Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
https://protect.checkpoint.com/v2/r02/___https://lsems.gravityzone.bitdefender.com/xhfsdfMW5hMR*~*QDcqg1KugH/rhrqqgrWni2pyg1KugH/og75AgMRA37Cu37x!i2GzU2ZBRIJzQYOHZZqqYsmZW5OR00KOX83/48p8j0J8ZqF5gYq/X5p/4JhyRpOG1IqMhIh5WIqxR6iX1YmuV1mTfLuz38uCWp/KRqiVYoq5hZbCTIh/4MqE1rinfpmCiY0KZ8i*~*QYOHf1mO48i1RIOf

Overview

General Information

Sample URL:https://protect.checkpoint.com/v2/r02/___https://lsems.gravityzone.bitdefender.com/xhfsdfMW5hMR*~*QDcqg1KugH/rhrqqgrWni2pyg1KugH/og75AgMRA37Cu37x!i2GzU2ZBRIJzQYOHZZqqYsmZW5OR00KOX83/48p8j0J8ZqF5gYq/X5
Analysis ID:1649540
Infos:

Detection

Score:2
Range:0 - 100
Confidence:80%

Signatures

Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Creates files inside the system directory
Deletes files inside the Windows folder
Detected suspicious crossdomain redirect
Sample execution stops while process was sleeping (likely an evasion)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • chrome.exe (PID: 3472 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 6168 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2348,i,977650232591120726,18254827365428393022,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2388 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 7092 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://protect.checkpoint.com/v2/r02/___https://lsems.gravityzone.bitdefender.com/xhfsdfMW5hMR*~*QDcqg1KugH/rhrqqgrWni2pyg1KugH/og75AgMRA37Cu37x!i2GzU2ZBRIJzQYOHZZqqYsmZW5OR00KOX83/48p8j0J8ZqF5gYq/X5p/4JhyRpOG1IqMhIh5WIqxR6iX1YmuV1mTfLuz38uCWp/KRqiVYoq5hZbCTIh/4MqE1rinfpmCiY0KZ8i*~*QYOHf1mO48i1RIOfhqGCjLqKW1mPX0SpSYKxR7Z6YsKOg7qvg7m2RIiAZKJyRpO8Wpt6T2uS4rSTX560TJS93ZOHYqOw0K0vZL6x4styRpOuTIJ80ES1RJWuR0u*~*Z60vZ5KvhL4H05cwip06TYSDV8p/Z1K7hD5DWo0n0rm5ZKiLjLCyg8GNVX5DVs4QWLB6gImt35yRX1yIipSGZruqRIJyRpOQWruzf1uB0oqmZqSXX0FyRpO*~*VpC8gKKvf84NWYR7i2uEi8GogsRyRpOA35u6SYipfsSZi6WpSKuJ47N842V/3sSp08uyf1qqi60Mf1/fZrKISp/BZqWHYZytiIm3Xp95fpqOX6qqYYiqh24CSYKqfLSRVpu/Y7CUY758S2O4W1mm3rN6hL/4T1NEYol9iKWJWpS*~*hKSKi7Op0EOZY5yrWoNyRpNyRp4V02G34Y4B1Zq8QYOHXsGt1Yp6i2W9VYi5S70901cUgLByRpOUjsmEZ64nSZuO0002WJCKT2ZCQYOLYZKq06qH40WxiYm8R2q34puoXsStRI0SQYOHfr0z07Cpj2KBj0iWSIG6ZMiGZEOY46091qmZWLcS4ZcmZomGWrStY8iz4sqyRqSrZpm5iMOX45B5T0WHV7umRZNBg2uIX8ORhpmP1Y0407uVSp/XXI4OW2SCW8G21p/Ki1myh0054ESIfp6NgrOyWJyDi5ByRpO8WsGfgsKWgpKJSEW0j00LgZBCRESPXIF8goOxjqGKg16WfoO*~*jYmXZ5up454mXE4R2EWBf1mNj1iTZ5NBhoqX4qhB4IV5Y6G3irSG4oi*~*isGOWrmP104O0MmXWD5DVq4uiYi2i5b6hJqUX1uWgqS/3pW6ZZ*/2*XIKpf7SMYpx5ZoNyRp43gsSfSLuUi8utV5u4Z544gqSq4sWtWZOfhqGY4ZbyRpNCXY0tRKW*~*j1KKg805WJp7j1SwXpyTjZuSRrKm0oFyRp43Vn5DWn5DWrqK1Z35h1SyR8m8X60f4oSvX2SJZ8NyRpOJ0JyDW2i/h7BB0LC0SKq8gYF8X10335iWda99K97K667Kc*~*7K6aFIF/JJbJI/5b8*~*J59I5H78FbH8bc/*~*5Ka*~*/9KHIKJ/Hc77K?h=6&fru;n=6&fru;ithx=6___.YzJlOmdhbmdzdGVyOmM6bzozNzgzODlmOGVjOWFjMDU4ODA2YzZiNzAzODIwZWExYjo3OjE1MzU6MzgzZDA3MjA0MGU4NmVjOTQ5NjUyYWM1MTBkYzkzNzg4ODQ3Mjg0YTJlN2I1MzhlZWM4YWU1YzI1YWE5Y2UxNjpoOlQ6VA" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • MpCmdRun.exe (PID: 4736 cmdline: "C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable MD5: B3676839B2EE96983F9ED735CD044159)
      • conhost.exe (PID: 5064 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • Compliance
  • Networking
  • System Summary
  • Hooking and other Techniques for Hiding and Protection
  • Malware Analysis System Evasion
  • Lowering of HIPS / PFW / Operating System Security Settings

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknownHTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.4:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.168.102.96:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.168.102.96:443 -> 192.168.2.4:49735 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.249.91.64:443 -> 192.168.2.4:49736 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.249.91.64:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.249.91.68:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.249.91.19:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.249.91.49:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.173.132.30:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.173.132.30:443 -> 192.168.2.4:49757 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: protect.checkpoint.com to https://lsems.gravityzone.bitdefender.com/scan/ahr0chm6ly9lbwfpbc5mcmllbmridxktbwfpbc5jb20vbhmvy2xpy2s!dxbupxuwmdeultjcuulltnhur0jmvvfjs3y5z3k3eve3ula0btl5s0k5zectmkjbwdlhcdc0rdlsm1dswthpqwhoagpuy3pxrk5fmldqtjl0cu8xodc5zhlzwmdiakhxdtvfu3d6ltjcawhjz3dwmdjaclbxeglfrwhksvnkntfsm2u1tnfjb2lqb2hxmddvufetmkj3rko1oxpnzmnos01voen4yujctljrvfvqug1sznotmkjpode3vznwmerpmvp6u1vqu0fqcgzcv09rdkv1otnyq3k5uwf2cy0yrjvivmh0ufdgegxtb3biqs0yqnzlrgw1bdhoy0tmswtddknbumplmdetmkjlrmpuawpwvjlhulnssvatmkj6qkx3bffqa3zirtm2dxpzd3bjbnmtmkjvy0p1ntdkannud1rknfpez2i3zxq5ynnkv3ptawlld1vhaw5aumfdnk5wulrctutoddhysk40akljs1llttdlcxzxntflagnmqkp5t2xpt203nxjzrwhhymi1cg5zowiztjg4dfrerkn6cfnfd2jkvzjut0tmrjitmkitmkzqvxbyztzwwul3ltjcsnbowtk1dxr4qtd0n2v4vw9pbgwtmkjpenhzu1zinupjvvvxrexfoxuxltjgtuflv1lczvrsdth3mxlyzkpjsnnomdvnltjcamvuv2xkexfwevdrndb1uhdbuzjtz1v4wlhurg9nzu9hujhbrmnot3duznltmlnmukh0dhjsz0w0ovrcq2phmuiwbxpds3jmckhkwtvzv2pqnk5ssdzjrxnxr3bxwk5fdwhtcvv0zzndak1ibmjtretyd0wtmkj3rnbabnfrbkfenzrvevvgbuwxmznksda3bjjselbfbw1rajj6ethsu0pkz0zhszzmxzrwawhiewdou0iwcjlszlcwzdq0t1bydmnbzjd6dnbjrmhkwvzjvhhsry0yqlzpdtdxd081celpswprbln5ykr1uu55sdfka2nhtks0ujitmkzybnnangppd3poq0pzu0zzblnlznrorujaclbtzu8tmkixstvomfr6ewffb3v0rek2ewnrsktoeupnmmfhvjatmkzyqi0yri0yrmlfwuy0cwntm3h3s1vazjnqsxneu3itmkjevetyrxd5c2wwvgxvnfl3bta3swvyy0dr/744f42f112f962f17ada5ee8ed50836e04d0c23a8c389560f7654fcdfe5c922f?c=1&i=1&docs=1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: email.friendbuy-mail.com to https://394-kadoma.trakcid.com/?u=http:%2f%2femail.double.serviceautopilot.com%2fc%2fejwewdtuxcaqandtma6lz8baqzhg9waziyphxwlzlzlt553jfvlrt9wuc2nxrgqh7srezziyvat1tgwosvbaurp7aiixldsccdz5dilu3hqryyuixeysi1dbaihlkiotubgtw82eik6ucrgcrryxqiloomx05cbh5ytn0zjrxilrqkps2u0aifamkrazv4wbqdo-pdp-pvltj-xpgk_ry-3nuevp11rpe7m_mzk2c_yncu_67u38boyyzjs5ju3xuruy6bxme6_xxdt33ht-badmm8e-6lzen5n_aaaa__97vled&e=bo6ao4ijqeteqbsfkxxaarisjwux2-yy&cee=y2hyaxn0b3bozxiuywxsyw5acnbyby50zwno
Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: email.friendbuy-mail.com to https://394-kadoma.trakcid.com/?u=http:%2f%2femail.double.serviceautopilot.com%2fc%2fejwewdtuxcaqandtma6lz8baqzhg9waziyphxwlzlzlt553jfvlrt9wuc2nxrgqh7srezziyvat1tgwosvbaurp7aiixldsccdz5dilu3hqryyuixeysi1dbaihlkiotubgtw82eik6ucrgcrryxqiloomx05cbh5ytn0zjrxilrqkps2u0aifamkrazv4wbqdo-pdp-pvltj-xpgk_ry-3nuevp11rpe7m_mzk2c_yncu_67u38boyyzjs5ju3xuruy6bxme6_xxdt33ht-badmm8e-6lzen5n_aaaa__97vled&e=bo6ao4ijqeteqbsfkxxaarisjwux2-yy&cee=y2hyaxn0b3bozxiuywxsyw5acnbyby50zwno
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.32.99
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.32.99
Source: unknownTCP traffic detected without corresponding DNS query: 23.57.90.144
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /v2/r02/___https://lsems.gravityzone.bitdefender.com/xhfsdfMW5hMR*~*QDcqg1KugH/rhrqqgrWni2pyg1KugH/og75AgMRA37Cu37x!i2GzU2ZBRIJzQYOHZZqqYsmZW5OR00KOX83/48p8j0J8ZqF5gYq/X5p/4JhyRpOG1IqMhIh5WIqxR6iX1YmuV1mTfLuz38uCWp/KRqiVYoq5hZbCTIh/4MqE1rinfpmCiY0KZ8i*~*QYOHf1mO48i1RIOfhqGCjLqKW1mPX0SpSYKxR7Z6YsKOg7qvg7m2RIiAZKJyRpO8Wpt6T2uS4rSTX560TJS93ZOHYqOw0K0vZL6x4styRpOuTIJ80ES1RJWuR0u*~*Z60vZ5KvhL4H05cwip06TYSDV8p/Z1K7hD5DWo0n0rm5ZKiLjLCyg8GNVX5DVs4QWLB6gImt35yRX1yIipSGZruqRIJyRpOQWruzf1uB0oqmZqSXX0FyRpO*~*VpC8gKKvf84NWYR7i2uEi8GogsRyRpOA35u6SYipfsSZi6WpSKuJ47N842V/3sSp08uyf1qqi60Mf1/fZrKISp/BZqWHYZytiIm3Xp95fpqOX6qqYYiqh24CSYKqfLSRVpu/Y7CUY758S2O4W1mm3rN6hL/4T1NEYol9iKWJWpS*~*hKSKi7Op0EOZY5yrWoNyRpNyRp4V02G34Y4B1Zq8QYOHXsGt1Yp6i2W9VYi5S70901cUgLByRpOUjsmEZ64nSZuO0002WJCKT2ZCQYOLYZKq06qH40WxiYm8R2q34puoXsStRI0SQYOHfr0z07Cpj2KBj0iWSIG6ZMiGZEOY46091qmZWLcS4ZcmZomGWrStY8iz4sqyRqSrZpm5iMOX45B5T0WHV7umRZNBg2uIX8ORhpmP1Y0407uVSp/XXI4OW2SCW8G21p/Ki1myh0054ESIfp6NgrOyWJyDi5ByRpO8WsGfgsKWgpKJSEW0j00LgZBCRESPXIF8goOxjqGKg16WfoO*~*jYmXZ5up454mXE4R2EWBf1mNj1iTZ5NBhoqX4qhB4IV5Y6G3irSG4oi*~*isGOWrmP104O0MmXWD5DVq4uiYi2i5b6hJqUX1uWgqS/3pW6ZZ*/2*XIKpf7SMYpx5ZoNyRp43gsSfSLuUi8utV5u4Z544gqSq4sWtWZOfhqGY4ZbyRpNCXY0tRKW*~*j1KKg805WJp7j1SwXpyTjZuSRrKm0oFyRp43Vn5DWn5DWrqK1Z35h1SyR8m8X60f4oSvX2SJZ8NyRpOJ0JyDW2i/h7BB0LC0SKq8gYF8X10335iWda99K97K667Kc*~*7K6aFIF/JJbJI/5b8*~*J59I5H78FbH8bc/*~*5Ka*~*/9KHIKJ/Hc77K?h=6&fru;n=6&fru;ithx=6___.YzJlOmdhbmdzdGVyOmM6bzozNzgzODlmOGVjOWFjMDU4ODA2YzZiNzAzODIwZWExYjo3OjE1MzU6MzgzZDA3MjA0MGU4NmVjOTQ5NjUyYWM1MTBkYzkzNzg4ODQ3Mjg0YTJlN2I1MzhlZWM4YWU1YzI1YWE5Y2UxNjpoOlQ6VA HTTP/1.1Host: protect.checkpoint.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0ZhSzZMXzRwaWhIeWdOU0IwcjlSZlcwZDQ0T1BYdmNBZjd6dnBJRmhKWVZJVHhSRy0yQlZpdTdXd081cElPSWpRblN5YkR1UU55SDFka2NHTks0UjItMkZYbnNaNGpPd3poQ0pZU0ZZblNlZnRoRUJaclBTZU8tMkIxSTVoMFR6eWFFb3V0REk2eWNrSktOeUpNMmFhVjAtMkZYQi0yRi0yRmlFWUY0cWNtM3h3S1VaZjNqSXNEU3ItMkJEVEtyRXd5c2wwVGxVNFl3bTA3SWVYY0dR/744F42F112F962F17ADA5EE8ED50836E04D0C23A8C389560F7654FCDFE5C922F?c=1&i=1&docs=1 HTTP/1.1Host: lsems.gravityzone.bitdefender.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /index.css HTTP/1.1Host: lsems.gravityzone.bitdefender.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0ZhSzZMXzRwaWhIeWdOU0IwcjlSZlcwZDQ0T1BYdmNBZjd6dnBJRmhKWVZJVHhSRy0yQlZpdTdXd081cElPSWpRblN5YkR1UU55SDFka2NHTks0UjItMkZYbnNaNGpPd3poQ0pZU0ZZblNlZnRoRUJaclBTZU8tMkIxSTVoMFR6eWFFb3V0REk2eWNrSktOeUpNMmFhVjAtMkZYQi0yRi0yRmlFWUY0cWNtM3h3S1VaZjNqSXNEU3ItMkJEVEtyRXd5c2wwVGxVNFl3bTA3SWVYY0dR/744F42F112F962F17ADA5EE8ED50836E04D0C23A8C389560F7654FCDFE5C922F?c=1&i=1&docs=1Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /static/css/main.3dfe9f5e.css HTTP/1.1Host: lsems.gravityzone.bitdefender.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0ZhSzZMXzRwaWhIeWdOU0IwcjlSZlcwZDQ0T1BYdmNBZjd6dnBJRmhKWVZJVHhSRy0yQlZpdTdXd081cElPSWpRblN5YkR1UU55SDFka2NHTks0UjItMkZYbnNaNGpPd3poQ0pZU0ZZblNlZnRoRUJaclBTZU8tMkIxSTVoMFR6eWFFb3V0REk2eWNrSktOeUpNMmFhVjAtMkZYQi0yRi0yRmlFWUY0cWNtM3h3S1VaZjNqSXNEU3ItMkJEVEtyRXd5c2wwVGxVNFl3bTA3SWVYY0dR/744F42F112F962F17ADA5EE8ED50836E04D0C23A8C389560F7654FCDFE5C922F?c=1&i=1&docs=1Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /static/js/main.d62e4927.js HTTP/1.1Host: lsems.gravityzone.bitdefender.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0ZhSzZMXzRwaWhIeWdOU0IwcjlSZlcwZDQ0T1BYdmNBZjd6dnBJRmhKWVZJVHhSRy0yQlZpdTdXd081cElPSWpRblN5YkR1UU55SDFka2NHTks0UjItMkZYbnNaNGpPd3poQ0pZU0ZZblNlZnRoRUJaclBTZU8tMkIxSTVoMFR6eWFFb3V0REk2eWNrSktOeUpNMmFhVjAtMkZYQi0yRi0yRmlFWUY0cWNtM3h3S1VaZjNqSXNEU3ItMkJEVEtyRXd5c2wwVGxVNFl3bTA3SWVYY0dR/744F42F112F962F17ADA5EE8ED50836E04D0C23A8C389560F7654FCDFE5C922F?c=1&i=1&docs=1Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: lsems.gravityzone.bitdefender.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0ZhSzZMXzRwaWhIeWdOU0IwcjlSZlcwZDQ0T1BYdmNBZjd6dnBJRmhKWVZJVHhSRy0yQlZpdTdXd081cElPSWpRblN5YkR1UU55SDFka2NHTks0UjItMkZYbnNaNGpPd3poQ0pZU0ZZblNlZnRoRUJaclBTZU8tMkIxSTVoMFR6eWFFb3V0REk2eWNrSktOeUpNMmFhVjAtMkZYQi0yRi0yRmlFWUY0cWNtM3h3S1VaZjNqSXNEU3ItMkJEVEtyRXd5c2wwVGxVNFl3bTA3SWVYY0dR/744F42F112F962F17ADA5EE8ED50836E04D0C23A8C389560F7654FCDFE5C922F?c=1&i=1&docs=1Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /manifest.json HTTP/1.1Host: lsems.gravityzone.bitdefender.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0ZhSzZMXzRwaWhIeWdOU0IwcjlSZlcwZDQ0T1BYdmNBZjd6dnBJRmhKWVZJVHhSRy0yQlZpdTdXd081cElPSWpRblN5YkR1UU55SDFka2NHTks0UjItMkZYbnNaNGpPd3poQ0pZU0ZZblNlZnRoRUJaclBTZU8tMkIxSTVoMFR6eWFFb3V0REk2eWNrSktOeUpNMmFhVjAtMkZYQi0yRi0yRmlFWUY0cWNtM3h3S1VaZjNqSXNEU3ItMkJEVEtyRXd5c2wwVGxVNFl3bTA3SWVYY0dR/744F42F112F962F17ADA5EE8ED50836E04D0C23A8C389560F7654FCDFE5C922F?c=1&i=1&docs=1Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: lsems.gravityzone.bitdefender.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0ZhSzZMXzRwaWhIeWdOU0IwcjlSZlcwZDQ0T1BYdmNBZjd6dnBJRmhKWVZJVHhSRy0yQlZpdTdXd081cElPSWpRblN5YkR1UU55SDFka2NHTks0UjItMkZYbnNaNGpPd3poQ0pZU0ZZblNlZnRoRUJaclBTZU8tMkIxSTVoMFR6eWFFb3V0REk2eWNrSktOeUpNMmFhVjAtMkZYQi0yRi0yRmlFWUY0cWNtM3h3S1VaZjNqSXNEU3ItMkJEVEtyRXd5c2wwVGxVNFl3bTA3SWVYY0dR/744F42F112F962F17ADA5EE8ED50836E04D0C23A8C389560F7654FCDFE5C922F?i=0&docs=1&s=1 HTTP/1.1Host: api-bd.linkscan.ioConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/json, text/plain, */*sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"X-Original-Referer: unknownsec-ch-ua-mobile: ?0Origin: https://lsems.gravityzone.bitdefender.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://lsems.gravityzone.bitdefender.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0ZhSzZMXzRwaWhIeWdOU0IwcjlSZlcwZDQ0T1BYdmNBZjd6dnBJRmhKWVZJVHhSRy0yQlZpdTdXd081cElPSWpRblN5YkR1UU55SDFka2NHTks0UjItMkZYbnNaNGpPd3poQ0pZU0ZZblNlZnRoRUJaclBTZU8tMkIxSTVoMFR6eWFFb3V0REk2eWNrSktOeUpNMmFhVjAtMkZYQi0yRi0yRmlFWUY0cWNtM3h3S1VaZjNqSXNEU3ItMkJEVEtyRXd5c2wwVGxVNFl3bTA3SWVYY0dR/744F42F112F962F17ADA5EE8ED50836E04D0C23A8C389560F7654FCDFE5C922F?i=0&docs=1&s=1 HTTP/1.1Host: api-bd.linkscan.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ls/click?upn=u001.-2BQIeNxTGBLUQIKv9gy7yQ7RP4m9yKI9dG-2BAX9Gp74D9l3WRY8iAhNhjnczqFNE2WPN9tqO1879dysZgbjHqu5ESwz-2BihIgwV02ZrPqxiEEhJISd51l3e5NqIoijohW07oPQ-2BwFJ59zMfcNKMU8CxaBBNRkTUjPmlfz-2Bi817W3V0Di1ZzSUjSAjpfBWOkvEu93rCy9Qavs-2F5bVhtPWFxlmopHA-2BvKDl5l8hcKLIkCvCARje01-2BKFjnijpV9aRSRIP-2BzBLwlQjkvHE36uzswpcns-2BocJu57djsTwTd4ZDgb7et9bsdWzmiiewUGinZRaC6NpRTBMKht8XJN4jIIKYeM7eqvq51ehcLBJyOlOOm75rYEhabb5pnY9b3N88tTDFCzpSEwbdW2TOKfF2-2B-2FPUpXe6pYIw-2BJphY95utxA7t7exUoOll-2BOzxsSVb5JIUUWDLE9u1-2FMAeWYBeTlu8w1yXfJcJsh05M-2BjenWldyqpyWQ40uPwAS2SgUxZXTDoMeOaR8AFchOwnfym2SfRHttrRgL49TBCja1B0mzCKrLrHJY5YWjP6NRH6IEsqGpWZNEuhmqUtg3CjMHnbmDKrwL-2BwFpZnqQnAD74UyUFmL133JH07n2lzPEmmQj2zy8RSJdgFaK6L_4pihHygNSB0r9RfW0d44OPXvcAf7zvpIFhJYVITxRG-2BViu7WwO5pIOIjQnSybDuQNyH1dkcGNK4R2-2FXnsZ4jOwzhCJYSFYnSefthEBZrPSeO-2B1I5h0TzyaEoutDI6yckJKNyJM2aaV0-2FXB-2F-2FiEYF4qcm3xwKUZf3jIsDSr-2BDTKrEwysl0TlU4Ywm07IeXcGQ HTTP/1.1Host: email.friendbuy-mail.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://lsems.gravityzone.bitdefender.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ls/click?upn=u001.-2BQIeNxTGBLUQIKv9gy7yQ7RP4m9yKI9dG-2BAX9Gp74D9l3WRY8iAhNhjnczqFNE2WPN9tqO1879dysZgbjHqu5ESwz-2BihIgwV02ZrPqxiEEhJISd51l3e5NqIoijohW07oPQ-2BwFJ59zMfcNKMU8CxaBBNRkTUjPmlfz-2Bi817W3V0Di1ZzSUjSAjpfBWOkvEu93rCy9Qavs-2F5bVhtPWFxlmopHA-2BvKDl5l8hcKLIkCvCARje01-2BKFjnijpV9aRSRIP-2BzBLwlQjkvHE36uzswpcns-2BocJu57djsTwTd4ZDgb7et9bsdWzmiiewUGinZRaC6NpRTBMKht8XJN4jIIKYeM7eqvq51ehcLBJyOlOOm75rYEhabb5pnY9b3N88tTDFCzpSEwbdW2TOKfF2-2B-2FPUpXe6pYIw-2BJphY95utxA7t7exUoOll-2BOzxsSVb5JIUUWDLE9u1-2FMAeWYBeTlu8w1yXfJcJsh05M-2BjenWldyqpyWQ40uPwAS2SgUxZXTDoMeOaR8AFchOwnfym2SfRHttrRgL49TBCja1B0mzCKrLrHJY5YWjP6NRH6IEsqGpWZNEuhmqUtg3CjMHnbmDKrwL-2BwFpZnqQnAD74UyUFmL133JH07n2lzPEmmQj2zy8RSJdgFaK6L_4pihHygNSB0r9RfW0d44OPXvcAf7zvpIFhJYVITxRG-2BViu7WwO5pIOIjQnSybDuQNyH1dkcGNK4R2-2FXnsZ4jOwzhCJYSFYnSefthEBZrPSeO-2B1I5h0TzyaEoutDI6yckJKNyJM2aaV0-2FXB-2F-2FiEYF4qcm3xwKUZf3jIsDSr-2BDTKrEwysl0TlU4Ywm07IeXcGQ HTTP/1.1Host: email.friendbuy-mail.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://lsems.gravityzone.bitdefender.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: protect.checkpoint.com
Source: global trafficDNS traffic detected: DNS query: lsems.gravityzone.bitdefender.com
Source: global trafficDNS traffic detected: DNS query: api-bd.linkscan.io
Source: global trafficDNS traffic detected: DNS query: email.friendbuy-mail.com
Source: global trafficDNS traffic detected: DNS query: 394-kadoma.trakcid.com
Source: global trafficDNS traffic detected: DNS query: google.com
Source: chromecache_64.2.drString found in binary or memory: https://394-kadoma.trakcid.com/?u=http:%2F%2Femail.double.serviceautopilot.com%2Fc%2FeJwEwDtuxCAQAND
Source: chromecache_64.2.drString found in binary or memory: https://email.friendbuy-mail.com/ls/click?upn=u001.-2BQIeNxTGBLUQIKv9gy7yQ7RP4m9yKI9dG-2BAX9Gp74D9l3
Source: chromecache_63.2.drString found in binary or memory: https://fonts.googleapis.com/css?family=Montserrat:100
Source: chromecache_63.2.drString found in binary or memory: https://fonts.googleapis.com/css?family=Raleway:400
Source: chromecache_63.2.drString found in binary or memory: https://fonts.googleapis.com/css?family=Roboto:100
Source: chromecache_59.2.drString found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2)
Source: chromecache_59.2.drString found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459WRhyzbi.woff2)
Source: chromecache_59.2.drString found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2)
Source: chromecache_59.2.drString found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2)
Source: chromecache_59.2.drString found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2)
Source: chromecache_57.2.drString found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2)
Source: chromecache_57.2.drString found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCAIT5lu.woff2)
Source: chromecache_57.2.drString found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCIIT5lu.woff2)
Source: chromecache_57.2.drString found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCMIT5lu.woff2)
Source: chromecache_57.2.drString found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCkIT5lu.woff2)
Source: chromecache_66.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3-UBGEe.woff2)
Source: chromecache_66.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3CUBGEe.woff2)
Source: chromecache_66.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3GUBGEe.woff2)
Source: chromecache_66.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2)
Source: chromecache_66.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3OUBGEe.woff2)
Source: chromecache_66.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2)
Source: chromecache_66.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2)
Source: chromecache_66.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMawCUBGEe.woff2)
Source: chromecache_66.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2)
Source: chromecache_64.2.drString found in binary or memory: https://storage.googleapis.com/track.salesflare.com/provider.html?xdm_e=https%3A%2F%2F394-kadoma.tra
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49680 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownHTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.4:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.168.102.96:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.168.102.96:443 -> 192.168.2.4:49735 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.249.91.64:443 -> 192.168.2.4:49736 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.249.91.64:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.249.91.68:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.249.91.19:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.249.91.49:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.173.132.30:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.173.132.30:443 -> 192.168.2.4:49757 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir3472_1504000474Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir3472_1504000474Jump to behavior
Source: classification engineClassification label: clean2.win@34/25@69/8
Source: C:\Windows\System32\conhost.exeMutant created: \BaseNamedObjects\Local\SM0:5064:120:WilError_03
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2348,i,977650232591120726,18254827365428393022,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2388 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://protect.checkpoint.com/v2/r02/___https://lsems.gravityzone.bitdefender.com/xhfsdfMW5hMR*~*QDcqg1KugH/rhrqqgrWni2pyg1KugH/og75AgMRA37Cu37x!i2GzU2ZBRIJzQYOHZZqqYsmZW5OR00KOX83/48p8j0J8ZqF5gYq/X5p/4JhyRpOG1IqMhIh5WIqxR6iX1YmuV1mTfLuz38uCWp/KRqiVYoq5hZbCTIh/4MqE1rinfpmCiY0KZ8i*~*QYOHf1mO48i1RIOfhqGCjLqKW1mPX0SpSYKxR7Z6YsKOg7qvg7m2RIiAZKJyRpO8Wpt6T2uS4rSTX560TJS93ZOHYqOw0K0vZL6x4styRpOuTIJ80ES1RJWuR0u*~*Z60vZ5KvhL4H05cwip06TYSDV8p/Z1K7hD5DWo0n0rm5ZKiLjLCyg8GNVX5DVs4QWLB6gImt35yRX1yIipSGZruqRIJyRpOQWruzf1uB0oqmZqSXX0FyRpO*~*VpC8gKKvf84NWYR7i2uEi8GogsRyRpOA35u6SYipfsSZi6WpSKuJ47N842V/3sSp08uyf1qqi60Mf1/fZrKISp/BZqWHYZytiIm3Xp95fpqOX6qqYYiqh24CSYKqfLSRVpu/Y7CUY758S2O4W1mm3rN6hL/4T1NEYol9iKWJWpS*~*hKSKi7Op0EOZY5yrWoNyRpNyRp4V02G34Y4B1Zq8QYOHXsGt1Yp6i2W9VYi5S70901cUgLByRpOUjsmEZ64nSZuO0002WJCKT2ZCQYOLYZKq06qH40WxiYm8R2q34puoXsStRI0SQYOHfr0z07Cpj2KBj0iWSIG6ZMiGZEOY46091qmZWLcS4ZcmZomGWrStY8iz4sqyRqSrZpm5iMOX45B5T0WHV7umRZNBg2uIX8ORhpmP1Y0407uVSp/XXI4OW2SCW8G21p/Ki1myh0054ESIfp6NgrOyWJyDi5ByRpO8WsGfgsKWgpKJSEW0j00LgZBCRESPXIF8goOxjqGKg16WfoO*~*jYmXZ5up454mXE4R2EWBf1mNj1iTZ5NBhoqX4qhB4IV5Y6G3irSG4oi*~*isGOWrmP104O0MmXWD5DVq4uiYi2i5b6hJqUX1uWgqS/3pW6ZZ*/2*XIKpf7SMYpx5ZoNyRp43gsSfSLuUi8utV5u4Z544gqSq4sWtWZOfhqGY4ZbyRpNCXY0tRKW*~*j1KKg805WJp7j1SwXpyTjZuSRrKm0oFyRp43Vn5DWn5DWrqK1Z35h1SyR8m8X60f4oSvX2SJZ8NyRpOJ0JyDW2i/h7BB0LC0SKq8gYF8X10335iWda99K97K667Kc*~*7K6aFIF/JJbJI/5b8*~*J59I5H78FbH8bc/*~*5Ka*~*/9KHIKJ/Hc77K?h=6&fru;n=6&fru;ithx=6___.YzJlOmdhbmdzdGVyOmM6bzozNzgzODlmOGVjOWFjMDU4ODA2YzZiNzAzODIwZWExYjo3OjE1MzU6MzgzZDA3MjA0MGU4NmVjOTQ5NjUyYWM1MTBkYzkzNzg4ODQ3Mjg0YTJlN2I1MzhlZWM4YWU1YzI1YWE5Y2UxNjpoOlQ6VA"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Windows Defender\MpCmdRun.exe "C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
Source: C:\Program Files\Windows Defender\MpCmdRun.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2348,i,977650232591120726,18254827365428393022,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2388 /prefetch:3Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: mpclient.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: secur32.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: version.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: userenv.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: wbemcomn.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: amsi.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: profapi.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: wscapi.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: netutils.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: slc.dllJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeSection loaded: sppc.dllJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Windows Defender\MpCmdRun.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Windows Defender\MpCmdRun.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Program Files\Windows Defender\MpCmdRun.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\SecurityCenter2 : AntiVirusProduct
Source: C:\Program Files\Windows Defender\MpCmdRun.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\SecurityCenter2 : AntiVirusProduct

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Windows Management Instrumentation		1
DLL Side-Loading		1
Process Injection		1
Masquerading		OS Credential Dumping1
Security Software Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
DLL Side-Loading		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
DLL Side-Loading		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
File Deletion		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1649540 URL: https://protect.checkpoint.... Startdate: 26/03/2025 Architecture: WINDOWS Score: 2 19 394-kadoma.trakcid.com 2->19 7 chrome.exe 2 2->7         started        10 chrome.exe 2->10         started        process3 dnsIp4 21 192.168.2.4, 138, 443, 49203 unknown unknown 7->21 12 chrome.exe 7->12         started        15 MpCmdRun.exe 1 10->15         started        process5 dnsIp6 23 d1b13yb8esv0x1.cloudfront.net 18.173.132.30, 443, 49756, 49757 MIT-GATEWAYSUS United States 12->23 25 www.google.com 142.250.81.228, 443, 49731, 49767 GOOGLEUS United States 12->25 27 11 other IPs or domains 12->27 17 conhost.exe 15->17         started        process7

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://protect.checkpoint.com/v2/r02/___https://lsems.gravityzone.bitdefender.com/xhfsdfMW5hMR*~*QDcqg1KugH/rhrqqgrWni2pyg1KugH/og75AgMRA37Cu37x!i2GzU2ZBRIJzQYOHZZqqYsmZW5OR00KOX83/48p8j0J8ZqF5gYq/X5p/4JhyRpOG1IqMhIh5WIqxR6iX1YmuV1mTfLuz38uCWp/KRqiVYoq5hZbCTIh/4MqE1rinfpmCiY0KZ8i*~*QYOHf1mO48i1RIOfhqGCjLqKW1mPX0SpSYKxR7Z6YsKOg7qvg7m2RIiAZKJyRpO8Wpt6T2uS4rSTX560TJS93ZOHYqOw0K0vZL6x4styRpOuTIJ80ES1RJWuR0u*~*Z60vZ5KvhL4H05cwip06TYSDV8p/Z1K7hD5DWo0n0rm5ZKiLjLCyg8GNVX5DVs4QWLB6gImt35yRX1yIipSGZruqRIJyRpOQWruzf1uB0oqmZqSXX0FyRpO*~*VpC8gKKvf84NWYR7i2uEi8GogsRyRpOA35u6SYipfsSZi6WpSKuJ47N842V/3sSp08uyf1qqi60Mf1/fZrKISp/BZqWHYZytiIm3Xp95fpqOX6qqYYiqh24CSYKqfLSRVpu/Y7CUY758S2O4W1mm3rN6hL/4T1NEYol9iKWJWpS*~*hKSKi7Op0EOZY5yrWoNyRpNyRp4V02G34Y4B1Zq8QYOHXsGt1Yp6i2W9VYi5S70901cUgLByRpOUjsmEZ64nSZuO0002WJCKT2ZCQYOLYZKq06qH40WxiYm8R2q34puoXsStRI0SQYOHfr0z07Cpj2KBj0iWSIG6ZMiGZEOY46091qmZWLcS4ZcmZomGWrStY8iz4sqyRqSrZpm5iMOX45B5T0WHV7umRZNBg2uIX8ORhpmP1Y0407uVSp/XXI4OW2SCW8G21p/Ki1myh0054ESIfp6NgrOyWJyDi5ByRpO8WsGfgsKWgpKJSEW0j00LgZBCRESPXIF8goOxjqGKg16WfoO*~*jYmXZ5up454mXE4R2EWBf1mNj1iTZ5NBhoqX4qhB4IV5Y6G3irSG4oi*~*isGOWrmP104O0MmXWD5DVq4uiYi2i5b6hJqUX1uWgqS/3pW6ZZ*/2*XIKpf7SMYpx5ZoNyRp43gsSfSLuUi8utV5u4Z544gqSq4sWtWZOfhqGY4ZbyRpNCXY0tRKW*~*j1KKg805WJp7j1SwXpyTjZuSRrKm0oFyRp43Vn5DWn5DWrqK1Z35h1SyR8m8X60f4oSvX2SJZ8NyRpOJ0JyDW2i/h7BB0LC0SKq8gYF8X10335iWda99K97K667Kc*~*7K6aFIF/JJbJI/5b8*~*J59I5H78FbH8bc/*~*5Ka*~*/9KHIKJ/Hc77K?h=6&fru;n=6&fru;ithx=6___.YzJlOmdhbmdzdGVyOmM6bzozNzgzODlmOGVjOWFjMDU4ODA2YzZiNzAzODIwZWExYjo3OjE1MzU6MzgzZDA3MjA0MGU4NmVjOTQ5NjUyYWM1MTBkYzkzNzg4ODQ3Mjg0YTJlN2I1MzhlZWM4YWU1YzI1YWE5Y2UxNjpoOlQ6VA0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://lsems.gravityzone.bitdefender.com/manifest.json0%Avira URL Cloudsafe
https://394-kadoma.trakcid.com/?u=http:%2F%2Femail.double.serviceautopilot.com%2Fc%2FeJwEwDtuxCAQAND0%Avira URL Cloudsafe
https://lsems.gravityzone.bitdefender.com/static/css/main.3dfe9f5e.css0%Avira URL Cloudsafe
https://email.friendbuy-mail.com/ls/click?upn=u001.-2BQIeNxTGBLUQIKv9gy7yQ7RP4m9yKI9dG-2BAX9Gp74D9l3WRY8iAhNhjnczqFNE2WPN9tqO1879dysZgbjHqu5ESwz-2BihIgwV02ZrPqxiEEhJISd51l3e5NqIoijohW07oPQ-2BwFJ59zMfcNKMU8CxaBBNRkTUjPmlfz-2Bi817W3V0Di1ZzSUjSAjpfBWOkvEu93rCy9Qavs-2F5bVhtPWFxlmopHA-2BvKDl5l8hcKLIkCvCARje01-2BKFjnijpV9aRSRIP-2BzBLwlQjkvHE36uzswpcns-2BocJu57djsTwTd4ZDgb7et9bsdWzmiiewUGinZRaC6NpRTBMKht8XJN4jIIKYeM7eqvq51ehcLBJyOlOOm75rYEhabb5pnY9b3N88tTDFCzpSEwbdW2TOKfF2-2B-2FPUpXe6pYIw-2BJphY95utxA7t7exUoOll-2BOzxsSVb5JIUUWDLE9u1-2FMAeWYBeTlu8w1yXfJcJsh05M-2BjenWldyqpyWQ40uPwAS2SgUxZXTDoMeOaR8AFchOwnfym2SfRHttrRgL49TBCja1B0mzCKrLrHJY5YWjP6NRH6IEsqGpWZNEuhmqUtg3CjMHnbmDKrwL-2BwFpZnqQnAD74UyUFmL133JH07n2lzPEmmQj2zy8RSJdgFaK6L_4pihHygNSB0r9RfW0d44OPXvcAf7zvpIFhJYVITxRG-2BViu7WwO5pIOIjQnSybDuQNyH1dkcGNK4R2-2FXnsZ4jOwzhCJYSFYnSefthEBZrPSeO-2B1I5h0TzyaEoutDI6yckJKNyJM2aaV0-2FXB-2F-2FiEYF4qcm3xwKUZf3jIsDSr-2BDTKrEwysl0TlU4Ywm07IeXcGQ0%Avira URL Cloudsafe
https://email.friendbuy-mail.com/ls/click?upn=u001.-2BQIeNxTGBLUQIKv9gy7yQ7RP4m9yKI9dG-2BAX9Gp74D9l30%Avira URL Cloudsafe
https://lsems.gravityzone.bitdefender.com/static/js/main.d62e4927.js0%Avira URL Cloudsafe
https://lsems.gravityzone.bitdefender.com/index.css0%Avira URL Cloudsafe
https://lsems.gravityzone.bitdefender.com/favicon.ico0%Avira URL Cloudsafe

Domains and IPs

Download Network PCAP: filteredfull

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
api-bd.linkscan.io
13.249.91.68
truefalse
    		high
    google.com
    		142.250.80.78
    		truefalse
      		high
      d3rb3qlp6ej74d.cloudfront.net
      		13.249.91.64
      		truefalse
        		unknown
        d1b13yb8esv0x1.cloudfront.net
        		18.173.132.30
        		truefalse
          		unknown
          www.google.com
          		142.250.81.228
          		truefalse
            		high
            d2srg6h49ykvtq.cloudfront.net
            		3.168.102.96
            		truefalse
              		unknown
              email.friendbuy-mail.com
              		unknown
              		unknownfalse
                		high
                protect.checkpoint.com
                		unknown
                		unknownfalse
                  		high
                  394-kadoma.trakcid.com
                  		unknown
                  		unknownfalse
                    		high
                    lsems.gravityzone.bitdefender.com
                    		unknown
                    		unknownfalse
                      		high

                      Contacted URLs

                      NameMaliciousAntivirus DetectionReputation
                      https://lsems.gravityzone.bitdefender.com/index.cssfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://lsems.gravityzone.bitdefender.com/static/css/main.3dfe9f5e.cssfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://email.friendbuy-mail.com/ls/click?upn=u001.-2BQIeNxTGBLUQIKv9gy7yQ7RP4m9yKI9dG-2BAX9Gp74D9l3WRY8iAhNhjnczqFNE2WPN9tqO1879dysZgbjHqu5ESwz-2BihIgwV02ZrPqxiEEhJISd51l3e5NqIoijohW07oPQ-2BwFJ59zMfcNKMU8CxaBBNRkTUjPmlfz-2Bi817W3V0Di1ZzSUjSAjpfBWOkvEu93rCy9Qavs-2F5bVhtPWFxlmopHA-2BvKDl5l8hcKLIkCvCARje01-2BKFjnijpV9aRSRIP-2BzBLwlQjkvHE36uzswpcns-2BocJu57djsTwTd4ZDgb7et9bsdWzmiiewUGinZRaC6NpRTBMKht8XJN4jIIKYeM7eqvq51ehcLBJyOlOOm75rYEhabb5pnY9b3N88tTDFCzpSEwbdW2TOKfF2-2B-2FPUpXe6pYIw-2BJphY95utxA7t7exUoOll-2BOzxsSVb5JIUUWDLE9u1-2FMAeWYBeTlu8w1yXfJcJsh05M-2BjenWldyqpyWQ40uPwAS2SgUxZXTDoMeOaR8AFchOwnfym2SfRHttrRgL49TBCja1B0mzCKrLrHJY5YWjP6NRH6IEsqGpWZNEuhmqUtg3CjMHnbmDKrwL-2BwFpZnqQnAD74UyUFmL133JH07n2lzPEmmQj2zy8RSJdgFaK6L_4pihHygNSB0r9RfW0d44OPXvcAf7zvpIFhJYVITxRG-2BViu7WwO5pIOIjQnSybDuQNyH1dkcGNK4R2-2FXnsZ4jOwzhCJYSFYnSefthEBZrPSeO-2B1I5h0TzyaEoutDI6yckJKNyJM2aaV0-2FXB-2F-2FiEYF4qcm3xwKUZf3jIsDSr-2BDTKrEwysl0TlU4Ywm07IeXcGQfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://lsems.gravityzone.bitdefender.com/favicon.icofalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://lsems.gravityzone.bitdefender.com/manifest.jsonfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://lsems.gravityzone.bitdefender.com/static/js/main.d62e4927.jsfalse
                      • Avira URL Cloud: safe
                      		unknown
                      NameSourceMaliciousAntivirus DetectionReputation
                      https://394-kadoma.trakcid.com/?u=http:%2F%2Femail.double.serviceautopilot.com%2Fc%2FeJwEwDtuxCAQANDchromecache_64.2.drfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://email.friendbuy-mail.com/ls/click?upn=u001.-2BQIeNxTGBLUQIKv9gy7yQ7RP4m9yKI9dG-2BAX9Gp74D9l3chromecache_64.2.drfalse
                      • Avira URL Cloud: safe
                      		unknown

                      World Map of Contacted IPs

                      • No. of IPs < 25%
                      • 25% < No. of IPs < 50%
                      • 50% < No. of IPs < 75%
                      • 75% < No. of IPs

                      Public IPs

                      IPDomainCountryFlagASNASN NameMalicious
                      13.249.91.49
                      		unknownUnited States
                      		16509AMAZON-02USfalse
                      13.249.91.19
                      		unknownUnited States
                      		16509AMAZON-02USfalse
                      13.249.91.64
                      		d3rb3qlp6ej74d.cloudfront.netUnited States
                      		16509AMAZON-02USfalse
                      18.173.132.30
                      		d1b13yb8esv0x1.cloudfront.netUnited States
                      		3MIT-GATEWAYSUSfalse
                      13.249.91.68
                      		api-bd.linkscan.ioUnited States
                      		16509AMAZON-02USfalse
                      142.250.81.228
                      		www.google.comUnited States
                      		15169GOOGLEUSfalse
                      3.168.102.96
                      		d2srg6h49ykvtq.cloudfront.netUnited States
                      		16509AMAZON-02USfalse

                      Private

                      IP
                      192.168.2.4

                      General Information

                      Joe Sandbox version:42.0.0 Malachite
                      Analysis ID:1649540
                      Start date and time:2025-03-26 21:57:19 +01:00
                      Joe Sandbox product:CloudBasic
                      Overall analysis duration:0h 3m 12s
                      Hypervisor based Inspection enabled:false
                      Report type:full
                      Cookbook file name:browseurl.jbs
                      Sample URL:https://protect.checkpoint.com/v2/r02/___https://lsems.gravityzone.bitdefender.com/xhfsdfMW5hMR*~*QDcqg1KugH/rhrqqgrWni2pyg1KugH/og75AgMRA37Cu37x!i2GzU2ZBRIJzQYOHZZqqYsmZW5OR00KOX83/48p8j0J8ZqF5gYq/X5p/4JhyRpOG1IqMhIh5WIqxR6iX1YmuV1mTfLuz38uCWp/KRqiVYoq5hZbCTIh/4MqE1rinfpmCiY0KZ8i*~*QYOHf1mO48i1RIOfhqGCjLqKW1mPX0SpSYKxR7Z6YsKOg7qvg7m2RIiAZKJyRpO8Wpt6T2uS4rSTX560TJS93ZOHYqOw0K0vZL6x4styRpOuTIJ80ES1RJWuR0u*~*Z60vZ5KvhL4H05cwip06TYSDV8p/Z1K7hD5DWo0n0rm5ZKiLjLCyg8GNVX5DVs4QWLB6gImt35yRX1yIipSGZruqRIJyRpOQWruzf1uB0oqmZqSXX0FyRpO*~*VpC8gKKvf84NWYR7i2uEi8GogsRyRpOA35u6SYipfsSZi6WpSKuJ47N842V/3sSp08uyf1qqi60Mf1/fZrKISp/BZqWHYZytiIm3Xp95fpqOX6qqYYiqh24CSYKqfLSRVpu/Y7CUY758S2O4W1mm3rN6hL/4T1NEYol9iKWJWpS*~*hKSKi7Op0EOZY5yrWoNyRpNyRp4V02G34Y4B1Zq8QYOHXsGt1Yp6i2W9VYi5S70901cUgLByRpOUjsmEZ64nSZuO0002WJCKT2ZCQYOLYZKq06qH40WxiYm8R2q34puoXsStRI0SQYOHfr0z07Cpj2KBj0iWSIG6ZMiGZEOY46091qmZWLcS4ZcmZomGWrStY8iz4sqyRqSrZpm5iMOX45B5T0WHV7umRZNBg2uIX8ORhpmP1Y0407uVSp/XXI4OW2SCW8G21p/Ki1myh0054ESIfp6NgrOyWJyDi5ByRpO8WsGfgsKWgpKJSEW0j00LgZBCRESPXIF8goOxjqGKg16WfoO*~*jYmXZ5up454mXE4R2EWBf1mNj1iTZ5NBhoqX4qhB4IV5Y6G3irSG4oi*~*isGOWrmP104O0MmXWD5DVq4uiYi2i5b6hJqUX1uWgqS/3pW6ZZ*/2*XIKpf7SMYpx5ZoNyRp43gsSfSLuUi8utV5u4Z544gqSq4sWtWZOfhqGY4ZbyRpNCXY0tRKW*~*j1KKg805WJp7j1SwXpyTjZuSRrKm0oFyRp43Vn5DWn5DWrqK1Z35h1SyR8m8X60f4oSvX2SJZ8NyRpOJ0JyDW2i/h7BB0LC0SKq8gYF8X10335iWda99K97K667Kc*~*7K6aFIF/JJbJI/5b8*~*J59I5H78FbH8bc/*~*5Ka*~*/9KHIKJ/Hc77K?h=6&fru;n=6&fru;ithx=6___.YzJlOmdhbmdzdGVyOmM6bzozNzgzODlmOGVjOWFjMDU4ODA2YzZiNzAzODIwZWExYjo3OjE1MzU6MzgzZDA3MjA0MGU4NmVjOTQ5NjUyYWM1MTBkYzkzNzg4ODQ3Mjg0YTJlN2I1MzhlZWM4YWU1YzI1YWE5Y2UxNjpoOlQ6VA
                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                      Number of analysed new started processes analysed:21
                      Number of new started drivers analysed:0
                      Number of existing processes analysed:0
                      Number of existing drivers analysed:0
                      Number of injected processes analysed:0
                      Technologies:
                      • EGA enabled
                      • AMSI enabled
                      Analysis Mode:default
                      Analysis stop reason:Timeout
                      Detection:CLEAN
                      Classification:clean2.win@34/25@69/8
                      • Exclude process from analysis (whitelisted): audiodg.exe, sppsvc.exe, RuntimeBroker.exe, ShellExperienceHost.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, svchost.exe
                      • Excluded IPs from analysis (whitelisted): 142.250.81.238, 142.251.35.163, 172.253.63.84, 142.251.35.174, 142.251.40.234, 184.31.68.248, 142.251.41.3, 23.9.183.29, 4.175.87.197
                      • Excluded domains from analysis (whitelisted): fonts.googleapis.com, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, fonts.gstatic.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com
                      • Not all processes where analyzed, report is missing behavior information
                      • Report size getting too big, too many NtOpenFile calls found.
                      • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                      • VT rate limit hit for: https://protect.checkpoint.com/v2/r02/___https://lsems.gravityzone.bitdefender.com/xhfsdfMW5hMR*~*QDcqg1KugH/rhrqqgrWni2pyg1KugH/og75AgMRA37Cu37x!i2GzU2ZBRIJzQYOHZZqqYsmZW5OR00KOX83/48p8j0J8ZqF5gYq/X5p/4JhyRpOG1IqMhIh5WIqxR6iX1YmuV1mTfLuz38uCWp/KRqiVYoq5hZbCTIh/4MqE1rinfpmCiY0KZ8i*~*QYOHf1mO48i1RIOfhqGCjLqKW1mPX0SpSYKxR7Z6YsKOg7qvg7m2RIiAZKJyRpO8Wpt6T2uS4rSTX560TJS93ZOHYqOw0K0vZL6x4styRpOuTIJ80ES1RJWuR0u*~*Z60vZ5KvhL4H05cwip06TYSDV8p/Z1K7hD5DWo0n0rm5ZKiLjLCyg8GNVX5DVs4QWLB6gImt35yRX1yIipSGZruqRIJyRpOQWruzf1uB0oqmZqSXX0FyRpO*~*VpC8gKKvf84NWYR7i2uEi8GogsRyRpOA35u6SYipfsSZi6WpSKuJ47N842V/3sSp08uyf1qqi60Mf1/fZrKISp/BZqWHYZytiIm3Xp95fpqOX6qqYYiqh24CSYKqfLSRVpu/Y7CUY758S2O4W1mm3rN6hL/4T1NEYol9iKWJWpS*~*hKSKi7Op0EOZY5yrWoNyRpNyRp4V02G34Y4B1Zq8QYOHXsGt1Yp6i2W9VYi5S70901cUgLByRpOUjsmEZ64nSZuO0002WJCKT2ZCQYOLYZKq06qH40WxiYm8R2q34puoXsStRI0SQYOHfr0z07Cpj2KBj0iWSIG6ZMiGZEOY46091qmZWLcS4ZcmZomGWrStY8iz4sqyRqSrZpm5iMOX45B5T0WHV7umRZNBg2uIX8ORhpmP1Y0407uVSp/XXI4OW2SCW8G21p/Ki1myh0054ESIfp6NgrOyWJyDi5

                      Simulations

                      Behavior and APIs

                      TimeTypeDescription
                      16:59:31API Interceptor1x Sleep call for process: MpCmdRun.exe modified

                      Joe Sandbox View / Context

                      IPs

                      No context

                      Domains

                      No context

                      ASNs

                      No context

                      JA3 Fingerprints

                      No context

                      Dropped Files

                      No context

                      Created / dropped Files

                      C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log

                      Download File
                      Process:C:\Program Files\Windows Defender\MpCmdRun.exe
                      File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                      Category:modified
                      Size (bytes):7388
                      Entropy (8bit):3.241362991504136
                      Encrypted:false
                      SSDEEP:96:cEi+AAsoJjykzEJ+AAsoJjykHEb+AAsoJjykh:cN+SoJbO+SoJvQ+SoJp
                      MD5:DFB4714804E9AB873CE5A9D54E90CB31
                      SHA1:E3A661847B116A0B61E2079D48025EEF6E8539F7
                      SHA-256:DB9232EAE4F32C5B740A6CFDE69193DB4244165EE68AF56ADE6ADDF3AFCA4326
                      SHA-512:D1160CEDC89F2E6BF4BBD4F4FB8A3B314ECE7B8B789953866336C66BFB9809AE231A69C54CEA55F2D61823A5806FAD1E14411DA84199093CFB950F191ACD0550
                      Malicious:false
                      Reputation:low
                      Preview:..........-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.....M.p.C.m.d.R.u.n.:. .C.o.m.m.a.n.d. .L.i.n.e.:. .".C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.W.i.n.d.o.w.s. .D.e.f.e.n.d.e.r.\.m.p.c.m.d.r.u.n...e.x.e.". .-.w.d.e.n.a.b.l.e..... .S.t.a.r.t. .T.i.m.e.:. .. W.e.d. .. O.c.t. .. 0.4. .. 2.0.2.3. .1.2.:.0.3.:.4.2.........M.p.E.n.s.u.r.e.P.r.o.c.e.s.s.M.i.t.i.g.a.t.i.o.n.P.o.l.i.c.y.:. .h.r. .=. .0.x.1.....W.D.E.n.a.b.l.e.....*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*. .W.S.C. .S.t.a.t.e. .I.n.f.o. .*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.....*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*. .A.n.t.i.V.i.r.u.s.P.r.o.d.u.c.t. .*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.....d.i.s.p.l.a.y.N.a.m.e. .=. .[.W.i.n.d.o.w.s. .D.e.f.e.n.d.e.r.].....p.a.t.h.T.o.S.i.g.n.e.d.P.r.o.d.u.c.t.E.x.e. .=. .[.w.i.n.d.o.w.s.d.

                      Chrome Cache Entry: 57

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text
                      Category:downloaded
                      Size (bytes):5181
                      Entropy (8bit):5.4308671023934885
                      Encrypted:false
                      SSDEEP:96:vOW/fOWBFZOGOW0xOW+Jc+uKOWVNaOL/fOLBFZOGOL0xOL+Jc+uKOLVNaOxT/fOh:3/H4+01ul//a4z00ukZ/44t0Gu2k
                      MD5:455622883D1E301BE1EB53C2BDE3265E
                      SHA1:66316EB506ACA70529090E179A561A30489F208B
                      SHA-256:0B9666CBBFDF1EA9E4DD777F02FD7EAEA61B39155B3B75958468015E8582B8B7
                      SHA-512:A505AE50D4D8ADD315AABB2185B3345253000A6CCB922B8E7628A4B387A189EB82398D02C5711512F6F5B8C1B86A47561FB9C8D44FEDFE583E0E85FDC24F8AB5
                      Malicious:false
                      Reputation:low
                      URL:"https://fonts.googleapis.com/css?family=Raleway:400,300,600"
                      Preview:/* cyrillic-ext */.@font-face {. font-family: 'Raleway';. font-style: normal;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCAIT5lu.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Raleway';. font-style: normal;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCkIT5lu.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* vietnamese */.@font-face {. font-family: 'Raleway';. font-style: normal;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCIIT5lu.woff2) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;.}./* latin-ext */.@font-face {. font-family: 'Raleway';. font-style

                      Chrome Cache Entry: 58

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JSON data
                      Category:downloaded
                      Size (bytes):290
                      Entropy (8bit):4.599339514022599
                      Encrypted:false
                      SSDEEP:6:3vZFo2FNwXLjQLMzmezk7TWKAKjgwr2GV/cgGTO:fZxWLQq/KUKV/cDTO
                      MD5:B0EFBA333D201884ACE7DA8C274C50D6
                      SHA1:A002E049CA42CE61F0EA10BC61E1B1C5429E2FCB
                      SHA-256:D7B8C28753C9D08EEA6FAA46623E49B15ED65953F0FBDAB304A882DCE53F4738
                      SHA-512:904DBF0DB24CE2C27AC204E1460A465170DC13D531D77F35CABDDAF1ED6F61BC266E799690DC9C967AF742093E0ABBBF9F17AFF474A5F6303DF92BF98C084D0F
                      Malicious:false
                      Reputation:low
                      URL:https://lsems.gravityzone.bitdefender.com/manifest.json
                      Preview:{. "short_name": "Linkscan",. "name": "Linkscan",. "icons": [. {. "src": "favicon.ico",. "sizes": "64x64 32x32 24x24 16x16",. "type": "image/x-icon". }. ],. "start_url": ".",. "display": "standalone",. "theme_color": "#000000",. "background_color": "#ffffff".}.

                      Chrome Cache Entry: 59

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text
                      Category:downloaded
                      Size (bytes):5331
                      Entropy (8bit):5.427833602296715
                      Encrypted:false
                      SSDEEP:96:AOOS79wOOS72FZOhOOS7tOOS7qJc+udOOS7dZNtOOJ9wOOJ2FZOhOOJtOOJqJc+F:N79d7Do7k7CP7db9cDjnCqdw9HDY8CNi
                      MD5:8021688CE829E44A641CAB854B9B2563
                      SHA1:C42C2004293C1BE6E189929F18F12351AF659723
                      SHA-256:C1C404F3BE794B08745D11CF51AA0D698CD1007BD1EC4728A00635EFC8E9EF89
                      SHA-512:F964AF74432D82A1FC25BBE182E04D2972C94F400615AC3D82A63C493A5FAB86293DF8CB2DB7466F89B2691AAAAA12DE18A28741B8DD90BA1FA5E310ABD84506
                      Malicious:false
                      Reputation:low
                      URL:"https://fonts.googleapis.com/css?family=Montserrat:100,200,300"
                      Preview:/* cyrillic-ext */.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459WRhyzbi.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* vietnamese */.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;.}./* latin-ext */.@font-face {. font-f

                      Chrome Cache Entry: 60

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (65465)
                      Category:downloaded
                      Size (bytes):266441
                      Entropy (8bit):5.38023171513072
                      Encrypted:false
                      SSDEEP:6144:DWskVvFOKfg6fvNne+Ax4eynd4F5FB0nO:KVvs96fvNne+Ax4eynd4F5TB
                      MD5:F3DC5FDA1F5ECBD5F39D4BF333D98130
                      SHA1:AA65B906068BC68B300613BA0C72E943601242D7
                      SHA-256:A956CA59B557C7987802906C2EBD2587D27C50EBD6F4950D2A0EF3378D1212E6
                      SHA-512:9E138EB9D0DD010EA9BE116D1193BB8BB1DFC9AF4E4A544C8D63D0342FC553F6BBB43553999322C08BBA1CCE6AA50341345F24D70512B30AD1E0E82D92F93C5D
                      Malicious:false
                      Reputation:low
                      URL:https://lsems.gravityzone.bitdefender.com/static/js/main.d62e4927.js
                      Preview:/*! For license information please see main.d62e4927.js.LICENSE.txt */.!function(){var e={888:function(e,t,n){"use strict";var r=n(47);function a(){}function o(){}o.resetWarningCache=a,e.exports=function(){function e(e,t,n,a,o,i){if(i!==r){var l=new Error("Calling PropTypes validators directly is not supported by the `prop-types` package. Use PropTypes.checkPropTypes() to call them. Read more at http://fb.me/use-check-prop-types");throw l.name="Invariant Violation",l}}function t(){return e}e.isRequired=e;var n={array:e,bigint:e,bool:e,func:e,number:e,object:e,string:e,symbol:e,any:e,arrayOf:t,element:e,elementType:e,instanceOf:t,node:e,objectOf:t,oneOf:t,oneOfType:t,shape:t,exact:t,checkPropTypes:o,resetWarningCache:a};return n.PropTypes=n,n}},7:function(e,t,n){e.exports=n(888)()},47:function(e){"use strict";e.exports="SECRET_DO_NOT_PASS_THIS_OR_YOU_WILL_BE_FIRED"},463:function(e,t,n){"use strict";var r=n(791),a=n(296);function o(e){for(var t="https://reactjs.org/docs/error-decoder.htm

                      Chrome Cache Entry: 61

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JSON data
                      Category:dropped
                      Size (bytes):74
                      Entropy (8bit):4.303132387509518
                      Encrypted:false
                      SSDEEP:3:YAJVA/HWRcMg5DD/MaCZyEgTleQfEXHf+4Y:YAbRe5dLxNEP+4Y
                      MD5:60678DA012E87BEAE573883A0AD8CA1C
                      SHA1:7FB5D80E28CDC13D10B1B7E70DE973C868E1DF1E
                      SHA-256:EC0EC46647A46115CFDE259220AAEC0A0CA75711556C63D5C529B5AFCE29B585
                      SHA-512:C9FF8202FE91D9CA09189E33EDF559AC9E238B2CEE675C2AFBC984A6B9F0E36E8207117DF855359191B391E610B85173E3C5322749A84D519F818DDA29EDEEA6
                      Malicious:false
                      Reputation:low
                      Preview:{"errorType":"string","errorMessage":"Integrity match failure","trace":[]}

                      Chrome Cache Entry: 62

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
                      Category:dropped
                      Size (bytes):17542
                      Entropy (8bit):2.022387726550296
                      Encrypted:false
                      SSDEEP:96:dZLXJ1/zvAjPHzSazN8JE0jzldA+GATg2OZAhBWxcB/MhseBH7p:dZJFzvAD3Kx4kxQ2Id
                      MD5:FBA58480381FEFA10F97BD44C76C87C7
                      SHA1:630C22B495579F0867B451D5D390287862048FF7
                      SHA-256:4A1D64D4748779D6600AD3033848DB32FCC84E4E870CE4E60119D54D9BA3417C
                      SHA-512:A76E0E66AD9C3A4E62941951377A7526CC44F2BC8D01F4084BE8EDA0A0089162F274AEFBFDD293824EBD31A8DB5F27EE0E27E6851E3ACD68EFC226F719EEE7EB
                      Malicious:false
                      Reputation:low
                      Preview:............ .h...F......... ......... .... .....6...00.... ..%......(....... ..... .....@......................................9...........................R....................................................................................................................................................................##..FF..FF..EE..//.............................#................~~......................$$.................T....................}}..............55..............................................}}..............................................................}}......................22......................................}}..............................................................}}..............66......EE.....................r................}}......33..00..........GG.................................."".............................................>.......n..................................................................................................................

                      Chrome Cache Entry: 63

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:HTML document, ASCII text, with very long lines (880), with no line terminators
                      Category:downloaded
                      Size (bytes):880
                      Entropy (8bit):4.941520006172923
                      Encrypted:false
                      SSDEEP:24:0E0sr6FRIPaNFfQA+Sxs+DyVqguC75j2a:0EPvCNdQ4xs+xguC7Rf
                      MD5:EBA76F3B62E097867C0B5D15CF4315AF
                      SHA1:7A3A55B10A7FE8EA26B10598664CA3DE510C1970
                      SHA-256:6974F29C6091A267590F93062B2B159BE95DE6E1AC7DAE30BCE6A3F7E531D450
                      SHA-512:2019D04BB173912A8BE51905FABEAB22FA669408416466D80B3750D2ACB0363ACFAADE8B0A1BFB2CCAF2B7972CC0FE24CE5EDFEA68BF655C1E180FC46ACDFDFA
                      Malicious:false
                      Reputation:low
                      URL:https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0ZhSzZMXzRwaWhIeWdOU0IwcjlSZlcwZDQ0T1BYdmNBZjd6dnBJRmhKWVZJVHhSRy0yQlZpdTdXd081cElPSWpRblN5YkR1UU55SDFka2NHTks0UjItMkZYbnNaNGpPd3poQ0pZU0ZZblNlZnRoRUJaclBTZU8tMkIxSTVoMFR6eWFFb3V0REk2eWNrSktOeUpNMmFhVjAtMkZYQi0yRi0yRmlFWUY0cWNtM3h3S1VaZjNqSXNEU3ItMkJEVEtyRXd5c2wwVGxVNFl3bTA3SWVYY0dR/744F42F112F962F17ADA5EE8ED50836E04D0C23A8C389560F7654FCDFE5C922F?c=1&i=1&docs=1
                      Preview:<!doctype html><html lang="en"><head><meta charset="utf-8"/><link rel="icon" href="/favicon.ico"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><meta name="description" content="Scan"/><link href="https://fonts.googleapis.com/css?family=Montserrat:100,200,300" rel="stylesheet"><link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900"><link href="https://fonts.googleapis.com/css?family=Raleway:400,300,600" rel="stylesheet"><link rel="stylesheet" href="/index.css"/><link rel="manifest" href="/manifest.json"/><title>Scan</title><script defer="defer" src="/static/js/main.d62e4927.js"></script><link href="/static/css/main.3dfe9f5e.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div></body></html>

                      Chrome Cache Entry: 64

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JSON data
                      Category:downloaded
                      Size (bytes):2896
                      Entropy (8bit):6.105085782280111
                      Encrypted:false
                      SSDEEP:48:YNerItNVedbD0gGuQKverItNVedbD0gGuQKZUoCn7WoM3BqOddyq:maItNVedH0gG4vaItNVedH0gG4SBHMRD
                      MD5:08C60801F21664983B006221947E93BA
                      SHA1:EB219F19DAAC47685F059E0A741BA241BBD8E489
                      SHA-256:21EF6C4AAA176A316809FD2A1E84EBFE3EB6AFCE29B95CDAD4DCE3E736BAF58B
                      SHA-512:85444D300912C2171BFD88F42B4F6C81A1FFF80D29B35F90B468236A15C85227FEBE341F8FAB7A9813C2EFC2633BBA43DEB6852A17B62D3B048B04C4ED202214
                      Malicious:false
                      Reputation:low
                      URL:https://api-bd.linkscan.io/scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0ZhSzZMXzRwaWhIeWdOU0IwcjlSZlcwZDQ0T1BYdmNBZjd6dnBJRmhKWVZJVHhSRy0yQlZpdTdXd081cElPSWpRblN5YkR1UU55SDFka2NHTks0UjItMkZYbnNaNGpPd3poQ0pZU0ZZblNlZnRoRUJaclBTZU8tMkIxSTVoMFR6eWFFb3V0REk2eWNrSktOeUpNMmFhVjAtMkZYQi0yRi0yRmlFWUY0cWNtM3h3S1VaZjNqSXNEU3ItMkJEVEtyRXd5c2wwVGxVNFl3bTA3SWVYY0dR/744F42F112F962F17ADA5EE8ED50836E04D0C23A8C389560F7654FCDFE5C922F?i=0&docs=1&s=1
                      Preview:{"success":true,"data":{"originalUrl":"https://email.friendbuy-mail.com/ls/click?upn=u001.-2BQIeNxTGBLUQIKv9gy7yQ7RP4m9yKI9dG-2BAX9Gp74D9l3WRY8iAhNhjnczqFNE2WPN9tqO1879dysZgbjHqu5ESwz-2BihIgwV02ZrPqxiEEhJISd51l3e5NqIoijohW07oPQ-2BwFJ59zMfcNKMU8CxaBBNRkTUjPmlfz-2Bi817W3V0Di1ZzSUjSAjpfBWOkvEu93rCy9Qavs-2F5bVhtPWFxlmopHA-2BvKDl5l8hcKLIkCvCARje01-2BKFjnijpV9aRSRIP-2BzBLwlQjkvHE36uzswpcns-2BocJu57djsTwTd4ZDgb7et9bsdWzmiiewUGinZRaC6NpRTBMKht8XJN4jIIKYeM7eqvq51ehcLBJyOlOOm75rYEhabb5pnY9b3N88tTDFCzpSEwbdW2TOKfF2-2B-2FPUpXe6pYIw-2BJphY95utxA7t7exUoOll-2BOzxsSVb5JIUUWDLE9u1-2FMAeWYBeTlu8w1yXfJcJsh05M-2BjenWldyqpyWQ40uPwAS2SgUxZXTDoMeOaR8AFchOwnfym2SfRHttrRgL49TBCja1B0mzCKrLrHJY5YWjP6NRH6IEsqGpWZNEuhmqUtg3CjMHnbmDKrwL-2BwFpZnqQnAD74UyUFmL133JH07n2lzPEmmQj2zy8RSJdgFaK6L_4pihHygNSB0r9RfW0d44OPXvcAf7zvpIFhJYVITxRG-2BViu7WwO5pIOIjQnSybDuQNyH1dkcGNK4R2-2FXnsZ4jOwzhCJYSFYnSefthEBZrPSeO-2B1I5h0TzyaEoutDI6yckJKNyJM2aaV0-2FXB-2F-2FiEYF4qcm3xwKUZf3jIsDSr-2BDTKrEwysl0TlU4Ywm07IeXcGQ","redirects":["https://e

                      Chrome Cache Entry: 65

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (4539)
                      Category:downloaded
                      Size (bytes):4584
                      Entropy (8bit):4.974616794584777
                      Encrypted:false
                      SSDEEP:48:gaaahdky2/rqcZ98jmVfvNOjmV68nwvPSpw0PSpwVzJkzJK15YnoV:gTIsj98WfvwWOPSPPSYCW5YnoV
                      MD5:8FC5A2F23A27198D9E865E74ADD2673C
                      SHA1:1AB40A13CDEC0C799C4353C2E2F337ECE6511B26
                      SHA-256:D6BEE22B04ACB5F58B62381BB60BF8B88A8F6ACEF191418EE8B6FDDA714535F4
                      SHA-512:30D060728B396F53744124CA56D3F37749341D69305B92836191BF60CD100E6C8CFCB89FA092C3B611FC960B9275F8B112A85B8190F2D5769057A5B4AB61B426
                      Malicious:false
                      Reputation:low
                      URL:https://lsems.gravityzone.bitdefender.com/static/css/main.3dfe9f5e.css
                      Preview:.scanner{-webkit-animation:loader-spin 1.2s linear infinite;animation:loader-spin 1.2s linear infinite;border:2px solid;border-radius:50%;display:inline-block;height:7em;margin-bottom:3.5em;position:relative;vertical-align:top;width:7em}.scan-clean{display:none}.scan-clean-complete.draw:after{-webkit-animation-duration:.8s;animation-duration:.8s;-webkit-animation-name:checkmark;animation-name:checkmark;-webkit-animation-timing-function:ease;animation-timing-function:ease;-webkit-transform:scaleX(-1) rotate(135deg);transform:scaleX(-1) rotate(135deg)}.scan-clean-complete:after{border-right:3px solid #5cb85c;border-top:3px solid #5cb85c;content:"";height:3.5em;left:1.75em;opacity:1;position:absolute;top:3.5em;-webkit-transform-origin:left top;transform-origin:left top;width:1.75em}.scan-warn{display:none}.scan-warn-complete-mac{right:12px;top:10px}.scan-warn-complete,.scan-warn-complete-mac{height:32px;opacity:1;position:absolute;width:32px}.scan-warn-complete{right:11px;top:8px}.scan-wa

                      Chrome Cache Entry: 66

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (1572)
                      Category:downloaded
                      Size (bytes):32322
                      Entropy (8bit):5.248203574173546
                      Encrypted:false
                      SSDEEP:768:DFaF7FOFsFJ4FaLFxF9F/UfY2JSavtpyNSpbJfai0Ydi9+QJEaNPDz4T06JOajp0:6a12mYR
                      MD5:B77408AB912C3AA81C611213204B8F63
                      SHA1:038CAFEBECAD4973BC47B78F5564D7CBDAE51DF2
                      SHA-256:BB125B35229FD1CAAEED80F61895696C448D55487E091E95513A154628D5604E
                      SHA-512:B26981BBB66F6B0E1FE13109E02EDDF582A3AB47D2BFF5351C657D2E8344DF4A4E3F52CDEA35EF4F840C4D7BB0011963BFCCDA747FAE707F5617EB79DC47B06E
                      Malicious:false
                      Reputation:low
                      URL:"https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900"
                      Preview:/* cyrillic-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 100;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3GUBGEe.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 100;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 100;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3CUBGEe.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 100;. font-st

                      Chrome Cache Entry: 67

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Web Open Font Format (Version 2), TrueType, length 37828, version 1.0
                      Category:downloaded
                      Size (bytes):37828
                      Entropy (8bit):7.994199601770781
                      Encrypted:true
                      SSDEEP:768:TLreREud92B1C5buEpioxWe6O1ESHFnLQkbknuF1dcjI5djeBX:Tu68248oxWe6O19H1zwnubdk
                      MD5:50B140B1E97D859D6D0603414F4298EE
                      SHA1:500E4872EE1BA9CF89F1BA626D64987B0F9AB5C9
                      SHA-256:FDC9964050BFA24C27A3C76C6791B3674292A5F352CBC83D7A4DC49595BC3FB1
                      SHA-512:55EF84E956A7943E3FC61A8A349E64E9F35B7DFC63402AB52B995F43A7CD4B1D2ACD300126DCDD610D0B106AF426848F998CCF154F712034422D242D6AD9130D
                      Malicious:false
                      Reputation:low
                      URL:https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
                      Preview:wOF2..............~....C..........................^...V..D?HVAR.'?MVARF.`?STAT.8'2..L+..|.../~.....$.u....0..x.6.$.... .....e..([.lq...{En.0..I..h...[....-y2..)..@(.*....T...K....$E.U.uA.b...AO..CU"O.W.]7..'............a.@...kF9.3.....xV..7.tg4#Ol.x}o.M...w...Q..))..-.i.R..&.P.......N..[F.C...x..9.|.;......d$..L.<......=.M.S..HlLHr.#+.S}..+..C....D..'^..~.}..TeT`%.......^..$....0....1 A.. ...bm..]T.E...n;._Qqm....RK.....=....\{.h.O&.D$.U......YS U..i...@.:W........p..pS....-.w.EQwp@.....},.G.@,....0IAV....P...~..0.....8..f...5..Os...5..P...n&wS+.P:.7.e.$t~.s_...z..3..Z.....}.A..2Uj...@{.:Ln.}.t.....i.>Kl.."RQ..h.;.........%...eY.E?...W..00(.z.ml.J.TPP...........G...6.=.Z%...\T....W..q...9D.m...)6..1..\.....v7......U..jr..-i.c.3iL..,\..!...b.d.A...d..C.....Ra:Q.!.M,.e.S*MC$$M.w..c.151=.m..o@.G$.X..P'..|.E."..Z.k......i"......S8..@.d.....2..t..........{..X.]SN..$....K....j5..e..,.%...T..)+.";@.v...9.R..]......,...W.iY...f..r...Q.FY.P.#...X...S

                      Chrome Cache Entry: 68

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text
                      Category:downloaded
                      Size (bytes):134
                      Entropy (8bit):4.653926345244196
                      Encrypted:false
                      SSDEEP:3:UHFmGOCXLFSKPx/F8SMuHedFF5KlIYC1SnMTJstAJQMTFJAJyJQMTJTgYELvsY:Uc8hRZOSleH+o1SnftASMJA8SA0pAY
                      MD5:6748FBBC7FB3B016E371219D605B1239
                      SHA1:C09D3E7F554638BF5E73D84D6E766BB41165A760
                      SHA-256:00ECFBD7BB7685928F2A5960E1D6F12C1D06E2678A24D822633E9700667489C2
                      SHA-512:69F22028C2AC44EA18AFBE646947C9750E02E2FF2E4819B0F624A45080D8F943ADE6EFFE760A05AEC671C112779758FCBC4DCBA422FDBBC30328129F043CA7A4
                      Malicious:false
                      Reputation:low
                      URL:https://lsems.gravityzone.bitdefender.com/index.css
                      Preview:body {. background-color: #fff;. color: #222;. font-family: Raleway,HelveticaNeue,Helvetica Neue,Helvetica,Arial,sans-serif.}

                      Chrome Cache Entry: 69

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
                      Category:downloaded
                      Size (bytes):17542
                      Entropy (8bit):2.022387726550296
                      Encrypted:false
                      SSDEEP:96:dZLXJ1/zvAjPHzSazN8JE0jzldA+GATg2OZAhBWxcB/MhseBH7p:dZJFzvAD3Kx4kxQ2Id
                      MD5:FBA58480381FEFA10F97BD44C76C87C7
                      SHA1:630C22B495579F0867B451D5D390287862048FF7
                      SHA-256:4A1D64D4748779D6600AD3033848DB32FCC84E4E870CE4E60119D54D9BA3417C
                      SHA-512:A76E0E66AD9C3A4E62941951377A7526CC44F2BC8D01F4084BE8EDA0A0089162F274AEFBFDD293824EBD31A8DB5F27EE0E27E6851E3ACD68EFC226F719EEE7EB
                      Malicious:false
                      Reputation:low
                      URL:https://lsems.gravityzone.bitdefender.com/favicon.ico
                      Preview:............ .h...F......... ......... .... .....6...00.... ..%......(....... ..... .....@......................................9...........................R....................................................................................................................................................................##..FF..FF..EE..//.............................#................~~......................$$.................T....................}}..............55..............................................}}..............................................................}}......................22......................................}}..............................................................}}..............66......EE.....................r................}}......33..00..........GG.................................."".............................................>.......n..................................................................................................................

                      Static File Info

                      No static file info

                      Network Behavior

                      Download Network PCAP: filteredfull

                      Network Port Distribution

                      • Total Packets: 289
                      • 443 (HTTPS)
                      • 80 (HTTP)
                      • 53 (DNS)
                      TimestampSource PortDest PortSource IPDest IP
                      Mar 26, 2025 21:58:14.019938946 CET49680443192.168.2.4204.79.197.222
                      Mar 26, 2025 21:58:16.986787081 CET49671443192.168.2.4204.79.197.203
                      Mar 26, 2025 21:58:17.301264048 CET49671443192.168.2.4204.79.197.203
                      Mar 26, 2025 21:58:17.910543919 CET49671443192.168.2.4204.79.197.203
                      Mar 26, 2025 21:58:19.113650084 CET49671443192.168.2.4204.79.197.203
                      Mar 26, 2025 21:58:21.517137051 CET49671443192.168.2.4204.79.197.203
                      Mar 26, 2025 21:58:23.628823042 CET49680443192.168.2.4204.79.197.222
                      Mar 26, 2025 21:58:25.739137888 CET49678443192.168.2.420.189.173.27
                      Mar 26, 2025 21:58:26.050880909 CET49678443192.168.2.420.189.173.27
                      Mar 26, 2025 21:58:26.332010031 CET49671443192.168.2.4204.79.197.203
                      Mar 26, 2025 21:58:26.660166979 CET49678443192.168.2.420.189.173.27
                      Mar 26, 2025 21:58:26.670521021 CET49731443192.168.2.4142.250.81.228
                      Mar 26, 2025 21:58:26.670608997 CET44349731142.250.81.228192.168.2.4
                      Mar 26, 2025 21:58:26.670721054 CET49731443192.168.2.4142.250.81.228
                      Mar 26, 2025 21:58:26.670896053 CET49731443192.168.2.4142.250.81.228
                      Mar 26, 2025 21:58:26.670917034 CET44349731142.250.81.228192.168.2.4
                      Mar 26, 2025 21:58:26.861218929 CET44349731142.250.81.228192.168.2.4
                      Mar 26, 2025 21:58:26.861309052 CET49731443192.168.2.4142.250.81.228
                      Mar 26, 2025 21:58:26.862368107 CET49731443192.168.2.4142.250.81.228
                      Mar 26, 2025 21:58:26.862394094 CET44349731142.250.81.228192.168.2.4
                      Mar 26, 2025 21:58:26.862740993 CET44349731142.250.81.228192.168.2.4
                      Mar 26, 2025 21:58:26.910224915 CET49731443192.168.2.4142.250.81.228
                      Mar 26, 2025 21:58:27.863575935 CET49678443192.168.2.420.189.173.27
                      Mar 26, 2025 21:58:29.318276882 CET49734443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.318310976 CET443497343.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:29.318366051 CET49734443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.318650007 CET49735443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.318691015 CET443497353.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:29.318747997 CET49735443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.318778038 CET49734443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.318792105 CET443497343.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:29.318847895 CET49735443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.318859100 CET443497353.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:29.500777960 CET443497343.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:29.500953913 CET49734443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.501837969 CET49734443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.501849890 CET443497343.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:29.502196074 CET443497343.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:29.502383947 CET443497353.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:29.502446890 CET49735443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.502463102 CET49734443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.502499104 CET443497343.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:29.503106117 CET49735443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.503112078 CET443497353.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:29.503371954 CET443497353.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:29.553426027 CET49735443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.998006105 CET443497343.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:29.998070955 CET49734443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.998104095 CET443497343.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:29.998121023 CET443497343.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:29.998164892 CET49734443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.998950958 CET49734443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:29.998964071 CET443497343.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:30.136279106 CET49736443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.136306047 CET4434973613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.136363029 CET49736443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.136585951 CET49736443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.136606932 CET4434973613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.272165060 CET49678443192.168.2.420.189.173.27
                      Mar 26, 2025 21:58:30.321276903 CET4434973613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.321664095 CET49736443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.338639021 CET49736443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.338654041 CET4434973613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.339509964 CET4434973613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.345877886 CET49736443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.345952034 CET4434973613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.485583067 CET4434973613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.485848904 CET4434973613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.485995054 CET49736443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.506927967 CET49736443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.506957054 CET4434973613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.539005995 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.539046049 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.539150953 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.539505959 CET49738443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.539589882 CET4434973813.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.539663076 CET49738443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.540069103 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.540081024 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.541156054 CET49738443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.541189909 CET4434973813.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.543800116 CET49739443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.543854952 CET4434973913.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.544151068 CET49739443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.544271946 CET49739443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.544291973 CET4434973913.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.717721939 CET4434973913.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.717753887 CET4434973813.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.718085051 CET49738443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.718116045 CET4434973813.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.718219995 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.718405962 CET49739443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.718422890 CET4434973913.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.718592882 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.718648911 CET49738443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.718655109 CET4434973813.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.718671083 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.718702078 CET49739443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.718707085 CET4434973913.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.718776941 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.718791962 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.885634899 CET4434973813.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.885798931 CET4434973813.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.885893106 CET49738443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.888468027 CET49738443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.888508081 CET4434973813.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.888860941 CET4434973913.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.888926029 CET4434973913.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.889019012 CET49739443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.889077902 CET4434973913.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.890041113 CET4434973913.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.890136957 CET49739443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.891813993 CET49739443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.891844034 CET4434973913.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.904977083 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.905029058 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.905113935 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.905123949 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.905154943 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.905181885 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.905201912 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.972450018 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.972471952 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.972529888 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.972553015 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.972698927 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.989640951 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.989659071 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.989731073 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:30.989753962 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:30.989993095 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.008414030 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.008431911 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.008477926 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.008488894 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.008503914 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.008527994 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.058624983 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.058656931 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.058727980 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.058738947 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.058784962 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.073179960 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.073209047 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.073276043 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.073302031 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.073379040 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.086601973 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.086620092 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.086705923 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.086715937 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.086757898 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.100788116 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.100805044 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.100888014 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.100895882 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.100991964 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.113379955 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.113395929 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.113452911 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.113461971 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.113507032 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.124447107 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.124466896 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.124516964 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.124526024 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.124551058 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.124567032 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.145438910 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.145462990 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.145526886 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.145534039 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.145556927 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.145577908 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.155196905 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.155214071 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.155271053 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.155278921 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.155308008 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.155318022 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.163939953 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.163959026 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.164021015 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.164031982 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.164074898 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.172904015 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.172920942 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.172971964 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.172979116 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.173187017 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.182132959 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.182178020 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.182195902 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.182204008 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.182240009 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.182252884 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.190361023 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.190403938 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.190427065 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.190433025 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.190459013 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.190478086 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.192872047 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.192959070 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.192965984 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.193042040 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.193208933 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.193381071 CET49737443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.193393946 CET4434973713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.295485973 CET49746443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.295542002 CET4434974613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.295631886 CET49746443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.295862913 CET49746443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.295872927 CET4434974613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.295880079 CET49747443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.295979977 CET4434974713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.296071053 CET49747443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.296165943 CET49747443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.296200991 CET4434974713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.450334072 CET49749443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:31.450366020 CET4434974913.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:31.450800896 CET49749443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:31.455756903 CET49749443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:31.455768108 CET4434974913.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:31.472007036 CET4434974713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.472336054 CET49747443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.472390890 CET4434974713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.472671032 CET49747443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.472681046 CET4434974713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.477121115 CET4434974613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.477201939 CET49746443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.478061914 CET49746443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.478070974 CET4434974613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.478291035 CET4434974613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.478601933 CET49746443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.478630066 CET4434974613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.637866020 CET4434974913.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:31.637973070 CET49749443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:31.638917923 CET49749443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:31.638926983 CET4434974913.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:31.639410019 CET4434974913.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:31.639791965 CET49749443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:31.639828920 CET4434974913.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:31.642800093 CET4434974613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.642982006 CET4434974613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.643070936 CET49746443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.643847942 CET49746443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.643865108 CET4434974613.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.665937901 CET4434974713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.665970087 CET4434974713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.665990114 CET4434974713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.666045904 CET49747443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.666115999 CET4434974713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.666148901 CET4434974713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.666155100 CET49747443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.666182041 CET49747443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.666202068 CET49747443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.667186975 CET49747443192.168.2.413.249.91.64
                      Mar 26, 2025 21:58:31.667216063 CET4434974713.249.91.64192.168.2.4
                      Mar 26, 2025 21:58:31.788851976 CET49750443192.168.2.413.249.91.19
                      Mar 26, 2025 21:58:31.788923025 CET4434975013.249.91.19192.168.2.4
                      Mar 26, 2025 21:58:31.788991928 CET49750443192.168.2.413.249.91.19
                      Mar 26, 2025 21:58:31.789155006 CET49750443192.168.2.413.249.91.19
                      Mar 26, 2025 21:58:31.789169073 CET4434975013.249.91.19192.168.2.4
                      Mar 26, 2025 21:58:31.966943979 CET4434975013.249.91.19192.168.2.4
                      Mar 26, 2025 21:58:31.967019081 CET49750443192.168.2.413.249.91.19
                      Mar 26, 2025 21:58:31.971652031 CET49750443192.168.2.413.249.91.19
                      Mar 26, 2025 21:58:31.971662998 CET4434975013.249.91.19192.168.2.4
                      Mar 26, 2025 21:58:31.971908092 CET4434975013.249.91.19192.168.2.4
                      Mar 26, 2025 21:58:31.976186991 CET49750443192.168.2.413.249.91.19
                      Mar 26, 2025 21:58:31.977123976 CET4434974913.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:31.977245092 CET4434974913.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:31.977289915 CET49749443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:31.980201006 CET49749443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:31.980221987 CET4434974913.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:31.983666897 CET49751443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:31.983756065 CET4434975113.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:31.983836889 CET49751443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:31.984019995 CET49751443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:31.984042883 CET4434975113.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:32.020288944 CET4434975013.249.91.19192.168.2.4
                      Mar 26, 2025 21:58:32.133783102 CET4434975013.249.91.19192.168.2.4
                      Mar 26, 2025 21:58:32.147846937 CET4434975013.249.91.19192.168.2.4
                      Mar 26, 2025 21:58:32.147897959 CET4434975013.249.91.19192.168.2.4
                      Mar 26, 2025 21:58:32.147943974 CET49750443192.168.2.413.249.91.19
                      Mar 26, 2025 21:58:32.147984028 CET4434975013.249.91.19192.168.2.4
                      Mar 26, 2025 21:58:32.147996902 CET49750443192.168.2.413.249.91.19
                      Mar 26, 2025 21:58:32.148022890 CET49750443192.168.2.413.249.91.19
                      Mar 26, 2025 21:58:32.150115967 CET4434975013.249.91.19192.168.2.4
                      Mar 26, 2025 21:58:32.150172949 CET49750443192.168.2.413.249.91.19
                      Mar 26, 2025 21:58:32.150190115 CET4434975013.249.91.19192.168.2.4
                      Mar 26, 2025 21:58:32.150260925 CET4434975013.249.91.19192.168.2.4
                      Mar 26, 2025 21:58:32.150319099 CET49750443192.168.2.413.249.91.19
                      Mar 26, 2025 21:58:32.150336981 CET4434975013.249.91.19192.168.2.4
                      Mar 26, 2025 21:58:32.150343895 CET49750443192.168.2.413.249.91.19
                      Mar 26, 2025 21:58:32.164916039 CET4434975113.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:32.165175915 CET49751443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:32.165250063 CET4434975113.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:32.165313005 CET49751443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:32.165328026 CET4434975113.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:33.311778069 CET4968180192.168.2.42.17.190.73
                      Mar 26, 2025 21:58:33.578093052 CET49711443192.168.2.4204.79.197.222
                      Mar 26, 2025 21:58:33.578707933 CET49711443192.168.2.4204.79.197.222
                      Mar 26, 2025 21:58:33.578758001 CET49711443192.168.2.4204.79.197.222
                      Mar 26, 2025 21:58:33.614660025 CET4968180192.168.2.42.17.190.73
                      Mar 26, 2025 21:58:33.661992073 CET44349711204.79.197.222192.168.2.4
                      Mar 26, 2025 21:58:33.662475109 CET44349711204.79.197.222192.168.2.4
                      Mar 26, 2025 21:58:33.662487984 CET44349711204.79.197.222192.168.2.4
                      Mar 26, 2025 21:58:33.663378000 CET44349711204.79.197.222192.168.2.4
                      Mar 26, 2025 21:58:33.663446903 CET49711443192.168.2.4204.79.197.222
                      Mar 26, 2025 21:58:33.663460970 CET44349711204.79.197.222192.168.2.4
                      Mar 26, 2025 21:58:33.663532019 CET49711443192.168.2.4204.79.197.222
                      Mar 26, 2025 21:58:33.665155888 CET44349711204.79.197.222192.168.2.4
                      Mar 26, 2025 21:58:33.665173054 CET44349711204.79.197.222192.168.2.4
                      Mar 26, 2025 21:58:33.665230036 CET49711443192.168.2.4204.79.197.222
                      Mar 26, 2025 21:58:33.665230989 CET49711443192.168.2.4204.79.197.222
                      Mar 26, 2025 21:58:33.717252016 CET49711443192.168.2.4204.79.197.222
                      Mar 26, 2025 21:58:33.801073074 CET44349711204.79.197.222192.168.2.4
                      Mar 26, 2025 21:58:34.223108053 CET4968180192.168.2.42.17.190.73
                      Mar 26, 2025 21:58:34.695435047 CET4434975113.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:34.695467949 CET4434975113.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:34.695553064 CET49751443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:34.695621014 CET4434975113.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:34.695689917 CET49751443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:34.696789026 CET4434975113.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:34.696794033 CET49751443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:34.696877956 CET4434975113.249.91.68192.168.2.4
                      Mar 26, 2025 21:58:34.696952105 CET49751443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:34.696952105 CET49751443192.168.2.413.249.91.68
                      Mar 26, 2025 21:58:34.801322937 CET49755443192.168.2.413.249.91.49
                      Mar 26, 2025 21:58:34.801423073 CET4434975513.249.91.49192.168.2.4
                      Mar 26, 2025 21:58:34.801522017 CET49755443192.168.2.413.249.91.49
                      Mar 26, 2025 21:58:34.804562092 CET49755443192.168.2.413.249.91.49
                      Mar 26, 2025 21:58:34.804603100 CET4434975513.249.91.49192.168.2.4
                      Mar 26, 2025 21:58:34.823441029 CET49756443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:34.823543072 CET4434975618.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:34.823806047 CET49756443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:34.823832989 CET49757443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:34.823879004 CET4434975718.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:34.823935986 CET49757443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:34.824044943 CET49756443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:34.824074030 CET4434975618.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:34.824155092 CET49757443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:34.824167967 CET4434975718.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:34.986201048 CET4434975513.249.91.49192.168.2.4
                      Mar 26, 2025 21:58:34.986426115 CET49755443192.168.2.413.249.91.49
                      Mar 26, 2025 21:58:34.986776114 CET49755443192.168.2.413.249.91.49
                      Mar 26, 2025 21:58:34.986802101 CET4434975513.249.91.49192.168.2.4
                      Mar 26, 2025 21:58:34.987236023 CET4434975513.249.91.49192.168.2.4
                      Mar 26, 2025 21:58:34.987628937 CET49755443192.168.2.413.249.91.49
                      Mar 26, 2025 21:58:34.987673044 CET4434975513.249.91.49192.168.2.4
                      Mar 26, 2025 21:58:35.006599903 CET4434975618.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:35.006688118 CET49756443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:35.007505894 CET4434975718.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:35.007589102 CET49757443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:35.008502007 CET49757443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:35.008528948 CET4434975718.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:35.008945942 CET4434975718.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:35.009356022 CET49757443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:35.009404898 CET4434975718.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:35.011310101 CET49756443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:35.011337042 CET4434975618.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:35.011759996 CET4434975618.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:35.052088022 CET49756443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:35.082380056 CET49678443192.168.2.420.189.173.27
                      Mar 26, 2025 21:58:35.241205931 CET4434975718.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:35.241709948 CET4434975718.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:35.241847992 CET49757443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:35.263747931 CET4434975513.249.91.49192.168.2.4
                      Mar 26, 2025 21:58:35.264328003 CET4434975513.249.91.49192.168.2.4
                      Mar 26, 2025 21:58:35.264394045 CET49755443192.168.2.413.249.91.49
                      Mar 26, 2025 21:58:35.289882898 CET49757443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:35.289925098 CET4434975718.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:35.294490099 CET49755443192.168.2.413.249.91.49
                      Mar 26, 2025 21:58:35.294519901 CET4434975513.249.91.49192.168.2.4
                      Mar 26, 2025 21:58:35.427062035 CET4968180192.168.2.42.17.190.73
                      Mar 26, 2025 21:58:35.938472033 CET49671443192.168.2.4204.79.197.203
                      Mar 26, 2025 21:58:36.841813087 CET44349731142.250.81.228192.168.2.4
                      Mar 26, 2025 21:58:36.841901064 CET44349731142.250.81.228192.168.2.4
                      Mar 26, 2025 21:58:36.841995955 CET49731443192.168.2.4142.250.81.228
                      Mar 26, 2025 21:58:37.304775953 CET49731443192.168.2.4142.250.81.228
                      Mar 26, 2025 21:58:37.304811954 CET44349731142.250.81.228192.168.2.4
                      Mar 26, 2025 21:58:37.831943989 CET4968180192.168.2.42.17.190.73
                      Mar 26, 2025 21:58:42.633369923 CET4968180192.168.2.42.17.190.73
                      Mar 26, 2025 21:58:44.689249039 CET49678443192.168.2.420.189.173.27
                      Mar 26, 2025 21:58:47.818881989 CET49759443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:47.818917036 CET4434975918.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:47.821382999 CET49756443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:47.821547031 CET4434975618.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:47.829297066 CET49759443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:47.829425097 CET49759443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:47.829433918 CET4434975918.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:48.007133961 CET4434975918.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:48.007462978 CET49759443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:48.007472038 CET4434975918.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:48.063174009 CET4434975618.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:48.063380957 CET4434975618.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:48.063643932 CET49756443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:48.063668966 CET4434975618.173.132.30192.168.2.4
                      Mar 26, 2025 21:58:48.063694000 CET49756443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:48.063745975 CET49756443192.168.2.418.173.132.30
                      Mar 26, 2025 21:58:52.241872072 CET4968180192.168.2.42.17.190.73
                      Mar 26, 2025 21:58:59.490051985 CET443497353.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:59.490153074 CET443497353.168.102.96192.168.2.4
                      Mar 26, 2025 21:58:59.490215063 CET49735443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:59.653337955 CET49735443192.168.2.43.168.102.96
                      Mar 26, 2025 21:58:59.653371096 CET443497353.168.102.96192.168.2.4
                      Mar 26, 2025 21:59:06.573076010 CET4971680192.168.2.4142.251.32.99
                      Mar 26, 2025 21:59:06.573277950 CET4971780192.168.2.423.210.73.6
                      Mar 26, 2025 21:59:06.573510885 CET4971980192.168.2.423.210.73.6
                      Mar 26, 2025 21:59:06.657195091 CET8049716142.251.32.99192.168.2.4
                      Mar 26, 2025 21:59:06.657277107 CET4971680192.168.2.4142.251.32.99
                      Mar 26, 2025 21:59:06.657522917 CET804971723.210.73.6192.168.2.4
                      Mar 26, 2025 21:59:06.657578945 CET4971780192.168.2.423.210.73.6
                      Mar 26, 2025 21:59:06.658572912 CET804971923.210.73.6192.168.2.4
                      Mar 26, 2025 21:59:06.658643007 CET4971980192.168.2.423.210.73.6
                      Mar 26, 2025 21:59:06.916049957 CET49718443192.168.2.423.57.90.144
                      Mar 26, 2025 21:59:06.916430950 CET4972080192.168.2.423.210.73.6
                      Mar 26, 2025 21:59:17.999362946 CET4434975918.173.132.30192.168.2.4
                      Mar 26, 2025 21:59:17.999553919 CET4434975918.173.132.30192.168.2.4
                      Mar 26, 2025 21:59:17.999603987 CET49759443192.168.2.418.173.132.30
                      Mar 26, 2025 21:59:19.302220106 CET49759443192.168.2.418.173.132.30
                      Mar 26, 2025 21:59:19.302237988 CET4434975918.173.132.30192.168.2.4
                      Mar 26, 2025 21:59:26.645759106 CET49767443192.168.2.4142.250.81.228
                      Mar 26, 2025 21:59:26.645818949 CET44349767142.250.81.228192.168.2.4
                      Mar 26, 2025 21:59:26.646034956 CET49767443192.168.2.4142.250.81.228
                      Mar 26, 2025 21:59:26.646075964 CET49767443192.168.2.4142.250.81.228
                      Mar 26, 2025 21:59:26.646085024 CET44349767142.250.81.228192.168.2.4
                      Mar 26, 2025 21:59:26.829672098 CET44349767142.250.81.228192.168.2.4
                      Mar 26, 2025 21:59:26.830132008 CET49767443192.168.2.4142.250.81.228
                      Mar 26, 2025 21:59:26.830173969 CET44349767142.250.81.228192.168.2.4
                      Mar 26, 2025 21:59:36.818805933 CET44349767142.250.81.228192.168.2.4
                      Mar 26, 2025 21:59:36.818948984 CET44349767142.250.81.228192.168.2.4
                      Mar 26, 2025 21:59:36.819149017 CET49767443192.168.2.4142.250.81.228
                      Mar 26, 2025 21:59:37.304646015 CET49767443192.168.2.4142.250.81.228
                      Mar 26, 2025 21:59:37.304688931 CET44349767142.250.81.228192.168.2.4
                      TimestampSource PortDest PortSource IPDest IP
                      Mar 26, 2025 21:58:23.302403927 CET53539991.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:23.304807901 CET53492281.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:24.033907890 CET53562591.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:26.586431980 CET5950853192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:26.586865902 CET5722853192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:26.669481993 CET53595081.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:26.669614077 CET53572281.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:29.233988047 CET5385853192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:29.234170914 CET6098253192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:29.317455053 CET53538581.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:29.317476034 CET53609821.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:30.001974106 CET5301953192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:30.002141953 CET6519453192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:30.122808933 CET53651941.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:30.135318995 CET53530191.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:30.619959116 CET53544001.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:31.290465117 CET5731653192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:31.290951014 CET5491753192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:31.415492058 CET53573161.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:31.441355944 CET53549171.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:31.671392918 CET4943353192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:31.671545982 CET6167153192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:31.754264116 CET53494331.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:31.754288912 CET53616711.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:34.714029074 CET5932053192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:34.714029074 CET5549253192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:34.717205048 CET4920353192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:34.717314005 CET6476953192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:34.800127983 CET53492031.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:34.800167084 CET53647691.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:34.816807032 CET53593201.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:34.822767973 CET53554921.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:35.295619965 CET6339753192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:35.295902967 CET6023253192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:36.307254076 CET5743653192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:36.307518959 CET5926753192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:38.334148884 CET5893453192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:39.341886044 CET5893453192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:40.357240915 CET5893453192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:41.119571924 CET53602261.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:42.365056992 CET5893453192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:46.365581989 CET5893453192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:50.391520977 CET5436053192.168.2.48.8.8.8
                      Mar 26, 2025 21:58:50.393701077 CET5732453192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:50.474848032 CET53543608.8.8.8192.168.2.4
                      Mar 26, 2025 21:58:50.476507902 CET53573241.1.1.1192.168.2.4
                      Mar 26, 2025 21:58:51.406569004 CET6524253192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:51.406569004 CET5862053192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:52.455916882 CET5229153192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:52.456636906 CET6480853192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:54.491204977 CET5070753192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:55.493294001 CET5070753192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:56.495024920 CET5070753192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:58.508085966 CET5070753192.168.2.41.1.1.1
                      Mar 26, 2025 21:58:59.884816885 CET53521581.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:00.814749956 CET5356284162.159.36.2192.168.2.4
                      Mar 26, 2025 21:59:02.516508102 CET5070753192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:06.532712936 CET5531153192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:06.532732964 CET5094053192.168.2.48.8.8.8
                      Mar 26, 2025 21:59:06.618042946 CET53553111.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:06.618082047 CET53509408.8.8.8192.168.2.4
                      Mar 26, 2025 21:59:08.643757105 CET5155853192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:08.643906116 CET5251053192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:09.666956902 CET6163853192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:09.667196035 CET6184353192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:11.695172071 CET6011253192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:12.706017971 CET6011253192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:13.709100962 CET6011253192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:15.720273972 CET6011253192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:17.588696957 CET53601121.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:17.588746071 CET53601121.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:17.685348988 CET5232053192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:17.685667992 CET5167353192.168.2.48.8.8.8
                      Mar 26, 2025 21:59:17.768918991 CET53523201.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:17.768949032 CET53516738.8.8.8192.168.2.4
                      Mar 26, 2025 21:59:22.694813013 CET5007753192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:22.695076942 CET5814253192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:22.730135918 CET53642681.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:22.778013945 CET53500771.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:22.778075933 CET53581421.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:22.778819084 CET5357453192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:22.779051065 CET6138953192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:22.862158060 CET53535741.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:22.862221003 CET53613891.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:22.863106012 CET4974353192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:22.946300983 CET53497431.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:23.001574039 CET53505551.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:26.272953987 CET5146753192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:26.273015976 CET6246653192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:26.806787014 CET138138192.168.2.4192.168.2.255
                      Mar 26, 2025 21:59:27.285643101 CET6023953192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:27.285847902 CET5660653192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:29.308043003 CET5058253192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:30.308963060 CET5058253192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:31.314759016 CET5058253192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:33.328242064 CET5058253192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:37.334227085 CET5058253192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:41.369750977 CET6045053192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:41.370078087 CET6490453192.168.2.48.8.8.8
                      Mar 26, 2025 21:59:41.452909946 CET53604501.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:41.453007936 CET53649048.8.8.8192.168.2.4
                      Mar 26, 2025 21:59:43.859559059 CET4967153192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:43.859652042 CET5138153192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:44.878851891 CET5959953192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:44.878851891 CET5077253192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:46.848690033 CET53595991.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:46.848720074 CET53496711.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:46.849386930 CET53507721.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:46.849400997 CET53513811.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:46.849839926 CET5311153192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:46.933053970 CET53531111.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:46.946603060 CET5475353192.168.2.41.1.1.1
                      Mar 26, 2025 21:59:46.946793079 CET6471853192.168.2.48.8.8.8
                      Mar 26, 2025 21:59:47.029572010 CET53547531.1.1.1192.168.2.4
                      Mar 26, 2025 21:59:47.029685974 CET53647188.8.8.8192.168.2.4
                      TimestampSource IPDest IPChecksumCodeType
                      Mar 26, 2025 21:59:46.849838972 CET192.168.2.41.1.1.1c1ec(Port unreachable)Destination Unreachable

                      DNS Queries

                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                      Mar 26, 2025 21:58:26.586431980 CET192.168.2.41.1.1.10xdabcStandard query (0)www.google.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:26.586865902 CET192.168.2.41.1.1.10xdc7eStandard query (0)www.google.com65IN (0x0001)false
                      Mar 26, 2025 21:58:29.233988047 CET192.168.2.41.1.1.10xce8eStandard query (0)protect.checkpoint.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:29.234170914 CET192.168.2.41.1.1.10xbf65Standard query (0)protect.checkpoint.com65IN (0x0001)false
                      Mar 26, 2025 21:58:30.001974106 CET192.168.2.41.1.1.10xeee4Standard query (0)lsems.gravityzone.bitdefender.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:30.002141953 CET192.168.2.41.1.1.10x966bStandard query (0)lsems.gravityzone.bitdefender.com65IN (0x0001)false
                      Mar 26, 2025 21:58:31.290465117 CET192.168.2.41.1.1.10x328cStandard query (0)api-bd.linkscan.ioA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:31.290951014 CET192.168.2.41.1.1.10xc328Standard query (0)api-bd.linkscan.io65IN (0x0001)false
                      Mar 26, 2025 21:58:31.671392918 CET192.168.2.41.1.1.10x212aStandard query (0)lsems.gravityzone.bitdefender.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:31.671545982 CET192.168.2.41.1.1.10xe0ecStandard query (0)lsems.gravityzone.bitdefender.com65IN (0x0001)false
                      Mar 26, 2025 21:58:34.714029074 CET192.168.2.41.1.1.10x5f57Standard query (0)email.friendbuy-mail.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:34.714029074 CET192.168.2.41.1.1.10x167cStandard query (0)email.friendbuy-mail.com65IN (0x0001)false
                      Mar 26, 2025 21:58:34.717205048 CET192.168.2.41.1.1.10xdc0fStandard query (0)api-bd.linkscan.ioA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:34.717314005 CET192.168.2.41.1.1.10x6548Standard query (0)api-bd.linkscan.io65IN (0x0001)false
                      Mar 26, 2025 21:58:35.295619965 CET192.168.2.41.1.1.10x6767Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:35.295902967 CET192.168.2.41.1.1.10x33b9Standard query (0)394-kadoma.trakcid.com65IN (0x0001)false
                      Mar 26, 2025 21:58:36.307254076 CET192.168.2.41.1.1.10x39a2Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:36.307518959 CET192.168.2.41.1.1.10x9405Standard query (0)394-kadoma.trakcid.com65IN (0x0001)false
                      Mar 26, 2025 21:58:38.334148884 CET192.168.2.41.1.1.10x42e9Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:39.341886044 CET192.168.2.41.1.1.10x42e9Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:40.357240915 CET192.168.2.41.1.1.10x42e9Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:42.365056992 CET192.168.2.41.1.1.10x42e9Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:46.365581989 CET192.168.2.41.1.1.10x42e9Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:50.391520977 CET192.168.2.48.8.8.80x958bStandard query (0)google.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:50.393701077 CET192.168.2.41.1.1.10xa95fStandard query (0)google.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:51.406569004 CET192.168.2.41.1.1.10xbc5fStandard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:51.406569004 CET192.168.2.41.1.1.10xe99bStandard query (0)394-kadoma.trakcid.com65IN (0x0001)false
                      Mar 26, 2025 21:58:52.455916882 CET192.168.2.41.1.1.10xde01Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:52.456636906 CET192.168.2.41.1.1.10x4a31Standard query (0)394-kadoma.trakcid.com65IN (0x0001)false
                      Mar 26, 2025 21:58:54.491204977 CET192.168.2.41.1.1.10x7054Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:55.493294001 CET192.168.2.41.1.1.10x7054Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:56.495024920 CET192.168.2.41.1.1.10x7054Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:58.508085966 CET192.168.2.41.1.1.10x7054Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:02.516508102 CET192.168.2.41.1.1.10x7054Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:06.532712936 CET192.168.2.41.1.1.10xc31fStandard query (0)google.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:06.532732964 CET192.168.2.48.8.8.80x181fStandard query (0)google.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:08.643757105 CET192.168.2.41.1.1.10x5d78Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:08.643906116 CET192.168.2.41.1.1.10x3a0eStandard query (0)394-kadoma.trakcid.com65IN (0x0001)false
                      Mar 26, 2025 21:59:09.666956902 CET192.168.2.41.1.1.10x59cdStandard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:09.667196035 CET192.168.2.41.1.1.10xb7d8Standard query (0)394-kadoma.trakcid.com65IN (0x0001)false
                      Mar 26, 2025 21:59:11.695172071 CET192.168.2.41.1.1.10x425eStandard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:12.706017971 CET192.168.2.41.1.1.10x425eStandard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:13.709100962 CET192.168.2.41.1.1.10x425eStandard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:15.720273972 CET192.168.2.41.1.1.10x425eStandard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:17.685348988 CET192.168.2.41.1.1.10xb895Standard query (0)google.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:17.685667992 CET192.168.2.48.8.8.80xa808Standard query (0)google.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:22.694813013 CET192.168.2.41.1.1.10xc855Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:22.695076942 CET192.168.2.41.1.1.10xc0beStandard query (0)394-kadoma.trakcid.com65IN (0x0001)false
                      Mar 26, 2025 21:59:22.778819084 CET192.168.2.41.1.1.10x99e0Standard query (0)394-kadoma.trakcid.com65IN (0x0001)false
                      Mar 26, 2025 21:59:22.779051065 CET192.168.2.41.1.1.10xb959Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:22.863106012 CET192.168.2.41.1.1.10x29d1Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:26.272953987 CET192.168.2.41.1.1.10xfaf9Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:26.273015976 CET192.168.2.41.1.1.10x3b38Standard query (0)394-kadoma.trakcid.com65IN (0x0001)false
                      Mar 26, 2025 21:59:27.285643101 CET192.168.2.41.1.1.10xb89Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:27.285847902 CET192.168.2.41.1.1.10xdfc9Standard query (0)394-kadoma.trakcid.com65IN (0x0001)false
                      Mar 26, 2025 21:59:29.308043003 CET192.168.2.41.1.1.10xf459Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:30.308963060 CET192.168.2.41.1.1.10xf459Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:31.314759016 CET192.168.2.41.1.1.10xf459Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:33.328242064 CET192.168.2.41.1.1.10xf459Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:37.334227085 CET192.168.2.41.1.1.10xf459Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:41.369750977 CET192.168.2.41.1.1.10xd5ddStandard query (0)google.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:41.370078087 CET192.168.2.48.8.8.80xf54eStandard query (0)google.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:43.859559059 CET192.168.2.41.1.1.10xf1c4Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:43.859652042 CET192.168.2.41.1.1.10x9f41Standard query (0)394-kadoma.trakcid.com65IN (0x0001)false
                      Mar 26, 2025 21:59:44.878851891 CET192.168.2.41.1.1.10x668fStandard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:44.878851891 CET192.168.2.41.1.1.10xbc9cStandard query (0)394-kadoma.trakcid.com65IN (0x0001)false
                      Mar 26, 2025 21:59:46.849839926 CET192.168.2.41.1.1.10xe791Standard query (0)394-kadoma.trakcid.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:46.946603060 CET192.168.2.41.1.1.10x9d9fStandard query (0)google.comA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:46.946793079 CET192.168.2.48.8.8.80xd0f6Standard query (0)google.comA (IP address)IN (0x0001)false

                      DNS Answers

                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                      Mar 26, 2025 21:58:26.669481993 CET1.1.1.1192.168.2.40xdabcNo error (0)www.google.com142.250.81.228A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:26.669614077 CET1.1.1.1192.168.2.40xdc7eNo error (0)www.google.com65IN (0x0001)false
                      Mar 26, 2025 21:58:29.317455053 CET1.1.1.1192.168.2.40xce8eNo error (0)protect.checkpoint.comcp.url-protection.comCNAME (Canonical name)IN (0x0001)false
                      Mar 26, 2025 21:58:29.317455053 CET1.1.1.1192.168.2.40xce8eNo error (0)cp.url-protection.comd2srg6h49ykvtq.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                      Mar 26, 2025 21:58:29.317455053 CET1.1.1.1192.168.2.40xce8eNo error (0)d2srg6h49ykvtq.cloudfront.net3.168.102.96A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:29.317455053 CET1.1.1.1192.168.2.40xce8eNo error (0)d2srg6h49ykvtq.cloudfront.net3.168.102.114A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:29.317455053 CET1.1.1.1192.168.2.40xce8eNo error (0)d2srg6h49ykvtq.cloudfront.net3.168.102.95A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:29.317455053 CET1.1.1.1192.168.2.40xce8eNo error (0)d2srg6h49ykvtq.cloudfront.net3.168.102.38A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:29.317476034 CET1.1.1.1192.168.2.40xbf65No error (0)protect.checkpoint.comcp.url-protection.comCNAME (Canonical name)IN (0x0001)false
                      Mar 26, 2025 21:58:29.317476034 CET1.1.1.1192.168.2.40xbf65No error (0)cp.url-protection.comd2srg6h49ykvtq.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                      Mar 26, 2025 21:58:30.122808933 CET1.1.1.1192.168.2.40x966bNo error (0)lsems.gravityzone.bitdefender.comd3rb3qlp6ej74d.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                      Mar 26, 2025 21:58:30.135318995 CET1.1.1.1192.168.2.40xeee4No error (0)lsems.gravityzone.bitdefender.comd3rb3qlp6ej74d.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                      Mar 26, 2025 21:58:30.135318995 CET1.1.1.1192.168.2.40xeee4No error (0)d3rb3qlp6ej74d.cloudfront.net13.249.91.64A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:30.135318995 CET1.1.1.1192.168.2.40xeee4No error (0)d3rb3qlp6ej74d.cloudfront.net13.249.91.40A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:30.135318995 CET1.1.1.1192.168.2.40xeee4No error (0)d3rb3qlp6ej74d.cloudfront.net13.249.91.12A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:30.135318995 CET1.1.1.1192.168.2.40xeee4No error (0)d3rb3qlp6ej74d.cloudfront.net13.249.91.19A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:31.415492058 CET1.1.1.1192.168.2.40x328cNo error (0)api-bd.linkscan.io13.249.91.68A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:31.415492058 CET1.1.1.1192.168.2.40x328cNo error (0)api-bd.linkscan.io13.249.91.66A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:31.415492058 CET1.1.1.1192.168.2.40x328cNo error (0)api-bd.linkscan.io13.249.91.49A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:31.415492058 CET1.1.1.1192.168.2.40x328cNo error (0)api-bd.linkscan.io13.249.91.122A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:31.754264116 CET1.1.1.1192.168.2.40x212aNo error (0)lsems.gravityzone.bitdefender.comd3rb3qlp6ej74d.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                      Mar 26, 2025 21:58:31.754264116 CET1.1.1.1192.168.2.40x212aNo error (0)d3rb3qlp6ej74d.cloudfront.net13.249.91.19A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:31.754264116 CET1.1.1.1192.168.2.40x212aNo error (0)d3rb3qlp6ej74d.cloudfront.net13.249.91.64A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:31.754264116 CET1.1.1.1192.168.2.40x212aNo error (0)d3rb3qlp6ej74d.cloudfront.net13.249.91.40A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:31.754264116 CET1.1.1.1192.168.2.40x212aNo error (0)d3rb3qlp6ej74d.cloudfront.net13.249.91.12A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:31.754288912 CET1.1.1.1192.168.2.40xe0ecNo error (0)lsems.gravityzone.bitdefender.comd3rb3qlp6ej74d.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                      Mar 26, 2025 21:58:34.800127983 CET1.1.1.1192.168.2.40xdc0fNo error (0)api-bd.linkscan.io13.249.91.49A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:34.800127983 CET1.1.1.1192.168.2.40xdc0fNo error (0)api-bd.linkscan.io13.249.91.66A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:34.800127983 CET1.1.1.1192.168.2.40xdc0fNo error (0)api-bd.linkscan.io13.249.91.68A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:34.800127983 CET1.1.1.1192.168.2.40xdc0fNo error (0)api-bd.linkscan.io13.249.91.122A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:34.816807032 CET1.1.1.1192.168.2.40x5f57No error (0)email.friendbuy-mail.comd1b13yb8esv0x1.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                      Mar 26, 2025 21:58:34.816807032 CET1.1.1.1192.168.2.40x5f57No error (0)d1b13yb8esv0x1.cloudfront.net18.173.132.30A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:34.816807032 CET1.1.1.1192.168.2.40x5f57No error (0)d1b13yb8esv0x1.cloudfront.net18.173.132.49A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:34.816807032 CET1.1.1.1192.168.2.40x5f57No error (0)d1b13yb8esv0x1.cloudfront.net18.173.132.107A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:34.816807032 CET1.1.1.1192.168.2.40x5f57No error (0)d1b13yb8esv0x1.cloudfront.net18.173.132.68A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:34.822767973 CET1.1.1.1192.168.2.40x167cNo error (0)email.friendbuy-mail.comd1b13yb8esv0x1.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                      Mar 26, 2025 21:58:50.474848032 CET8.8.8.8192.168.2.40x958bNo error (0)google.com142.250.80.78A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:58:50.476507902 CET1.1.1.1192.168.2.40xa95fNo error (0)google.com142.250.80.78A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:06.618042946 CET1.1.1.1192.168.2.40xc31fNo error (0)google.com142.250.80.78A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:06.618082047 CET8.8.8.8192.168.2.40x181fNo error (0)google.com142.250.80.78A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:17.588696957 CET1.1.1.1192.168.2.40x425eServer failure (2)394-kadoma.trakcid.comnonenoneA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:17.588746071 CET1.1.1.1192.168.2.40x425eServer failure (2)394-kadoma.trakcid.comnonenoneA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:17.768918991 CET1.1.1.1192.168.2.40xb895No error (0)google.com142.250.80.78A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:17.768949032 CET8.8.8.8192.168.2.40xa808No error (0)google.com142.250.80.78A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:22.778013945 CET1.1.1.1192.168.2.40xc855Server failure (2)394-kadoma.trakcid.comnonenoneA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:22.778075933 CET1.1.1.1192.168.2.40xc0beServer failure (2)394-kadoma.trakcid.comnonenone65IN (0x0001)false
                      Mar 26, 2025 21:59:22.862158060 CET1.1.1.1192.168.2.40x99e0Server failure (2)394-kadoma.trakcid.comnonenone65IN (0x0001)false
                      Mar 26, 2025 21:59:22.862221003 CET1.1.1.1192.168.2.40xb959Server failure (2)394-kadoma.trakcid.comnonenoneA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:22.946300983 CET1.1.1.1192.168.2.40x29d1Server failure (2)394-kadoma.trakcid.comnonenoneA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:41.452909946 CET1.1.1.1192.168.2.40xd5ddNo error (0)google.com142.250.80.78A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:41.453007936 CET8.8.8.8192.168.2.40xf54eNo error (0)google.com142.250.80.78A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:46.848690033 CET1.1.1.1192.168.2.40x668fServer failure (2)394-kadoma.trakcid.comnonenoneA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:46.848720074 CET1.1.1.1192.168.2.40xf1c4Server failure (2)394-kadoma.trakcid.comnonenoneA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:46.849386930 CET1.1.1.1192.168.2.40xbc9cServer failure (2)394-kadoma.trakcid.comnonenone65IN (0x0001)false
                      Mar 26, 2025 21:59:46.849400997 CET1.1.1.1192.168.2.40x9f41Server failure (2)394-kadoma.trakcid.comnonenone65IN (0x0001)false
                      Mar 26, 2025 21:59:46.933053970 CET1.1.1.1192.168.2.40xe791Server failure (2)394-kadoma.trakcid.comnonenoneA (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:47.029572010 CET1.1.1.1192.168.2.40x9d9fNo error (0)google.com142.250.80.78A (IP address)IN (0x0001)false
                      Mar 26, 2025 21:59:47.029685974 CET8.8.8.8192.168.2.40xd0f6No error (0)google.com142.250.80.78A (IP address)IN (0x0001)false

                      HTTP Request Dependency Graph

                      • protect.checkpoint.com
                      • lsems.gravityzone.bitdefender.com
                        • email.friendbuy-mail.com
                      • unknownsec-ch-ua-mobile:
                        • api-bd.linkscan.io

                      HTTPS Proxied Packets

                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      0192.168.2.4497343.168.102.964436168C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-26 20:58:29 UTC2265OUTGET /v2/r02/___https://lsems.gravityzone.bitdefender.com/xhfsdfMW5hMR*~*QDcqg1KugH/rhrqqgrWni2pyg1KugH/og75AgMRA37Cu37x!i2GzU2ZBRIJzQYOHZZqqYsmZW5OR00KOX83/48p8j0J8ZqF5gYq/X5p/4JhyRpOG1IqMhIh5WIqxR6iX1YmuV1mTfLuz38uCWp/KRqiVYoq5hZbCTIh/4MqE1rinfpmCiY0KZ8i*~*QYOHf1mO48i1RIOfhqGCjLqKW1mPX0SpSYKxR7Z6YsKOg7qvg7m2RIiAZKJyRpO8Wpt6T2uS4rSTX560TJS93ZOHYqOw0K0vZL6x4styRpOuTIJ80ES1RJWuR0u*~*Z60vZ5KvhL4H05cwip06TYSDV8p/Z1K7hD5DWo0n0rm5ZKiLjLCyg8GNVX5DVs4QWLB6gImt35yRX1yIipSGZruqRIJyRpOQWruzf1uB0oqmZqSXX0FyRpO*~*VpC8gKKvf84NWYR7i2uEi8GogsRyRpOA35u6SYipfsSZi6WpSKuJ47N842V/3sSp08uyf1qqi60Mf1/fZrKISp/BZqWHYZytiIm3Xp95fpqOX6qqYYiqh24CSYKqfLSRVpu/Y7CUY758S2O4W1mm3rN6hL/4T1NEYol9iKWJWpS*~*hKSKi7Op0EOZY5yrWoNyRpNyRp4V02G34Y4B1Zq8QYOHXsGt1Yp6i2W9VYi5S70901cUgLByRpOUjsmEZ64nSZuO0002WJCKT2ZCQYOLYZKq06qH40WxiYm8R2q34puoXsStRI0SQYOHfr0z07Cpj2KBj0iWSIG6ZMiGZEOY46091qmZWLcS4ZcmZomGWrStY8iz4sqyRqSrZpm5iMOX45B5T0WHV7umRZNBg2uIX8ORhpmP1Y0407uVSp/XXI4OW2SCW8G21p/Ki1myh0054ESIfp6NgrOyWJyDi5ByRpO8WsGfgsKWgpKJSEW0j00LgZBCRESPXIF8goOxjqGKg16W [TRUNCATED]
                      Host: protect.checkpoint.com
                      Connection: keep-alive
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      sec-ch-ua-platform: "Windows"
                      Upgrade-Insecure-Requests: 1
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                      Sec-Fetch-Site: none
                      Sec-Fetch-Mode: navigate
                      Sec-Fetch-User: ?1
                      Sec-Fetch-Dest: document
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-26 20:58:29 UTC1844INHTTP/1.1 302 Found
                      Content-Length: 0
                      Connection: close
                      Date: Wed, 26 Mar 2025 20:58:29 GMT
                      set-cookie: x-cloud-sec-ctp = b2985b26-4d20-40aa-8e72-bd779c20c29c; Secure; HttpOnly; path=/; expires=26-Mar-2026 20:58:29 GMT
                      location: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0Z [TRUNCATED]
                      Apigw-Requestid: IDWSdioIjoEEJMQ=
                      X-Cache: Miss from cloudfront
                      Via: 1.1 2f9dde02d417472d74833382d313abde.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: JFK52-P6
                      X-Amz-Cf-Id: 8BOzq-2aNIKFMCxKAoMY191djXIR0kk9dty5U-2TVL-DWaOgdFZFxg==


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      1192.168.2.44973613.249.91.644436168C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-26 20:58:30 UTC2016OUTGET /scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0ZhSzZMXzRwaWhIeWdOU0IwcjlSZlcwZDQ0T1BYdmNBZjd6dn [TRUNCATED]
                      Host: lsems.gravityzone.bitdefender.com
                      Connection: keep-alive
                      Upgrade-Insecure-Requests: 1
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                      Sec-Fetch-Site: none
                      Sec-Fetch-Mode: navigate
                      Sec-Fetch-User: ?1
                      Sec-Fetch-Dest: document
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      sec-ch-ua-platform: "Windows"
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-26 20:58:30 UTC608INHTTP/1.1 200 OK
                      Content-Type: text/html
                      Content-Length: 880
                      Connection: close
                      Last-Modified: Wed, 19 Mar 2025 09:57:27 GMT
                      x-amz-server-side-encryption: AES256
                      Accept-Ranges: bytes
                      Server: AmazonS3
                      Via: 1.1 90ac509e6263ee9fa7bb3f1ed1f46118.cloudfront.net (CloudFront), 1.1 9b0814f74b20835098fe6c38b6ceeac4.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: IAD55-P3
                      Date: Wed, 26 Mar 2025 15:24:46 GMT
                      ETag: "eba76f3b62e097867c0b5d15cf4315af"
                      Vary: Accept-Encoding
                      X-Cache: Hit from cloudfront
                      X-Amz-Cf-Pop: JFK52-P9
                      X-Amz-Cf-Id: TOepKf8OARkUGVs_o83JaDW6Y0DTCccyluCR2Fmxtg7Og81RXT8GFA==
                      Age: 20025
                      2025-03-26 20:58:30 UTC880INData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 30 30 30 30 30 30 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 53 63 61 6e 22 2f 3e 3c 6c 69 6e
                      Data Ascii: <!doctype html><html lang="en"><head><meta charset="utf-8"/><link rel="icon" href="/favicon.ico"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><meta name="description" content="Scan"/><lin


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      2192.168.2.44973813.249.91.644436168C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-26 20:58:30 UTC1914OUTGET /index.css HTTP/1.1
                      Host: lsems.gravityzone.bitdefender.com
                      Connection: keep-alive
                      sec-ch-ua-platform: "Windows"
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      Accept: text/css,*/*;q=0.1
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: style
                      Referer: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0Zh [TRUNCATED]
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-26 20:58:30 UTC584INHTTP/1.1 200 OK
                      Content-Type: text/css
                      Content-Length: 134
                      Connection: close
                      Date: Wed, 26 Mar 2025 11:48:27 GMT
                      Last-Modified: Wed, 19 Mar 2025 09:57:27 GMT
                      ETag: "6748fbbc7fb3b016e371219d605b1239"
                      x-amz-server-side-encryption: AES256
                      Accept-Ranges: bytes
                      Server: AmazonS3
                      Via: 1.1 7bac70c3c5deda2f56c0a3aff53deab0.cloudfront.net (CloudFront), 1.1 4cde0553fc0884edc4253387bab1fc6c.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: IAD55-P3
                      X-Cache: Hit from cloudfront
                      X-Amz-Cf-Pop: JFK52-P9
                      X-Amz-Cf-Id: 8m04_J3L9vG4d7eLGuQFqMHoZXreHuXb9P0jnRvbrThqL_eghQGy9w==
                      Age: 33004
                      2025-03-26 20:58:30 UTC134INData Raw: 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 32 32 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 52 61 6c 65 77 61 79 2c 48 65 6c 76 65 74 69 63 61 4e 65 75 65 2c 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 2c 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 0a 7d
                      Data Ascii: body { background-color: #fff; color: #222; font-family: Raleway,HelveticaNeue,Helvetica Neue,Helvetica,Arial,sans-serif}


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      3192.168.2.44973913.249.91.644436168C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-26 20:58:30 UTC1933OUTGET /static/css/main.3dfe9f5e.css HTTP/1.1
                      Host: lsems.gravityzone.bitdefender.com
                      Connection: keep-alive
                      sec-ch-ua-platform: "Windows"
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      Accept: text/css,*/*;q=0.1
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: style
                      Referer: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0Zh [TRUNCATED]
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-26 20:58:30 UTC608INHTTP/1.1 200 OK
                      Content-Type: text/css
                      Content-Length: 4584
                      Connection: close
                      Date: Wed, 26 Mar 2025 11:48:27 GMT
                      Last-Modified: Wed, 19 Mar 2025 09:57:27 GMT
                      ETag: "8fc5a2f23a27198d9e865e74add2673c"
                      x-amz-server-side-encryption: AES256
                      Accept-Ranges: bytes
                      Server: AmazonS3
                      Via: 1.1 181a665d1a0b3047b4fa647eeabfb330.cloudfront.net (CloudFront), 1.1 8e18b19926181877065f139a46f95f7e.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: IAD55-P3
                      Vary: Accept-Encoding
                      X-Cache: Hit from cloudfront
                      X-Amz-Cf-Pop: JFK52-P9
                      X-Amz-Cf-Id: D_IM9byBedTprH9US8ExmRHV1GizXXzk20pyyNQoDy8LrBwpZ0B30w==
                      Age: 33004
                      2025-03-26 20:58:30 UTC4584INData Raw: 2e 73 63 61 6e 6e 65 72 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 3a 6c 6f 61 64 65 72 2d 73 70 69 6e 20 31 2e 32 73 20 6c 69 6e 65 61 72 20 69 6e 66 69 6e 69 74 65 3b 61 6e 69 6d 61 74 69 6f 6e 3a 6c 6f 61 64 65 72 2d 73 70 69 6e 20 31 2e 32 73 20 6c 69 6e 65 61 72 20 69 6e 66 69 6e 69 74 65 3b 62 6f 72 64 65 72 3a 32 70 78 20 73 6f 6c 69 64 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 68 65 69 67 68 74 3a 37 65 6d 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 33 2e 35 65 6d 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 74 6f 70 3b 77 69 64 74 68 3a 37 65 6d 7d 2e 73 63 61 6e 2d 63 6c 65 61 6e 7b 64 69 73 70 6c 61
                      Data Ascii: .scanner{-webkit-animation:loader-spin 1.2s linear infinite;animation:loader-spin 1.2s linear infinite;border:2px solid;border-radius:50%;display:inline-block;height:7em;margin-bottom:3.5em;position:relative;vertical-align:top;width:7em}.scan-clean{displa


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      4192.168.2.44973713.249.91.644436168C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-26 20:58:30 UTC1917OUTGET /static/js/main.d62e4927.js HTTP/1.1
                      Host: lsems.gravityzone.bitdefender.com
                      Connection: keep-alive
                      sec-ch-ua-platform: "Windows"
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      Accept: */*
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: script
                      Referer: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0Zh [TRUNCATED]
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-26 20:58:30 UTC624INHTTP/1.1 200 OK
                      Content-Type: application/javascript
                      Content-Length: 266441
                      Connection: close
                      Last-Modified: Wed, 19 Mar 2025 09:57:27 GMT
                      x-amz-server-side-encryption: AES256
                      Accept-Ranges: bytes
                      Server: AmazonS3
                      Via: 1.1 90ac509e6263ee9fa7bb3f1ed1f46118.cloudfront.net (CloudFront), 1.1 483596f2a82a67e8e04a70e774b34a0e.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: IAD55-P3
                      Date: Wed, 26 Mar 2025 11:48:28 GMT
                      ETag: "f3dc5fda1f5ecbd5f39d4bf333d98130"
                      Vary: Accept-Encoding
                      X-Cache: Hit from cloudfront
                      X-Amz-Cf-Pop: JFK52-P9
                      X-Amz-Cf-Id: GK7uoBJsASQsMNlBGzkP3a3gkUKetAy2-PwqklWMCZMNzxlCEGbGYw==
                      Age: 33003
                      2025-03-26 20:58:30 UTC15760INData Raw: 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 6d 61 69 6e 2e 64 36 32 65 34 39 32 37 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 7b 38 38 38 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 72 3d 6e 28 34 37 29 3b 66 75 6e 63 74 69 6f 6e 20 61 28 29 7b 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 29 7b 7d 6f 2e 72 65 73 65 74 57 61 72 6e 69 6e 67 43 61 63 68 65 3d 61 2c 65 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 65 2c 74 2c 6e 2c 61 2c 6f 2c 69 29 7b 69 66 28 69 21 3d 3d 72 29 7b 76 61 72 20 6c 3d 6e 65 77 20 45 72 72 6f 72
                      Data Ascii: /*! For license information please see main.d62e4927.js.LICENSE.txt */!function(){var e={888:function(e,t,n){"use strict";var r=n(47);function a(){}function o(){}o.resetWarningCache=a,e.exports=function(){function e(e,t,n,a,o,i){if(i!==r){var l=new Error
                      2025-03-26 20:58:30 UTC16384INData Raw: 64 61 6e 67 65 72 6f 75 73 6c 79 53 65 74 49 6e 6e 65 72 48 54 4d 4c 29 7b 69 66 28 6e 75 6c 6c 21 3d 74 2e 63 68 69 6c 64 72 65 6e 29 74 68 72 6f 77 20 45 72 72 6f 72 28 6f 28 36 30 29 29 3b 69 66 28 22 6f 62 6a 65 63 74 22 21 3d 3d 74 79 70 65 6f 66 20 74 2e 64 61 6e 67 65 72 6f 75 73 6c 79 53 65 74 49 6e 6e 65 72 48 54 4d 4c 7c 7c 21 28 22 5f 5f 68 74 6d 6c 22 69 6e 20 74 2e 64 61 6e 67 65 72 6f 75 73 6c 79 53 65 74 49 6e 6e 65 72 48 54 4d 4c 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 6f 28 36 31 29 29 7d 69 66 28 6e 75 6c 6c 21 3d 74 2e 73 74 79 6c 65 26 26 22 6f 62 6a 65 63 74 22 21 3d 3d 74 79 70 65 6f 66 20 74 2e 73 74 79 6c 65 29 74 68 72 6f 77 20 45 72 72 6f 72 28 6f 28 36 32 29 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 62 65 28 65 2c 74 29 7b 69 66 28
                      Data Ascii: dangerouslySetInnerHTML){if(null!=t.children)throw Error(o(60));if("object"!==typeof t.dangerouslySetInnerHTML||!("__html"in t.dangerouslySetInnerHTML))throw Error(o(61))}if(null!=t.style&&"object"!==typeof t.style)throw Error(o(62))}}function be(e,t){if(
                      2025-03-26 20:58:30 UTC16384INData Raw: 76 61 72 20 6e 3d 4f 62 6a 65 63 74 2e 6b 65 79 73 28 65 29 2c 72 3d 4f 62 6a 65 63 74 2e 6b 65 79 73 28 74 29 3b 69 66 28 6e 2e 6c 65 6e 67 74 68 21 3d 3d 72 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 21 31 3b 66 6f 72 28 72 3d 30 3b 72 3c 6e 2e 6c 65 6e 67 74 68 3b 72 2b 2b 29 7b 76 61 72 20 61 3d 6e 5b 72 5d 3b 69 66 28 21 66 2e 63 61 6c 6c 28 74 2c 61 29 7c 7c 21 6c 72 28 65 5b 61 5d 2c 74 5b 61 5d 29 29 72 65 74 75 72 6e 21 31 7d 72 65 74 75 72 6e 21 30 7d 66 75 6e 63 74 69 6f 6e 20 73 72 28 65 29 7b 66 6f 72 28 3b 65 26 26 65 2e 66 69 72 73 74 43 68 69 6c 64 3b 29 65 3d 65 2e 66 69 72 73 74 43 68 69 6c 64 3b 72 65 74 75 72 6e 20 65 7d 66 75 6e 63 74 69 6f 6e 20 63 72 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 73 72 28 65 29 3b 66 6f 72 28 65 3d 30 3b
                      Data Ascii: var n=Object.keys(e),r=Object.keys(t);if(n.length!==r.length)return!1;for(r=0;r<n.length;r++){var a=n[r];if(!f.call(t,a)||!lr(e[a],t[a]))return!1}return!0}function sr(e){for(;e&&e.firstChild;)e=e.firstChild;return e}function cr(e,t){var n,r=sr(e);for(e=0;
                      2025-03-26 20:58:31 UTC16384INData Raw: 74 75 72 6e 3d 65 2c 6e 75 6c 6c 3d 3d 3d 28 74 3d 65 2e 64 65 6c 65 74 69 6f 6e 73 29 3f 28 65 2e 64 65 6c 65 74 69 6f 6e 73 3d 5b 6e 5d 2c 65 2e 66 6c 61 67 73 7c 3d 31 36 29 3a 74 2e 70 75 73 68 28 6e 29 7d 66 75 6e 63 74 69 6f 6e 20 6c 6f 28 65 2c 74 29 7b 73 77 69 74 63 68 28 65 2e 74 61 67 29 7b 63 61 73 65 20 35 3a 76 61 72 20 6e 3d 65 2e 74 79 70 65 3b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 3d 28 74 3d 31 21 3d 3d 74 2e 6e 6f 64 65 54 79 70 65 7c 7c 6e 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 21 3d 3d 74 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3f 6e 75 6c 6c 3a 74 29 26 26 28 65 2e 73 74 61 74 65 4e 6f 64 65 3d 74 2c 6e 6f 3d 65 2c 72 6f 3d 73 61 28 74 2e 66 69 72 73 74 43 68 69 6c 64 29 2c 21 30 29 3b 63 61 73 65 20
                      Data Ascii: turn=e,null===(t=e.deletions)?(e.deletions=[n],e.flags|=16):t.push(n)}function lo(e,t){switch(e.tag){case 5:var n=e.type;return null!==(t=1!==t.nodeType||n.toLowerCase()!==t.nodeName.toLowerCase()?null:t)&&(e.stateNode=t,no=e,ro=sa(t.firstChild),!0);case
                      2025-03-26 20:58:31 UTC16384INData Raw: 65 64 75 63 65 72 3d 65 3b 76 61 72 20 72 3d 67 69 2c 61 3d 72 2e 62 61 73 65 51 75 65 75 65 2c 69 3d 6e 2e 70 65 6e 64 69 6e 67 3b 69 66 28 6e 75 6c 6c 21 3d 3d 69 29 7b 69 66 28 6e 75 6c 6c 21 3d 3d 61 29 7b 76 61 72 20 6c 3d 61 2e 6e 65 78 74 3b 61 2e 6e 65 78 74 3d 69 2e 6e 65 78 74 2c 69 2e 6e 65 78 74 3d 6c 7d 72 2e 62 61 73 65 51 75 65 75 65 3d 61 3d 69 2c 6e 2e 70 65 6e 64 69 6e 67 3d 6e 75 6c 6c 7d 69 66 28 6e 75 6c 6c 21 3d 3d 61 29 7b 69 3d 61 2e 6e 65 78 74 2c 72 3d 72 2e 62 61 73 65 53 74 61 74 65 3b 76 61 72 20 75 3d 6c 3d 6e 75 6c 6c 2c 73 3d 6e 75 6c 6c 2c 63 3d 69 3b 64 6f 7b 76 61 72 20 66 3d 63 2e 6c 61 6e 65 3b 69 66 28 28 68 69 26 66 29 3d 3d 3d 66 29 6e 75 6c 6c 21 3d 3d 73 26 26 28 73 3d 73 2e 6e 65 78 74 3d 7b 6c 61 6e 65 3a 30 2c
                      Data Ascii: educer=e;var r=gi,a=r.baseQueue,i=n.pending;if(null!==i){if(null!==a){var l=a.next;a.next=i.next,i.next=l}r.baseQueue=a=i,n.pending=null}if(null!==a){i=a.next,r=r.baseState;var u=l=null,s=null,c=i;do{var f=c.lane;if((hi&f)===f)null!==s&&(s=s.next={lane:0,
                      2025-03-26 20:58:31 UTC16384INData Raw: 36 2c 74 29 7d 28 65 2c 74 2c 75 2c 61 2c 72 2c 69 2c 6e 29 3b 69 66 28 6c 29 7b 6c 3d 61 2e 66 61 6c 6c 62 61 63 6b 2c 75 3d 74 2e 6d 6f 64 65 2c 72 3d 28 69 3d 65 2e 63 68 69 6c 64 29 2e 73 69 62 6c 69 6e 67 3b 76 61 72 20 73 3d 7b 6d 6f 64 65 3a 22 68 69 64 64 65 6e 22 2c 63 68 69 6c 64 72 65 6e 3a 61 2e 63 68 69 6c 64 72 65 6e 7d 3b 72 65 74 75 72 6e 20 30 3d 3d 3d 28 31 26 75 29 26 26 74 2e 63 68 69 6c 64 21 3d 3d 69 3f 28 28 61 3d 74 2e 63 68 69 6c 64 29 2e 63 68 69 6c 64 4c 61 6e 65 73 3d 30 2c 61 2e 70 65 6e 64 69 6e 67 50 72 6f 70 73 3d 73 2c 74 2e 64 65 6c 65 74 69 6f 6e 73 3d 6e 75 6c 6c 29 3a 28 61 3d 4c 73 28 69 2c 73 29 29 2e 73 75 62 74 72 65 65 46 6c 61 67 73 3d 31 34 36 38 30 30 36 34 26 69 2e 73 75 62 74 72 65 65 46 6c 61 67 73 2c 6e 75
                      Data Ascii: 6,t)}(e,t,u,a,r,i,n);if(l){l=a.fallback,u=t.mode,r=(i=e.child).sibling;var s={mode:"hidden",children:a.children};return 0===(1&u)&&t.child!==i?((a=t.child).childLanes=0,a.pendingProps=s,t.deletions=null):(a=Ls(i,s)).subtreeFlags=14680064&i.subtreeFlags,nu
                      2025-03-26 20:58:31 UTC16384INData Raw: 2e 61 6c 74 65 72 6e 61 74 65 3b 6e 75 6c 6c 21 3d 3d 73 26 26 28 73 2e 72 65 74 75 72 6e 3d 6e 75 6c 6c 29 2c 61 2e 72 65 74 75 72 6e 3d 6e 75 6c 6c 7d 63 61 74 63 68 28 63 29 7b 5f 73 28 61 2c 74 2c 63 29 7d 7d 69 66 28 31 32 38 35 34 26 74 2e 73 75 62 74 72 65 65 46 6c 61 67 73 29 66 6f 72 28 74 3d 74 2e 63 68 69 6c 64 3b 6e 75 6c 6c 21 3d 3d 74 3b 29 76 75 28 74 2c 65 29 2c 74 3d 74 2e 73 69 62 6c 69 6e 67 7d 66 75 6e 63 74 69 6f 6e 20 76 75 28 65 2c 74 29 7b 76 61 72 20 6e 3d 65 2e 61 6c 74 65 72 6e 61 74 65 2c 72 3d 65 2e 66 6c 61 67 73 3b 73 77 69 74 63 68 28 65 2e 74 61 67 29 7b 63 61 73 65 20 30 3a 63 61 73 65 20 31 31 3a 63 61 73 65 20 31 34 3a 63 61 73 65 20 31 35 3a 69 66 28 67 75 28 74 2c 65 29 2c 79 75 28 65 29 2c 34 26 72 29 7b 74 72 79 7b
                      Data Ascii: .alternate;null!==s&&(s.return=null),a.return=null}catch(c){_s(a,t,c)}}if(12854&t.subtreeFlags)for(t=t.child;null!==t;)vu(t,e),t=t.sibling}function vu(e,t){var n=e.alternate,r=e.flags;switch(e.tag){case 0:case 11:case 14:case 15:if(gu(t,e),yu(e),4&r){try{
                      2025-03-26 20:58:31 UTC16384INData Raw: 28 38 2c 66 2c 69 29 7d 76 61 72 20 64 3d 66 2e 63 68 69 6c 64 3b 69 66 28 6e 75 6c 6c 21 3d 3d 64 29 64 2e 72 65 74 75 72 6e 3d 66 2c 5a 6c 3d 64 3b 65 6c 73 65 20 66 6f 72 28 3b 6e 75 6c 6c 21 3d 3d 5a 6c 3b 29 7b 76 61 72 20 70 3d 28 66 3d 5a 6c 29 2e 73 69 62 6c 69 6e 67 2c 68 3d 66 2e 72 65 74 75 72 6e 3b 69 66 28 69 75 28 66 29 2c 66 3d 3d 3d 63 29 7b 5a 6c 3d 6e 75 6c 6c 3b 62 72 65 61 6b 7d 69 66 28 6e 75 6c 6c 21 3d 3d 70 29 7b 70 2e 72 65 74 75 72 6e 3d 68 2c 5a 6c 3d 70 3b 62 72 65 61 6b 7d 5a 6c 3d 68 7d 7d 7d 76 61 72 20 6d 3d 69 2e 61 6c 74 65 72 6e 61 74 65 3b 69 66 28 6e 75 6c 6c 21 3d 3d 6d 29 7b 76 61 72 20 67 3d 6d 2e 63 68 69 6c 64 3b 69 66 28 6e 75 6c 6c 21 3d 3d 67 29 7b 6d 2e 63 68 69 6c 64 3d 6e 75 6c 6c 3b 64 6f 7b 76 61 72 20 76
                      Data Ascii: (8,f,i)}var d=f.child;if(null!==d)d.return=f,Zl=d;else for(;null!==Zl;){var p=(f=Zl).sibling,h=f.return;if(iu(f),f===c){Zl=null;break}if(null!==p){p.return=h,Zl=p;break}Zl=h}}}var m=i.alternate;if(null!==m){var g=m.child;if(null!==g){m.child=null;do{var v
                      2025-03-26 20:58:31 UTC16384INData Raw: 6f 6e 3d 22 31 38 2e 32 2e 30 2d 6e 65 78 74 2d 39 65 33 62 37 37 32 62 38 2d 32 30 32 32 30 36 30 38 22 7d 2c 32 35 30 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 72 3d 6e 28 31 36 34 29 3b 74 2e 63 72 65 61 74 65 52 6f 6f 74 3d 72 2e 63 72 65 61 74 65 52 6f 6f 74 2c 74 2e 68 79 64 72 61 74 65 52 6f 6f 74 3d 72 2e 68 79 64 72 61 74 65 52 6f 6f 74 7d 2c 31 36 34 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 21 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 3d 74 79 70 65 6f 66 20 5f 5f 52 45 41 43 54 5f 44 45 56 54 4f 4f 4c 53 5f 47 4c 4f 42 41 4c 5f 48 4f 4f 4b 5f 5f 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74
                      Data Ascii: on="18.2.0-next-9e3b772b8-20220608"},250:function(e,t,n){"use strict";var r=n(164);t.createRoot=r.createRoot,t.hydrateRoot=r.hydrateRoot},164:function(e,t,n){"use strict";!function e(){if("undefined"!==typeof __REACT_DEVTOOLS_GLOBAL_HOOK__&&"function"===t
                      2025-03-26 20:58:31 UTC16384INData Raw: 65 74 75 72 6e 20 31 7d 72 65 74 75 72 6e 20 30 7d 66 75 6e 63 74 69 6f 6e 20 56 28 65 29 7b 72 65 74 75 72 6e 20 52 3d 4e 3d 31 2c 41 3d 43 28 49 3d 65 29 2c 6a 3d 30 2c 5b 5d 7d 66 75 6e 63 74 69 6f 6e 20 4b 28 65 29 7b 72 65 74 75 72 6e 20 49 3d 22 22 2c 65 7d 66 75 6e 63 74 69 6f 6e 20 71 28 65 29 7b 72 65 74 75 72 6e 20 77 28 24 28 6a 2d 31 2c 47 28 39 31 3d 3d 3d 65 3f 65 2b 32 3a 34 30 3d 3d 3d 65 3f 65 2b 31 3a 65 29 29 29 7d 66 75 6e 63 74 69 6f 6e 20 51 28 65 29 7b 66 6f 72 28 3b 28 4c 3d 57 28 29 29 26 26 4c 3c 33 33 3b 29 55 28 29 3b 72 65 74 75 72 6e 20 48 28 65 29 3e 32 7c 7c 48 28 4c 29 3e 33 3f 22 22 3a 22 20 22 7d 66 75 6e 63 74 69 6f 6e 20 59 28 65 2c 74 29 7b 66 6f 72 28 3b 2d 2d 74 26 26 55 28 29 26 26 21 28 4c 3c 34 38 7c 7c 4c 3e 31
                      Data Ascii: eturn 1}return 0}function V(e){return R=N=1,A=C(I=e),j=0,[]}function K(e){return I="",e}function q(e){return w($(j-1,G(91===e?e+2:40===e?e+1:e)))}function Q(e){for(;(L=W())&&L<33;)U();return H(e)>2||H(L)>3?"":" "}function Y(e,t){for(;--t&&U()&&!(L<48||L>1


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      5192.168.2.44974713.249.91.644436168C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-26 20:58:31 UTC1962OUTGET /favicon.ico HTTP/1.1
                      Host: lsems.gravityzone.bitdefender.com
                      Connection: keep-alive
                      sec-ch-ua-platform: "Windows"
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: image
                      Referer: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0Zh [TRUNCATED]
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-26 20:58:31 UTC625INHTTP/1.1 200 OK
                      Content-Type: image/vnd.microsoft.icon
                      Content-Length: 17542
                      Connection: close
                      Last-Modified: Wed, 19 Mar 2025 09:57:27 GMT
                      x-amz-server-side-encryption: AES256
                      Accept-Ranges: bytes
                      Server: AmazonS3
                      Via: 1.1 4ec656d2dfbb59cd7fab2ac94a540522.cloudfront.net (CloudFront), 1.1 c49eddbbbee7a3b1464851f470bede1e.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: IAD55-P3
                      Date: Tue, 25 Mar 2025 23:55:29 GMT
                      ETag: "fba58480381fefa10f97bd44c76c87c7"
                      Vary: Accept-Encoding
                      X-Cache: Hit from cloudfront
                      X-Amz-Cf-Pop: JFK52-P9
                      X-Amz-Cf-Id: 1kKddn25MHtBeutQKZWK3APDCrInXbaT7A4abm9CqvXCa8eIrd7x5w==
                      Age: 75783
                      2025-03-26 20:58:31 UTC15759INData Raw: 00 00 01 00 04 00 10 10 00 00 01 00 20 00 68 04 00 00 46 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 ae 04 00 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 0e 00 00 30 30 00 00 01 00 20 00 a8 25 00 00 de 1e 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 40 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 39 00 00 ff a4 00 00 ff e5 00 00 ff f9 00 00 ff fb 00 00 ff ec 00 00 ff b5 00 00 ff 52 00 00 ff 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 0a 00 00 ff 9d 00 00 ff fe 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff c0 00 00 ff 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 07 00 00 ff bf 00 00 ff ff 00
                      Data Ascii: hF 600 %( @9R
                      2025-03-26 20:58:31 UTC1783INData Raw: 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff 75 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 10 00 00 ff b3 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff fd 00 00 ff 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Data Ascii: up


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      6192.168.2.44974613.249.91.644436168C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-26 20:58:31 UTC1903OUTGET /manifest.json HTTP/1.1
                      Host: lsems.gravityzone.bitdefender.com
                      Connection: keep-alive
                      sec-ch-ua-platform: "Windows"
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      Accept: */*
                      Sec-Fetch-Site: same-origin
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: manifest
                      Referer: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0Zh [TRUNCATED]
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-26 20:58:31 UTC592INHTTP/1.1 200 OK
                      Content-Type: application/json
                      Content-Length: 290
                      Connection: close
                      Date: Wed, 26 Mar 2025 12:52:08 GMT
                      Last-Modified: Wed, 19 Mar 2025 09:57:27 GMT
                      ETag: "b0efba333d201884ace7da8c274c50d6"
                      x-amz-server-side-encryption: AES256
                      Accept-Ranges: bytes
                      Server: AmazonS3
                      Via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront), 1.1 8e18b19926181877065f139a46f95f7e.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: IAD55-P3
                      X-Cache: Hit from cloudfront
                      X-Amz-Cf-Pop: JFK52-P9
                      X-Amz-Cf-Id: 4YFDqk4wyU6m9PZlfuI5GxzBbapCtM3kw7gKlzi6XiXmjwkuCJSoBQ==
                      Age: 29184
                      2025-03-26 20:58:31 UTC290INData Raw: 7b 0a 20 20 22 73 68 6f 72 74 5f 6e 61 6d 65 22 3a 20 22 4c 69 6e 6b 73 63 61 6e 22 2c 0a 20 20 22 6e 61 6d 65 22 3a 20 22 4c 69 6e 6b 73 63 61 6e 22 2c 0a 20 20 22 69 63 6f 6e 73 22 3a 20 5b 0a 20 20 20 20 7b 0a 20 20 20 20 20 20 22 73 72 63 22 3a 20 22 66 61 76 69 63 6f 6e 2e 69 63 6f 22 2c 0a 20 20 20 20 20 20 22 73 69 7a 65 73 22 3a 20 22 36 34 78 36 34 20 33 32 78 33 32 20 32 34 78 32 34 20 31 36 78 31 36 22 2c 0a 20 20 20 20 20 20 22 74 79 70 65 22 3a 20 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 0a 20 20 20 20 7d 0a 20 20 5d 2c 0a 20 20 22 73 74 61 72 74 5f 75 72 6c 22 3a 20 22 2e 22 2c 0a 20 20 22 64 69 73 70 6c 61 79 22 3a 20 22 73 74 61 6e 64 61 6c 6f 6e 65 22 2c 0a 20 20 22 74 68 65 6d 65 5f 63 6f 6c 6f 72 22 3a 20 22 23 30 30 30 30 30 30 22 2c
                      Data Ascii: { "short_name": "Linkscan", "name": "Linkscan", "icons": [ { "src": "favicon.ico", "sizes": "64x64 32x32 24x24 16x16", "type": "image/x-icon" } ], "start_url": ".", "display": "standalone", "theme_color": "#000000",


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      7192.168.2.44974913.249.91.684436168C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-26 20:58:31 UTC1883OUTOPTIONS /scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0ZhSzZMXzRwaWhIeWdOU0IwcjlSZlcwZDQ0T1BYdmNBZj [TRUNCATED]
                      Host: api-bd.linkscan.io
                      Connection: keep-alive
                      Accept: */*
                      Access-Control-Request-Method: GET
                      Access-Control-Request-Headers: x-original-referer
                      Origin: https://lsems.gravityzone.bitdefender.com
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Dest: empty
                      Referer: https://lsems.gravityzone.bitdefender.com/
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-26 20:58:31 UTC624INHTTP/1.1 200 OK
                      Content-Type: application/json
                      Content-Length: 0
                      Connection: close
                      Date: Wed, 26 Mar 2025 20:58:31 GMT
                      Access-Control-Allow-Methods: OPTIONS,GET
                      x-amzn-RequestId: 729c9d4b-2c1e-48f6-b8f1-349d0addc44f
                      Access-Control-Allow-Origin: *
                      Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,X-Original-Referer
                      x-amz-apigw-id: IDWSyEi5DoEEh7g=
                      X-Cache: Miss from cloudfront
                      Via: 1.1 93a5047483e29b6e88eb9b3ac46c575a.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: JFK52-P9
                      X-Amz-Cf-Id: 9b9VnXvVX3tQLyazVQnJGcpdAEq-kG38Wa6ZGSZ_LJR-N1xieRGK-Q==


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      8192.168.2.44975013.249.91.194436168C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-26 20:58:31 UTC408OUTGET /favicon.ico HTTP/1.1
                      Host: lsems.gravityzone.bitdefender.com
                      Connection: keep-alive
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      Accept: */*
                      Sec-Fetch-Site: none
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: empty
                      Sec-Fetch-Storage-Access: active
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-26 20:58:32 UTC625INHTTP/1.1 200 OK
                      Content-Type: image/vnd.microsoft.icon
                      Content-Length: 17542
                      Connection: close
                      Last-Modified: Wed, 19 Mar 2025 09:57:27 GMT
                      x-amz-server-side-encryption: AES256
                      Accept-Ranges: bytes
                      Server: AmazonS3
                      Via: 1.1 4ec656d2dfbb59cd7fab2ac94a540522.cloudfront.net (CloudFront), 1.1 0872a9ea1fab6d5bf06432bb20551d5c.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: IAD55-P3
                      Date: Tue, 25 Mar 2025 23:55:29 GMT
                      ETag: "fba58480381fefa10f97bd44c76c87c7"
                      Vary: Accept-Encoding
                      X-Cache: Hit from cloudfront
                      X-Amz-Cf-Pop: JFK52-P9
                      X-Amz-Cf-Id: IsACB7NFED9yyfftGeFU9CzqEcEQYRoBZ482rYGq-NGgkEvksMvWgg==
                      Age: 75784
                      2025-03-26 20:58:32 UTC15990INData Raw: 00 00 01 00 04 00 10 10 00 00 01 00 20 00 68 04 00 00 46 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 ae 04 00 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 0e 00 00 30 30 00 00 01 00 20 00 a8 25 00 00 de 1e 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 40 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 39 00 00 ff a4 00 00 ff e5 00 00 ff f9 00 00 ff fb 00 00 ff ec 00 00 ff b5 00 00 ff 52 00 00 ff 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 0a 00 00 ff 9d 00 00 ff fe 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff c0 00 00 ff 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 07 00 00 ff bf 00 00 ff ff 00
                      Data Ascii: hF 600 %( @9R
                      2025-03-26 20:58:32 UTC1552INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 06 00 00 ff 8f 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff ff 00 00 ff e9 00 00 ff 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 5c 00 00 ff
                      Data Ascii: T\


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      9192.168.2.44975113.249.91.684436168C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-26 20:58:32 UTC1981OUTGET /scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0ZhSzZMXzRwaWhIeWdOU0IwcjlSZlcwZDQ0T1BYdmNBZjd6dn [TRUNCATED]
                      Host: api-bd.linkscan.io
                      Connection: keep-alive
                      sec-ch-ua-platform: "Windows"
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      Accept: application/json, text/plain, */*
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      X-Original-Referer: unknown
                      sec-ch-ua-mobile: ?0
                      Origin: https://lsems.gravityzone.bitdefender.com
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: empty
                      Referer: https://lsems.gravityzone.bitdefender.com/
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-26 20:58:34 UTC562INHTTP/1.1 200 OK
                      Content-Type: application/json
                      Content-Length: 2896
                      Connection: close
                      Date: Wed, 26 Mar 2025 20:58:34 GMT
                      X-Amzn-Trace-Id: Root=1-67e46a78-59d7434611fc33931e7e4fcb;Parent=4fecd3b96b37e001;Sampled=0;Lineage=1:92f4b973:0
                      x-amzn-RequestId: 1654d8c8-7482-405f-8e91-4597b5e6b5c7
                      Access-Control-Allow-Origin: *
                      x-amz-apigw-id: IDWS4EGlDoEEmEw=
                      X-Cache: Miss from cloudfront
                      Via: 1.1 5c2a8f663f6fd9a0cb8424c72fd50e58.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: JFK52-P9
                      X-Amz-Cf-Id: imN0k6NXO_dfbwK6Kipu0_NEe_hfNJAcJ8d3ZoIOI3OiOlQ_HO-KbA==
                      2025-03-26 20:58:34 UTC2896INData Raw: 7b 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 64 61 74 61 22 3a 7b 22 6f 72 69 67 69 6e 61 6c 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 65 6d 61 69 6c 2e 66 72 69 65 6e 64 62 75 79 2d 6d 61 69 6c 2e 63 6f 6d 2f 6c 73 2f 63 6c 69 63 6b 3f 75 70 6e 3d 75 30 30 31 2e 2d 32 42 51 49 65 4e 78 54 47 42 4c 55 51 49 4b 76 39 67 79 37 79 51 37 52 50 34 6d 39 79 4b 49 39 64 47 2d 32 42 41 58 39 47 70 37 34 44 39 6c 33 57 52 59 38 69 41 68 4e 68 6a 6e 63 7a 71 46 4e 45 32 57 50 4e 39 74 71 4f 31 38 37 39 64 79 73 5a 67 62 6a 48 71 75 35 45 53 77 7a 2d 32 42 69 68 49 67 77 56 30 32 5a 72 50 71 78 69 45 45 68 4a 49 53 64 35 31 6c 33 65 35 4e 71 49 6f 69 6a 6f 68 57 30 37 6f 50 51 2d 32 42 77 46 4a 35 39 7a 4d 66 63 4e 4b 4d 55 38 43 78 61 42 42 4e 52 6b 54 55 6a
                      Data Ascii: {"success":true,"data":{"originalUrl":"https://email.friendbuy-mail.com/ls/click?upn=u001.-2BQIeNxTGBLUQIKv9gy7yQ7RP4m9yKI9dG-2BAX9Gp74D9l3WRY8iAhNhjnczqFNE2WPN9tqO1879dysZgbjHqu5ESwz-2BihIgwV02ZrPqxiEEhJISd51l3e5NqIoijohW07oPQ-2BwFJ59zMfcNKMU8CxaBBNRkTUj


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      10192.168.2.44975513.249.91.494436168C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-26 20:58:34 UTC1715OUTGET /scan/aHR0cHM6Ly9lbWFpbC5mcmllbmRidXktbWFpbC5jb20vbHMvY2xpY2s!dXBuPXUwMDEuLTJCUUllTnhUR0JMVVFJS3Y5Z3k3eVE3UlA0bTl5S0k5ZEctMkJBWDlHcDc0RDlsM1dSWThpQWhOaGpuY3pxRk5FMldQTjl0cU8xODc5ZHlzWmdiakhxdTVFU3d6LTJCaWhJZ3dWMDJaclBxeGlFRWhKSVNkNTFsM2U1TnFJb2lqb2hXMDdvUFEtMkJ3Rko1OXpNZmNOS01VOEN4YUJCTlJrVFVqUG1sZnotMkJpODE3VzNWMERpMVp6U1VqU0FqcGZCV09rdkV1OTNyQ3k5UWF2cy0yRjViVmh0UFdGeGxtb3BIQS0yQnZLRGw1bDhoY0tMSWtDdkNBUmplMDEtMkJLRmpuaWpwVjlhUlNSSVAtMkJ6Qkx3bFFqa3ZIRTM2dXpzd3BjbnMtMkJvY0p1NTdkanNUd1RkNFpEZ2I3ZXQ5YnNkV3ptaWlld1VHaW5aUmFDNk5wUlRCTUtodDhYSk40aklJS1llTTdlcXZxNTFlaGNMQkp5T2xPT203NXJZRWhhYmI1cG5ZOWIzTjg4dFRERkN6cFNFd2JkVzJUT0tmRjItMkItMkZQVXBYZTZwWUl3LTJCSnBoWTk1dXR4QTd0N2V4VW9PbGwtMkJPenhzU1ZiNUpJVVVXRExFOXUxLTJGTUFlV1lCZVRsdTh3MXlYZkpjSnNoMDVNLTJCamVuV2xkeXFweVdRNDB1UHdBUzJTZ1V4WlhURG9NZU9hUjhBRmNoT3duZnltMlNmUkh0dHJSZ0w0OVRCQ2phMUIwbXpDS3JMckhKWTVZV2pQNk5SSDZJRXNxR3BXWk5FdWhtcVV0ZzNDak1IbmJtREtyd0wtMkJ3RnBabnFRbkFENzRVeVVGbUwxMzNKSDA3bjJselBFbW1RajJ6eThSU0pkZ0ZhSzZMXzRwaWhIeWdOU0IwcjlSZlcwZDQ0T1BYdmNBZjd6dn [TRUNCATED]
                      Host: api-bd.linkscan.io
                      Connection: keep-alive
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      Accept: */*
                      Sec-Fetch-Site: none
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: empty
                      Sec-Fetch-Storage-Access: active
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-26 20:58:35 UTC560INHTTP/1.1 200 OK
                      Content-Type: application/json
                      Content-Length: 74
                      Connection: close
                      Date: Wed, 26 Mar 2025 20:58:35 GMT
                      X-Amzn-Trace-Id: Root=1-67e46a7b-51684f2a61e59188070ec2dd;Parent=51088d845bd725e9;Sampled=0;Lineage=1:92f4b973:0
                      x-amzn-RequestId: f7e077ec-4463-4c12-a47a-b7f027f1961b
                      Access-Control-Allow-Origin: *
                      x-amz-apigw-id: IDWTTEyaDoEEh7g=
                      X-Cache: Miss from cloudfront
                      Via: 1.1 bf1882b87be33343d40479518a081ae2.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: JFK52-P9
                      X-Amz-Cf-Id: YTxiKsv6k5ryJebVuS-w1ZP-SadSjlmKMVBtgHpp179l6zzr3OtTuw==
                      2025-03-26 20:58:35 UTC74INData Raw: 7b 22 65 72 72 6f 72 54 79 70 65 22 3a 22 73 74 72 69 6e 67 22 2c 22 65 72 72 6f 72 4d 65 73 73 61 67 65 22 3a 22 49 6e 74 65 67 72 69 74 79 20 6d 61 74 63 68 20 66 61 69 6c 75 72 65 22 2c 22 74 72 61 63 65 22 3a 5b 5d 7d
                      Data Ascii: {"errorType":"string","errorMessage":"Integrity match failure","trace":[]}


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      11192.168.2.44975718.173.132.304436168C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-26 20:58:35 UTC1616OUTGET /ls/click?upn=u001.-2BQIeNxTGBLUQIKv9gy7yQ7RP4m9yKI9dG-2BAX9Gp74D9l3WRY8iAhNhjnczqFNE2WPN9tqO1879dysZgbjHqu5ESwz-2BihIgwV02ZrPqxiEEhJISd51l3e5NqIoijohW07oPQ-2BwFJ59zMfcNKMU8CxaBBNRkTUjPmlfz-2Bi817W3V0Di1ZzSUjSAjpfBWOkvEu93rCy9Qavs-2F5bVhtPWFxlmopHA-2BvKDl5l8hcKLIkCvCARje01-2BKFjnijpV9aRSRIP-2BzBLwlQjkvHE36uzswpcns-2BocJu57djsTwTd4ZDgb7et9bsdWzmiiewUGinZRaC6NpRTBMKht8XJN4jIIKYeM7eqvq51ehcLBJyOlOOm75rYEhabb5pnY9b3N88tTDFCzpSEwbdW2TOKfF2-2B-2FPUpXe6pYIw-2BJphY95utxA7t7exUoOll-2BOzxsSVb5JIUUWDLE9u1-2FMAeWYBeTlu8w1yXfJcJsh05M-2BjenWldyqpyWQ40uPwAS2SgUxZXTDoMeOaR8AFchOwnfym2SfRHttrRgL49TBCja1B0mzCKrLrHJY5YWjP6NRH6IEsqGpWZNEuhmqUtg3CjMHnbmDKrwL-2BwFpZnqQnAD74UyUFmL133JH07n2lzPEmmQj2zy8RSJdgFaK6L_4pihHygNSB0r9RfW0d44OPXvcAf7zvpIFhJYVITxRG-2BViu7WwO5pIOIjQnSybDuQNyH1dkcGNK4R2-2FXnsZ4jOwzhCJYSFYnSefthEBZrPSeO-2B1I5h0TzyaEoutDI6yckJKNyJM2aaV0-2FXB-2F-2FiEYF4qcm3xwKUZf3jIsDSr-2BDTKrEwysl0TlU4Ywm07IeXcGQ HTTP/1.1
                      Host: email.friendbuy-mail.com
                      Connection: keep-alive
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      sec-ch-ua-platform: "Windows"
                      Upgrade-Insecure-Requests: 1
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Mode: navigate
                      Sec-Fetch-Dest: document
                      Referer: https://lsems.gravityzone.bitdefender.com/
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-26 20:58:35 UTC861INHTTP/1.1 302 Found
                      Content-Type: text/html; charset=utf-8
                      Content-Length: 496
                      Connection: close
                      Server: nginx
                      Date: Wed, 26 Mar 2025 20:58:35 GMT
                      X-Robots-Tag: noindex, nofollow
                      Location: https://394-kadoma.trakcid.com/?u=http:%2F%2Femail.double.serviceautopilot.com%2Fc%2FeJwEwDtuxCAQANDTmA6Lz8BAQZHG9wAzIyPhxWLZlZLT553jfvLrt9WUC2NxrGQh7SREzzIYVaT1TgWosVBAURP7aIIXlDSCCdZ5dILu3HqryYUIxeYsi1dBAiHLkIOTUBgtW82EIK6UCRgCRrYxqILoomX05CBH5Ytn0ZJRxilrQKPS2u0aIFaMkRAzV4wbqDo-pdP-pvltJ-XPGk_rY-3nuEVP11rPe7M_mzk2c_yNcU_67u38bOYYzJs5Ju3XuruY6bxme6_xXDT33Ht-baDmM8e-6LzEN5n_AAAA__97VleD&e=bO6Ao4ijqetEqbsFKXxaaRIsJwUx2-yy&cee=Y2hyaXN0b3BoZXIuYWxsYW5AcnByby50ZWNo
                      X-Cache: Miss from cloudfront
                      Via: 1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: JFK52-P2
                      X-Amz-Cf-Id: jRq-znYxio-YGeJgZ7Ans7vpI1qFI7rVljELE00gvmI0ukAWgESQiw==
                      2025-03-26 20:58:35 UTC496INData Raw: 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 33 39 34 2d 6b 61 64 6f 6d 61 2e 74 72 61 6b 63 69 64 2e 63 6f 6d 2f 3f 75 3d 68 74 74 70 3a 25 32 46 25 32 46 65 6d 61 69 6c 2e 64 6f 75 62 6c 65 2e 73 65 72 76 69 63 65 61 75 74 6f 70 69 6c 6f 74 2e 63 6f 6d 25 32 46 63 25 32 46 65 4a 77 45 77 44 74 75 78 43 41 51 41 4e 44 54 6d 41 36 4c 7a 38 42 41 51 5a 48 47 39 77 41 7a 49 79 50 68 78 57 4c 5a 6c 5a 4c 54 35 35 33 6a 66 76 4c 72 74 39 57 55 43 32 4e 78 72 47 51 68 37 53 52 45 7a 7a 49 59 56 61 54 31 54 67 57 6f 73 56 42 41 55 52 50 37 61 49 49 58 6c 44 53 43 43 64 5a 35 64 49 4c 75 33 48 71 72 79 59 55 49 78 65 59 73 69 31 64 42 41 69 48 4c 6b 49 4f 54 55 42 67 74 57 38 32 45 49 4b 36 55 43 52 67 43 52 72 59 78 71 49 4c 6f 6f 6d 58 30 35 43 42 48 35
                      Data Ascii: <a href="https://394-kadoma.trakcid.com/?u=http:%2F%2Femail.double.serviceautopilot.com%2Fc%2FeJwEwDtuxCAQANDTmA6Lz8BAQZHG9wAzIyPhxWLZlZLT553jfvLrt9WUC2NxrGQh7SREzzIYVaT1TgWosVBAURP7aIIXlDSCCdZ5dILu3HqryYUIxeYsi1dBAiHLkIOTUBgtW82EIK6UCRgCRrYxqILoomX05CBH5


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      12192.168.2.44975618.173.132.304436168C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2025-03-26 20:58:47 UTC1636OUTGET /ls/click?upn=u001.-2BQIeNxTGBLUQIKv9gy7yQ7RP4m9yKI9dG-2BAX9Gp74D9l3WRY8iAhNhjnczqFNE2WPN9tqO1879dysZgbjHqu5ESwz-2BihIgwV02ZrPqxiEEhJISd51l3e5NqIoijohW07oPQ-2BwFJ59zMfcNKMU8CxaBBNRkTUjPmlfz-2Bi817W3V0Di1ZzSUjSAjpfBWOkvEu93rCy9Qavs-2F5bVhtPWFxlmopHA-2BvKDl5l8hcKLIkCvCARje01-2BKFjnijpV9aRSRIP-2BzBLwlQjkvHE36uzswpcns-2BocJu57djsTwTd4ZDgb7et9bsdWzmiiewUGinZRaC6NpRTBMKht8XJN4jIIKYeM7eqvq51ehcLBJyOlOOm75rYEhabb5pnY9b3N88tTDFCzpSEwbdW2TOKfF2-2B-2FPUpXe6pYIw-2BJphY95utxA7t7exUoOll-2BOzxsSVb5JIUUWDLE9u1-2FMAeWYBeTlu8w1yXfJcJsh05M-2BjenWldyqpyWQ40uPwAS2SgUxZXTDoMeOaR8AFchOwnfym2SfRHttrRgL49TBCja1B0mzCKrLrHJY5YWjP6NRH6IEsqGpWZNEuhmqUtg3CjMHnbmDKrwL-2BwFpZnqQnAD74UyUFmL133JH07n2lzPEmmQj2zy8RSJdgFaK6L_4pihHygNSB0r9RfW0d44OPXvcAf7zvpIFhJYVITxRG-2BViu7WwO5pIOIjQnSybDuQNyH1dkcGNK4R2-2FXnsZ4jOwzhCJYSFYnSefthEBZrPSeO-2B1I5h0TzyaEoutDI6yckJKNyJM2aaV0-2FXB-2F-2FiEYF4qcm3xwKUZf3jIsDSr-2BDTKrEwysl0TlU4Ywm07IeXcGQ HTTP/1.1
                      Host: email.friendbuy-mail.com
                      Connection: keep-alive
                      sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                      sec-ch-ua-mobile: ?0
                      sec-ch-ua-platform: "Windows"
                      Upgrade-Insecure-Requests: 1
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Mode: navigate
                      Sec-Fetch-User: ?1
                      Sec-Fetch-Dest: document
                      Referer: https://lsems.gravityzone.bitdefender.com/
                      Accept-Encoding: gzip, deflate, br, zstd
                      Accept-Language: en-US,en;q=0.9
                      2025-03-26 20:58:48 UTC861INHTTP/1.1 302 Found
                      Content-Type: text/html; charset=utf-8
                      Content-Length: 496
                      Connection: close
                      Server: nginx
                      Date: Wed, 26 Mar 2025 20:58:48 GMT
                      X-Robots-Tag: noindex, nofollow
                      Location: https://394-kadoma.trakcid.com/?u=http:%2F%2Femail.double.serviceautopilot.com%2Fc%2FeJwEwDtuxCAQANDTmA6Lz8BAQZHG9wAzIyPhxWLZlZLT553jfvLrt9WUC2NxrGQh7SREzzIYVaT1TgWosVBAURP7aIIXlDSCCdZ5dILu3HqryYUIxeYsi1dBAiHLkIOTUBgtW82EIK6UCRgCRrYxqILoomX05CBH5Ytn0ZJRxilrQKPS2u0aIFaMkRAzV4wbqDo-pdP-pvltJ-XPGk_rY-3nuEVP11rPe7M_mzk2c_yNcU_67u38bOYYzJs5Ju3XuruY6bxme6_xXDT33Ht-baDmM8e-6LzEN5n_AAAA__97VleD&e=bO6Ao4ijqetEqbsFKXxaaRIsJwUx2-yy&cee=Y2hyaXN0b3BoZXIuYWxsYW5AcnByby50ZWNo
                      X-Cache: Miss from cloudfront
                      Via: 1.1 d1450f9172625df286184e0b1f1d01f2.cloudfront.net (CloudFront)
                      X-Amz-Cf-Pop: JFK52-P2
                      X-Amz-Cf-Id: E0kU4kk2_nCWsVb00WEv91Gyl_7NtAGn8Qref8wPOUDK9UYG5i8MUA==
                      2025-03-26 20:58:48 UTC496INData Raw: 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 33 39 34 2d 6b 61 64 6f 6d 61 2e 74 72 61 6b 63 69 64 2e 63 6f 6d 2f 3f 75 3d 68 74 74 70 3a 25 32 46 25 32 46 65 6d 61 69 6c 2e 64 6f 75 62 6c 65 2e 73 65 72 76 69 63 65 61 75 74 6f 70 69 6c 6f 74 2e 63 6f 6d 25 32 46 63 25 32 46 65 4a 77 45 77 44 74 75 78 43 41 51 41 4e 44 54 6d 41 36 4c 7a 38 42 41 51 5a 48 47 39 77 41 7a 49 79 50 68 78 57 4c 5a 6c 5a 4c 54 35 35 33 6a 66 76 4c 72 74 39 57 55 43 32 4e 78 72 47 51 68 37 53 52 45 7a 7a 49 59 56 61 54 31 54 67 57 6f 73 56 42 41 55 52 50 37 61 49 49 58 6c 44 53 43 43 64 5a 35 64 49 4c 75 33 48 71 72 79 59 55 49 78 65 59 73 69 31 64 42 41 69 48 4c 6b 49 4f 54 55 42 67 74 57 38 32 45 49 4b 36 55 43 52 67 43 52 72 59 78 71 49 4c 6f 6f 6d 58 30 35 43 42 48 35
                      Data Ascii: <a href="https://394-kadoma.trakcid.com/?u=http:%2F%2Femail.double.serviceautopilot.com%2Fc%2FeJwEwDtuxCAQANDTmA6Lz8BAQZHG9wAzIyPhxWLZlZLT553jfvLrt9WUC2NxrGQh7SREzzIYVaT1TgWosVBAURP7aIIXlDSCCdZ5dILu3HqryYUIxeYsi1dBAiHLkIOTUBgtW82EIK6UCRgCRrYxqILoomX05CBH5


                      Statistics

                      CPU Usage

                      Click to jump to process

                      Memory Usage

                      Click to jump to process

                      Behavior

                      Click to jump to process

                      System Behavior

                      General

                      Target ID:1
                      Start time:16:58:17
                      Start date:26/03/2025
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                      Imagebase:0x7ff786830000
                      File size:3'388'000 bytes
                      MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:false
                      Show Windows behavior

                      File Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      COM Activities

                      Show Windows behavior

                      Process Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      Memory Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      Process Token Activities


                      General

                      Target ID:2
                      Start time:16:58:21
                      Start date:26/03/2025
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2348,i,977650232591120726,18254827365428393022,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2388 /prefetch:3
                      Imagebase:0x7ff786830000
                      File size:3'388'000 bytes
                      MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:false
                      Show Windows behavior

                      File Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      Memory Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                      General

                      Target ID:6
                      Start time:16:58:28
                      Start date:26/03/2025
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://protect.checkpoint.com/v2/r02/___https://lsems.gravityzone.bitdefender.com/xhfsdfMW5hMR*~*QDcqg1KugH/rhrqqgrWni2pyg1KugH/og75AgMRA37Cu37x!i2GzU2ZBRIJzQYOHZZqqYsmZW5OR00KOX83/48p8j0J8ZqF5gYq/X5p/4JhyRpOG1IqMhIh5WIqxR6iX1YmuV1mTfLuz38uCWp/KRqiVYoq5hZbCTIh/4MqE1rinfpmCiY0KZ8i*~*QYOHf1mO48i1RIOfhqGCjLqKW1mPX0SpSYKxR7Z6YsKOg7qvg7m2RIiAZKJyRpO8Wpt6T2uS4rSTX560TJS93ZOHYqOw0K0vZL6x4styRpOuTIJ80ES1RJWuR0u*~*Z60vZ5KvhL4H05cwip06TYSDV8p/Z1K7hD5DWo0n0rm5ZKiLjLCyg8GNVX5DVs4QWLB6gImt35yRX1yIipSGZruqRIJyRpOQWruzf1uB0oqmZqSXX0FyRpO*~*VpC8gKKvf84NWYR7i2uEi8GogsRyRpOA35u6SYipfsSZi6WpSKuJ47N842V/3sSp08uyf1qqi60Mf1/fZrKISp/BZqWHYZytiIm3Xp95fpqOX6qqYYiqh24CSYKqfLSRVpu/Y7CUY758S2O4W1mm3rN6hL/4T1NEYol9iKWJWpS*~*hKSKi7Op0EOZY5yrWoNyRpNyRp4V02G34Y4B1Zq8QYOHXsGt1Yp6i2W9VYi5S70901cUgLByRpOUjsmEZ64nSZuO0002WJCKT2ZCQYOLYZKq06qH40WxiYm8R2q34puoXsStRI0SQYOHfr0z07Cpj2KBj0iWSIG6ZMiGZEOY46091qmZWLcS4ZcmZomGWrStY8iz4sqyRqSrZpm5iMOX45B5T0WHV7umRZNBg2uIX8ORhpmP1Y0407uVSp/XXI4OW2SCW8G21p/Ki1myh0054ESIfp6NgrOyWJyDi5ByRpO8WsGfgsKWgpKJSEW0j00LgZBCRESPXIF8goOxjqGKg16WfoO*~*jYmXZ5up454mXE4R2EWBf1mNj1iTZ5NBhoqX4qhB4IV5Y6G3irSG4oi*~*isGOWrmP104O0MmXWD5DVq4uiYi2i5b6hJqUX1uWgqS/3pW6ZZ*/2*XIKpf7SMYpx5ZoNyRp43gsSfSLuUi8utV5u4Z544gqSq4sWtWZOfhqGY4ZbyRpNCXY0tRKW*~*j1KKg805WJp7j1SwXpyTjZuSRrKm0oFyRp43Vn5DWn5DWrqK1Z35h1SyR8m8X60f4oSvX2SJZ8NyRpOJ0JyDW2i/h7BB0LC0SKq8gYF8X10335iWda99K97K667Kc*~*7K6aFIF/JJbJI/5b8*~*J59I5H78FbH8bc/*~*5Ka*~*/9KHIKJ/Hc77K?h=6&fru;n=6&fru;ithx=6___.YzJlOmdhbmdzdGVyOmM6bzozNzgzODlmOGVjOWFjMDU4ODA2YzZiNzAzODIwZWExYjo3OjE1MzU6MzgzZDA3MjA0MGU4NmVjOTQ5NjUyYWM1MTBkYzkzNzg4ODQ3Mjg0YTJlN2I1MzhlZWM4YWU1YzI1YWE5Y2UxNjpoOlQ6VA"
                      Imagebase:0x7ff786830000
                      File size:3'388'000 bytes
                      MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:true
                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      COM Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                      General

                      Target ID:19
                      Start time:16:59:31
                      Start date:26/03/2025
                      Path:C:\Program Files\Windows Defender\MpCmdRun.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
                      Imagebase:0x7ff75f090000
                      File size:468'120 bytes
                      MD5 hash:B3676839B2EE96983F9ED735CD044159
                      Has elevated privileges:true
                      Has administrator privileges:false
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:true
                      Show Windows behavior

                      File Activities

                      Show Windows behavior

                      Section Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      COM Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      Process Activities

                      Show Windows behavior

                      Thread Activities

                      Show Windows behavior

                      System Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                      General

                      Target ID:20
                      Start time:16:59:31
                      Start date:26/03/2025
                      Path:C:\Windows\System32\conhost.exe
                      Wow64 process (32bit):false
                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Imagebase:0x7ff62fc20000
                      File size:862'208 bytes
                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                      Has elevated privileges:true
                      Has administrator privileges:false
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:true
                      Show Windows behavior

                      File Activities

                      Show Windows behavior

                      Section Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      Mutex Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      Thread Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      Windows UI Activities


                      Disassembly

                      No disassembly