Edit tour

Windows Analysis Report
https://outlook-web-app-30c710.webflow.io/

Overview

General Information

Sample URL:https://outlook-web-app-30c710.webflow.io/
Analysis ID:1653829
Infos:

Detection

Score:48
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Creates files inside the system directory
Deletes files inside the Windows folder

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64
  • chrome.exe (PID: 2752 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 4748 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2036,i,4384471797931532710,8386410433809053487,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2060 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 5584 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://outlook-web-app-30c710.webflow.io/" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: https://outlook-web-app-30c710.webflow.io/Avira URL Cloud: detection malicious, Label: phishing
Source: unknownHTTPS traffic detected: 142.251.40.228:443 -> 192.168.2.4:49728 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.36.248:443 -> 192.168.2.4:49729 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.36.248:443 -> 192.168.2.4:49730 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.33.251.68:443 -> 192.168.2.4:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.33.251.68:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.33.251.68:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.33.251.140:443 -> 192.168.2.4:49736 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.72.99
Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.72.99
Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: outlook-web-app-30c710.webflow.ioConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /css/webflow-https-errors.webflow.css HTTP/1.1Host: d3e54v103j8qbb.cloudfront.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://outlook-web-app-30c710.webflow.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /static/favicon_designer.88fce7c7f8.png HTTP/1.1Host: d3e54v103j8qbb.cloudfront.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://outlook-web-app-30c710.webflow.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fonts/Graphik-Medium-Web.abf6e1188f.woff2 HTTP/1.1Host: d3e54v103j8qbb.cloudfront.netConnection: keep-aliveOrigin: https://outlook-web-app-30c710.webflow.iosec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://d3e54v103j8qbb.cloudfront.net/css/webflow-https-errors.webflow.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fonts/Graphik-Regular-Web.5a0c1a002e.woff2 HTTP/1.1Host: d3e54v103j8qbb.cloudfront.netConnection: keep-aliveOrigin: https://outlook-web-app-30c710.webflow.iosec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://d3e54v103j8qbb.cloudfront.net/css/webflow-https-errors.webflow.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /static/favicon_designer.88fce7c7f8.png HTTP/1.1Host: d3e54v103j8qbb.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: outlook-web-app-30c710.webflow.io
Source: global trafficDNS traffic detected: DNS query: d3e54v103j8qbb.cloudfront.net
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 01 Apr 2025 14:51:15 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeCF-Ray: 9298e74eeddb2732-EWRCF-Cache-Status: HITAge: 644Cache-Control: public, max-age=432000ETag: W/"67e7684e-38c"content-security-policy: frame-ancestors 'self' https://*.webflow.com http://*.webflow.com http://*.webflow.io http://webflow.com https://webflow.comsurrogate-key: outlook-web-app-30c710.webflow.iovary: Accept-EncodingSet-Cookie: _cfuvid=exRq0HaZUZbES_qHECxXKIeSw4NSbgedGmjRHGZL2js-1743519075709-0.0.1.1-604800000; path=/; domain=.webflow.io; HttpOnly; Secure; SameSite=NoneServer: cloudflarealt-svc: h3=":443"; ma=86400
Source: chromecache_59.3.drString found in binary or memory: https://d3e54v103j8qbb.cloudfront.net/css/webflow-https-errors.webflow.css
Source: chromecache_59.3.drString found in binary or memory: https://d3e54v103j8qbb.cloudfront.net/static/favicon_designer.88fce7c7f8.png
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownHTTPS traffic detected: 142.251.40.228:443 -> 192.168.2.4:49728 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.36.248:443 -> 192.168.2.4:49729 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.36.248:443 -> 192.168.2.4:49730 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.33.251.68:443 -> 192.168.2.4:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.33.251.68:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.33.251.68:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.33.251.140:443 -> 192.168.2.4:49736 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir2752_1141642191Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir2752_1141642191Jump to behavior
Source: classification engineClassification label: mal48.win@21/11@9/5
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2036,i,4384471797931532710,8386410433809053487,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2060 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://outlook-web-app-30c710.webflow.io/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2036,i,4384471797931532710,8386410433809053487,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2060 /prefetch:3Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection
1
Masquerading
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
File Deletion
Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1653829 URL: https://outlook-web-app-30c... Startdate: 01/04/2025 Architecture: WINDOWS Score: 48 22 Antivirus / Scanner detection for submitted sample 2->22 6 chrome.exe 2 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 14 192.168.2.4, 138, 443, 49709 unknown unknown 6->14 11 chrome.exe 6->11         started        process5 dnsIp6 16 www.google.com 142.251.40.228, 443, 49728, 49743 GOOGLEUS United States 11->16 18 outlook-web-app-30c710.webflow.io 104.18.36.248, 443, 49729, 49730 CLOUDFLARENETUS United States 11->18 20 2 other IPs or domains 11->20

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
https://outlook-web-app-30c710.webflow.io/100%Avira URL Cloudphishing
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches

Download Network PCAP: filteredfull

NameIPActiveMaliciousAntivirus DetectionReputation
d3e54v103j8qbb.cloudfront.net
13.33.251.68
truefalse
    high
    www.google.com
    142.251.40.228
    truefalse
      high
      outlook-web-app-30c710.webflow.io
      104.18.36.248
      truefalse
        unknown
        NameMaliciousAntivirus DetectionReputation
        https://d3e54v103j8qbb.cloudfront.net/fonts/Graphik-Regular-Web.5a0c1a002e.woff2false
          high
          https://d3e54v103j8qbb.cloudfront.net/fonts/Graphik-Medium-Web.abf6e1188f.woff2false
            high
            https://d3e54v103j8qbb.cloudfront.net/css/webflow-https-errors.webflow.cssfalse
              high
              https://outlook-web-app-30c710.webflow.io/true
                unknown
                https://d3e54v103j8qbb.cloudfront.net/static/favicon_designer.88fce7c7f8.pngfalse
                  high
                  • No. of IPs < 25%
                  • 25% < No. of IPs < 50%
                  • 50% < No. of IPs < 75%
                  • 75% < No. of IPs
                  IPDomainCountryFlagASNASN NameMalicious
                  104.18.36.248
                  outlook-web-app-30c710.webflow.ioUnited States
                  13335CLOUDFLARENETUSfalse
                  13.33.251.140
                  unknownUnited States
                  16509AMAZON-02USfalse
                  13.33.251.68
                  d3e54v103j8qbb.cloudfront.netUnited States
                  16509AMAZON-02USfalse
                  142.251.40.228
                  www.google.comUnited States
                  15169GOOGLEUSfalse
                  IP
                  192.168.2.4
                  Joe Sandbox version:42.0.0 Malachite
                  Analysis ID:1653829
                  Start date and time:2025-04-01 16:50:03 +02:00
                  Joe Sandbox product:CloudBasic
                  Overall analysis duration:0h 3m 10s
                  Hypervisor based Inspection enabled:false
                  Report type:full
                  Cookbook file name:browseurl.jbs
                  Sample URL:https://outlook-web-app-30c710.webflow.io/
                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                  Number of analysed new started processes analysed:20
                  Number of new started drivers analysed:0
                  Number of existing processes analysed:0
                  Number of existing drivers analysed:0
                  Number of injected processes analysed:0
                  Technologies:
                  • HCA enabled
                  • EGA enabled
                  • AMSI enabled
                  Analysis Mode:default
                  Analysis stop reason:Timeout
                  Detection:MAL
                  Classification:mal48.win@21/11@9/5
                  EGA Information:Failed
                  HCA Information:
                  • Successful, ratio: 100%
                  • Number of executed functions: 0
                  • Number of non-executed functions: 0
                  • Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, RuntimeBroker.exe, ShellExperienceHost.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
                  • Excluded IPs from analysis (whitelisted): 142.251.40.195, 142.250.80.14, 142.250.65.174, 172.253.115.84, 142.250.65.206, 142.251.41.14, 142.250.64.110, 142.251.40.142, 142.251.40.238, 142.251.40.110, 142.251.32.110, 142.250.64.99, 184.31.69.3, 204.79.197.222, 20.12.23.50
                  • Excluded domains from analysis (whitelisted): fp.msedge.net, fs.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, accounts.google.com, redirector.gvt1.com, slscr.update.microsoft.com, update.googleapis.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
                  • Not all processes where analyzed, report is missing behavior information
                  • Report size getting too big, too many NtOpenFile calls found.
                  • VT rate limit hit for: https://outlook-web-app-30c710.webflow.io/
                  No simulations
                  No context
                  No context
                  No context
                  No context
                  No context
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                  Category:dropped
                  Size (bytes):688
                  Entropy (8bit):7.4656349096973305
                  Encrypted:false
                  SSDEEP:12:6v/7iY7/6Ts/f18COX+EA3JwtLndm9GI2LuMJKsWLZPq+OizNXHcpdbgxA4OgorD:27/6q+COuEAwdGGI8HJK4+OONXigKy2b
                  MD5:88FCE7C7F8D3A7E53FDA27CEADAC4D12
                  SHA1:A8B310F9A40E2D0CCEB5EE20E37A3657EEAEABF2
                  SHA-256:E3E8D727E818CE2B05175AE721A17651AB71696BC10969319F87B6798D73E87A
                  SHA-512:0798F656469C1072073141246B83C3EAD4B6EE023345BE2629170D7017B849A2C03B40AFD91A27DB2B508D4D65638099D3A2D538E0159D407AD0B702E54A95D0
                  Malicious:false
                  Reputation:low
                  Preview:.PNG........IHDR... ... .....szz.....pHYs.................sRGB.........gAMA......a....EIDATx..W]n.@..].T..DU[.[..|.r......s..'(m..z.....9.}.d. ...;.AqJ.5.Q.?.v=.3..;.....w.......!.z..w..\.R?..Hy....D.~...y......n<.r.V....Y.}6....{m...5.%t..{.`.N..q .9....v.J.v\.s......Z......%..1Bf....".@2.%..T..R..........C2A...2..).+.Z}...r.+)(.<..W.p....v..`..*A.SG......~....gP.D.xK........7....bz.%qL....q.Vo......Xz}.0..........?.[..C.@Qq...R>.n....3..o.%0t..Q\$*.i)..F....&e9.~..NBh...h.VJ......g...z:..a....cD.....TZQ5.~W.t..E_..~q`i.t.M. w...7~....)[....T....".e`..Q\p...n...n....&.4.}.........<.....@R&.p%..s...p...S5........~...N%....-.....t......4W......IEND.B`.
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                  Category:downloaded
                  Size (bytes):688
                  Entropy (8bit):7.4656349096973305
                  Encrypted:false
                  SSDEEP:12:6v/7iY7/6Ts/f18COX+EA3JwtLndm9GI2LuMJKsWLZPq+OizNXHcpdbgxA4OgorD:27/6q+COuEAwdGGI8HJK4+OONXigKy2b
                  MD5:88FCE7C7F8D3A7E53FDA27CEADAC4D12
                  SHA1:A8B310F9A40E2D0CCEB5EE20E37A3657EEAEABF2
                  SHA-256:E3E8D727E818CE2B05175AE721A17651AB71696BC10969319F87B6798D73E87A
                  SHA-512:0798F656469C1072073141246B83C3EAD4B6EE023345BE2629170D7017B849A2C03B40AFD91A27DB2B508D4D65638099D3A2D538E0159D407AD0B702E54A95D0
                  Malicious:false
                  Reputation:low
                  URL:https://d3e54v103j8qbb.cloudfront.net/static/favicon_designer.88fce7c7f8.png
                  Preview:.PNG........IHDR... ... .....szz.....pHYs.................sRGB.........gAMA......a....EIDATx..W]n.@..].T..DU[.[..|.r......s..'(m..z.....9.}.d. ...;.AqJ.5.Q.?.v=.3..;.....w.......!.z..w..\.R?..Hy....D.~...y......n<.r.V....Y.}6....{m...5.%t..{.`.N..q .9....v.J.v\.s......Z......%..1Bf....".@2.%..T..R..........C2A...2..).+.Z}...r.+)(.<..W.p....v..`..*A.SG......~....gP.D.xK........7....bz.%qL....q.Vo......Xz}.0..........?.[..C.@Qq...R>.n....3..o.%0t..Q\$*.i)..F....&e9.~..NBh...h.VJ......g...z:..a....cD.....TZQ5.~W.t..E_..~q`i.t.M. w...7~....)[....T....".e`..Q\p...n...n....&.4.}.........<.....@R&.p%..s...p...S5........~...N%....-.....t......4W......IEND.B`.
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:Web Open Font Format (Version 2), TrueType, length 34041, version 1.0
                  Category:downloaded
                  Size (bytes):34041
                  Entropy (8bit):7.993384171292279
                  Encrypted:true
                  SSDEEP:768:NyNNFK8YgotAMrDRUIY6rHWSMJsGU7yBaUp7przzxWo8zB:gnK8ytAgSIR7WS4ZUWBaUxprhWnzB
                  MD5:ABF6E1188F57F609D6987CA7AA1F54B7
                  SHA1:B226E5B656CAF3CE6ED5D9AD277850EA7CA27D05
                  SHA-256:40BB52D988186022D07C0248E9B6AF63A1DDE146B157797463BA7B5DADA4AC53
                  SHA-512:59152926E1062F1D41B6E9F81EB4D77263435FFB5CF7DA66E76A7FCFF1EE6F3FCF25FD62D020FB130FF4FEB257EE0D9C7E990584EF7EB01585FEC6745017BBCF
                  Malicious:false
                  Reputation:low
                  URL:https://d3e54v103j8qbb.cloudfront.net/fonts/Graphik-Medium-Web.abf6e1188f.woff2
                  Preview:wOF2..............s4...w...........................(..V....`..:.. .T..<.....d..j.. .6.$..P..*.. .._..:..n[.Wq.....T.m...Wn.~/.........E..1.n..E.+......dC....`nKU..'...GV..`..+s.....`k4>.].f4.W.9=.P3..!.Q.Bu....Y.%\...S..a..B@...@.. .,...C....".....Q..;]... .D.%..v....Jf...;.eN&.3....C.>.IG...IP.....'...!.y^b*l..8v.M[<U...~...R..7.....E.....6.f.%@.`..) .......q.&......w[Yg.h...........".(....T%".G.c........Z...W./.F.4.X........^..$.d.e.,...r..8.=...f..(s....B..FG...\...u.G.M.e$$!.dC.~..&.E.d,.{....u.].Sk.m.S..u|i.g.u.[..`mo.B......0........\..IL..&%pt&..C....mT..a{.c.....!...F..M....RD@.cA...R..Zx......n..C..a*.U6.S=@^#.U........p........Pe.EY..X...#.X..{{..$...+..5FL@.......Ot.?.T*.J%..D"...S's..1.Ag".R.'...A/.pf..B,]...$Y.mN7xt{....'<..9wH.1..=....Xs.P..pw..\..6......w] .c. 1....V..=.D.e.......:}..y..h.#.j:...N...H.T&Y..D.2L.."m......}4.~.A......j&..?....[.....M..q.f.&C......Cz0.x..e..5C...s..!!..Q.....`o2....7.*.@e...YB.#m..w]a.*29....O..AZ}
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:Web Open Font Format (Version 2), TrueType, length 30885, version 1.0
                  Category:downloaded
                  Size (bytes):30885
                  Entropy (8bit):7.9938302639105
                  Encrypted:true
                  SSDEEP:768:n/jo3BYAVy/zuMbOAR9Vb5McrtKfKTpCC4vOP:npXuMbOyRiWhTpCC4vg
                  MD5:5A0C1A002E8A14BEDB37E60EE72642AC
                  SHA1:B5DF1451CE0D9AACE0D7337ABB26D10CD7999333
                  SHA-256:CCDE0CF7CE5D0767EBA8AABD07F8537F24E5097CFB5E1F08E1685926EFCFBE84
                  SHA-512:329EB4B59CF67FD9B2581EB6AAD71189D16F52649EC0D8A54550D2BF9EA7954A9E0AA5CD2B9E936615B4FA505F22EEC595FCC127EA2FB0CE52FA7F92574F45A5
                  Malicious:false
                  Reputation:low
                  URL:https://d3e54v103j8qbb.cloudfront.net/fonts/Graphik-Regular-Web.5a0c1a002e.woff2
                  Preview:wOF2......x.......ax..x!..................x...........n....`..:....L..<........... .6.$..P..,.. ..c..D...[.F..c..W...m....V......1..m.-"....J.x.^...G...:....?9..i.I...AT...=IA.5[.S$.......4.Dk....e...=....;.;NO.....L......CC../....P/+.,&..%..nNG....|..O.k".b5....J.U.1#@;'.zDz.....e.N_..OE...9..eg.....!....4......m-...K........O_..$:e.j"mR..l..@?..b.4$.......k`....#5?.../gT...I4..s.).f.........h...k...ht..n..<.dr{.#.V.:.'.<..........D,.I.;......p..'7.yow)], ...RD.....KO.G.Q,..'..fL..~.r..^.zK..s.k...../i..c..h.D_..T..U..m>..s..b.(..E.X.{.[..x..........@....*N...+..^.e...t...4.F4.v..]..c...'..:.....AEUR.T..UIuP.G....]rP......k...EB..d&..^,Y.P.Z......}>U..7.=.....M.+......T..A........e .1@m..j.....-..<..dB..|u....z......U.v.d...z...r......p.VFN.M^*.E.......`....}.....\.....^...*1<#f6s.RU.AO....M.\kJ.S.1....~(.Cp....6.....N."...].?IW....dk9..`.I..y.G.9...-.+.d._.....w...B.]"c3.D.\.F....*....\+.@.._U.Pwj..KS}...Y..Jr`.}O..D.......J...D*....H. aad..
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:assembler source, ASCII text
                  Category:downloaded
                  Size (bytes):4176
                  Entropy (8bit):4.917297123338692
                  Encrypted:false
                  SSDEEP:96:McUPBqrrXyEVyDXyw7kXy01blI8q81SPqK:Mc8BErXyBXyJXyUrICK
                  MD5:C2BF6463065522E597390EEDB7A3F2F7
                  SHA1:CFFF83E977BEA349743935E1B17BB753ACA11825
                  SHA-256:A2693A37CDE8116FD113092E8F1D9794F1D2EBD336958C9385255B4B65BEDBBF
                  SHA-512:B32B4EEB0F8E9B2B61903037FD9397D453C095C41CF154F6A2DDA8DD2CDD81C6210FE4A7723376E91AF211EB44C64EF2CDDA58AE4C9BB75612CB700682252B75
                  Malicious:false
                  Reputation:low
                  URL:https://d3e54v103j8qbb.cloudfront.net/css/webflow-https-errors.webflow.css
                  Preview:/*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */..html {. font-family: sans-serif;. -ms-text-size-adjust: 100%;. -webkit-text-size-adjust: 100%;.}..body {. margin: 0;.}..article,.aside,.details,.figcaption,.figure,.footer,.header,.hgroup,.main,.menu,.nav,.section,.summary {. display: block;.}..a {. background-color: transparent;.}..a:active,.a:hover {. outline: 0;.}..b,.strong {. font-weight: bold;.}..h1 {. font-size: 2em;. margin: 0.67em 0;.}..img {. border: 0;.}..svg:not(:root) {. overflow: hidden;.}..button,.input,.optgroup,.select,.textarea {. color: inherit;. /* 1 */. font: inherit;. /* 2 */. margin: 0;. /* 3 */.}..button {. overflow: visible;.}..button,.select {. text-transform: none;.}..button,.html input[type="button"],.input[type="reset"] {. -webkit-appearance: button;. cursor: pointer;.}..button[disabled],.html input[disabled] {. cursor: default;.}..button::-moz-focus-inner,.input
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:HTML document, ASCII text
                  Category:downloaded
                  Size (bytes):908
                  Entropy (8bit):4.922983707197396
                  Encrypted:false
                  SSDEEP:12:hYzDBNevXCsWJF8/UDy5y2TABUyr47qFgSSA2TABUn9yx0fqArxGmxCHxc9ev/Wn:hYzD8aJFxO5ls2y4BPs2ndg2JFxau
                  MD5:F30BDA7A1FD7BEF4C946D5E8F08F71F2
                  SHA1:F2E0F6BFDFD7F2211C04B3C56F292C806969EE99
                  SHA-256:E14487407359A2B8C009BBAAB7656357D5A9F315948EF97181E8E41711411593
                  SHA-512:5E4B68C3E734F8E508D738F7A05CF2352D0EE5DBE95947E80C2D5106A4029753F7A76AC768A2A304E0C920C2937B0E38FA6A5A2427BB53F16E470773C4753E0A
                  Malicious:false
                  Reputation:low
                  URL:https://outlook-web-app-30c710.webflow.io/
                  Preview:<!DOCTYPE html>.<html lang="en">..<head>. <meta charset="utf-8">. <title>404 - Page not found</title>. <meta content="The page you are looking for doesn&#x27;t exist or has been moved." name="description">. <meta content="width=device-width, initial-scale=1" name="viewport">.. <link href="https://d3e54v103j8qbb.cloudfront.net/css/webflow-https-errors.webflow.css" rel="stylesheet" type="text/css">.. <link href="https://d3e54v103j8qbb.cloudfront.net/static/favicon_designer.88fce7c7f8.png" rel="shortcut icon" type="image/x-icon">.</head>..<body>.<div class="utility-wrapper">. <div class="utility-container">. <div class="text-mono">404</div>. <div class="utility-content">. <h1>Page not found<br></h1>. <p>The page you are looking for doesn&#x27;t exist or has been moved.</p>. </div>. <div></div>. </div>.</div>.</body>..</html>.
                  No static file info

                  Download Network PCAP: filteredfull

                  • Total Packets: 116
                  • 443 (HTTPS)
                  • 80 (HTTP)
                  • 53 (DNS)
                  TimestampSource PortDest PortSource IPDest IP
                  Apr 1, 2025 16:51:01.717844963 CEST4968180192.168.2.42.17.190.73
                  Apr 1, 2025 16:51:01.874222040 CEST49671443192.168.2.4204.79.197.203
                  Apr 1, 2025 16:51:02.186497927 CEST49671443192.168.2.4204.79.197.203
                  Apr 1, 2025 16:51:02.795814991 CEST49671443192.168.2.4204.79.197.203
                  Apr 1, 2025 16:51:03.998980045 CEST49671443192.168.2.4204.79.197.203
                  Apr 1, 2025 16:51:06.405190945 CEST49671443192.168.2.4204.79.197.203
                  Apr 1, 2025 16:51:10.639424086 CEST49678443192.168.2.420.189.173.27
                  Apr 1, 2025 16:51:10.951564074 CEST49678443192.168.2.420.189.173.27
                  Apr 1, 2025 16:51:11.219599009 CEST49671443192.168.2.4204.79.197.203
                  Apr 1, 2025 16:51:11.326505899 CEST4968180192.168.2.42.17.190.73
                  Apr 1, 2025 16:51:11.560899973 CEST49678443192.168.2.420.189.173.27
                  Apr 1, 2025 16:51:12.436907053 CEST49728443192.168.2.4142.251.40.228
                  Apr 1, 2025 16:51:12.436943054 CEST44349728142.251.40.228192.168.2.4
                  Apr 1, 2025 16:51:12.437011003 CEST49728443192.168.2.4142.251.40.228
                  Apr 1, 2025 16:51:12.437182903 CEST49728443192.168.2.4142.251.40.228
                  Apr 1, 2025 16:51:12.437194109 CEST44349728142.251.40.228192.168.2.4
                  Apr 1, 2025 16:51:12.646289110 CEST44349728142.251.40.228192.168.2.4
                  Apr 1, 2025 16:51:12.646358967 CEST49728443192.168.2.4142.251.40.228
                  Apr 1, 2025 16:51:12.650998116 CEST49728443192.168.2.4142.251.40.228
                  Apr 1, 2025 16:51:12.651007891 CEST44349728142.251.40.228192.168.2.4
                  Apr 1, 2025 16:51:12.651262045 CEST44349728142.251.40.228192.168.2.4
                  Apr 1, 2025 16:51:12.701617956 CEST49728443192.168.2.4142.251.40.228
                  Apr 1, 2025 16:51:12.764157057 CEST49678443192.168.2.420.189.173.27
                  Apr 1, 2025 16:51:15.168124914 CEST49678443192.168.2.420.189.173.27
                  Apr 1, 2025 16:51:15.254873037 CEST49729443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:15.254987955 CEST44349729104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:15.255068064 CEST49729443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:15.255479097 CEST49730443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:15.255534887 CEST44349730104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:15.255820990 CEST49730443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:15.259299040 CEST49730443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:15.259332895 CEST44349730104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:15.259661913 CEST49729443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:15.259726048 CEST44349729104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:15.481422901 CEST44349729104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:15.481431961 CEST44349730104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:15.481559038 CEST49729443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:15.482953072 CEST49730443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:15.494440079 CEST49730443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:15.494474888 CEST44349730104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:15.494817019 CEST44349730104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:15.495985985 CEST49729443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:15.496006966 CEST44349729104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:15.496151924 CEST49730443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:15.496329069 CEST44349729104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:15.536272049 CEST44349730104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:15.548475027 CEST49729443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:15.769747972 CEST44349730104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:15.769861937 CEST44349730104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:15.770005941 CEST49730443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:15.772176027 CEST49730443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:15.772202969 CEST44349730104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:16.924660921 CEST49732443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:16.924710035 CEST4434973213.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:16.924777985 CEST49732443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:16.925014019 CEST49732443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:16.925026894 CEST4434973213.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.140957117 CEST4434973213.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.141047955 CEST49732443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.148433924 CEST49732443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.148467064 CEST4434973213.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.148811102 CEST4434973213.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.149171114 CEST49732443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.196269989 CEST4434973213.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.331639051 CEST4434973213.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.331676960 CEST4434973213.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.331736088 CEST49732443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.331743002 CEST4434973213.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.331782103 CEST49732443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.333673000 CEST49732443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.333697081 CEST4434973213.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.362416983 CEST49733443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.362489939 CEST4434973313.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.362560034 CEST49733443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.362919092 CEST49734443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.362973928 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.363022089 CEST49734443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.363312006 CEST49735443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.363348961 CEST4434973513.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.363399029 CEST49735443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.363524914 CEST49733443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.363543034 CEST4434973313.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.363631010 CEST49734443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.363645077 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.363708973 CEST49735443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.363722086 CEST4434973513.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.567249060 CEST4434973513.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.567639112 CEST49735443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.567670107 CEST4434973513.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.567826033 CEST49735443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.567831993 CEST4434973513.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.567971945 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.568125963 CEST49734443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.568434000 CEST49734443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.568442106 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.568672895 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.568914890 CEST49734443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.569206953 CEST4434973313.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.569511890 CEST49733443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.569711924 CEST49733443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.569744110 CEST4434973313.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.570007086 CEST4434973313.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.570307016 CEST49733443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.616276979 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.616281033 CEST4434973313.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.759109974 CEST4434973513.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.759187937 CEST4434973513.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.759788036 CEST49735443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.760040998 CEST49735443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.760060072 CEST4434973513.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.769393921 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.769459963 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.769503117 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.769547939 CEST49734443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.769566059 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.769598007 CEST49734443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.769726038 CEST49734443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.778718948 CEST4434973313.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.778743029 CEST4434973313.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.778759003 CEST4434973313.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.779079914 CEST49733443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.779123068 CEST4434973313.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.779314041 CEST49733443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.786355019 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.786400080 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.786508083 CEST49734443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.786508083 CEST49734443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.786523104 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.787501097 CEST49734443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.788088083 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.788222075 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.788572073 CEST49734443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.788650036 CEST49734443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.788665056 CEST4434973413.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.798213005 CEST4434973313.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.798281908 CEST4434973313.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.798301935 CEST4434973313.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.798389912 CEST49733443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.798389912 CEST49733443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.798491001 CEST49733443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.804500103 CEST49733443192.168.2.413.33.251.68
                  Apr 1, 2025 16:51:17.804526091 CEST4434973313.33.251.68192.168.2.4
                  Apr 1, 2025 16:51:17.872029066 CEST49736443192.168.2.413.33.251.140
                  Apr 1, 2025 16:51:17.872090101 CEST4434973613.33.251.140192.168.2.4
                  Apr 1, 2025 16:51:17.872248888 CEST49736443192.168.2.413.33.251.140
                  Apr 1, 2025 16:51:17.872334957 CEST49736443192.168.2.413.33.251.140
                  Apr 1, 2025 16:51:17.872379065 CEST4434973613.33.251.140192.168.2.4
                  Apr 1, 2025 16:51:18.068763971 CEST4434973613.33.251.140192.168.2.4
                  Apr 1, 2025 16:51:18.068979979 CEST49736443192.168.2.413.33.251.140
                  Apr 1, 2025 16:51:18.072495937 CEST49736443192.168.2.413.33.251.140
                  Apr 1, 2025 16:51:18.072509050 CEST4434973613.33.251.140192.168.2.4
                  Apr 1, 2025 16:51:18.072745085 CEST4434973613.33.251.140192.168.2.4
                  Apr 1, 2025 16:51:18.076808929 CEST49736443192.168.2.413.33.251.140
                  Apr 1, 2025 16:51:18.124281883 CEST4434973613.33.251.140192.168.2.4
                  Apr 1, 2025 16:51:18.260361910 CEST4434973613.33.251.140192.168.2.4
                  Apr 1, 2025 16:51:18.260416031 CEST4434973613.33.251.140192.168.2.4
                  Apr 1, 2025 16:51:18.260754108 CEST49736443192.168.2.413.33.251.140
                  Apr 1, 2025 16:51:18.262808084 CEST49736443192.168.2.413.33.251.140
                  Apr 1, 2025 16:51:18.262840986 CEST4434973613.33.251.140192.168.2.4
                  Apr 1, 2025 16:51:19.970057964 CEST49678443192.168.2.420.189.173.27
                  Apr 1, 2025 16:51:20.096522093 CEST49709443192.168.2.4131.253.33.254
                  Apr 1, 2025 16:51:20.112720013 CEST49709443192.168.2.4131.253.33.254
                  Apr 1, 2025 16:51:20.200975895 CEST44349709131.253.33.254192.168.2.4
                  Apr 1, 2025 16:51:20.218363047 CEST44349709131.253.33.254192.168.2.4
                  Apr 1, 2025 16:51:20.222758055 CEST44349709131.253.33.254192.168.2.4
                  Apr 1, 2025 16:51:20.222883940 CEST49709443192.168.2.4131.253.33.254
                  Apr 1, 2025 16:51:20.222886086 CEST44349709131.253.33.254192.168.2.4
                  Apr 1, 2025 16:51:20.222930908 CEST49709443192.168.2.4131.253.33.254
                  Apr 1, 2025 16:51:20.829447985 CEST49671443192.168.2.4204.79.197.203
                  Apr 1, 2025 16:51:22.633202076 CEST44349728142.251.40.228192.168.2.4
                  Apr 1, 2025 16:51:22.633263111 CEST44349728142.251.40.228192.168.2.4
                  Apr 1, 2025 16:51:22.633447886 CEST49728443192.168.2.4142.251.40.228
                  Apr 1, 2025 16:51:23.728817940 CEST49728443192.168.2.4142.251.40.228
                  Apr 1, 2025 16:51:23.728854895 CEST44349728142.251.40.228192.168.2.4
                  Apr 1, 2025 16:51:29.574934006 CEST49678443192.168.2.420.189.173.27
                  Apr 1, 2025 16:51:30.206614971 CEST804971123.203.176.221192.168.2.4
                  Apr 1, 2025 16:51:30.221952915 CEST4971180192.168.2.423.203.176.221
                  Apr 1, 2025 16:51:30.467473030 CEST44349729104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:30.467540979 CEST44349729104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:30.469105005 CEST49729443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:31.728580952 CEST49729443192.168.2.4104.18.36.248
                  Apr 1, 2025 16:51:31.728612900 CEST44349729104.18.36.248192.168.2.4
                  Apr 1, 2025 16:51:53.639611959 CEST4971380192.168.2.4142.250.72.99
                  Apr 1, 2025 16:51:53.639787912 CEST4971280192.168.2.4199.232.214.172
                  Apr 1, 2025 16:51:53.639841080 CEST4971480192.168.2.4199.232.214.172
                  Apr 1, 2025 16:51:53.733000040 CEST8049712199.232.214.172192.168.2.4
                  Apr 1, 2025 16:51:53.733031034 CEST8049714199.232.214.172192.168.2.4
                  Apr 1, 2025 16:51:53.733098984 CEST8049714199.232.214.172192.168.2.4
                  Apr 1, 2025 16:51:53.733120918 CEST8049713142.250.72.99192.168.2.4
                  Apr 1, 2025 16:51:53.733215094 CEST4971480192.168.2.4199.232.214.172
                  Apr 1, 2025 16:51:53.733243942 CEST4971380192.168.2.4142.250.72.99
                  Apr 1, 2025 16:51:53.740135908 CEST8049712199.232.214.172192.168.2.4
                  Apr 1, 2025 16:51:53.740194082 CEST4971280192.168.2.4199.232.214.172
                  Apr 1, 2025 16:52:12.360217094 CEST49743443192.168.2.4142.251.40.228
                  Apr 1, 2025 16:52:12.360291004 CEST44349743142.251.40.228192.168.2.4
                  Apr 1, 2025 16:52:12.360385895 CEST49743443192.168.2.4142.251.40.228
                  Apr 1, 2025 16:52:12.360590935 CEST49743443192.168.2.4142.251.40.228
                  Apr 1, 2025 16:52:12.360604048 CEST44349743142.251.40.228192.168.2.4
                  Apr 1, 2025 16:52:12.563586950 CEST44349743142.251.40.228192.168.2.4
                  Apr 1, 2025 16:52:12.564188957 CEST49743443192.168.2.4142.251.40.228
                  Apr 1, 2025 16:52:12.564230919 CEST44349743142.251.40.228192.168.2.4
                  Apr 1, 2025 16:52:22.558811903 CEST44349743142.251.40.228192.168.2.4
                  Apr 1, 2025 16:52:22.558875084 CEST44349743142.251.40.228192.168.2.4
                  Apr 1, 2025 16:52:22.558979034 CEST49743443192.168.2.4142.251.40.228
                  Apr 1, 2025 16:52:23.719960928 CEST49743443192.168.2.4142.251.40.228
                  Apr 1, 2025 16:52:23.720041037 CEST44349743142.251.40.228192.168.2.4
                  TimestampSource PortDest PortSource IPDest IP
                  Apr 1, 2025 16:51:09.748511076 CEST53571311.1.1.1192.168.2.4
                  Apr 1, 2025 16:51:09.831324100 CEST53574651.1.1.1192.168.2.4
                  Apr 1, 2025 16:51:10.543956995 CEST53498541.1.1.1192.168.2.4
                  Apr 1, 2025 16:51:12.296523094 CEST6000353192.168.2.41.1.1.1
                  Apr 1, 2025 16:51:12.296523094 CEST5075853192.168.2.41.1.1.1
                  Apr 1, 2025 16:51:12.406837940 CEST53600031.1.1.1192.168.2.4
                  Apr 1, 2025 16:51:15.105257988 CEST5627553192.168.2.41.1.1.1
                  Apr 1, 2025 16:51:15.105375051 CEST5284253192.168.2.41.1.1.1
                  Apr 1, 2025 16:51:15.216479063 CEST53562751.1.1.1192.168.2.4
                  Apr 1, 2025 16:51:15.791666985 CEST6008153192.168.2.41.1.1.1
                  Apr 1, 2025 16:51:15.792224884 CEST6164253192.168.2.41.1.1.1
                  Apr 1, 2025 16:51:15.895658970 CEST53616421.1.1.1192.168.2.4
                  Apr 1, 2025 16:51:16.820235968 CEST5802853192.168.2.41.1.1.1
                  Apr 1, 2025 16:51:16.924029112 CEST53580281.1.1.1192.168.2.4
                  Apr 1, 2025 16:51:17.765157938 CEST5060653192.168.2.41.1.1.1
                  Apr 1, 2025 16:51:17.765157938 CEST5999753192.168.2.41.1.1.1
                  Apr 1, 2025 16:51:17.869891882 CEST53506061.1.1.1192.168.2.4
                  Apr 1, 2025 16:51:17.870457888 CEST53599971.1.1.1192.168.2.4
                  Apr 1, 2025 16:51:27.736661911 CEST53585371.1.1.1192.168.2.4
                  Apr 1, 2025 16:51:46.619191885 CEST53610181.1.1.1192.168.2.4
                  Apr 1, 2025 16:52:09.338138103 CEST53555621.1.1.1192.168.2.4
                  Apr 1, 2025 16:52:09.533992052 CEST53573891.1.1.1192.168.2.4
                  Apr 1, 2025 16:52:10.162141085 CEST138138192.168.2.4192.168.2.255
                  Apr 1, 2025 16:52:10.293051958 CEST53540721.1.1.1192.168.2.4
                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                  Apr 1, 2025 16:51:12.296523094 CEST192.168.2.41.1.1.10x15f2Standard query (0)www.google.comA (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:12.296523094 CEST192.168.2.41.1.1.10x871bStandard query (0)www.google.com65IN (0x0001)false
                  Apr 1, 2025 16:51:15.105257988 CEST192.168.2.41.1.1.10x9df4Standard query (0)outlook-web-app-30c710.webflow.ioA (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:15.105375051 CEST192.168.2.41.1.1.10x3d9aStandard query (0)outlook-web-app-30c710.webflow.io65IN (0x0001)false
                  Apr 1, 2025 16:51:15.791666985 CEST192.168.2.41.1.1.10xdd27Standard query (0)d3e54v103j8qbb.cloudfront.netA (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:15.792224884 CEST192.168.2.41.1.1.10x778cStandard query (0)d3e54v103j8qbb.cloudfront.net65IN (0x0001)false
                  Apr 1, 2025 16:51:16.820235968 CEST192.168.2.41.1.1.10x471Standard query (0)d3e54v103j8qbb.cloudfront.netA (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:17.765157938 CEST192.168.2.41.1.1.10x7d78Standard query (0)d3e54v103j8qbb.cloudfront.netA (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:17.765157938 CEST192.168.2.41.1.1.10x41d5Standard query (0)d3e54v103j8qbb.cloudfront.net65IN (0x0001)false
                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                  Apr 1, 2025 16:51:12.406837940 CEST1.1.1.1192.168.2.40x15f2No error (0)www.google.com142.251.40.228A (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:15.216479063 CEST1.1.1.1192.168.2.40x9df4No error (0)outlook-web-app-30c710.webflow.io104.18.36.248A (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:15.216479063 CEST1.1.1.1192.168.2.40x9df4No error (0)outlook-web-app-30c710.webflow.io172.64.151.8A (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:16.924029112 CEST1.1.1.1192.168.2.40x471No error (0)d3e54v103j8qbb.cloudfront.net13.33.251.68A (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:16.924029112 CEST1.1.1.1192.168.2.40x471No error (0)d3e54v103j8qbb.cloudfront.net13.33.251.140A (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:16.924029112 CEST1.1.1.1192.168.2.40x471No error (0)d3e54v103j8qbb.cloudfront.net13.33.251.183A (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:16.924029112 CEST1.1.1.1192.168.2.40x471No error (0)d3e54v103j8qbb.cloudfront.net13.33.251.210A (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:17.869891882 CEST1.1.1.1192.168.2.40x7d78No error (0)d3e54v103j8qbb.cloudfront.net13.33.251.140A (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:17.869891882 CEST1.1.1.1192.168.2.40x7d78No error (0)d3e54v103j8qbb.cloudfront.net13.33.251.68A (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:17.869891882 CEST1.1.1.1192.168.2.40x7d78No error (0)d3e54v103j8qbb.cloudfront.net13.33.251.210A (IP address)IN (0x0001)false
                  Apr 1, 2025 16:51:17.869891882 CEST1.1.1.1192.168.2.40x7d78No error (0)d3e54v103j8qbb.cloudfront.net13.33.251.183A (IP address)IN (0x0001)false
                  • outlook-web-app-30c710.webflow.io
                    • d3e54v103j8qbb.cloudfront.net
                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  0192.168.2.449730104.18.36.2484434748C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-01 14:51:15 UTC683OUTGET / HTTP/1.1
                  Host: outlook-web-app-30c710.webflow.io
                  Connection: keep-alive
                  sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                  sec-ch-ua-mobile: ?0
                  sec-ch-ua-platform: "Windows"
                  Upgrade-Insecure-Requests: 1
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                  Sec-Fetch-Site: none
                  Sec-Fetch-Mode: navigate
                  Sec-Fetch-User: ?1
                  Sec-Fetch-Dest: document
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  2025-04-01 14:51:15 UTC692INHTTP/1.1 404 Not Found
                  Date: Tue, 01 Apr 2025 14:51:15 GMT
                  Content-Type: text/html
                  Transfer-Encoding: chunked
                  Connection: close
                  CF-Ray: 9298e74eeddb2732-EWR
                  CF-Cache-Status: HIT
                  Age: 644
                  Cache-Control: public, max-age=432000
                  ETag: W/"67e7684e-38c"
                  content-security-policy: frame-ancestors 'self' https://*.webflow.com http://*.webflow.com http://*.webflow.io http://webflow.com https://webflow.com
                  surrogate-key: outlook-web-app-30c710.webflow.io
                  vary: Accept-Encoding
                  Set-Cookie: _cfuvid=exRq0HaZUZbES_qHECxXKIeSw4NSbgedGmjRHGZL2js-1743519075709-0.0.1.1-604800000; path=/; domain=.webflow.io; HttpOnly; Secure; SameSite=None
                  Server: cloudflare
                  alt-svc: h3=":443"; ma=86400
                  2025-04-01 14:51:15 UTC677INData Raw: 33 38 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 54 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 64 6f 65 73 6e 26 23 78 32 37 3b 74 20 65 78 69 73 74 20 6f 72 20 68 61 73 20 62 65 65 6e 20 6d 6f 76 65 64 2e 22 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64
                  Data Ascii: 38c<!DOCTYPE html><html lang="en"><head> <meta charset="utf-8"> <title>404 - Page not found</title> <meta content="The page you are looking for doesn&#x27;t exist or has been moved." name="description"> <meta content="width=device-wid
                  2025-04-01 14:51:15 UTC238INData Raw: 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 74 69 6c 69 74 79 2d 63 6f 6e 74 65 6e 74 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 31 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 62 72 3e 3c 2f 68 31 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 54 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 64 6f 65 73 6e 26 23 78 32 37 3b 74 20 65 78 69 73 74 20 6f 72 20 68 61 73 20 62 65 65 6e 20 6d 6f 76 65 64 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 0a 3c 2f 68 74 6d 6c 3e 0a 0d 0a
                  Data Ascii: > <div class="utility-content"> <h1>Page not found<br></h1> <p>The page you are looking for doesn&#x27;t exist or has been moved.</p> </div> <div></div> </div></div></body></html>
                  2025-04-01 14:51:15 UTC5INData Raw: 30 0d 0a 0d 0a
                  Data Ascii: 0


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  1192.168.2.44973213.33.251.684434748C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-01 14:51:17 UTC637OUTGET /css/webflow-https-errors.webflow.css HTTP/1.1
                  Host: d3e54v103j8qbb.cloudfront.net
                  Connection: keep-alive
                  sec-ch-ua-platform: "Windows"
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                  sec-ch-ua-mobile: ?0
                  Accept: text/css,*/*;q=0.1
                  Sec-Fetch-Site: cross-site
                  Sec-Fetch-Mode: no-cors
                  Sec-Fetch-Dest: style
                  Sec-Fetch-Storage-Access: active
                  Referer: https://outlook-web-app-30c710.webflow.io/
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  2025-04-01 14:51:17 UTC528INHTTP/1.1 200 OK
                  Content-Type: text/css
                  Content-Length: 4176
                  Connection: close
                  Last-Modified: Mon, 05 Jul 2021 14:41:25 GMT
                  X-Amz-Server-Side-Encryption: AES256
                  Accept-Ranges: bytes
                  Server: AmazonS3
                  Date: Tue, 01 Apr 2025 00:45:32 GMT
                  Etag: "c2bf6463065522e597390eedb7a3f2f7"
                  Via: 1.1 7ea7b08f7e1d26433f5be7f6d4283d3c.cloudfront.net (CloudFront)
                  Age: 50745
                  Access-Control-Allow-Origin: *
                  X-Cache: Hit from cloudfront
                  X-Amz-Cf-Pop: JFK50-P10
                  X-Amz-Cf-Id: FXzHb2egUhAOuUxSNZquwpvtFtinPmhnMVYZmpGMiRIelgwZU_QnHw==
                  2025-04-01 14:51:17 UTC4176INData Raw: 2f 2a 21 20 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 76 33 2e 30 2e 33 20 7c 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 7c 20 67 69 74 68 75 62 2e 63 6f 6d 2f 6e 65 63 6f 6c 61 73 2f 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 2a 2f 0a 0a 68 74 6d 6c 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 2d 6d 73 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 20 31 30 30 25 3b 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 20 31 30 30 25 3b 0a 7d 0a 0a 62 6f 64 79 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 7d 0a 0a 61 72 74 69 63 6c 65 2c 0a 61 73 69 64 65 2c 0a 64 65 74 61 69 6c 73 2c 0a 66 69 67 63 61 70 74 69 6f 6e 2c 0a 66 69 67 75 72 65 2c 0a
                  Data Ascii: /*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */html { font-family: sans-serif; -ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;}body { margin: 0;}article,aside,details,figcaption,figure,


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  2192.168.2.44973513.33.251.684434748C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-01 14:51:17 UTC685OUTGET /static/favicon_designer.88fce7c7f8.png HTTP/1.1
                  Host: d3e54v103j8qbb.cloudfront.net
                  Connection: keep-alive
                  sec-ch-ua-platform: "Windows"
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                  sec-ch-ua-mobile: ?0
                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                  Sec-Fetch-Site: cross-site
                  Sec-Fetch-Mode: no-cors
                  Sec-Fetch-Dest: image
                  Sec-Fetch-Storage-Access: active
                  Referer: https://outlook-web-app-30c710.webflow.io/
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  2025-04-01 14:51:17 UTC575INHTTP/1.1 200 OK
                  Content-Type: image/png
                  Content-Length: 688
                  Connection: close
                  Date: Mon, 31 Mar 2025 18:26:27 GMT
                  Last-Modified: Mon, 18 Sep 2023 19:52:28 GMT
                  Etag: "88fce7c7f8d3a7e53fda27ceadac4d12"
                  X-Amz-Server-Side-Encryption: AES256
                  Cache-Control: max-age=84600, must-revalidate
                  Accept-Ranges: bytes
                  Server: AmazonS3
                  Via: 1.1 3bd704a723998d21cd3d1c7e5aa5b320.cloudfront.net (CloudFront)
                  Age: 73491
                  Access-Control-Allow-Origin: *
                  X-Cache: Hit from cloudfront
                  X-Amz-Cf-Pop: JFK50-P10
                  X-Amz-Cf-Id: uqkXMykGHYFJQqbGT_ppuV6TJrUGGCbzJCk43BQHPdPk7_gcTqf4SA==
                  2025-04-01 14:51:17 UTC688INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 02 45 49 44 41 54 78 01 ed 57 5d 6e 9b 40 10 9e 5d ac 54 09 ae 44 55 5b ea 5b f1 0d 7c 04 72 84 9e a0 f6 01 1a 73 03 c7 27 28 6d 0f 10 7a 83 f6 04 e5 08 39 02 7d 8b 64 aa 20 05 ea a8 0d 3b 9d 41 71 4a 80 35 c6 51 cc 8b 3f 0b 76 3d fb 33 df 0e 3b b3 b3 02 08 03 77 e5 00 e2 9c 1e 07 f6 01 21 02 7a 16 91 77 1c 88 5c b9 52 3f a0 0b 48 79 da 03 cc e6 44 89 7e f8 c9 94 e6 79 e8 89 18 9e 19 af cf 6e 3c 01 72 c6 56 17 83 b3 14 59 18 7d 36 05 ec 09 96 7b 6d f5 d4 d1 35 d7 25 74 80 d8 7b f5 60 e5 4e 08 14 71 20 d0
                  Data Ascii: PNGIHDR szzpHYssRGBgAMAaEIDATxW]n@]TDU[[|rs'(mz9}d ;AqJ5Q?v=3;w!zw\R?HyD~yn<rVY}6{m5%t{`Nq


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  3192.168.2.44973413.33.251.684434748C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-01 14:51:17 UTC672OUTGET /fonts/Graphik-Medium-Web.abf6e1188f.woff2 HTTP/1.1
                  Host: d3e54v103j8qbb.cloudfront.net
                  Connection: keep-alive
                  Origin: https://outlook-web-app-30c710.webflow.io
                  sec-ch-ua-platform: "Windows"
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                  sec-ch-ua-mobile: ?0
                  Accept: */*
                  Sec-Fetch-Site: cross-site
                  Sec-Fetch-Mode: cors
                  Sec-Fetch-Dest: font
                  Referer: https://d3e54v103j8qbb.cloudfront.net/css/webflow-https-errors.webflow.css
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  2025-04-01 14:51:17 UTC619INHTTP/1.1 200 OK
                  Content-Type: application/octet-stream
                  Content-Length: 34041
                  Connection: close
                  Date: Tue, 01 Apr 2025 01:47:36 GMT
                  Access-Control-Allow-Origin: *
                  Access-Control-Allow-Methods: GET
                  Access-Control-Max-Age: 3000
                  Last-Modified: Wed, 05 Jun 2019 19:43:00 GMT
                  Etag: "abf6e1188f57f609d6987ca7aa1f54b7"
                  Cache-Control: max-age=84600, must-revalidate
                  Accept-Ranges: bytes
                  Server: AmazonS3
                  Via: 1.1 f00bb95b8c55d1da29ae14415a8da844.cloudfront.net (CloudFront)
                  Age: 47022
                  X-Cache: Hit from cloudfront
                  X-Amz-Cf-Pop: JFK50-P10
                  X-Amz-Cf-Id: z5T_73G6ZoyzPCuEXImyO1-rmlLCBKphVBwZybN-GH2XpT2FHsxHYg==
                  2025-04-01 14:51:17 UTC15765INData Raw: 77 4f 46 32 00 01 00 00 00 00 84 f9 00 13 00 00 00 01 73 34 00 00 84 77 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 84 e0 00 00 00 19 1b 81 b8 28 1c 9a 56 14 84 18 06 60 16 97 3a 00 8a 20 08 54 09 83 3c 11 0c 0a 83 9b 64 82 ef 6a 12 84 20 01 36 02 24 03 90 50 0b 88 2a 00 04 20 05 88 5f 07 9f 3a 0c 83 6e 5b c6 57 71 06 e7 e6 b4 f3 13 54 b9 6d 00 0d fd 57 6e f5 7e 2f e0 c9 06 ef 95 9e db 04 a9 87 b4 45 d6 b0 dd 31 e3 6e 95 b4 45 0d 2b cb fe ff ff ff cc 64 43 c6 02 b0 03 60 6e 4b 55 fb aa 27 88 00 99 47 56 15 8b 60 de 0c 2b 73 16 02 14 9d 86 60 6b 34 3e c3 5d ea 66 34 c1 57 82 39 3d a3 50 33 a3 a5 21 b7 51 01 42 75 f8 88 1d c7 59 b3 25 5c 08 a3 ab 53 f0 d3 98 61 eb e9 42 40 84 81 8c 40 e0 00 20 00 2c d9 fd ba 43 18 bc d8 f3 9c 22 1e af d1 1f f8 51
                  Data Ascii: wOF2s4w(V`: T<dj 6$P* _:n[WqTmWn~/E1nE+dC`nKU'GV`+s`k4>]f4W9=P3!QBuY%\SaB@@ ,C"Q
                  2025-04-01 14:51:17 UTC16384INData Raw: 06 5d 78 5f 9b a3 b4 c3 bc 27 2f 48 75 5e fc d5 b9 d1 e2 52 a9 ec d2 d4 dd d2 bb 49 76 9f 37 9b 93 3e 5e df 98 07 02 ae 57 2d c5 46 8f 25 2f 3d dd 34 82 ca 8d 43 5f cb f3 e4 3a d0 36 f6 79 77 ad a1 5f 96 07 bc a8 eb ba d9 bc 11 19 b0 06 68 88 f1 e6 7d 08 2f 30 1f 4d 4c 4b ed 9a 0e b2 57 23 8e c5 d7 17 b8 79 cd 2e 81 83 2e d5 93 12 6a 44 a6 6b 21 6d 4f da 0a ec 6b 57 3a 00 49 8f b6 93 92 61 b4 65 06 d7 8e 22 94 f8 f0 d1 10 55 eb fc f7 5c ea 83 d8 46 71 24 c2 9b 75 21 5d bc b5 91 d8 23 92 f8 7b 90 37 7b 35 59 f9 fa 4a 7a e5 8e bd fd 76 c0 9b 7d 7e 3d f8 ce 6c eb 2c b3 b0 6f 07 52 30 27 0d 27 f9 73 6e 84 47 32 1f 4b ae 93 ba 14 ed f8 3a 25 18 ee 9d 2f 74 0b 6b 4d 52 2f 43 06 93 12 2a 84 02 1f 07 a1 3a a6 5c 6c 26 dc 26 ea d1 4f a5 65 06 1b 77 d8 e7 1d ab 49
                  Data Ascii: ]x_'/Hu^RIv7>^W-F%/=4C_:6yw_h}/0MLKW#y..jDk!mOkW:Iae"U\Fq$u!]#{7{5YJzv}~=l,oR0''snG2K:%/tkMR/C*:\l&&OewI
                  2025-04-01 14:51:17 UTC1892INData Raw: 6e 9b 41 89 6c 39 3c c6 0e 46 3b f5 b7 93 15 4c 67 8b bc fe 79 c5 bf d9 4c 8b cf be cb 87 6e e4 ff 8d 0f 42 4a 7f 43 87 63 bf 20 4e 3b fa 65 fc 96 12 31 34 97 23 24 87 1f 10 94 69 71 91 11 83 b6 da 12 ca 59 ba d4 ef 93 20 53 9c 64 31 36 40 05 d8 26 43 02 3d 7a 04 72 bc a9 9d 2e 0d 41 d6 b0 88 01 f7 d1 38 df c7 4d a6 18 19 92 24 4b 81 4a b6 09 2a 06 2a 8b ee 1d 2f 41 aa 18 da 29 d0 c5 12 13 0f f5 f9 27 45 92 2d 01 27 cc b2 5d 9c f4 a1 bb b4 ba 88 5e e0 d0 59 12 c8 40 b2 e4 38 ad 34 96 4d 62 75 96 0c 56 f4 e9 2b e8 67 a9 40 8e 52 ef f2 f8 53 36 1d 71 48 db 47 fa 10 95 25 6d 54 ec 10 95 4d 67 59 1d 0f 95 28 5d 26 82 db db 64 d9 e4 2a eb 34 c2 86 24 38 c0 49 09 76 cb c3 c5 86 5c 97 26 2b ce b2 99 c5 58 fd e7 30 59 9c 49 5a 78 69 0d 25 28 8d 78 67 d9 39 ad ce
                  Data Ascii: nAl9<F;LgyLnBJCc N;e14#$iqY Sd16@&C=zr.A8M$KJ**/A)'E-']^Y@84MbuV+g@RS6qHG%mTMgY(]&d*4$8Iv\&+X0YIZxi%(xg9


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  4192.168.2.44973313.33.251.684434748C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-01 14:51:17 UTC673OUTGET /fonts/Graphik-Regular-Web.5a0c1a002e.woff2 HTTP/1.1
                  Host: d3e54v103j8qbb.cloudfront.net
                  Connection: keep-alive
                  Origin: https://outlook-web-app-30c710.webflow.io
                  sec-ch-ua-platform: "Windows"
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                  sec-ch-ua-mobile: ?0
                  Accept: */*
                  Sec-Fetch-Site: cross-site
                  Sec-Fetch-Mode: cors
                  Sec-Fetch-Dest: font
                  Referer: https://d3e54v103j8qbb.cloudfront.net/css/webflow-https-errors.webflow.css
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  2025-04-01 14:51:17 UTC619INHTTP/1.1 200 OK
                  Content-Type: application/octet-stream
                  Content-Length: 30885
                  Connection: close
                  Date: Tue, 01 Apr 2025 01:47:36 GMT
                  Access-Control-Allow-Origin: *
                  Access-Control-Allow-Methods: GET
                  Access-Control-Max-Age: 3000
                  Last-Modified: Wed, 05 Jun 2019 19:45:00 GMT
                  Etag: "5a0c1a002e8a14bedb37e60ee72642ac"
                  Cache-Control: max-age=84600, must-revalidate
                  Accept-Ranges: bytes
                  Server: AmazonS3
                  Via: 1.1 04eb98a9e0ea7d312d38391a3e694d2e.cloudfront.net (CloudFront)
                  Age: 47022
                  X-Cache: Hit from cloudfront
                  X-Amz-Cf-Pop: JFK50-P10
                  X-Amz-Cf-Id: DsC36aTxLz_coT7t0wBrBooYVroHXC-Cyz4g9K52z8TC1k4hMzvecw==
                  2025-04-01 14:51:17 UTC15765INData Raw: 77 4f 46 32 00 01 00 00 00 00 78 a5 00 13 00 00 00 01 61 78 00 00 78 21 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 8c 00 00 00 19 1b 81 95 2e 1c 9a 6e 14 84 19 06 60 16 97 3a 00 89 08 08 4c 09 83 3c 11 0c 0a 83 9d 08 82 f1 0f 12 84 20 01 36 02 24 03 90 50 0b 88 2c 00 04 20 05 88 63 07 9f 44 0c 83 00 5b 0a 46 91 00 63 9b c6 57 cd 03 bb 6d 00 0c 9f 19 56 f7 95 b8 c0 dc d4 31 aa df 6d c3 2d 22 96 ab 87 df 4a 89 78 fb 5e 00 ba 83 47 10 ed eb 3a fb ff ff ff 3f 39 a9 c8 98 69 07 49 bb 01 03 41 54 d4 ff 07 3d 49 41 9b 35 5b 92 53 24 d3 e4 1c c9 c0 b4 b4 34 91 44 6b 89 da d7 88 d4 86 65 a6 a2 e4 96 3d eb cd ec e3 3b fc 3b 4e 4f a3 db 1f ee bd 1e 4c 9a e0 d3 13 d2 a1 a1 43 43 87 05 2f ff be bb bc 50 2f 2b b9 2c 26 cb ef 25 ba 99 6e 4e 47 08 bf 0f d6
                  Data Ascii: wOF2xaxx!x.n`:L< 6$P, cD[FcWmV1m-"Jx^G:?9iIAT=IA5[S$4Dke=;;NOLCC/P/+,&%nNG
                  2025-04-01 14:51:17 UTC15120INData Raw: 53 ac b1 20 b7 7e 11 30 ee 67 5c a3 fb aa 3c 63 9d 7e f6 0a 99 ec 3b 56 de de 4f a5 1b 97 58 70 05 ef 73 8b 95 76 e3 85 2f f8 b4 63 19 26 5c 81 e9 fe 01 7a c1 c4 1f 1e de 45 f2 ea ff 66 72 9e 3f 5c d4 3a bd e0 8f 82 27 e7 f6 db a7 a9 68 ef a6 68 4d 53 14 c3 27 d9 e8 16 12 8f f6 e6 d9 11 9a 2b 03 f6 4a b5 36 20 15 50 5b e5 dc b2 b0 2d d5 5a 61 b5 4d 37 76 0a 42 01 49 8f cd 2a 9e 1a f4 77 08 4c c0 32 12 0c 40 c4 66 db 1a 21 fc de 54 fa b3 6b be a2 aa 4a 39 80 b8 94 f3 ab aa 17 28 61 64 be 32 51 a5 18 70 21 ca 05 55 55 0b 14 cb 0e 50 c9 a5 15 31 0a 23 7b bf 2b 93 a7 26 08 9a 4a 79 6f 1b 61 da f5 af f6 53 a9 2b 0e 2f 2e c9 41 a4 e5 a7 48 62 93 a0 b4 54 a9 75 50 78 45 63 3b 06 fc 58 c1 a1 f7 c7 ed b1 3a 98 f5 80 36 16 bf 54 a6 2a 17 4b fd d8 80 d0 d9 cd a2 8c
                  Data Ascii: S ~0g\<c~;VOXpsv/c&\zEfr?\:'hhMS'+J6 P[-ZaM7vBI*wL2@f!TkJ9(ad2Qp!UUP1#{+&JyoaS+/.AHbTuPxEc;X:6T*K


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  5192.168.2.44973613.33.251.1404434748C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-04-01 14:51:18 UTC431OUTGET /static/favicon_designer.88fce7c7f8.png HTTP/1.1
                  Host: d3e54v103j8qbb.cloudfront.net
                  Connection: keep-alive
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                  Accept: */*
                  Sec-Fetch-Site: none
                  Sec-Fetch-Mode: cors
                  Sec-Fetch-Dest: empty
                  Sec-Fetch-Storage-Access: active
                  Accept-Encoding: gzip, deflate, br, zstd
                  Accept-Language: en-US,en;q=0.9
                  2025-04-01 14:51:18 UTC575INHTTP/1.1 200 OK
                  Content-Type: image/png
                  Content-Length: 688
                  Connection: close
                  Date: Mon, 31 Mar 2025 18:26:27 GMT
                  Last-Modified: Mon, 18 Sep 2023 19:52:28 GMT
                  Etag: "88fce7c7f8d3a7e53fda27ceadac4d12"
                  X-Amz-Server-Side-Encryption: AES256
                  Cache-Control: max-age=84600, must-revalidate
                  Accept-Ranges: bytes
                  Server: AmazonS3
                  Via: 1.1 2ae108ea5404064fac59010eedcd1806.cloudfront.net (CloudFront)
                  Age: 73492
                  Access-Control-Allow-Origin: *
                  X-Cache: Hit from cloudfront
                  X-Amz-Cf-Pop: JFK50-P10
                  X-Amz-Cf-Id: tnMYeyTUlwG3m-wpK_MvIJnqExIb8n2Zkjy-a-QRXQuAfOi9Up6C-w==
                  2025-04-01 14:51:18 UTC688INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 02 45 49 44 41 54 78 01 ed 57 5d 6e 9b 40 10 9e 5d ac 54 09 ae 44 55 5b ea 5b f1 0d 7c 04 72 84 9e a0 f6 01 1a 73 03 c7 27 28 6d 0f 10 7a 83 f6 04 e5 08 39 02 7d 8b 64 aa 20 05 ea a8 0d 3b 9d 41 71 4a 80 35 c6 51 cc 8b 3f 0b 76 3d fb 33 df 0e 3b b3 b3 02 08 03 77 e5 00 e2 9c 1e 07 f6 01 21 02 7a 16 91 77 1c 88 5c b9 52 3f a0 0b 48 79 da 03 cc e6 44 89 7e f8 c9 94 e6 79 e8 89 18 9e 19 af cf 6e 3c 01 72 c6 56 17 83 b3 14 59 18 7d 36 05 ec 09 96 7b 6d f5 d4 d1 35 d7 25 74 80 d8 7b f5 60 e5 4e 08 14 71 20 d0
                  Data Ascii: PNGIHDR szzpHYssRGBgAMAaEIDATxW]n@]TDU[[|rs'(mz9}d ;AqJ5Q?v=3;w!zw\R?HyD~yn<rVY}6{m5%t{`Nq


                  020406080s020406080100

                  Click to jump to process

                  020406080s0.0050100MB

                  Click to jump to process

                  Target ID:2
                  Start time:10:51:04
                  Start date:01/04/2025
                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                  Wow64 process (32bit):false
                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                  Imagebase:0x7ff786830000
                  File size:3'388'000 bytes
                  MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                  Has elevated privileges:true
                  Has administrator privileges:true
                  Programmed in:C, C++ or other language
                  Reputation:low
                  Has exited:false

                  Target ID:3
                  Start time:10:51:06
                  Start date:01/04/2025
                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                  Wow64 process (32bit):false
                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2036,i,4384471797931532710,8386410433809053487,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2060 /prefetch:3
                  Imagebase:0x7ff786830000
                  File size:3'388'000 bytes
                  MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                  Has elevated privileges:true
                  Has administrator privileges:true
                  Programmed in:C, C++ or other language
                  Reputation:low
                  Has exited:false

                  Target ID:9
                  Start time:10:51:14
                  Start date:01/04/2025
                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                  Wow64 process (32bit):false
                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://outlook-web-app-30c710.webflow.io/"
                  Imagebase:0x7ff786830000
                  File size:3'388'000 bytes
                  MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                  Has elevated privileges:true
                  Has administrator privileges:true
                  Programmed in:C, C++ or other language
                  Reputation:low
                  Has exited:true
                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                  No disassembly