Edit tour

Windows Analysis Report
https://schoolmngt.ubpages.com/managent/

Overview

General Information

Sample URL:https://schoolmngt.ubpages.com/managent/
Analysis ID:1647450
Infos:

Detection

Score:48
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
Creates files inside the system directory
Deletes files inside the Windows folder
Detected clear text password fields (password is not hidden)
HTML body contains low number of good links
HTML title does not match URL

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64
  • chrome.exe (PID: 4724 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 1864 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1940,i,10938567176322679093,12905942111308703416,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2252 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 6436 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://schoolmngt.ubpages.com/managent/" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

Phishing

barindex
Source: https://schoolmngt.ubpages.com/managent/Joe Sandbox AI: Score: 9 Reasons: The brand 'Google' is well-known and typically associated with the domain 'google.com'., The URL 'schoolmngt.ubpages.com' does not match the legitimate domain for Google., The domain 'ubpages.com' is not associated with Google and appears to be a third-party domain., The presence of 'schoolmngt' as a subdomain is suspicious and not related to Google., The URL structure suggests a potential phishing attempt by using a third-party domain with a subdomain that could mislead users. DOM: 0.0.pages.csv
Source: https://schoolmngt.ubpages.com/managent/HTTP Parser: <input type="text"... for password input
Source: https://schoolmngt.ubpages.com/managent/HTTP Parser: Number of links: 0
Source: https://schoolmngt.ubpages.com/managent/HTTP Parser: Title: does not match URL
Source: https://schoolmngt.ubpages.com/managent/HTTP Parser: No favicon
Source: https://schoolmngt.ubpages.com/managent/HTTP Parser: No <meta name="author".. found
Source: https://schoolmngt.ubpages.com/managent/HTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 142.250.65.196:443 -> 192.168.2.7:49689 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.41.137:443 -> 192.168.2.7:49691 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.41.137:443 -> 192.168.2.7:49690 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.238.80.20:443 -> 192.168.2.7:49693 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.164.115.141:443 -> 192.168.2.7:49698 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.164.115.5:443 -> 192.168.2.7:49701 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.98.62
Source: unknownTCP traffic detected without corresponding DNS query: 23.199.215.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknownTCP traffic detected without corresponding DNS query: 23.199.215.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.98.62
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.81.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.81.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.81.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.81.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.81.227
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.81.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.81.227
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /managent/ HTTP/1.1Host: schoolmngt.ubpages.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/d5046483-1668-4739-a080-17dfa8f93d47/googleeee.original.png?1742835208 HTTP/1.1Host: schoolmngt.ubpages.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://schoolmngt.ubpages.com/managent/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ubvs=29666bf2-d1ad-44a5-af17-c44eff30603c; ubvt=v2%7C29666bf2-d1ad-44a5-af17-c44eff30603c%7C2865b8d7-7c69-4393-98fa-be4e5df152ba%3Aa%3Asingle%3Asingle; __cf_bm=xTUxLBnJvQhkgoFuBkN3yvUL7S8Y0Ld_J4TWfRMEJzs-1742848264-1.0.1.1-8VC2I0EcZIe9yZ44JWwIkMoQZqYyybcrCnuICpbnfau8CnAkACKeFfkj09DZW56y0Ib2vJB_0kINPuPs3CpWX.zrGEbjMvl1oZ50NMBP5VI
Source: global trafficHTTP traffic detected: GET /_ub/static/ts/786ffa188154a7a81202c5d108dc70f1e0214262.js HTTP/1.1Host: schoolmngt.ubpages.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://schoolmngt.ubpages.com/managent/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ubvs=29666bf2-d1ad-44a5-af17-c44eff30603c; ubvt=v2%7C29666bf2-d1ad-44a5-af17-c44eff30603c%7C2865b8d7-7c69-4393-98fa-be4e5df152ba%3Aa%3Asingle%3Asingle; __cf_bm=xTUxLBnJvQhkgoFuBkN3yvUL7S8Y0Ld_J4TWfRMEJzs-1742848264-1.0.1.1-8VC2I0EcZIe9yZ44JWwIkMoQZqYyybcrCnuICpbnfau8CnAkACKeFfkj09DZW56y0Ib2vJB_0kINPuPs3CpWX.zrGEbjMvl1oZ50NMBP5VI
Source: global trafficHTTP traffic detected: GET /published-css/main-ebbfc5e.z.css HTTP/1.1Host: builder-assets.unbounce.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://schoolmngt.ubpages.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /published-js/main.bundle-f4428e5.z.js HTTP/1.1Host: builder-assets.unbounce.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://schoolmngt.ubpages.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIkqHLAQiKo8sBCIWgzQEI9s/OAQjJ0c4BCIHWzgEIydzOAQiE4M4BCKLkzgEIr+TOAQjp5M4BSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /schoolmngt.ubpages.com/managent/ee408d78-googleeee_10l408h0ka07n00000e028.png HTTP/1.1Host: d9hhrg4mnvzow.cloudfront.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://schoolmngt.ubpages.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: schoolmngt.ubpages.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://schoolmngt.ubpages.com/managent/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ubvs=29666bf2-d1ad-44a5-af17-c44eff30603c; ubvt=v2%7C29666bf2-d1ad-44a5-af17-c44eff30603c%7C2865b8d7-7c69-4393-98fa-be4e5df152ba%3Aa%3Asingle%3Asingle; __cf_bm=xTUxLBnJvQhkgoFuBkN3yvUL7S8Y0Ld_J4TWfRMEJzs-1742848264-1.0.1.1-8VC2I0EcZIe9yZ44JWwIkMoQZqYyybcrCnuICpbnfau8CnAkACKeFfkj09DZW56y0Ib2vJB_0kINPuPs3CpWX.zrGEbjMvl1oZ50NMBP5VI
Source: global trafficHTTP traffic detected: GET /schoolmngt.ubpages.com/managent/ee408d78-googleeee_10l408h0ka07n00000e028.png HTTP/1.1Host: d9hhrg4mnvzow.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /r/gsr1.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Tue, 07 Jan 2025 07:28:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global trafficHTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: schoolmngt.ubpages.com
Source: global trafficDNS traffic detected: DNS query: builder-assets.unbounce.com
Source: global trafficDNS traffic detected: DNS query: d9hhrg4mnvzow.cloudfront.net
Source: unknownHTTP traffic detected: POST /_ub/i HTTP/1.1Host: schoolmngt.ubpages.comConnection: keep-aliveContent-Length: 1122sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/jsonsec-ch-ua-mobile: ?0Accept: */*Origin: https://schoolmngt.ubpages.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://schoolmngt.ubpages.com/managent/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ubvs=29666bf2-d1ad-44a5-af17-c44eff30603c; ubvt=v2%7C29666bf2-d1ad-44a5-af17-c44eff30603c%7C2865b8d7-7c69-4393-98fa-be4e5df152ba%3Aa%3Asingle%3Asingle; __cf_bm=xTUxLBnJvQhkgoFuBkN3yvUL7S8Y0Ld_J4TWfRMEJzs-1742848264-1.0.1.1-8VC2I0EcZIe9yZ44JWwIkMoQZqYyybcrCnuICpbnfau8CnAkACKeFfkj09DZW56y0Ib2vJB_0kINPuPs3CpWX.zrGEbjMvl1oZ50NMBP5VI
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 24 Mar 2025 20:31:04 GMTContent-Type: text/htmlContent-Length: 47Connection: closeX-Content-Type-Options: nosniffReferrer-Policy: strict-origin-when-cross-originContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'Server: cloudflareCF-RAY: 9258ee14996b9187-EWR
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 24 Mar 2025 20:31:06 GMTContent-Type: text/htmlContent-Length: 47Connection: closeX-Content-Type-Options: nosniffReferrer-Policy: strict-origin-when-cross-originContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'Server: cloudflareCF-RAY: 9258ee240aeb9cc1-EWR
Source: chromecache_54.1.drString found in binary or memory: http://schoolmngt.ubpages.com/managent/
Source: chromecache_54.1.drString found in binary or memory: https://app.unbounce.com/a4d797ce-475e-4026-a42d-99d08655048e
Source: chromecache_54.1.drString found in binary or memory: https://app.unbounce.com/c454ed71-3fce-43f4-9345-7523c8fed871
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49689
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49695 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49693 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49691 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49690 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49696
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49695
Source: unknownNetwork traffic detected: HTTP traffic on port 49694 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49694
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49672
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49693
Source: unknownNetwork traffic detected: HTTP traffic on port 49696 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49691
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49690
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49689 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
Source: unknownHTTPS traffic detected: 142.250.65.196:443 -> 192.168.2.7:49689 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.41.137:443 -> 192.168.2.7:49691 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.41.137:443 -> 192.168.2.7:49690 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.238.80.20:443 -> 192.168.2.7:49693 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.164.115.141:443 -> 192.168.2.7:49698 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.164.115.5:443 -> 192.168.2.7:49701 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir4724_1877151572Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir4724_1877151572Jump to behavior
Source: classification engineClassification label: mal48.phis.win@21/19@10/6
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1940,i,10938567176322679093,12905942111308703416,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2252 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://schoolmngt.ubpages.com/managent/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1940,i,10938567176322679093,12905942111308703416,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2252 /prefetch:3Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection
1
Masquerading
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
File Deletion
Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1647450 URL: https://schoolmngt.ubpages.... Startdate: 24/03/2025 Architecture: WINDOWS Score: 48 22 AI detected phishing page 2->22 6 chrome.exe 2 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 14 192.168.2.7, 443, 49672, 49689 unknown unknown 6->14 11 chrome.exe 6->11         started        process5 dnsIp6 16 schoolmngt.ubpages.com 104.18.41.137, 443, 49690, 49691 CLOUDFLARENETUS United States 11->16 18 d9hhrg4mnvzow.cloudfront.net 18.164.115.141, 443, 49698 MIT-GATEWAYSUS United States 11->18 20 3 other IPs or domains 11->20

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
https://schoolmngt.ubpages.com/managent/0%Avira URL Cloudsafe
No Antivirus matches
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
https://schoolmngt.ubpages.com/_ub/i0%Avira URL Cloudsafe
https://schoolmngt.ubpages.com/assets/d5046483-1668-4739-a080-17dfa8f93d47/googleeee.original.png?17428352080%Avira URL Cloudsafe
https://d9hhrg4mnvzow.cloudfront.net/schoolmngt.ubpages.com/managent/ee408d78-googleeee_10l408h0ka07n00000e028.png0%Avira URL Cloudsafe
https://schoolmngt.ubpages.com/_ub/static/ts/786ffa188154a7a81202c5d108dc70f1e0214262.js0%Avira URL Cloudsafe
https://schoolmngt.ubpages.com/favicon.ico0%Avira URL Cloudsafe
http://schoolmngt.ubpages.com/managent/0%Avira URL Cloudsafe

Download Network PCAP: filteredfull

NameIPActiveMaliciousAntivirus DetectionReputation
builder-assets.unbounce.com
18.238.80.20
truefalse
    high
    schoolmngt.ubpages.com
    104.18.41.137
    truetrue
      unknown
      d9hhrg4mnvzow.cloudfront.net
      18.164.115.141
      truefalse
        high
        www.google.com
        142.250.65.196
        truefalse
          high
          NameMaliciousAntivirus DetectionReputation
          https://schoolmngt.ubpages.com/managent/true
            unknown
            https://builder-assets.unbounce.com/published-css/main-ebbfc5e.z.cssfalse
              high
              https://schoolmngt.ubpages.com/favicon.icofalse
              • Avira URL Cloud: safe
              unknown
              https://schoolmngt.ubpages.com/assets/d5046483-1668-4739-a080-17dfa8f93d47/googleeee.original.png?1742835208false
              • Avira URL Cloud: safe
              unknown
              https://schoolmngt.ubpages.com/_ub/static/ts/786ffa188154a7a81202c5d108dc70f1e0214262.jsfalse
              • Avira URL Cloud: safe
              unknown
              https://schoolmngt.ubpages.com/_ub/ifalse
              • Avira URL Cloud: safe
              unknown
              https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                high
                https://builder-assets.unbounce.com/published-js/main.bundle-f4428e5.z.jsfalse
                  high
                  https://d9hhrg4mnvzow.cloudfront.net/schoolmngt.ubpages.com/managent/ee408d78-googleeee_10l408h0ka07n00000e028.pngfalse
                  • Avira URL Cloud: safe
                  unknown
                  NameSourceMaliciousAntivirus DetectionReputation
                  https://app.unbounce.com/a4d797ce-475e-4026-a42d-99d08655048echromecache_54.1.drfalse
                    high
                    https://app.unbounce.com/c454ed71-3fce-43f4-9345-7523c8fed871chromecache_54.1.drfalse
                      high
                      http://schoolmngt.ubpages.com/managent/chromecache_54.1.drfalse
                      • Avira URL Cloud: safe
                      unknown
                      • No. of IPs < 25%
                      • 25% < No. of IPs < 50%
                      • 50% < No. of IPs < 75%
                      • 75% < No. of IPs
                      IPDomainCountryFlagASNASN NameMalicious
                      142.250.65.196
                      www.google.comUnited States
                      15169GOOGLEUSfalse
                      18.164.115.5
                      unknownUnited States
                      3MIT-GATEWAYSUSfalse
                      18.238.80.20
                      builder-assets.unbounce.comUnited States
                      16509AMAZON-02USfalse
                      104.18.41.137
                      schoolmngt.ubpages.comUnited States
                      13335CLOUDFLARENETUStrue
                      18.164.115.141
                      d9hhrg4mnvzow.cloudfront.netUnited States
                      3MIT-GATEWAYSUSfalse
                      IP
                      192.168.2.7
                      Joe Sandbox version:42.0.0 Malachite
                      Analysis ID:1647450
                      Start date and time:2025-03-24 21:30:04 +01:00
                      Joe Sandbox product:CloudBasic
                      Overall analysis duration:0h 3m 1s
                      Hypervisor based Inspection enabled:false
                      Report type:full
                      Cookbook file name:browseurl.jbs
                      Sample URL:https://schoolmngt.ubpages.com/managent/
                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                      Number of analysed new started processes analysed:14
                      Number of new started drivers analysed:0
                      Number of existing processes analysed:0
                      Number of existing drivers analysed:0
                      Number of injected processes analysed:0
                      Technologies:
                      • EGA enabled
                      • AMSI enabled
                      Analysis Mode:default
                      Analysis stop reason:Timeout
                      Detection:MAL
                      Classification:mal48.phis.win@21/19@10/6
                      • Exclude process from analysis (whitelisted): sppsvc.exe, SIHClient.exe, SgrmBroker.exe, TextInputHost.exe, svchost.exe
                      • Excluded IPs from analysis (whitelisted): 142.251.40.131, 142.251.40.110, 142.250.80.46, 172.253.62.84, 142.251.40.206, 142.250.65.206, 142.251.40.238, 142.250.65.170, 142.250.65.234, 142.250.65.202, 142.251.32.106, 142.251.40.138, 142.251.40.202, 142.251.35.170, 142.251.40.170, 142.251.40.234, 142.251.41.10, 142.251.40.106, 172.217.165.138, 142.250.80.74, 142.250.80.106, 142.250.81.234, 142.250.176.202, 199.232.210.172, 142.251.35.174, 142.250.80.110, 142.250.65.238, 142.250.65.195, 142.250.176.206, 142.251.40.195, 20.109.210.53, 184.31.69.3
                      • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com, c.pki.goog
                      • Not all processes where analyzed, report is missing behavior information
                      • Report size getting too big, too many NtOpenFile calls found.
                      • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                      • VT rate limit hit for: https://schoolmngt.ubpages.com/managent/
                      No simulations
                      No context
                      No context
                      No context
                      No context
                      No context
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:gzip compressed data, was "main.css", last modified: Mon Mar 24 18:03:21 2025, from Unix, original size modulo 2^32 15106
                      Category:downloaded
                      Size (bytes):2944
                      Entropy (8bit):7.923227677104379
                      Encrypted:false
                      SSDEEP:48:XKho1kyMoWIrJOEUF5GN3CS0c9xd2vUBR591cyRtrkX0uFDiIFEjGnam+M50v7Au:mo1leIrJH85WZOO1cybwXBFuO7+pEX+
                      MD5:39FEFDFFDE049F459A5268AC38054B39
                      SHA1:D17269E2C4E525F0BF8976BE275850A24F8D2F0A
                      SHA-256:E76F00A95835BD40BC14F0003C4CC81ED78CEFD3C536FB09F6C6C36D058BC5C0
                      SHA-512:700742785C3BC5F009662A2BBC6203E75909EA4947D2DD28FA6FFFE1AB18998BBA616A92C1EB1B9BBB3F7ED20783A5AAA82983DD2A503082BAA7BDE0DE7FD658
                      Malicious:false
                      Reputation:low
                      URL:https://builder-assets.unbounce.com/published-css/main-ebbfc5e.z.css
                      Preview:....i..g..main.css..[.8...O.v.FWu....p....}.....H6........W..%$.\{.DL.....K.....H.....:.....0"pA....MY..".AR..L.....{Z...'P.q.%...)...r......Dfvx@\..J..%....Aw.#)*...//......^....)J.m3l.....).](..p.Yp^.....D.r.o....*.w*~2..\{8.QusH.Y^..a..../.....l.T..Q.....W.......h.P.uR.P.v|@.0.-!.K.......V.E}NNx.W.q.....\;_...x5........r.._...)S8u..OeQQ..;\.a~.......y.)>.{i.S.S..1..=).V.|.M.;7..o-..,.D..3%8GmBOl.......;....0....>..Mo..,......k./'4.F....M!}......):.q..Uz..X.d...J.&..^6.%.I.....\...f.D.. E..^..% }9V.9.quL.....=_......B.B.B.[..`7..,p..."7[...-+..D...mk.Q.....}rf....JW..sA.K3..fh6...-.u0(H.j:.`f.P.(..t.^]...?..O...2...k7..n........NnM."?r._A..p.......w.b.g..t/...H.v..0...w..QZT@.......6..K..4kYDN.<.W-....'......r..'....?bp`........$I.Y.~....a.b........*...t.%...C#v/.{...).........P..N...>.&.+...EB5=..l.e.F.]wE.......\.....D.....B4kK..j...;..vEY.../...ID.)..`.0s.<.y.i.^...[..;.UQ...7..W.#j.-*...c..v...df&.>.....v..!....E.p8.w.gZ.Wy(..
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with no line terminators
                      Category:downloaded
                      Size (bytes):28
                      Entropy (8bit):4.039148671903071
                      Encrypted:false
                      SSDEEP:3:QQinPrjJiY:+PrB
                      MD5:E7DD7096D0232111F1BBB78DFB0261C0
                      SHA1:1DBB0ACF17C2C4B3E0525F6CD7A63ACB63187BDD
                      SHA-256:909BE5D74A4DF779090FA7974832E4B889F30B80EF66F17093F093E55B772EB4
                      SHA-512:F91E6314C395C06DBB8211DC249BF469B3CD43AEED75C273450BDE4F47D31A6452DF11E4809C60AE519B311FA78F9B680A7A46871E3F067B43CA2C7FC49256DA
                      Malicious:false
                      Reputation:low
                      URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIgCSPUxQgpTqVFEgUNeG8SGRIFDXyAUzUhSUNIxBr_eTM=?alt=proto
                      Preview:ChIKBw14bxIZGgAKBw18gFM1GgA=
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (44628)
                      Category:downloaded
                      Size (bytes):44693
                      Entropy (8bit):5.391070864416709
                      Encrypted:false
                      SSDEEP:768:7EAfXgIEtL+jgBD+AkeYa8ADC7qfDfETk:ICXgHtyjgRk1bADC7qb
                      MD5:A29B73706E355AF9CECF33791DD81C03
                      SHA1:79E86B0E0AE9731141EE3B380FE55530EFCB5988
                      SHA-256:870E33C07DFAB900FFC54747F4D21E61F6557C9DDF22FFD892624AE522B824CD
                      SHA-512:B6853281C138C784E371140E92561A2AE554753FEB74244A47A676999F978EEFA9B8B2EE8B105C17624C07DFE085DF3C86C58B335DE5AF6B87ABFAD873408C07
                      Malicious:false
                      Reputation:low
                      URL:https://schoolmngt.ubpages.com/_ub/static/ts/786ffa188154a7a81202c5d108dc70f1e0214262.js
                      Preview:/*! For license information please see tracker.js.LICENSE.txt */.!function(){var e={366:function(e){var n={utf8:{stringToBytes:function(e){return n.bin.stringToBytes(unescape(encodeURIComponent(e)))},bytesToString:function(e){return decodeURIComponent(escape(n.bin.bytesToString(e)))}},bin:{stringToBytes:function(e){for(var n=[],t=0;t<e.length;t++)n.push(255&e.charCodeAt(t));return n},bytesToString:function(e){for(var n=[],t=0;t<e.length;t++)n.push(String.fromCharCode(e[t]));return n.join("")}}};e.exports=n},843:function(e){var n,t;n="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",t={rotl:function(e,n){return e<<n|e>>>32-n},rotr:function(e,n){return e<<32-n|e>>>n},endian:function(e){if(e.constructor==Number)return 16711935&t.rotl(e,8)|4278255360&t.rotl(e,24);for(var n=0;n<e.length;n++)e[n]=t.endian(e[n]);return e},randomBytes:function(e){for(var n=[];e>0;e--)n.push(Math.floor(256*Math.random()));return n},bytesToWords:function(e){for(var n=[],t=0,r=0;t<e.length;t++,r+
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:HTML document, ASCII text, with very long lines (1922)
                      Category:downloaded
                      Size (bytes):9188
                      Entropy (8bit):5.357577735794839
                      Encrypted:false
                      SSDEEP:192:v45ON3CsopSsqjK36WozqSiQ4aw2TloWC2DYjwlyUoRJk:v43VqjK36WouQvTlop2DYu
                      MD5:58E1B32BBD381FA225D48C75A0EC211C
                      SHA1:F77548E8401331E05780AE0D96666B6DD7649171
                      SHA-256:F172E2C0D5742579EDBC3C4515CC7D22582F0A74A60F518108CB15055F79C034
                      SHA-512:F100EBCDDC39B9893253E6F5875A4B17F5CBB5A35DBF968E1B498D29A0BEA1A50114955918D6F174FFB26EB4495EC7C358EB4BA2008A07EBE9D6F9A1B3456715
                      Malicious:false
                      Reputation:low
                      URL:https://schoolmngt.ubpages.com/managent/
                      Preview:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><META http-equiv="Content-Type" content="text/html; charset=UTF-8" >. 2865b8d7-7c69-4393-98fa-be4e5df152ba a-->.. <title></title>. <meta name="keywords" content="">. <meta name="description" content="">.. .. <link type="text/css" rel="stylesheet" href="blob:https://app.unbounce.com/a4d797ce-475e-4026-a42d-99d08655048e"><link type="text/css" rel="stylesheet" href="blob:https://app.unbounce.com/c454ed71-3fce-43f4-9345-7523c8fed871"><script>.//.window.gon.ensignFlags = {snapToGrid: false};.// .</script>... .. <meta name="robots" content="noindex, nofollow"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="lp-version" content="v6.24.191"><style title="page-styles" type="text/css" data-page-type="main_desktop">.body {. color:#000;.}.a {. color:#0000ff;. text-decoration:none;.}.#lp-pom-root
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with no line terminators
                      Category:downloaded
                      Size (bytes):47
                      Entropy (8bit):4.011411723741875
                      Encrypted:false
                      SSDEEP:3:GAJzRx3G/MRUezQF7hXWL:5zRx3G0Cezo8
                      MD5:F9AE9006943E3A67B95CA4C6C733B6D4
                      SHA1:9F9E7A7E2602D29E4DF8C38DF6277AB37FB1B079
                      SHA-256:CD8B79123A843EEE64985A23257E2FAB80EF2C4C08427B688EA979671FC1C457
                      SHA-512:7BCF52C862AAB427DAB5EDE35605A6A8B935CAC3982E6120ECE1FC7D9F81F95C05DDBB49CFB44E9E97C18C810459BE90B0B074F05D427C6592C125D5430F623D
                      Malicious:false
                      Reputation:low
                      URL:https://schoolmngt.ubpages.com/favicon.ico
                      Preview:The requested URL was not found on this server.
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 730 x 275, 8-bit colormap, non-interlaced
                      Category:downloaded
                      Size (bytes):2810
                      Entropy (8bit):7.59883834567946
                      Encrypted:false
                      SSDEEP:48:8llYu/6OGQWoOIHxh8KtEl9pkpY6FGQmvcTaxQA9g+jtqMkdQawJ6fdRMe6o1IqS:8L1SB4OIRh8KWfpIdFp5T2Pu+WdRuUb0
                      MD5:DEA5F9647084A87A0C6A15277F49118B
                      SHA1:AB4443A23D16255C65D4DC93A45A4CF552C92B7D
                      SHA-256:8EF1BB9D1FE2F4B6E10FB847848B518CAD94A80BE4227CA78C2D5C157AD60EE4
                      SHA-512:41C4CB0C10156A0C5A9FB207B0B45D534BC88B2EA034654DD62251B72F46E47C9386CC1349A0352D731E71C0020A9F3142230E4E10FF678ADA498C956DB6FF1D
                      Malicious:false
                      Reputation:low
                      URL:https://d9hhrg4mnvzow.cloudfront.net/schoolmngt.ubpages.com/managent/ee408d78-googleeee_10l408h0ka07n00000e028.png
                      Preview:.PNG........IHDR.............??Q.....PLTE...C...........1.Q.B6............f..=+%..$7~.<Zz+......8*{Y>5FdjK1.':M<4......w...j...........kK..............Mo............08H.....u......}[biwTNMa]c.......yC.g\...sm.L;y..ZL..V..5..[.l..Z..C...e8~Oi..c....pHYs.................IDATx...S.X...;.;....../@.# OE[......O.s...~.....S...t...S'..{Mh................t..[ S...1...m......q}.....N.n.?.8q^.{.!..B..p.rr.a...A...d.>.r....&..@.?|.../'...m.>./.F...t$H}..I7".....<$..B...d..}.\...l.?.WI7...G.^.d#.~?.5{....... .E;.||.".H....0......h.&.>....5....m..%/._.U.u.i.7.....~...W......U....._v.62..h#[..5$..md#....&.....d.$.H....h#..._.:........R=..........F...|..m..#.r.^..vs.~h*.h...hw....Zo..+.. ..R...$.O.._.O^.>&E.H....m....>I...h#..3y:.....!.u[..C..\C"..~..l...wp#.+..o....C.FF....o.&.^.M>...4%&...Ug..~....C..lu.bqm.........................A.h.w.6.G+....l.#.K...ys^.,.......n.'I..v./.=!.8......BEvi2.j...}s....=..5....#IwM.m.^...m>B3...Kp.`w.<...hE^)....
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with no line terminators
                      Category:downloaded
                      Size (bytes):47
                      Entropy (8bit):4.011411723741875
                      Encrypted:false
                      SSDEEP:3:GAJzRx3G/MRUezQF7hXWL:5zRx3G0Cezo8
                      MD5:F9AE9006943E3A67B95CA4C6C733B6D4
                      SHA1:9F9E7A7E2602D29E4DF8C38DF6277AB37FB1B079
                      SHA-256:CD8B79123A843EEE64985A23257E2FAB80EF2C4C08427B688EA979671FC1C457
                      SHA-512:7BCF52C862AAB427DAB5EDE35605A6A8B935CAC3982E6120ECE1FC7D9F81F95C05DDBB49CFB44E9E97C18C810459BE90B0B074F05D427C6592C125D5430F623D
                      Malicious:false
                      Reputation:low
                      URL:https://schoolmngt.ubpages.com/assets/d5046483-1668-4739-a080-17dfa8f93d47/googleeee.original.png?1742835208
                      Preview:The requested URL was not found on this server.
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 730 x 275, 8-bit colormap, non-interlaced
                      Category:dropped
                      Size (bytes):2810
                      Entropy (8bit):7.59883834567946
                      Encrypted:false
                      SSDEEP:48:8llYu/6OGQWoOIHxh8KtEl9pkpY6FGQmvcTaxQA9g+jtqMkdQawJ6fdRMe6o1IqS:8L1SB4OIRh8KWfpIdFp5T2Pu+WdRuUb0
                      MD5:DEA5F9647084A87A0C6A15277F49118B
                      SHA1:AB4443A23D16255C65D4DC93A45A4CF552C92B7D
                      SHA-256:8EF1BB9D1FE2F4B6E10FB847848B518CAD94A80BE4227CA78C2D5C157AD60EE4
                      SHA-512:41C4CB0C10156A0C5A9FB207B0B45D534BC88B2EA034654DD62251B72F46E47C9386CC1349A0352D731E71C0020A9F3142230E4E10FF678ADA498C956DB6FF1D
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.............??Q.....PLTE...C...........1.Q.B6............f..=+%..$7~.<Zz+......8*{Y>5FdjK1.':M<4......w...j...........kK..............Mo............08H.....u......}[biwTNMa]c.......yC.g\...sm.L;y..ZL..V..5..[.l..Z..C...e8~Oi..c....pHYs.................IDATx...S.X...;.;....../@.# OE[......O.s...~.....S...t...S'..{Mh................t..[ S...1...m......q}.....N.n.?.8q^.{.!..B..p.rr.a...A...d.>.r....&..@.?|.../'...m.>./.F...t$H}..I7".....<$..B...d..}.\...l.?.WI7...G.^.d#.~?.5{....... .E;.||.".H....0......h.&.>....5....m..%/._.U.u.i.7.....~...W......U....._v.62..h#[..5$..md#....&.....d.$.H....h#..._.:........R=..........F...|..m..#.r.^..vs.~h*.h...hw....Zo..+.. ..R...$.O.._.O^.>&E.H....m....>I...h#..3y:.....!.u[..C..\C"..~..l...wp#.+..o....C.FF....o.&.^.M>...4%&...Ug..~....C..lu.bqm.........................A.h.w.6.G+....l.#.K...ys^.,.......n.'I..v./.=!.8......BEvi2.j...}s....=..5....#IwM.m.^...m>B3...Kp.`w.<...hE^)....
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (3915)
                      Category:downloaded
                      Size (bytes):3920
                      Entropy (8bit):5.8250301044464825
                      Encrypted:false
                      SSDEEP:96:MKhlcH6666rpofyTyRsBcoDHwQ5jHkxzeGM17hJZQffffo:9XcH6666rpoR+BcorwQ1v1R
                      MD5:415D1C34B1D0F1A57E4B62CCC0901858
                      SHA1:721A72E60F4EC536F0C6540A5363F5F216557855
                      SHA-256:EE638686135750F2FAC62BBEAA7597F0782E0CC5D73293AE044C6034D7E329B4
                      SHA-512:BD6CD8FB4B829BBA4BE111876277D21D6861601E662C45FC859DC8087EF067FE7D7BD18B6F637FAD36DA2A23832D8F929B058FE394EB53487CF642FC513898D2
                      Malicious:false
                      Reputation:low
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE
                      Preview:)]}'.["",["bill chisholm celtics","assassin creed shadows","boeing fighter jets f 47","dairy queen blizzards 85 cents","1923 season 2 episode 5","fincen boi reporting","okc thunder la clippers","apple iphone 17 pro max price"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChoIkk4SFQoRVHJlbmRpbmcgc2VhcmNoZXMoCg\u003d\u003d","google:suggestdetail":[{"zl":10002},{"google:entityinfo":"Cg0vZy8xMXR4X3h4cHg2EgpWaWRlbyBnYW1lMs8QZGF0YTppbWFnZS9qcGVnO2Jhc2U2NCwvOWovNEFBUVNrWkpSZ0FCQVFBQUFRQUJBQUQvMndDRUFBa0dCd2dIQmdrSUJ3Z0tDZ2tMRFJZUERRd01EUnNVRlJBV0lCMGlJaUFkSHg4a0tEUXNKQ1l4Sng4ZkxUMHRNVFUzT2pvNkl5cy9SRDg0UXpRNU9qY0JDZ29LRFF3TkdnOFBHamNsSHlVM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOLy9BQUJFSUFFQUFRQU1CRVFBQ0VRRURFUUgveEFBYkFBRUFBZ01CQVFBQUFBQUFBQUFBQUFBQUJRWUNBd1FIQWYvRUFEUVFBQUVEQXdJQ0J3WUdBd0FBQUFBQUFBRUNBd1FBQlJFU0lRWXhFeUpCVVdGeGdRY1VJMktSc1JVeVFsS2g0VFNDa3YvRUFCb0JBUUFEQVFFQkFBQUFBQUFBQUFBQUFBQ
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:gzip compressed data, was "main.bundle.js", last modified: Mon Mar 24 18:03:21 2025, from Unix, original size modulo 2^32 141610
                      Category:downloaded
                      Size (bytes):41663
                      Entropy (8bit):7.993428287053838
                      Encrypted:true
                      SSDEEP:768:pdNzUh9MZ4rjJhri/4+sTe7SE78zsAYfbVjTPdP1t0YLOqT1kfleGzlsLJ:pdNoE4S/wepZfbVjT3t0Ykfl7G
                      MD5:A942D0203943698FDCB45C73A57FE5A1
                      SHA1:41C68888DC5E22F56308E628FD5F824B1E397858
                      SHA-256:D33C9752EC2E075A999D45AAD3F334D04CAAD2C8C96B68C5562F874528569C27
                      SHA-512:AAFCBC08CDABF5A74C3A7DB4613F3AE562C6AE08988E46EB8E0D5F80EC3A350FE59046D79185C32C49BD793A6AB18046F726A992E78DBBB4685B6EAB6E592939
                      Malicious:false
                      Reputation:low
                      URL:https://builder-assets.unbounce.com/published-js/main.bundle-f4428e5.z.js
                      Preview:....i..g..main.bundle.js..[.s.F..+".N..#.R.{.h..q..\./r.UG1*.....1.``Y+r..}=......rU{uW...y.....Ao.T3-d.W..B...a;.'2.X....b5..&.9=.."..z..._K...a.e...YQ..N]9.,<../e..0.$.t+.U^1..r..y.R.....T.c......t:..Q..J..........W......:......x.C.T..<...~.....~5.....jy...n.......x..]e..7%...{.sts.k..w..,.:...........2....<.[..A..T.I3U..5..S.K.L..mk.;.f....US.....A".!.b.J....>..*4V}i..._..u..*6.v"@E...x.uw..1.SQ..]L%....xT.l....s..jGm.vT.:.......,*"H..4....c.ZI-i.._.U.YV.......Ip../..6...y......]...~Tp.V...".j...T..b~2.!(F...dy.....Ya...P...V.U.E...t53-Ug..4\._.S..tj..M`.>.:K.^...._l.X.)............[g.1.....4.".k...j..3..E).B..^3...[.&.Y..y..;..5.un..;. ....T....W.e5s.*~g....YQ.x.k.d1..oR..82.".SQ.........^ .%..fO.c.......u.=Z....]..V..-y....._.J/8.....[...&a...P..:.....".L.u..X=..t..QxD}f..Uu)f..tB..qT.[....G......]<..9..j.k3]W..;......._.|A.~....F....A..=..[7{.......q4m..R@.i.<...J...X.y5...%,3...{.6N.....x[.0..j}..V.?.P....I.'[E0..-D.n.R*.K#..
                      No static file info

                      Download Network PCAP: filteredfull

                      • Total Packets: 165
                      • 443 (HTTPS)
                      • 80 (HTTP)
                      • 53 (DNS)
                      TimestampSource PortDest PortSource IPDest IP
                      Mar 24, 2025 21:30:52.519197941 CET49677443192.168.2.72.18.98.62
                      Mar 24, 2025 21:30:52.519210100 CET4967680192.168.2.723.199.215.203
                      Mar 24, 2025 21:30:54.019006968 CET49675443192.168.2.72.23.227.208
                      Mar 24, 2025 21:30:54.019083977 CET49674443192.168.2.72.23.227.208
                      Mar 24, 2025 21:30:54.019083023 CET49673443192.168.2.72.23.227.208
                      Mar 24, 2025 21:31:02.128631115 CET4967680192.168.2.723.199.215.203
                      Mar 24, 2025 21:31:02.128638983 CET49677443192.168.2.72.18.98.62
                      Mar 24, 2025 21:31:02.816997051 CET49689443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:31:02.817049026 CET44349689142.250.65.196192.168.2.7
                      Mar 24, 2025 21:31:02.817121029 CET49689443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:31:02.817301035 CET49689443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:31:02.817317009 CET44349689142.250.65.196192.168.2.7
                      Mar 24, 2025 21:31:03.030751944 CET44349689142.250.65.196192.168.2.7
                      Mar 24, 2025 21:31:03.030822992 CET49689443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:31:03.032391071 CET49689443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:31:03.032402992 CET44349689142.250.65.196192.168.2.7
                      Mar 24, 2025 21:31:03.032681942 CET44349689142.250.65.196192.168.2.7
                      Mar 24, 2025 21:31:03.082434893 CET49689443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:31:03.618632078 CET49675443192.168.2.72.23.227.208
                      Mar 24, 2025 21:31:03.618653059 CET49674443192.168.2.72.23.227.208
                      Mar 24, 2025 21:31:03.623044968 CET49673443192.168.2.72.23.227.208
                      Mar 24, 2025 21:31:03.778702974 CET49690443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:03.778760910 CET44349690104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:03.778841019 CET49690443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:03.779485941 CET49691443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:03.779524088 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:03.779611111 CET49691443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:03.779745102 CET49690443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:03.779762983 CET44349690104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:03.779978991 CET49691443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:03.779990911 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.005626917 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.005729914 CET49691443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.006481886 CET44349690104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.006552935 CET49690443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.006915092 CET49691443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.006926060 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.007215977 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.007756948 CET49690443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.007774115 CET44349690104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.008018017 CET44349690104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.008119106 CET49691443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.048324108 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.050548077 CET49690443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.311489105 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.311614037 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.311687946 CET49691443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.311702013 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.311770916 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.311800003 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.311846018 CET49691443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.311855078 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.311986923 CET49691443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.314316988 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.317435026 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.317509890 CET49691443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.317529917 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.317574024 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.317656994 CET49691443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.334148884 CET49691443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.334175110 CET44349691104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.370353937 CET49690443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.416325092 CET44349690104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.454184055 CET49693443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:04.454225063 CET4434969318.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:04.454308033 CET49693443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:04.454679966 CET49693443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:04.454694986 CET4434969318.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:04.597151041 CET44349690104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.597198963 CET44349690104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.597753048 CET49690443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.598267078 CET49690443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.598300934 CET44349690104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.601353884 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.601408958 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.601548910 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.601952076 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.601965904 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.824639082 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.825228930 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.825257063 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:04.825634956 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:04.825644016 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.078159094 CET4434969318.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.078294039 CET49693443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.101356030 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.101404905 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.101469994 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.101501942 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.101504087 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.101516008 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.101552963 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.101567984 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.101615906 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.103176117 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.106316090 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.108350039 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.108386040 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.108436108 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.108447075 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.108483076 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.111090899 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.113435030 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.113444090 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.115659952 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.115694046 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.115746975 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.115755081 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.115801096 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.118117094 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.120620966 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.120673895 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.120687962 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.120697975 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.120773077 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.124181986 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.127991915 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.129429102 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.129437923 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.130693913 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.132452011 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.132483959 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.132527113 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.132539034 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.132558107 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.188589096 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.202828884 CET49693443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.202858925 CET4434969318.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.203169107 CET4434969318.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.203634024 CET49693443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.210289001 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.211133003 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.211172104 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.211200953 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.211216927 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.211256027 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.213453054 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.217341900 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.217370987 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.217380047 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.217391968 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.217437029 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.217443943 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.217463970 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.217535973 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.218453884 CET49694443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.218473911 CET44349694104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.224561930 CET49695443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.224596977 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.224776030 CET49695443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.225100994 CET49695443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.225114107 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.248334885 CET4434969318.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.352924109 CET4434969318.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.352956057 CET4434969318.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.353069067 CET49693443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.353092909 CET4434969318.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.353110075 CET4434969318.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.353167057 CET49693443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.354150057 CET49693443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.354171038 CET4434969318.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.406282902 CET49696443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.406328917 CET44349696104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.406512022 CET49696443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.415705919 CET49696443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.415719986 CET44349696104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.426537991 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.426907063 CET49695443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.426922083 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.427117109 CET49695443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.427123070 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.638004065 CET44349696104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.638326883 CET49696443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.638354063 CET44349696104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.638933897 CET49696443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.638940096 CET44349696104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.639044046 CET49696443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.639049053 CET44349696104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.693758965 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.693785906 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.693800926 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.693847895 CET49695443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.693871975 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.693958044 CET49695443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.696533918 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.696640968 CET49695443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.702394009 CET49689443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:31:05.712580919 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.712600946 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.712697983 CET49695443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.712714911 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.712733984 CET49695443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.712800980 CET49695443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.744352102 CET44349689142.250.65.196192.168.2.7
                      Mar 24, 2025 21:31:05.787214041 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.787291050 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.787314892 CET49695443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.787354946 CET49695443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.787970066 CET49695443192.168.2.718.238.80.20
                      Mar 24, 2025 21:31:05.787988901 CET4434969518.238.80.20192.168.2.7
                      Mar 24, 2025 21:31:05.836059093 CET44349689142.250.65.196192.168.2.7
                      Mar 24, 2025 21:31:05.836117029 CET44349689142.250.65.196192.168.2.7
                      Mar 24, 2025 21:31:05.836144924 CET44349689142.250.65.196192.168.2.7
                      Mar 24, 2025 21:31:05.836195946 CET49689443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:31:05.836215973 CET44349689142.250.65.196192.168.2.7
                      Mar 24, 2025 21:31:05.836275101 CET49689443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:31:05.842636108 CET44349689142.250.65.196192.168.2.7
                      Mar 24, 2025 21:31:05.843780041 CET44349689142.250.65.196192.168.2.7
                      Mar 24, 2025 21:31:05.843858004 CET49689443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:31:05.844106913 CET49689443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:31:05.844127893 CET44349689142.250.65.196192.168.2.7
                      Mar 24, 2025 21:31:05.903980970 CET44349696104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.904047966 CET44349696104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.904164076 CET49696443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.905064106 CET49696443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:05.905083895 CET44349696104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:05.935961008 CET49698443192.168.2.718.164.115.141
                      Mar 24, 2025 21:31:05.935997009 CET4434969818.164.115.141192.168.2.7
                      Mar 24, 2025 21:31:05.936228991 CET49698443192.168.2.718.164.115.141
                      Mar 24, 2025 21:31:05.936392069 CET49698443192.168.2.718.164.115.141
                      Mar 24, 2025 21:31:05.936405897 CET4434969818.164.115.141192.168.2.7
                      Mar 24, 2025 21:31:06.141607046 CET4434969818.164.115.141192.168.2.7
                      Mar 24, 2025 21:31:06.141669989 CET49698443192.168.2.718.164.115.141
                      Mar 24, 2025 21:31:06.143637896 CET49698443192.168.2.718.164.115.141
                      Mar 24, 2025 21:31:06.143646002 CET4434969818.164.115.141192.168.2.7
                      Mar 24, 2025 21:31:06.143906116 CET4434969818.164.115.141192.168.2.7
                      Mar 24, 2025 21:31:06.144387007 CET49698443192.168.2.718.164.115.141
                      Mar 24, 2025 21:31:06.188322067 CET4434969818.164.115.141192.168.2.7
                      Mar 24, 2025 21:31:06.468966961 CET4434969818.164.115.141192.168.2.7
                      Mar 24, 2025 21:31:06.468992949 CET4434969818.164.115.141192.168.2.7
                      Mar 24, 2025 21:31:06.469038010 CET49698443192.168.2.718.164.115.141
                      Mar 24, 2025 21:31:06.469050884 CET4434969818.164.115.141192.168.2.7
                      Mar 24, 2025 21:31:06.469400883 CET4434969818.164.115.141192.168.2.7
                      Mar 24, 2025 21:31:06.469505072 CET49698443192.168.2.718.164.115.141
                      Mar 24, 2025 21:31:06.469888926 CET49698443192.168.2.718.164.115.141
                      Mar 24, 2025 21:31:06.469898939 CET4434969818.164.115.141192.168.2.7
                      Mar 24, 2025 21:31:06.469912052 CET49698443192.168.2.718.164.115.141
                      Mar 24, 2025 21:31:06.469935894 CET49698443192.168.2.718.164.115.141
                      Mar 24, 2025 21:31:06.479037046 CET49699443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:06.479057074 CET44349699104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:06.479168892 CET49699443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:06.479326963 CET49699443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:06.479334116 CET44349699104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:06.618253946 CET49701443192.168.2.718.164.115.5
                      Mar 24, 2025 21:31:06.618299961 CET4434970118.164.115.5192.168.2.7
                      Mar 24, 2025 21:31:06.618371010 CET49701443192.168.2.718.164.115.5
                      Mar 24, 2025 21:31:06.618587971 CET49701443192.168.2.718.164.115.5
                      Mar 24, 2025 21:31:06.618602991 CET4434970118.164.115.5192.168.2.7
                      Mar 24, 2025 21:31:06.694654942 CET44349699104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:06.694987059 CET49699443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:06.695010900 CET44349699104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:06.695177078 CET49699443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:06.695182085 CET44349699104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:06.920698881 CET4434970118.164.115.5192.168.2.7
                      Mar 24, 2025 21:31:06.920783997 CET49701443192.168.2.718.164.115.5
                      Mar 24, 2025 21:31:06.921283960 CET49701443192.168.2.718.164.115.5
                      Mar 24, 2025 21:31:06.921293974 CET4434970118.164.115.5192.168.2.7
                      Mar 24, 2025 21:31:06.921530962 CET4434970118.164.115.5192.168.2.7
                      Mar 24, 2025 21:31:06.921876907 CET49701443192.168.2.718.164.115.5
                      Mar 24, 2025 21:31:06.951836109 CET44349699104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:06.951888084 CET44349699104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:06.952007055 CET49699443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:06.952815056 CET49699443192.168.2.7104.18.41.137
                      Mar 24, 2025 21:31:06.952831984 CET44349699104.18.41.137192.168.2.7
                      Mar 24, 2025 21:31:06.968316078 CET4434970118.164.115.5192.168.2.7
                      Mar 24, 2025 21:31:07.148463964 CET4434970118.164.115.5192.168.2.7
                      Mar 24, 2025 21:31:07.148482084 CET4434970118.164.115.5192.168.2.7
                      Mar 24, 2025 21:31:07.148632050 CET49701443192.168.2.718.164.115.5
                      Mar 24, 2025 21:31:07.148648024 CET4434970118.164.115.5192.168.2.7
                      Mar 24, 2025 21:31:07.149260044 CET4434970118.164.115.5192.168.2.7
                      Mar 24, 2025 21:31:07.149753094 CET49701443192.168.2.718.164.115.5
                      Mar 24, 2025 21:31:07.149760962 CET4434970118.164.115.5192.168.2.7
                      Mar 24, 2025 21:31:07.149811983 CET49701443192.168.2.718.164.115.5
                      Mar 24, 2025 21:31:07.149811983 CET49701443192.168.2.718.164.115.5
                      Mar 24, 2025 21:31:07.149836063 CET49701443192.168.2.718.164.115.5
                      Mar 24, 2025 21:31:13.448298931 CET4970480192.168.2.7142.250.81.227
                      Mar 24, 2025 21:31:13.545150995 CET8049704142.250.81.227192.168.2.7
                      Mar 24, 2025 21:31:13.545414925 CET4970480192.168.2.7142.250.81.227
                      Mar 24, 2025 21:31:13.545536041 CET4970480192.168.2.7142.250.81.227
                      Mar 24, 2025 21:31:13.646150112 CET8049704142.250.81.227192.168.2.7
                      Mar 24, 2025 21:31:13.648607016 CET8049704142.250.81.227192.168.2.7
                      Mar 24, 2025 21:31:13.654210091 CET4970480192.168.2.7142.250.81.227
                      Mar 24, 2025 21:31:13.753511906 CET8049704142.250.81.227192.168.2.7
                      Mar 24, 2025 21:31:13.800704002 CET4970480192.168.2.7142.250.81.227
                      Mar 24, 2025 21:31:14.903553963 CET49672443192.168.2.72.23.227.208
                      Mar 24, 2025 21:31:14.903598070 CET443496722.23.227.208192.168.2.7
                      Mar 24, 2025 21:31:29.371428967 CET49671443192.168.2.7204.79.197.203
                      Mar 24, 2025 21:31:29.684983015 CET49671443192.168.2.7204.79.197.203
                      Mar 24, 2025 21:31:30.290404081 CET49671443192.168.2.7204.79.197.203
                      Mar 24, 2025 21:31:31.493458033 CET49671443192.168.2.7204.79.197.203
                      Mar 24, 2025 21:31:33.899094105 CET49671443192.168.2.7204.79.197.203
                      Mar 24, 2025 21:31:37.936769962 CET49678443192.168.2.720.189.173.15
                      Mar 24, 2025 21:31:38.248327017 CET49678443192.168.2.720.189.173.15
                      Mar 24, 2025 21:31:38.713413954 CET49671443192.168.2.7204.79.197.203
                      Mar 24, 2025 21:31:38.855031967 CET49678443192.168.2.720.189.173.15
                      Mar 24, 2025 21:31:40.057903051 CET49678443192.168.2.720.189.173.15
                      Mar 24, 2025 21:31:42.464303970 CET49678443192.168.2.720.189.173.15
                      Mar 24, 2025 21:31:47.275500059 CET49678443192.168.2.720.189.173.15
                      Mar 24, 2025 21:31:48.324510098 CET49671443192.168.2.7204.79.197.203
                      Mar 24, 2025 21:31:56.885782957 CET49678443192.168.2.720.189.173.15
                      Mar 24, 2025 21:32:02.763829947 CET49716443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:32:02.763883114 CET44349716142.250.65.196192.168.2.7
                      Mar 24, 2025 21:32:02.764003992 CET49716443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:32:02.764189005 CET49716443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:32:02.764203072 CET44349716142.250.65.196192.168.2.7
                      Mar 24, 2025 21:32:02.981059074 CET44349716142.250.65.196192.168.2.7
                      Mar 24, 2025 21:32:02.981483936 CET49716443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:32:02.981509924 CET44349716142.250.65.196192.168.2.7
                      Mar 24, 2025 21:32:13.026478052 CET44349716142.250.65.196192.168.2.7
                      Mar 24, 2025 21:32:13.026531935 CET44349716142.250.65.196192.168.2.7
                      Mar 24, 2025 21:32:13.026580095 CET49716443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:32:13.969383955 CET4970480192.168.2.7142.250.81.227
                      Mar 24, 2025 21:32:14.065808058 CET8049704142.250.81.227192.168.2.7
                      Mar 24, 2025 21:32:14.065864086 CET4970480192.168.2.7142.250.81.227
                      Mar 24, 2025 21:32:14.958189011 CET49716443192.168.2.7142.250.65.196
                      Mar 24, 2025 21:32:14.958230019 CET44349716142.250.65.196192.168.2.7
                      TimestampSource PortDest PortSource IPDest IP
                      Mar 24, 2025 21:30:58.463381052 CET53507241.1.1.1192.168.2.7
                      Mar 24, 2025 21:30:58.509856939 CET53613591.1.1.1192.168.2.7
                      Mar 24, 2025 21:30:59.295650959 CET53498041.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:02.708710909 CET4996953192.168.2.71.1.1.1
                      Mar 24, 2025 21:31:02.708890915 CET6330753192.168.2.71.1.1.1
                      Mar 24, 2025 21:31:02.814264059 CET53499691.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:02.815804958 CET53633071.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:03.619959116 CET6122453192.168.2.71.1.1.1
                      Mar 24, 2025 21:31:03.620173931 CET6280953192.168.2.71.1.1.1
                      Mar 24, 2025 21:31:03.735443115 CET53628091.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:03.777915001 CET53612241.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:04.333796024 CET6546253192.168.2.71.1.1.1
                      Mar 24, 2025 21:31:04.333956003 CET5178853192.168.2.71.1.1.1
                      Mar 24, 2025 21:31:04.440988064 CET53517881.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:04.453466892 CET53654621.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:05.525789976 CET53603211.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:05.815371037 CET5470453192.168.2.71.1.1.1
                      Mar 24, 2025 21:31:05.815826893 CET5201253192.168.2.71.1.1.1
                      Mar 24, 2025 21:31:05.923439980 CET53520121.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:05.935223103 CET53547041.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:06.481286049 CET5380053192.168.2.71.1.1.1
                      Mar 24, 2025 21:31:06.481553078 CET5679053192.168.2.71.1.1.1
                      Mar 24, 2025 21:31:06.589454889 CET53567901.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:06.617304087 CET53538001.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:16.518253088 CET53568561.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:35.310235023 CET53651861.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:57.817069054 CET53620981.1.1.1192.168.2.7
                      Mar 24, 2025 21:31:58.043822050 CET53497921.1.1.1192.168.2.7
                      Mar 24, 2025 21:32:01.155019045 CET53578481.1.1.1192.168.2.7
                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                      Mar 24, 2025 21:31:02.708710909 CET192.168.2.71.1.1.10x16c6Standard query (0)www.google.comA (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:02.708890915 CET192.168.2.71.1.1.10x554Standard query (0)www.google.com65IN (0x0001)false
                      Mar 24, 2025 21:31:03.619959116 CET192.168.2.71.1.1.10x629dStandard query (0)schoolmngt.ubpages.comA (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:03.620173931 CET192.168.2.71.1.1.10x70b5Standard query (0)schoolmngt.ubpages.com65IN (0x0001)false
                      Mar 24, 2025 21:31:04.333796024 CET192.168.2.71.1.1.10x2ebbStandard query (0)builder-assets.unbounce.comA (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:04.333956003 CET192.168.2.71.1.1.10x46b2Standard query (0)builder-assets.unbounce.com65IN (0x0001)false
                      Mar 24, 2025 21:31:05.815371037 CET192.168.2.71.1.1.10xf4c3Standard query (0)d9hhrg4mnvzow.cloudfront.netA (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:05.815826893 CET192.168.2.71.1.1.10x736dStandard query (0)d9hhrg4mnvzow.cloudfront.net65IN (0x0001)false
                      Mar 24, 2025 21:31:06.481286049 CET192.168.2.71.1.1.10x7c6Standard query (0)d9hhrg4mnvzow.cloudfront.netA (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:06.481553078 CET192.168.2.71.1.1.10x5953Standard query (0)d9hhrg4mnvzow.cloudfront.net65IN (0x0001)false
                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                      Mar 24, 2025 21:31:02.814264059 CET1.1.1.1192.168.2.70x16c6No error (0)www.google.com142.250.65.196A (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:02.815804958 CET1.1.1.1192.168.2.70x554No error (0)www.google.com65IN (0x0001)false
                      Mar 24, 2025 21:31:03.777915001 CET1.1.1.1192.168.2.70x629dNo error (0)schoolmngt.ubpages.com104.18.41.137A (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:03.777915001 CET1.1.1.1192.168.2.70x629dNo error (0)schoolmngt.ubpages.com172.64.146.119A (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:04.453466892 CET1.1.1.1192.168.2.70x2ebbNo error (0)builder-assets.unbounce.com18.238.80.20A (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:04.453466892 CET1.1.1.1192.168.2.70x2ebbNo error (0)builder-assets.unbounce.com18.238.80.123A (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:04.453466892 CET1.1.1.1192.168.2.70x2ebbNo error (0)builder-assets.unbounce.com18.238.80.39A (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:04.453466892 CET1.1.1.1192.168.2.70x2ebbNo error (0)builder-assets.unbounce.com18.238.80.109A (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:05.935223103 CET1.1.1.1192.168.2.70xf4c3No error (0)d9hhrg4mnvzow.cloudfront.net18.164.115.141A (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:05.935223103 CET1.1.1.1192.168.2.70xf4c3No error (0)d9hhrg4mnvzow.cloudfront.net18.164.115.5A (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:05.935223103 CET1.1.1.1192.168.2.70xf4c3No error (0)d9hhrg4mnvzow.cloudfront.net18.164.115.116A (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:05.935223103 CET1.1.1.1192.168.2.70xf4c3No error (0)d9hhrg4mnvzow.cloudfront.net18.164.115.225A (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:06.617304087 CET1.1.1.1192.168.2.70x7c6No error (0)d9hhrg4mnvzow.cloudfront.net18.164.115.5A (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:06.617304087 CET1.1.1.1192.168.2.70x7c6No error (0)d9hhrg4mnvzow.cloudfront.net18.164.115.225A (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:06.617304087 CET1.1.1.1192.168.2.70x7c6No error (0)d9hhrg4mnvzow.cloudfront.net18.164.115.116A (IP address)IN (0x0001)false
                      Mar 24, 2025 21:31:06.617304087 CET1.1.1.1192.168.2.70x7c6No error (0)d9hhrg4mnvzow.cloudfront.net18.164.115.141A (IP address)IN (0x0001)false
                      • schoolmngt.ubpages.com
                        • builder-assets.unbounce.com
                        • d9hhrg4mnvzow.cloudfront.net
                      • www.google.com
                      • c.pki.goog
                      Session IDSource IPSource PortDestination IPDestination Port
                      0192.168.2.749704142.250.81.22780
                      TimestampBytes transferredDirectionData
                      Mar 24, 2025 21:31:13.545536041 CET202OUTGET /r/gsr1.crl HTTP/1.1
                      Cache-Control: max-age = 3000
                      Connection: Keep-Alive
                      Accept: */*
                      If-Modified-Since: Tue, 07 Jan 2025 07:28:00 GMT
                      User-Agent: Microsoft-CryptoAPI/10.0
                      Host: c.pki.goog
                      Mar 24, 2025 21:31:13.648607016 CET222INHTTP/1.1 304 Not Modified
                      Date: Mon, 24 Mar 2025 20:19:48 GMT
                      Expires: Mon, 24 Mar 2025 21:09:48 GMT
                      Age: 685
                      Last-Modified: Tue, 07 Jan 2025 07:28:00 GMT
                      Cache-Control: public, max-age=3000
                      Vary: Accept-Encoding
                      Mar 24, 2025 21:31:13.654210091 CET200OUTGET /r/r4.crl HTTP/1.1
                      Cache-Control: max-age = 3000
                      Connection: Keep-Alive
                      Accept: */*
                      If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT
                      User-Agent: Microsoft-CryptoAPI/10.0
                      Host: c.pki.goog
                      Mar 24, 2025 21:31:13.753511906 CET223INHTTP/1.1 304 Not Modified
                      Date: Mon, 24 Mar 2025 20:10:24 GMT
                      Expires: Mon, 24 Mar 2025 21:00:24 GMT
                      Age: 1249
                      Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
                      Cache-Control: public, max-age=3000
                      Vary: Accept-Encoding


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      0192.168.2.749691104.18.41.1374431864C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-24 20:31:04 UTC681OUTGET /managent/ HTTP/1.1
                      Host: schoolmngt.ubpages.com
                      Connection: keep-alive
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      sec-ch-ua-platform: "Windows"
                      Upgrade-Insecure-Requests: 1
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                      Sec-Fetch-Site: none
                      Sec-Fetch-Mode: navigate
                      Sec-Fetch-User: ?1
                      Sec-Fetch-Dest: document
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-24 20:31:04 UTC1361INHTTP/1.1 200 OK
                      Date: Mon, 24 Mar 2025 20:31:04 GMT
                      Content-Type: text/html; charset=utf-8
                      Transfer-Encoding: chunked
                      Connection: close
                      set-cookie: ubvs=29666bf2-d1ad-44a5-af17-c44eff30603c; Max-Age=15552000; Path=/; SameSite=Lax
                      content-location: https://schoolmngt.ubpages.com/managent/
                      etag: W/"a:29666bf2d1ad44a5af17c44eff30603c"
                      link: <https://schoolmngt.ubpages.com/managent/>; rel="canonical"
                      x-unbounce-pageid: 2865b8d7-7c69-4393-98fa-be4e5df152ba
                      x-unbounce-variant: a
                      x-unbounce-visitorid: 29666bf2-d1ad-44a5-af17-c44eff30603c
                      cf-cache-status: DYNAMIC
                      vary: accept-encoding
                      Set-Cookie: ubvt=v2%7C29666bf2-d1ad-44a5-af17-c44eff30603c%7C2865b8d7-7c69-4393-98fa-be4e5df152ba%3Aa%3Asingle%3Asingle; Max-Age=259200; Domain=ubpages.com; Path=/; SameSite=Lax
                      Set-Cookie: ubpv=a%2C2865b8d7-7c69-4393-98fa-be4e5df152ba; Max-Age=15897600; Path=/managent/; SameSite=Lax
                      Set-Cookie: __cf_bm=xTUxLBnJvQhkgoFuBkN3yvUL7S8Y0Ld_J4TWfRMEJzs-1742848264-1.0.1.1-8VC2I0EcZIe9yZ44JWwIkMoQZqYyybcrCnuICpbnfau8CnAkACKeFfkj09DZW56y0Ib2vJB_0kINPuPs3CpWX.zrGEbjMvl1oZ50NMBP5VI; path=/; expires=Mon, 24-Mar-25 21:01:04 GMT; domain=.ubpages.com; HttpOnly; Secure; SameSite=None
                      X-Content-Type-Options: nosniff
                      Referrer-Policy: strict-origin-when-cross-origin
                      Content-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
                      Server: cloudflare
                      2025-03-24 20:31:04 UTC32INData Raw: 43 46 2d 52 41 59 3a 20 39 32 35 38 65 65 31 33 32 39 33 30 34 66 37 37 2d 45 57 52 0d 0a 0d 0a
                      Data Ascii: CF-RAY: 9258ee1329304f77-EWR
                      2025-03-24 20:31:04 UTC1369INData Raw: 32 33 65 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 3c 68 65 61 64 3e 3c 4d 45 54 41 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 3e 0a 20 20 20 20 20 20 3c 21 2d 2d 32 38 36 35 62 38 64 37 2d 37 63 36
                      Data Ascii: 23e4<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><META http-equiv="Content-Type" content="text/html; charset=UTF-8" > ...2865b8d7-7c6
                      2025-03-24 20:31:04 UTC1369INData Raw: 3a 72 65 6c 61 74 69 76 65 3b 0a 7d 0a 23 6c 70 2d 70 6f 6d 2d 69 6d 61 67 65 2d 31 34 20 7b 0a 20 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 0a 20 62 61 63 6b 67 72 6f 75 6e 64 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 30 29 3b 0a 20 6c 65 66 74 3a 31 35 70 78 3b 0a 20 74 6f 70 3a 39 38 70 78 3b 0a 20 7a 2d 69 6e 64 65 78 3a 31 3b 0a 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 0a 7d 0a 23 6c 70 2d 70 6f 6d 2d 62 75 74 74 6f 6e 2d 31 36 20 7b 0a 20 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 0a 20 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 0a 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 70 78 3b 0a 20 6c 65 66 74 3a 33 34 30 70 78 3b 0a 20 74 6f 70 3a 31 32 38 70 78 3b 0a 20 7a 2d 69 6e 64 65 78 3a 33 3b 0a 20 77 69 64
                      Data Ascii: :relative;}#lp-pom-image-14 { display:block; background:rgba(255,255,255,0); left:15px; top:98px; z-index:1; position:absolute;}#lp-pom-button-16 { display:block; border-style:none; border-radius:5px; left:340px; top:128px; z-index:3; wid
                      2025-03-24 20:31:04 UTC1369INData Raw: 68 74 3a 35 33 70 78 3b 0a 7d 0a 2e 6c 70 2d 70 6f 6d 2d 66 6f 72 6d 2d 66 69 65 6c 64 20 2e 75 62 2d 69 6e 70 75 74 2d 69 74 65 6d 2e 73 69 6e 67 6c 65 2e 66 6f 72 6d 5f 65 6c 65 6d 5f 70 61 73 73 77 6f 72 64 20 7b 0a 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 0a 20 74 6f 70 3a 31 39 70 78 3b 0a 20 6c 65 66 74 3a 30 70 78 3b 0a 20 77 69 64 74 68 3a 34 38 39 70 78 3b 0a 20 68 65 69 67 68 74 3a 33 34 70 78 3b 0a 7d 0a 23 6c 61 62 65 6c 5f 70 61 73 73 77 6f 72 64 20 7b 0a 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 0a 20 74 6f 70 3a 30 70 78 3b 0a 20 6c 65 66 74 3a 30 70 78 3b 0a 20 77 69 64 74 68 3a 34 38 39 70 78 3b 0a 20 68 65 69 67 68 74 3a 31 35 70 78 3b 0a 7d 0a 23 6c 70 2d 70 6f 6d 2d 62 75 74 74 6f 6e 2d 31 36 3a 68 6f 76
                      Data Ascii: ht:53px;}.lp-pom-form-field .ub-input-item.single.form_elem_password { position:absolute; top:19px; left:0px; width:489px; height:34px;}#label_password { position:absolute; top:0px; left:0px; width:489px; height:15px;}#lp-pom-button-16:hov
                      2025-03-24 20:31:04 UTC1369INData Raw: 2d 66 6f 72 6d 2d 66 69 65 6c 64 20 2e 6c 70 2d 66 6f 72 6d 2d 6c 61 62 65 6c 20 7b 0a 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 61 72 69 61 6c 3b 0a 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 3b 0a 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 0a 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 70 78 3b 0a 20 63 6f 6c 6f 72 3a 23 30 30 30 3b 0a 20 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 0a 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 34 70 78 3b 0a 20 77 69 64 74 68 3a 61 75 74 6f 3b 0a 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 30 70 78 3b 0a 7d 0a 23 6c 70 2d 70 6f 6d 2d 66 6f 72 6d 2d 31 35 20 2e 6c 70 2d 70 6f 6d 2d 66 6f 72 6d 2d 66 69 65 6c 64 20 2e 6c 70 2d 66 6f 72 6d 2d 6c 61 62 65 6c 20 2e 6c 61 62 65 6c 2d 73 74 79 6c 65 20 7b 0a 20 66 6f 6e
                      Data Ascii: -form-field .lp-form-label { font-family:arial; font-weight:400; font-size:14px; line-height:15px; color:#000; display:block; margin-bottom:4px; width:auto; margin-right:0px;}#lp-pom-form-15 .lp-pom-form-field .lp-form-label .label-style { fon
                      2025-03-24 20:31:04 UTC1369INData Raw: 2d 62 65 34 65 35 64 66 31 35 32 62 61 22 2c 22 76 61 72 69 61 6e 74 49 64 22 3a 22 61 22 2c 22 75 73 65 64 41 73 22 3a 22 6d 61 69 6e 22 2c 22 6e 61 6d 65 22 3a 22 42 6c 61 6e 6b 20 50 61 67 65 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 3a 2f 2f 73 63 68 6f 6f 6c 6d 6e 67 74 2e 75 62 70 61 67 65 73 2e 63 6f 6d 2f 6d 61 6e 61 67 65 6e 74 2f 22 2c 22 64 69 6d 65 6e 73 69 6f 6e 73 22 3a 7b 22 62 72 65 61 6b 70 6f 69 6e 74 73 22 3a 5b 22 64 65 73 6b 74 6f 70 22 5d 2c 22 64 65 73 6b 74 6f 70 22 3a 7b 22 68 65 69 67 68 74 22 3a 35 35 31 2c 22 77 69 64 74 68 22 3a 37 36 30 7d 7d 7d 2c 22 68 6f 6f 6b 73 22 3a 7b 22 62 65 66 6f 72 65 46 6f 72 6d 53 75 62 6d 69 74 22 3a 5b 5d 2c 22 61 66 74 65 72 46 6f 72 6d 53 75 62 6d 69 74 22 3a 5b 5d 7d 7d 3b 3c 2f 73 63 72 69 70
                      Data Ascii: -be4e5df152ba","variantId":"a","usedAs":"main","name":"Blank Page","url":"http://schoolmngt.ubpages.com/managent/","dimensions":{"breakpoints":["desktop"],"desktop":{"height":551,"width":760}}},"hooks":{"beforeFormSubmit":[],"afterFormSubmit":[]}};</scrip
                      2025-03-24 20:31:04 UTC1369INData Raw: 6c 65 6d 65 6e 74 20 6c 70 2d 70 6f 6d 2d 69 6d 61 67 65 22 20 69 64 3d 22 6c 70 2d 70 6f 6d 2d 69 6d 61 67 65 2d 31 34 22 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 70 2d 70 6f 6d 2d 69 6d 61 67 65 2d 63 6f 6e 74 61 69 6e 65 72 22 20 73 74 79 6c 65 3d 22 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 22 3e 3c 69 6d 67 20 73 72 63 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 67 69 66 3b 62 61 73 65 36 34 2c 52 30 6c 47 4f 44 6c 68 41 51 41 42 41 49 41 41 41 41 41 41 41 50 2f 2f 2f 79 48 35 42 41 45 41 41 41 41 41 4c 41 41 41 41 41 41 42 41 41 45 41 41 41 49 42 52 41 41 37 22 20 61 6c 74 3d 22 22 20 64 61 74 61 2d 73 72 63 2d 64 65 73 6b 74 6f 70 2d 31 78 3d 22 2f 2f 64 39 68 68 72 67 34 6d 6e 76 7a 6f 77 2e 63 6c 6f 75 64 66 72 6f 6e 74 2e 6e 65 74 2f 73 63
                      Data Ascii: lement lp-pom-image" id="lp-pom-image-14"><div class="lp-pom-image-container" style="overflow: hidden;"><img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" alt="" data-src-desktop-1x="//d9hhrg4mnvzow.cloudfront.net/sc
                      2025-03-24 20:31:04 UTC982INData Raw: 73 73 77 6f 72 64 22 20 72 65 71 75 69 72 65 64 3d 22 22 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 6c 70 2d 65 6c 65 6d 65 6e 74 20 6c 70 2d 70 6f 6d 2d 62 75 74 74 6f 6e 22 20 69 64 3d 22 6c 70 2d 70 6f 6d 2d 62 75 74 74 6f 6e 2d 31 36 22 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 61 62 65 6c 22 3e 3c 73 74 72 6f 6e 67 3e 4e 65 78 74 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 73 70 61 6e 3e 3c 2f 62 75 74 74 6f 6e 3e 3c 2f 66 6f 72 6d 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 70 2d 65 6c 65 6d 65 6e 74 20 6c 70 2d 70 6f 6d 2d 62 6c 6f 63 6b 22 20 69 64 3d 22 6c 70 2d 70 6f 6d 2d 62 6c 6f 63 6b 2d 31 31 22 3e 3c 64 69 76 20 69 64 3d 22 6c 70 2d
                      Data Ascii: ssword" required=""></div></div><button class="lp-element lp-pom-button" id="lp-pom-button-16" type="submit"><span class="label"><strong>Next</strong></span></button></form></div></div><div class="lp-element lp-pom-block" id="lp-pom-block-11"><div id="lp-
                      2025-03-24 20:31:04 UTC5INData Raw: 30 0d 0a 0d 0a
                      Data Ascii: 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      1192.168.2.749690104.18.41.1374431864C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-24 20:31:04 UTC1022OUTGET /assets/d5046483-1668-4739-a080-17dfa8f93d47/googleeee.original.png?1742835208 HTTP/1.1
                      Host: schoolmngt.ubpages.com
                      Connection: keep-alive
                      sec-ch-ua-platform: "Windows"
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: image
                      Referer: https://schoolmngt.ubpages.com/managent/
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      Cookie: ubvs=29666bf2-d1ad-44a5-af17-c44eff30603c; ubvt=v2%7C29666bf2-d1ad-44a5-af17-c44eff30603c%7C2865b8d7-7c69-4393-98fa-be4e5df152ba%3Aa%3Asingle%3Asingle; __cf_bm=xTUxLBnJvQhkgoFuBkN3yvUL7S8Y0Ld_J4TWfRMEJzs-1742848264-1.0.1.1-8VC2I0EcZIe9yZ44JWwIkMoQZqYyybcrCnuICpbnfau8CnAkACKeFfkj09DZW56y0Ib2vJB_0kINPuPs3CpWX.zrGEbjMvl1oZ50NMBP5VI
                      2025-03-24 20:31:04 UTC342INHTTP/1.1 404 Not Found
                      Date: Mon, 24 Mar 2025 20:31:04 GMT
                      Content-Type: text/html
                      Content-Length: 47
                      Connection: close
                      X-Content-Type-Options: nosniff
                      Referrer-Policy: strict-origin-when-cross-origin
                      Content-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
                      Server: cloudflare
                      CF-RAY: 9258ee14996b9187-EWR
                      2025-03-24 20:31:04 UTC47INData Raw: 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e
                      Data Ascii: The requested URL was not found on this server.


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      2192.168.2.749694104.18.41.1374431864C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-24 20:31:04 UTC942OUTGET /_ub/static/ts/786ffa188154a7a81202c5d108dc70f1e0214262.js HTTP/1.1
                      Host: schoolmngt.ubpages.com
                      Connection: keep-alive
                      sec-ch-ua-platform: "Windows"
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      Accept: */*
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: script
                      Referer: https://schoolmngt.ubpages.com/managent/
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      Cookie: ubvs=29666bf2-d1ad-44a5-af17-c44eff30603c; ubvt=v2%7C29666bf2-d1ad-44a5-af17-c44eff30603c%7C2865b8d7-7c69-4393-98fa-be4e5df152ba%3Aa%3Asingle%3Asingle; __cf_bm=xTUxLBnJvQhkgoFuBkN3yvUL7S8Y0Ld_J4TWfRMEJzs-1742848264-1.0.1.1-8VC2I0EcZIe9yZ44JWwIkMoQZqYyybcrCnuICpbnfau8CnAkACKeFfkj09DZW56y0Ib2vJB_0kINPuPs3CpWX.zrGEbjMvl1oZ50NMBP5VI
                      2025-03-24 20:31:05 UTC770INHTTP/1.1 200 OK
                      Date: Mon, 24 Mar 2025 20:31:05 GMT
                      Content-Type: application/javascript
                      Transfer-Encoding: chunked
                      Connection: close
                      Last-Modified: Wed, 23 Oct 2024 21:59:14 GMT
                      ETag: W/"a29b73706e355af9cecf33791dd81c03"
                      x-amz-server-side-encryption: AES256
                      Cache-Control: public, max-age=31536000
                      x-amz-version-id: Gs6AC.4YTqhBRS9cAYuxlXQ5U5YOYxx2
                      Vary: Accept-Encoding
                      X-Cache: Hit from cloudfront
                      Via: 1.1 dee6858c751ff64f8ae28f155bee69b2.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: EWR53-C2
                      X-Amz-Cf-Id: NpBqiUWqPxX-rT6uZ95TyPRYQU5tck6ljnxsPM33DghM9G5J83x8tg==
                      Age: 1075753
                      Referrer-Policy: no-referrer
                      CF-Cache-Status: HIT
                      Expires: Tue, 24 Mar 2026 20:31:05 GMT
                      X-Content-Type-Options: nosniff
                      Server: cloudflare
                      CF-RAY: 9258ee186d793902-EWR
                      2025-03-24 20:31:05 UTC599INData Raw: 37 63 39 64 0d 0a 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 74 72 61 63 6b 65 72 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 7b 33 36 36 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6e 3d 7b 75 74 66 38 3a 7b 73 74 72 69 6e 67 54 6f 42 79 74 65 73 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 2e 62 69 6e 2e 73 74 72 69 6e 67 54 6f 42 79 74 65 73 28 75 6e 65 73 63 61 70 65 28 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 65 29 29 29 7d 2c 62 79 74 65 73 54 6f 53 74 72 69 6e 67 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 64 65 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65
                      Data Ascii: 7c9d/*! For license information please see tracker.js.LICENSE.txt */!function(){var e={366:function(e){var n={utf8:{stringToBytes:function(e){return n.bin.stringToBytes(unescape(encodeURIComponent(e)))},bytesToString:function(e){return decodeURICompone
                      2025-03-24 20:31:05 UTC1369INData Raw: 31 32 33 34 35 36 37 38 39 2b 2f 22 2c 74 3d 7b 72 6f 74 6c 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 72 65 74 75 72 6e 20 65 3c 3c 6e 7c 65 3e 3e 3e 33 32 2d 6e 7d 2c 72 6f 74 72 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 72 65 74 75 72 6e 20 65 3c 3c 33 32 2d 6e 7c 65 3e 3e 3e 6e 7d 2c 65 6e 64 69 61 6e 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 4e 75 6d 62 65 72 29 72 65 74 75 72 6e 20 31 36 37 31 31 39 33 35 26 74 2e 72 6f 74 6c 28 65 2c 38 29 7c 34 32 37 38 32 35 35 33 36 30 26 74 2e 72 6f 74 6c 28 65 2c 32 34 29 3b 66 6f 72 28 76 61 72 20 6e 3d 30 3b 6e 3c 65 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 65 5b 6e 5d 3d 74 2e 65 6e 64 69 61 6e 28 65 5b 6e 5d 29 3b 72 65 74 75 72 6e 20 65 7d 2c 72 61 6e 64
                      Data Ascii: 123456789+/",t={rotl:function(e,n){return e<<n|e>>>32-n},rotr:function(e,n){return e<<32-n|e>>>n},endian:function(e){if(e.constructor==Number)return 16711935&t.rotl(e,8)|4278255360&t.rotl(e,24);for(var n=0;n<e.length;n++)e[n]=t.endian(e[n]);return e},rand
                      2025-03-24 20:31:05 UTC1369INData Raw: 3d 74 79 70 65 6f 66 20 42 75 66 66 65 72 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 42 75 66 66 65 72 2e 69 73 42 75 66 66 65 72 26 26 42 75 66 66 65 72 2e 69 73 42 75 66 66 65 72 28 65 29 3f 65 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 65 2c 30 29 3a 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 29 7c 7c 28 65 3d 65 2e 74 6f 53 74 72 69 6e 67 28 29 29 3b 76 61 72 20 6e 3d 72 2e 62 79 74 65 73 54 6f 57 6f 72 64 73 28 65 29 2c 74 3d 38 2a 65 2e 6c 65 6e 67 74 68 2c 69 3d 5b 5d 2c 61 3d 31 37 33 32 35 38 34 31 39 33 2c 63 3d 2d 32 37 31 37 33 33 38 37 39 2c 75 3d 2d 31 37 33 32 35 38 34 31 39 34 2c 73 3d 32 37 31 37 33 33 38 37 38 2c 6c 3d 2d 31 30 30 39 35 38 39 37 37 36 3b 6e 5b 74 3e 3e 35 5d
                      Data Ascii: =typeof Buffer&&"function"==typeof Buffer.isBuffer&&Buffer.isBuffer(e)?e=Array.prototype.slice.call(e,0):Array.isArray(e)||(e=e.toString());var n=r.bytesToWords(e),t=8*e.length,i=[],a=1732584193,c=-271733879,u=-1732584194,s=271733878,l=-1009589776;n[t>>5]
                      2025-03-24 20:31:05 UTC1369INData Raw: 6c 75 65 73 2e 62 69 6e 64 28 6d 73 43 72 79 70 74 6f 29 3b 69 66 28 6e 29 7b 76 61 72 20 74 3d 6e 65 77 20 55 69 6e 74 38 41 72 72 61 79 28 31 36 29 3b 65 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 28 74 29 2c 74 7d 7d 65 6c 73 65 7b 76 61 72 20 72 3d 6e 65 77 20 41 72 72 61 79 28 31 36 29 3b 65 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 65 2c 6e 3d 30 3b 6e 3c 31 36 3b 6e 2b 2b 29 30 3d 3d 28 33 26 6e 29 26 26 28 65 3d 34 32 39 34 39 36 37 32 39 36 2a 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 29 2c 72 5b 6e 5d 3d 65 3e 3e 3e 28 28 33 26 6e 29 3c 3c 33 29 26 32 35 35 3b 72 65 74 75 72 6e 20 72 7d 7d 7d 2c 36 37 39 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 2c 74 29 7b 76 61 72 20
                      Data Ascii: lues.bind(msCrypto);if(n){var t=new Uint8Array(16);e.exports=function(){return n(t),t}}else{var r=new Array(16);e.exports=function(){for(var e,n=0;n<16;n++)0==(3&n)&&(e=4294967296*Math.random()),r[n]=e>>>((3&n)<<3)&255;return r}}},679:function(e,n,t){var
                      2025-03-24 20:31:05 UTC1369INData Raw: 28 76 6f 69 64 20 30 21 3d 3d 6f 29 72 65 74 75 72 6e 20 6f 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 69 3d 6e 5b 72 5d 3d 7b 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 65 5b 72 5d 28 69 2c 69 2e 65 78 70 6f 72 74 73 2c 74 29 2c 69 2e 65 78 70 6f 72 74 73 7d 74 2e 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6e 3d 65 26 26 65 2e 5f 5f 65 73 4d 6f 64 75 6c 65 3f 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 2e 64 65 66 61 75 6c 74 7d 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 3b 72 65 74 75 72 6e 20 74 2e 64 28 6e 2c 7b 61 3a 6e 7d 29 2c 6e 7d 2c 74 2e 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 66 6f 72 28 76 61 72 20 72 20 69 6e 20 6e 29 74 2e 6f 28 6e 2c 72 29 26 26 21 74 2e 6f 28 65 2c 72 29 26 26
                      Data Ascii: (void 0!==o)return o.exports;var i=n[r]={exports:{}};return e[r](i,i.exports,t),i.exports}t.n=function(e){var n=e&&e.__esModule?function(){return e.default}:function(){return e};return t.d(n,{a:n}),n},t.d=function(e,n){for(var r in n)t.o(n,r)&&!t.o(e,r)&&
                      2025-03-24 20:31:05 UTC1369INData Raw: 6f 6e 50 72 6f 63 65 73 73 6f 72 3a 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 65 3d 6e 7d 2c 62 75 69 6c 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 7c 7c 65 28 74 68 69 73 2c 72 2c 6f 29 2c 6e 7d 7d 7d 66 75 6e 63 74 69 6f 6e 20 61 28 65 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 74 2c 72 2c 69 29 7b 66 6f 72 28 76 61 72 20 61 3d 66 75 6e 63 74 69 6f 6e 28 6e 2c 72 2c 69 29 7b 76 61 72 20 61 2c 63 3d 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 6e 29 3b 65 3f 74 2e 61 64 64 28 72 2c 28 61 3d 63 29 3f 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6e 2c 74 2c 72 2c 69 2c 61 2c 63 3d 30 2c 75 3d 30 2c 73 3d 5b 5d 3b 69 66 28 21 65 29 72 65 74 75 72 6e 20 65 3b 65 3d 75 6e 65 73 63 61 70 65 28 65 6e 63 6f 64 65 55
                      Data Ascii: onProcessor:function(n){e=n},build:function(){return null==e||e(this,r,o),n}}}function a(e){return function(t,r,i){for(var a=function(n,r,i){var a,c=JSON.stringify(n);e?t.add(r,(a=c)?function(e){var n,t,r,i,a,c=0,u=0,s=[];if(!e)return e;e=unescape(encodeU
                      2025-03-24 20:31:05 UTC1369INData Raw: 2c 75 3d 76 6f 69 64 20 30 2c 73 3d 30 2c 6c 3d 72 3b 73 3c 6c 2e 6c 65 6e 67 74 68 3b 73 2b 2b 29 7b 76 61 72 20 66 3d 6c 5b 73 5d 3b 22 63 78 22 3d 3d 3d 66 2e 6b 65 79 49 66 45 6e 63 6f 64 65 64 3f 75 3d 63 28 75 2c 66 2e 6a 73 6f 6e 29 3a 61 28 66 2e 6a 73 6f 6e 2c 66 2e 6b 65 79 49 66 45 6e 63 6f 64 65 64 2c 66 2e 6b 65 79 49 66 4e 6f 74 45 6e 63 6f 64 65 64 29 7d 72 2e 6c 65 6e 67 74 68 3d 30 2c 69 2e 6c 65 6e 67 74 68 26 26 28 75 3d 63 28 75 2c 7b 73 63 68 65 6d 61 3a 22 69 67 6c 75 3a 63 6f 6d 2e 73 6e 6f 77 70 6c 6f 77 61 6e 61 6c 79 74 69 63 73 2e 73 6e 6f 77 70 6c 6f 77 2f 63 6f 6e 74 65 78 74 73 2f 6a 73 6f 6e 73 63 68 65 6d 61 2f 31 2d 30 2d 30 22 2c 64 61 74 61 3a 6e 28 5b 5d 2c 69 2c 21 30 29 7d 29 2c 69 2e 6c 65 6e 67 74 68 3d 30 29 2c 75
                      Data Ascii: ,u=void 0,s=0,l=r;s<l.length;s++){var f=l[s];"cx"===f.keyIfEncoded?u=c(u,f.json):a(f.json,f.keyIfEncoded,f.keyIfNotEncoded)}r.length=0,i.length&&(u=c(u,{schema:"iglu:com.snowplowanalytics.snowplow/contexts/jsonschema/1-0-0",data:n([],i,!0)}),i.length=0),u
                      2025-03-24 20:31:05 UTC1369INData Raw: 2b 2b 29 74 5b 72 2d 31 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 72 5d 3b 66 3e 3d 73 2e 69 6e 66 6f 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 63 6f 6e 73 6f 6c 65 26 26 63 6f 6e 73 6f 6c 65 2e 69 6e 66 6f 2e 61 70 70 6c 79 28 63 6f 6e 73 6f 6c 65 2c 6e 28 5b 6c 2b 65 5d 2c 74 2c 21 31 29 29 7d 7d 29 3b 66 75 6e 63 74 69 6f 6e 20 76 28 29 7b 76 61 72 20 65 3d 5b 5d 2c 6e 3d 5b 5d 3b 72 65 74 75 72 6e 7b 67 65 74 47 6c 6f 62 61 6c 50 72 69 6d 69 74 69 76 65 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 2c 67 65 74 43 6f 6e 64 69 74 69 6f 6e 61 6c 50 72 6f 76 69 64 65 72 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 7d 2c 61 64 64 47 6c 6f 62 61 6c 43 6f 6e 74 65 78 74 73 3a 66 75 6e 63 74 69 6f 6e 28
                      Data Ascii: ++)t[r-1]=arguments[r];f>=s.info&&"undefined"!=typeof console&&console.info.apply(console,n([l+e],t,!1))}});function v(){var e=[],n=[];return{getGlobalPrimitives:function(){return e},getConditionalProviders:function(){return n},addGlobalContexts:function(
                      2025-03-24 20:31:05 UTC1369INData Raw: 72 2b 2b 3b 76 61 72 20 69 3d 65 2e 72 65 6a 65 63 74 3b 72 65 74 75 72 6e 20 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 69 29 3f 65 2e 72 65 6a 65 63 74 2e 73 6f 6d 65 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 54 28 65 2c 6e 29 7d 29 29 26 26 74 2b 2b 3a 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 69 26 26 54 28 69 2c 6e 29 26 26 74 2b 2b 2c 72 3e 30 26 26 30 3d 3d 3d 74 7d 28 65 5b 30 5d 2c 72 29 29 72 65 74 75 72 6e 20 49 28 65 5b 31 5d 2c 6e 2c 74 2c 72 29 3b 72 65 74 75 72 6e 5b 5d 7d 28 65 2c 6e 2c 74 2c 72 29 3b 69 66 28 6f 26 26 30 21 3d 3d 6f 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 20 6f 7d 29 29 3b 72 65 74 75 72 6e 28 6f 3d 5b 5d 29 2e 63 6f 6e 63 61 74 2e 61 70 70 6c 79 28 6f 2c 69 2e 66 69 6c 74 65 72 28 28 66 75
                      Data Ascii: r++;var i=e.reject;return Array.isArray(i)?e.reject.some((function(e){return T(e,n)}))&&t++:"string"==typeof i&&T(i,n)&&t++,r>0&&0===t}(e[0],r))return I(e[1],n,t,r);return[]}(e,n,t,r);if(o&&0!==o.length)return o}));return(o=[]).concat.apply(o,i.filter((fu
                      2025-03-24 20:31:05 UTC1369INData Raw: 79 28 62 29 3a 77 28 65 5b 30 5d 29 26 26 62 28 65 5b 31 5d 29 29 7d 66 75 6e 63 74 69 6f 6e 20 53 28 65 29 7b 72 65 74 75 72 6e 21 28 21 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 29 7c 7c 32 21 3d 3d 65 2e 6c 65 6e 67 74 68 29 26 26 21 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6e 3d 65 2c 74 3d 30 3b 69 66 28 6e 75 6c 6c 21 3d 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 21 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 29 29 7b 69 66 28 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 6e 2c 22 61 63 63 65 70 74 22 29 29 7b 69 66 28 21 68 28 6e 2e 61 63 63 65 70 74 29 29 72 65 74 75 72 6e 21 31 3b 74 2b 3d 31 7d 69 66 28 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74
                      Data Ascii: y(b):w(e[0])&&b(e[1]))}function S(e){return!(!Array.isArray(e)||2!==e.length)&&!!function(e){var n=e,t=0;if(null!=e&&"object"==typeof e&&!Array.isArray(e)){if(Object.prototype.hasOwnProperty.call(n,"accept")){if(!h(n.accept))return!1;t+=1}if(Object.protot


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      3192.168.2.74969318.238.80.204431864C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-24 20:31:05 UTC620OUTGET /published-css/main-ebbfc5e.z.css HTTP/1.1
                      Host: builder-assets.unbounce.com
                      Connection: keep-alive
                      sec-ch-ua-platform: "Windows"
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      Accept: text/css,*/*;q=0.1
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: style
                      Sec-Fetch-Storage-Access: active
                      Referer: https://schoolmngt.ubpages.com/
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-24 20:31:05 UTC656INHTTP/1.1 200 OK
                      Content-Type: text/css
                      Content-Length: 2944
                      Connection: close
                      Date: Mon, 24 Mar 2025 20:31:06 GMT
                      Last-Modified: Mon, 24 Mar 2025 18:03:26 GMT
                      ETag: "39fefdffde049f459a5268ac38054b39"
                      x-amz-server-side-encryption: AES256
                      Cache-Control: max-age=31536000
                      Content-Encoding: gzip
                      x-amz-version-id: fTxJ7t0ok557dn_kmw2_5vs7RIbVea6b
                      Accept-Ranges: bytes
                      Server: AmazonS3
                      X-Cache: Miss from cloudfront
                      Via: 1.1 891301f67eeb14db1b941c87f006cfaa.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: JFK52-P5
                      X-Amz-Cf-Id: F3jWEZH6lzjXJ8hKCIN_Vt5gA0Adj3Z3eilZztBu4GuKlSRP0JRahA==
                      Referrer-Policy: no-referrer
                      X-Content-Type-Options: nosniff
                      2025-03-24 20:31:05 UTC2944INData Raw: 1f 8b 08 08 69 9e e1 67 00 03 6d 61 69 6e 2e 63 73 73 00 c5 5b e9 92 a3 38 12 fe bf 4f c1 76 c7 46 57 75 80 c7 1c be 70 cc c4 ee ff 7d 82 9d e8 e8 10 48 36 da 92 81 06 b9 ca d5 84 e7 d9 57 12 87 25 24 83 5c 7b f5 44 4c 1b 91 99 ca f3 4b 01 d9 10 bf 2e 48 e9 95 c5 c9 ab 8a 82 3a fd c5 a1 a8 d8 ff 30 22 70 41 d0 11 a4 ef 4d 59 d4 98 e2 22 8f 41 52 17 e4 4c d1 9e a0 03 8d 97 7b 5a 94 ec ff 27 50 1d 71 ee 25 05 a5 c5 29 f6 83 f2 72 85 b6 b2 1d 02 12 44 66 76 78 40 5c 8d 08 4a e9 9c c6 25 80 10 e7 c7 41 77 f6 23 29 2a 88 aa d8 2f 2f 0e e3 c0 d0 f9 bc 5e af 1f de d8 29 4a be 6d 33 6c b0 08 d0 e9 01 29 14 5d 28 a8 10 70 ed 59 70 5e 9e e9 ef f4 bd 44 bf 72 ee 6f ff 07 db c7 2a c4 b1 77 2a 7e 32 c2 f4 5c 7b 38 cf 51 75 73 48 bf 59 5e e4 e8 61 f7 fe 17 04 2f da 88
                      Data Ascii: igmain.css[8OvFWup}H6W%$\{DLK.H:0"pAMY"ARL{Z'Pq%)rDfvx@\J%Aw#)*//^)Jm3l)](pYp^Dro*w*~2\{8QusHY^a/


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      4192.168.2.74969518.238.80.204431864C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-24 20:31:05 UTC611OUTGET /published-js/main.bundle-f4428e5.z.js HTTP/1.1
                      Host: builder-assets.unbounce.com
                      Connection: keep-alive
                      sec-ch-ua-platform: "Windows"
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      Accept: */*
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: script
                      Sec-Fetch-Storage-Access: active
                      Referer: https://schoolmngt.ubpages.com/
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-24 20:31:05 UTC671INHTTP/1.1 200 OK
                      Content-Type: application/javascript
                      Content-Length: 41663
                      Connection: close
                      Date: Mon, 24 Mar 2025 20:31:06 GMT
                      Last-Modified: Mon, 24 Mar 2025 18:03:22 GMT
                      ETag: "a942d0203943698fdcb45c73a57fe5a1"
                      x-amz-server-side-encryption: AES256
                      Cache-Control: max-age=31536000
                      Content-Encoding: gzip
                      x-amz-version-id: zRedflaPKCJEETb_d7jW6gI6h1uvS9qS
                      Accept-Ranges: bytes
                      Server: AmazonS3
                      X-Cache: Miss from cloudfront
                      Via: 1.1 08c43f80b07f0023f38f7f0e417359b4.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: JFK52-P5
                      X-Amz-Cf-Id: elx7TDZ-h1a7TNDj00-5BFX1GotX5Vyqj8huX3B7z3AmCa1ANbQBrQ==
                      Referrer-Policy: no-referrer
                      X-Content-Type-Options: nosniff
                      2025-03-24 20:31:05 UTC14588INData Raw: 1f 8b 08 08 69 9e e1 67 00 03 6d 61 69 6e 2e 62 75 6e 64 6c 65 2e 6a 73 00 ec 5b 0b 73 db 46 92 fe 2b 22 f6 4e 05 84 23 88 52 b2 7b 09 68 14 d7 71 9c dd 5c d9 b1 2f 72 2e 55 47 31 2a 90 1c 8a b3 06 31 cc 60 60 59 2b 72 7f fb 7d 3d 0f 0c f8 90 9d b8 72 55 7b 75 57 a5 a2 80 79 f6 f4 f4 e3 eb 9e 41 6f d1 54 33 2d 64 15 57 c9 c3 bb 42 9d a8 fc 61 3b f4 85 27 32 e6 b6 58 0f 15 d7 8d aa 62 35 e6 93 cd 26 d6 39 3d e4 0f 22 e3 ac cc 7a 17 8c bf 5f 4b a5 eb ec 61 bb 65 15 aa d2 59 51 96 b1 4e 5d 39 d3 2c 3c cb 04 2f 65 de 1b 30 9d 24 be 74 2b d3 55 5e 31 99 ce 72 85 df 79 de 52 c6 d1 19 d4 c9 54 d2 63 b2 d9 bc 9a fe 8d cf 74 3a e7 0b 51 f1 d7 4a ae b9 d2 f7 a6 d9 03 af 9a 15 57 c5 b4 e4 19 86 bf e5 3a ab b6 c9 16 e3 a9 ce 78 c9 43 d4 54 b6 f7 3c ea e5 fa 7e cd e5
                      Data Ascii: igmain.bundle.js[sF+"N#R{hq\/r.UG1*1``Y+r}=rU{uWyAoT3-dWBa;'2Xb5&9="z_KaeYQN]9,</e0$t+U^1ryRTct:QJW:xCT<~
                      2025-03-24 20:31:05 UTC2302INData Raw: 78 5e 95 f8 e9 c7 30 6f 34 3a df 97 6a ed 7f 3f d3 5a c2 6a b2 cb 00 0e b1 15 05 02 cc 8e ef 8c c4 c6 03 57 3d a1 16 8d a1 8e b8 5a eb c8 d5 12 b0 b3 2b 5f 7b c3 6a 57 04 90 c0 eb 64 f2 ce 66 ff 66 42 2c 0c b6 ac 34 29 9a b0 c8 61 f7 1f 81 9c bb 52 7b ca ba 6a 0d 35 ca 2e 22 25 75 5a 8f a5 6f 3d db f4 0c 2e 88 6b bf 3a ac 8e c3 a3 5a f9 84 86 8d c8 0b 75 21 ed ca 6c b0 6b 4f e3 f9 10 b1 4c 41 a4 aa c9 1e 07 86 ee b7 55 1a 73 2f 79 a5 d5 f8 36 11 4d 7a bf d2 18 0c 47 90 e1 bc 4c 39 14 27 73 d6 12 52 13 aa f8 c6 ad 3d 8f 84 e3 0d dd 22 cc f4 a4 2b 2c 1c bb 36 b1 a8 37 16 30 00 74 68 bd ca b0 36 55 7e 6b 26 66 11 8b 0a 5c 59 c9 16 f6 e0 af e9 45 f5 76 9e fa 67 37 ab 41 c9 d6 c1 54 e8 37 ed b0 0f 95 33 b0 45 7a 17 f0 b1 34 2d cf 54 46 07 2a 54 5b 5e c0 5b e6
                      Data Ascii: x^0o4:j?ZjW=Z+_{jWdffB,4)aR{j5."%uZo=.k:Zu!lkOLAUs/y6MzGL9'sR="+,670th6U~k&f\YEvg7AT73Ez4-TF*T[^[
                      2025-03-24 20:31:05 UTC16384INData Raw: b5 50 ca 2e 5b e5 3a b0 6c aa 90 08 97 06 7e 08 b7 7a e6 82 2d 95 6f 87 57 6b 6a 08 dc a8 89 dd 21 79 06 08 fd 08 d7 23 df 5e 06 a7 10 b6 99 d0 c5 d2 3b 77 68 1e 03 9a e7 24 ac 88 da ae c0 dd 8b c2 de 20 3a d4 06 39 3b 3b 91 58 1a ab 30 a3 e5 c4 77 03 a5 72 12 9f 5e 5f 6f ad f4 0f 62 3a 56 0c 96 4f 0d 3f 17 e2 8e 09 78 06 2c c7 85 4a 44 f7 3d 69 4c 85 db 13 7c 44 bc da ca e0 eb 0b f4 69 90 25 5a 4a e2 83 ed 6d 27 8f a6 49 66 52 ae af 11 43 8d 51 aa a1 2b 95 94 10 e4 31 5e 2c cb 4b 61 55 d3 2c a8 fe 19 22 25 c9 a2 43 53 99 9b 8c 44 c3 c6 56 fe a1 7e b2 33 60 7e 02 eb 17 ae 39 d9 86 b7 d0 6d 56 e5 7a 80 20 4c d2 55 ac 83 fd 6c 15 3a 4d 04 2f 61 12 b8 bb a0 f3 2e 59 8a 78 50 f2 53 7d 65 24 a3 ff ad ba 12 c5 8e 64 eb ad 3e 89 d5 bd c1 f4 70 6e 26 6e 2a 06 78
                      Data Ascii: P.[:l~z-oWkj!y#^;wh$ :9;;X0wr^_ob:VO?x,JD=iL|Di%ZJm'IfRCQ+1^,KaU,"%CSDV~3`~9mVz LUl:M/a.YxPS}e$d>pn&n*x
                      2025-03-24 20:31:05 UTC8389INData Raw: 3f 68 6f 4e ed eb 07 b2 3d 7a 17 6c 09 b7 94 b2 5f 2f ef 4b 8d 15 2d 45 84 86 29 d1 86 f9 fe ed bb 1b a7 d5 77 59 29 25 89 a7 ea 9e 42 dc 2b 6c 6f e7 dd 8a 1c 52 6b f8 81 40 bc e6 57 c0 05 53 03 51 19 87 83 a0 7e f8 6d ea 6c f3 5e 2a ae 05 91 c7 77 22 36 3c 0b bd ac 91 11 14 f1 55 3e 79 2c e8 75 96 77 85 72 27 10 88 d9 ea 08 fd 08 9e c9 98 70 dc c0 31 e9 c5 f8 55 65 f6 bf 0c 36 9e f1 22 c3 57 75 1e a3 bf 99 8a ed f7 e5 5a da b7 98 d4 83 30 11 4c 29 2f aa 03 bd c8 d5 32 5c a7 0d f6 32 51 e5 dd 32 1c b7 9e 56 f9 6d 74 6b 13 c3 d1 e0 0d c1 b3 49 79 53 b0 6e 0c ef 6c 0b bb 7e 41 09 35 69 97 83 b7 d4 e5 5d 7f 2e 32 56 05 5e 7f 26 52 2b 12 af 1f 87 fd f8 e0 3e 9b d5 53 31 ee cc 17 8f d1 7b 9a 24 c8 4f 69 53 bb d8 be 07 2b 06 ba bf 07 c9 65 0a 26 22 7b 4b ca 6b
                      Data Ascii: ?hoN=zl_/K-E)wY)%B+loRk@WSQ~ml^*w"6<U>y,uwr'p1Ue6"WuZ0L)/2\2Q2VmtkIySnl~A5i].2V^&R+>S1{$OiS+e&"{Kk


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      5192.168.2.749696104.18.41.1374431864C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-24 20:31:05 UTC981OUTPOST /_ub/i HTTP/1.1
                      Host: schoolmngt.ubpages.com
                      Connection: keep-alive
                      Content-Length: 1122
                      sec-ch-ua-platform: "Windows"
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      Content-Type: application/json
                      sec-ch-ua-mobile: ?0
                      Accept: */*
                      Origin: https://schoolmngt.ubpages.com
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: empty
                      Referer: https://schoolmngt.ubpages.com/managent/
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      Cookie: ubvs=29666bf2-d1ad-44a5-af17-c44eff30603c; ubvt=v2%7C29666bf2-d1ad-44a5-af17-c44eff30603c%7C2865b8d7-7c69-4393-98fa-be4e5df152ba%3Aa%3Asingle%3Asingle; __cf_bm=xTUxLBnJvQhkgoFuBkN3yvUL7S8Y0Ld_J4TWfRMEJzs-1742848264-1.0.1.1-8VC2I0EcZIe9yZ44JWwIkMoQZqYyybcrCnuICpbnfau8CnAkACKeFfkj09DZW56y0Ib2vJB_0kINPuPs3CpWX.zrGEbjMvl1oZ50NMBP5VI
                      2025-03-24 20:31:05 UTC1122OUTData Raw: 7b 22 73 63 68 65 6d 61 22 3a 22 69 67 6c 75 3a 63 6f 6d 2e 73 6e 6f 77 70 6c 6f 77 61 6e 61 6c 79 74 69 63 73 2e 73 6e 6f 77 70 6c 6f 77 2f 70 61 79 6c 6f 61 64 5f 64 61 74 61 2f 6a 73 6f 6e 73 63 68 65 6d 61 2f 31 2d 30 2d 34 22 2c 22 64 61 74 61 22 3a 5b 7b 22 65 22 3a 22 70 76 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 73 63 68 6f 6f 6c 6d 6e 67 74 2e 75 62 70 61 67 65 73 2e 63 6f 6d 2f 6d 61 6e 61 67 65 6e 74 2f 22 2c 22 65 69 64 22 3a 22 35 34 37 32 64 62 62 36 2d 39 34 37 38 2d 34 39 64 34 2d 61 30 38 35 2d 35 62 63 31 39 65 34 62 32 36 39 35 22 2c 22 74 76 22 3a 22 6a 73 2d 33 2e 31 35 2e 30 22 2c 22 74 6e 61 22 3a 22 73 70 2d 75 62 22 2c 22 61 69 64 22 3a 22 6c 61 6e 64 69 6e 67 5f 70 61 67 65 22 2c 22 70 22 3a 22 77 65 62 22 2c 22 63 6f
                      Data Ascii: {"schema":"iglu:com.snowplowanalytics.snowplow/payload_data/jsonschema/1-0-4","data":[{"e":"pv","url":"https://schoolmngt.ubpages.com/managent/","eid":"5472dbb6-9478-49d4-a085-5bc19e4b2695","tv":"js-3.15.0","tna":"sp-ub","aid":"landing_page","p":"web","co
                      2025-03-24 20:31:05 UTC491INHTTP/1.1 200 OK
                      Date: Mon, 24 Mar 2025 20:31:05 GMT
                      Content-Type: text/plain; charset=UTF-8
                      Content-Length: 2
                      Connection: close
                      P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
                      Access-Control-Allow-Origin: https://schoolmngt.ubpages.com
                      Access-Control-Allow-Credentials: true
                      cf-cache-status: DYNAMIC
                      Referrer-Policy: no-referrer
                      Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
                      Server: cloudflare
                      CF-RAY: 9258ee1c8b6442d8-EWR
                      2025-03-24 20:31:05 UTC2INData Raw: 6f 6b
                      Data Ascii: ok


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      6192.168.2.749689142.250.65.1964431864C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-24 20:31:05 UTC579OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1
                      Host: www.google.com
                      Connection: keep-alive
                      X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIkqHLAQiKo8sBCIWgzQEI9s/OAQjJ0c4BCIHWzgEIydzOAQiE4M4BCKLkzgEIr+TOAQjp5M4B
                      Sec-Fetch-Site: none
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: empty
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-24 20:31:05 UTC1303INHTTP/1.1 200 OK
                      Date: Mon, 24 Mar 2025 20:31:05 GMT
                      Pragma: no-cache
                      Expires: -1
                      Cache-Control: no-cache, must-revalidate
                      Content-Type: text/javascript; charset=UTF-8
                      Strict-Transport-Security: max-age=31536000
                      Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-GQ_Xw3GUUij_sB0q_Fqd4g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                      Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                      Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                      Accept-CH: Sec-CH-Prefers-Color-Scheme
                      Accept-CH: Downlink
                      Accept-CH: RTT
                      Accept-CH: Sec-CH-UA-Form-Factors
                      Accept-CH: Sec-CH-UA-Platform
                      Accept-CH: Sec-CH-UA-Platform-Version
                      Accept-CH: Sec-CH-UA-Full-Version
                      Accept-CH: Sec-CH-UA-Arch
                      Accept-CH: Sec-CH-UA-Model
                      Accept-CH: Sec-CH-UA-Bitness
                      Accept-CH: Sec-CH-UA-Full-Version-List
                      Accept-CH: Sec-CH-UA-WoW64
                      Permissions-Policy: unload=()
                      Content-Disposition: attachment; filename="f.txt"
                      Server: gws
                      X-XSS-Protection: 0
                      X-Frame-Options: SAMEORIGIN
                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                      Accept-Ranges: none
                      Vary: Accept-Encoding
                      Connection: close
                      Transfer-Encoding: chunked
                      2025-03-24 20:31:05 UTC1303INData Raw: 65 30 36 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 62 69 6c 6c 20 63 68 69 73 68 6f 6c 6d 20 63 65 6c 74 69 63 73 22 2c 22 61 73 73 61 73 73 69 6e 20 63 72 65 65 64 20 73 68 61 64 6f 77 73 22 2c 22 62 6f 65 69 6e 67 20 66 69 67 68 74 65 72 20 6a 65 74 73 20 66 20 34 37 22 2c 22 64 61 69 72 79 20 71 75 65 65 6e 20 62 6c 69 7a 7a 61 72 64 73 20 38 35 20 63 65 6e 74 73 22 2c 22 31 39 32 33 20 73 65 61 73 6f 6e 20 32 20 65 70 69 73 6f 64 65 20 35 22 2c 22 66 69 6e 63 65 6e 20 62 6f 69 20 72 65 70 6f 72 74 69 6e 67 22 2c 22 6f 6b 63 20 74 68 75 6e 64 65 72 20 6c 61 20 63 6c 69 70 70 65 72 73 22 2c 22 61 70 70 6c 65 20 69 70 68 6f 6e 65 20 31 37 20 70 72 6f 20 6d 61 78 20 70 72 69 63 65 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22
                      Data Ascii: e06)]}'["",["bill chisholm celtics","assassin creed shadows","boeing fighter jets f 47","dairy queen blizzards 85 cents","1923 season 2 episode 5","fincen boi reporting","okc thunder la clippers","apple iphone 17 pro max price"],["","","","","","","","
                      2025-03-24 20:31:05 UTC1303INData Raw: 4c 57 54 42 30 5a 31 42 31 55 33 52 4e 5a 47 68 7a 4f 44 46 50 53 30 39 43 61 6e 68 49 55 44 42 78 62 58 55 76 64 54 4a 6c 62 48 4e 74 52 47 56 4d 61 6b 70 50 65 57 70 74 4d 33 6c 58 64 6e 4e 53 4d 33 4e 78 56 6a 64 32 59 55 70 73 63 47 5a 68 52 46 55 79 4d 33 6c 73 62 32 5a 55 4d 7a 56 50 55 57 5a 31 55 46 4e 76 4e 47 4a 4c 54 47 6b 35 56 57 46 4f 64 48 4a 6d 63 6c 4a 79 65 47 51 30 65 6c 4e 68 54 48 5a 58 5a 7a 68 56 56 55 46 76 51 6c 46 44 5a 30 5a 42 56 6b 64 54 64 47 51 35 4e 44 5a 61 61 55 6f 7a 5a 31 64 57 51 57 56 6c 54 30 35 73 65 55 5a 6d 61 30 67 72 62 7a 4d 34 64 32 46 76 5a 6d 5a 78 4d 6a 52 4d 4d 56 42 57 5a 32 78 6f 63 30 4d 31 4c 30 5a 56 65 56 67 33 56 6e 49 34 4f 55 39 6f 63 48 56 34 54 6d 63 30 4b 32 68 59 54 45 64 74 52 6d 51 77 51 30
                      Data Ascii: LWTB0Z1B1U3RNZGhzODFPS09CanhIUDBxbXUvdTJlbHNtRGVMakpPeWptM3lXdnNSM3NxVjd2YUpscGZhRFUyM3lsb2ZUMzVPUWZ1UFNvNGJLTGk5VWFOdHJmclJyeGQ0elNhTHZXZzhVVUFvQlFDZ0ZBVkdTdGQ5NDZaaUozZ1dWQWVlT05seUZma0grbzM4d2FvZmZxMjRMMVBWZ2xoc0M1L0ZVeVg3VnI4OU9ocHV4Tmc0K2hYTEdtRmQwQ0
                      2025-03-24 20:31:05 UTC991INData Raw: 78 6b 53 7a 4e 77 62 45 6f 78 53 45 52 34 51 33 6b 30 52 6d 5a 4d 63 46 56 30 64 32 64 45 62 48 49 79 64 31 46 44 51 55 39 47 56 6e 4e 72 53 6d 52 71 55 45 35 52 54 6c 4d 35 56 48 70 35 4d 54 64 6f 56 45 52 74 61 6b 45 77 62 6b 38 72 63 6c 56 52 63 46 46 34 63 54 56 75 5a 6b 70 76 52 45 55 79 63 44 6c 76 51 58 4e 58 4f 55 39 56 53 6b 4e 46 51 6b 6c 56 54 6e 52 44 61 55 46 4f 64 30 46 4f 57 6e 64 43 65 56 52 72 4e 45 46 43 54 31 46 4b 55 32 52 33 4e 6e 68 4b 61 56 4e 4a 65 6c 64 73 61 45 56 73 64 33 56 31 4e 44 4e 4c 57 46 4e 43 4f 46 4a 32 4f 57 6c 33 56 54 5a 6e 55 69 74 76 62 46 64 44 56 47 31 6e 53 6e 5a 4c 4c 7a 4a 77 4c 7a 59 76 63 57 64 4e 63 55 46 56 51 6c 67 31 56 6e 4e 74 54 30 31 59 4d 55 78 55 59 57 4e 36 52 30 5a 77 59 54 46 46 57 6b 74 35 62
                      Data Ascii: xkSzNwbEoxSER4Q3k0RmZMcFV0d2dEbHIyd1FDQU9GVnNrSmRqUE5RTlM5VHp5MTdoVERtakEwbk8rclVRcFF4cTVuZkpvREUycDlvQXNXOU9VSkNFQklVTnRDaUFOd0FOWndCeVRrNEFCT1FKU2R3NnhKaVNJeldsaEVsd3V1NDNLWFNCOFJ2OWl3VTZnUitvbFdDVG1nSnZLLzJwLzYvcWdNcUFVQlg1VnNtT01YMUxUYWN6R0ZwYTFFWkt5b
                      2025-03-24 20:31:05 UTC122INData Raw: 37 34 0d 0a 37 37 32 32 39 33 30 30 34 33 37 31 35 32 31 32 22 2c 22 67 6f 6f 67 6c 65 3a 73 75 67 67 65 73 74 72 65 6c 65 76 61 6e 63 65 22 3a 5b 31 32 35 37 2c 31 32 35 36 2c 31 32 35 35 2c 31 32 35 34 2c 31 32 35 33 2c 31 32 35 32 2c 31 32 35 31 2c 31 32 35 30 5d 2c 22 67 6f 6f 67 6c 65 3a 73 75 67 67 65 73 74 73 75 62 74 79 70 65 73 22 3a 5b 5b 33 2c 31 0d 0a
                      Data Ascii: 747722930043715212","google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,1
                      2025-03-24 20:31:05 UTC220INData Raw: 64 36 0d 0a 34 33 2c 33 36 32 2c 33 30 38 5d 2c 5b 33 2c 31 34 33 2c 33 36 32 2c 33 30 38 5d 2c 5b 33 2c 31 34 33 2c 33 36 32 2c 33 30 38 5d 2c 5b 33 2c 31 34 33 2c 33 36 32 2c 33 30 38 5d 2c 5b 33 2c 31 34 33 2c 33 36 32 2c 33 30 38 5d 2c 5b 33 2c 31 34 33 2c 33 36 32 2c 33 30 38 5d 2c 5b 33 2c 31 34 33 2c 33 36 32 2c 33 30 38 5d 2c 5b 33 2c 31 34 33 2c 33 36 32 2c 33 30 38 5d 5d 2c 22 67 6f 6f 67 6c 65 3a 73 75 67 67 65 73 74 74 79 70 65 22 3a 5b 22 51 55 45 52 59 22 2c 22 45 4e 54 49 54 59 22 2c 22 51 55 45 52 59 22 2c 22 51 55 45 52 59 22 2c 22 51 55 45 52 59 22 2c 22 51 55 45 52 59 22 2c 22 51 55 45 52 59 22 2c 22 51 55 45 52 59 22 5d 7d 5d 0d 0a
                      Data Ascii: d643,362,308],[3,143,362,308],[3,143,362,308],[3,143,362,308],[3,143,362,308],[3,143,362,308],[3,143,362,308],[3,143,362,308]],"google:suggesttype":["QUERY","ENTITY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]
                      2025-03-24 20:31:05 UTC5INData Raw: 30 0d 0a 0d 0a
                      Data Ascii: 0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      7192.168.2.74969818.164.115.1414431864C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-24 20:31:06 UTC712OUTGET /schoolmngt.ubpages.com/managent/ee408d78-googleeee_10l408h0ka07n00000e028.png HTTP/1.1
                      Host: d9hhrg4mnvzow.cloudfront.net
                      Connection: keep-alive
                      sec-ch-ua-platform: "Windows"
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: image
                      Sec-Fetch-Storage-Access: active
                      Referer: https://schoolmngt.ubpages.com/
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-24 20:31:06 UTC570INHTTP/1.1 200 OK
                      Content-Type: image/png
                      Content-Length: 2810
                      Connection: close
                      Date: Mon, 24 Mar 2025 20:31:07 GMT
                      Last-Modified: Mon, 24 Mar 2025 17:06:00 GMT
                      ETag: "dea5f9647084a87a0c6a15277f49118b"
                      x-amz-server-side-encryption: AES256
                      Cache-Control: max-age=31557600
                      x-amz-version-id: ACv8KxJ9vZ13JOz.Z4.69NnF7xx_9at4
                      Accept-Ranges: bytes
                      Server: AmazonS3
                      X-Cache: Miss from cloudfront
                      Via: 1.1 d98647edce17345f3d148190339e9d8c.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: JFK50-P6
                      X-Amz-Cf-Id: Gazbh26sDUWBajt9Cuq4HTdCADHhcBmks_TPMzwwZgEcuVPIjoO7tA==
                      2025-03-24 20:31:06 UTC2810INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 da 00 00 01 13 08 03 00 00 00 3f 3f 51 e0 00 00 00 d8 50 4c 54 45 ff ff ff 43 86 f5 ed fd ff ff fa e6 0c 09 0c 31 a7 51 e9 42 36 fe fe fd fd fe ff fb fc fd fa ba 04 66 89 ad 3d 2b 25 12 18 24 37 7e f3 3c 5a 7a 2b 1b 11 d6 eb fb e9 38 2a 7b 59 3e 35 46 64 6a 4b 31 1c 27 3a 4d 3c 34 f5 e7 de ff fc f4 77 9f c5 aa 89 6a bf db f2 a4 ce f9 ae cb e2 f7 d5 b3 8d 6b 4b c1 bf c1 d2 da d5 94 b9 d8 fb ec ca ec d6 c8 4d 6f 92 88 8d 96 f6 f6 f5 86 b9 f9 e2 c9 a7 30 38 48 d8 b7 92 e5 ed ed bd 97 75 cd a9 82 9a a2 ac a1 7d 5b 62 69 77 54 4e 4d 61 5d 63 97 d2 a6 aa 99 8b f1 a9 9e ed 87 79 43 ab 67 5c 9b f6 7f 73 6d e8 4c 3b 79 c4 8c ea 5a 4c b3 98 56 fc c8 35 fd e2 8f 5b b6 6c fd d4 5a eb 94 2e 43 92 c1 cd 99 65 38
                      Data Ascii: PNGIHDR??QPLTEC1QB6f=+%$7~<Zz+8*{Y>5FdjK1':M<4wjkKMo08Hu}[biwTNMa]cyCg\smL;yZLV5[lZ.Ce8


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      8192.168.2.749699104.18.41.1374431864C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-24 20:31:06 UTC956OUTGET /favicon.ico HTTP/1.1
                      Host: schoolmngt.ubpages.com
                      Connection: keep-alive
                      sec-ch-ua-platform: "Windows"
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: image
                      Referer: https://schoolmngt.ubpages.com/managent/
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      Cookie: ubvs=29666bf2-d1ad-44a5-af17-c44eff30603c; ubvt=v2%7C29666bf2-d1ad-44a5-af17-c44eff30603c%7C2865b8d7-7c69-4393-98fa-be4e5df152ba%3Aa%3Asingle%3Asingle; __cf_bm=xTUxLBnJvQhkgoFuBkN3yvUL7S8Y0Ld_J4TWfRMEJzs-1742848264-1.0.1.1-8VC2I0EcZIe9yZ44JWwIkMoQZqYyybcrCnuICpbnfau8CnAkACKeFfkj09DZW56y0Ib2vJB_0kINPuPs3CpWX.zrGEbjMvl1oZ50NMBP5VI
                      2025-03-24 20:31:06 UTC342INHTTP/1.1 404 Not Found
                      Date: Mon, 24 Mar 2025 20:31:06 GMT
                      Content-Type: text/html
                      Content-Length: 47
                      Connection: close
                      X-Content-Type-Options: nosniff
                      Referrer-Policy: strict-origin-when-cross-origin
                      Content-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
                      Server: cloudflare
                      CF-RAY: 9258ee240aeb9cc1-EWR
                      2025-03-24 20:31:06 UTC47INData Raw: 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e
                      Data Ascii: The requested URL was not found on this server.


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      9192.168.2.74970118.164.115.54431864C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-24 20:31:06 UTC469OUTGET /schoolmngt.ubpages.com/managent/ee408d78-googleeee_10l408h0ka07n00000e028.png HTTP/1.1
                      Host: d9hhrg4mnvzow.cloudfront.net
                      Connection: keep-alive
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      Accept: */*
                      Sec-Fetch-Site: none
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: empty
                      Sec-Fetch-Storage-Access: active
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-24 20:31:07 UTC570INHTTP/1.1 200 OK
                      Content-Type: image/png
                      Content-Length: 2810
                      Connection: close
                      Date: Mon, 24 Mar 2025 20:31:08 GMT
                      Last-Modified: Mon, 24 Mar 2025 17:06:00 GMT
                      ETag: "dea5f9647084a87a0c6a15277f49118b"
                      x-amz-server-side-encryption: AES256
                      Cache-Control: max-age=31557600
                      x-amz-version-id: ACv8KxJ9vZ13JOz.Z4.69NnF7xx_9at4
                      Accept-Ranges: bytes
                      Server: AmazonS3
                      X-Cache: Miss from cloudfront
                      Via: 1.1 cedbf7a51c689bd1e26af4b73768d270.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: JFK50-P6
                      X-Amz-Cf-Id: xn3MlVTcfiHY0QXvyfGZ3ptGah_fQx_nhUXGugaJE9Zpf7e7l2bPyQ==
                      2025-03-24 20:31:07 UTC2810INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 da 00 00 01 13 08 03 00 00 00 3f 3f 51 e0 00 00 00 d8 50 4c 54 45 ff ff ff 43 86 f5 ed fd ff ff fa e6 0c 09 0c 31 a7 51 e9 42 36 fe fe fd fd fe ff fb fc fd fa ba 04 66 89 ad 3d 2b 25 12 18 24 37 7e f3 3c 5a 7a 2b 1b 11 d6 eb fb e9 38 2a 7b 59 3e 35 46 64 6a 4b 31 1c 27 3a 4d 3c 34 f5 e7 de ff fc f4 77 9f c5 aa 89 6a bf db f2 a4 ce f9 ae cb e2 f7 d5 b3 8d 6b 4b c1 bf c1 d2 da d5 94 b9 d8 fb ec ca ec d6 c8 4d 6f 92 88 8d 96 f6 f6 f5 86 b9 f9 e2 c9 a7 30 38 48 d8 b7 92 e5 ed ed bd 97 75 cd a9 82 9a a2 ac a1 7d 5b 62 69 77 54 4e 4d 61 5d 63 97 d2 a6 aa 99 8b f1 a9 9e ed 87 79 43 ab 67 5c 9b f6 7f 73 6d e8 4c 3b 79 c4 8c ea 5a 4c b3 98 56 fc c8 35 fd e2 8f 5b b6 6c fd d4 5a eb 94 2e 43 92 c1 cd 99 65 38
                      Data Ascii: PNGIHDR??QPLTEC1QB6f=+%$7~<Zz+8*{Y>5FdjK1':M<4wjkKMo08Hu}[biwTNMa]cyCg\smL;yZLV5[lZ.Ce8


                      020406080s020406080100

                      Click to jump to process

                      020406080s0.0050100MB

                      Click to jump to process

                      Target ID:0
                      Start time:16:30:55
                      Start date:24/03/2025
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                      Imagebase:0x7ff778810000
                      File size:3'388'000 bytes
                      MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:false

                      Target ID:1
                      Start time:16:30:56
                      Start date:24/03/2025
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1940,i,10938567176322679093,12905942111308703416,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2252 /prefetch:3
                      Imagebase:0x7ff778810000
                      File size:3'388'000 bytes
                      MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:false

                      Target ID:5
                      Start time:16:31:02
                      Start date:24/03/2025
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://schoolmngt.ubpages.com/managent/"
                      Imagebase:0x7ff778810000
                      File size:3'388'000 bytes
                      MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:true
                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                      No disassembly