Avira URL Cloud: Label: phishing
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/doc.png	Avira URL Cloud: Label: phishing
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/meta-logo-grey.png	Avira URL Cloud: Label: phishing
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/styles/bootstrap.min.css	Avira URL Cloud: Label: phishing
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/save_img.png	Avira URL Cloud: Label: phishing
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/2FA.png	Avira URL Cloud: Label: phishing
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/no_avatar.png	Avira URL Cloud: Label: phishing
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/phone.png	Avira URL Cloud: Label: phishing
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/dir.png	Avira URL Cloud: Label: phishing
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ico.ico	Avira URL Cloud: Label: phishing
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/block_2.png	Avira URL Cloud: Label: phishing
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/star.png	Avira URL Cloud: Label: phishing
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/fb_round_logo.png	Avira URL Cloud: Label: phishing

Phishing

AI detected phishing page

Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/

Joe Sandbox AI: Score: 9 Reasons: The brand 'Meta' is well-known and is associated with the domain 'meta.com'., The URL 'page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com' does not match the legitimate domain 'meta.com'., The URL uses a subdomain structure that is common in phishing attempts, with multiple hyphenated words that are not typically associated with Meta's official domains., The domain 'amplifyapp.com' is a legitimate domain used by AWS Amplify, a cloud service provider, which can host various applications, but it is not directly associated with Meta., The presence of input fields requesting personal information such as 'Full Name', 'Personal Email', 'Business Email', 'Mobile phone number', and 'Facebook Page Name' is typical in phishing sites attempting to gather sensitive information. DOM: 1.1.pages.csv

AI detected landing page (webpage, office document or email)

Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/

Joe Sandbox AI: Page contains button: 'Appeal Submission Review' Source: '1.0.pages.csv'

Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Form action: https://facebook.com/ amplifyapp facebook
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Form action: https://facebook.com/ amplifyapp facebook
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Form action: https://facebook.com/ amplifyapp facebook

Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/

HTTP Parser: Number of links: 0

Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Privacy Policy
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Terms of use
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Privacy Policy
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Community Payment Terms
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Commercial terms
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Privacy Policy
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Terms of use
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Privacy Policy
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Community Payment Terms
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Commercial terms
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Privacy Policy
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Terms of use
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Privacy Policy
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Community Payment Terms
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: Invalid link: Commercial terms

Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/

HTTP Parser: <input type="password" .../> found

Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: No <meta name="author".. found
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: No <meta name="author".. found
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: No <meta name="author".. found

Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49776 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49865 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49990 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:50028 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /styles/bootstrap.min.css HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /styles/style.css HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/block_2.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/no_avatar.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/save_img.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v2/free/self/ HTTP/1.1Host: api.db-ip.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/doc.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/meta-logo-grey.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/fb_round_logo.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/2FA.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/phone.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/no_avatar.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/block_2.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v2/free/self/ HTTP/1.1Host: api.db-ip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/save_img.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/star.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/doc.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/dir.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/meta-logo-grey.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/2FA.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/fb_round_logo.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/phone.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/star.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ico.ico HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/dir.png HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ico.ico HTTP/1.1Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com
Source: global traffic	DNS traffic detected: DNS query: api.db-ip.com

Source: chromecache_77.3.dr, chromecache_58.3.dr, chromecache_54.3.dr, chromecache_64.3.dr	String found in binary or memory: http://www.gimp.org/xmp/
Source: chromecache_66.3.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
Source: chromecache_66.3.dr	String found in binary or memory: https://api.db-ip.com/v2/free/self/
Source: chromecache_66.3.dr	String found in binary or memory: https://api.emailjs.com/api/v1.0/email/send
Source: chromecache_78.3.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_78.3.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_66.3.dr	String found in binary or memory: https://popper.js.org)

Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49776 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49865 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49990 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:50028 version: TLS 1.2

Source: classification engine

Classification label: mal68.phis.win@16/47@10/7

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 --field-trial-handle=2520,i,14649947336694683425,5017290247439971393,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 --field-trial-handle=2520,i,14649947336694683425,5017290247439971393,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Browser Extensions	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	100%	Avira URL Cloud	phishing

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/styles/style.css	100%	Avira URL Cloud	phishing
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/doc.png	100%	Avira URL Cloud	phishing
https://api.emailjs.com/api/v1.0/email/send	0%	Avira URL Cloud	safe
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/meta-logo-grey.png	100%	Avira URL Cloud	phishing
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/styles/bootstrap.min.css	100%	Avira URL Cloud	phishing
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/save_img.png	100%	Avira URL Cloud	phishing
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/2FA.png	100%	Avira URL Cloud	phishing
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/no_avatar.png	100%	Avira URL Cloud	phishing
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/phone.png	100%	Avira URL Cloud	phishing
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/dir.png	100%	Avira URL Cloud	phishing
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ico.ico	100%	Avira URL Cloud	phishing
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/block_2.png	100%	Avira URL Cloud	phishing
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/star.png	100%	Avira URL Cloud	phishing
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/fb_round_logo.png	100%	Avira URL Cloud	phishing

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
api.db-ip.com	172.67.75.166	true	false		high
www.google.com	172.217.18.4	true	false		high
page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com	18.172.112.14	true	true		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/dir.png	true	Avira URL Cloud: phishing	unknown
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/no_avatar.png	true	Avira URL Cloud: phishing	unknown
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/doc.png	true	Avira URL Cloud: phishing	unknown
https://api.db-ip.com/v2/free/self/	false		high
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/2FA.png	true	Avira URL Cloud: phishing	unknown
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/meta-logo-grey.png	true	Avira URL Cloud: phishing	unknown
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/	true		unknown
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/phone.png	true	Avira URL Cloud: phishing	unknown
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/styles/bootstrap.min.css	true	Avira URL Cloud: phishing	unknown
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/styles/style.css	true	Avira URL Cloud: phishing	unknown
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/save_img.png	true	Avira URL Cloud: phishing	unknown
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ico.ico	true	Avira URL Cloud: phishing	unknown
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/star.png	true	Avira URL Cloud: phishing	unknown
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/block_2.png	true	Avira URL Cloud: phishing	unknown
https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/fb_round_logo.png	true	Avira URL Cloud: phishing	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://api.emailjs.com/api/v1.0/email/send	chromecache_66.3.dr	false	Avira URL Cloud: safe	unknown
https://github.com/twbs/bootstrap/blob/main/LICENSE)	chromecache_78.3.dr	false		high
http://www.gimp.org/xmp/	chromecache_77.3.dr, chromecache_58.3.dr, chromecache_54.3.dr, chromecache_64.3.dr	false		high
https://getbootstrap.com/)	chromecache_78.3.dr	false		high
https://popper.js.org)	chromecache_66.3.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
18.172.112.14	page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com	United States		3	MIT-GATEWAYSUS	true
172.217.18.4	www.google.com	United States		15169	GOOGLEUS	false
172.67.75.166	api.db-ip.com	United States		13335	CLOUDFLARENETUS	false
104.26.4.15	unknown	United States		13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false

Private

IP
192.168.2.4
192.168.2.6

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1589273
Start date and time:	2025-01-12 00:18:18 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 25s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal68.phis.win@16/47@10/7
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.99, 142.250.186.174, 108.177.15.84, 142.250.74.206, 142.250.184.206, 172.217.18.110, 142.250.186.74, 172.217.18.106, 172.217.16.202, 216.58.206.74, 142.250.184.234, 142.250.185.138, 142.250.185.202, 142.250.186.138, 142.250.184.202, 142.250.185.106, 142.250.185.170, 142.250.185.74, 172.217.16.138, 216.58.212.138, 142.250.186.42, 172.217.18.10, 142.250.181.234, 192.229.221.95, 142.250.186.78, 172.217.16.206, 142.250.184.238, 142.250.185.206, 199.232.210.172, 142.250.186.67, 216.58.206.78, 142.250.181.238, 13.107.246.45, 2.23.242.162, 52.149.20.212
Excluded domains from analysis (whitelisted): client.wns.windows.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, slscr.update.microsoft.com, ajax.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": true, "malicious_keywords": true, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": false, "brand_spoofing_attempt": false, "third_party_hosting": true }
URL: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com
URL: https://page-helpdesk-review-center.d21l3gt8ix4jpi... Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": "The provided JavaScript snippet appears to be a simple function to detect if the user is accessing the website from a mobile device. It uses a regular expression to check the user agent string and sets a boolean flag accordingly. This is a common and legitimate practice for websites to optimize their user experience based on the device type. The script does not exhibit any high-risk or malicious behaviors, and it is likely used for benign purposes such as responsive design or feature targeting." }
window.mobileCheck = function () { let check = false; (function (a) { if (/(android\|bb\d+\|meego).+mobile\|avantgo\|bada\/\|blackberry\|blazer\|compal\|elaine\|fennec\|hiptop\|iemobile\|ip(hone\|od)\|iris\|kindle\|lge \|maemo\|midp\|mmp\|mobile.+firefox\|netfront\|opera m(ob\|in)i\|palm( os)?\|phone\|p(ixi\|re)\/\|plucker\|pocket\|psp\|series(4\|6)0\|symbian\|treo\|up\.(browser\|link)\|vodafone\|wap\|windows ce\|xda\|xiino/i .test(a) \|\| /1207\|6310\|6590\|3gso\|4thp\|50[1-6]i\|770s\|802s\|a wa\|abac\|ac(er\|oo\|s\-)\|ai(ko\|rn)\|al(av\|ca\|co)\|amoi\|an(ex\|ny\|yw)\|aptu\|ar(ch\|go)\|as(te\|us)\|attw\|au(di\|\-m\|r \|s )\|avan\|be(ck\|ll\|nq)\|bi(lb\|rd)\|bl(ac\|az)\|br(e\|v)w\|bumb\|bw\-(n\|u)\|c55\/\|capi\|ccwa\|cdm\-\|cell\|chtm\|cldc\|cmd\-\|co(mp\|nd)\|craw\|da(it\|ll\|ng)\|dbte\|dc\-s\|devi\|dica\|dmob\|do(c\|p)o\|ds(12\|\-d)\|el(49\|ai)\|em(l2\|ul)\|er(ic\|k0)\|esl8\|ez([4-7]0\|os\|wa\|ze)\|fetc\|fly(\-\|_)\|g1 u\|g560\|gene\|gf\-5\|g\-mo\|go(\.w\|od)\|gr(ad\|un)\|haie\|hcit\|hd\-(m\|p\|t)\|hei\-\|hi(pt\|ta)\|hp( i\|ip)\|hs\-c\|ht(c(\-\| \|_\|a\|g\|p\|s\|t)\|tp)\|hu(aw\|tc)\|i\-(20\|go\|ma)\|i230\|iac( \|\-\|\/)\|ibro\|idea\|ig01\|ikom\|im1k\|inno\|ipaq\|iris\|ja(t\|v)a\|jbro\|jemu\|jigs\|kddi\|keji\|kgt( \|\/)\|klon\|kpt \|kwc\-\|kyo(c\|k)\|le(no\|xi)\|lg( g\|\/(k\|l\|u)\|50\|54\|\-[a-w])\|libw\|lynx\|m1\-w\|m3ga\|m50\/\|ma(te\|ui\|xo)\|mc(01\|21\|ca)\|m\-cr\|me(rc\|ri)\|mi(o8\|oa\|ts)\|mmef\|mo(01\|02\|bi\|de\|do\|t(\-\| \|o\|v)\|zz)\|mt(50\|p1\|v )\|mwbp\|mywa\|n10[0-2]\|n20[2-3]\|n30(0\|2)\|n50(0\|2\|5)\|n7(0(0\|1)\|10)\|ne((c\|m)\-\|on\|tf\|wf\|wg\|wt)\|nok(6\|i)\|nzph\|o2im\|op(ti\|wv)\|oran\|owg1\|p800\|pan(a\|d\|t)\|pdxg\|pg(13\|\-([1-8]\|c))\|phil\|pire\|pl(ay\|uc)\|pn\-2\|po(ck\|rt\|se)\|prox\|psio\|pt\-g\|qa\-a\|qc(07\|12\|21\|32\|60\|\-[2-7]\|i\-)\|qtek\|r380\|r600\|raks\|rim9\|ro(ve\|zo)\|s55\/\|sa(ge\|ma\|mm\|ms\|ny\|va)\|sc(01\|h\-\|oo\|p\-)\|sdk\/\|se(c(\-\|0\|1)\|47\|mc\|nd\|ri)\|sgh\-\|shar\|sie(\-\|m)\|sk\-0\|sl(45\|id)\|sm(al\|ar\|b3\|it\|t5)\|so(ft\|ny)\|sp(01\|h\-\|v\-\|v )\|sy(01\|mb)\|t2(18\|50)\|t6(00\|10\|18)\|ta(gt\|lk)\|tcl\-\|tdg\-\|tel(i\|m)\|tim\-\|t\-mo\|to(pl\|sh)\|ts(70\|m\-\|m3\|m5)\|tx\-9\|up(\.b\|g1\|si)\|utst\|v400\|v750\|veri\|vi(rg\|te)\|vk(40\|5[0-3]\|\-v)\|vm40\|voda\|vulc\|vx(52\|53\|60\|61\|70\|80\|81\|83\|85\|98)\|w3c(\-\| )\|webc\|whit\|wi(g \|nc\|nw)\|wmlb\|wonu\|x700\|yas\-\|your\|zeto\|zte\-/i .test(a.substr(0, 4))) check = true; })(navigator.userAgent \|\| navigator.vendor \|\| window.opera); return check; };
URL: https://page-helpdesk-review-center.d21l3gt8ix4jpi... Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": "The provided JavaScript snippet appears to be a legitimate implementation of the Bootstrap library, which is a popular front-end framework for building responsive and mobile-first websites. The code does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or redirects to malicious domains. The code is primarily focused on providing utility functions for DOM manipulation and event handling, which are common practices in web development. Additionally, the code does not exhibit any suspicious behavior or inconsistencies that would raise concerns about its intent. Therefore, this script is considered to be of low risk." }
! function (t, e) { "object" == typeof exports && "undefined" != typeof module ? module.exports = e() : "function" == typeof define && define.amd ? define(e) : (t = "undefined" != typeof globalThis ? globalThis : t \|\| self).bootstrap = e() }(this, (function () { "use strict"; const t = { find: (t, e = document.documentElement) => [].concat(...Element.prototype.querySelectorAll.call(e, t)), findOne: (t, e = document.documentElement) => Element.prototype.querySelector.call(e, t), children: (t, e) => [].concat(...t.children).filter(t => t.matches(e)), parents(t, e) { const i = []; let n = t.parentNode; for (; n && n.nodeType === Node.ELEMENT_NODE && 3 !== n.nodeType;) n.matches(e) && i.push(n), n = n.parentNode; return i }, prev(t, e) { let i = t.previousElementSibling; for (; i;) { if (i.matches(e)) return [i]; i = i.previousElementSibling } return [] }, next(t, e) { let i = t.nextElementSibling; for (; i;) { if (i.matches(e)) return [i]; i = i.nextElementSibling } return [] } }, e = t => { do { t += Math.floor(1e6 * Math.random()) } while (document.getElementById(t)); return t }, i = t => { let e = t.getAttribute("data-bs-target"); if (!e \|\| "#" === e) { let i = t.getAttribute("href"); if (!i \|\| !i.includes("#") && !i.startsWith(".")) return null; i.includes("#") && !i.startsWith("#") && (i = "#" + i.split("#")[1]), e = i && "#" !== i ? i.trim() : null } return e }, n = t => { const e = i(t); return e && document.querySelector(e) ? e : null }, s = t => { const e = i(t); return e ? document.querySelector(e) : null }, o = t => { t.dispatchEvent(new Event("transitionend")) }, r = t => !(!t \|\| "object" != typeof t) && (void 0 !== t.jquery && (t = t[0]), void 0 !== t.nodeType), a = e => r(e) ? e.jquery ? e[0] : e : "string" == typeof e && e.length > 0 ? t.findOne(e) : null, l = (t, e, i) => { Object.keys(i).forEach(n => { const s = i[n], o = e[n], a = o && r(o) ? "element" : null == (l = o) ? "" + l : {}.toString.call(l).match(/\s([a-z]+)/i)[1].toLowerCase(); var l; if (!new RegExp(s).test(a)) throw new TypeError(`${t.toUpperCase()}: Option "${n}" provided type "${a}" but expected type "${s}".`) }) }, c = t => !(!r(t) \|\| 0 === t.getClientRects().length) && "visible" === getComputedStyle(t).getPropertyValue("visibility"), h = t => !t \|\| t.nodeType !== Node.ELEMENT_NODE \|\| !!t.classList.contains("disabled") \|\| (void 0 !== t.disabled ? t.disabled : t.hasAttribute("disabled") && "false" !== t.getAttribute("disabled")), d = t => { if (!document.documentElement.attachShadow) return null; if ("function" == typeof t.getRootNode) { const e = t.getRootNode(); retur
URL: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Your Page Has Encountered a Policy Issue", "prominent_button_name": "Appeal Submission Review", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Model: Joe Sandbox AI	{ "brands": [ "Meta" ] }
	{ "brands": [ "Meta" ] }
URL: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Please indicate why you believe that account restrictions were imposed by mistake.", "prominent_button_name": "Review", "text_input_field_labels": [ "Full Name", "Personal Email", "Business Email", "Mobile phone number", "Facebook Page Name" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Model: Joe Sandbox AI	{ "brands": [ "Meta" ] }
	{ "brands": [ "Meta" ] }
URL: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Model: Joe Sandbox AI	```json{ "legit_domain": "meta.com", "classification": "wellknown", "reasons": [ "The brand 'Meta' is well-known and is associated with the domain 'meta.com'.", "The URL 'page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com' does not match the legitimate domain 'meta.com'.", "The URL uses a subdomain structure that is common in phishing attempts, with multiple hyphenated words that are not typically associated with Meta's official domains.", "The domain 'amplifyapp.com' is a legitimate domain used by AWS Amplify, a cloud service provider, which can host various applications, but it is not directly associated with Meta.", "The presence of input fields requesting personal information such as 'Full Name', 'Personal Email', 'Business Email', 'Mobile phone number', and 'Facebook Page Name' is typical in phishing sites attempting to gather sensitive information." ], "riskscore": 9} Google indexed: False
URL: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Brands: Meta Input Fields: Full Name, Personal Email, Business Email, Mobile phone number, Facebook Page Name

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 50

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	5723
Entropy (8bit):	7.950822106896149
Encrypted:	false
SSDEEP:	96:upH/omZ4SOy3uxD+WxV6jD9/zIvNVCvEknBgSjERtW82iAsuFQAIFbISS2V0wZ:upHRZ3qKvZzMGvBg5RuaAIFc5ohZ
MD5:	95382A6DAB40D5911185A921C53E6F6B
SHA1:	4229CB577571111D747021988AAC9DD6CD50634F
SHA-256:	E341D9055288DFCD7DD5FACAB6C915F6B7BCFFBF80F8B48468C7275B8CADA069
SHA-512:	58DFD1656F931BF14044A8D4D790CCD3369A33D42AEA35774BF4B0F2242173795C86FDE3280D74849BE492BBC50D4515F3F3985F93766559544DA37E9988BC03
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...<...<.....:..r..."IDATx^.k..Wy...Zk.}..s.a....x<.B....L..j......$%U?D.zQ....$m...$R...hU.(..`..-.4$.[..M......./..9g......Gk..B...%.y.....{....y.=2...S.~..D@"H...F..ZzD"...e...%.....D...Z.8F......K...-...^(..B....+.B..<.f\|...;..PE....G.Dt..H..0...........l.!......~....6.'..%....P..".~.{......=....b.P......hA.. i................U$,#.JK$.\c.o.O..u-.\)H.h...R...A.6.kVh....QUP.\l..^.......V&...(.q.........q....7.Aq3.`p...........&....`......\.........(.Y..!.`GvO.c...".=..4."Z.."._...~.".P..../..xv.>p........L....hq.bB../M.DZ@....feb~/(".A..........G.IsAJ...B.j@0).1w0Z..m....u.......w..........<.>P...n...v.q...8t....^r\..M.....^..i.\|_.n.....X..P;.d...ph..............C?.N..y...>r0..y.A.O......4.....$YpU%P.E..>.........;h.i....X.X...z.N._.%\{..s.-..\....~=..T..=Ok.]3\%.Q3....}....T.I{.R..@..~.D.t..k?FV....'"...........r..."5.%...\p...Z....G9.......{.J....R..J.?..{_B.cn>.A"..&..\|... X:STLU.......Se'(..V..BB....Et...f\|/..RT+..!...A...

Chrome Cache Entry: 51

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	5071
Entropy (8bit):	7.937255848953508
Encrypted:	false
SSDEEP:	96:+ucvBzkcoiWTe8MBzUCRtm4gs2ZrxtLRxQ1kM911BK79p1/1qFu:+ucvdkGWJyoDPZrx1s11BK/7V
MD5:	AEF2B30F6701BA271C07E3E26FFC416E
SHA1:	71CB73EC54A5FC973CCD4F4127B6716F6370709F
SHA-256:	60A4BDDC93553F14C2DFEF0299FA5F3AD0E4005F7B8054E34DB89B8AFE6A0F2F
SHA-512:	C743DB1FDDF637FC568E6BB8FB39B3C752FE57A26764DB5B79BE4102F2997392B8620CDF337885DED9337470FB304DA852C98A2AC3E7BC8E72CB12880D9B8B28
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...x...x.............gAMA......a.....sRGB.........PLTE.h..i..i..j..b..`..X..Z..]..V..f..T..R..d..l.....{..u.....p......................h....................................................................P..j...I....M..D......................b..i..\..x.....r....t..n..R..O............@..E..;..7......R..3....Q..R..S..U..W..X..V..Y..P..<NW8<>?Wb577Gx.M..K..0..&..(..*..,..H.....Cco...,..K......................3.,/..............,.....hx.m}._r.]p.[o.Ym.Vk.Si.cu.z........=X~Pg....u..............:BE!.......8..fD+..........h.j....uP..N....w..Y&..I)....k.m.s..lL4.o.z.k.cCEo.T4.~X:..c.\|.............Cb{Ld.]:#532...O../'%5NR.,1k...k.ku...9N.f{i~u[qm#n...l.Xl4cl6s....Yjctl2ak%\k/W[4gq5my..k.kJ...l,_j3..1\b.FT...n...Naivl...b.{.M].J_............}......$_.....tRNS...)Y....eIDATx......@..@~.I...u...8.q..y......;...q.k{$2.c...`eF.\|..P..V..r....\|.b...w.t.)..a.2.3..J...q.qI....}...N.Fq.$....<..,N.(...,..,).....S^....

Chrome Cache Entry: 52

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	120
Entropy (8bit):	5.086401091923359
Encrypted:	false
SSDEEP:	3:xPVcCnlI/iuSRKhfiuLWEQekBthB+kfCGDNR+uZYn:xPxlhPRq9eGKFT+uZYn
MD5:	7937D20428CCBA26B5A071185B22E17F
SHA1:	5117000B5E31F4BBB73F8DA629E9B3AF88715AF4
SHA-256:	2086D1581AE86AFE2C67269640265417B8DF613A9CAA622FC4C649803A1A20B2
SHA-512:	ED2AC120430430F43CA93FFFB115AFF8CBD88E6A47AFC983381DAED7701BCF54368BED7E7920CA4628B605E693401603CBFC70E958D66B9F8FE12EFA2E3BC203
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzQSMwkDCPzYfWjmmhIFDR1W4RcSBQ3WBO6xEgUNZ8dkmRIFDez-GpQSBQ2q6czqEgUNGLGuSBIQCfb69ivDVr8dEgUN4TC68hIQCe3RaCk8uHylEgUNcyTUaBIQCSGP-jJvou8VEgUNkWGVTg==?alt=proto
Preview:	CjYKBw0dVuEXGgAKBw3WBO6xGgAKBw1nx2SZGgAKBw3s/hqUGgAKBw2q6czqGgAKBw0Ysa5IGgAKCQoHDeEwuvIaAAoJCgcNcyTUaBoACgkKBw2RYZVOGgA=

Chrome Cache Entry: 53

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	6043
Entropy (8bit):	7.939355751318444
Encrypted:	false
SSDEEP:	96:s7xaydiMkBvGfzBKIFuC/bG6UAlQloqPZ6UtCjcphNixjT0vtK9E0NJGNKIX3D7b:s7xxr3oFloqPHtCQViV0vMVUj3D71rrx
MD5:	D5D30F28CA92743610C956684A424B7E
SHA1:	FD4A7207B724254D981A4ED4C7F675FD87868535
SHA-256:	4B842E25C6BE485FD7F06B745AC91DB2B6E9EEE778C5442B157BE78D51F83563
SHA-512:	7D0A522805B0A34B33F48791BBBFDFC361B9D91EE9D5843D67E8E1A774F9D8DAD42C7D0EFA429738A0680FCB8D71DACC4B47E22F1DAA8CE718DBF36E6DB35328
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............\r.f....bKGD.............PIDATx...p].u......h.R..2.P.P6C.`7,!m&.N..N.L.M.M'@gZ....().4...b.e.Z,..Y..la..nU(.XR...f3...H...zzz....wf~c..z..s....s.X.A.........y..3...q......i....'..a..-[...'..?...].u..<...6l........a.)...O.c..~......H..G..n.w.w.6.........../...<.'. .8...l{.....m....<_^....../...:.'. id..'..o6...r......S..w..O...._..d9.D.x1D..{..........$.........e..bo.>.....K>^$].. ......N.],v....xP\..!.{..m6'..{.g._'r.s....s...H..}..u......7".Y.[V;qD..;...J..%_.x.2..d\|...8c.. ....,.qU.$6Qy.....;-W`.X.dRo?9..e`.8Y`....*J...Kl.).....d.6n.x...d..z....Quh.C.Y,....JT..8!.6.O.#@....'.{..].y...D]l.E.6.].#r.`....D4....."..yl...xEDD}...b....H...-..tvv...}.x...4]..........!...p.m..9....[.}....w.z.(.b.s...0d...r..5.............x...K&.z0Zp.>..Xn.....?#1i.c.7..%..3I\..:...1.}..O.y.....3.a..........-...Ch....\|(...._..\.#.?......8.9.7....V...............A+@.S.q.[...~G.`T}.g..&.n#......?...x.."e~.Q].@v.v/..[..!A.y[

Chrome Cache Entry: 54

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 900 x 240, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	105511
Entropy (8bit):	7.947376852451873
Encrypted:	false
SSDEEP:	1536:VudXKa4pprle5L3Ve48HXzXl4F4fTy9AeC9hhxVK0cYUFLWyMjmy/Yu:/xe5UHDaCTy9bmPJURWBjma
MD5:	FFBA640622DD859D554EE43A03D53769
SHA1:	C91A100DB7BFC04DF9A5F3223D5B6F17536BF5EE
SHA-256:	139D38D0FBFED2FD9F2B782AF9B3EB08005B9BC75FAAA31FE29720CC64BCAB0F
SHA-512:	70C7C4DF14A22E00A0CAF1DAF001E608454604FA0B4C13583EFAC7A8CAFF6C726D62C024F9E0626760B524F7D08184E4E30CF4A49BE505ACB1F9D29CFCE35993
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............X..q....zTXtRaw profile type exif..x..i......c.^..a9..pN....wAJ....].L%I.....w@.;......#._]...Q..G.q...c....{~..}.~....~..tH..P?......~......~.~.b........%iFzo..w..?_....,_Go.\.:.W.....uz...i.....Y.:).B.<...@.ori.E........c.' ......`k../..%+?........=[9~.I....\|...](.}.~^?.r..}....v.....}..k..5...+...E.X.{.q.K...1.....!....t.zS.._..0B$]7.`a...{.a3......cz.vr7.&.!e...[..R'...=..s..]v....:W...10XxE.7...=.^..../.....l......H......?.?..D.......v}.X%....Kt.....B...L.K.&... k!.P.o1...d'A...."...hL2...Q.....D>v\|....B.5r3.$Y9...N..J....J/..j....@q..k...Zo..z...z...G.4...>..kNF..=9`..WZy...j....\|v.e..v.cO.....j...'.J..SN=..3...M..[n...;....oZ...7...Y./S:.......c. 8)......2...:g....2........dQ.,(cd0....?r..'....+o.._.....sJ......WY3..~..t.........8..d.,=..l...c.7s......G<...4....W_a.[W...\|...U@.+.Uz.5.i...2+...S....[...2.2...gX[..P.NX......l..b....M.....~.f#.....jy... yl./.....l..,.3........G:..H.G..x....v...4

Chrome Cache Entry: 55

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	5071
Entropy (8bit):	7.937255848953508
Encrypted:	false
SSDEEP:	96:+ucvBzkcoiWTe8MBzUCRtm4gs2ZrxtLRxQ1kM911BK79p1/1qFu:+ucvdkGWJyoDPZrx1s11BK/7V
MD5:	AEF2B30F6701BA271C07E3E26FFC416E
SHA1:	71CB73EC54A5FC973CCD4F4127B6716F6370709F
SHA-256:	60A4BDDC93553F14C2DFEF0299FA5F3AD0E4005F7B8054E34DB89B8AFE6A0F2F
SHA-512:	C743DB1FDDF637FC568E6BB8FB39B3C752FE57A26764DB5B79BE4102F2997392B8620CDF337885DED9337470FB304DA852C98A2AC3E7BC8E72CB12880D9B8B28
Malicious:	false
Reputation:	low
URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/dir.png
Preview:	.PNG........IHDR...x...x.............gAMA......a.....sRGB.........PLTE.h..i..i..j..b..`..X..Z..]..V..f..T..R..d..l.....{..u.....p......................h....................................................................P..j...I....M..D......................b..i..\..x.....r....t..n..R..O............@..E..;..7......R..3....Q..R..S..U..W..X..V..Y..P..<NW8<>?Wb577Gx.M..K..0..&..(..*..,..H.....Cco...,..K......................3.,/..............,.....hx.m}._r.]p.[o.Ym.Vk.Si.cu.z........=X~Pg....u..............:BE!.......8..fD+..........h.j....uP..N....w..Y&..I)....k.m.s..lL4.o.z.k.cCEo.T4.~X:..c.\|.............Cb{Ld.]:#532...O../'%5NR.,1k...k.ku...9N.f{i~u[qm#n...l.Xl4cl6s....Yjctl2ak%\k/W[4gq5my..k.kJ...l,_j3..1\b.FT...n...Naivl...b.{.M].J_............}......$_.....tRNS...)Y....eIDATx......@..@~.I...u...8.q..y......;...q.k{$2.c...`eF.\|..P..V..r....\|.b...w.t.)..a.2.3..J...q.qI....}...N.Fq.$....<..,N.(...,..,).....S^....

Chrome Cache Entry: 56

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	5723
Entropy (8bit):	7.950822106896149
Encrypted:	false
SSDEEP:	96:upH/omZ4SOy3uxD+WxV6jD9/zIvNVCvEknBgSjERtW82iAsuFQAIFbISS2V0wZ:upHRZ3qKvZzMGvBg5RuaAIFc5ohZ
MD5:	95382A6DAB40D5911185A921C53E6F6B
SHA1:	4229CB577571111D747021988AAC9DD6CD50634F
SHA-256:	E341D9055288DFCD7DD5FACAB6C915F6B7BCFFBF80F8B48468C7275B8CADA069
SHA-512:	58DFD1656F931BF14044A8D4D790CCD3369A33D42AEA35774BF4B0F2242173795C86FDE3280D74849BE492BBC50D4515F3F3985F93766559544DA37E9988BC03
Malicious:	false
Reputation:	low
URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/doc.png
Preview:	.PNG........IHDR...<...<.....:..r..."IDATx^.k..Wy...Zk.}..s.a....x<.B....L..j......$%U?D.zQ....$m...$R...hU.(..`..-.4$.[..M......./..9g......Gk..B...%.y.....{....y.=2...S.~..D@"H...F..ZzD"...e...%.....D...Z.8F......K...-...^(..B....+.B..<.f\|...;..PE....G.Dt..H..0...........l.!......~....6.'..%....P..".~.{......=....b.P......hA.. i................U$,#.JK$.\c.o.O..u-.\)H.h...R...A.6.kVh....QUP.\l..^.......V&...(.q.........q....7.Aq3.`p...........&....`......\.........(.Y..!.`GvO.c...".=..4."Z.."._...~.".P..../..xv.>p........L....hq.bB../M.DZ@....feb~/(".A..........G.IsAJ...B.j@0).1w0Z..m....u.......w..........<.>P...n...v.q...8t....^r\..M.....^..i.\|_.n.....X..P;.d...ph..............C?.N..y...>r0..y.A.O......4.....$YpU%P.E..>.........;h.i....X.X...z.N._.%\{..s.-..\....~=..T..=Ok.]3\%.Q3....}....T.I{.R..@..~.D.t..k?FV....'"...........r..."5.%...\p...Z....G9.......{.J....R..J.?..{_B.cn>.A"..&..\|... X:STLU.......Se'(..V..BB....Et...f\|/..RT+..!...A...

Chrome Cache Entry: 57

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	241
Entropy (8bit):	4.470938014448116
Encrypted:	false
SSDEEP:	6:fn/uX32J+QmFYWQd8+r7zsJD/+J2VaNOGRnaxB0AGRnahUukeRJAuCYn:fn/uWJBmcd7Pz8D/E6aNOPTdOuCY
MD5:	713102BC349B2634B1FA6F7AE1CFA68C
SHA1:	80FEFB81B07B2CDC2119D49517C3B1046EF511AD
SHA-256:	961EA3AB28177239F384053736E27C6069786F95135448100BDE864FD3EEF138
SHA-512:	886AAB445B91CEBBD3C374EC713DC5A5316774DF5BF9A14F7F327587876101EBE48E3A6BFC960EF3FBCEF22852BDF31538B511A4393A595A5D6C1ED7AFBFF473
Malicious:	false
Reputation:	low
Preview:	{. "ipAddress": "8.46.123.189",. "continentCode": "NA",. "continentName": "North America",. "countryCode": "US",. "countryName": "United States",. "stateProvCode": "NY",. "stateProv": "New York",. "city": "New York".}

Chrome Cache Entry: 58

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 100 x 101, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	18787
Entropy (8bit):	7.541894332943817
Encrypted:	false
SSDEEP:	384:RLwiYUB+GVTS4XHEHc6jMfHrk0T0U0t9424sWnUq5/cYC1/KNk7:miYdvGH+MDk0Y79jjBqRcYcKNe
MD5:	8942E3FF39CD6784C7C89BD6EB26D604
SHA1:	B03E96FA075BA36FC3D6729FB312F0A59C2A023A
SHA-256:	9B7C1670777CC38A18FC6B98443B40036FDE8DE97CDBA6087E2A31A1DE9E748B
SHA-512:	AF5040882B3BA0D18C56B5CF0CAD4C2F8E6FCBABDA8B85D0284DAB2662A5BAB76E38CE6FDD261B27A394D55E58F427ABA7EDBE8D3A8A33EE422D43CBA85BF741
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...d...e.......F...$.zTXtRaw profile type exif..x..k..7.d.s........<gv0...lIn..d.J.Y.H..D......{......\Z..V.<.o..................7"/%...?{........>_&.........7..c.i....4#}...._...y#\|.0..RFo._.....l.......i......sR..B........$.&oD..)..K....)\|....>}.5...T..~............Z9~}$......?\|......s....w.....3..v_..=..5...+[]...m).;>.x...U..S.........../~.0B.\7.p..7....f.9...ob.K/.........pc.'u,...s.....c...=.....h..&w......{..!....-.W..l.!..o>.E.....6.........Bd...3..7$H.....~b0..5.[......`..J....[.ld.@..Gbfa.PJ<L2...Q..GZx..%..u..K.TS.6D....?-w\|h.Tr)..Vz.e.Ts-..V.....]+...z.m..s/...{.}.8..YF.m.1.<s2..'..s.V^....k..q..w.u........q.i..q...,[.j....W...\|...~..........j..j.YJ.l...}.".N.l......7.......!.(..f..N.D&Yd..d1,.-.r.7....,.?......?.......~...Y.(..g.O.jS}".x...}.....i..dc...T...v....i./.Tl.F.1W....3........6.S.....+a .\.+.U.V.7..w.....<..i[tq.}s....}..d_.b..6I...lb..gmg-.8,.....I.o..~~....Yg.'..\| .....j......

Chrome Cache Entry: 59

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 541 x 252, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	114767
Entropy (8bit):	7.9936922187201365
Encrypted:	true
SSDEEP:	3072:SOEFifYmNYKElSiLVN6MOzKqJdnJYJe4kiUh6sq:SIZYKEzmXZdJ8eYx
MD5:	03D39D5D071182ABA1B01BA2E859DE39
SHA1:	7BA8F968B03E92FD59A6C4F6CE5C8AA36A5D2B92
SHA-256:	A7FD65363687E512751D88F7850B61969427E8D3AA9A177946BCD4BC280B71AD
SHA-512:	5BF4D0B9FF650FF11C8FF69C409C45FBFD31BC3F8C4B55F665BEA8E11A42C412B9EA25B9974908AB9B670A22E80A445692A26B98535B84CB49299C37C22E16E6
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................iCCPICC profile..(.}.=H.@.._S."..3Hq.P.Z..q...B..Zu0....4$)...k........... ......"%..).......=...B..t.g....J'.R6..^.F."b.(.6.d9...u.._..<...c@....H.......M..O,.......,. .#.U..8.[,.L...Eb...j.....O.G5.\|!..y..^...=...yce..4G..". C.....A.V...i.O..#-.L..\e0r,...J..........^R8......(....u..>v....\|.......f>I.w...0..\\w4u......L.RZR..P(..g.M9`..._.zk.....PW......+R.....{..L.....r. @......bKGD..............pHYs.................tIME.....-.Pc.0....tEXtComment.Created with GIMPW..... .IDATx..i.%.q%x<"2........@...8ZF....Lw.....}k.....nY.%.".. .@.....w.....dd......y.b.n.F...?~....Y".....$ ........v.....0...A......,``!X..C.....,YH.Xr.[.d8......2..,.."....`,....f... ....w.&v.....!".../.]_.-.!...!....p.q..1..i.~...vSr.s.....f.7..j...). ......}....>....1....Wb...{......A3.7.`g>O.5..x\|...7.z..~..+.k.w._............k$..x.pN..ul.W3....[3......@.\...o...:\|...p.a}Mm....G.Z..u.x6.v.....;._#.?..=k-..H.8....,C..^..]t...A.`.Zc.{...;.C

Chrome Cache Entry: 60

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	42676
Entropy (8bit):	7.751709220078662
Encrypted:	false
SSDEEP:	768:QJ6R1m5mLWd4WdvyQqjv9YRNt2ZDmzqSqBoruj6f3drrFpY85JW81Cl1xB+aArel:QJ41emLWxdv7C8Nt2UzqSuu46v9rvY8I
MD5:	81BB5CF1E451109CF0B1868B2152914B
SHA1:	B70017639AFC079394BE1EA8625F7C4BEB44D617
SHA-256:	676C83478E410D324FE56ACA428D3305505732C648667B22E15C8222117C75E6
SHA-512:	1782966B78F57CC91392F3FF03F05D37E0A5FD8B04B0997B2EF708D13C162EA4AAD607E7705A36E0539D6A6B60337432EF271BFF062F7170018B42C9B8B81DE6
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............!......iCCPICC profile..(.}.=H.P..OS."..;..f.N.DE...B..Z.U.....M....G.....b...YW.WA...quqRt...K.-b\|py..s..>@...f....n..D\.dW..+....,cV...]_..............H<...&^'.......V.U.s....$~............q.X,....hj...QU.)_.x.r....'.a8.//q.j..,`..D(.`.%...b!E.q......k....(C.......l........./..1..v.z.q....~....+../..O.M-z..l...MM...w..'C6eW.R..<.~F..zo..Uon.s.>.i.U..88...........{.1...vr.+.......bKGD..............pHYs.................tIME.....;)P..w.. .IDATx...y..u}...u..s..+;.....a........,.Vp.E....^.U..z[.V....Z{....jk.V..E..k........Ir..........e.....&.H.oN.\.>....I.$I.$I.$I.$I...@.$..4+b`.N.?#@}...p....<.Y.-n........5..;.^....]I...,.$IR.J.".j@..l.P.Lq.....x..l...u.....U:??]F-.,..-.<vV..t...V.....x...&.......;.1...JY.m.\|....Lt~..]<O.$.Y'I.....$I.3.*.......b`)e.4......jA.......W:.FDY2U:?...uN.,..~....&.......y..y....B....w~........$Is..K.$.N1...DZLY0-..`Z.....QK.U..'....e.5..{.2/Z...d.yzjk;.....[..(...vz.AY.5;.V...I....

Chrome Cache Entry: 61

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
Category:	downloaded
Size (bytes):	10915
Entropy (8bit):	7.925042204900063
Encrypted:	false
SSDEEP:	192:/33wP2qLgpesNb72RA3r8JaVTiYFxavnsKYYqGleUTsBTygBIvTnYi:/33u2qse2PkAANjPsFYqGlqBavbYi
MD5:	38F289209522FD198C50C25BEC5DB163
SHA1:	6A0ABFB0B43C210D8D0F3444666EDEDF273D6402
SHA-256:	EA5DAF60FF6EA5BA19C4627223BBF9A14A84162228D306D854F35C3C67A01F9F
SHA-512:	69A61AB99652DD06161BF55253B39EBE6FAAEEB003065672810960588D21A51DFB0D8DC23EDEA11A3715D68A3E4E720E6B5AA5DFF5EEDA6A4744D0322D85C589
Malicious:	false
Reputation:	low
URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ico.ico
Preview:	............ .........PNG........IHDR.............\r.f....orNT..w...GIDATx...\|Te....L2."...~...~n_..kY...m..H..."5`YTTzOB..[.E`....T...7..$....sgPY!..d.9...s'...{...}......]R$."E.N).vH.m+...}....F\|...v...]~.......L...J.........j....H?.....1........3g..G_....A&.#.....y.9+...<._..s...8...a....t.....\|.I@Wl.xvHC.V..1]........J....%..X...N...]5..M........V...+..g.0.L<N_......Je.88B+r.../.,.?k.W\....k..z@,..#.Rp...u.....\..k..\|.......p}.6...B......#h.......3.yE.....@.......fR.q..d.a.0..^.n.s.sW.`.W.."..=.a....84.I(.;.y\|m....H.........=..\@........Ip..e....L.....(c......@..>@.\_.c.#....7..~ .\|..BP.m..>...cu...*.kf..Q.46..5Ew.d......A..............".....6.lp=. 2k..g.......f....]l...............V....$sY8A1XOc.1.:c.[....@WO.{. 9:?..1.$@.....{hc/.3.-(...3.}.Bc{...nK....K-...d.X"t......Kv[......e....(.l..T.8..Z.......r.[...#...nB..W.....$EPqu..5...^...S(.#..B.8....x.Fp3.......p...n!$....F.Z.Q@[.h/1.l..(._..... .UR..2.xn...&.&.]....8....Q4..J.dlv....

Chrome Cache Entry: 62

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	241
Entropy (8bit):	4.470938014448116
Encrypted:	false
SSDEEP:	6:fn/uX32J+QmFYWQd8+r7zsJD/+J2VaNOGRnaxB0AGRnahUukeRJAuCYn:fn/uWJBmcd7Pz8D/E6aNOPTdOuCY
MD5:	713102BC349B2634B1FA6F7AE1CFA68C
SHA1:	80FEFB81B07B2CDC2119D49517C3B1046EF511AD
SHA-256:	961EA3AB28177239F384053736E27C6069786F95135448100BDE864FD3EEF138
SHA-512:	886AAB445B91CEBBD3C374EC713DC5A5316774DF5BF9A14F7F327587876101EBE48E3A6BFC960EF3FBCEF22852BDF31538B511A4393A595A5D6C1ED7AFBFF473
Malicious:	false
Reputation:	low
URL:	https://api.db-ip.com/v2/free/self/
Preview:	{. "ipAddress": "8.46.123.189",. "continentCode": "NA",. "continentName": "North America",. "countryCode": "US",. "countryName": "United States",. "stateProvCode": "NY",. "stateProv": "New York",. "city": "New York".}

Chrome Cache Entry: 63

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65447)
Category:	downloaded
Size (bytes):	87533
Entropy (8bit):	5.262536918435756
Encrypted:	false
SSDEEP:	1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr
MD5:	2C872DBE60F4BA70FB85356113D8B35E
SHA1:	EE48592D1FFF952FCF06CE0B666ED4785493AFDC
SHA-256:	FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
SHA-512:	BF6089ED4698CB8270A8B0C8AD9508FF886A7A842278E98064D5C1790CA3A36D5D69D9F047EF196882554FC104DA2C88EB5395F1EE8CF0F3F6FF8869408350FE
Malicious:	false
Reputation:	low
URL:	https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
Preview:	/! jQuery v3.7.1 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

Chrome Cache Entry: 64

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 900 x 240, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	105511
Entropy (8bit):	7.947376852451873
Encrypted:	false
SSDEEP:	1536:VudXKa4pprle5L3Ve48HXzXl4F4fTy9AeC9hhxVK0cYUFLWyMjmy/Yu:/xe5UHDaCTy9bmPJURWBjma
MD5:	FFBA640622DD859D554EE43A03D53769
SHA1:	C91A100DB7BFC04DF9A5F3223D5B6F17536BF5EE
SHA-256:	139D38D0FBFED2FD9F2B782AF9B3EB08005B9BC75FAAA31FE29720CC64BCAB0F
SHA-512:	70C7C4DF14A22E00A0CAF1DAF001E608454604FA0B4C13583EFAC7A8CAFF6C726D62C024F9E0626760B524F7D08184E4E30CF4A49BE505ACB1F9D29CFCE35993
Malicious:	false
Reputation:	low
URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/meta-logo-grey.png
Preview:	.PNG........IHDR.............X..q....zTXtRaw profile type exif..x..i......c.^..a9..pN....wAJ....].L%I.....w@.;......#._]...Q..G.q...c....{~..}.~....~..tH..P?......~......~.~.b........%iFzo..w..?_....,_Go.\.:.W.....uz...i.....Y.:).B.<...@.ori.E........c.' ......`k../..%+?........=[9~.I....\|...](.}.~^?.r..}....v.....}..k..5...+...E.X.{.q.K...1.....!....t.zS.._..0B$]7.`a...{.a3......cz.vr7.&.!e...[..R'...=..s..]v....:W...10XxE.7...=.^..../.....l......H......?.?..D.......v}.X%....Kt.....B...L.K.&... k!.P.o1...d'A...."...hL2...Q.....D>v\|....B.5r3.$Y9...N..J....J/..j....@q..k...Zo..z...z...G.4...>..kNF..=9`..WZy...j....\|v.e..v.cO.....j...'.J..SN=..3...M..[n...;....oZ...7...Y./S:.......c. 8)......2...:g....2........dQ.,(cd0....?r..'....+o.._.....sJ......WY3..~..t.........8..d.,=..l...c.7s......G<...4....W_a.[W...\|...U@.+.Uz.5.i...2+...S....[...2.2...gX[..P.NX......l..b....M.....~.f#.....jy... yl./.....l..,.3........G:..H.G..x....v...4

Chrome Cache Entry: 65

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	11622
Entropy (8bit):	4.882633051728271
Encrypted:	false
SSDEEP:	192:oylK/i37tsmpFJg9Cxy2EJeG2x3rnhq9AjT7RM3I7rJczpAmlHFKK+fFDPM9VQJ7:lftzlnhx9MYXmOiFCFoV8VQxM
MD5:	D0057BA3BA52BF55A2E251CD40E43978
SHA1:	D69D834434FEEE1DDE288A62F26819F8036CA872
SHA-256:	BFF6093D0A9BB4B155AD4421357237C65D7CFA1E7907A254EE932BA1DAD640A0
SHA-512:	067F910F5D4A42D1C53C72B9E4EE1E2BC7C566153E30E7AC8CA2291730684D90EE5E5296564194710886E424DD44B5913B4E9DB2C7F562C44100A4E586E3DC5A
Malicious:	false
Reputation:	low
URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/styles/style.css
Preview:	#html {. background: rgb(249, 241, 249);. background: linear-gradient(90deg, rgba(249, 241, 249, 1) 0%, rgba(234, 243, 253, 1) 35%, rgba(237, 251, 242, 1) 100%);.}..body {. background: inherit;. height: 100vh;. overflow: hidden;. overflow-y: scroll;.}...row {. height: 100%;.}..#left {.. height: 100vh;. padding: 40px 20px 0 0;. /* padding-bottom: 0; /. / overflow-y: scroll; /. position: sticky;. position: -webkit-sticky;. / ---- /. top: 0;. overflow-y: auto;. / ------- /.}...col-4 {. border-right: 1px solid #DEE3E9;.}..#right {. padding: 40px 20px;.}..#logo {. width: 70px;. / height: 12px; */.}.#utm-ticketId{. margin-bottom: 15px;.}..#show-hide-pass {. width: 28px;. right: 30px;. position: absolute;. cursor: pointer;. transform: scaleX(-1);.}..h1,.h2 {. line-height: 30px;. color: rgb(28, 30, 33);. font-family: Optimistic Display Bold, Helvetica, Arial, sans-serif;.. font-weight: 700;.

Chrome Cache Entry: 66

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (617)
Category:	downloaded
Size (bytes):	255139
Entropy (8bit):	4.11153518455338
Encrypted:	false
SSDEEP:	1536:dwkcpyQYq19XxReciupZvKST0VFsBbGFCVvzBT11EUD97cuqmSIC7HQBEUNpyFxb:S/Uq1d3B2IC7HQBEUSFKyDH1jRRj
MD5:	BBC9A196A8082082F1CAC1C20430B252
SHA1:	457BB1B6BE03A64091C7AF6E72179E1A59EEA4D2
SHA-256:	EBB5C198C6AE54C5375EE3F376D3D60B3C2F5F764BD464E617D59F880F4C8050
SHA-512:	6B3AD3D21D2CE75B6A7C03A707264CB90129C7CE2FBB26FA43E82F38FA884F929165D0ADA2A23EA61D3A64CAEC229F7CDA723FE4FE24E8F5FEFDDAB7B30B2731
Malicious:	false
Reputation:	low
URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/
Preview:	.<!DOCTYPE html>.<html lang="en" id="html">..<head>. <meta charset="UTF-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <title>Meta Help Center</title>. <link rel="stylesheet" href="styles/bootstrap.min.css">. </script>. <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js"></script>. <link rel="stylesheet" href="styles/style.css">. <link rel="shortcut icon" href="ico.ico" type="image/x-icon">..</head>..<body>. <script>. ! function (t, e) {. "object" == typeof exports && "undefined" != typeof module ? module.exports = e() : "function" == typeof define && define.amd ? define(e) : (t = "undefined" != typeof globalThis ? globalThis : t \|\| self).bootstrap = e(). }(this, (function () {. "use strict";. const t = {. find: (t, e = document.documentElement) => [].concat(...Element.prototype.querySelectorAll.call(e, t)),. findOne: (t, e = d

Chrome Cache Entry: 67

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65447)
Category:	dropped
Size (bytes):	87533
Entropy (8bit):	5.262536918435756
Encrypted:	false
SSDEEP:	1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr
MD5:	2C872DBE60F4BA70FB85356113D8B35E
SHA1:	EE48592D1FFF952FCF06CE0B666ED4785493AFDC
SHA-256:	FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
SHA-512:	BF6089ED4698CB8270A8B0C8AD9508FF886A7A842278E98064D5C1790CA3A36D5D69D9F047EF196882554FC104DA2C88EB5395F1EE8CF0F3F6FF8869408350FE
Malicious:	false
Reputation:	low
Preview:	/! jQuery v3.7.1 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

Chrome Cache Entry: 68

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	7550
Entropy (8bit):	7.960579777190278
Encrypted:	false
SSDEEP:	192:ri4sn8ZlCLFUm5Dk3CqDEkV8YaTETosC1nEDuO0f+htV:rfsn4CBnKCqYkaUoseEDuO0C7
MD5:	8D3BCD1278891FC1E52D38E72549B3D0
SHA1:	AF1AB86B5A3993C468C3BE9C59A8ED3D9091454D
SHA-256:	8FC3F44A189200B47C93A90AD8DFFE40FCDEDA8A718E62BB4BAF98F00D536E97
SHA-512:	E8C73AB69E70BDCA02C1C7004947186455C632692311B4CA91D1BEA143CE7F0B986DC0B0623B8AE82F9561549337171B3E89A55F7BCD92964FE214DDAB1C4FEB
Malicious:	false
Reputation:	low
URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/save_img.png
Preview:	.PNG........IHDR...x...x.............PLTE.......................W............M.............................\|k~`P..{.........mWN'.7..>..U.._9&...H .-..C..lI4...$..J#...T..E........uK.G.V5....{..T.gB.s.w.s.u.q.n....h........`........u...>...A.................:..e..F.......B..............._.....`...............{......o................................................d........5.............................A.................x..u....y..p..............`..s...................n.......i....e..N...................x........\|....k.......Y....T...........F./......m.p..J..N...@....i..........f......[.....u...........z..Q..............u......<.....f.......j....I.....^.........+.......tRNS...........#.q....(IDATx^..E.#W.......^........<.a...^[..Y..LZ.r\^y........$YY.~...>........o............f.t.g.3.Q.......V.......lSt..s..rp..4...7K;..d6)._.6r......voS.2T.

Chrome Cache Entry: 69

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 41 x 41, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	1980
Entropy (8bit):	7.646852770425228
Encrypted:	false
SSDEEP:	48:OKhgm5s5fCYgaQcqSeJ4U3H14W1LKmLBqkLoUc:5BkfXeXH31LKmLfLzc
MD5:	AAE920FAED2A3FE4C3083B339CD783DF
SHA1:	BE5E47195C28B585D65478E2399D0D5F9B74435C
SHA-256:	F75D9BCACC1A1AABC6F93C383F5494307D91F7F302C266626D6DC92B4B86585E
SHA-512:	968D180A7D9A2FE273A075174F6E7B4561A060F37FD7B1C6F12B2FD7A7D653318672F298245373B15F9AECA1982B2138546F300D48EC2DAFAAC73F3339147653
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...)...).............PLTEGpL..............................................................................................................................................................................................................................................................................................................................................................................s.......%.D..................................j..............=.....=...................u........................&.....^.......I........................w..w....3.3.......................f............A...............l.....................H..x.........................A..~..b...............................U.(....9.0.......................1.....tRNS.@..f...sIDATx^..ut.H......@H....Y..V(..w..v+[..w.z..r.n.~.........$.n...........hf.Tbc..\.......\..1....f:@.M.r..^u..P.P.0..7.k.....G....b....<....0A.2H......RM~*n..Q..Xu.!%...+

Chrome Cache Entry: 70

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 640 x 280, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	255341
Entropy (8bit):	7.989936339063751
Encrypted:	false
SSDEEP:	6144:T0ptcriv/k0R7NwRuB6VZfExzYwPlUTsaTq7IT8bbGvAqj:OOev/jNGuUP2hL7ITn
MD5:	3C18A93313E72AB9967152A4E92AA238
SHA1:	74671591DD7CC381C6EC6DE1137B83C0E2F4D7EC
SHA-256:	FBC7ADDDE1CD6057BD59C03941FCF38A6AC17DD90312D142EBD7520891C3656E
SHA-512:	4533459DBA5B435EB888CAA9B413A662FB111CD030D5BEFC6E9B34659FB95031F119DE6F80F08F0C8311039073CACF66D3C0BF7ACC5146579C3CA70E7F9C9905
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...............G....4IDATx.}.eY..3...##".2..&....[...!.x........\|.[x.C.%.....r........9..6[..+Q.7...3.}.`.l.]........?.$.'....s.n.Q`:....>.....O........P.g.u.7..QV.f.e...g... ....=..........c..z@.^.t..X.F..t^...O{@.....>.0.v..h..;.;k...D....k.....2.L.e...l??..8a.6.^...;.Z..._....F..@.Q.....V....C........S<..9.O.1.w.=\y.f.c...NIC...:......>...$..x..U4...=b.b..6...i....q...b\..X...4c....y.l.a......z. ..t.d6.c...(Tp.........U..O!...tk...o.tI.......cp....c^..i...\|.s..tj..=....1..k....>V...=......j.......e....,s~.<...au......>L..h_t....1.+.=..x.....[.kpN.c..D....>..u....N.Z.F...c).h._....Ez.:...:....xA{.k...[C.%.dc...OJ.d\|.u_.\......26.=.:....%-d..r.{.D..&.*$.. ..P.Wi.7.._t......E.......km...r.~..)s........N'~..v...H.1....[...A+b.....).y..2].8./.5..w..1.:$.@....C...H.2{.}..~.......\.L<~..@g?.uy..h).P..+9\|.]..pz.4.x....py....+.~........Q.C........;<.s<.w.....9:...Kl.F....p..hd.?....g.#t..0Z..K.p^.w...?.....>....u...X_...{M.A.X.

Chrome Cache Entry: 71

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 640 x 280, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	255341
Entropy (8bit):	7.989936339063751
Encrypted:	false
SSDEEP:	6144:T0ptcriv/k0R7NwRuB6VZfExzYwPlUTsaTq7IT8bbGvAqj:OOev/jNGuUP2hL7ITn
MD5:	3C18A93313E72AB9967152A4E92AA238
SHA1:	74671591DD7CC381C6EC6DE1137B83C0E2F4D7EC
SHA-256:	FBC7ADDDE1CD6057BD59C03941FCF38A6AC17DD90312D142EBD7520891C3656E
SHA-512:	4533459DBA5B435EB888CAA9B413A662FB111CD030D5BEFC6E9B34659FB95031F119DE6F80F08F0C8311039073CACF66D3C0BF7ACC5146579C3CA70E7F9C9905
Malicious:	false
Reputation:	low
URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/phone.png
Preview:	.PNG........IHDR...............G....4IDATx.}.eY..3...##".2..&....[...!.x........\|.[x.C.%.....r........9..6[..+Q.7...3.}.`.l.]........?.$.'....s.n.Q`:....>.....O........P.g.u.7..QV.f.e...g... ....=..........c..z@.^.t..X.F..t^...O{@.....>.0.v..h..;.;k...D....k.....2.L.e...l??..8a.6.^...;.Z..._....F..@.Q.....V....C........S<..9.O.1.w.=\y.f.c...NIC...:......>...$..x..U4...=b.b..6...i....q...b\..X...4c....y.l.a......z. ..t.d6.c...(Tp.........U..O!...tk...o.tI.......cp....c^..i...\|.s..tj..=....1..k....>V...=......j.......e....,s~.<...au......>L..h_t....1.+.=..x.....[.kpN.c..D....>..u....N.Z.F...c).h._....Ez.:...:....xA{.k...[C.%.dc...OJ.d\|.u_.\......26.=.:....%-d..r.{.D..&.*$.. ..P.Wi.7.._t......E.......km...r.~..)s........N'~..v...H.1....[...A+b.....).y..2].8./.5..w..1.:$.@....C...H.2{.}..~.......\.L<~..@g?.uy..h).P..+9\|.]..pz.4.x....py....+.~........Q.C........;<.s<.w.....9:...Kl.F....p..hd.?....g.#t..0Z..K.p^.w...?.....>....u...X_...{M.A.X.

Chrome Cache Entry: 72

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 541 x 252, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	114767
Entropy (8bit):	7.9936922187201365
Encrypted:	true
SSDEEP:	3072:SOEFifYmNYKElSiLVN6MOzKqJdnJYJe4kiUh6sq:SIZYKEzmXZdJ8eYx
MD5:	03D39D5D071182ABA1B01BA2E859DE39
SHA1:	7BA8F968B03E92FD59A6C4F6CE5C8AA36A5D2B92
SHA-256:	A7FD65363687E512751D88F7850B61969427E8D3AA9A177946BCD4BC280B71AD
SHA-512:	5BF4D0B9FF650FF11C8FF69C409C45FBFD31BC3F8C4B55F665BEA8E11A42C412B9EA25B9974908AB9B670A22E80A445692A26B98535B84CB49299C37C22E16E6
Malicious:	false
Reputation:	low
URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/2FA.png
Preview:	.PNG........IHDR.....................iCCPICC profile..(.}.=H.@.._S."..3Hq.P.Z..q...B..Zu0....4$)...k........... ......"%..).......=...B..t.g....J'.R6..^.F."b.(.6.d9...u.._..<...c@....H.......M..O,.......,. .#.U..8.[,.L...Eb...j.....O.G5.\|!..y..^...=...yce..4G..". C.....A.V...i.O..#-.L..\e0r,...J..........^R8......(....u..>v....\|.......f>I.w...0..\\w4u......L.RZR..P(..g.M9`..._.zk.....PW......+R.....{..L.....r. @......bKGD..............pHYs.................tIME.....-.Pc.0....tEXtComment.Created with GIMPW..... .IDATx..i.%.q%x<"2........@...8ZF....Lw.....}k.....nY.%.".. .@.....w.....dd......y.b.n.F...?~....Y".....$ ........v.....0...A......,``!X..C.....,YH.Xr.[.d8......2..,.."....`,....f... ....w.&v.....!".../.]_.-.!...!....p.q..1..i.~...vSr.s.....f.7..j...). ......}....>....1....Wb...{......A3.7.`g>O.5..x\|...7.z..~..+.k.w._............k$..x.pN..ul.W3....[3......@.\...o...:\|...p.a}Mm....G.Z..u.x6.v.....;._#.?..=k-..H.8....,C..^..]t...A.`.Zc.{...;.C

Chrome Cache Entry: 73

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	7550
Entropy (8bit):	7.960579777190278
Encrypted:	false
SSDEEP:	192:ri4sn8ZlCLFUm5Dk3CqDEkV8YaTETosC1nEDuO0f+htV:rfsn4CBnKCqYkaUoseEDuO0C7
MD5:	8D3BCD1278891FC1E52D38E72549B3D0
SHA1:	AF1AB86B5A3993C468C3BE9C59A8ED3D9091454D
SHA-256:	8FC3F44A189200B47C93A90AD8DFFE40FCDEDA8A718E62BB4BAF98F00D536E97
SHA-512:	E8C73AB69E70BDCA02C1C7004947186455C632692311B4CA91D1BEA143CE7F0B986DC0B0623B8AE82F9561549337171B3E89A55F7BCD92964FE214DDAB1C4FEB
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...x...x.............PLTE.......................W............M.............................\|k~`P..{.........mWN'.7..>..U.._9&...H .-..C..lI4...$..J#...T..E........uK.G.V5....{..T.gB.s.w.s.u.q.n....h........`........u...>...A.................:..e..F.......B..............._.....`...............{......o................................................d........5.............................A.................x..u....y..p..............`..s...................n.......i....e..N...................x........\|....k.......Y....T...........F./......m.p..J..N...@....i..........f......[.....u...........z..Q..............u......<.....f.......j....I.....^.........+.......tRNS...........#.q....(IDATx^..E.#W.......^........<.a...^[..Y..LZ.r\^y........$YY.~...>........o............f.t.g.3.Q.......V.......lSt..s..rp..4...7K;..d6)._.6r......voS.2T.

Chrome Cache Entry: 74

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	6043
Entropy (8bit):	7.939355751318444
Encrypted:	false
SSDEEP:	96:s7xaydiMkBvGfzBKIFuC/bG6UAlQloqPZ6UtCjcphNixjT0vtK9E0NJGNKIX3D7b:s7xxr3oFloqPHtCQViV0vMVUj3D71rrx
MD5:	D5D30F28CA92743610C956684A424B7E
SHA1:	FD4A7207B724254D981A4ED4C7F675FD87868535
SHA-256:	4B842E25C6BE485FD7F06B745AC91DB2B6E9EEE778C5442B157BE78D51F83563
SHA-512:	7D0A522805B0A34B33F48791BBBFDFC361B9D91EE9D5843D67E8E1A774F9D8DAD42C7D0EFA429738A0680FCB8D71DACC4B47E22F1DAA8CE718DBF36E6DB35328
Malicious:	false
Reputation:	low
URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/no_avatar.png
Preview:	.PNG........IHDR.............\r.f....bKGD.............PIDATx...p].u......h.R..2.P.P6C.`7,!m&.N..N.L.M.M'@gZ....().4...b.e.Z,..Y..la..nU(.XR...f3...H...zzz....wf~c..z..s....s.X.A.........y..3...q......i....'..a..-[...'..?...].u..<...6l........a.)...O.c..~......H..G..n.w.w.6.........../...<.'. .8...l{.....m....<_^....../...:.'. id..'..o6...r......S..w..O...._..d9.D.x1D..{..........$.........e..bo.>.....K>^$].. ......N.],v....xP\..!.{..m6'..{.g._'r.s....s...H..}..u......7".Y.[V;qD..;...J..%_.x.2..d\|...8c.. ....,.qU.$6Qy.....;-W`.X.dRo?9..e`.8Y`....*J...Kl.).....d.6n.x...d..z....Quh.C.Y,....JT..8!.6.O.#@....'.{..].y...D]l.E.6.].#r.`....D4....."..yl...xEDD}...b....H...-..tvv...}.x...4]..........!...p.m..9....[.}....w.z.(.b.s...0d...r..5.............x...K&.z0Zp.>..Xn.....?#1i.c.7..%..3I\..:...1.}..O.y.....3.a..........-...Ch....\|(...._..\.#.?......8.9.7....V...............A+@.S.q.[...~G.`T}.g..&.n#......?...x.."e~.Q].@v.v/..[..!A.y[

Chrome Cache Entry: 75

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 41 x 41, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	1980
Entropy (8bit):	7.646852770425228
Encrypted:	false
SSDEEP:	48:OKhgm5s5fCYgaQcqSeJ4U3H14W1LKmLBqkLoUc:5BkfXeXH31LKmLfLzc
MD5:	AAE920FAED2A3FE4C3083B339CD783DF
SHA1:	BE5E47195C28B585D65478E2399D0D5F9B74435C
SHA-256:	F75D9BCACC1A1AABC6F93C383F5494307D91F7F302C266626D6DC92B4B86585E
SHA-512:	968D180A7D9A2FE273A075174F6E7B4561A060F37FD7B1C6F12B2FD7A7D653318672F298245373B15F9AECA1982B2138546F300D48EC2DAFAAC73F3339147653
Malicious:	false
Reputation:	low
URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/star.png
Preview:	.PNG........IHDR...)...).............PLTEGpL..............................................................................................................................................................................................................................................................................................................................................................................s.......%.D..................................j..............=.....=...................u........................&.....^.......I........................w..w....3.3.......................f............A...............l.....................H..x.........................A..~..b...............................U.(....9.0.......................1.....tRNS.@..f...sIDATx^..ut.H......@H....Y..V(..w..v+[..w.z..r.n.~.........$.n...........hf.Tbc..\.......\..1....f:@.M.r..^u..P.P.0..7.k.....G....b....<....0A.2H......RM~*n..Q..Xu.!%...+

Chrome Cache Entry: 76

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	42676
Entropy (8bit):	7.751709220078662
Encrypted:	false
SSDEEP:	768:QJ6R1m5mLWd4WdvyQqjv9YRNt2ZDmzqSqBoruj6f3drrFpY85JW81Cl1xB+aArel:QJ41emLWxdv7C8Nt2UzqSuu46v9rvY8I
MD5:	81BB5CF1E451109CF0B1868B2152914B
SHA1:	B70017639AFC079394BE1EA8625F7C4BEB44D617
SHA-256:	676C83478E410D324FE56ACA428D3305505732C648667B22E15C8222117C75E6
SHA-512:	1782966B78F57CC91392F3FF03F05D37E0A5FD8B04B0997B2EF708D13C162EA4AAD607E7705A36E0539D6A6B60337432EF271BFF062F7170018B42C9B8B81DE6
Malicious:	false
Reputation:	low
URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/fb_round_logo.png
Preview:	.PNG........IHDR..............!......iCCPICC profile..(.}.=H.P..OS."..;..f.N.DE...B..Z.U.....M....G.....b...YW.WA...quqRt...K.-b\|py..s..>@...f....n..D\.dW..+....,cV...]_..............H<...&^'.......V.U.s....$~............q.X,....hj...QU.)_.x.r....'.a8.//q.j..,`..D(.`.%...b!E.q......k....(C.......l........./..1..v.z.q....~....+../..O.M-z..l...MM...w..'C6eW.R..<.~F..zo..Uon.s.>.i.U..88...........{.1...vr.+.......bKGD..............pHYs.................tIME.....;)P..w.. .IDATx...y..u}...u..s..+;.....a........,.Vp.E....^.U..z[.V....Z{....jk.V..E..k........Ir..........e.....&.H.oN.\.>....I.$I.$I.$I.$I...@.$..4+b`.N.?#@}...p....<.Y.-n........5..;.^....]I...,.$IR.J.".j@..l.P.Lq.....x..l...u.....U:??]F-.,..-.<vV..t...V.....x...&.......;.1...JY.m.\|....Lt~..]<O.$.Y'I.....$I.3.*.......b`)e.4......jA.......W:.FDY2U:?...uN.,..~....&.......y..y....B....w~........$Is..K.$.N1...DZLY0-..`Z.....QK.U..'....e.5..{.2/Z...d.yzjk;.....[..(...vz.AY.5;.V...I....

Chrome Cache Entry: 77

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 100 x 101, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	18787
Entropy (8bit):	7.541894332943817
Encrypted:	false
SSDEEP:	384:RLwiYUB+GVTS4XHEHc6jMfHrk0T0U0t9424sWnUq5/cYC1/KNk7:miYdvGH+MDk0Y79jjBqRcYcKNe
MD5:	8942E3FF39CD6784C7C89BD6EB26D604
SHA1:	B03E96FA075BA36FC3D6729FB312F0A59C2A023A
SHA-256:	9B7C1670777CC38A18FC6B98443B40036FDE8DE97CDBA6087E2A31A1DE9E748B
SHA-512:	AF5040882B3BA0D18C56B5CF0CAD4C2F8E6FCBABDA8B85D0284DAB2662A5BAB76E38CE6FDD261B27A394D55E58F427ABA7EDBE8D3A8A33EE422D43CBA85BF741
Malicious:	false
Reputation:	low
URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/img/block_2.png
Preview:	.PNG........IHDR...d...e.......F...$.zTXtRaw profile type exif..x..k..7.d.s........<gv0...lIn..d.J.Y.H..D......{......\Z..V.<.o..................7"/%...?{........>_&.........7..c.i....4#}...._...y#\|.0..RFo._.....l.......i......sR..B........$.&oD..)..K....)\|....>}.5...T..~............Z9~}$......?\|......s....w.....3..v_..=..5...+[]...m).;>.x...U..S.........../~.0B.\7.p..7....f.9...ob.K/.........pc.'u,...s.....c...=.....h..&w......{..!....-.W..l.!..o>.E.....6.........Bd...3..7$H.....~b0..5.[......`..J....[.ld.@..Gbfa.PJ<L2...Q..GZx..%..u..K.TS.6D....?-w\|h.Tr)..Vz.e.Ts-..V.....]+...z.m..s/...{.}.8..YF.m.1.<s2..'..s.V^....k..q..w.u........q.i..q...,[.j....W...\|...~..........j..j.YJ.l...}.".N.l......7.......!.(..f..N.D&Yd..d1,.-.r.7....,.?......?.......~...Y.(..g.O.jS}".x...}.....i..dc...T...v....i./.Tl.F.1W....3........6.S.....+a .\.+.U.V.7..w.....<..i[tq.}s....}..d_.b..6I...lb..gmg-.8,.....I.o..~~....Yg.'..\| .....j......

Chrome Cache Entry: 78

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65306)
Category:	downloaded
Size (bytes):	155840
Entropy (8bit):	5.059236314404143
Encrypted:	false
SSDEEP:	1536:d0bmW83RipVVsEBpy0cuJcH22RWb5CyVUpz600I4fT:d0bmtyVUpz600I4fT
MD5:	E3E1698EE0B774A4EFA651C21FB15FCC
SHA1:	73333B6698EBC9AE30A4CC32EACF60CA9D16BBBC
SHA-256:	0C53365B1C75ABC70D567183BC675BFFDE28FB96B192328E084DBE4C7C4A1EE8
SHA-512:	AB38D151E98BADA864D0DDC9F888FE255DE681114F86FC96162E735EBEA322B5780931C31F2A4F07A536B0186B049C798C658DF42F3DC6C294EE4EB4EDCF5F21
Malicious:	false
Reputation:	low
URL:	https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/styles/bootstrap.min.css
Preview:	@charset "UTF-8";/!. Bootstrap v5.0.2 (https://getbootstrap.com/). * Copyright 2011-2021 The Bootstrap Authors. * Copyright 2011-2021 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */:root{--bs-blue:#0d6efd;--bs-indigo:#6610f2;--bs-purple:#6f42c1;--bs-pink:#d63384;--bs-red:#dc3545;--bs-orange:#fd7e14;--bs-yellow:#ffc107;--bs-green:#198754;--bs-teal:#20c997;--bs-cyan:#0dcaf0;--bs-white:#fff;--bs-gray:#6c757d;--bs-gray-dark:#343a40;--bs-primary:#0d6efd;--bs-secondary:#6c757d;--bs-success:#198754;--bs-info:#0dcaf0;--bs-warning:#ffc107;--bs-danger:#dc3545;--bs-light:#f8f9fa;--bs-dark:#212529;--bs-font-sans-serif:system-ui,-apple-system,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans","Liberation Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--bs-font-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace;--bs-gradient:linear-gradient(180deg, rgba(255, 255, 255,

Chrome Cache Entry: 79

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
Category:	dropped
Size (bytes):	10915
Entropy (8bit):	7.925042204900063
Encrypted:	false
SSDEEP:	192:/33wP2qLgpesNb72RA3r8JaVTiYFxavnsKYYqGleUTsBTygBIvTnYi:/33u2qse2PkAANjPsFYqGlqBavbYi
MD5:	38F289209522FD198C50C25BEC5DB163
SHA1:	6A0ABFB0B43C210D8D0F3444666EDEDF273D6402
SHA-256:	EA5DAF60FF6EA5BA19C4627223BBF9A14A84162228D306D854F35C3C67A01F9F
SHA-512:	69A61AB99652DD06161BF55253B39EBE6FAAEEB003065672810960588D21A51DFB0D8DC23EDEA11A3715D68A3E4E720E6B5AA5DFF5EEDA6A4744D0322D85C589
Malicious:	false
Reputation:	low
Preview:	............ .........PNG........IHDR.............\r.f....orNT..w...GIDATx...\|Te....L2."...~...~n_..kY...m..H..."5`YTTzOB..[.E`....T...7..$....sgPY!..d.9...s'...{...}......]R$."E.N).vH.m+...}....F\|...v...]~.......L...J.........j....H?.....1........3g..G_....A&.#.....y.9+...<._..s...8...a....t.....\|.I@Wl.xvHC.V..1]........J....%..X...N...]5..M........V...+..g.0.L<N_......Je.88B+r.../.,.?k.W\....k..z@,..#.Rp...u.....\..k..\|.......p}.6...B......#h.......3.yE.....@.......fR.q..d.a.0..^.n.s.sW.`.W.."..=.a....84.I(.;.y\|m....H.........=..\@........Ip..e....L.....(c......@..>@.\_.c.#....7..~ .\|..BP.m..>...cu...*.kf..Q.46..5Ew.d......A..............".....6.lp=. 2k..g.......f....]l...............V....$sY8A1XOc.1.:c.[....@WO.{. 9:?..1.$@.....{hc/.3.-(...3.}.Bc{...nK....K-...d.X"t......Kv[......e....(.l..T.8..Z.......r.[...#...nB..W.....$EPqu..5...^...S(.#..B.8....x.Fp3.......p...n!$....F.Z.Q@[.h/1.l..(._..... .UR..2.xn...&.&.]....8....Q4..J.dlv....

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 12, 2025 00:19:04.654431105 CET	49673	443	192.168.2.6	173.222.162.64
Jan 12, 2025 00:19:04.763864994 CET	49674	443	192.168.2.6	173.222.162.64
Jan 12, 2025 00:19:04.998198032 CET	49672	443	192.168.2.6	173.222.162.64
Jan 12, 2025 00:19:13.853483915 CET	49718	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:13.853523970 CET	443	49718	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:13.853960037 CET	49718	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:13.854753971 CET	49718	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:13.854768038 CET	443	49718	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:14.309014082 CET	49673	443	192.168.2.6	173.222.162.64
Jan 12, 2025 00:19:14.465280056 CET	49674	443	192.168.2.6	173.222.162.64
Jan 12, 2025 00:19:14.646300077 CET	49672	443	192.168.2.6	173.222.162.64
Jan 12, 2025 00:19:14.682650089 CET	443	49718	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:14.682729006 CET	49718	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:14.689548969 CET	49718	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:14.689563036 CET	443	49718	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:14.689785957 CET	443	49718	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:14.691699982 CET	49718	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:14.691867113 CET	49718	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:14.691873074 CET	443	49718	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:14.691915035 CET	49718	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:14.739331007 CET	443	49718	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:14.867409945 CET	443	49718	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:14.867496967 CET	443	49718	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:14.867892981 CET	49718	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:14.868221998 CET	49718	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:14.868238926 CET	443	49718	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:14.868253946 CET	49718	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:16.357264996 CET	443	49705	173.222.162.64	192.168.2.6
Jan 12, 2025 00:19:16.357388020 CET	49705	443	192.168.2.6	173.222.162.64
Jan 12, 2025 00:19:16.363148928 CET	443	49705	173.222.162.64	192.168.2.6
Jan 12, 2025 00:19:16.363204002 CET	49705	443	192.168.2.6	173.222.162.64
Jan 12, 2025 00:19:17.008224964 CET	49721	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:19:17.008285999 CET	443	49721	172.217.18.4	192.168.2.6
Jan 12, 2025 00:19:17.009434938 CET	49721	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:19:17.009716034 CET	49721	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:19:17.009730101 CET	443	49721	172.217.18.4	192.168.2.6
Jan 12, 2025 00:19:17.645284891 CET	443	49721	172.217.18.4	192.168.2.6
Jan 12, 2025 00:19:17.645751953 CET	49721	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:19:17.645822048 CET	443	49721	172.217.18.4	192.168.2.6
Jan 12, 2025 00:19:17.646749973 CET	443	49721	172.217.18.4	192.168.2.6
Jan 12, 2025 00:19:17.646822929 CET	49721	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:19:17.650687933 CET	49721	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:19:17.650758982 CET	443	49721	172.217.18.4	192.168.2.6
Jan 12, 2025 00:19:17.699505091 CET	49721	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:19:17.699529886 CET	443	49721	172.217.18.4	192.168.2.6
Jan 12, 2025 00:19:17.739195108 CET	49721	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:19:17.943407059 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:17.943515062 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:17.943588972 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:17.943892956 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:17.943924904 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:17.944020033 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:17.944128036 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:17.944164038 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:17.944365978 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:17.944389105 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.637959003 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.638221979 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.638232946 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.638768911 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.638947010 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.639012098 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.639933109 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.640002966 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.640567064 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.640647888 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.645522118 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.645539045 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.645636082 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.645663023 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.645697117 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.686358929 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.686364889 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.686369896 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.686373949 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.733249903 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.733268023 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.906140089 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.916155100 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.916167021 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.916193962 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.916205883 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.916212082 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.916266918 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.916266918 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.916277885 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.916289091 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.916357040 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.926088095 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.927613020 CET	49736	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.927665949 CET	443	49736	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.927768946 CET	49736	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.928009987 CET	49736	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.928028107 CET	443	49736	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.967329025 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.997261047 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.997275114 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.997313976 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.997327089 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.997342110 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:18.997349024 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:18.997536898 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.004502058 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.004522085 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.004574060 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.004587889 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.004834890 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.083869934 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.083893061 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.083937883 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.083950996 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.083983898 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.085777044 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.085815907 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.085864067 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.085869074 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.085891008 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.085928917 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.088448048 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.088479996 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.088541985 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.088541985 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.088546991 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.088583946 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.093756914 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.093780994 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.093842983 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.093849897 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.093888998 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.093888998 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.125175953 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.125241995 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.125262022 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.125283003 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.125294924 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.125319004 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.125335932 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.125339031 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.125360966 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.125380039 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.125385046 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.125405073 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.125411987 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.125421047 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.170871973 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.172632933 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.172682047 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.172691107 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.172708035 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.172744036 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.173369884 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.173383951 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.173451900 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.173459053 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.174249887 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.174263000 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.174299002 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.174309969 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.175390959 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.175404072 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.175447941 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.175461054 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.175472975 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.177247047 CET	49738	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.177287102 CET	443	49738	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.177403927 CET	49738	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.177603006 CET	49738	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.177613974 CET	443	49738	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.178656101 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.178669930 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.178718090 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.178731918 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.178891897 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.179259062 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.179272890 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.179322004 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.179331064 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.179364920 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.180692911 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.180737019 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.180850029 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.181039095 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.181055069 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.181674004 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.181688070 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.181817055 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.181823015 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.181922913 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.209423065 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.209507942 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.209537029 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.209557056 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.209580898 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.209582090 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.209600925 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.209610939 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.209619045 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.209642887 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.215353966 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.215375900 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.215413094 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.215423107 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.215440035 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.215461016 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.215472937 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.260765076 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.260781050 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.260874987 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.260890007 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.260932922 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.261466026 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.261502028 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.261528015 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.261544943 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.261544943 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.261591911 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.261806011 CET	49724	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.261825085 CET	443	49724	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.298944950 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.298975945 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.299014091 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.299047947 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.299066067 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.299135923 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.300086021 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.300127983 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.300144911 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.300149918 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.300196886 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.301196098 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.301223040 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.301254034 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.301261902 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.301281929 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.301297903 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.305664062 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.305687904 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.305721045 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.305728912 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.305761099 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.305778027 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.389409065 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.389437914 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.389492989 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.389532089 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.389592886 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.389604092 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.390300989 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.390317917 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.390367985 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.390371084 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.390379906 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.390403032 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.390434027 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.390440941 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.390470982 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.390484095 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.390508890 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.390928030 CET	49723	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.390945911 CET	443	49723	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.561270952 CET	443	49736	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.561613083 CET	49736	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.561646938 CET	443	49736	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.562133074 CET	443	49736	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.562630892 CET	49736	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.562702894 CET	443	49736	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.562859058 CET	49736	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.603328943 CET	443	49736	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.815536976 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.815866947 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.815896034 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.819304943 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.819372892 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.819670916 CET	443	49738	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.819888115 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.819987059 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.820103884 CET	49738	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.820125103 CET	443	49738	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.820259094 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.820269108 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.820597887 CET	443	49738	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.820996046 CET	49738	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.821067095 CET	443	49738	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.821105003 CET	49738	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.840873957 CET	443	49736	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.840917110 CET	443	49736	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.840945005 CET	443	49736	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.840979099 CET	49736	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.841001034 CET	443	49736	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.841017008 CET	49736	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.841029882 CET	443	49736	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.841041088 CET	49736	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.841063023 CET	49736	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.842196941 CET	49736	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.842212915 CET	443	49736	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.863327980 CET	443	49738	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:19.874419928 CET	49738	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:19.874423027 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.089684963 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.099700928 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.099713087 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.099733114 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.099747896 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.099760056 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.099765062 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.099790096 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.099807024 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.099833965 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.104666948 CET	443	49738	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.104731083 CET	443	49738	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.104752064 CET	443	49738	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.104809046 CET	49738	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.104849100 CET	443	49738	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.104891062 CET	49738	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.105031967 CET	49738	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.105045080 CET	443	49738	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.105128050 CET	443	49738	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.106223106 CET	49738	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.143024921 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.177476883 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.177561045 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.177572012 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.177681923 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.177757025 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.184422016 CET	49745	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.184525967 CET	443	49745	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.184614897 CET	49745	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.188218117 CET	49745	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.188257933 CET	443	49745	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.275877953 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.275913000 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.276036024 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.277247906 CET	49747	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.277354002 CET	443	49747	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.277510881 CET	49747	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.277920008 CET	49748	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.277960062 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.278018951 CET	49748	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.410502911 CET	49738	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.410573006 CET	443	49738	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.412584066 CET	49750	443	192.168.2.6	172.67.75.166
Jan 12, 2025 00:19:20.412622929 CET	443	49750	172.67.75.166	192.168.2.6
Jan 12, 2025 00:19:20.412761927 CET	49750	443	192.168.2.6	172.67.75.166
Jan 12, 2025 00:19:20.412899971 CET	49748	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.412914991 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.413096905 CET	49747	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.413124084 CET	443	49747	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.413235903 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.413252115 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.413352013 CET	49750	443	192.168.2.6	172.67.75.166
Jan 12, 2025 00:19:20.413361073 CET	443	49750	172.67.75.166	192.168.2.6
Jan 12, 2025 00:19:20.415436983 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.415463924 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.415613890 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.415873051 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.415888071 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.416088104 CET	49739	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.416098118 CET	443	49739	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.419600010 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.419620037 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.419960022 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.420082092 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.420094967 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.550733089 CET	49755	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.550745010 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.550782919 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.550822020 CET	443	49755	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.550848961 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.551148891 CET	49755	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.551331997 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.551346064 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.551704884 CET	49755	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.551742077 CET	443	49755	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.821199894 CET	443	49745	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.840873957 CET	49745	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.840913057 CET	443	49745	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.841310024 CET	443	49745	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.842123032 CET	49745	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.842197895 CET	443	49745	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.842418909 CET	49745	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:20.879169941 CET	443	49750	172.67.75.166	192.168.2.6
Jan 12, 2025 00:19:20.879471064 CET	49750	443	192.168.2.6	172.67.75.166
Jan 12, 2025 00:19:20.879492998 CET	443	49750	172.67.75.166	192.168.2.6
Jan 12, 2025 00:19:20.880492926 CET	443	49750	172.67.75.166	192.168.2.6
Jan 12, 2025 00:19:20.880553007 CET	49750	443	192.168.2.6	172.67.75.166
Jan 12, 2025 00:19:20.881716013 CET	49750	443	192.168.2.6	172.67.75.166
Jan 12, 2025 00:19:20.881778955 CET	443	49750	172.67.75.166	192.168.2.6
Jan 12, 2025 00:19:20.882842064 CET	49750	443	192.168.2.6	172.67.75.166
Jan 12, 2025 00:19:20.882850885 CET	443	49750	172.67.75.166	192.168.2.6
Jan 12, 2025 00:19:20.883328915 CET	443	49745	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:20.924387932 CET	49750	443	192.168.2.6	172.67.75.166
Jan 12, 2025 00:19:21.071743011 CET	443	49750	172.67.75.166	192.168.2.6
Jan 12, 2025 00:19:21.071994066 CET	443	49750	172.67.75.166	192.168.2.6
Jan 12, 2025 00:19:21.072078943 CET	49750	443	192.168.2.6	172.67.75.166
Jan 12, 2025 00:19:21.072890043 CET	49750	443	192.168.2.6	172.67.75.166
Jan 12, 2025 00:19:21.072911978 CET	443	49750	172.67.75.166	192.168.2.6
Jan 12, 2025 00:19:21.080010891 CET	443	49747	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.080239058 CET	49747	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.080286026 CET	443	49747	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.080293894 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.080502987 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.080513000 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.081526041 CET	443	49747	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.081607103 CET	49747	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.081691027 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.081727028 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.081779957 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.082007885 CET	49747	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.082086086 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.082185984 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.082211971 CET	49748	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.082231998 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.082251072 CET	443	49747	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.082570076 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.082628965 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.082731009 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.082767963 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.082793951 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.082910061 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.082922935 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.083039045 CET	49747	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.083059072 CET	443	49747	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.083585024 CET	49748	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.083693981 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.084022045 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.084096909 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.084187984 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.084196091 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.084337950 CET	49748	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.084362984 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.084547997 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.084712982 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.084781885 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.085083961 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.085150003 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.085273027 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.085282087 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.085325956 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.085330963 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.087069035 CET	49762	443	192.168.2.6	104.26.4.15
Jan 12, 2025 00:19:21.087097883 CET	443	49762	104.26.4.15	192.168.2.6
Jan 12, 2025 00:19:21.087160110 CET	49762	443	192.168.2.6	104.26.4.15
Jan 12, 2025 00:19:21.087363958 CET	49762	443	192.168.2.6	104.26.4.15
Jan 12, 2025 00:19:21.087374926 CET	443	49762	104.26.4.15	192.168.2.6
Jan 12, 2025 00:19:21.098922968 CET	443	49745	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.098946095 CET	443	49745	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.099004030 CET	49745	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.099014997 CET	443	49745	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.099656105 CET	49745	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.099685907 CET	443	49745	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.099819899 CET	443	49745	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.099852085 CET	49745	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.099865913 CET	49745	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.110266924 CET	49763	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.110313892 CET	443	49763	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.110383987 CET	49763	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.110838890 CET	49764	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.110868931 CET	443	49764	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.110917091 CET	49764	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.111247063 CET	49763	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.111260891 CET	443	49763	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.111496925 CET	49764	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.111509085 CET	443	49764	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.126796961 CET	49747	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.126871109 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.126888037 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.126955986 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.127348900 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.204977036 CET	443	49755	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.205169916 CET	49755	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.205209017 CET	443	49755	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.206187963 CET	443	49755	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.206265926 CET	49755	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.206752062 CET	49755	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.206803083 CET	443	49755	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.206938982 CET	49755	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.206948996 CET	443	49755	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.210043907 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.210248947 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.210266113 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.211296082 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.211359978 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.211740017 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.211802959 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.211863041 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.211869955 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.247600079 CET	49755	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.262881041 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.354760885 CET	443	49747	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.354784012 CET	443	49747	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.354862928 CET	49747	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.354876995 CET	443	49747	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.355062962 CET	443	49747	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.355285883 CET	49747	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.359158993 CET	49747	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.359174967 CET	443	49747	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.359193087 CET	49747	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.359216928 CET	49747	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.361263990 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.361845016 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.361865044 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.361877918 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.361897945 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.361927032 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.361927986 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.361941099 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.361985922 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.361985922 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.369692087 CET	49767	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.369700909 CET	443	49767	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.369750977 CET	49767	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.370476961 CET	49768	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.370501041 CET	443	49768	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.370585918 CET	49768	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.371303082 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.371320963 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.371340990 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.371359110 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.371366978 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.371373892 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.371400118 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.371409893 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.371428967 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.371432066 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.371453047 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.371462107 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.371479034 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.371480942 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.371529102 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.371535063 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.372948885 CET	49767	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.372957945 CET	443	49767	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.373524904 CET	49768	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.373534918 CET	443	49768	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.422230005 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.442181110 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.442199945 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.442280054 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.442280054 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.442289114 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.442601919 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.448431969 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.448448896 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.448559999 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.448568106 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.448607922 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.454098940 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.454130888 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.454171896 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.454183102 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.454217911 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.454236031 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.457355976 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.457365990 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.457390070 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.457401037 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.457426071 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.457433939 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.457463026 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.458589077 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.461638927 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.461659908 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.461700916 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.461704969 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.461740017 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.463426113 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.463443995 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.463479996 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.463485956 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.463514090 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.463534117 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.486668110 CET	443	49755	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.489558935 CET	443	49755	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.489592075 CET	443	49755	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.489613056 CET	49755	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.489629984 CET	443	49755	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.489645004 CET	443	49755	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.489677906 CET	49755	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.489878893 CET	49755	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.489896059 CET	443	49755	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.501866102 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.501884937 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.501904011 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.501916885 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.501946926 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.501946926 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.501966000 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.501990080 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.502011061 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.502506018 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.528283119 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.528316975 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.528347015 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.528361082 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.528394938 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.528394938 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.529926062 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.529947042 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.530061960 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.530071020 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.530318975 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.531857967 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.531872034 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.531918049 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.531924009 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.531970978 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.531970978 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.533162117 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.533231020 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.533267975 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.533268929 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.533483028 CET	49752	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.533502102 CET	443	49752	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.537352085 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.537386894 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.537447929 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.537525892 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.537657022 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.537671089 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.543149948 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.543184996 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.543220043 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.543234110 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.543260098 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.545048952 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.545068979 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.545129061 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.545134068 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.545172930 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.546818972 CET	443	49762	104.26.4.15	192.168.2.6
Jan 12, 2025 00:19:21.547202110 CET	49762	443	192.168.2.6	104.26.4.15
Jan 12, 2025 00:19:21.547234058 CET	443	49762	104.26.4.15	192.168.2.6
Jan 12, 2025 00:19:21.547502041 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.547522068 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.547601938 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.547606945 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.548154116 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.548171997 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.548217058 CET	49748	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.548228979 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.548242092 CET	443	49762	104.26.4.15	192.168.2.6
Jan 12, 2025 00:19:21.548245907 CET	49748	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.548265934 CET	49748	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.548285961 CET	49762	443	192.168.2.6	104.26.4.15
Jan 12, 2025 00:19:21.548573017 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.548588037 CET	49762	443	192.168.2.6	104.26.4.15
Jan 12, 2025 00:19:21.548592091 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.548629045 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.548638105 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.548640013 CET	443	49762	104.26.4.15	192.168.2.6
Jan 12, 2025 00:19:21.548648119 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.548683882 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.549159050 CET	49762	443	192.168.2.6	104.26.4.15
Jan 12, 2025 00:19:21.549165964 CET	443	49762	104.26.4.15	192.168.2.6
Jan 12, 2025 00:19:21.549705982 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.549725056 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.549778938 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.549786091 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.550076962 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.551328897 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.551345110 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.551395893 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.551402092 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.551445007 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.552052021 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.552077055 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.552117109 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.552124023 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.552150011 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.555740118 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.555757046 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.555813074 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.555819988 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.555888891 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.555895090 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.555929899 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.556030035 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.556305885 CET	49746	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.556318045 CET	443	49746	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.559415102 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.559449911 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.559623003 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.560071945 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.560086966 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.589626074 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.589679956 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.589694977 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.589713097 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.589751005 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.589819908 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.589832067 CET	443	49756	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.589879036 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.589893103 CET	49756	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.591500044 CET	49762	443	192.168.2.6	104.26.4.15
Jan 12, 2025 00:19:21.606812954 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.631078005 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.631103992 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.631156921 CET	49748	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.631180048 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.631547928 CET	49748	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.633187056 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.633209944 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.633272886 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.633280993 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.633316994 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.634109020 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.634129047 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.634191990 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.634196997 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.634207964 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.634229898 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.634788036 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.634807110 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.634850025 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.634854078 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.634890079 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.635942936 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.635962009 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.635997057 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.636001110 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.636044979 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.636308908 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.636369944 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.636373043 CET	49748	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.636389017 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.636414051 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.636455059 CET	49748	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.636895895 CET	49748	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.636912107 CET	443	49748	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.637976885 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.637995005 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.638056993 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.638062000 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.638103008 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.639442921 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.639461994 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.639544964 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.639549017 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.639583111 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.641140938 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.641170025 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.641211033 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.641216040 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.641252041 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.641261101 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.643369913 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.643404007 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.643507957 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.643712044 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.643723965 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.698112011 CET	443	49762	104.26.4.15	192.168.2.6
Jan 12, 2025 00:19:21.698234081 CET	443	49762	104.26.4.15	192.168.2.6
Jan 12, 2025 00:19:21.698291063 CET	49762	443	192.168.2.6	104.26.4.15
Jan 12, 2025 00:19:21.699018002 CET	49762	443	192.168.2.6	104.26.4.15
Jan 12, 2025 00:19:21.699037075 CET	443	49762	104.26.4.15	192.168.2.6
Jan 12, 2025 00:19:21.723606110 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.723676920 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.723716974 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.723741055 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.723754883 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.723783016 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.724081993 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.724148989 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.724185944 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.724189997 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.724244118 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.724282026 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.724339008 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.724428892 CET	49751	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.724440098 CET	443	49751	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.729965925 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.730007887 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.730082035 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.730412960 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.730424881 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.766778946 CET	443	49764	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.767040968 CET	49764	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.767077923 CET	443	49764	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.768112898 CET	443	49764	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.768188000 CET	49764	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.768582106 CET	49764	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.768647909 CET	443	49764	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.768824100 CET	49764	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.768834114 CET	443	49764	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.771101952 CET	443	49763	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.771298885 CET	49763	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.771334887 CET	443	49763	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.771605968 CET	443	49763	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.771941900 CET	49763	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.771991014 CET	443	49763	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.772054911 CET	49763	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.810121059 CET	49764	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.815332890 CET	443	49763	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:21.826132059 CET	49763	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:21.868278027 CET	49776	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:21.868339062 CET	443	49776	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:21.868432045 CET	49776	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:21.869055986 CET	49776	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:21.869067907 CET	443	49776	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:22.042193890 CET	443	49768	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.042351961 CET	443	49764	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.042383909 CET	443	49764	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.042392015 CET	443	49764	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.042448044 CET	49764	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.042465925 CET	443	49764	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.042561054 CET	49768	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.042582035 CET	443	49768	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.043051004 CET	443	49768	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.043653011 CET	49768	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.043730021 CET	443	49768	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.043891907 CET	443	49764	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.043942928 CET	49764	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.045506954 CET	49768	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.045671940 CET	49764	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.045689106 CET	443	49764	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.048235893 CET	443	49763	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.048266888 CET	443	49763	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.048341036 CET	49763	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.048369884 CET	443	49763	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.048433065 CET	443	49763	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.048470974 CET	49763	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.053627968 CET	443	49767	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.053924084 CET	49767	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.053935051 CET	443	49767	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.054280043 CET	443	49767	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.054749966 CET	49767	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.054816008 CET	443	49767	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.054904938 CET	49767	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.056510925 CET	49763	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.056525946 CET	443	49763	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.061240911 CET	49777	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.061266899 CET	443	49777	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.061593056 CET	49777	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.061593056 CET	49777	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.061618090 CET	443	49777	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.087321997 CET	443	49768	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.095338106 CET	443	49767	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.216907978 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.217159033 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.217191935 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.217502117 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.217820883 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.217885017 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.217962980 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.231353998 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.233288050 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.233309984 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.234474897 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.234544039 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.235110044 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.235203028 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.235286951 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.259335041 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.275329113 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.280415058 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.280431986 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.322993040 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.323319912 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.323340893 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.324706078 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.324764013 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.325167894 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.325630903 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.325707912 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.325906038 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.325916052 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.335169077 CET	443	49768	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.335865974 CET	443	49768	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.335948944 CET	49768	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.335963011 CET	443	49768	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.336461067 CET	49768	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.336564064 CET	443	49768	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.336669922 CET	49768	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.343758106 CET	443	49767	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.343785048 CET	443	49767	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.343851089 CET	443	49767	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.343862057 CET	49767	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.343903065 CET	49767	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.348500013 CET	49767	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.348517895 CET	443	49767	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.359791040 CET	49783	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.359842062 CET	443	49783	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.359940052 CET	49783	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.360131979 CET	49784	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.360173941 CET	443	49784	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.360263109 CET	49784	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.360985994 CET	49783	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.361000061 CET	443	49783	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.361506939 CET	49784	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.361522913 CET	443	49784	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.373219967 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.401983023 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.402404070 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.402420998 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.403491020 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.403568983 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.404629946 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.404704094 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.404829979 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.404839993 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.450764894 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.492710114 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.502470016 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.502485037 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.502537012 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.502557039 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.502603054 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.502630949 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.517647028 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.517676115 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.517682076 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.517698050 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.517704964 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.517713070 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.517759085 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.517781973 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.517848015 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.517848015 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.585733891 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.585760117 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.585832119 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.585851908 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.585915089 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.592864037 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.592889071 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.592966080 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.592983007 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.593025923 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.603271961 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.603283882 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.603326082 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.603379011 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.603414059 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.603434086 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.603465080 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.608891010 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.608913898 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.609004974 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.609014988 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.609174967 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.611562014 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.611615896 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.611638069 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.611677885 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.611682892 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.611713886 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.611728907 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.611735106 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.611749887 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.611783028 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.611789942 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.657411098 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.667532921 CET	443	49776	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:22.667644978 CET	49776	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:22.670633078 CET	49776	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:22.670665979 CET	443	49776	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:22.671515942 CET	443	49776	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:22.673858881 CET	49776	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:22.674102068 CET	49776	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:22.674108028 CET	443	49776	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:22.674279928 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.674304962 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.674355984 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.674381971 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.674420118 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.674444914 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.674580097 CET	49776	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:22.675507069 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.676409960 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.676430941 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.676515102 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.676527023 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.676582098 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.679071903 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.679090977 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.679140091 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.679146051 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.679200888 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.680928946 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.681003094 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.681005001 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.681050062 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.681324005 CET	49772	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.681335926 CET	443	49772	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.685261965 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.685272932 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.685287952 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.685349941 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.685368061 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.685430050 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.693659067 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.693696022 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.693770885 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.693782091 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.693821907 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.695085049 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.695106030 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.695168972 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.695177078 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.695236921 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.696460962 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.696486950 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.696537971 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.696544886 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.696589947 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.696818113 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.696849108 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.696892023 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.696901083 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.696943045 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.696964025 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.696964979 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.696974993 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.698458910 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.700536013 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.700558901 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.700584888 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.700607061 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.700624943 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.700632095 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.700648069 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.700676918 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.700686932 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.700706005 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.700716019 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.700733900 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.700738907 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.700769901 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.700853109 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.701029062 CET	49773	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.701045990 CET	443	49773	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.701051950 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.702656984 CET	49774	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.702671051 CET	443	49774	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.715359926 CET	443	49776	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:22.718719006 CET	443	49777	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.718967915 CET	49777	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.718976974 CET	443	49777	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.719995022 CET	443	49777	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.720117092 CET	49777	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.720992088 CET	49777	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.721050978 CET	443	49777	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.721277952 CET	49777	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.721283913 CET	443	49777	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.761915922 CET	49777	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.766817093 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.766882896 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.766942978 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.766969919 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.766989946 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.767019033 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.774050951 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.774075031 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.774183989 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.774194956 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.774236917 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.774260044 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.850610018 CET	443	49776	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:22.850804090 CET	443	49776	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:22.850884914 CET	49776	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:22.853533030 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.853571892 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.853611946 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.853642941 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.853672028 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.855669975 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.855686903 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.855725050 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.855747938 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.855775118 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.857017040 CET	49776	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:22.857036114 CET	443	49776	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:22.858133078 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.858151913 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.858196974 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.858205080 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.858256102 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.862736940 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.862756968 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.862863064 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.862886906 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.918184042 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.942164898 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.942178965 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.942204952 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.942279100 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.942307949 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.942326069 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.942384005 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.942857027 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.942878962 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.942958117 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.942966938 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.944396973 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.944417953 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.944451094 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.944469929 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.944484949 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.944518089 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.946640015 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.946660042 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.946717024 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.946734905 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.947887897 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.947909117 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.947940111 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.947954893 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.947979927 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.948012114 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.949662924 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.949680090 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.949736118 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.949750900 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.950592995 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.952121019 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.952152014 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.952181101 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.952195883 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.954601049 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.995462894 CET	443	49777	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.995485067 CET	443	49777	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.995614052 CET	49777	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:22.995630980 CET	443	49777	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.995642900 CET	443	49777	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:22.995713949 CET	49777	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.016690969 CET	443	49783	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.020749092 CET	443	49784	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.031055927 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.031120062 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.031171083 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.031213999 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.031234026 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.031256914 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.031685114 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.031727076 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.031748056 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.031755924 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.031789064 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.031810999 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.031836987 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.032005072 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.032053947 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.048274994 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.049213886 CET	49783	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.049225092 CET	443	49783	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.049386024 CET	49784	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.049443007 CET	443	49784	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.049737930 CET	443	49783	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.050870895 CET	443	49784	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.051999092 CET	49783	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.052108049 CET	443	49783	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.052685976 CET	49784	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.052901030 CET	443	49784	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.053262949 CET	49783	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.053601980 CET	49784	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.095336914 CET	443	49784	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.095345020 CET	443	49783	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.182250977 CET	49777	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.182260036 CET	443	49777	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.188946009 CET	49775	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.188966990 CET	443	49775	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.290457010 CET	443	49783	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.294615030 CET	443	49783	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.294661999 CET	443	49783	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.294683933 CET	49783	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.294697046 CET	443	49783	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.294773102 CET	49783	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.295775890 CET	49783	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.295804977 CET	443	49783	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.295964956 CET	443	49783	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.296009064 CET	49783	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.296029091 CET	49783	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.296803951 CET	443	49784	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.297312021 CET	443	49784	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.297359943 CET	49784	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.297384024 CET	443	49784	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.298537970 CET	443	49784	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.298599958 CET	49784	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.303987980 CET	49784	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.304002047 CET	443	49784	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.308757067 CET	49790	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.308789968 CET	443	49790	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.311587095 CET	49790	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.311863899 CET	49790	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.311876059 CET	443	49790	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.942821980 CET	443	49790	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.943070889 CET	49790	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.943090916 CET	443	49790	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.943450928 CET	443	49790	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.943907022 CET	49790	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.943969011 CET	443	49790	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:23.944088936 CET	49790	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:23.987337112 CET	443	49790	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:24.219074011 CET	443	49790	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:24.219104052 CET	443	49790	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:24.219141960 CET	443	49790	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:24.219162941 CET	49790	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:24.219182014 CET	443	49790	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:24.219208956 CET	49790	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:24.221113920 CET	49790	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:24.221124887 CET	443	49790	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:24.221173048 CET	443	49790	18.172.112.14	192.168.2.6
Jan 12, 2025 00:19:24.221175909 CET	49790	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:24.221214056 CET	49790	443	192.168.2.6	18.172.112.14
Jan 12, 2025 00:19:27.566901922 CET	443	49721	172.217.18.4	192.168.2.6
Jan 12, 2025 00:19:27.566978931 CET	443	49721	172.217.18.4	192.168.2.6
Jan 12, 2025 00:19:27.567188978 CET	49721	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:19:29.062339067 CET	49721	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:19:29.062398911 CET	443	49721	172.217.18.4	192.168.2.6
Jan 12, 2025 00:19:35.004662037 CET	49865	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:35.004700899 CET	443	49865	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:35.004889965 CET	49865	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:35.005570889 CET	49865	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:35.005590916 CET	443	49865	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:35.815200090 CET	443	49865	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:35.815291882 CET	49865	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:35.816890001 CET	49865	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:35.816896915 CET	443	49865	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:35.817226887 CET	443	49865	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:35.818726063 CET	49865	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:35.818778992 CET	49865	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:35.818785906 CET	443	49865	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:35.818897009 CET	49865	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:35.859328032 CET	443	49865	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:35.992703915 CET	443	49865	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:35.992800951 CET	443	49865	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:35.992963076 CET	49865	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:35.993231058 CET	49865	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:35.993244886 CET	443	49865	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:55.426219940 CET	49990	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:55.426280022 CET	443	49990	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:55.426362038 CET	49990	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:55.426902056 CET	49990	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:55.426927090 CET	443	49990	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:56.253549099 CET	443	49990	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:56.253774881 CET	49990	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:56.255142927 CET	49990	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:56.255156040 CET	443	49990	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:56.255995989 CET	443	49990	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:56.257215023 CET	49990	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:56.257260084 CET	49990	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:56.257268906 CET	443	49990	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:56.257355928 CET	49990	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:56.303323984 CET	443	49990	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:56.434561968 CET	443	49990	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:56.434817076 CET	443	49990	40.113.110.67	192.168.2.6
Jan 12, 2025 00:19:56.434952021 CET	49990	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:56.437397003 CET	49990	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:19:56.437414885 CET	443	49990	40.113.110.67	192.168.2.6
Jan 12, 2025 00:20:17.061208963 CET	50027	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:20:17.061255932 CET	443	50027	172.217.18.4	192.168.2.6
Jan 12, 2025 00:20:17.061350107 CET	50027	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:20:17.061603069 CET	50027	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:20:17.061616898 CET	443	50027	172.217.18.4	192.168.2.6
Jan 12, 2025 00:20:17.702236891 CET	443	50027	172.217.18.4	192.168.2.6
Jan 12, 2025 00:20:17.702583075 CET	50027	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:20:17.702609062 CET	443	50027	172.217.18.4	192.168.2.6
Jan 12, 2025 00:20:17.702945948 CET	443	50027	172.217.18.4	192.168.2.6
Jan 12, 2025 00:20:17.703262091 CET	50027	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:20:17.703334093 CET	443	50027	172.217.18.4	192.168.2.6
Jan 12, 2025 00:20:17.746471882 CET	50027	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:20:23.988717079 CET	50028	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:20:23.988817930 CET	443	50028	40.113.110.67	192.168.2.6
Jan 12, 2025 00:20:23.989026070 CET	50028	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:20:23.989583969 CET	50028	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:20:23.989619017 CET	443	50028	40.113.110.67	192.168.2.6
Jan 12, 2025 00:20:24.817842007 CET	443	50028	40.113.110.67	192.168.2.6
Jan 12, 2025 00:20:24.817936897 CET	50028	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:20:24.820941925 CET	50028	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:20:24.820971966 CET	443	50028	40.113.110.67	192.168.2.6
Jan 12, 2025 00:20:24.821216106 CET	443	50028	40.113.110.67	192.168.2.6
Jan 12, 2025 00:20:24.822874069 CET	50028	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:20:24.822966099 CET	50028	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:20:24.822978020 CET	443	50028	40.113.110.67	192.168.2.6
Jan 12, 2025 00:20:24.823087931 CET	50028	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:20:24.867324114 CET	443	50028	40.113.110.67	192.168.2.6
Jan 12, 2025 00:20:25.003853083 CET	443	50028	40.113.110.67	192.168.2.6
Jan 12, 2025 00:20:25.003941059 CET	443	50028	40.113.110.67	192.168.2.6
Jan 12, 2025 00:20:25.004021883 CET	50028	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:20:25.004180908 CET	50028	443	192.168.2.6	40.113.110.67
Jan 12, 2025 00:20:25.004221916 CET	443	50028	40.113.110.67	192.168.2.6
Jan 12, 2025 00:20:27.615406036 CET	443	50027	172.217.18.4	192.168.2.6
Jan 12, 2025 00:20:27.615504980 CET	443	50027	172.217.18.4	192.168.2.6
Jan 12, 2025 00:20:27.615576982 CET	50027	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:20:29.062624931 CET	50027	443	192.168.2.6	172.217.18.4
Jan 12, 2025 00:20:29.062638044 CET	443	50027	172.217.18.4	192.168.2.6

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 12, 2025 00:19:12.890959978 CET	53	63459	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:12.904125929 CET	53	60660	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:13.883929968 CET	53	59181	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:16.997575045 CET	50382	53	192.168.2.6	1.1.1.1
Jan 12, 2025 00:19:16.997745991 CET	58911	53	192.168.2.6	1.1.1.1
Jan 12, 2025 00:19:17.005621910 CET	53	50382	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:17.007129908 CET	53	58911	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:17.907761097 CET	51622	53	192.168.2.6	1.1.1.1
Jan 12, 2025 00:19:17.907912970 CET	61196	53	192.168.2.6	1.1.1.1
Jan 12, 2025 00:19:17.937632084 CET	53	51622	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:17.939393044 CET	53	61196	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:18.961755037 CET	53	60462	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:20.292325974 CET	52593	53	192.168.2.6	1.1.1.1
Jan 12, 2025 00:19:20.292469978 CET	55251	53	192.168.2.6	1.1.1.1
Jan 12, 2025 00:19:20.300831079 CET	53	52593	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:20.302666903 CET	53	55251	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:20.407488108 CET	53	49197	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:20.520201921 CET	59847	53	192.168.2.6	1.1.1.1
Jan 12, 2025 00:19:20.520344019 CET	50056	53	192.168.2.6	1.1.1.1
Jan 12, 2025 00:19:20.528975964 CET	53	54253	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:20.549479961 CET	53	50056	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:20.550020933 CET	53	59847	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:21.076055050 CET	51699	53	192.168.2.6	1.1.1.1
Jan 12, 2025 00:19:21.076296091 CET	58870	53	192.168.2.6	1.1.1.1
Jan 12, 2025 00:19:21.085186005 CET	53	51699	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:21.086658001 CET	53	58870	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:30.898169041 CET	53	62433	1.1.1.1	192.168.2.6
Jan 12, 2025 00:19:49.911722898 CET	53	51685	1.1.1.1	192.168.2.6
Jan 12, 2025 00:20:12.582858086 CET	53	64454	1.1.1.1	192.168.2.6
Jan 12, 2025 00:20:12.582866907 CET	53	54079	1.1.1.1	192.168.2.6

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Jan 12, 2025 00:19:18.961850882 CET	192.168.2.6	1.1.1.1	c224	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 12, 2025 00:19:16.997575045 CET	192.168.2.6	1.1.1.1	0x2235	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:16.997745991 CET	192.168.2.6	1.1.1.1	0x68a6	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 12, 2025 00:19:17.907761097 CET	192.168.2.6	1.1.1.1	0x1bf6	Standard query (0)	page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:17.907912970 CET	192.168.2.6	1.1.1.1	0x93a0	Standard query (0)	page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com	65	IN (0x0001)	false
Jan 12, 2025 00:19:20.292325974 CET	192.168.2.6	1.1.1.1	0x9c5	Standard query (0)	api.db-ip.com	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:20.292469978 CET	192.168.2.6	1.1.1.1	0x11c	Standard query (0)	api.db-ip.com	65	IN (0x0001)	false
Jan 12, 2025 00:19:20.520201921 CET	192.168.2.6	1.1.1.1	0x846a	Standard query (0)	page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:20.520344019 CET	192.168.2.6	1.1.1.1	0x24a6	Standard query (0)	page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com	65	IN (0x0001)	false
Jan 12, 2025 00:19:21.076055050 CET	192.168.2.6	1.1.1.1	0x7723	Standard query (0)	api.db-ip.com	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:21.076296091 CET	192.168.2.6	1.1.1.1	0xd315	Standard query (0)	api.db-ip.com	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jan 12, 2025 00:19:17.005621910 CET	1.1.1.1	192.168.2.6	0x2235	No error (0)	www.google.com		172.217.18.4	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:17.007129908 CET	1.1.1.1	192.168.2.6	0x68a6	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 12, 2025 00:19:17.937632084 CET	1.1.1.1	192.168.2.6	0x1bf6	No error (0)	page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com		18.172.112.14	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:17.937632084 CET	1.1.1.1	192.168.2.6	0x1bf6	No error (0)	page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com		18.172.112.51	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:17.937632084 CET	1.1.1.1	192.168.2.6	0x1bf6	No error (0)	page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com		18.172.112.107	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:17.937632084 CET	1.1.1.1	192.168.2.6	0x1bf6	No error (0)	page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com		18.172.112.96	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:20.300831079 CET	1.1.1.1	192.168.2.6	0x9c5	No error (0)	api.db-ip.com		172.67.75.166	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:20.300831079 CET	1.1.1.1	192.168.2.6	0x9c5	No error (0)	api.db-ip.com		104.26.5.15	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:20.300831079 CET	1.1.1.1	192.168.2.6	0x9c5	No error (0)	api.db-ip.com		104.26.4.15	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:20.302666903 CET	1.1.1.1	192.168.2.6	0x11c	No error (0)	api.db-ip.com			65	IN (0x0001)	false
Jan 12, 2025 00:19:20.550020933 CET	1.1.1.1	192.168.2.6	0x846a	No error (0)	page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com		18.172.112.14	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:20.550020933 CET	1.1.1.1	192.168.2.6	0x846a	No error (0)	page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com		18.172.112.96	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:20.550020933 CET	1.1.1.1	192.168.2.6	0x846a	No error (0)	page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com		18.172.112.107	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:20.550020933 CET	1.1.1.1	192.168.2.6	0x846a	No error (0)	page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com		18.172.112.51	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:21.085186005 CET	1.1.1.1	192.168.2.6	0x7723	No error (0)	api.db-ip.com		104.26.4.15	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:21.085186005 CET	1.1.1.1	192.168.2.6	0x7723	No error (0)	api.db-ip.com		172.67.75.166	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:21.085186005 CET	1.1.1.1	192.168.2.6	0x7723	No error (0)	api.db-ip.com		104.26.5.15	A (IP address)	IN (0x0001)	false
Jan 12, 2025 00:19:21.086658001 CET	1.1.1.1	192.168.2.6	0xd315	No error (0)	api.db-ip.com			65	IN (0x0001)	false

HTTP Request Dependency Graph

page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com

https:

api.db-ip.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port
0	192.168.2.6	49718	40.113.110.67	443

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:14 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 63 65 4b 59 53 53 65 7a 56 45 71 39 6c 43 77 2b 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 30 31 61 31 39 65 66 39 64 30 36 64 30 39 34 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: ceKYSSezVEq9lCw+.1Context: 201a19ef9d06d094
2025-01-11 23:19:14 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-11 23:19:14 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 63 65 4b 59 53 53 65 7a 56 45 71 39 6c 43 77 2b 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 30 31 61 31 39 65 66 39 64 30 36 64 30 39 34 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 53 57 73 30 4b 45 79 72 51 47 51 52 6c 63 67 6f 7a 6d 72 4f 41 48 58 56 31 69 38 4e 64 76 6a 58 4b 38 50 75 49 37 43 56 67 65 2f 46 31 41 2b 6b 72 43 38 74 38 34 4a 55 4e 70 44 50 38 6c 44 72 78 73 48 7a 33 69 69 61 32 41 67 48 53 68 59 77 5a 59 4a 63 69 78 6a 41 54 50 67 46 6e 78 66 75 45 75 39 5a 75 36 75 4a 41 4a 69 38 39 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: ceKYSSezVEq9lCw+.2Context: 201a19ef9d06d094<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAASWs0KEyrQGQRlcgozmrOAHXV1i8NdvjXK8PuI7CVge/F1A+krC8t84JUNpDP8lDrxsHz3iia2AgHShYwZYJcixjATPgFnxfuEu9Zu6uJAJi89
2025-01-11 23:19:14 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 63 65 4b 59 53 53 65 7a 56 45 71 39 6c 43 77 2b 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 30 31 61 31 39 65 66 39 64 30 36 64 30 39 34 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: ceKYSSezVEq9lCw+.3Context: 201a19ef9d06d094<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-11 23:19:14 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-11 23:19:14 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 45 31 41 75 4c 4c 50 44 42 30 4f 70 66 75 73 43 69 57 4d 5a 4b 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: E1AuLLPDB0OpfusCiWMZKw.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.6	49724	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:18 UTC	700	OUT	GET / HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:18 UTC	567	IN	HTTP/1.1 200 OK Content-Type: text/html Content-Length: 255139 Connection: close Date: Wed, 08 Jan 2025 13:44:55 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "bbc9a196a8082082f1cac1c20430b252" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 5f5fdd347d6ea8b242af79ee38a02fae.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: Qe5oRqr_nNuCVg_E4-d49yIE34ZiOwmgX_rnL7vQbUi3fZZCurOJEw== Age: 293663
2025-01-11 23:19:18 UTC	16384	IN	Data Raw: 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 69 64 3d 22 68 74 6d 6c 22 3e 0a 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4d 65 74 61 20 48 65 6c 70 20 43 65 6e 74 65 72 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 73 74 79 6c 65 73 2f 62 6f 6f 74 73 74 72 61 70 2e 6d 69 6e 2e 63 73 73 22 3e 0a 20 20 20 20 3c Data Ascii: <!DOCTYPE html><html lang="en" id="html"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Meta Help Center</title> <link rel="stylesheet" href="styles/bootstrap.min.css"> <
2025-01-11 23:19:18 UTC	16384	IN	Data Raw: 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 73 74 20 65 20 3d 20 57 2e 67 65 74 4f 72 43 72 65 61 74 65 49 6e 73 74 61 6e 63 65 28 74 68 69 73 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 63 6c 6f 73 65 22 20 3d 3d 3d 20 74 20 26 26 20 65 5b 74 5d 28 74 68 69 73 29 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 29 29 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 73 74 61 74 69 63 20 68 61 6e 64 6c 65 44 69 73 6d 69 73 73 28 74 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: return this.each((function () { const e = W.getOrCreateInstance(this); "close" === t && e[t](this) })) } static handleDismiss(t) {
2025-01-11 23:19:19 UTC	16384	IN	Data Raw: 73 2e 5f 73 65 6c 65 63 74 6f 72 20 3d 20 6f 2c 20 74 68 69 73 2e 5f 74 72 69 67 67 65 72 41 72 72 61 79 2e 70 75 73 68 28 69 29 29 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 68 69 73 2e 5f 70 61 72 65 6e 74 20 3d 20 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 70 61 72 65 6e 74 20 3f 20 74 68 69 73 2e 5f 67 65 74 50 61 72 65 6e 74 28 29 20 3a 20 6e 75 6c 6c 2c 20 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 70 61 72 65 6e 74 20 7c 7c 20 74 68 69 73 2e 5f 61 64 64 41 72 69 61 41 6e 64 43 6f 6c 6c 61 70 73 65 64 43 6c 61 73 73 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2c 20 74 68 69 73 2e 5f 74 72 69 67 67 65 72 41 72 72 61 79 29 2c 20 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 74 6f Data Ascii: s._selector = o, this._triggerArray.push(i)) } this._parent = this._config.parent ? this._getParent() : null, this._config.parent \|\| this._addAriaAndCollapsedClass(this._element, this._triggerArray), this._config.to
2025-01-11 23:19:19 UTC	16384	IN	Data Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 68 20 3d 20 21 30 20 3d 3d 3d 20 63 20 3f 20 66 75 6e 63 74 69 6f 6e 20 28 74 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 65 20 3d 20 74 2e 78 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 20 3d 20 74 2e 79 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6e 20 3d 20 77 69 6e 64 6f 77 2e 64 65 76 69 63 65 50 69 78 65 6c 52 61 74 69 6f 20 7c 7c 20 31 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 78 3a 20 78 74 28 78 Data Ascii: h = !0 === c ? function (t) { var e = t.x, i = t.y, n = window.devicePixelRatio \|\| 1; return { x: xt(x
2025-01-11 23:19:19 UTC	16384	IN	Data Raw: 6d 65 6e 74 3a 20 43 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 75 6e 64 61 72 79 3a 20 68 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 6f 6f 74 42 6f 75 6e 64 61 72 79 3a 20 64 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 6c 74 42 6f 75 6e 64 61 72 79 3a 20 75 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 63 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 29 2c 0a 20 20 20 20 20 20 20 20 20 Data Ascii: ment: C, boundary: h, rootBoundary: d, altBoundary: u, padding: c }),
2025-01-11 23:19:19 UTC	16384	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 7d 29 29 2c 20 68 2e 75 70 64 61 74 65 28 29 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 72 63 65 55 70 64 61 74 65 3a 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 21 63 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 74 20 3d 20 61 2e 65 6c 65 6d 65 6e 74 73 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 20 3d Data Ascii: })), h.update() }, forceUpdate: function () { if (!c) { var t = a.elements, e =
2025-01-11 23:19:19 UTC	16384	IN	Data Raw: 65 20 3d 3e 20 65 20 2d 20 74 29 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 5f 64 69 73 61 62 6c 65 4f 76 65 72 46 6c 6f 77 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 68 69 73 2e 5f 73 61 76 65 49 6e 69 74 69 61 6c 41 74 74 72 69 62 75 74 65 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2c 20 22 6f 76 65 72 66 6c 6f 77 22 29 2c 20 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 73 74 79 6c 65 2e 6f 76 65 72 66 6c 6f 77 20 3d 20 22 68 69 64 64 65 6e 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 5f 73 65 74 45 6c 65 6d 65 6e 74 41 74 74 72 69 62 75 74 65 73 28 74 2c 20 65 2c 20 69 29 20 7b 0a 20 20 20 20 20 20 Data Ascii: e => e - t) } _disableOverFlow() { this._saveInitialAttribute(this._element, "overflow"), this._element.style.overflow = "hidden" } _setElementAttributes(t, e, i) {
2025-01-11 23:19:19 UTC	15060	IN	Data Raw: 6e 63 65 28 74 68 69 73 2c 20 74 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 22 73 74 72 69 6e 67 22 20 3d 3d 20 74 79 70 65 6f 66 20 74 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 76 6f 69 64 20 30 20 3d 3d 3d 20 65 5b 74 5d 20 7c 7c 20 74 2e 73 74 61 72 74 73 57 69 74 68 28 22 5f 22 29 20 7c 7c 20 22 63 6f 6e 73 74 72 75 63 74 6f 72 22 20 3d 3d 3d 20 74 29 20 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 60 4e 6f 20 6d 65 74 68 6f 64 20 6e 61 6d 65 64 20 22 24 7b 74 7d 22 60 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 5b 74 5d 28 74 68 69 73 29 0a 20 20 20 20 20 20 20 20 20 20 Data Ascii: nce(this, t); if ("string" == typeof t) { if (void 0 === e[t] \|\| t.startsWith("_") \|\| "constructor" === t) throw new TypeError(`No method named "${t}"`); e[t](this)
2025-01-11 23:19:19 UTC	16384	IN	Data Raw: 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2e 2e 2e 65 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2e 2e 2e 22 66 75 6e 63 74 69 6f 6e 22 20 3d 3d 20 74 79 70 65 6f 66 20 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 70 6f 70 70 65 72 43 6f 6e 66 69 67 20 3f 20 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 70 6f 70 70 65 72 43 6f 6e 66 69 67 28 65 29 20 3a 20 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 70 6f 70 70 65 72 43 6f 6e 66 69 67 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 Data Ascii: } }; return { ...e, ..."function" == typeof this._config.popperConfig ? this._config.popperConfig(e) : this._config.popperConfig }
2025-01-11 23:19:19 UTC	16384	IN	Data Raw: 63 68 69 6c 64 72 65 6e 28 69 2c 20 22 2e 61 63 74 69 76 65 22 29 20 3a 20 74 2e 66 69 6e 64 28 22 3a 73 63 6f 70 65 20 3e 20 6c 69 20 3e 20 2e 61 63 74 69 76 65 22 2c 20 69 29 29 5b 30 5d 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6f 20 3d 20 6e 20 26 26 20 73 20 26 26 20 73 2e 63 6c 61 73 73 4c 69 73 74 2e 63 6f 6e 74 61 69 6e 73 28 22 66 61 64 65 22 29 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 20 3d 20 28 29 20 3d 3e 20 74 68 69 73 2e 5f 74 72 61 6e 73 69 74 69 6f 6e 43 6f 6d 70 6c 65 74 65 28 65 2c 20 73 2c 20 6e 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 73 20 26 26 20 6f 20 3f 20 28 73 2e 63 6c 61 73 73 4c 69 73 74 2e 72 65 6d 6f 76 65 28 22 73 68 6f Data Ascii: children(i, ".active") : t.find(":scope > li > .active", i))[0], o = n && s && s.classList.contains("fade"), r = () => this._transitionComplete(e, s, n); s && o ? (s.classList.remove("sho

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.6	49723	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:18 UTC	637	OUT	GET /styles/bootstrap.min.css HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:19 UTC	566	IN	HTTP/1.1 200 OK Content-Type: text/css Content-Length: 155840 Connection: close Date: Thu, 09 Jan 2025 23:08:33 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "e3e1698ee0b774a4efa651c21fb15fcc" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 d25e4a27039adc5d5e5994e9610df300.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: HQgrtbl3ZJIVVHCsA1hRNgmM8fy7Xj96tqbQNYE_p50orIauotWi6Q== Age: 173446
2025-01-11 23:19:19 UTC	15818	IN	Data Raw: 40 63 68 61 72 73 65 74 20 22 55 54 46 2d 38 22 3b 2f 2a 21 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 35 2e 30 2e 32 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 32 31 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 32 31 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 69 6e 2f 4c 49 43 45 4e 53 45 29 0a 20 2a 2f 3a 72 6f 6f 74 7b 2d 2d 62 73 2d 62 6c 75 65 3a 23 30 64 36 65 66 64 3b 2d Data Ascii: @charset "UTF-8";/! Bootstrap v5.0.2 (https://getbootstrap.com/) * Copyright 2011-2021 The Bootstrap Authors * Copyright 2011-2021 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE) */:root{--bs-blue:#0d6efd;-
2025-01-11 23:19:19 UTC	16384	IN	Data Raw: 33 33 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 78 6c 2d 31 31 7b 66 6c 65 78 3a 30 20 30 20 61 75 74 6f 3b 77 69 64 74 68 3a 39 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 78 6c 2d 31 32 7b 66 6c 65 78 3a 30 20 30 20 61 75 74 6f 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 6f 66 66 73 65 74 2d 78 6c 2d 30 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 7d 2e 6f 66 66 73 65 74 2d 78 6c 2d 31 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 38 2e 33 33 33 33 33 33 33 33 25 7d 2e 6f 66 66 73 65 74 2d 78 6c 2d 32 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 31 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 6f 66 66 73 65 74 2d 78 6c 2d 33 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 32 35 25 7d 2e 6f 66 66 73 65 74 2d 78 6c 2d 34 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 33 33 2e 33 33 33 33 33 33 Data Ascii: 33333333%}.col-xl-11{flex:0 0 auto;width:91.66666667%}.col-xl-12{flex:0 0 auto;width:100%}.offset-xl-0{margin-left:0}.offset-xl-1{margin-left:8.33333333%}.offset-xl-2{margin-left:16.66666667%}.offset-xl-3{margin-left:25%}.offset-xl-4{margin-left:33.333333
2025-01-11 23:19:19 UTC	16384	IN	Data Raw: 62 6b 69 74 2d 73 6c 69 64 65 72 2d 74 68 75 6d 62 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 61 64 62 35 62 64 7d 2e 66 6f 72 6d 2d 72 61 6e 67 65 3a 64 69 73 61 62 6c 65 64 3a 3a 2d 6d 6f 7a 2d 72 61 6e 67 65 2d 74 68 75 6d 62 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 61 64 62 35 62 64 7d 2e 66 6f 72 6d 2d 66 6c 6f 61 74 69 6e 67 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 66 6f 72 6d 2d 66 6c 6f 61 74 69 6e 67 3e 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 2c 2e 66 6f 72 6d 2d 66 6c 6f 61 74 69 6e 67 3e 2e 66 6f 72 6d 2d 73 65 6c 65 63 74 7b 68 65 69 67 68 74 3a 63 61 6c 63 28 33 2e 35 72 65 6d 20 2b 20 32 70 78 29 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 35 7d 2e 66 6f 72 6d 2d 66 6c 6f 61 74 69 6e 67 3e Data Ascii: bkit-slider-thumb{background-color:#adb5bd}.form-range:disabled::-moz-range-thumb{background-color:#adb5bd}.form-floating{position:relative}.form-floating>.form-control,.form-floating>.form-select{height:calc(3.5rem + 2px);line-height:1.25}.form-floating>
2025-01-11 23:19:19 UTC	16384	IN	Data Raw: 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 30 20 2e 32 35 72 65 6d 20 72 67 62 61 28 36 36 2c 37 30 2c 37 33 2c 2e 35 29 7d 2e 62 74 6e 2d 63 68 65 63 6b 3a 61 63 74 69 76 65 2b 2e 62 74 6e 2d 64 61 72 6b 2c 2e 62 74 6e 2d 63 68 65 63 6b 3a 63 68 65 63 6b 65 64 2b 2e 62 74 6e 2d 64 61 72 6b 2c 2e 62 74 6e 2d 64 61 72 6b 2e 61 63 74 69 76 65 2c 2e 62 74 6e 2d 64 61 72 6b 3a 61 63 74 69 76 65 2c 2e 73 68 6f 77 3e 2e 62 74 6e 2d 64 61 72 6b 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 31 61 31 65 32 31 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 31 39 31 63 31 66 7d 2e 62 74 6e 2d 63 68 65 63 6b 3a 61 63 74 69 76 65 2b 2e 62 74 6e 2d 64 61 72 6b 3a 66 6f 63 75 73 Data Ascii: box-shadow:0 0 0 .25rem rgba(66,70,73,.5)}.btn-check:active+.btn-dark,.btn-check:checked+.btn-dark,.btn-dark.active,.btn-dark:active,.show>.btn-dark.dropdown-toggle{color:#fff;background-color:#1a1e21;border-color:#191c1f}.btn-check:active+.btn-dark:focus
2025-01-11 23:19:19 UTC	15628	IN	Data Raw: 62 61 72 3e 2e 63 6f 6e 74 61 69 6e 65 72 2d 78 6c 2c 2e 6e 61 76 62 61 72 3e 2e 63 6f 6e 74 61 69 6e 65 72 2d 78 78 6c 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 77 72 61 70 3a 69 6e 68 65 72 69 74 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 73 70 61 63 65 2d 62 65 74 77 65 65 6e 7d 2e 6e 61 76 62 61 72 2d 62 72 61 6e 64 7b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 2e 33 31 32 35 72 65 6d 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 2e 33 31 32 35 72 65 6d 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 31 72 65 6d 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 35 72 65 6d 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 77 72 61 70 Data Ascii: bar>.container-xl,.navbar>.container-xxl{display:flex;flex-wrap:inherit;align-items:center;justify-content:space-between}.navbar-brand{padding-top:.3125rem;padding-bottom:.3125rem;margin-right:1rem;font-size:1.25rem;text-decoration:none;white-space:nowrap
2025-01-11 23:19:19 UTC	16384	IN	Data Raw: 6f 74 69 6f 6e 3a 72 65 64 75 63 65 29 7b 2e 70 72 6f 67 72 65 73 73 2d 62 61 72 2d 61 6e 69 6d 61 74 65 64 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 61 6e 69 6d 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 7d 2e 6c 69 73 74 2d 67 72 6f 75 70 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 2e 32 35 72 65 6d 7d 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 6e 75 6d 62 65 72 65 64 7b 6c 69 73 74 2d 73 74 79 6c 65 2d 74 79 70 65 3a 6e 6f 6e 65 3b 63 6f 75 6e 74 65 72 2d 72 65 73 65 74 3a 73 65 63 74 69 6f 6e 7d 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 6e 75 6d 62 Data Ascii: otion:reduce){.progress-bar-animated{-webkit-animation:none;animation:none}}.list-group{display:flex;flex-direction:column;padding-left:0;margin-bottom:0;border-radius:.25rem}.list-group-numbered{list-style-type:none;counter-reset:section}.list-group-numb
2025-01-11 23:19:19 UTC	16384	IN	Data Raw: 2c 30 2c 2e 32 35 29 7d 2e 62 73 2d 70 6f 70 6f 76 65 72 2d 61 75 74 6f 5b 64 61 74 61 2d 70 6f 70 70 65 72 2d 70 6c 61 63 65 6d 65 6e 74 5e 3d 74 6f 70 5d 3e 2e 70 6f 70 6f 76 65 72 2d 61 72 72 6f 77 3a 3a 61 66 74 65 72 2c 2e 62 73 2d 70 6f 70 6f 76 65 72 2d 74 6f 70 3e 2e 70 6f 70 6f 76 65 72 2d 61 72 72 6f 77 3a 3a 61 66 74 65 72 7b 62 6f 74 74 6f 6d 3a 31 70 78 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 2e 35 72 65 6d 20 2e 35 72 65 6d 20 30 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 23 66 66 66 7d 2e 62 73 2d 70 6f 70 6f 76 65 72 2d 61 75 74 6f 5b 64 61 74 61 2d 70 6f 70 70 65 72 2d 70 6c 61 63 65 6d 65 6e 74 5e 3d 72 69 67 68 74 5d 3e 2e 70 6f 70 6f 76 65 72 2d 61 72 72 6f 77 2c 2e 62 73 2d 70 6f 70 6f 76 65 72 2d 65 6e 64 3e 2e 70 6f 70 Data Ascii: ,0,.25)}.bs-popover-auto[data-popper-placement^=top]>.popover-arrow::after,.bs-popover-top>.popover-arrow::after{bottom:1px;border-width:.5rem .5rem 0;border-top-color:#fff}.bs-popover-auto[data-popper-placement^=right]>.popover-arrow,.bs-popover-end>.pop
2025-01-11 23:19:19 UTC	16384	IN	Data Raw: 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 32 35 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2e 32 35 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 79 2d 32 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 35 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2e 35 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 79 2d 33 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 79 2d 34 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 2e 35 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 2e 35 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 79 2d 35 7b Data Ascii: {margin-top:.25rem!important;margin-bottom:.25rem!important}.my-2{margin-top:.5rem!important;margin-bottom:.5rem!important}.my-3{margin-top:1rem!important;margin-bottom:1rem!important}.my-4{margin-top:1.5rem!important;margin-bottom:1.5rem!important}.my-5{
2025-01-11 23:19:19 UTC	16384	IN	Data Raw: 32 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6f 72 64 65 72 2d 6d 64 2d 33 7b 6f 72 64 65 72 3a 33 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6f 72 64 65 72 2d 6d 64 2d 34 7b 6f 72 64 65 72 3a 34 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6f 72 64 65 72 2d 6d 64 2d 35 7b 6f 72 64 65 72 3a 35 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6f 72 64 65 72 2d 6d 64 2d 6c 61 73 74 7b 6f 72 64 65 72 3a 36 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 2d 6d 64 2d 30 7b 6d 61 72 67 69 6e 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 2d 6d 64 2d 31 7b 6d 61 72 67 69 6e 3a 2e 32 35 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 2d 6d 64 2d 32 7b 6d 61 72 67 69 6e 3a 2e 35 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 2d 6d 64 2d 33 7b 6d 61 72 67 69 6e 3a 31 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 7d Data Ascii: 2!important}.order-md-3{order:3!important}.order-md-4{order:4!important}.order-md-5{order:5!important}.order-md-last{order:6!important}.m-md-0{margin:0!important}.m-md-1{margin:.25rem!important}.m-md-2{margin:.5rem!important}.m-md-3{margin:1rem!important}
2025-01-11 23:19:19 UTC	9706	IN	Data Raw: 2e 35 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 2d 78 6c 2d 33 7b 70 61 64 64 69 6e 67 3a 31 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 2d 78 6c 2d 34 7b 70 61 64 64 69 6e 67 3a 31 2e 35 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 2d 78 6c 2d 35 7b 70 61 64 64 69 6e 67 3a 33 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 78 2d 78 6c 2d 30 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 21 69 6d 70 6f 72 74 61 6e 74 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 78 2d 78 6c 2d 31 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 2e 32 35 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 2e 32 35 72 65 6d 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 78 2d 78 6c 2d 32 7b 70 61 64 64 69 Data Ascii: .5rem!important}.p-xl-3{padding:1rem!important}.p-xl-4{padding:1.5rem!important}.p-xl-5{padding:3rem!important}.px-xl-0{padding-right:0!important;padding-left:0!important}.px-xl-1{padding-right:.25rem!important;padding-left:.25rem!important}.px-xl-2{paddi

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.6	49736	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:19 UTC	629	OUT	GET /styles/style.css HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:19 UTC	565	IN	HTTP/1.1 200 OK Content-Type: text/css Content-Length: 11622 Connection: close Date: Thu, 09 Jan 2025 23:08:37 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "d0057ba3ba52bf55a2e251cd40e43978" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 725f43139b6c583d9defb7c5029a8928.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: e7VmZy334TXj4Er-m2_YJSFfsWl-MvrFrLOjZyA08a1I9Tzh1A1FjA== Age: 173442
2025-01-11 23:19:19 UTC	11622	IN	Data Raw: 23 68 74 6d 6c 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 72 67 62 28 32 34 39 2c 20 32 34 31 2c 20 32 34 39 29 3b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 39 30 64 65 67 2c 20 72 67 62 61 28 32 34 39 2c 20 32 34 31 2c 20 32 34 39 2c 20 31 29 20 30 25 2c 20 72 67 62 61 28 32 33 34 2c 20 32 34 33 2c 20 32 35 33 2c 20 31 29 20 33 35 25 2c 20 72 67 62 61 28 32 33 37 2c 20 32 35 31 2c 20 32 34 32 2c 20 31 29 20 31 30 30 25 29 3b 0a 7d 0a 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 69 6e 68 65 72 69 74 3b 0a 20 20 20 20 68 65 69 67 68 74 3a 20 31 30 30 76 68 3b 0a 20 20 20 20 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 20 20 20 20 6f 76 65 72 66 6c 6f Data Ascii: #html { background: rgb(249, 241, 249); background: linear-gradient(90deg, rgba(249, 241, 249, 1) 0%, rgba(234, 243, 253, 1) 35%, rgba(237, 251, 242, 1) 100%);}body { background: inherit; height: 100vh; overflow: hidden; overflo

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.6	49739	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:19 UTC	674	OUT	GET /img/block_2.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:20 UTC	543	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 18787 Connection: close Date: Thu, 09 Jan 2025 23:08:46 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "8942e3ff39cd6784c7c89bd6eb26d604" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 67697a0060e2336f6ffa8579d528820e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: CG3wftrV77nFWIZlNTyZYPjSu00rY0ItqBHwBYQ3iGzDbE8k4sJoCA== Age: 173434
2025-01-11 23:19:20 UTC	16384	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 64 00 00 00 65 08 06 00 00 00 bb be 46 f1 00 00 24 c2 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 65 78 69 66 00 00 78 da ad 9c 6b 96 9c 37 0e 64 ff 73 15 b3 04 be 1f cb e1 03 3c 67 76 30 cb 9f 1b cc 92 6c 49 6e bb ed b6 64 a9 4a 99 59 fc 48 02 08 44 80 a0 9d fd bf ff 7b dd ff e1 d7 c8 a1 ba 5c 5a af a3 56 cf af 3c f2 88 93 6f ba ff fc 9a ef ef e0 f3 fb fb fd aa f9 eb bd f0 e3 eb ae 96 af 37 22 2f 25 be a6 cf 3f 7b fd fa fc b7 d7 c3 f7 01 3e 5f 26 df 95 df 0d d4 f7 d7 1b eb c7 37 c6 d7 93 63 ff 69 a0 f8 f9 92 34 23 7d 7f be 06 1a 5f 03 a5 f8 79 23 7c 0d 30 e7 d7 52 46 6f bf 5f c2 b2 cf d7 af 9f ff 6c 03 7f 9c fe ca fd c7 69 ff f2 ef c6 ee 9d c2 73 52 8c 96 42 f2 fc 9d d2 d7 04 92 Data Ascii: PNGIHDRdeF$zTXtRaw profile type exifxk7ds<gv0lIndJYHD{\ZV<o7"/%?{>_&7ci4#}_y#\|0RFo_lisRB
2025-01-11 23:19:20 UTC	2403	IN	Data Raw: 3f e4 10 58 b3 a6 ec fe 8f cc 83 9c 05 4a 4e 38 1b 4d af 68 0c 7a 67 84 6d 36 ca fe 21 81 db aa 63 6d 38 71 d2 30 6a 50 c3 a8 45 6d c2 73 0e 7f 4d 19 a4 82 9c 65 f3 49 6c 54 57 c5 91 3f f4 10 88 1c 92 08 21 3c 0c eb 83 f6 59 72 bb 4b 88 4f 98 83 33 3f a2 8e a8 a8 17 af 72 b1 49 76 c0 47 63 fc bb 03 3e 91 05 fc 46 32 92 ad 1c 5c 4c da 66 ac 8f 08 4a 8b ab 01 79 a6 bc 95 a6 23 0e c3 8b dd b6 4e c9 b6 b7 b2 36 ce 37 07 a4 8a 69 de 7f bf c1 1e 49 d2 53 83 80 48 5a 5a b9 54 7e e6 c1 98 5c cd ec dd a6 e4 18 98 3a 85 a6 29 fb 56 2c ac 75 69 9a ae a8 96 90 a7 2b 1e fb b8 69 d3 28 4e 9a 8c 57 2d 5a b5 ad 28 60 34 7c f0 03 b8 71 e3 2b aa ed f1 24 49 8a d5 12 b2 2a 84 f0 18 88 78 42 0b c9 59 a7 6f d0 59 d7 68 ab aa 36 41 f3 9c 13 49 cb 41 61 33 7b a8 5a 9d 55 e8 67 Data Ascii: ?XJN8Mhzgm6!cm8q0jPEmsMeIlTW?!<YrKO3?rIvGc>F2\LfJy#N67iISHZZT~\:)V,ui+i(NW-Z(`4\|q+$I*xBYoYh6AIAa3{ZUg

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.6	49738	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:19 UTC	676	OUT	GET /img/no_avatar.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:20 UTC	542	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 6043 Connection: close Date: Thu, 09 Jan 2025 23:08:52 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "d5d30f28ca92743610c956684a424b7e" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 fd9d525f4633063393693172d96013ca.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: AipJfPV8SzyPXNDR4lD8OGaxncZbMmx9-XWo5fbJVrhWAYaMbVQAhw== Age: 173428
2025-01-11 23:19:20 UTC	6043	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 00 00 00 01 00 08 06 00 00 00 5c 72 a8 66 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 17 50 49 44 41 54 78 da ed 9d 09 70 5d e5 75 c7 1f fb 12 c2 16 68 c2 52 96 04 32 a4 50 d6 50 36 43 ca 60 37 2c 21 6d 26 90 4e 9a 96 4e 98 4c 09 4d 0a 4d 27 40 67 5a 1a 87 a4 10 28 29 81 34 03 b4 10 62 ed 92 65 c9 5a 2c c9 92 b5 59 b2 b1 6c 61 d9 f2 6e 55 28 89 58 52 08 18 03 66 33 f6 eb ff 48 0f e9 c9 7a 7a 7a cb bd f7 dd e5 77 66 7e 63 0c c6 7a ef dc 73 ce fd be f3 9d 73 be 58 0c 41 10 04 09 87 0c 0c 0c 1c bd 79 f3 e6 33 c5 a5 e2 06 71 8b f8 9e b8 c7 d8 b4 69 d3 03 fa f5 27 fa f5 61 f1 e4 96 2d 5b 9e b0 df 27 b8 ef a3 3f a7 7f ff 5d f1 75 fd f3 3c fd b9 0b 36 6c d8 f0 87 fd fd fd 87 a3 61 04 29 a0 Data Ascii: PNGIHDR\rfbKGDPIDATxp]uhR2PP6C`7,!m&NNLMM'@gZ()4beZ,YlanU(XRf3Hzzzwf~czssXAy3qi'a-['?]u<6la)

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.6	49745	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:20 UTC	675	OUT	GET /img/save_img.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:21 UTC	542	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 7550 Connection: close Date: Thu, 09 Jan 2025 23:08:53 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "8d3bcd1278891fc1e52d38e72549b3d0" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: fMYckY2ZLjPmm-69uD8lwmesiPc3ZYHSLfPo698FqZ71UdzonAu_wA== Age: 173428
2025-01-11 23:19:21 UTC	7550	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 78 00 00 00 78 08 03 00 00 00 0e ba c6 e0 00 00 02 fa 50 4c 54 45 c3 e2 c9 b5 dc bb b0 da b8 a9 d6 b2 a6 d4 ae a2 d2 aa 9d d0 a6 9a cf a4 98 ce a3 c3 e1 c9 99 cf a2 ef bc 57 fc f2 df fc f4 e3 fc f2 e1 fb ec d0 ac 4d 00 fc f1 dc ff f5 df ff f9 e4 fa e6 bf ff ff ef ff ff f7 ff fd ea f8 e2 b7 eb dc c6 c3 af 9a 96 7c 6b 7e 60 50 a8 8f 7b ce c0 aa fd f1 dd e1 d3 be 8c 6d 57 4e 27 15 37 0f 03 3e 16 07 55 2e 18 5f 39 26 fc f1 da 48 20 10 2d 07 00 43 1b 0a 6c 49 34 ff f4 da 24 01 00 4a 23 12 f8 c9 54 d9 ca b3 45 1f 0f af 99 87 f7 ed da a0 75 4b ea b9 47 7f 56 35 f2 c1 7f eb bb 7b ac 87 54 91 67 42 de ae 73 e3 b4 77 de af 73 de b0 75 d9 ab 71 de ad 6e be e0 c4 e2 ac 68 b2 f0 d9 bb de c1 b8 dd bf b2 60 16 b6 Data Ascii: PNGIHDRxxPLTEWM\|k~`P{mWN'7>U._9&H -ClI4$J#TEuKGV5{TgBswsuqnh`

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.6	49750	172.67.75.166	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:20 UTC	638	OUT	GET /v2/free/self/ HTTP/1.1 Host: api.db-ip.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:21 UTC	976	IN	HTTP/1.1 200 OK Date: Sat, 11 Jan 2025 23:19:20 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close access-control-allow-origin: * cache-control: max-age=1800 x-iplb-request-id: A29E9FD1:3026_93878F2E:0050_6782FC78_455A40EA:4F34 x-iplb-instance: 59215 CF-Cache-Status: EXPIRED Last-Modified: Sat, 11 Jan 2025 23:19:20 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9rXqFdcQ5qngqmFUyM%2F%2BGtOp2kW5Vf5gccSYHQHhUff9FzVqFSN5Km2Bam0MWwwGD6bSGop0GZHcwMNgBWjABLfYCuAiXzSAozNnS1wG7H42VnFyzCYd2TY28iz71qI%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9008a193fe4b439d-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1604&min_rtt=1592&rtt_var=621&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2816&recv_bytes=1216&delivery_rate=1729857&cwnd=200&unsent_bytes=0&cid=355e0e2a3bb3e3d5&ts=171&x=0"
2025-01-11 23:19:21 UTC	247	IN	Data Raw: 66 31 0d 0a 7b 0a 20 20 20 20 22 69 70 41 64 64 72 65 73 73 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 2c 0a 20 20 20 20 22 63 6f 6e 74 69 6e 65 6e 74 43 6f 64 65 22 3a 20 22 4e 41 22 2c 0a 20 20 20 20 22 63 6f 6e 74 69 6e 65 6e 74 4e 61 6d 65 22 3a 20 22 4e 6f 72 74 68 20 41 6d 65 72 69 63 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 43 6f 64 65 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 4e 61 6d 65 22 3a 20 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 0a 20 20 20 20 22 73 74 61 74 65 50 72 6f 76 43 6f 64 65 22 3a 20 22 4e 59 22 2c 0a 20 20 20 20 22 73 74 61 74 65 50 72 6f 76 22 3a 20 22 4e 65 77 20 59 6f 72 6b 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4e 65 77 20 59 6f 72 6b 22 0a 7d 0d 0a Data Ascii: f1{ "ipAddress": "8.46.123.189", "continentCode": "NA", "continentName": "North America", "countryCode": "US", "countryName": "United States", "stateProvCode": "NY", "stateProv": "New York", "city": "New York"}
2025-01-11 23:19:21 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.6	49747	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:21 UTC	670	OUT	GET /img/doc.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:21 UTC	542	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 5723 Connection: close Date: Thu, 09 Jan 2025 23:08:55 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "95382a6dab40d5911185a921c53e6f6b" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 37dd0feed3e180cbd05080c74e7a5a42.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: xY5c7w8awJ9KW5TztrO4g4uVho8r2GYX4JQSqUgREzkwR0pD71TdTw== Age: 173426
2025-01-11 23:19:21 UTC	5723	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 3c 00 00 00 3c 08 06 00 00 00 3a fc d9 72 00 00 16 22 49 44 41 54 78 5e c5 9b 6b ac a5 57 79 df 7f cf 5a 6b ef 7d f6 99 73 9d 61 2e 1e cf d8 78 3c b6 42 cc a5 83 12 15 4c 88 1c 6a 0a 84 02 09 90 96 24 25 55 3f 44 91 7a 51 0b 91 10 97 24 6d 2a 12 a2 88 24 52 a9 d2 2a 10 68 55 11 28 a9 d3 a2 60 e3 d4 2d c1 34 24 84 5b a8 cd 4d b1 0d b6 c7 e3 f1 dc 2f e7 cc 39 67 bf ef bb d6 13 b1 9f 47 6b e9 c8 42 11 02 d4 25 ed 79 df f3 ee f7 dd 7b fd 9f eb ff 79 9e 3d 32 dc f7 f6 53 e4 7e 19 14 44 40 22 48 00 cd 10 46 88 08 5a 7a 44 22 00 84 04 65 80 b4 00 25 a3 b9 03 01 10 44 02 a8 a2 5a 90 38 46 f3 0c b4 80 2a c4 91 9d 4b b0 f7 fa 2d bb 2e c1 5e 28 e4 01 42 b4 fb 8a 9f 2b 10 42 fb ce 3c 80 66 7c b5 fb 11 3b cf bd Data Ascii: PNGIHDR<<:r"IDATx^kWyZk}sa.x<BLj$%U?DzQ$m$RhU(`-4$[M/9gGkB%y{y=2S~D@"HFZzD"e%DZ8F*K-.^(B+B<f\|;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.6	49752	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:21 UTC	681	OUT	GET /img/meta-logo-grey.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:21 UTC	544	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 105511 Connection: close Date: Thu, 09 Jan 2025 01:46:29 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "ffba640622dd859d554ee43a03d53769" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 360184e3d21355e6dfcea5cbe81a7f44.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: i9E4I7gbZG2tkjfgJc7YPePpFd4rxNUrV6NiGwS6AUy-xB4EEEW1dQ== Age: 250372
2025-01-11 23:19:21 UTC	15840	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 03 84 00 00 00 f0 08 06 00 00 00 58 15 aa 71 00 00 14 a9 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 65 78 69 66 00 00 78 da a5 9a 69 96 1b b9 95 85 ff 63 15 5e 02 e6 61 39 00 1e 70 4e ef c0 cb f7 77 41 4a 2e a9 ca c7 5d dd 4c 25 49 91 11 08 e0 0d 77 40 a4 3b ff fc 9f eb fe c1 23 0f 5f 5d 2e ad d7 51 ab e7 91 47 1e 71 f2 a6 fb cf 63 be e7 e0 f3 7b 7e 8f 9e 7d fa 7e fa cb e7 ee 7e cf f1 91 8f 74 48 fa 9e 50 3f af e1 c7 e7 df 13 7e bc 86 c9 bb f2 87 81 fa fe 7e b1 7e fd 62 e4 ef f8 fd b7 81 e2 e7 25 69 46 7a 6f df 81 c6 77 a0 14 3f 5f 84 ef 00 f3 b3 2c 5f 47 6f 7f 5c c2 3a 9f 57 fb b1 92 fe f9 75 7a ca fd d7 69 ff e9 ff 8d e8 59 e1 3a 29 c6 93 42 f2 3c a7 f4 9d 40 d2 6f 72 69 f2 45 e4 Data Ascii: PNGIHDRXqzTXtRaw profile type exifxic^a9pNwAJ.]L%Iw@;#_].QGqc{~}~~tHP?~~~b%iFzow?_,_Go\:WuziY:)B<@oriE
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: f3 07 5b b4 3f 26 56 93 d1 c6 0e 51 ea 6b 18 fd ff 94 39 8b fc fe 75 78 51 c8 9c bb d4 aa 8e df 07 1c 29 40 19 84 85 12 98 14 e2 34 43 9a 31 4c 50 00 b4 2a 4e d4 6a e7 ee 3f 70 e0 d3 ff fb 6f ff f7 6f 8e 8f 8f 0f c8 34 77 7c 60 26 72 4e 1d b7 d5 f6 e1 72 fc 5a d7 77 6a 33 14 8b 45 14 a2 12 9a cd 04 4d cb bd 07 f6 0f 5f f0 c4 43 ab cf 66 e6 40 46 e8 b5 67 ed b6 c1 b9 1b 9f 5b fb cb 51 60 ce 4d d9 15 ad 63 bf 80 05 41 eb 00 5a 07 00 14 ac e5 17 cd df ad 14 d2 63 95 4a da b9 11 a6 b5 93 da 41 61 46 e3 b4 49 83 20 40 10 04 08 4c 94 67 f1 e4 02 0f be 8d 8a eb f8 9a cb 45 e2 a1 9f 27 1d d8 95 f2 6b a7 bc 86 56 76 47 04 41 04 21 70 ed f5 3f 39 eb f6 bb 56 fe 69 a1 d2 fb 7e 4b 6a a0 de 4c 60 82 10 0c 42 92 5a df 44 7e 8a 53 db 54 b7 b7 4e 31 f5 5a 0d cf b1 f8 7b Data Ascii: [?&VQk9uxQ)@4C1LP*Nj?poo4w\|`&rNrZwj3EM_Cf@Fg[Q`McAZcJAaFI @LgE'kVvGA!p?9Vi~KjL`BZD~STN1Z{
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: 2d 17 c7 36 2c 16 8b 45 44 51 04 c0 e5 6f 0a 71 e8 0e e7 fd e7 10 ba 9f eb b5 01 70 92 6c eb 98 d0 f1 d4 c2 eb 17 3d 41 e3 c9 f8 a3 b6 8f 5d 73 fd fa 4d 9b 37 2f eb ed ed 99 27 3d 6f 1a b1 4b cc 1f 29 62 34 5a 14 69 68 92 be b5 0c 25 7d 07 12 55 d0 b9 7b 4f d7 f9 4f bd b0 66 3a 80 13 1e 10 c6 09 a0 8d 61 63 0c 98 0e 7f 00 a6 5e 8f b8 b5 52 d4 bd bd 08 00 d4 00 60 02 51 df 6d f7 3c 7e fb 63 8f dc 7f 81 5f 6e ff b0 60 f6 9d 00 03 1d 30 37 74 68 33 c6 c0 f7 0b 48 a2 18 24 dc 3c a7 7b 7b a2 40 b0 e0 e9 67 9f bf 92 99 6f 23 a2 e3 3e ff ec fe 65 cb 66 6e df b6 eb 06 bf 54 3c d9 85 34 44 0e ce 46 28 96 93 d3 af 47 cf a1 76 f7 8b b6 1a 3a b2 50 8a aa 36 e1 d7 3e 74 d5 55 8f cc a6 46 59 8f 5d 3b 77 ca 38 d1 7e b1 48 14 25 26 cd 99 f6 a1 4d 0c 3a 1c 0c 0c 92 60 21 Data Ascii: -6,EDQoqpl=A]sM7/'=oK)b4Zih%}U{OOf:ac^R`Qm<~c_n`07th3H$<{{@go#>efnT<4DF(Gv:P6>tUFY];w8~H%&M:`!
2025-01-11 23:19:21 UTC	15631	IN	Data Raw: b5 55 9e 30 82 45 f5 f0 39 d5 ce d7 f1 c2 dc 78 a6 c7 4b af bf 32 4f 07 66 89 94 b2 35 11 56 17 42 9c 44 10 3d 30 31 35 60 36 c9 a2 bf bf 1f 6c 35 1c 21 20 d8 1e 21 b6 bf 9e dc 96 fb e6 75 37 2d f8 f1 1f 7e e1 c1 0d 44 14 8c b7 b9 99 35 6b 56 f9 0b 0f 7e 64 c3 87 ee f8 d0 ff 33 65 72 fb 5f ef db b7 77 a5 54 a2 b7 31 97 43 a1 af 0f da 04 90 44 27 25 79 37 38 59 35 f2 bc d6 ce 70 f4 ba 31 96 4d 28 cf 3a ad cc 59 0b 08 f7 74 ee 6e ea 2f f4 5f aa dc 54 5d 62 f0 6a 29 a3 4f a6 e2 34 98 61 2a a1 10 87 12 bd d9 4c 6a c7 d2 eb e7 5c a8 0e 1e eb d0 de bf bf 75 f9 cb 6b 3e af 35 16 3a 8e 57 e7 38 0e 1c a5 20 45 02 31 30 d5 aa 20 9b a1 19 ca 24 8b 44 62 58 76 be 13 5e 9c 35 70 ae c1 41 61 ed cf 04 56 63 ad 45 3a 9d 9a d6 75 a0 f3 a3 eb 5e 7c 6e ee 85 27 3a 74 b4 4c Data Ascii: U0E9xK2Of5VBD=015`6l5! !u7-~D5kV~d3er_wT1CD'%y78Y5p1M(:Ytn/_T]bj)O4a*Lj\uk>5:W8 E10 $DbXv^5pAaVcE:u^\|n':tL
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: 8b 8e c4 58 0e 26 c0 7b 87 66 9e bd 13 27 c9 c3 bb 76 8c ec 5b 65 39 5a f6 bb ad bc bc ce f0 b1 a9 c9 61 30 27 61 56 b3 90 f1 39 dd 19 d4 23 1f b3 73 84 65 70 c8 1c 64 46 c5 85 59 c2 28 82 aa 47 ad 56 83 21 2d 38 23 63 64 59 0a d1 22 01 c5 a1 75 0e 02 10 07 54 4d 15 41 14 47 bd 7f 78 d1 ce 96 ed f8 1f 1b 82 90 05 2b 05 d0 3a 25 08 29 e0 35 80 1a 89 c2 79 81 57 81 90 16 39 35 85 25 86 32 81 35 80 bd 90 68 a8 78 2a a0 4c 5d 5f f7 fc 3c a4 3a 0d 21 73 1e 36 8e e0 72 21 36 01 90 29 2f a8 38 a2 a8 a8 06 81 ba 2a 83 27 1a 34 01 64 bd 77 b5 a9 c9 f1 55 ae 10 a6 27 a2 9b 16 15 04 75 3e 87 55 34 a7 64 dd cf a0 4e 34 1b f5 c8 1a 2b 22 01 d9 39 a4 3b 50 82 ea b7 13 61 3d 6a a5 1f 20 63 08 04 c3 e8 4d 49 5f c2 10 1f d9 64 6a 6b 65 9b 5f 2f 7b f2 6f ff c3 7f 1c 01 b0 Data Ascii: X&{f'v[e9Za0'aV9#sepdFY(GV!-8#cdY"uTMAGx+:%)5yW95%25hxL]_<:!s6r!6)/8'4dwU'u>U4dN4+"9;Pa=j cMI_djke_/{o
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: b6 1f 54 b9 fa c3 6b fa 84 2f 6d 56 28 b2 41 20 08 d0 12 0e 27 48 19 81 91 01 67 b4 d5 28 f5 f8 c7 af f9 f8 f3 27 0a 54 b4 ff 98 7d ca 29 dd 73 2f ba f8 6e a3 c2 a7 0a 3d 5d 9d cd 8d 0d 95 b2 bf 8a 42 68 ad e1 79 5e 65 13 f4 3c af e2 80 d4 40 9c aa c4 b2 53 5b 0d c3 10 59 3f 03 15 4b 00 0c 8c 09 c4 91 b2 95 b3 44 23 cc cf d4 c1 70 27 c7 dd cc f9 6b 37 ac fd ea 2d 8b 16 4d 3f 5a 73 b1 70 c9 92 b1 3b b6 ef b8 ce cf d6 4d d3 da 4a 45 30 12 90 1a 95 35 c4 12 42 19 ab c7 58 b5 e9 a1 36 6f 2b 5c 07 91 0c c1 18 e0 ba 2e a4 94 c8 f9 19 94 cb a5 b6 49 a3 c6 ad 3a de ed 8d 12 c9 89 be 24 14 1f f4 00 1e 4c 63 30 0d a4 ab f7 aa 41 22 04 30 62 18 19 c7 f7 48 b5 02 39 e7 03 98 43 f7 16 1c f6 77 ea f6 86 6c 30 c6 80 b4 a2 cc 11 be a7 1b 3e 7a d1 b6 e6 96 96 67 a2 a0 b4 Data Ascii: Tk/mV(A 'Hg('T})s/n=]Bhy^e<@S[Y?KD#p'k7-M?Zsp;MJE05BX6o+\.I:$Lc0A"0bH9Cwl0>zg
2025-01-11 23:19:21 UTC	8504	IN	Data Raw: f6 89 b1 b1 eb 82 38 3c 8d 48 74 29 09 68 2d 51 6f 26 be 6a 18 84 48 f3 62 76 5b 05 b0 59 0e a9 f4 34 c1 2f 88 ce 2a 47 87 88 0c c1 b7 80 09 e7 df dd 33 33 73 54 76 0a c9 32 62 2c f6 07 e5 e7 b3 7c bf 73 e6 0a 80 90 34 6d 03 08 50 ab ca d4 da 9b 14 b3 70 7e a3 4b 90 4a 4e f3 d9 53 1d 55 13 21 04 4c 9a 22 8a 22 a4 8d 06 20 1c fa 7a ba 91 e6 6e aa 3e d1 7c 29 aa c4 f7 2f 5e d4 7f c7 7f fd 8d cf 6e 10 42 34 8f 95 67 e5 ca e5 cb 0f 7e 75 ed da 5b 9e 5c bb ae 7f 68 68 f8 86 ae ee ae 13 49 29 e9 9c 81 0e 63 28 f8 3d 97 2a 9e 19 67 2d a4 f6 ef de 3c b7 2d 41 22 53 18 93 97 97 43 88 8e f5 b7 4c 08 1c a6 f7 cb cf 19 b6 bf 33 eb e2 dc 0a 24 1d 82 40 17 e6 e7 0a d6 39 44 da bf 87 b5 d6 30 c6 b8 90 92 37 35 28 5c f3 91 8f ec f9 de c3 5b ff f1 9e ef dc 32 32 31 35 f2 Data Ascii: 8<Ht)h-Qo&jHbv[Y4/G33sTv2b,\|s4mPp~KJNSU!L"" zn>\|)/^nB4g~u[\hhI)c(=g-<-A"SCL3$@9D075(\[2215

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.6	49748	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:21 UTC	680	OUT	GET /img/fb_round_logo.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:21 UTC	531	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 42676 Connection: close Date: Sat, 11 Jan 2025 23:19:21 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "81bb5cf1e451109cf0b1868b2152914b" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Miss from cloudfront Via: 1.1 90af45dd727f0b43ee7edafc660daaee.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: yVBsC9K9mFTOIBd2Ps2qoTuT7qLEy8VmON5esIklvK9D1030j8rlsA==
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 04 b0 00 00 04 b0 08 06 00 00 00 eb 21 b3 cf 00 00 01 85 69 43 43 50 49 43 43 20 70 72 6f 66 69 6c 65 00 00 28 91 7d 91 3d 48 c3 50 14 85 4f 53 b5 22 15 07 3b 88 08 66 a8 4e 16 44 45 04 17 ad 42 11 2a 84 5a a1 55 07 93 97 fe 08 4d 1a 92 14 17 47 c1 b5 e0 e0 cf 62 d5 c1 c5 59 57 07 57 41 10 fc 01 71 75 71 52 74 91 12 ef 4b 0a 2d 62 7c 70 79 1f e7 bd 73 b8 ef 3e 40 a8 95 98 66 b5 8d 02 9a 6e 9b a9 44 5c cc 64 57 c4 d0 2b c2 e8 a0 9a c6 a0 cc 2c 63 56 92 92 f0 5d 5f f7 08 f0 fd 2e c6 b3 fc ef fd b9 ba d5 9c c5 80 80 48 3c c3 0c d3 26 5e 27 9e dc b4 0d ce fb c4 11 56 94 55 e2 73 e2 11 93 1a 24 7e e4 ba e2 f1 1b e7 82 cb 02 cf 8c 98 e9 d4 1c 71 84 58 2c b4 b0 d2 c2 ac 68 6a c4 13 c4 51 55 d3 29 5f c8 78 ac Data Ascii: PNGIHDR!iCCPICC profile(}=HPOS";fNDEB*ZUMGbYWWAquqRtK-b\|pys>@fnD\dW+,cV]_.H<&^'VUs$~qX,hjQU)_x
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: 24 5f 48 e2 5f 86 01 a0 41 25 c9 47 1f ea 0c ef 3f 64 f9 20 00 c0 26 f4 7c 46 f3 b0 36 bd ad d2 81 f5 89 24 4f 39 2f 01 a0 39 25 c9 ae d9 d4 cf 3f de 29 33 6d c3 db 01 00 36 a1 3b 93 fc e0 56 f8 46 36 fd c5 68 b7 d7 df 9d e4 47 33 1a 50 06 00 34 a4 94 e4 81 c3 ad 3c 7b 5f 5b 78 05 00 b0 79 fd 50 b7 d7 bf 67 b3 7f 13 5b e1 82 f4 bd 19 0d 26 03 00 1a f6 f1 47 3a 8b b7 ee a9 04 58 00 00 9b d7 bb 92 7c 7c b3 7f 13 9b fa 82 b4 db eb b7 92 fc 50 92 c3 ce 47 00 68 4e 29 c9 81 9d d5 f0 e3 0f 77 5a 55 65 f9 20 00 c0 26 36 93 e4 c7 96 57 b0 6d 5a 9b fd 82 f4 c1 24 df ef 5c 04 80 66 d5 25 79 e4 b6 56 79 ea ae 96 f0 0a 00 60 f3 fb 9e 24 1f d8 cc df c0 66 bf 28 fd 74 92 87 9c 87 00 d0 f0 05 42 95 7c fa f1 ce 60 df 5c 65 87 5f 00 80 cd ef 50 92 2f 74 7b fd ce a6 bd 3e Data Ascii: $_H_A%G?d &\|F6$O9/9%?)3m6;VF6hG3P4<{_[xyPg[&G:X\|\|PGhN)wZUe &6WmZ$\f%yVy`$f(tB\|`\e_P/t{>
2025-01-11 23:19:21 UTC	9908	IN	Data Raw: 0f db d5 cb ab 0f 88 62 b9 28 b0 96 d3 1b ab b7 8a 01 00 00 00 f6 d4 c5 d5 0b a7 71 38 21 8a e5 a2 c0 5a 42 d3 38 dc df 6c 2b e1 e7 a4 01 00 00 00 7b e2 f6 6a 9c c6 e1 26 51 2c 1f 05 d6 92 9a c6 e1 ca 6c 25 04 00 00 80 bd 70 aa 7a 69 75 be 28 96 93 02 6b b9 9d 9b 53 09 01 00 00 60 b7 5d 5c bd 78 1a 87 93 a2 58 4e 0a ac 25 f6 4d a7 12 7e 5e 1a 00 00 00 b0 2b be 7e ea e0 d7 44 b1 bc 14 58 4b 6e 7e 2a e1 73 aa c3 d2 00 00 00 80 85 3a 55 bd 30 a7 0e 2e 3d 05 d6 6a 78 53 f5 fa 6a 47 14 00 00 00 b0 30 1f ce a9 83 2b 41 81 b5 02 a6 71 38 d2 6c a0 fb 15 d2 00 00 00 80 85 b8 b9 fa bd 69 1c 6e 17 c5 f2 53 60 ad 88 69 1c ae ab 9e 5d dd 23 0d 00 00 00 38 2b c7 aa e7 56 1f 15 c5 6a 50 60 ad 96 77 55 af ac b6 45 01 00 00 00 67 ec fc ea 55 d3 38 9c 12 c5 6a 50 60 ad 90 Data Ascii: b(q8!ZB8l+{j&Q,l%pziu(kS`]\xXN%M~^+~DXKn~*s:U0.=jxSjG0+Aq8linS`i]#8+VjP`wUEgU8jP`

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.6	49746	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:21 UTC	670	OUT	GET /img/2FA.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:21 UTC	544	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 114767 Connection: close Date: Thu, 09 Jan 2025 23:09:01 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "03d39d5d071182aba1b01ba2e859de39" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 90af45dd727f0b43ee7edafc660daaee.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: Ul4W0eO0fw5Z3uZNmrDcFfmRPQkjO_7_zCLtBwS5wH64GVwvvhUykw== Age: 173420
2025-01-11 23:19:21 UTC	15840	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 1d 00 00 00 fc 08 06 00 00 00 d3 e7 16 e9 00 00 01 83 69 43 43 50 49 43 43 20 70 72 6f 66 69 6c 65 00 00 28 91 7d 91 3d 48 c3 40 1c c5 5f 53 a5 22 15 07 33 48 71 c8 50 9d 5a 10 15 71 d4 2a 14 a1 42 a8 15 5a 75 30 b9 f4 0b 9a 34 24 29 2e 8e 82 6b c1 c1 8f c5 aa 83 8b b3 ae 0e ae 82 20 f8 01 e2 ea e2 a4 e8 22 25 fe af 29 b4 88 f1 e0 b8 1f ef ee 3d ee de 01 42 a3 c2 74 bb 67 1c d0 0d c7 4a 27 13 52 36 b7 2a 85 5e 11 46 08 22 62 88 28 cc 36 e7 64 39 05 df f1 75 8f 00 5f ef e2 3c cb ff dc 9f 63 40 cb db 0c 08 48 c4 b3 cc b4 1c e2 0d e2 e9 4d c7 e4 bc 4f 2c b2 92 a2 11 9f 13 c7 2c ba 20 f1 23 d7 55 8f df 38 17 5b 2c f0 4c d1 ca a4 e7 89 45 62 a9 d8 c5 6a 17 b3 92 a5 13 4f 11 47 35 dd a0 7c 21 eb b1 c6 79 Data Ascii: PNGIHDRiCCPICC profile(}=H@_S"3HqPZqBZu04$).k "%)=BtgJ'R6^F"b(6d9u_<c@HMO,, #U8[,LEbjOG5\|!y
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: 4a 2a 11 40 cd 2c ac 5c fb dc 31 42 dd f9 5e ed 76 e8 fa 0e a2 6d 61 0c c1 68 86 60 e3 2a 56 a2 4a a7 85 15 0c 23 1d 52 a1 ad c5 02 84 bd 36 b0 c6 38 a2 a9 ef 35 e1 98 f9 16 ed 72 e5 9e 83 65 b7 be 47 b1 26 60 b3 db 63 61 9c d1 36 24 62 13 b7 96 24 ac ef 43 63 0d 63 bb dd e1 e2 76 83 e7 c6 e0 f2 fa 0a db ed 2d 7a cf fa 5f b5 0b 77 6c e3 3a 36 2b d9 42 b8 2a 60 97 2e 20 05 63 fb 88 1c 48 d1 b8 74 8e 71 8b 94 6a 1b 0c a7 75 58 e7 e3 ba ad 0e 7c 0d 87 94 1b cf 9d f0 4a b4 e4 aa 3a c2 d6 35 33 75 af fb 4e 17 3f 0f e1 76 2b 9b b8 df 7c 9b 1e 7f a8 7c f1 11 75 e8 5b 45 0e d1 31 86 a3 33 94 3a 41 fb 7d 0f a5 04 94 6a a3 13 66 ad 86 10 0a 4a 09 08 cb b1 2c 77 b1 68 20 a5 c4 fa 64 89 0f 3f fc 10 1f 7e f8 43 fc f9 9f ff 0c 0f 1e 3c c0 c9 e9 0a 44 84 ae e3 51 09 a3 Data Ascii: J@,\1B^vmah`VJ#R685reG&`ca6$b$Cccv-z_wl:6+B*`. cHtqjuX\|J:53uN?v+\|\|u[E13:A}jfJ,wh d?~C<DQ
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: 15 04 67 50 60 66 fb b8 4b 62 de ae 49 96 d4 cd c0 e3 94 2d f2 e2 16 f5 8f 81 f2 63 b8 3d 5e 70 91 07 22 2d 22 13 68 64 f8 c9 1b 67 7c a8 7b 88 44 7c 1f b7 53 75 62 d6 ea a7 65 73 7d 5d 24 67 15 2f b5 f1 20 73 53 1b b1 f5 8e 7f 0f 99 df 18 8a 66 79 f9 07 67 c6 a6 3b 03 4f 17 f3 e3 21 84 9c 00 db 2a 04 df ad 9f 4e d3 29 7e b5 d2 aa d7 ae 74 12 17 d0 c6 d7 4c 4a d5 a1 1f 64 7c cf e0 00 7c ea 1e 57 e8 3c c3 c2 d7 21 39 40 61 db 2b 86 7c 64 e6 85 5d 16 d7 5a b3 97 78 53 87 10 8a 5c 05 1b 27 1e f1 68 56 08 d7 39 48 8f 88 d0 2a d9 83 db dc 01 f3 ea 6a 5a 79 89 5a 87 26 76 50 51 07 0f 0d 4d a9 0c 39 df e6 32 de dc c8 6d 6c ae c6 40 af 95 74 a4 d8 e0 29 c2 6e 0c 8d c6 d3 38 1d 3f 27 2d 0e e6 90 99 b8 67 97 fb fe 1c 31 2b 87 ac c4 4e b4 58 c1 ab 49 7a bb a4 da 73 Data Ascii: gP`fKbI-c=^p"-"hdg\|{D\|Subes}]$g/ sSfyg;O!N)~tLJd\|\|W<!9@a+\|d]ZxS\'hV9HjZyZ&vPQM92ml@t)n8?'-g1+NXIzs
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: 39 3b 47 7f 72 1f 67 dd 63 18 73 81 f3 ee 01 ae e9 1c 2f c7 0e 97 83 41 67 36 20 58 28 09 1c 73 2a 15 29 18 02 f1 9a 21 df f3 58 ad 5a ac a7 cc 39 cc bf 21 bb 36 c0 2c 9b 8e 59 37 a9 7a 28 3c 2c 72 36 fc dd a3 9a cb 1d 8c 4b e6 97 77 d5 ec 38 14 08 6c cf d3 b5 4e c6 d9 e2 fa 1d 84 7c 2d 2f aa 25 9b 8c 9a d5 c5 92 bb 77 b9 bd da 6b 26 5c 8f 24 7d 1f 8e 2f 96 47 0c 91 37 69 8d c7 1d ae a7 69 5c 87 7c ad aa 01 00 c9 10 31 ac 3f 71 7b a9 2c 14 d1 1a 11 8c 22 b0 28 54 66 c2 fb 9d 0a 58 eb 20 c1 2c e8 a0 b2 57 99 33 65 c8 d4 ab 3d 0d d0 54 56 a8 fc 7b 18 bc 8c 31 31 c1 18 7b e0 a1 91 0e 18 53 8f f6 54 f5 f5 f0 0f 19 86 35 7e 51 77 e2 79 05 c6 78 9e c7 30 0c 81 e4 88 43 05 54 45 8a d6 8b d1 51 cf f0 63 f9 a0 a6 98 9a 07 58 59 c4 97 20 30 11 88 2a c6 f0 0c d5 89 Data Ascii: 9;Grgcs/Ag6 X(s)!XZ9!6,Y7z(<,r6Kw8lN\|-/%wk&\$}/G7ii\\|1?q{,"(TfX ,W3e=TV{11{ST5~Qwyx0CTEQcXY 0
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: 16 5e 3c 49 08 0a 24 ae f2 0d ad 52 08 c6 52 e3 ca 10 e4 94 f2 4e d5 c1 eb 42 0b 41 9e 6b 66 65 49 55 2d 96 13 a2 13 98 45 85 90 92 91 d6 98 d2 e0 aa aa 91 9f 36 8b 0a 13 c6 95 92 16 11 48 b2 ce 39 2a 23 10 d6 ef 63 26 14 5a 0b 5c 05 46 18 9c b1 38 57 79 40 27 83 1d 3c 16 53 79 e2 ec 92 98 19 4d b0 ce 9d 2b 73 7c af a5 15 01 f3 b2 f4 3e 1c c2 a1 85 44 4a d1 a8 44 56 91 b5 44 ef fc bb c6 42 af af 74 d2 47 8e 5f b5 60 8c b7 1b 9f 9f d4 8a b8 2e 6f c7 e5 9e ae a1 da aa f9 3d d5 49 b1 fc f7 f0 62 36 b5 82 6f 9d 87 15 c7 78 d1 ce c5 a1 f2 72 9f c4 7a aa 64 5d 1f 77 2a be b5 74 58 56 e8 98 74 cf 79 1c d3 ac b5 0d 69 b4 37 17 7b ce 61 ba 4b af 58 02 68 a9 24 52 2e 75 af f4 50 f0 e8 0b 0c 43 68 6a dd 93 be ee b6 93 24 97 ef 01 74 ac 1a d4 a9 9a 5b ea 18 ba c7 91 Data Ascii: ^<I$RRNBAkfeIU-E6H9#c&Z\F8Wy@'<SyM+s\|>DJDVDBtG_`.o=Ib6oxrzd]wtXVtyi7{aKXh$R.uPChj$t[
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: a4 ce 54 88 b3 13 0e 9e 3f e1 f0 c5 b7 98 d9 31 99 29 d1 d6 7a 2f 43 e7 7c 91 c5 49 a8 b9 1d 08 d0 19 b6 f4 c2 cc 59 a6 11 52 a2 f3 8c bd fd 2b 6c ef ed 93 8d 36 41 6a 4c e8 e7 6f ac d0 45 2d ba fe f6 c0 a3 31 fd 6b e4 a3 bd cf 88 0d 6f 56 d5 02 17 ea ba c2 39 84 b5 c8 6a 41 86 25 97 39 a7 ae e2 6d 67 00 29 24 47 af 0f 39 3d 3d e5 30 3b 26 53 02 61 25 d6 55 21 6d ee 8f cd 6b 53 08 9c 74 48 a1 71 d2 2b 93 3a 67 1a 9d 04 e1 bc 64 75 6d bc a5 84 37 a8 b3 95 59 ba 53 4b 71 ee b9 01 ef c2 af 9e 6b 0d 8b ba 44 73 f0 e2 55 4b 88 af 72 96 ca 1a 16 95 07 98 e3 22 07 ec 5b 2d 72 94 93 50 4a 0a 21 d0 0e ca e9 94 c5 74 ea b3 62 04 0f 0f d9 2e 6f 38 2b 1a 1d 15 e9 96 76 75 b1 9d 81 17 9b 73 4b ad 8e 08 ea c8 30 68 45 7c 5f 06 2d 07 29 1a 7f e1 e0 3d 22 5a 0e b6 a9 00 Data Ascii: T?1)z/C\|IYR+l6AjLoE-1koV9jA%9mg)$G9==0;&Sa%U!mkStHq+:gdum7YSKqkDsUKr"[-rPJ!tb.o8+vusK0hE\|_-)="Z
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: da bc 2e 93 32 cf fa c2 64 19 fe 35 4d 53 f5 b0 59 f2 48 d5 18 53 d4 23 e4 08 5d d7 e1 64 d5 42 31 20 5a a0 57 2b 08 0b 3a 06 cc fa 04 68 d7 0e 52 67 eb 14 4a 85 9c ba 2a 2c b4 10 94 12 c0 f6 d8 bd 7a 89 27 9f fd 05 f7 ff f0 5b 7c f9 d1 9f 70 fe e4 21 ba dd 06 bb ae c3 a6 db 80 b4 c2 f1 e9 09 2e 1e df c1 d5 93 2f a0 e5 0a eb 86 b0 be f3 1d 50 7b 0c 34 47 18 fc f9 25 12 68 12 58 28 68 e5 04 d6 40 0c 03 05 d2 c0 93 57 67 f8 dd ef ff 80 cf 3e fb 0c 4d d3 e0 3f fd a7 ff 88 1f fd e8 47 b8 73 eb d6 58 b8 7a 0b 72 7c 63 bc 8f 59 7b 06 66 70 40 b3 30 f5 f6 08 28 84 f5 a5 04 2b 92 b8 98 8e f0 78 cd 1b c4 19 c8 8d cf 8b 47 21 ac 38 c8 bd f7 76 03 f9 02 96 97 ca 43 90 bf c4 be e2 90 b5 c5 75 91 ed 62 9b 71 9a 48 67 7c c0 eb ac 21 af db 41 36 99 8f 2a 73 cd d2 2e 4b Data Ascii: .2d5MSYHS#]dB1 ZW+:hRgJ,z'[\|p!./P{4G%hX(h@Wg>M?GsXzr\|cY{fp@0(+xG!8vCubqHg\|!A6s.K
2025-01-11 23:19:21 UTC	623	IN	Data Raw: ee 14 c9 b0 d2 e6 ec 7e d3 5a ef 9a c3 25 32 3f 78 27 42 09 09 97 c9 96 e0 25 95 92 14 15 61 62 f4 45 02 1b db 13 b6 d3 36 cc 04 f9 b1 c8 49 48 b9 0d 61 25 16 db b0 3d 84 cd 9e f1 2e 92 aa 31 b2 49 3f 79 1e f2 95 6a 3c c7 18 73 6e fd d8 47 e5 ad 5f 34 71 c2 31 18 3a 27 f7 93 6f ea a4 2c ca 41 a8 4a a9 b4 eb d0 8f 4b c1 26 3f 6f b9 86 45 94 5f 64 d9 ae 6c 23 1f de 47 5e f9 36 18 df e6 8c 1d d2 76 a0 e5 5d 04 86 fa e3 33 73 2c 64 f3 cc 19 f2 86 67 93 fc 16 d9 55 45 a5 6d 71 41 59 ea cc cc 7e fc 54 49 0b 5d 76 d5 56 49 1a 2a d2 b8 87 50 8d f1 74 d1 31 75 ee 51 b9 42 af 5e 74 28 2b e5 5e 4e 2c e4 a6 63 06 94 b7 8f 18 a9 39 40 13 df 75 14 1c 25 d9 61 4a b2 b9 d2 b2 8f 59 10 54 95 c6 4a d7 38 5a ac 70 74 78 84 c3 a6 01 6d 5d a2 45 14 45 90 82 f6 eb 2b b2 cf 2f Data Ascii: ~Z%2?x'B%abE6IHa%=.1I?yj<snG_4q1:'o,AJK&?oE_dl#G^6v]3s,dgUEmqAY~TI]vVI*Pt1uQB^t(+^N,c9@u%aJYTJ8Zptxm]EE+/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.6	49751	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:21 UTC	672	OUT	GET /img/phone.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:21 UTC	544	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 255341 Connection: close Date: Thu, 09 Jan 2025 23:09:03 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "3c18a93313e72ab9967152a4e92aa238" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 7b2737d1601ba8c676e6f68b6aa113d8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: g_Y9eoKAure7IiOpzec37q4L8614RhYrzclVhGMt1LOAtFP755wg0g== Age: 173418
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 80 00 00 01 18 08 06 00 00 00 cc 10 47 90 00 03 e5 34 49 44 41 54 78 da ac 7d d9 8e 65 59 92 d5 b2 33 dc d9 c3 23 23 22 b3 32 aa ba 26 c8 ae 12 ad a6 5b aa 06 1a 21 90 78 84 1f e0 03 e0 0f 80 97 7c e3 5b 78 e5 43 e0 a5 25 ba 2a bb 86 cc ca b1 72 8c c9 c3 c3 fd fa 9d ce 39 86 db 36 5b b2 ad 2b 51 8c 37 e2 e8 de 33 ec 7d f6 60 db 6c d9 b4 5d f4 cb 7f f7 15 80 0b fc 3f 7f 24 be 27 00 0a a0 89 73 fe 6e 01 51 60 3a 01 cd c2 af e9 3e ca f1 19 f5 f2 ac 4f fa f8 d9 fa b9 1e e3 99 0e 50 ab 67 e5 75 8d 37 80 0e 51 56 80 66 e9 65 d4 eb f2 67 ae bd ac 2a 20 12 ed e9 01 3d 00 cd 06 90 0e 98 b6 d1 8e c9 ef 63 8a ba 7a 40 e6 5e e7 74 0b ff 58 db 46 7f 87 74 5e 0f e0 cf 4f 7b 40 ed de de db d9 3e 04 30 d8 b3 76 ee Data Ascii: PNGIHDRG4IDATx}eY3##"2&[!x\|[xC%r96[+Q73}`l]?$'snQ`:>OPgu7QVfeg =cz@^tXFt^O{@>0v
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: 6c a5 6b a3 e5 2d 7f 3a f5 0a d3 f7 67 d3 70 0e 17 04 96 8d bc 97 b8 ca 0f c2 ed 63 c7 b6 5c bc 4d 83 fe 37 af 01 d7 09 a3 d5 66 4a 8e 68 66 2f 19 68 53 f6 73 5b 80 0a 1f c0 1d 6a 29 0f 93 63 29 9b e6 0c 5e 95 02 ea 72 2f ec 5e e7 80 82 41 45 60 02 65 fb 74 7d 90 b1 e5 01 6b c9 d8 81 fa 3a 68 d4 50 1e 01 9c e6 29 c7 8c 4c cb 6b 35 fd 0b 9b 96 ca b7 20 a2 e8 d5 89 5c 4a 13 45 19 ca 96 a8 0e 80 a6 07 2e 4e e1 bf bd 82 ff f2 18 fe e9 0c fe f5 0c bc 6c c2 be 54 ba 04 f0 11 be 17 37 97 29 03 78 1e 81 d9 ef ea 46 a4 80 70 ac 40 3a 07 d6 37 65 f2 17 f0 8f 7e 13 58 42 be 61 94 97 d7 40 51 06 13 71 9a 66 a0 6a 12 16 aa d4 2d 40 5e 63 36 43 84 d8 04 44 96 5a 64 40 d0 98 3c f3 df 4b 8c ca a9 50 96 97 a4 63 b8 5f 5a 66 ae 95 b5 07 e6 ed 9c 80 40 ab 2e c4 f8 c4 38 89 Data Ascii: lk-:gpc\M7fJhf/hSs[j)c)^r/^AE`et}k:hP)Lk5 \JE.NlT7)xFp@:7e~XBa@Qqfj-@^c6CDZd@<KPc_Zf@.8
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: 57 d9 c9 97 04 90 50 bd 2d 6a f5 09 a4 4a a8 5d 46 c0 16 73 39 c9 ae f1 53 39 69 3a 41 f6 82 ee 35 bb 4f 19 40 0b 74 6e 9c cd 93 93 c6 bc f9 ac 64 5b c9 6b 1c e0 15 18 ea 00 ee ef 85 ac d1 63 27 6d e6 5b 01 86 81 84 36 96 13 24 18 9d 5c 5a fe a1 83 ba 38 ca 2e 04 48 3e 0b 0b 2d 3d 93 63 24 0a 72 42 57 d4 b8 cb b9 80 d4 84 28 d9 c6 a9 5d a0 0e 1b c4 9b 5f 80 fa 4a ad 05 34 1e c6 4e 2c bd cf a1 ce 71 41 88 02 5c 4c 5b a7 27 8d 0c 52 6b 9f 7c bc 54 fa 1a 10 48 e3 01 39 97 86 91 72 29 21 b3 89 de 7c a2 ef 43 8e 2d ff b9 89 b4 e9 e0 42 06 a2 e3 f2 b4 1d d3 01 9d c7 19 21 d4 6e 93 92 59 3f aa f4 f9 68 ba be dc 04 91 bb 7c c7 fe 87 21 5a 6a 47 3f ee 0e b6 63 27 2d bd a8 c8 da 41 9a 79 ee ad 81 e2 9a 69 fa 06 70 28 ad 4c 3b 08 73 a7 9d 74 2b 2b fb 4c fd 33 8d d2 Data Ascii: WP-jJ]Fs9S9i:A5O@tnd[kc'm[6$\Z8.H>-=c$rBW(]_J4N,qA\L['Rk\|TH9r)!\|C-B!nY?h\|!ZjG?c'-Ayip(L;st++L3
2025-01-11 23:19:21 UTC	15095	IN	Data Raw: f6 85 55 24 d2 f7 26 d8 48 39 1c b9 00 0d 05 8e 1f fd 1e 8a e6 3d 35 2e 45 ef 07 ab 99 79 b2 3c 72 79 13 9c e6 06 64 c4 c4 52 4b 01 c2 da 59 2b 3e dc 9f cb 2e 0e 88 38 b0 60 1f 5a 03 27 5a b2 f5 b2 44 a4 82 90 65 66 ce 64 9b ce ee 39 c8 73 bb 17 46 11 4d 08 31 6b 8c d9 33 92 5f 1c fc 6f 1b 4b 88 d1 c9 e1 03 3f 5d 1b 4c 0a 13 b8 af c3 8e c5 a2 f3 3c ff 77 3c f3 f2 92 8a 5b d5 90 95 78 69 f2 11 60 fa e7 ac 14 72 31 62 19 ae b4 f3 2d 5f 8d ad 65 0c 50 1d d8 80 b8 09 6a 5e 58 82 0e 54 7d c0 0d 3f 43 d0 2d 17 80 55 f8 9c 51 61 3e 7c 1e 44 9f ec 7b 4c c7 5a 49 15 74 53 11 c2 7d 6a 8c e5 9d 9b 1e c8 3a 7d 87 0b ed 3c 04 47 a4 5d 75 a2 c7 42 f9 b0 0d f0 cb 10 ed 43 ba 94 7d 92 a0 0c 2f d5 06 64 39 44 c9 b9 bf 26 42 8e f2 24 0f 3d 72 d7 a1 98 4d b4 0c c7 78 ff 6f Data Ascii: U$&H9=5.Ey<rydRKY+>.8`Z'ZDefd9sFM1k3_oK?]L<w<[xi`r1b-_ePj^XT}?C-UQa>\|D{LZItS}j:}<G]uBC}/d9D&B$=rMxo
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: f0 b4 4f 83 31 43 03 52 7f 38 03 88 00 34 26 4d 96 51 be 55 61 f6 f1 67 1a 99 26 df c1 66 e2 ec 5d ba 37 06 16 93 32 84 5e b2 4b 1b 70 35 43 22 74 16 73 b6 33 3b 92 51 98 29 f5 16 fc 46 06 59 1e 3e 03 78 d6 c7 eb 1f 81 c4 67 ef ce 01 4d a5 53 31 86 90 54 cf 11 ec 9b 83 b7 4d c5 be 51 05 00 13 6c 5a 1e db 29 c6 aa 36 17 06 ae 8d e1 63 33 4b 6d 9f 39 63 a6 cb b0 36 90 f4 14 a8 e3 ef f8 a0 6c 47 79 2f dd ca a4 41 e7 9a a9 9c 1f 42 58 1d c0 c1 bd f7 cc ad ff 5a 97 c1 41 df d1 41 be 35 91 4c 31 78 d8 a0 c9 e2 9a 7f ab 51 6f bc 8f e4 81 bc d3 63 25 5f 7b 4e b0 75 68 af 44 b7 24 0c ac 1a 7c 5b 17 70 67 bf c5 b9 7e c7 f9 16 60 03 00 4d 53 65 df 26 2b a3 25 60 f0 66 91 82 7c 90 f3 cb d6 c5 df e8 16 fa 30 32 4b 8f 09 84 3e 26 39 b4 aa 4a 9e 66 0f 61 4c 81 97 48 c2 Data Ascii: O1CR84&MQUag&f]72^Kp5C"ts3;Q)FY>xgMS1TMQlZ)6c3Km9c6lGy/ABXZAA5L1xQoc%_{NuhD$\|[pg~`MSe&+%`f\|02K>&9JfaLH
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: 79 8b fd 78 17 ab 32 a2 a3 09 8f e8 be 68 fe 1a ce c2 b2 01 30 86 f0 5c d8 bb 87 e5 bb 98 d1 59 1e 30 c9 ed 35 0e b8 e0 4f b4 b9 04 6b dc e2 8f c1 20 d9 fe 80 b5 5c 3f c1 1d 61 f3 4e a1 e5 e6 06 45 4a b6 db b2 c3 4c ad 9a 54 9b 06 31 ab 41 b4 82 44 01 93 fe 78 23 a0 92 41 78 82 db 48 56 a2 b8 c3 1f e1 1a 67 b8 36 16 b3 61 e0 a4 7d 82 d5 f6 7d 9c 9c be 0f 34 47 30 dd 0b 8a b8 36 97 2d c7 0a 24 b0 68 e6 34 73 f2 00 9f 6c 28 5f c9 d5 34 10 d6 f1 2b 82 59 61 fc 08 d0 41 38 9d 83 b5 0b 57 c0 98 9c a0 52 b6 1c cc 82 85 4d c8 da 7a 03 8a 97 ba dc bb 29 9a 54 d2 36 56 5e ed b9 01 31 03 4d de 3d 5c 76 51 0a 30 fb 19 d0 10 a5 e5 68 cb d7 c7 e6 27 ca fe a1 68 ec 5c be b1 8c cd 8f cd 10 7b 32 30 b7 93 cf 65 1a 1d 2b 61 8a 53 ba 65 ef fe 29 a0 3c 31 b0 77 27 4e d4 72 Data Ascii: yx2h0\Y05Ok \?aNEJLT1ADx#AxHVg6a}}4G06-$h4sl(_4+YaA8WRMz)T6V^1M=\vQ0h'h\{20e+aSe)<1w'Nr
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: 3c b5 0b ad ad 8d b6 ff 5e 94 6e c9 46 7a 03 54 6a f6 93 70 6e 64 99 37 c6 8d 25 83 4a 33 ea 8a 0d 5b a7 82 44 9d e4 32 73 5d e8 c8 c0 6d 22 fb 18 ae 1f 82 19 8a 9e e6 ec 6e d2 ad 06 8a 6d fe f3 0a 5f 48 9d 64 ba b6 bf 11 b3 0d 93 5e bc cf e1 26 e4 76 41 34 77 8a 64 9b 3f 20 c0 dd 1f 82 94 27 88 05 67 8a b0 7e 32 44 21 f8 9f a8 79 2b 07 68 7f 62 65 4c 37 03 d5 ee c4 4a a0 b2 ae 4c a1 b5 75 af ec 56 e7 6a 01 53 e3 c7 ba 23 b6 90 7b 54 8f ec bf 1d 65 4b 06 ee 97 7d 05 2b 4c 52 d8 56 c6 0c 5a a8 35 33 8f 27 db f9 f3 23 a7 94 b9 12 94 e9 51 18 33 9b 6e ce 72 69 a3 13 99 65 b9 e9 81 5d 35 03 5d aa de 54 f9 2b d7 76 fc 9e 74 c0 a0 c0 e4 e5 a1 bb 05 b8 ec 90 bf 7e 06 c8 b9 d1 e0 dd cd 60 76 5c 2f 62 65 66 1f 8c 8c bd 6a 1b 12 64 64 07 2c 7a 32 54 c5 40 aa a6 53 Data Ascii: <^nFzTjpnd7%J3[D2s]m"nm_Hd^&vA4wd? 'g~2D!y+hbeL7JLuVjS#{TeK}+LRVZ53'#Q3nrie]5]T+vt~`v\/befjdd,z2T@S
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: eb f8 0f 9f f8 3a be f4 6b df 04 e6 0d d2 a5 b9 b1 c4 35 b3 a1 29 ac a2 08 06 a0 a6 21 86 9d 53 2c f9 56 9d a4 10 6a 55 87 8c b2 51 fc ff 6c 4c 25 40 30 6d 4e 14 ec 13 24 19 d8 a1 f7 20 94 a6 c5 d4 4c ef 24 71 a4 3a e5 a3 4e e5 88 45 1f 1f 83 72 fc 4b 7b 15 83 58 37 20 f4 04 3a 52 c8 5a 97 6d 3d 4e 56 1d ca 3d 25 33 ec 1c ae de a3 23 98 d3 70 25 08 93 60 38 cb 97 d8 75 ed f6 5c 2c 6f a7 aa 43 b7 63 e0 bf b4 b5 31 b6 3d c6 2e 56 7f 6c b6 63 ae 3c 89 e3 4f 40 09 e6 16 fb 93 5e 31 3b a5 ec 2b df a2 55 4b f6 4a 1e 58 0e b7 63 83 68 1a f1 31 9e 4d 74 91 4d cb c6 8b 02 05 98 51 bc fb f7 14 09 ad 5e 15 f3 48 b6 ae 4e 09 d9 95 81 d0 e7 b1 b6 84 d1 1d d0 57 e2 8a d8 f9 97 40 94 9b fe 14 80 6f 17 c4 2a 01 b6 16 d7 e7 16 4a 62 f8 a9 f4 2a a4 89 8c dd 67 17 b1 3d ea Data Ascii: :k5)!S,VjUQlL%@0mN$ L$q:NErK{X7 :RZm=NV=%3#p%`8u\,oCc1=.Vlc<O@^1;+UKJXch1MtMQ^HNW@oJbg=
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: c2 1a c6 34 a5 a3 06 52 af 20 13 85 4c 57 90 b9 42 c6 a6 11 33 c6 69 4c eb 2a 63 13 f9 bb f9 90 3a 18 0a b3 64 67 76 10 d6 32 09 f1 da 4c 85 a0 ee 5a 40 4d d9 00 1a 5d ca 12 e5 58 ca 03 12 42 23 c8 45 32 93 2f c8 be 65 96 e3 09 1e fd c6 15 02 bd 18 7d 7f bc 06 22 7a 6f 74 2e 65 0c 00 d4 f7 03 6c bc 83 1f 27 6f f9 a7 75 9a 7d df 8c 01 64 fc 9d 83 54 56 6f 5c ce c3 8e 71 02 4a 76 de 06 68 f6 fb 74 6f a0 be af 02 98 49 cf b9 0d e0 b9 85 82 40 1e 89 6c 1c cb c6 24 1f f4 8c f3 9d 8a 5f 1f eb 58 2c f3 3c 24 e9 c3 a6 48 cd 64 3a 3d 82 90 7a 4c 3b 47 3d d2 f5 4f 1b 00 64 a0 32 d6 15 d2 b5 63 a4 2b 27 d0 4d 44 71 09 bb 7e 01 db b7 dd 51 d2 b0 29 91 5e 79 04 cc d6 40 1b ac 52 e2 60 a9 e1 8d b7 0d 14 73 5a 02 a4 a9 33 45 1b 04 95 cb 0c 4e 05 b7 d2 45 d6 08 af 3c 8b Data Ascii: 4R LWB3iL*c:dgv2LZ@M]XB#E2/e}"zot.el'ou}dTVo\qJvhtoI@l$_X,<$Hd:=zL;G=Od2c+'MDq~Q)^y@R`sZ3ENE<
2025-01-11 23:19:21 UTC	16384	IN	Data Raw: 0f 4e 1e 15 77 49 2b 83 54 91 05 2c 4f 59 f3 fc b5 00 75 8a 76 a5 22 b0 c8 1e 2f 24 78 8c 1b c1 d9 e9 26 3f f6 0b b2 95 07 09 fa 92 44 c7 68 0c 50 ac 50 68 ac ca 61 cf 8f c4 0a b1 7f fa 48 ed 51 c5 24 e1 4d b2 e7 8f e3 84 71 f2 e3 95 1a c4 a2 82 1e 54 64 d5 30 ed 98 35 9b 23 f1 21 e4 14 fe 5c 02 2d fe ee 56 54 71 5c 34 db c0 fb 3b 9f 58 97 68 36 e8 cc 98 3e 4b f8 b0 ec de aa 72 93 e7 d1 6c 62 ba 39 b0 f3 f3 e9 a0 c1 ef ff b2 59 2b e4 d1 07 69 02 3e 48 6a ca ef 76 8c 5d d3 48 2b 1b a8 b2 91 a2 8c 7f 17 3f c4 de 0b 2f e1 af fe ca af 61 7d ff 12 55 db 14 c6 ae 2a 7e cf 8a a3 8b a1 00 b7 4a 04 e0 8d 6a a1 24 98 35 05 ac 17 90 7f b6 19 71 76 39 60 98 0c dc 9d 9f 9c 97 66 92 69 b2 68 3f 49 12 c7 ae 30 bd d3 a4 78 f7 2f cf 70 fe 70 8b bf fb f9 8f e3 33 bf fb 22 Data Ascii: NwI+T,OYuv"/$x&?DhPPhaHQ$MqTd05#!\-VTq\4;Xh6>Krlb9Y+i>Hjv]H+?/a}U*~Jj$5qv9`fih?I0x/pp3"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.6	49755	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:21 UTC	398	OUT	GET /img/no_avatar.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:21 UTC	542	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 6043 Connection: close Date: Thu, 09 Jan 2025 23:08:52 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "d5d30f28ca92743610c956684a424b7e" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 67697a0060e2336f6ffa8579d528820e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: Rvg5QIKarghunfap158TiA4c97nUZ_UybMEaB63VBDQ5-ISN7QCbpw== Age: 173429
2025-01-11 23:19:21 UTC	6043	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 00 00 00 01 00 08 06 00 00 00 5c 72 a8 66 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 17 50 49 44 41 54 78 da ed 9d 09 70 5d e5 75 c7 1f fb 12 c2 16 68 c2 52 96 04 32 a4 50 d6 50 36 43 ca 60 37 2c 21 6d 26 90 4e 9a 96 4e 98 4c 09 4d 0a 4d 27 40 67 5a 1a 87 a4 10 28 29 81 34 03 b4 10 62 ed 92 65 c9 5a 2c c9 92 b5 59 b2 b1 6c 61 d9 f2 6e 55 28 89 58 52 08 18 03 66 33 f6 eb ff 48 0f e9 c9 7a 7a 7a cb bd f7 dd e5 77 66 7e 63 0c c6 7a ef dc 73 ce fd be f3 9d 73 be 58 0c 41 10 04 09 87 0c 0c 0c 1c bd 79 f3 e6 33 c5 a5 e2 06 71 8b f8 9e b8 c7 d8 b4 69 d3 03 fa f5 27 fa f5 61 f1 e4 96 2d 5b 9e b0 df 27 b8 ef a3 3f a7 7f ff 5d f1 75 fd f3 3c fd b9 0b 36 6c d8 f0 87 fd fd fd 87 a3 61 04 29 a0 Data Ascii: PNGIHDR\rfbKGDPIDATxp]uhR2PP6C`7,!m&NNLMM'@gZ()4beZ,YlanU(XRf3Hzzzwf~czssXAy3qi'a-['?]u<6la)

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.6	49756	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:21 UTC	396	OUT	GET /img/block_2.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:21 UTC	543	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 18787 Connection: close Date: Thu, 09 Jan 2025 23:08:46 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "8942e3ff39cd6784c7c89bd6eb26d604" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 5045d3a1f76416b3ecc1cca4c66b0ef4.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: trDWusZQsfvdxoXvwMuv9KWY0Qbj8tzhOE7eLqc-8i5-Icbb_y3isw== Age: 173435
2025-01-11 23:19:21 UTC	15841	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 64 00 00 00 65 08 06 00 00 00 bb be 46 f1 00 00 24 c2 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 65 78 69 66 00 00 78 da ad 9c 6b 96 9c 37 0e 64 ff 73 15 b3 04 be 1f cb e1 03 3c 67 76 30 cb 9f 1b cc 92 6c 49 6e bb ed b6 64 a9 4a 99 59 fc 48 02 08 44 80 a0 9d fd bf ff 7b dd ff e1 d7 c8 a1 ba 5c 5a af a3 56 cf af 3c f2 88 93 6f ba ff fc 9a ef ef e0 f3 fb fb fd aa f9 eb bd f0 e3 eb ae 96 af 37 22 2f 25 be a6 cf 3f 7b fd fa fc b7 d7 c3 f7 01 3e 5f 26 df 95 df 0d d4 f7 d7 1b eb c7 37 c6 d7 93 63 ff 69 a0 f8 f9 92 34 23 7d 7f be 06 1a 5f 03 a5 f8 79 23 7c 0d 30 e7 d7 52 46 6f bf 5f c2 b2 cf d7 af 9f ff 6c 03 7f 9c fe ca fd c7 69 ff f2 ef c6 ee 9d c2 73 52 8c 96 42 f2 fc 9d d2 d7 04 92 Data Ascii: PNGIHDRdeF$zTXtRaw profile type exifxk7ds<gv0lIndJYHD{\ZV<o7"/%?{>_&7ci4#}_y#\|0RFo_lisRB
2025-01-11 23:19:21 UTC	2946	IN	Data Raw: 74 8f 6f 1d 2c ff 31 b2 da 0a 84 95 af e1 7b bb 88 c6 b7 02 ec ef bd 77 ce 39 d7 54 39 a8 d8 d5 89 59 d9 25 d4 c6 f4 a5 36 a5 0b db 73 fa 10 d6 0f df 8e a6 c2 85 70 5d dd 14 7b fb 2b 9b c7 39 e7 62 67 66 cd 15 ae 5a 6f df a0 ba b2 8d f5 09 35 d7 71 cb ac 30 03 4a 05 d2 62 71 d0 52 2a 16 8b 72 40 7d 65 4b a9 bf 7f 13 f9 5c 93 8e e1 8d 11 37 26 43 47 08 8a 83 de 7a 22 a9 d1 49 4a aa 75 20 63 9e 91 58 93 90 91 31 d1 18 c0 c8 72 69 54 9e 1b 24 29 4e 92 a4 c9 99 59 69 a8 0e ac b5 fa ed ed 3e 4a c2 cc 2c 4d d3 d4 91 55 5d cb 76 b8 a8 3c 3a 58 03 65 f3 83 22 65 13 75 14 1e aa fc cb 00 8b a3 4a 64 3d 94 4a a5 82 93 d4 5d b9 52 d2 50 5f 2e 2b 51 63 ed e6 03 92 95 81 da 38 6c 86 9c 83 24 c9 ce 92 a8 ab ab 4b 1c 30 58 a4 cb 35 36 82 39 6a 32 b2 45 f2 31 e6 63 43 92 Data Ascii: to,1{w9T9Y%6sp]{+9bgfZo5q0JbqR*r@}eK\7&CGz"IJu cX1riT$)NYi>J,MU]v<:Xe"euJd=J]RP_.+Qc8l$K0X569j2E1cC

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.6	49762	104.26.4.15	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:21 UTC	350	OUT	GET /v2/free/self/ HTTP/1.1 Host: api.db-ip.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:21 UTC	951	IN	HTTP/1.1 200 OK Date: Sat, 11 Jan 2025 23:19:21 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close cache-control: max-age=1800 x-iplb-request-id: A29E9FD1:3026_93878F2E:0050_6782FC79_455A40FE:4F34 x-iplb-instance: 59215 CF-Cache-Status: EXPIRED Last-Modified: Sat, 11 Jan 2025 23:19:21 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3znwkVlvLh46UraHTUIbeetqnPCj8R%2FyOxjt43OCormS2q8sIiRLBrmmOPKN%2F%2B23Ev7aVmAq4cE4c4JkkgwNQkl1qJYaIgEG6%2B4UsF0qiMbEA5W0m%2FVCI3KTI%2FtF6KQ%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9008a1982dbc4307-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1675&min_rtt=1669&rtt_var=639&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2817&recv_bytes=928&delivery_rate=1696687&cwnd=239&unsent_bytes=0&cid=de8a1fd912e9cc76&ts=156&x=0"
2025-01-11 23:19:21 UTC	247	IN	Data Raw: 66 31 0d 0a 7b 0a 20 20 20 20 22 69 70 41 64 64 72 65 73 73 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 2c 0a 20 20 20 20 22 63 6f 6e 74 69 6e 65 6e 74 43 6f 64 65 22 3a 20 22 4e 41 22 2c 0a 20 20 20 20 22 63 6f 6e 74 69 6e 65 6e 74 4e 61 6d 65 22 3a 20 22 4e 6f 72 74 68 20 41 6d 65 72 69 63 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 43 6f 64 65 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 4e 61 6d 65 22 3a 20 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 0a 20 20 20 20 22 73 74 61 74 65 50 72 6f 76 43 6f 64 65 22 3a 20 22 4e 59 22 2c 0a 20 20 20 20 22 73 74 61 74 65 50 72 6f 76 22 3a 20 22 4e 65 77 20 59 6f 72 6b 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4e 65 77 20 59 6f 72 6b 22 0a 7d 0d 0a Data Ascii: f1{ "ipAddress": "8.46.123.189", "continentCode": "NA", "continentName": "North America", "countryCode": "US", "countryName": "United States", "stateProvCode": "NY", "stateProv": "New York", "city": "New York"}
2025-01-11 23:19:21 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.6	49764	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:21 UTC	397	OUT	GET /img/save_img.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:22 UTC	542	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 7550 Connection: close Date: Thu, 09 Jan 2025 23:08:53 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "8d3bcd1278891fc1e52d38e72549b3d0" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 ee44697df8ff7fee1512bec7b4da5368.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: Ak7DcyRzlKMgvkR5ESnDgRB6XBbeFIFfkyb3DRenrqNZV7gGs3m87Q== Age: 173428
2025-01-11 23:19:22 UTC	7550	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 78 00 00 00 78 08 03 00 00 00 0e ba c6 e0 00 00 02 fa 50 4c 54 45 c3 e2 c9 b5 dc bb b0 da b8 a9 d6 b2 a6 d4 ae a2 d2 aa 9d d0 a6 9a cf a4 98 ce a3 c3 e1 c9 99 cf a2 ef bc 57 fc f2 df fc f4 e3 fc f2 e1 fb ec d0 ac 4d 00 fc f1 dc ff f5 df ff f9 e4 fa e6 bf ff ff ef ff ff f7 ff fd ea f8 e2 b7 eb dc c6 c3 af 9a 96 7c 6b 7e 60 50 a8 8f 7b ce c0 aa fd f1 dd e1 d3 be 8c 6d 57 4e 27 15 37 0f 03 3e 16 07 55 2e 18 5f 39 26 fc f1 da 48 20 10 2d 07 00 43 1b 0a 6c 49 34 ff f4 da 24 01 00 4a 23 12 f8 c9 54 d9 ca b3 45 1f 0f af 99 87 f7 ed da a0 75 4b ea b9 47 7f 56 35 f2 c1 7f eb bb 7b ac 87 54 91 67 42 de ae 73 e3 b4 77 de af 73 de b0 75 d9 ab 71 de ad 6e be e0 c4 e2 ac 68 b2 f0 d9 bb de c1 b8 dd bf b2 60 16 b6 Data Ascii: PNGIHDRxxPLTEWM\|k~`P{mWN'7>U._9&H -ClI4$J#TEuKGV5{TgBswsuqnh`

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
17	192.168.2.6	49763	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:21 UTC	671	OUT	GET /img/star.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:22 UTC	542	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 1980 Connection: close Date: Thu, 09 Jan 2025 23:09:07 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "aae920faed2a3fe4c3083b339cd783df" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 725f43139b6c583d9defb7c5029a8928.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: ItVXoTxQLx6HB2NAxkCJE_mQ4dkB3fxMlNt3JLAin4jwO6N6Lco73A== Age: 173414
2025-01-11 23:19:22 UTC	1980	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 29 00 00 00 29 08 03 00 00 00 9f be f0 c4 00 00 02 f7 50 4c 54 45 47 70 4c ab dd f8 cb e8 fa c9 e6 f9 c9 e7 fa b6 e1 f9 c8 e8 fb c8 e7 fa cd e8 fa cc e8 fa bc e3 fa ae de f8 c3 e5 fa ca e8 fa c1 f1 ff a9 dc f8 bb e3 f9 a5 db f7 f3 ad 00 f2 ab 00 aa dd f8 a8 dc f8 a6 db f8 a1 d9 f6 ac de f8 c8 e8 fd a6 db f7 ad dd f7 c9 e8 fa bf e4 fa c5 e6 fa b0 df f8 a7 dc f8 c7 e9 ff c7 e7 fa b4 e0 f9 b8 e1 f9 f1 a9 00 bf f4 ff a3 d9 f6 c4 ed ff cc e9 fb c2 ef ff b3 df f8 c7 ea fc fa a3 00 c8 e7 f9 c6 eb ff a9 dd f8 ba e2 f9 f3 af 00 c0 f3 ff cb e9 fb f4 b0 00 b2 df f8 af df f8 a7 db f8 c6 ea ff c8 e7 fb c0 e5 f9 bd e3 f9 be e4 fa f6 a4 00 c5 ec ff a3 da f7 aa dc f7 f3 ac 00 b8 e2 f9 b8 e1 f8 b1 df f9 c2 e5 f9 b3 Data Ascii: PNGIHDR))PLTEGpL

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
18	192.168.2.6	49768	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:22 UTC	392	OUT	GET /img/doc.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:22 UTC	542	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 5723 Connection: close Date: Thu, 09 Jan 2025 23:08:55 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "95382a6dab40d5911185a921c53e6f6b" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 284574e4f15389d93bfcb84d196a92f0.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: uOrC2JMKc9XvEaCVAqOhx7wX4glGPJEBfff-BznjQD0vnrjM7GHVPw== Age: 173427
2025-01-11 23:19:22 UTC	5723	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 3c 00 00 00 3c 08 06 00 00 00 3a fc d9 72 00 00 16 22 49 44 41 54 78 5e c5 9b 6b ac a5 57 79 df 7f cf 5a 6b ef 7d f6 99 73 9d 61 2e 1e cf d8 78 3c b6 42 cc a5 83 12 15 4c 88 1c 6a 0a 84 02 09 90 96 24 25 55 3f 44 91 7a 51 0b 91 10 97 24 6d 2a 12 a2 88 24 52 a9 d2 2a 10 68 55 11 28 a9 d3 a2 60 e3 d4 2d c1 34 24 84 5b a8 cd 4d b1 0d b6 c7 e3 f1 dc 2f e7 cc 39 67 bf ef bb d6 13 b1 9f 47 6b e9 c8 42 11 02 d4 25 ed 79 df f3 ee f7 dd 7b fd 9f eb ff 79 9e 3d 32 dc f7 f6 53 e4 7e 19 14 44 40 22 48 00 cd 10 46 88 08 5a 7a 44 22 00 84 04 65 80 b4 00 25 a3 b9 03 01 10 44 02 a8 a2 5a 90 38 46 f3 0c b4 80 2a c4 91 9d 4b b0 f7 fa 2d bb 2e c1 5e 28 e4 01 42 b4 fb 8a 9f 2b 10 42 fb ce 3c 80 66 7c b5 fb 11 3b cf bd Data Ascii: PNGIHDR<<:r"IDATx^kWyZk}sa.x<BLj$%U?DzQ$m$RhU(`-4$[M/9gGkB%y{y=2S~D@"HFZzD"e%DZ8F*K-.^(B+B<f\|;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
19	192.168.2.6	49767	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:22 UTC	670	OUT	GET /img/dir.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:22 UTC	542	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 5071 Connection: close Date: Thu, 09 Jan 2025 23:09:12 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "aef2b30f6701ba271c07e3e26ffc416e" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 ee44697df8ff7fee1512bec7b4da5368.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: TQwCQpjAvO8JA7pIByzL-0ShAEeLlQERSAW5haEWWkNEJgFDoph9uQ== Age: 173410
2025-01-11 23:19:22 UTC	5071	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 78 00 00 00 78 08 03 00 00 00 0e ba c6 e0 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 02 fa 50 4c 54 45 9a 68 aa 9a 69 a9 9b 69 aa 9c 6a aa 96 62 aa 94 60 a9 8e 58 a9 90 5a a9 92 5d a9 8d 56 a9 99 66 aa 8b 54 a8 8a 52 a8 98 64 aa 9e 6c aa ad 80 ac a9 7b ac a5 75 ab b2 87 ac a1 70 ab b5 8b ad bb 93 ad b8 8e ad c1 9b ae b0 84 ac be 96 ae c6 a0 ae 9a 68 aa e1 c4 b1 f7 ec b5 ff ec b4 fd ea b4 ff ee b4 ff f1 b3 ff f4 b5 f5 e2 b3 e5 c9 b2 ef d5 b2 ff f9 b5 fb e5 b4 ff fb b5 ff f6 b5 fd e9 b4 ff ff b6 ff ea b4 ff f1 b6 fe ec b4 ff fe b6 ff ef b4 ff f7 b5 f1 e1 b1 d2 b1 b0 ff f2 b6 ff f0 b3 ff eb b4 ff fd b5 ca a7 af 88 50 a8 9b 6a aa f7 e6 b4 84 49 a8 e9 ce Data Ascii: PNGIHDRxxgAMAasRGBPLTEhiijb`XZ]VfTRdl{uphPjI

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
20	192.168.2.6	49772	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:22 UTC	403	OUT	GET /img/meta-logo-grey.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:22 UTC	544	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 105511 Connection: close Date: Thu, 09 Jan 2025 01:46:29 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "ffba640622dd859d554ee43a03d53769" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 413634bfcacd752107ee361d53948cee.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: _hbz4AsnR1yYl_CEZJvYumqWUXB_ZVmORZLyJpfKhzV2nFuYmc2sRg== Age: 250373
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 03 84 00 00 00 f0 08 06 00 00 00 58 15 aa 71 00 00 14 a9 7a 54 58 74 52 61 77 20 70 72 6f 66 69 6c 65 20 74 79 70 65 20 65 78 69 66 00 00 78 da a5 9a 69 96 1b b9 95 85 ff 63 15 5e 02 e6 61 39 00 1e 70 4e ef c0 cb f7 77 41 4a 2e a9 ca c7 5d dd 4c 25 49 91 11 08 e0 0d 77 40 a4 3b ff fc 9f eb fe c1 23 0f 5f 5d 2e ad d7 51 ab e7 91 47 1e 71 f2 a6 fb cf 63 be e7 e0 f3 7b 7e 8f 9e 7d fa 7e fa cb e7 ee 7e cf f1 91 8f 74 48 fa 9e 50 3f af e1 c7 e7 df 13 7e bc 86 c9 bb f2 87 81 fa fe 7e b1 7e fd 62 e4 ef f8 fd b7 81 e2 e7 25 69 46 7a 6f df 81 c6 77 a0 14 3f 5f 84 ef 00 f3 b3 2c 5f 47 6f 7f 5c c2 3a 9f 57 fb b1 92 fe f9 75 7a ca fd d7 69 ff e9 ff 8d e8 59 e1 3a 29 c6 93 42 f2 3c a7 f4 9d 40 d2 6f 72 69 f2 45 e4 Data Ascii: PNGIHDRXqzTXtRaw profile type exifxic^a9pNwAJ.]L%Iw@;#_].QGqc{~}~~tHP?~~~b%iFzow?_,_Go\:WuziY:)B<@oriE
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: bf de ca fa d2 5a 43 69 90 2b 88 20 14 84 c3 ae 29 de 2a 6f f4 c7 2b 56 9d 76 cb cf 6e ff 63 6b f9 7d bd 73 67 0d ec de bb 0f 51 54 40 5f 5f 2f ea f5 3a e2 66 8a 42 14 81 18 b9 28 f0 bd 05 3b 6f ac 2f 7f c1 f7 72 f5 f6 a1 7a 12 aa 43 f6 2a 9c 22 ee 0e f1 6f 75 ee 30 b7 ff 6f ef 76 e1 05 0c 11 92 66 0c a5 14 8c 31 d0 9a 40 ca e7 ed 37 9b 4d df 0b af 58 44 21 2a a2 56 ad a2 50 28 a2 18 46 73 ab 13 63 1f 5c ff dc 73 95 af 5e f7 fd bf de ce fc c4 52 a2 e6 6b 31 7e 2b ee bf 7f d9 9d 2b ee f9 e3 6a a3 f9 a1 d9 73 e7 2e 49 ad bf 69 18 56 c8 52 07 b6 29 2a 95 0a 9a 71 8c 89 6a 0d a5 52 09 a9 75 53 c6 8c 27 8b 74 40 79 5f c2 e9 4d e8 3b 9d 43 eb d5 1a b4 26 18 13 22 32 21 88 34 9c 4d 91 c6 4d 64 36 41 18 14 40 6c f3 01 70 b9 0b ac b7 92 d7 79 aa 68 cb d5 b5 73 2c Data Ascii: ZCi+ )o+Vvnck}sgQT@__/:fB(;o/rzC"ou0ovf1@7MXD!VP(Fsc\s^Rk1~++js.IiVR)qjRuS't@y_M;C&"2!4MMd6A@lpyhs,
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 70 ee 14 91 c9 0b 3a d0 2f a5 48 69 a3 ee f5 2c 22 cf 60 b7 08 52 a0 ee c6 53 a4 62 77 ee 11 4c 48 ac 86 ef fb a8 87 21 98 19 95 52 19 d6 5a d4 c3 10 be ef a3 5c 69 49 15 a1 45 b1 14 b4 9d 5c 1b a8 4f 7b e3 ad b7 ce da b5 b7 fb f2 d5 6b 5e 5d fc e6 ae 81 47 0f 2a f0 53 d4 ad 49 62 3b b4 4d 4a 20 82 25 4e a3 d9 34 c8 d5 21 1a 8b 23 f5 1c 20 8d 10 66 a9 1a 6e 9f 68 2b 60 12 0d 26 81 d8 08 59 24 53 18 07 84 23 6f 32 ef bf 7e e5 6b d7 91 f0 ce 16 02 05 26 99 56 90 a0 dc a3 7d 30 c5 4b 79 04 30 98 19 bc be ef a1 da df 0b ab fd 5d e5 52 cb b2 ab af 9c ff 04 11 9d d0 92 6c 44 a4 9f 5a bd fa 89 7b ef 79 f8 e4 ee 9e da 34 b2 74 3a 81 a9 98 0a c9 24 da c9 ae 1f e9 34 c2 81 fe 5e 68 1d 47 d3 a7 4c 79 fd 82 8b 2e b8 73 e1 9c 39 6f 8d c3 be d1 db 49 27 b5 75 df 7c f3 Data Ascii: p:/Hi,"`RSbwLH!RZ\iIE\O{k^]G*SIb;MJ %N4!# fnh+`&Y$S#o2~k&V}0Ky0]RlDZ{y4t:$4^hGLy.s9oI'u\|
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 20 49 80 8d 1d 74 f6 d6 06 85 d1 39 9c ac 59 a5 14 ac e1 c6 30 c4 82 77 de 7a e3 7d e3 75 2e 0c 11 09 2b a9 b6 7a 75 cc 1e b6 e3 56 0a c5 80 3f 93 85 75 ca 64 71 0e 8f 9f fe ea e5 29 7b f6 74 7c 2e 97 6b 98 6d 21 46 d5 81 3c 10 e9 35 70 3d 71 5c 15 1c c0 2c 1a 4f 61 3a 9d 46 18 86 d0 61 78 40 c2 fc 72 d2 d4 f6 7f ba fb cb bf fd c4 03 77 dc 31 ee 0b 2f 4b 97 ce 3f 78 cf ad 5f 7e 62 d2 d4 c9 5f 13 26 7c 56 b2 ed 4a 79 1e 3c a5 20 a9 9a 70 b1 a8 a9 a8 f2 60 04 c7 71 ae 91 8a d1 34 14 99 15 13 43 9d f5 b2 e1 59 0b 08 f7 1f ee 68 37 c6 4e 74 3c 45 03 33 39 27 50 aa 1d 4c 87 3b cc e7 e8 c0 87 ef 97 0e 36 b7 b4 af 69 bb c0 2e 7a ac 6c 1a fd fa 67 4f 2e f6 43 73 bb 70 9d 29 89 90 a7 31 06 be ef c7 6c 66 91 96 8b 94 f2 94 58 96 4e f0 c6 a2 43 2f d1 91 02 20 51 25 Data Ascii: It9Y0wz}u.+zuV?udq){t\|.km!F<5p=q\,Oa:Fax@rw1/K?x_~b_&\|VJy< p`q4CYh7Nt<E39'PL;6i.zlgO.Csp)1lfXNC/ Q%
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 3e f4 30 25 07 9d 7a a9 a4 c8 2b ab 7a 0c 9a 01 bc a7 33 48 e9 e7 a7 f4 d3 b3 fd 1d f2 b9 2e 4a 55 d6 3f a8 4c b3 31 55 8b 63 6b c5 77 b4 5c a3 17 f5 52 17 bc ff 25 d2 7f 7b 8e d0 39 44 e1 dc e5 f5 88 a7 b7 00 eb 02 87 a3 a3 3a f8 e4 b2 fd 91 11 c0 b9 b0 7b de 77 ce 6a 06 be c7 32 2e 5f 8c 7f dd bb 02 60 a2 82 a0 a7 4f 85 d0 b0 4b 40 1c 85 d2 34 75 6d 5e 7f 47 ea 04 14 49 71 37 44 04 e2 a4 59 a9 45 53 a7 4b 40 a8 aa d1 8f ee 7f f0 43 33 93 33 5f 6c a6 ad 9d 02 0e 04 a5 36 3a 25 47 42 d5 c3 e7 29 6a b5 2a 5a 69 13 11 1b ad d5 92 bd bb cf da fe ed 3d 7b f6 bc bb ec e9 9e dd bb 5b d7 5e 79 d9 83 24 fa 78 1c d1 78 da 68 80 11 e8 2f 4c 47 cf fb 71 9c ac 79 8e 57 77 05 27 10 66 47 48 e2 4a 51 31 ac 61 68 60 73 0c 8f 2b f6 bf f1 f6 9f 3e f6 d8 63 3b 37 b2 fc b0 Data Ascii: >0%z+z3H.JU?L1Uckw\R%{9D:{wj2._`OK@4um^GIq7DYESK@C33_l6:%GB)j*Zi={[^y$xxh/LGqyWw'fGHJQ1ah`s+>c;7
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: ef 7b e4 6f 77 b6 77 ff c1 ad 3f bd e3 c6 f5 eb 3b 8e d9 1e b9 ba a6 86 1d 9c b3 42 ff 2a 60 ff ca e0 81 42 f2 d3 d7 c6 90 08 c2 70 d2 bb 6b 5f 19 7b 3c d9 c0 79 73 e7 6e ad cf e7 5f 95 52 77 71 ce c1 89 0d 99 13 61 af fb 07 34 32 be 95 b2 08 82 00 42 08 10 19 47 38 ce cc cd 5b d6 7f f1 ce ef df fc 3e 63 8c 38 5e e6 70 c3 86 ce c6 87 9e b8 ef 33 41 14 5c 51 e8 2d 4c 32 c4 a1 0d 41 1b 02 78 5f 95 d0 18 93 60 e0 0f ed 30 44 47 3d f9 7b 54 bc 98 53 4e 9e ba 87 19 bd 85 83 42 06 03 87 11 b4 96 35 ac 50 ec 00 3a fe 8c b1 b0 00 29 65 a5 3f c1 75 2d b1 68 18 86 c8 64 72 a8 cb 36 9c fe ee 96 9d bf f7 c2 53 cf 5e b8 67 cf 9e 23 02 17 b8 e3 be 47 27 2f 79 fe 89 ff 5d 08 8a 37 e6 1a 1a a7 96 43 89 58 6a f8 99 0c e2 38 06 4b 69 fe 6b b2 5f 7d 41 ee 7e 72 5f 16 6a 9b Data Ascii: {oww?;B*`Bpk_{<ysn_Rwqa42BG8[>c8^p3A\Q-L2Ax_`0DG={TSNB5P:)e?u-hdr6S^g#G'/y]7CXj8Kik_}A~r_j
2025-01-11 23:19:22 UTC	7207	IN	Data Raw: 58 6f 4a ed 17 47 a5 10 45 91 f7 df c9 12 4c 4c d4 11 28 8d 28 f4 2f cf 34 4f a0 04 a0 02 05 9b 9b b1 38 c4 d3 5a 06 77 7c e4 ea 6b 6f 5d be fc f4 3d 7c b5 67 db 0b 74 a8 a3 95 0b 7b 99 5c 22 74 d6 1a 8a 2b 3a 83 22 33 3a bd ee 53 b6 97 79 cd ba dc 90 94 47 9b 32 08 73 c4 8c 57 ab 02 04 29 84 40 f9 1f b9 62 26 99 da 13 ea 0e 02 b2 f8 5c 14 c7 40 6a 9f 93 26 09 12 6e da 51 14 73 69 d6 39 90 45 16 40 1f d5 33 e8 2b 57 2e 1b 26 a2 db ff fc ef ff e9 c5 e7 b7 3c ff c9 28 ea be a2 52 a9 9c 98 65 59 5f 96 19 84 41 80 4a a5 8a 66 92 21 4d b2 56 25 c8 92 81 31 85 fa b8 14 a0 42 e0 25 b3 06 42 14 fd d8 ad e4 9b 2a c7 bb a6 3d 91 af 3f 5f a4 e1 60 41 ae 98 a7 22 80 84 9f 21 f3 cd 86 de a2 40 07 12 ba 0c f0 ad 45 92 a6 70 ce 21 ae 84 10 e4 10 06 be a2 35 31 36 8a 30 Data Ascii: XoJGELL((/4O8Zw\|ko]=\|gt{\"t+:"3:SyG2sW)@b&\@j&nQsi9E@3+W.&<(ReY_AJf!MV%1B%B*=?_`A"!@Ep!5160

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.6	49773	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:22 UTC	392	OUT	GET /img/2FA.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:22 UTC	544	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 114767 Connection: close Date: Thu, 09 Jan 2025 23:09:01 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "03d39d5d071182aba1b01ba2e859de39" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 90af45dd727f0b43ee7edafc660daaee.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: DuMkxLjhotgaRZYhNrXjRz-meWBMxifGR5eysWMtBSf_65EBV2Er3w== Age: 173421
2025-01-11 23:19:22 UTC	15840	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 1d 00 00 00 fc 08 06 00 00 00 d3 e7 16 e9 00 00 01 83 69 43 43 50 49 43 43 20 70 72 6f 66 69 6c 65 00 00 28 91 7d 91 3d 48 c3 40 1c c5 5f 53 a5 22 15 07 33 48 71 c8 50 9d 5a 10 15 71 d4 2a 14 a1 42 a8 15 5a 75 30 b9 f4 0b 9a 34 24 29 2e 8e 82 6b c1 c1 8f c5 aa 83 8b b3 ae 0e ae 82 20 f8 01 e2 ea e2 a4 e8 22 25 fe af 29 b4 88 f1 e0 b8 1f ef ee 3d ee de 01 42 a3 c2 74 bb 67 1c d0 0d c7 4a 27 13 52 36 b7 2a 85 5e 11 46 08 22 62 88 28 cc 36 e7 64 39 05 df f1 75 8f 00 5f ef e2 3c cb ff dc 9f 63 40 cb db 0c 08 48 c4 b3 cc b4 1c e2 0d e2 e9 4d c7 e4 bc 4f 2c b2 92 a2 11 9f 13 c7 2c ba 20 f1 23 d7 55 8f df 38 17 5b 2c f0 4c d1 ca a4 e7 89 45 62 a9 d8 c5 6a 17 b3 92 a5 13 4f 11 47 35 dd a0 7c 21 eb b1 c6 79 Data Ascii: PNGIHDRiCCPICC profile(}=H@_S"3HqPZqBZu04$).k "%)=BtgJ'R6^F"b(6d9u_<c@HMO,, #U8[,LEbjOG5\|!y
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 4a 2a 11 40 cd 2c ac 5c fb dc 31 42 dd f9 5e ed 76 e8 fa 0e a2 6d 61 0c c1 68 86 60 e3 2a 56 a2 4a a7 85 15 0c 23 1d 52 a1 ad c5 02 84 bd 36 b0 c6 38 a2 a9 ef 35 e1 98 f9 16 ed 72 e5 9e 83 65 b7 be 47 b1 26 60 b3 db 63 61 9c d1 36 24 62 13 b7 96 24 ac ef 43 63 0d 63 bb dd e1 e2 76 83 e7 c6 e0 f2 fa 0a db ed 2d 7a cf fa 5f b5 0b 77 6c e3 3a 36 2b d9 42 b8 2a 60 97 2e 20 05 63 fb 88 1c 48 d1 b8 74 8e 71 8b 94 6a 1b 0c a7 75 58 e7 e3 ba ad 0e 7c 0d 87 94 1b cf 9d f0 4a b4 e4 aa 3a c2 d6 35 33 75 af fb 4e 17 3f 0f e1 76 2b 9b b8 df 7c 9b 1e 7f a8 7c f1 11 75 e8 5b 45 0e d1 31 86 a3 33 94 3a 41 fb 7d 0f a5 04 94 6a a3 13 66 ad 86 10 0a 4a 09 08 cb b1 2c 77 b1 68 20 a5 c4 fa 64 89 0f 3f fc 10 1f 7e f8 43 fc f9 9f ff 0c 0f 1e 3c c0 c9 e9 0a 44 84 ae e3 51 09 a3 Data Ascii: J@,\1B^vmah`VJ#R685reG&`ca6$b$Cccv-z_wl:6+B*`. cHtqjuX\|J:53uN?v+\|\|u[E13:A}jfJ,wh d?~C<DQ
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 15 04 67 50 60 66 fb b8 4b 62 de ae 49 96 d4 cd c0 e3 94 2d f2 e2 16 f5 8f 81 f2 63 b8 3d 5e 70 91 07 22 2d 22 13 68 64 f8 c9 1b 67 7c a8 7b 88 44 7c 1f b7 53 75 62 d6 ea a7 65 73 7d 5d 24 67 15 2f b5 f1 20 73 53 1b b1 f5 8e 7f 0f 99 df 18 8a 66 79 f9 07 67 c6 a6 3b 03 4f 17 f3 e3 21 84 9c 00 db 2a 04 df ad 9f 4e d3 29 7e b5 d2 aa d7 ae 74 12 17 d0 c6 d7 4c 4a d5 a1 1f 64 7c cf e0 00 7c ea 1e 57 e8 3c c3 c2 d7 21 39 40 61 db 2b 86 7c 64 e6 85 5d 16 d7 5a b3 97 78 53 87 10 8a 5c 05 1b 27 1e f1 68 56 08 d7 39 48 8f 88 d0 2a d9 83 db dc 01 f3 ea 6a 5a 79 89 5a 87 26 76 50 51 07 0f 0d 4d a9 0c 39 df e6 32 de dc c8 6d 6c ae c6 40 af 95 74 a4 d8 e0 29 c2 6e 0c 8d c6 d3 38 1d 3f 27 2d 0e e6 90 99 b8 67 97 fb fe 1c 31 2b 87 ac c4 4e b4 58 c1 ab 49 7a bb a4 da 73 Data Ascii: gP`fKbI-c=^p"-"hdg\|{D\|Subes}]$g/ sSfyg;O!N)~tLJd\|\|W<!9@a+\|d]ZxS\'hV9HjZyZ&vPQM92ml@t)n8?'-g1+NXIzs
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 39 3b 47 7f 72 1f 67 dd 63 18 73 81 f3 ee 01 ae e9 1c 2f c7 0e 97 83 41 67 36 20 58 28 09 1c 73 2a 15 29 18 02 f1 9a 21 df f3 58 ad 5a ac a7 cc 39 cc bf 21 bb 36 c0 2c 9b 8e 59 37 a9 7a 28 3c 2c 72 36 fc dd a3 9a cb 1d 8c 4b e6 97 77 d5 ec 38 14 08 6c cf d3 b5 4e c6 d9 e2 fa 1d 84 7c 2d 2f aa 25 9b 8c 9a d5 c5 92 bb 77 b9 bd da 6b 26 5c 8f 24 7d 1f 8e 2f 96 47 0c 91 37 69 8d c7 1d ae a7 69 5c 87 7c ad aa 01 00 c9 10 31 ac 3f 71 7b a9 2c 14 d1 1a 11 8c 22 b0 28 54 66 c2 fb 9d 0a 58 eb 20 c1 2c e8 a0 b2 57 99 33 65 c8 d4 ab 3d 0d d0 54 56 a8 fc 7b 18 bc 8c 31 31 c1 18 7b e0 a1 91 0e 18 53 8f f6 54 f5 f5 f0 0f 19 86 35 7e 51 77 e2 79 05 c6 78 9e c7 30 0c 81 e4 88 43 05 54 45 8a d6 8b d1 51 cf f0 63 f9 a0 a6 98 9a 07 58 59 c4 97 20 30 11 88 2a c6 f0 0c d5 89 Data Ascii: 9;Grgcs/Ag6 X(s)!XZ9!6,Y7z(<,r6Kw8lN\|-/%wk&\$}/G7ii\\|1?q{,"(TfX ,W3e=TV{11{ST5~Qwyx0CTEQcXY 0
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 16 5e 3c 49 08 0a 24 ae f2 0d ad 52 08 c6 52 e3 ca 10 e4 94 f2 4e d5 c1 eb 42 0b 41 9e 6b 66 65 49 55 2d 96 13 a2 13 98 45 85 90 92 91 d6 98 d2 e0 aa aa 91 9f 36 8b 0a 13 c6 95 92 16 11 48 b2 ce 39 2a 23 10 d6 ef 63 26 14 5a 0b 5c 05 46 18 9c b1 38 57 79 40 27 83 1d 3c 16 53 79 e2 ec 92 98 19 4d b0 ce 9d 2b 73 7c af a5 15 01 f3 b2 f4 3e 1c c2 a1 85 44 4a d1 a8 44 56 91 b5 44 ef fc bb c6 42 af af 74 d2 47 8e 5f b5 60 8c b7 1b 9f 9f d4 8a b8 2e 6f c7 e5 9e ae a1 da aa f9 3d d5 49 b1 fc f7 f0 62 36 b5 82 6f 9d 87 15 c7 78 d1 ce c5 a1 f2 72 9f c4 7a aa 64 5d 1f 77 2a be b5 74 58 56 e8 98 74 cf 79 1c d3 ac b5 0d 69 b4 37 17 7b ce 61 ba 4b af 58 02 68 a9 24 52 2e 75 af f4 50 f0 e8 0b 0c 43 68 6a dd 93 be ee b6 93 24 97 ef 01 74 ac 1a d4 a9 9a 5b ea 18 ba c7 91 Data Ascii: ^<I$RRNBAkfeIU-E6H9#c&Z\F8Wy@'<SyM+s\|>DJDVDBtG_`.o=Ib6oxrzd]wtXVtyi7{aKXh$R.uPChj$t[
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: a4 ce 54 88 b3 13 0e 9e 3f e1 f0 c5 b7 98 d9 31 99 29 d1 d6 7a 2f 43 e7 7c 91 c5 49 a8 b9 1d 08 d0 19 b6 f4 c2 cc 59 a6 11 52 a2 f3 8c bd fd 2b 6c ef ed 93 8d 36 41 6a 4c e8 e7 6f ac d0 45 2d ba fe f6 c0 a3 31 fd 6b e4 a3 bd cf 88 0d 6f 56 d5 02 17 ea ba c2 39 84 b5 c8 6a 41 86 25 97 39 a7 ae e2 6d 67 00 29 24 47 af 0f 39 3d 3d e5 30 3b 26 53 02 61 25 d6 55 21 6d ee 8f cd 6b 53 08 9c 74 48 a1 71 d2 2b 93 3a 67 1a 9d 04 e1 bc 64 75 6d bc a5 84 37 a8 b3 95 59 ba 53 4b 71 ee b9 01 ef c2 af 9e 6b 0d 8b ba 44 73 f0 e2 55 4b 88 af 72 96 ca 1a 16 95 07 98 e3 22 07 ec 5b 2d 72 94 93 50 4a 0a 21 d0 0e ca e9 94 c5 74 ea b3 62 04 0f 0f d9 2e 6f 38 2b 1a 1d 15 e9 96 76 75 b1 9d 81 17 9b 73 4b ad 8e 08 ea c8 30 68 45 7c 5f 06 2d 07 29 1a 7f e1 e0 3d 22 5a 0e b6 a9 00 Data Ascii: T?1)z/C\|IYR+l6AjLoE-1koV9jA%9mg)$G9==0;&Sa%U!mkStHq+:gdum7YSKqkDsUKr"[-rPJ!tb.o8+vusK0hE\|_-)="Z
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: da bc 2e 93 32 cf fa c2 64 19 fe 35 4d 53 f5 b0 59 f2 48 d5 18 53 d4 23 e4 08 5d d7 e1 64 d5 42 31 20 5a a0 57 2b 08 0b 3a 06 cc fa 04 68 d7 0e 52 67 eb 14 4a 85 9c ba 2a 2c b4 10 94 12 c0 f6 d8 bd 7a 89 27 9f fd 05 f7 ff f0 5b 7c f9 d1 9f 70 fe e4 21 ba dd 06 bb ae c3 a6 db 80 b4 c2 f1 e9 09 2e 1e df c1 d5 93 2f a0 e5 0a eb 86 b0 be f3 1d 50 7b 0c 34 47 18 fc f9 25 12 68 12 58 28 68 e5 04 d6 40 0c 03 05 d2 c0 93 57 67 f8 dd ef ff 80 cf 3e fb 0c 4d d3 e0 3f fd a7 ff 88 1f fd e8 47 b8 73 eb d6 58 b8 7a 0b 72 7c 63 bc 8f 59 7b 06 66 70 40 b3 30 f5 f6 08 28 84 f5 a5 04 2b 92 b8 98 8e f0 78 cd 1b c4 19 c8 8d cf 8b 47 21 ac 38 c8 bd f7 76 03 f9 02 96 97 ca 43 90 bf c4 be e2 90 b5 c5 75 91 ed 62 9b 71 9a 48 67 7c c0 eb ac 21 af db 41 36 99 8f 2a 73 cd d2 2e 4b Data Ascii: .2d5MSYHS#]dB1 ZW+:hRgJ,z'[\|p!./P{4G%hX(h@Wg>M?GsXzr\|cY{fp@0(+xG!8vCubqHg\|!A6s.K
2025-01-11 23:19:22 UTC	623	IN	Data Raw: ee 14 c9 b0 d2 e6 ec 7e d3 5a ef 9a c3 25 32 3f 78 27 42 09 09 97 c9 96 e0 25 95 92 14 15 61 62 f4 45 02 1b db 13 b6 d3 36 cc 04 f9 b1 c8 49 48 b9 0d 61 25 16 db b0 3d 84 cd 9e f1 2e 92 aa 31 b2 49 3f 79 1e f2 95 6a 3c c7 18 73 6e fd d8 47 e5 ad 5f 34 71 c2 31 18 3a 27 f7 93 6f ea a4 2c ca 41 a8 4a a9 b4 eb d0 8f 4b c1 26 3f 6f b9 86 45 94 5f 64 d9 ae 6c 23 1f de 47 5e f9 36 18 df e6 8c 1d d2 76 a0 e5 5d 04 86 fa e3 33 73 2c 64 f3 cc 19 f2 86 67 93 fc 16 d9 55 45 a5 6d 71 41 59 ea cc cc 7e fc 54 49 0b 5d 76 d5 56 49 1a 2a d2 b8 87 50 8d f1 74 d1 31 75 ee 51 b9 42 af 5e 74 28 2b e5 5e 4e 2c e4 a6 63 06 94 b7 8f 18 a9 39 40 13 df 75 14 1c 25 d9 61 4a b2 b9 d2 b2 8f 59 10 54 95 c6 4a d7 38 5a ac 70 74 78 84 c3 a6 01 6d 5d a2 45 14 45 90 82 f6 eb 2b b2 cf 2f Data Ascii: ~Z%2?x'B%abE6IHa%=.1I?yj<snG_4q1:'o,AJK&?oE_dl#G^6v]3s,dgUEmqAY~TI]vVI*Pt1uQB^t(+^N,c9@u%aJYTJ8Zptxm]EE+/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
22	192.168.2.6	49774	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:22 UTC	402	OUT	GET /img/fb_round_logo.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:22 UTC	538	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 42676 Connection: close Date: Sat, 11 Jan 2025 23:19:21 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "81bb5cf1e451109cf0b1868b2152914b" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 1fa1c6285afcbdedfbb042a0993ed182.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: KlhAsXIGzKlSHtxHGl9yRy0L1ojQbKb3cxB4EFju_rDzddWWl7dkaw== Age: 1
2025-01-11 23:19:22 UTC	15846	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 04 b0 00 00 04 b0 08 06 00 00 00 eb 21 b3 cf 00 00 01 85 69 43 43 50 49 43 43 20 70 72 6f 66 69 6c 65 00 00 28 91 7d 91 3d 48 c3 50 14 85 4f 53 b5 22 15 07 3b 88 08 66 a8 4e 16 44 45 04 17 ad 42 11 2a 84 5a a1 55 07 93 97 fe 08 4d 1a 92 14 17 47 c1 b5 e0 e0 cf 62 d5 c1 c5 59 57 07 57 41 10 fc 01 71 75 71 52 74 91 12 ef 4b 0a 2d 62 7c 70 79 1f e7 bd 73 b8 ef 3e 40 a8 95 98 66 b5 8d 02 9a 6e 9b a9 44 5c cc 64 57 c4 d0 2b c2 e8 a0 9a c6 a0 cc 2c 63 56 92 92 f0 5d 5f f7 08 f0 fd 2e c6 b3 fc ef fd b9 ba d5 9c c5 80 80 48 3c c3 0c d3 26 5e 27 9e dc b4 0d ce fb c4 11 56 94 55 e2 73 e2 11 93 1a 24 7e e4 ba e2 f1 1b e7 82 cb 02 cf 8c 98 e9 d4 1c 71 84 58 2c b4 b0 d2 c2 ac 68 6a c4 13 c4 51 55 d3 29 5f c8 78 ac Data Ascii: PNGIHDR!iCCPICC profile(}=HPOS";fNDEB*ZUMGbYWWAquqRtK-b\|pys>@fnD\dW+,cV]_.H<&^'VUs$~qX,hjQU)_x
2025-01-11 23:19:22 UTC	144	IN	Data Raw: e4 27 93 ec 71 3e 03 40 73 da ad e4 f3 4f 76 ca 5d 07 5a ba af 00 00 26 7c 69 96 d1 30 f7 3b b7 f2 37 b9 d5 3b b0 9e 4b f2 7d ce 65 00 68 4e 29 c9 9d 07 aa fa f3 ef 99 a9 a2 fb 0a 00 60 1a bc 2b c9 67 b7 f2 37 b8 65 03 ac 6e af 3f 97 e4 8f 25 b9 c5 79 0c 00 cd 7a fe f1 ce f0 a1 23 2d 3b 0f 02 00 4c 87 1d 49 7e bc db eb 1f da aa df e0 56 be f0 7c 22 c9 f3 ce 61 00 68 4e 29 c9 c1 dd 55 f9 a1 a7 66 d2 aa 22 c0 02 00 98 1e 1f cc 16 Data Ascii: 'q>@sOv]Z&\|i0;7;K}ehN)`+g7en?%yz#-;LI~V\|"ahN)Uf"
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 5e 85 b6 25 2f 3c bb bd 7e 95 d1 14 fe 3b 9d bf 00 d0 9c ba 24 1f 79 b0 3d 7c e2 8e 56 5b 35 00 00 a6 ca ae 24 3f d1 ed f5 77 6f c5 6f 6e ab fe cb e9 83 49 7e c8 b9 0b 00 cd 29 25 d9 3b 57 d5 5f 78 6a a6 ec 9a ad 74 5f 01 00 4c 9f 8f 27 79 76 2b 7e 63 5b f5 e2 f3 73 49 1e 75 de 02 40 73 4a 92 c7 bb ad f2 a1 07 db c2 2b 00 80 e9 74 28 a3 59 58 5b 6e a7 e8 2d 77 01 da ed f5 6f 4b f2 63 89 b9 1c 00 d0 e8 45 43 95 7c fe 3d 9d fa c0 4e dd 57 00 00 53 ec d3 19 ed 4a b8 b5 ae 45 b7 e0 81 fa 58 92 a7 9c af 00 d0 9c ba 24 f7 dc d2 1a 7e e2 91 4e 92 54 2a 02 00 30 b5 ee 4f f2 f9 e5 f9 e0 5b c6 96 0a b0 ba bd fe 9e 24 3f 91 d1 e0 32 00 a0 41 df f7 48 bb 7e f0 88 e1 ed 00 00 9b c0 0f 27 b9 6b 2b 7d 43 5b ad 03 eb b9 8c 3a b0 00 80 86 94 24 fb e6 aa f2 b9 27 67 d2 aa Data Ascii: ^%/<~;$y=\|V[5$?woonI~)%;W_xjt_L'yv+~c[sIu@sJ+t(YX[n-woKcEC\|=NWSJEX$~NT*0O[$?2AH~'k+}C[:$'g
2025-01-11 23:19:22 UTC	10302	IN	Data Raw: 3e 50 bd 5e 0c 7b 43 81 b5 47 a6 71 38 51 bd a0 ba 42 1a 00 00 00 b0 d2 6e 6d 36 b8 fd 5e 51 ec 0d 05 d6 1e 9a c6 e1 8b d5 73 ab 23 d2 00 00 00 80 95 b4 5d bd aa ba 58 14 7b 47 81 b5 f7 de 5a bd 53 0c 00 00 00 b0 92 2e ab 5e 3c 8d c3 49 51 ec 1d 05 d6 1e 9b c6 61 ab fa e3 ea 06 69 00 00 00 c0 4a d9 aa fe 68 1a 87 1b 45 b1 b7 14 58 fb e3 d3 d5 8b 2a 6d 2d 00 00 00 ac 8e 73 aa 77 89 61 ef 29 b0 f6 c1 34 0e db d5 ab 9b 9d 4c 08 00 00 00 2c bf 6b aa e7 4d e3 70 54 14 7b 4f 81 b5 4f a6 71 98 aa 3f aa ee 94 06 00 00 00 2c b5 a3 cd ca ab cf 89 62 7f 28 b0 f6 d7 87 aa 57 56 3b a2 00 00 00 80 a5 f5 9e 66 db 07 d9 27 0a ac 7d 34 3f b1 e0 c5 cd 4e 30 00 00 00 00 96 cf 57 9b 0d 6e bf 57 14 fb 47 81 b5 cf a6 71 f8 72 f5 9c ca 5f 04 00 00 00 58 2e c7 ab e7 57 97 88 62 Data Ascii: >P^{CGq8QBnm6^Qs#]X{GZS.^<IQaiJhEX*m-swa)4L,kMpT{OOq?,b(WV;f'}4?N0WnWGqr_X.Wb

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
23	192.168.2.6	49775	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:22 UTC	394	OUT	GET /img/phone.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:22 UTC	544	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 255341 Connection: close Date: Thu, 09 Jan 2025 23:09:03 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "3c18a93313e72ab9967152a4e92aa238" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 d25e4a27039adc5d5e5994e9610df300.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: LC7edJew8YQeL7rGzV7Me2V9v-5CkyJQ5uQSu0XYwJvmkxT_DIPRsw== Age: 173419
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 80 00 00 01 18 08 06 00 00 00 cc 10 47 90 00 03 e5 34 49 44 41 54 78 da ac 7d d9 8e 65 59 92 d5 b2 33 dc d9 c3 23 23 22 b3 32 aa ba 26 c8 ae 12 ad a6 5b aa 06 1a 21 90 78 84 1f e0 03 e0 0f 80 97 7c e3 5b 78 e5 43 e0 a5 25 ba 2a bb 86 cc ca b1 72 8c c9 c3 c3 fd fa 9d ce 39 86 db 36 5b b2 ad 2b 51 8c 37 e2 e8 de 33 ec 7d f6 60 db 6c d9 b4 5d f4 cb 7f f7 15 80 0b fc 3f 7f 24 be 27 00 0a a0 89 73 fe 6e 01 51 60 3a 01 cd c2 af e9 3e ca f1 19 f5 f2 ac 4f fa f8 d9 fa b9 1e e3 99 0e 50 ab 67 e5 75 8d 37 80 0e 51 56 80 66 e9 65 d4 eb f2 67 ae bd ac 2a 20 12 ed e9 01 3d 00 cd 06 90 0e 98 b6 d1 8e c9 ef 63 8a ba 7a 40 e6 5e e7 74 0b ff 58 db 46 7f 87 74 5e 0f e0 cf 4f 7b 40 ed de de db d9 3e 04 30 d8 b3 76 ee Data Ascii: PNGIHDRG4IDATx}eY3##"2&[!x\|[xC%r96[+Q73}`l]?$'snQ`:>OPgu7QVfeg =cz@^tXFt^O{@>0v
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 6c a5 6b a3 e5 2d 7f 3a f5 0a d3 f7 67 d3 70 0e 17 04 96 8d bc 97 b8 ca 0f c2 ed 63 c7 b6 5c bc 4d 83 fe 37 af 01 d7 09 a3 d5 66 4a 8e 68 66 2f 19 68 53 f6 73 5b 80 0a 1f c0 1d 6a 29 0f 93 63 29 9b e6 0c 5e 95 02 ea 72 2f ec 5e e7 80 82 41 45 60 02 65 fb 74 7d 90 b1 e5 01 6b c9 d8 81 fa 3a 68 d4 50 1e 01 9c e6 29 c7 8c 4c cb 6b 35 fd 0b 9b 96 ca b7 20 a2 e8 d5 89 5c 4a 13 45 19 ca 96 a8 0e 80 a6 07 2e 4e e1 bf bd 82 ff f2 18 fe e9 0c fe f5 0c bc 6c c2 be 54 ba 04 f0 11 be 17 37 97 29 03 78 1e 81 d9 ef ea 46 a4 80 70 ac 40 3a 07 d6 37 65 f2 17 f0 8f 7e 13 58 42 be 61 94 97 d7 40 51 06 13 71 9a 66 a0 6a 12 16 aa d4 2d 40 5e 63 36 43 84 d8 04 44 96 5a 64 40 d0 98 3c f3 df 4b 8c ca a9 50 96 97 a4 63 b8 5f 5a 66 ae 95 b5 07 e6 ed 9c 80 40 ab 2e c4 f8 c4 38 89 Data Ascii: lk-:gpc\M7fJhf/hSs[j)c)^r/^AE`et}k:hP)Lk5 \JE.NlT7)xFp@:7e~XBa@Qqfj-@^c6CDZd@<KPc_Zf@.8
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 57 d9 c9 97 04 90 50 bd 2d 6a f5 09 a4 4a a8 5d 46 c0 16 73 39 c9 ae f1 53 39 69 3a 41 f6 82 ee 35 bb 4f 19 40 0b 74 6e 9c cd 93 93 c6 bc f9 ac 64 5b c9 6b 1c e0 15 18 ea 00 ee ef 85 ac d1 63 27 6d e6 5b 01 86 81 84 36 96 13 24 18 9d 5c 5a fe a1 83 ba 38 ca 2e 04 48 3e 0b 0b 2d 3d 93 63 24 0a 72 42 57 d4 b8 cb b9 80 d4 84 28 d9 c6 a9 5d a0 0e 1b c4 9b 5f 80 fa 4a ad 05 34 1e c6 4e 2c bd cf a1 ce 71 41 88 02 5c 4c 5b a7 27 8d 0c 52 6b 9f 7c bc 54 fa 1a 10 48 e3 01 39 97 86 91 72 29 21 b3 89 de 7c a2 ef 43 8e 2d ff b9 89 b4 e9 e0 42 06 a2 e3 f2 b4 1d d3 01 9d c7 19 21 d4 6e 93 92 59 3f aa f4 f9 68 ba be dc 04 91 bb 7c c7 fe 87 21 5a 6a 47 3f ee 0e b6 63 27 2d bd a8 c8 da 41 9a 79 ee ad 81 e2 9a 69 fa 06 70 28 ad 4c 3b 08 73 a7 9d 74 2b 2b fb 4c fd 33 8d d2 Data Ascii: WP-jJ]Fs9S9i:A5O@tnd[kc'm[6$\Z8.H>-=c$rBW(]_J4N,qA\L['Rk\|TH9r)!\|C-B!nY?h\|!ZjG?c'-Ayip(L;st++L3
2025-01-11 23:19:22 UTC	14808	IN	Data Raw: f6 85 55 24 d2 f7 26 d8 48 39 1c b9 00 0d 05 8e 1f fd 1e 8a e6 3d 35 2e 45 ef 07 ab 99 79 b2 3c 72 79 13 9c e6 06 64 c4 c4 52 4b 01 c2 da 59 2b 3e dc 9f cb 2e 0e 88 38 b0 60 1f 5a 03 27 5a b2 f5 b2 44 a4 82 90 65 66 ce 64 9b ce ee 39 c8 73 bb 17 46 11 4d 08 31 6b 8c d9 33 92 5f 1c fc 6f 1b 4b 88 d1 c9 e1 03 3f 5d 1b 4c 0a 13 b8 af c3 8e c5 a2 f3 3c ff 77 3c f3 f2 92 8a 5b d5 90 95 78 69 f2 11 60 fa e7 ac 14 72 31 62 19 ae b4 f3 2d 5f 8d ad 65 0c 50 1d d8 80 b8 09 6a 5e 58 82 0e 54 7d c0 0d 3f 43 d0 2d 17 80 55 f8 9c 51 61 3e 7c 1e 44 9f ec 7b 4c c7 5a 49 15 74 53 11 c2 7d 6a 8c e5 9d 9b 1e c8 3a 7d 87 0b ed 3c 04 47 a4 5d 75 a2 c7 42 f9 b0 0d f0 cb 10 ed 43 ba 94 7d 92 a0 0c 2f d5 06 64 39 44 c9 b9 bf 26 42 8e f2 24 0f 3d 72 d7 a1 98 4d b4 0c c7 78 ff 6f Data Ascii: U$&H9=5.Ey<rydRKY+>.8`Z'ZDefd9sFM1k3_oK?]L<w<[xi`r1b-_ePj^XT}?C-UQa>\|D{LZItS}j:}<G]uBC}/d9D&B$=rMxo
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: b7 52 d9 b9 b8 ac 80 fd 1c 8e 8c f0 fa 5c 0b 1f da 05 33 8e ca 17 11 a9 66 a7 ab 64 9c 36 be 43 34 66 f9 f2 58 9f a2 e3 d7 af 71 4e 98 f8 cd 41 78 9d 7c 64 08 cb 88 9d b5 ea 60 87 d9 bb 7b ed b8 21 8f 0d d4 e3 86 d8 96 0b 73 2c a0 2c 5d ec 41 c3 04 2e 3a f1 00 a0 de 7e 6d 76 7d 60 1c ab 83 79 06 8e ad 82 3f 4f 9f 49 45 8f b9 d9 ac 61 66 d2 c7 4d 06 18 5a 4a ce c9 27 e1 1a 1d 67 d9 c1 be 4f 6d 31 3a 97 88 05 20 1d 31 a0 37 c0 56 40 68 8d 66 cd 68 04 f4 49 fa 06 b9 3c b2 17 60 38 e0 20 4d 22 20 4d d9 60 4e e2 1c a8 37 12 5b 18 6f 1a 59 f3 c1 f4 80 10 36 f0 92 bf 41 dd b1 3b d2 80 73 7e 2f 4d 20 6b d6 59 06 03 38 a8 e6 c0 98 c0 82 4c ad 95 73 81 96 f4 0b b7 10 ab 13 59 9e a8 a0 81 d2 d9 07 d2 78 b9 2d df 58 0f f1 2c 0c 65 cf a3 78 1e de d1 29 ba 99 70 be 7e Data Ascii: R\3fd6C4fXqNAx\|d`{!s,,]A.:~mv}`y?OIEafMZJ'gOm1: 17V@hfhI<`8 M" M`N7[oY6A;s~/M kY8LsYx-X,ex)p~
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 0b ce 83 b2 30 a1 f7 73 1b a3 48 71 80 79 b5 f9 71 53 92 96 e1 d8 92 42 18 40 97 3d 71 c1 b4 58 9d 82 41 eb 1c 86 19 41 93 b0 3d 8d b0 91 b4 21 d0 83 57 81 36 69 36 72 1a 6c dc 39 82 6c 01 c9 49 e6 00 7b dd 2b ab f0 10 48 81 86 80 bf c8 0e de 85 71 37 ad dc 1d c1 83 0c ac ca 70 0a a6 4e 17 b0 7e 5c b6 77 e4 7e d8 78 c9 b9 18 06 f4 5e 15 e0 d0 a9 9b 8f a9 00 ca d0 de 4d 41 7c 80 7c ce 70 b0 14 31 77 35 88 4a 27 51 fa 2d e3 82 55 44 dd 60 61 d5 1a 67 1b d9 99 fb 6a be e0 5a 9b 1a cd 78 d4 2e 8c ac 93 5d 11 6e 1a c8 8b 85 72 74 23 33 3c b9 68 d9 6c e6 5a 42 5e 2c 96 55 5e 15 8b dc 59 3f c2 83 9f 12 e2 84 af f7 61 c0 90 18 10 96 af 55 63 e6 d6 72 a6 19 90 ff f4 02 d0 34 6f 7a 3d b9 ff 9f bd 6d 4b 9c e9 33 ca f5 00 d7 97 a2 61 4f b2 f1 1c 6b 95 2c a8 39 b4 27 Data Ascii: 0sHqyqSB@=qXAA=!W6i6rl9lI{+Hq7pN~\w~x^MA\|\|p1w5J'Q-UD`agjZx.]nrt#3<hlZB^,U^Y?aUcr4oz=mK3aOk,9'
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 6e e7 2f 7f 71 8d 5f fb bd 15 b4 14 fc f5 3f b6 c5 cf fc 48 00 98 1e 92 1c c8 46 19 ab 80 93 a9 97 22 e9 51 d6 2d cb d0 3e 4e 19 9b ee e0 76 d1 25 0c 8c 83 79 63 66 15 6c f7 82 93 11 8c d8 73 50 22 88 6d ca 9c 68 05 1c 9b 55 a0 cd 84 a7 88 89 b8 77 46 70 07 68 00 80 12 8b b3 c6 80 d8 05 e8 d2 bb 73 c2 03 b7 95 09 85 88 a2 5f 0f 56 ce 9b 1c ec cd 07 2b 5f 99 f6 d3 1b 99 7a e8 b4 87 5e 3d 76 86 ac 2e 92 e8 44 00 44 53 9b ff 9e fc ad 4d 4e 71 05 e4 38 0f 8e bc 71 e4 09 b5 83 76 ce 71 bc 9a ee fb 1c 05 20 2a 2b 22 fe 7a 67 ee 54 5d 9b 78 1c dd df b1 b8 f0 26 94 0d f7 25 9b 7c 88 3b dc 38 9f 63 5c 80 87 4c f6 a7 6d 4e 6a 3d 0e 91 f9 bd 11 af 9d 1b d3 66 50 92 43 5b 96 05 70 52 f0 92 f8 b9 3c 0f 98 e1 8c f8 cc c4 a7 bc 21 91 1d f0 4a 77 82 72 c9 68 38 21 d0 f1 Data Ascii: n/q_?HF"Q->Nv%ycflsP"mhUwFphs_V+_z^=v.DDSMNq8qvq *+"zgT]x&%\|;8c\LmNj=fPC[pR<!Jwrh8!
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: c7 d0 52 af 02 78 a9 4a 99 3e 62 20 d0 01 f2 d2 7e 4a 35 08 06 a8 95 89 cb 2a 3a fb dd fe a6 81 50 cb 3f e5 f5 94 ba 68 fc 70 db 0c 2f 99 37 1d d9 c1 52 d0 2c 17 40 bb 9b 05 1c ff a7 c7 97 96 0d 64 39 05 ce 0b be fa b9 e7 46 f6 2e b5 82 dd ad 49 09 92 5c 2d 16 e9 1f 49 b8 70 16 66 02 6b 51 b3 11 68 db d1 23 b0 69 6c 80 2e 30 db 98 6d 9f 39 88 37 f3 2a 93 b2 8a 9b 9a 64 dc b8 23 f8 f4 13 09 b8 52 00 27 fb 36 db 82 3e c3 cb e0 1b 60 3a 67 e9 66 69 12 8d 7f f6 07 ae e1 33 70 bc 63 7b 52 eb 72 38 81 48 93 21 6d 81 08 18 d7 a8 ca 89 d8 07 4e dd 6e a0 bd fa d8 b1 07 94 a9 75 61 bb 81 b5 34 b3 00 68 96 24 93 d7 d1 f8 e4 fb 6b ba bb 7f fb d4 80 77 fd ca 16 ff e9 7f 9c e1 bb 2f 6e 71 e7 48 f1 a5 a7 7a fc fc 2f 1f e1 d9 57 b7 90 44 30 1c d7 e8 ee f6 da cd 9b 80 00 Data Ascii: RxJ>b ~J5:P?hp/7R,@d9F.I\-IpfkQh#il.0m97d#R'6>`:gfi3pc{Rr8H!mNnua4h$kw/nqHz/WD0
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 37 7a 3c fe b3 09 3f f8 4b 23 7c ec 0b ae d7 bd d4 03 a5 01 5b a7 3c ed 56 38 70 69 5b bb 5f 14 b6 7f be 63 40 30 2c 60 92 a3 e1 a6 31 6f c0 99 9f b7 49 86 ac 60 7c e3 0c a7 cb 84 9f 7e df 02 4f bc 7b 85 ef f9 57 35 de ff d9 06 c0 19 64 7c 88 34 e9 ad 8b d8 9b 5b 54 f3 f0 b9 a4 a0 36 55 d7 77 fc 18 0c 52 08 2b fb ae ef 43 4d 27 6a 7f db ec 0f c0 d8 b4 ac 63 c8 c0 44 b7 58 2d cf 80 2c 28 91 71 fd da 14 8f 7d d3 55 3c f4 8d 7b d8 2c 3a 7c ea 7d 2f e0 03 3f f6 79 7c f2 e7 ff 2b f6 bf 74 00 5c 1e 23 6d d7 40 ce f4 33 3b df 31 1a 5a aa 24 c8 9d b2 53 5b 05 d4 b3 6d c8 b6 23 d8 0d 02 81 68 a0 92 f0 8a 34 e0 fd f2 9b 88 81 f3 81 b5 6e 41 8d ad 8f 57 0a 96 d5 2c 81 27 6c ae bc 81 eb cc f7 65 32 f0 39 ca 7c 0e 40 ba 7b 1c 1f da 7d 1b 3f ac 13 df f4 c8 52 04 83 48 Data Ascii: 7z<?K#\|[<V8pi[_c@0,`1oI`\|~O{W5d\|4[T6UwR+CM'jcDX-,(q}U<{,:\|}/?y\|+t\#m@3;1Z$S[m#h4nAW,'le29\|@{}?RH
2025-01-11 23:19:22 UTC	16384	IN	Data Raw: 8c c6 53 d3 b2 95 48 99 a6 d0 fa 62 ab 36 17 e0 a7 a2 39 14 64 ae 52 20 76 92 a4 d6 6a fe 5c 85 3a 1b 74 00 4d 73 37 a7 be 6a 2c 59 ff 1a 24 9b 9e 8b 93 f2 ce 3b a0 ce 2d c9 a2 94 10 2c 08 5a 26 f7 09 9c ce 08 2e 75 2a 1a 41 99 8e ed f9 bb 37 0b 50 f4 30 71 67 c7 2a 6f 0b bf ee 02 db c1 d2 3f 9a 1b d0 f6 16 04 b0 b8 1a 54 51 72 28 cf 65 f3 cb 85 ed df f6 36 20 62 17 4a da f3 6e a1 1b d0 ee 05 88 f6 06 a8 ea 2b 06 98 eb 9b 88 08 30 36 79 cc 4b 97 ae ec 5e b7 8b 76 3c 2e 9f af 34 e5 00 85 b5 33 dd e0 d6 ef 53 1a 1c 5b 84 8f 83 b7 27 2d dd 24 c0 52 75 60 69 25 56 0e 67 08 75 6a 61 e7 49 a1 55 1c 5c c2 98 53 77 95 17 d4 9e 5c b2 ef 36 0e c7 be 1a 6c 3d 4b b7 71 56 cc 7d 9f d2 bc 9c 37 e1 40 af ed d3 be 6a f5 2e 60 d4 a1 2f 35 fd 9d 59 0d 50 27 58 ed d1 1c d3 Data Ascii: SHb69dR vj\:tMs7j,Y$;-,Z&.uA7P0qgo?TQr(e6 bJn+06yK^v<.43S['-$Ru`i%VgujaIU\Sw\6l=KqV}7@j.`/5YP'X

Session ID	Source IP	Source Port	Destination IP	Destination Port
24	192.168.2.6	49776	40.113.110.67	443

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:22 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 65 62 64 73 32 52 31 6e 64 55 6d 36 31 63 66 36 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 31 66 66 36 38 32 64 34 35 38 65 36 38 65 64 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: ebds2R1ndUm61cf6.1Context: b1ff682d458e68ed
2025-01-11 23:19:22 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-11 23:19:22 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 65 62 64 73 32 52 31 6e 64 55 6d 36 31 63 66 36 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 31 66 66 36 38 32 64 34 35 38 65 36 38 65 64 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 53 57 73 30 4b 45 79 72 51 47 51 52 6c 63 67 6f 7a 6d 72 4f 41 48 58 56 31 69 38 4e 64 76 6a 58 4b 38 50 75 49 37 43 56 67 65 2f 46 31 41 2b 6b 72 43 38 74 38 34 4a 55 4e 70 44 50 38 6c 44 72 78 73 48 7a 33 69 69 61 32 41 67 48 53 68 59 77 5a 59 4a 63 69 78 6a 41 54 50 67 46 6e 78 66 75 45 75 39 5a 75 36 75 4a 41 4a 69 38 39 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: ebds2R1ndUm61cf6.2Context: b1ff682d458e68ed<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAASWs0KEyrQGQRlcgozmrOAHXV1i8NdvjXK8PuI7CVge/F1A+krC8t84JUNpDP8lDrxsHz3iia2AgHShYwZYJcixjATPgFnxfuEu9Zu6uJAJi89
2025-01-11 23:19:22 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 65 62 64 73 32 52 31 6e 64 55 6d 36 31 63 66 36 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 31 66 66 36 38 32 64 34 35 38 65 36 38 65 64 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: ebds2R1ndUm61cf6.3Context: b1ff682d458e68ed<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-11 23:19:22 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-11 23:19:22 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 61 30 6e 59 4c 61 53 55 70 30 43 30 58 6b 74 70 51 2f 34 6e 68 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: a0nYLaSUp0C0XktpQ/4nhw.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.6	49777	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:22 UTC	393	OUT	GET /img/star.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:22 UTC	542	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 1980 Connection: close Date: Thu, 09 Jan 2025 23:09:07 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "aae920faed2a3fe4c3083b339cd783df" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: mwgie24N0hRSLIzisoRmIsQrLRYy3FN3EEDiL_4YwIddlRtLaASeIw== Age: 173415
2025-01-11 23:19:22 UTC	1980	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 29 00 00 00 29 08 03 00 00 00 9f be f0 c4 00 00 02 f7 50 4c 54 45 47 70 4c ab dd f8 cb e8 fa c9 e6 f9 c9 e7 fa b6 e1 f9 c8 e8 fb c8 e7 fa cd e8 fa cc e8 fa bc e3 fa ae de f8 c3 e5 fa ca e8 fa c1 f1 ff a9 dc f8 bb e3 f9 a5 db f7 f3 ad 00 f2 ab 00 aa dd f8 a8 dc f8 a6 db f8 a1 d9 f6 ac de f8 c8 e8 fd a6 db f7 ad dd f7 c9 e8 fa bf e4 fa c5 e6 fa b0 df f8 a7 dc f8 c7 e9 ff c7 e7 fa b4 e0 f9 b8 e1 f9 f1 a9 00 bf f4 ff a3 d9 f6 c4 ed ff cc e9 fb c2 ef ff b3 df f8 c7 ea fc fa a3 00 c8 e7 f9 c6 eb ff a9 dd f8 ba e2 f9 f3 af 00 c0 f3 ff cb e9 fb f4 b0 00 b2 df f8 af df f8 a7 db f8 c6 ea ff c8 e7 fb c0 e5 f9 bd e3 f9 be e4 fa f6 a4 00 c5 ec ff a3 da f7 aa dc f7 f3 ac 00 b8 e2 f9 b8 e1 f8 b1 df f9 c2 e5 f9 b3 Data Ascii: PNGIHDR))PLTEGpL

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.6	49783	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:23 UTC	666	OUT	GET /ico.ico HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:23 UTC	546	IN	HTTP/1.1 200 OK Content-Type: image/x-icon Content-Length: 10915 Connection: close Date: Wed, 08 Jan 2025 13:48:08 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "38f289209522fd198c50c25bec5db163" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 7b2737d1601ba8c676e6f68b6aa113d8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: MzuFCZi_IAseuIQgyS0DAPvcSsKlY7b-wCqwIkcSOnH7rZYMQfM9KQ== Age: 293475
2025-01-11 23:19:23 UTC	10915	IN	Data Raw: 00 00 01 00 01 00 00 00 00 00 01 00 20 00 8d 2a 00 00 16 00 00 00 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 00 00 00 01 00 08 06 00 00 00 5c 72 a8 66 00 00 00 01 6f 72 4e 54 01 cf a2 77 9a 00 00 2a 47 49 44 41 54 78 da ed 9d 07 7c 54 65 d6 c6 df cc 4c 32 e9 bd 22 ba 2e a2 7e ea f2 ed 7e 6e 5f b7 a8 6b 59 dd b5 ec fa 6d 13 a5 48 e8 1d 02 22 35 60 59 54 54 7a 4f 42 09 bd 5b 10 45 60 05 db ae ba ee a7 54 05 92 c9 a4 37 92 cc 24 d3 e7 fd 9e 73 67 50 59 21 09 90 64 ee 9d 39 e7 f7 fb 73 27 85 e4 ce 7b ce f3 bc e7 7d ef 9d 89 10 1c aa 8a d4 5d 52 24 bc 22 45 e6 4e 29 b2 76 48 d1 6d 2b d8 86 c7 db 7d f4 d8 80 af ed 90 46 7c 2e be db 76 99 95 b9 5d 7e 17 9f bf 1b df db 17 4c 00 b3 c1 4a b0 03 ec 03 1f 81 13 c0 0c 6a 80 15 d8 80 0b 48 3f 2e ff e7 ac Data Ascii: PNGIHDR\rforNTwGIDATx\|TeL2".~~n_kYmH"5`YTTzOB[E`T7$sgPY!d9s'{}]R$"EN)vHm+}F\|.v]~LJjH?.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.6	49784	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:23 UTC	392	OUT	GET /img/dir.png HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:23 UTC	542	IN	HTTP/1.1 200 OK Content-Type: image/png Content-Length: 5071 Connection: close Date: Thu, 09 Jan 2025 23:09:12 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "aef2b30f6701ba271c07e3e26ffc416e" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 7af089de61bb0f71465732ed7f6f3386.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: nGqpN78KjxhZYztKqMVSG9TpDHIzmXvZEhrkb7EmxUMDJuIFzUv0Zw== Age: 173411
2025-01-11 23:19:23 UTC	5071	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 78 00 00 00 78 08 03 00 00 00 0e ba c6 e0 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 02 fa 50 4c 54 45 9a 68 aa 9a 69 a9 9b 69 aa 9c 6a aa 96 62 aa 94 60 a9 8e 58 a9 90 5a a9 92 5d a9 8d 56 a9 99 66 aa 8b 54 a8 8a 52 a8 98 64 aa 9e 6c aa ad 80 ac a9 7b ac a5 75 ab b2 87 ac a1 70 ab b5 8b ad bb 93 ad b8 8e ad c1 9b ae b0 84 ac be 96 ae c6 a0 ae 9a 68 aa e1 c4 b1 f7 ec b5 ff ec b4 fd ea b4 ff ee b4 ff f1 b3 ff f4 b5 f5 e2 b3 e5 c9 b2 ef d5 b2 ff f9 b5 fb e5 b4 ff fb b5 ff f6 b5 fd e9 b4 ff ff b6 ff ea b4 ff f1 b6 fe ec b4 ff fe b6 ff ef b4 ff f7 b5 f1 e1 b1 d2 b1 b0 ff f2 b6 ff f0 b3 ff eb b4 ff fd b5 ca a7 af 88 50 a8 9b 6a aa f7 e6 b4 84 49 a8 e9 ce Data Ascii: PNGIHDRxxgAMAasRGBPLTEhiijb`XZ]VfTRdl{uphPjI

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
28	192.168.2.6	49790	18.172.112.14	443	7084	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:23 UTC	388	OUT	GET /ico.ico HTTP/1.1 Host: page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-11 23:19:24 UTC	546	IN	HTTP/1.1 200 OK Content-Type: image/x-icon Content-Length: 10915 Connection: close Date: Wed, 08 Jan 2025 13:48:08 GMT Server: AmazonS3 Accept-Ranges: bytes ETag: "38f289209522fd198c50c25bec5db163" Last-Modified: Wed, 08 Jan 2025 12:15:24 GMT Cache-Control: public, max-age=0, s-maxage=31536000 X-Cache: Hit from cloudfront Via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: 40F2D6dnKs1kIdGgO6C-bjJA5WMyHDTVxBUftdpD5uM0bH0ytVgXJA== Age: 293476
2025-01-11 23:19:24 UTC	10915	IN	Data Raw: 00 00 01 00 01 00 00 00 00 00 01 00 20 00 8d 2a 00 00 16 00 00 00 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 00 00 00 01 00 08 06 00 00 00 5c 72 a8 66 00 00 00 01 6f 72 4e 54 01 cf a2 77 9a 00 00 2a 47 49 44 41 54 78 da ed 9d 07 7c 54 65 d6 c6 df cc 4c 32 e9 bd 22 ba 2e a2 7e ea f2 ed 7e 6e 5f b7 a8 6b 59 dd b5 ec fa 6d 13 a5 48 e8 1d 02 22 35 60 59 54 54 7a 4f 42 09 bd 5b 10 45 60 05 db ae ba ee a7 54 05 92 c9 a4 37 92 cc 24 d3 e7 fd 9e 73 67 50 59 21 09 90 64 ee 9d 39 e7 f7 fb 73 27 85 e4 ce 7b ce f3 bc e7 7d ef 9d 89 10 1c aa 8a d4 5d 52 24 bc 22 45 e6 4e 29 b2 76 48 d1 6d 2b d8 86 c7 db 7d f4 d8 80 af ed 90 46 7c 2e be db 76 99 95 b9 5d 7e 17 9f bf 1b df db 17 4c 00 b3 c1 4a b0 03 ec 03 1f 81 13 c0 0c 6a 80 15 d8 80 0b 48 3f 2e ff e7 ac Data Ascii: PNGIHDR\rforNTwGIDATx\|TeL2".~~n_kYmH"5`YTTzOB[E`T7$sgPY!d9s'{}]R$"EN)vHm+}F\|.v]~LJjH?.

Session ID	Source IP	Source Port	Destination IP	Destination Port
29	192.168.2.6	49865	40.113.110.67	443

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:35 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 48 6c 69 77 47 71 69 59 6c 6b 4b 53 75 65 51 56 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 34 62 62 33 62 30 36 30 37 66 35 38 37 34 61 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: HliwGqiYlkKSueQV.1Context: e4bb3b0607f5874a
2025-01-11 23:19:35 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-11 23:19:35 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 48 6c 69 77 47 71 69 59 6c 6b 4b 53 75 65 51 56 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 34 62 62 33 62 30 36 30 37 66 35 38 37 34 61 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 53 57 73 30 4b 45 79 72 51 47 51 52 6c 63 67 6f 7a 6d 72 4f 41 48 58 56 31 69 38 4e 64 76 6a 58 4b 38 50 75 49 37 43 56 67 65 2f 46 31 41 2b 6b 72 43 38 74 38 34 4a 55 4e 70 44 50 38 6c 44 72 78 73 48 7a 33 69 69 61 32 41 67 48 53 68 59 77 5a 59 4a 63 69 78 6a 41 54 50 67 46 6e 78 66 75 45 75 39 5a 75 36 75 4a 41 4a 69 38 39 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: HliwGqiYlkKSueQV.2Context: e4bb3b0607f5874a<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAASWs0KEyrQGQRlcgozmrOAHXV1i8NdvjXK8PuI7CVge/F1A+krC8t84JUNpDP8lDrxsHz3iia2AgHShYwZYJcixjATPgFnxfuEu9Zu6uJAJi89
2025-01-11 23:19:35 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 48 6c 69 77 47 71 69 59 6c 6b 4b 53 75 65 51 56 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 34 62 62 33 62 30 36 30 37 66 35 38 37 34 61 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: HliwGqiYlkKSueQV.3Context: e4bb3b0607f5874a<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-11 23:19:35 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-11 23:19:35 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 76 37 6f 57 66 46 57 55 6f 55 32 31 6c 42 79 50 67 6a 4a 59 77 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: v7oWfFWUoU21lByPgjJYww.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
30	192.168.2.6	49990	40.113.110.67	443

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:19:56 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 66 44 5a 30 42 71 32 39 6d 45 4f 54 4f 56 38 56 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 31 63 30 39 36 31 36 39 32 66 34 32 66 32 30 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: fDZ0Bq29mEOTOV8V.1Context: 41c0961692f42f20
2025-01-11 23:19:56 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-11 23:19:56 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 66 44 5a 30 42 71 32 39 6d 45 4f 54 4f 56 38 56 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 31 63 30 39 36 31 36 39 32 66 34 32 66 32 30 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 53 57 73 30 4b 45 79 72 51 47 51 52 6c 63 67 6f 7a 6d 72 4f 41 48 58 56 31 69 38 4e 64 76 6a 58 4b 38 50 75 49 37 43 56 67 65 2f 46 31 41 2b 6b 72 43 38 74 38 34 4a 55 4e 70 44 50 38 6c 44 72 78 73 48 7a 33 69 69 61 32 41 67 48 53 68 59 77 5a 59 4a 63 69 78 6a 41 54 50 67 46 6e 78 66 75 45 75 39 5a 75 36 75 4a 41 4a 69 38 39 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: fDZ0Bq29mEOTOV8V.2Context: 41c0961692f42f20<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAASWs0KEyrQGQRlcgozmrOAHXV1i8NdvjXK8PuI7CVge/F1A+krC8t84JUNpDP8lDrxsHz3iia2AgHShYwZYJcixjATPgFnxfuEu9Zu6uJAJi89
2025-01-11 23:19:56 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 66 44 5a 30 42 71 32 39 6d 45 4f 54 4f 56 38 56 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 31 63 30 39 36 31 36 39 32 66 34 32 66 32 30 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: fDZ0Bq29mEOTOV8V.3Context: 41c0961692f42f20<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-11 23:19:56 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-11 23:19:56 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 47 7a 65 6c 68 33 65 61 74 30 4f 54 4b 77 4f 31 31 79 47 2b 35 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: Gzelh3eat0OTKwO11yG+5w.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
31	192.168.2.6	50028	40.113.110.67	443

Timestamp	Bytes transferred	Direction	Data
2025-01-11 23:20:24 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 31 45 2b 50 73 49 53 6f 5a 30 36 56 37 31 67 2b 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 35 34 64 36 35 37 36 30 63 63 63 66 66 31 64 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: 1E+PsISoZ06V71g+.1Context: 754d65760cccff1d
2025-01-11 23:20:24 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-11 23:20:24 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 31 45 2b 50 73 49 53 6f 5a 30 36 56 37 31 67 2b 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 35 34 64 36 35 37 36 30 63 63 63 66 66 31 64 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 53 57 73 30 4b 45 79 72 51 47 51 52 6c 63 67 6f 7a 6d 72 4f 41 48 58 56 31 69 38 4e 64 76 6a 58 4b 38 50 75 49 37 43 56 67 65 2f 46 31 41 2b 6b 72 43 38 74 38 34 4a 55 4e 70 44 50 38 6c 44 72 78 73 48 7a 33 69 69 61 32 41 67 48 53 68 59 77 5a 59 4a 63 69 78 6a 41 54 50 67 46 6e 78 66 75 45 75 39 5a 75 36 75 4a 41 4a 69 38 39 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: 1E+PsISoZ06V71g+.2Context: 754d65760cccff1d<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAASWs0KEyrQGQRlcgozmrOAHXV1i8NdvjXK8PuI7CVge/F1A+krC8t84JUNpDP8lDrxsHz3iia2AgHShYwZYJcixjATPgFnxfuEu9Zu6uJAJi89
2025-01-11 23:20:24 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 31 45 2b 50 73 49 53 6f 5a 30 36 56 37 31 67 2b 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 37 35 34 64 36 35 37 36 30 63 63 63 66 66 31 64 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: 1E+PsISoZ06V71g+.3Context: 754d65760cccff1d<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-11 23:20:25 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-11 23:20:25 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 58 58 49 4a 2f 38 44 44 74 45 47 62 45 51 51 43 4c 6a 59 62 65 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: XXIJ/8DDtEGbEQQCLjYbeg.0Payload parsing failed.

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 5332, Parent PID: 6092

General

Target ID:	1
Start time:	18:19:06
Start date:	11/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 7084, Parent PID: 5332

General

Target ID:	3
Start time:	18:19:11
Start date:	11/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 --field-trial-handle=2520,i,14649947336694683425,5017290247439971393,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6628, Parent PID: 6092

General

Target ID:	4
Start time:	18:19:17
Start date:	11/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://page-helpdesk-review-center.d21l3gt8ix4jpi.amplifyapp.com/"
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly