Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ie

Overview

General Information

Sample URL:https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ie
Analysis ID:1667295
Infos:

Detection

Score:2
Range:0 - 100
Confidence:100%

Signatures

HTML body contains low number of good links
HTML body contains password input but no form action
HTML title does not match URL
URL contains potential PII (phishing indication)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5736 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 2172 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2420,i,1892827117926094393,10130407658345944235,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2448 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 6756 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ie" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • Phishing
  • Compliance
  • Networking
  • System Summary

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ieHTTP Parser: Number of links: 0
Source: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ieHTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ieHTTP Parser: Title: Password Protection does not match URL
Source: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ieSample URL: PII: david.butler@sfsi.ie
Source: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ieHTTP Parser: <input type="password" .../> found
Source: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ieHTTP Parser: No favicon
Source: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ieHTTP Parser: No favicon
Source: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ieHTTP Parser: No <meta name="author".. found
Source: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ieHTTP Parser: No <meta name="author".. found
Source: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ieHTTP Parser: No <meta name="copyright".. found
Source: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ieHTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 64.233.185.106:443 -> 192.168.2.4:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 100.28.201.155:443 -> 192.168.2.4:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 100.28.201.155:443 -> 192.168.2.4:49725 version: TLS 1.2
Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.136.94
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.136.94
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.136.94
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.136.94
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.136.94
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.136.94
Source: global trafficHTTP traffic detected: GET /webmail.html HTTP/1.1Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.appConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.appConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
Source: unknownHTTP traffic detected: POST /webmail.html HTTP/1.1Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.appConnection: keep-aliveContent-Length: 45Cache-Control: max-age=0sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Origin: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.appContent-Type: application/x-www-form-urlencodedUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49680 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 64.233.185.106:443 -> 192.168.2.4:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 100.28.201.155:443 -> 192.168.2.4:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 100.28.201.155:443 -> 192.168.2.4:49725 version: TLS 1.2
Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: classification engineClassification label: clean2.win@21/2@4/4
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2420,i,1892827117926094393,10130407658345944235,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2448 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ie"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2420,i,1892827117926094393,10130407658345944235,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2448 /prefetch:3Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1667295 URL: https://67f7c4539f4dde93d06... Startdate: 17/04/2025 Architecture: WINDOWS Score: 2 5 chrome.exe 2 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.4, 138, 443, 49709 unknown unknown 5->13 15 192.168.2.5 unknown unknown 5->15 10 chrome.exe 5->10         started        process4 dnsIp5 17 www.google.com 64.233.185.106, 443, 49724, 49752 GOOGLEUS United States 10->17 19 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app 100.28.201.155, 443, 49725, 49726 AMAZON-AESUS United States 10->19

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ie0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html0%Avira URL Cloudsafe
https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/favicon.ico0%Avira URL Cloudsafe

Domains and IPs

Download Network PCAP: filteredfull

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
www.google.com
64.233.185.106
truefalse
    		high
    67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
    		100.28.201.155
    		truefalse
      		unknown

      Contacted URLs

      NameMaliciousAntivirus DetectionReputation
      http://c.pki.goog/r/r4.crlfalse
        		high
        https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.htmlfalse
        • Avira URL Cloud: safe
        		unknown
        https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/favicon.icofalse
        • Avira URL Cloud: safe
        		unknown
        https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.iefalse
          		unknown

          World Map of Contacted IPs

          • No. of IPs < 25%
          • 25% < No. of IPs < 50%
          • 50% < No. of IPs < 75%
          • 75% < No. of IPs

          Public IPs

          IPDomainCountryFlagASNASN NameMalicious
          100.28.201.155
          		67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.appUnited States
          		14618AMAZON-AESUSfalse
          64.233.185.106
          		www.google.comUnited States
          		15169GOOGLEUSfalse

          Private

          IP
          192.168.2.4
          192.168.2.5

          General Information

          Joe Sandbox version:42.0.0 Malachite
          Analysis ID:1667295
          Start date and time:2025-04-17 10:47:03 +02:00
          Joe Sandbox product:CloudBasic
          Overall analysis duration:0h 3m 13s
          Hypervisor based Inspection enabled:false
          Report type:full
          Cookbook file name:browseurl.jbs
          Sample URL:https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ie
          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
          Number of analysed new started processes analysed:21
          Number of new started drivers analysed:0
          Number of existing processes analysed:0
          Number of existing drivers analysed:0
          Number of injected processes analysed:0
          Technologies:
          • HCA enabled
          • EGA enabled
          • AMSI enabled
          Analysis Mode:default
          Analysis stop reason:Timeout
          Detection:CLEAN
          Classification:clean2.win@21/2@4/4
          EGA Information:Failed
          HCA Information:
          • Successful, ratio: 100%
          • Number of executed functions: 0
          • Number of non-executed functions: 0
          • Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, sppsvc.exe, RuntimeBroker.exe, ShellExperienceHost.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
          • Excluded IPs from analysis (whitelisted): 108.177.122.94, 64.233.177.113, 64.233.177.102, 64.233.177.100, 64.233.177.101, 64.233.177.139, 64.233.177.138, 173.194.219.113, 173.194.219.100, 173.194.219.139, 173.194.219.101, 173.194.219.138, 173.194.219.102, 64.233.185.84, 74.125.136.102, 74.125.136.100, 74.125.136.113, 74.125.136.138, 74.125.136.139, 74.125.136.101, 142.250.9.113, 142.250.9.139, 142.250.9.101, 142.250.9.102, 142.250.9.100, 142.250.9.138, 173.194.219.95, 172.253.124.95, 74.125.21.95, 142.250.105.95, 64.233.177.95, 74.125.136.95, 108.177.122.95, 172.217.215.95, 64.233.176.95, 142.250.9.95, 142.251.15.95, 74.125.138.95, 64.233.185.95, 23.4.43.62, 199.232.214.172, 108.177.122.101, 108.177.122.113, 108.177.122.100, 108.177.122.138, 108.177.122.139, 108.177.122.102, 172.253.124.94, 184.28.213.193, 4.245.163.56
          • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com, c.pki.goog
          • Not all processes where analyzed, report is missing behavior information
          • Report size getting too big, too many NtOpenFile calls found.
          • VT rate limit hit for: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ie

          Simulations

          Behavior and APIs

          No simulations

          Joe Sandbox View / Context

          IPs

          No context

          Domains

          No context

          ASNs

          No context

          JA3 Fingerprints

          No context

          Dropped Files

          No context

          Created / dropped Files

          Chrome Cache Entry: 50

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with no line terminators
          Category:downloaded
          Size (bytes):16
          Entropy (8bit):3.875
          Encrypted:false
          SSDEEP:3:HwT:QT
          MD5:344EB8D19F5C0A3435EF32FD9601F1FB
          SHA1:E082EB1D89D91CC1A25A1D510268E576109DA07E
          SHA-256:B44289B54959639FCA6A742F7CC2E2A5AF9C6E7B73C1B3E25227CA9790F3A587
          SHA-512:EB9F1CD4A566192160371F4B182EE00180F6912333FFB79C537BD80635A6AFE6379FBE7BB74043D635BA65C9F4F956D9E97E516E24E516F2591192A36F866EAE
          Malicious:false
          Reputation:low
          URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIZCdI4DeQBEDfHEgUNzkFMeiHOMj_tLgUEzw==?alt=proto
          Preview:CgkKBw3OQUx6GgA=

          Static File Info

          No static file info

          Network Behavior

          Download Network PCAP: filteredfull

          Network Port Distribution

          • Total Packets: 190
          • 443 (HTTPS)
          • 80 (HTTP)
          • 53 (DNS)
          TimestampSource PortDest PortSource IPDest IP
          Apr 17, 2025 10:48:02.904063940 CEST49671443192.168.2.4204.79.197.203
          Apr 17, 2025 10:48:03.271459103 CEST49671443192.168.2.4204.79.197.203
          Apr 17, 2025 10:48:03.922593117 CEST49671443192.168.2.4204.79.197.203
          Apr 17, 2025 10:48:05.196635962 CEST49671443192.168.2.4204.79.197.203
          Apr 17, 2025 10:48:07.603610992 CEST49671443192.168.2.4204.79.197.203
          Apr 17, 2025 10:48:08.586838007 CEST49724443192.168.2.464.233.185.106
          Apr 17, 2025 10:48:08.586941957 CEST4434972464.233.185.106192.168.2.4
          Apr 17, 2025 10:48:08.587024927 CEST49724443192.168.2.464.233.185.106
          Apr 17, 2025 10:48:08.587213039 CEST49724443192.168.2.464.233.185.106
          Apr 17, 2025 10:48:08.587239027 CEST4434972464.233.185.106192.168.2.4
          Apr 17, 2025 10:48:08.812078953 CEST4434972464.233.185.106192.168.2.4
          Apr 17, 2025 10:48:08.812184095 CEST49724443192.168.2.464.233.185.106
          Apr 17, 2025 10:48:08.813796043 CEST49724443192.168.2.464.233.185.106
          Apr 17, 2025 10:48:08.813822985 CEST4434972464.233.185.106192.168.2.4
          Apr 17, 2025 10:48:08.814201117 CEST4434972464.233.185.106192.168.2.4
          Apr 17, 2025 10:48:08.868752956 CEST49724443192.168.2.464.233.185.106
          Apr 17, 2025 10:48:10.074031115 CEST49725443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.074091911 CEST44349725100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.074178934 CEST49725443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.074455023 CEST49726443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.074526072 CEST44349726100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.074583054 CEST49726443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.074620962 CEST49725443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.074641943 CEST44349725100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.074960947 CEST49726443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.074980974 CEST44349726100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.322249889 CEST44349726100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.322433949 CEST49726443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.323460102 CEST49726443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.323489904 CEST44349726100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.323734999 CEST44349726100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.324034929 CEST49726443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.325571060 CEST44349725100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.325633049 CEST49725443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.326478004 CEST49725443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.326498032 CEST44349725100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.326850891 CEST44349725100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.364269018 CEST44349726100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.377059937 CEST49725443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.602055073 CEST44349726100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.602134943 CEST44349726100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.602197886 CEST49726443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.602216959 CEST44349726100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.602269888 CEST49726443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.603389025 CEST49726443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.603434086 CEST44349726100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.712722063 CEST49725443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.756283998 CEST44349725100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.832221985 CEST44349725100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.832321882 CEST44349725100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.832372904 CEST49725443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.832411051 CEST44349725100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.832437038 CEST44349725100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:10.832457066 CEST49725443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.832488060 CEST49725443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.833257914 CEST49725443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:10.833275080 CEST44349725100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:11.666174889 CEST49678443192.168.2.420.189.173.27
          Apr 17, 2025 10:48:11.974313974 CEST49678443192.168.2.420.189.173.27
          Apr 17, 2025 10:48:12.415601015 CEST49671443192.168.2.4204.79.197.203
          Apr 17, 2025 10:48:12.587444067 CEST49678443192.168.2.420.189.173.27
          Apr 17, 2025 10:48:13.791222095 CEST49678443192.168.2.420.189.173.27
          Apr 17, 2025 10:48:15.837207079 CEST4968180192.168.2.42.17.190.73
          Apr 17, 2025 10:48:16.134593964 CEST4968180192.168.2.42.17.190.73
          Apr 17, 2025 10:48:16.164830923 CEST49709443192.168.2.4131.253.33.254
          Apr 17, 2025 10:48:16.167165995 CEST49709443192.168.2.4131.253.33.254
          Apr 17, 2025 10:48:16.168780088 CEST49709443192.168.2.4131.253.33.254
          Apr 17, 2025 10:48:16.197084904 CEST49678443192.168.2.420.189.173.27
          Apr 17, 2025 10:48:16.286823988 CEST44349709131.253.33.254192.168.2.4
          Apr 17, 2025 10:48:16.288052082 CEST44349709131.253.33.254192.168.2.4
          Apr 17, 2025 10:48:16.289091110 CEST44349709131.253.33.254192.168.2.4
          Apr 17, 2025 10:48:16.289145947 CEST49709443192.168.2.4131.253.33.254
          Apr 17, 2025 10:48:16.289187908 CEST44349709131.253.33.254192.168.2.4
          Apr 17, 2025 10:48:16.289266109 CEST49709443192.168.2.4131.253.33.254
          Apr 17, 2025 10:48:16.289532900 CEST44349709131.253.33.254192.168.2.4
          Apr 17, 2025 10:48:16.289586067 CEST49709443192.168.2.4131.253.33.254
          Apr 17, 2025 10:48:16.289872885 CEST49709443192.168.2.4131.253.33.254
          Apr 17, 2025 10:48:16.292201042 CEST44349709131.253.33.254192.168.2.4
          Apr 17, 2025 10:48:16.292237997 CEST44349709131.253.33.254192.168.2.4
          Apr 17, 2025 10:48:16.292268038 CEST49709443192.168.2.4131.253.33.254
          Apr 17, 2025 10:48:16.292299032 CEST49709443192.168.2.4131.253.33.254
          Apr 17, 2025 10:48:16.297720909 CEST49709443192.168.2.4131.253.33.254
          Apr 17, 2025 10:48:16.410573959 CEST44349709131.253.33.254192.168.2.4
          Apr 17, 2025 10:48:16.418493032 CEST44349709131.253.33.254192.168.2.4
          Apr 17, 2025 10:48:16.420895100 CEST44349709131.253.33.254192.168.2.4
          Apr 17, 2025 10:48:16.421000004 CEST44349709131.253.33.254192.168.2.4
          Apr 17, 2025 10:48:16.421020031 CEST49709443192.168.2.4131.253.33.254
          Apr 17, 2025 10:48:16.421056986 CEST49709443192.168.2.4131.253.33.254
          Apr 17, 2025 10:48:16.429107904 CEST49680443192.168.2.4204.79.197.222
          Apr 17, 2025 10:48:16.429382086 CEST49733443192.168.2.4204.79.197.222
          Apr 17, 2025 10:48:16.429436922 CEST44349733204.79.197.222192.168.2.4
          Apr 17, 2025 10:48:16.429739952 CEST49733443192.168.2.4204.79.197.222
          Apr 17, 2025 10:48:16.430048943 CEST49733443192.168.2.4204.79.197.222
          Apr 17, 2025 10:48:16.430074930 CEST44349733204.79.197.222192.168.2.4
          Apr 17, 2025 10:48:16.635243893 CEST4973480192.168.2.474.125.136.94
          Apr 17, 2025 10:48:16.728708982 CEST49680443192.168.2.4204.79.197.222
          Apr 17, 2025 10:48:16.741408110 CEST804973474.125.136.94192.168.2.4
          Apr 17, 2025 10:48:16.741516113 CEST4973480192.168.2.474.125.136.94
          Apr 17, 2025 10:48:16.741652966 CEST4973480192.168.2.474.125.136.94
          Apr 17, 2025 10:48:16.743963003 CEST4968180192.168.2.42.17.190.73
          Apr 17, 2025 10:48:16.771692991 CEST44349733204.79.197.222192.168.2.4
          Apr 17, 2025 10:48:16.771771908 CEST49733443192.168.2.4204.79.197.222
          Apr 17, 2025 10:48:16.847807884 CEST804973474.125.136.94192.168.2.4
          Apr 17, 2025 10:48:16.848500967 CEST804973474.125.136.94192.168.2.4
          Apr 17, 2025 10:48:16.900216103 CEST4973480192.168.2.474.125.136.94
          Apr 17, 2025 10:48:17.338179111 CEST49680443192.168.2.4204.79.197.222
          Apr 17, 2025 10:48:17.946633101 CEST4968180192.168.2.42.17.190.73
          Apr 17, 2025 10:48:18.540391922 CEST49680443192.168.2.4204.79.197.222
          Apr 17, 2025 10:48:18.804297924 CEST4434972464.233.185.106192.168.2.4
          Apr 17, 2025 10:48:18.804382086 CEST4434972464.233.185.106192.168.2.4
          Apr 17, 2025 10:48:18.804442883 CEST49724443192.168.2.464.233.185.106
          Apr 17, 2025 10:48:19.433727980 CEST49724443192.168.2.464.233.185.106
          Apr 17, 2025 10:48:19.433788061 CEST4434972464.233.185.106192.168.2.4
          Apr 17, 2025 10:48:20.354249001 CEST4968180192.168.2.42.17.190.73
          Apr 17, 2025 10:48:20.948568106 CEST49680443192.168.2.4204.79.197.222
          Apr 17, 2025 10:48:21.009548903 CEST49678443192.168.2.420.189.173.27
          Apr 17, 2025 10:48:22.024406910 CEST49671443192.168.2.4204.79.197.203
          Apr 17, 2025 10:48:22.031662941 CEST49737443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:22.031739950 CEST44349737100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:22.031842947 CEST49737443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:22.034796000 CEST49738443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:22.034837961 CEST44349738100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:22.034898996 CEST49738443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:22.035352945 CEST49738443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:22.035368919 CEST44349738100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:22.035660982 CEST49737443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:22.035680056 CEST44349737100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:22.280451059 CEST44349738100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:22.280750990 CEST49738443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:22.280772924 CEST44349738100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:22.280905962 CEST49738443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:22.280913115 CEST44349738100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:22.282099009 CEST44349737100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:22.282351017 CEST49737443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:22.282390118 CEST44349737100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:22.814306974 CEST44349738100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:22.814450026 CEST44349738100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:22.814511061 CEST49738443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:22.814526081 CEST44349738100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:22.814565897 CEST49738443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:22.814570904 CEST44349738100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:22.814666986 CEST44349738100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:22.814752102 CEST49738443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:22.872895956 CEST49738443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:22.872924089 CEST44349738100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:23.252613068 CEST49737443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:23.252652884 CEST44349737100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:23.372447014 CEST44349737100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:23.372601986 CEST44349737100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:23.372672081 CEST49737443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:23.372694969 CEST44349737100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:23.372740030 CEST49737443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:23.372746944 CEST44349737100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:23.372838974 CEST44349737100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:23.372895956 CEST49737443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:23.373199940 CEST49737443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:23.373209953 CEST44349737100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:25.173804045 CEST4968180192.168.2.42.17.190.73
          Apr 17, 2025 10:48:25.748823881 CEST49680443192.168.2.4204.79.197.222
          Apr 17, 2025 10:48:30.614909887 CEST49678443192.168.2.420.189.173.27
          Apr 17, 2025 10:48:34.265916109 CEST49740443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:34.265990973 CEST44349740100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:34.266597986 CEST49740443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:34.266849995 CEST49740443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:34.266879082 CEST44349740100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:34.271008968 CEST49741443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:34.271040916 CEST44349741100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:34.271330118 CEST49741443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:34.271604061 CEST49741443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:34.271621943 CEST44349741100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:34.508486032 CEST44349740100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:34.508759022 CEST49740443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:34.508802891 CEST44349740100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:34.508917093 CEST49740443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:34.508924961 CEST44349740100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:34.516056061 CEST44349741100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:34.516537905 CEST49741443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:34.516561031 CEST44349741100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:34.780175924 CEST4968180192.168.2.42.17.190.73
          Apr 17, 2025 10:48:35.047688961 CEST44349740100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:35.047745943 CEST44349740100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:35.047822952 CEST49740443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:35.047836065 CEST44349740100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:35.047895908 CEST49740443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:35.048444033 CEST49740443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:35.048460960 CEST44349740100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:35.142157078 CEST49741443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:35.142172098 CEST44349741100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:35.261924982 CEST44349741100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:35.262070894 CEST44349741100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:35.262303114 CEST44349741100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:35.262548923 CEST49741443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:35.263989925 CEST49741443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:35.264003992 CEST44349741100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:35.351744890 CEST49680443192.168.2.4204.79.197.222
          Apr 17, 2025 10:48:46.313688040 CEST49742443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:46.313747883 CEST44349742100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:46.313828945 CEST49742443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:46.314033031 CEST49742443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:46.314050913 CEST44349742100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:46.318759918 CEST49743443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:46.318814993 CEST44349743100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:46.318890095 CEST49743443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:46.319430113 CEST49743443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:46.319447041 CEST44349743100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:46.561383009 CEST44349742100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:46.561716080 CEST49742443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:46.561753035 CEST44349742100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:46.561985970 CEST49742443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:46.561992884 CEST44349742100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:46.563421011 CEST44349743100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:46.563710928 CEST49743443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:46.563740969 CEST44349743100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:47.101526976 CEST44349742100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:47.101675034 CEST44349742100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:47.101732969 CEST49742443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:47.101752043 CEST44349742100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:47.101798058 CEST49742443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:47.101807117 CEST44349742100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:47.101892948 CEST44349742100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:47.102123022 CEST49742443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:47.104990005 CEST49742443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:47.105005026 CEST44349742100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:47.198417902 CEST49743443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:47.198448896 CEST44349743100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:47.317857027 CEST44349743100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:47.317934990 CEST44349743100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:47.318003893 CEST49743443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:47.318027973 CEST44349743100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:47.318052053 CEST44349743100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:47.318080902 CEST49743443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:47.318106890 CEST49743443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:47.319128990 CEST49743443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:47.319142103 CEST44349743100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.179100037 CEST49744443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.179229975 CEST44349744100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.179285049 CEST49745443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.179331064 CEST44349745100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.179372072 CEST49744443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.179645061 CEST49745443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.179652929 CEST49744443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.179691076 CEST44349744100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.181098938 CEST49745443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.181114912 CEST44349745100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.425127029 CEST44349744100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.425563097 CEST49744443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.425563097 CEST49744443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.425642967 CEST44349744100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.425654888 CEST44349744100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.427885056 CEST44349745100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.428142071 CEST49745443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.428159952 CEST44349745100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.706168890 CEST44349744100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.706233978 CEST44349744100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.706314087 CEST49744443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.706382036 CEST44349744100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.706410885 CEST44349744100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.706442118 CEST49744443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.706476927 CEST49744443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.707211018 CEST49744443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.707243919 CEST44349744100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.804404020 CEST49745443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.804440975 CEST44349745100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.924276114 CEST44349745100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.924403906 CEST44349745100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.924465895 CEST49745443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.924482107 CEST44349745100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.924525976 CEST49745443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.924532890 CEST44349745100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.924640894 CEST44349745100.28.201.155192.168.2.4
          Apr 17, 2025 10:48:55.924686909 CEST49745443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.926239967 CEST49745443192.168.2.4100.28.201.155
          Apr 17, 2025 10:48:55.926250935 CEST44349745100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.048861980 CEST49749443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.048901081 CEST44349749100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.049045086 CEST49749443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.049305916 CEST49750443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.049344063 CEST44349750100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.049408913 CEST49750443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.049840927 CEST49749443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.049854994 CEST44349749100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.050162077 CEST49750443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.050179005 CEST44349750100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.291929960 CEST44349750100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.292157888 CEST49750443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.292207003 CEST44349750100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.292392015 CEST49750443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.292403936 CEST44349750100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.298456907 CEST44349749100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.298652887 CEST49749443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.298671961 CEST44349749100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.569839954 CEST44349750100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.569890976 CEST44349750100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.569947958 CEST49750443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.569957972 CEST44349750100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.570013046 CEST44349750100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.570043087 CEST49750443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.570067883 CEST49750443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.570384026 CEST49750443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.570391893 CEST44349750100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.630419016 CEST49749443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.630439043 CEST44349749100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.749850035 CEST44349749100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.749918938 CEST44349749100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.749995947 CEST49749443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.750020027 CEST44349749100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.750037909 CEST44349749100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:04.750087023 CEST49749443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.752923965 CEST49749443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:04.752943039 CEST44349749100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:08.542051077 CEST49752443192.168.2.464.233.185.106
          Apr 17, 2025 10:49:08.542103052 CEST4434975264.233.185.106192.168.2.4
          Apr 17, 2025 10:49:08.542239904 CEST49752443192.168.2.464.233.185.106
          Apr 17, 2025 10:49:08.542397022 CEST49752443192.168.2.464.233.185.106
          Apr 17, 2025 10:49:08.542407036 CEST4434975264.233.185.106192.168.2.4
          Apr 17, 2025 10:49:08.758232117 CEST4434975264.233.185.106192.168.2.4
          Apr 17, 2025 10:49:08.758522034 CEST49752443192.168.2.464.233.185.106
          Apr 17, 2025 10:49:08.758542061 CEST4434975264.233.185.106192.168.2.4
          Apr 17, 2025 10:49:12.833888054 CEST49754443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:12.833930969 CEST44349754100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:12.834076881 CEST49754443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:12.834497929 CEST49754443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:12.834513903 CEST44349754100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:12.837893009 CEST49755443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:12.837961912 CEST44349755100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:12.838352919 CEST49755443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:12.838615894 CEST49755443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:12.838649988 CEST44349755100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:13.076761007 CEST44349754100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:13.077405930 CEST49754443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:13.077425003 CEST44349754100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:13.077590942 CEST49754443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:13.077596903 CEST44349754100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:13.080401897 CEST44349755100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:13.080661058 CEST49755443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:13.080678940 CEST44349755100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:13.353766918 CEST44349754100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:13.353838921 CEST44349754100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:13.353936911 CEST44349754100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:13.353964090 CEST49754443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:13.354192019 CEST49754443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:13.356947899 CEST49754443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:13.356967926 CEST44349754100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:13.419292927 CEST49755443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:13.419332027 CEST44349755100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:13.538410902 CEST44349755100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:13.538475990 CEST44349755100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:13.538580894 CEST44349755100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:13.538669109 CEST49755443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:13.538670063 CEST49755443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:13.539086103 CEST49755443192.168.2.4100.28.201.155
          Apr 17, 2025 10:49:13.539102077 CEST44349755100.28.201.155192.168.2.4
          Apr 17, 2025 10:49:17.195616961 CEST4973480192.168.2.474.125.136.94
          Apr 17, 2025 10:49:17.301691055 CEST804973474.125.136.94192.168.2.4
          Apr 17, 2025 10:49:17.301794052 CEST4973480192.168.2.474.125.136.94
          Apr 17, 2025 10:49:18.788506031 CEST4434975264.233.185.106192.168.2.4
          Apr 17, 2025 10:49:18.788583040 CEST4434975264.233.185.106192.168.2.4
          Apr 17, 2025 10:49:18.788710117 CEST49752443192.168.2.464.233.185.106
          Apr 17, 2025 10:49:19.435399055 CEST49752443192.168.2.464.233.185.106
          Apr 17, 2025 10:49:19.435436010 CEST4434975264.233.185.106192.168.2.4
          TimestampSource PortDest PortSource IPDest IP
          Apr 17, 2025 10:48:04.438412905 CEST53542511.1.1.1192.168.2.4
          Apr 17, 2025 10:48:04.467116117 CEST53525251.1.1.1192.168.2.4
          Apr 17, 2025 10:48:05.263127089 CEST53504331.1.1.1192.168.2.4
          Apr 17, 2025 10:48:05.443187952 CEST53540611.1.1.1192.168.2.4
          Apr 17, 2025 10:48:08.479096889 CEST5406053192.168.2.41.1.1.1
          Apr 17, 2025 10:48:08.479279995 CEST4985153192.168.2.41.1.1.1
          Apr 17, 2025 10:48:08.585563898 CEST53540601.1.1.1192.168.2.4
          Apr 17, 2025 10:48:08.585903883 CEST53498511.1.1.1192.168.2.4
          Apr 17, 2025 10:48:09.963576078 CEST6405453192.168.2.41.1.1.1
          Apr 17, 2025 10:48:09.963865995 CEST6109253192.168.2.41.1.1.1
          Apr 17, 2025 10:48:10.072571039 CEST53610921.1.1.1192.168.2.4
          Apr 17, 2025 10:48:10.072607040 CEST53640541.1.1.1192.168.2.4
          Apr 17, 2025 10:48:10.781919003 CEST53582571.1.1.1192.168.2.4
          Apr 17, 2025 10:48:22.387562037 CEST53514981.1.1.1192.168.2.4
          Apr 17, 2025 10:48:41.387063980 CEST53508131.1.1.1192.168.2.4
          Apr 17, 2025 10:49:03.935489893 CEST53609811.1.1.1192.168.2.4
          Apr 17, 2025 10:49:04.104193926 CEST53504381.1.1.1192.168.2.4
          Apr 17, 2025 10:49:06.866744995 CEST53568721.1.1.1192.168.2.4
          Apr 17, 2025 10:49:13.317097902 CEST138138192.168.2.4192.168.2.255

          DNS Queries

          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
          Apr 17, 2025 10:48:08.479096889 CEST192.168.2.41.1.1.10x19b0Standard query (0)www.google.comA (IP address)IN (0x0001)false
          Apr 17, 2025 10:48:08.479279995 CEST192.168.2.41.1.1.10x4219Standard query (0)www.google.com65IN (0x0001)false
          Apr 17, 2025 10:48:09.963576078 CEST192.168.2.41.1.1.10xa153Standard query (0)67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.appA (IP address)IN (0x0001)false
          Apr 17, 2025 10:48:09.963865995 CEST192.168.2.41.1.1.10x8197Standard query (0)67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app65IN (0x0001)false

          DNS Answers

          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
          Apr 17, 2025 10:48:08.585563898 CEST1.1.1.1192.168.2.40x19b0No error (0)www.google.com64.233.185.106A (IP address)IN (0x0001)false
          Apr 17, 2025 10:48:08.585563898 CEST1.1.1.1192.168.2.40x19b0No error (0)www.google.com64.233.185.104A (IP address)IN (0x0001)false
          Apr 17, 2025 10:48:08.585563898 CEST1.1.1.1192.168.2.40x19b0No error (0)www.google.com64.233.185.99A (IP address)IN (0x0001)false
          Apr 17, 2025 10:48:08.585563898 CEST1.1.1.1192.168.2.40x19b0No error (0)www.google.com64.233.185.147A (IP address)IN (0x0001)false
          Apr 17, 2025 10:48:08.585563898 CEST1.1.1.1192.168.2.40x19b0No error (0)www.google.com64.233.185.105A (IP address)IN (0x0001)false
          Apr 17, 2025 10:48:08.585563898 CEST1.1.1.1192.168.2.40x19b0No error (0)www.google.com64.233.185.103A (IP address)IN (0x0001)false
          Apr 17, 2025 10:48:08.585903883 CEST1.1.1.1192.168.2.40x4219No error (0)www.google.com65IN (0x0001)false
          Apr 17, 2025 10:48:10.072607040 CEST1.1.1.1192.168.2.40xa153No error (0)67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app100.28.201.155A (IP address)IN (0x0001)false
          Apr 17, 2025 10:48:10.072607040 CEST1.1.1.1192.168.2.40xa153No error (0)67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app34.234.106.80A (IP address)IN (0x0001)false

          HTTP Request Dependency Graph

          • 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          • c.pki.goog

          HTTP Packets

          Session IDSource IPSource PortDestination IPDestination Port
          0192.168.2.44973474.125.136.9480
          TimestampBytes transferredDirectionData
          Apr 17, 2025 10:48:16.741652966 CEST200OUTGET /r/r4.crl HTTP/1.1
          Cache-Control: max-age = 3000
          Connection: Keep-Alive
          Accept: */*
          If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT
          User-Agent: Microsoft-CryptoAPI/10.0
          Host: c.pki.goog
          Apr 17, 2025 10:48:16.848500967 CEST1243INHTTP/1.1 200 OK
          Accept-Ranges: bytes
          Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
          Cross-Origin-Resource-Policy: cross-origin
          Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
          Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
          Content-Length: 530
          X-Content-Type-Options: nosniff
          Server: sffe
          X-XSS-Protection: 0
          Date: Thu, 17 Apr 2025 08:10:44 GMT
          Expires: Thu, 17 Apr 2025 09:00:44 GMT
          Cache-Control: public, max-age=3000
          Age: 2252
          Last-Modified: Thu, 03 Apr 2025 14:18:00 GMT
          Content-Type: application/pkix-crl
          Vary: Accept-Encoding
          Data Raw: 30 82 02 0e 30 82 01 93 02 01 01 30 0a 06 08 2a 86 48 ce 3d 04 03 03 30 47 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 22 30 20 06 03 55 04 0a 13 19 47 6f 6f 67 6c 65 20 54 72 75 73 74 20 53 65 72 76 69 63 65 73 20 4c 4c 43 31 14 30 12 06 03 55 04 03 13 0b 47 54 53 20 52 6f 6f 74 20 52 34 17 0d 32 35 30 34 30 33 30 38 30 30 30 30 5a 17 0d 32 36 30 32 32 38 30 37 35 39 35 39 5a 30 81 e9 30 2f 02 10 6e 47 a9 ce 4f 46 c2 3d e2 49 ea cc 38 94 53 73 17 0d 31 39 30 39 33 30 30 30 30 30 30 30 5a 30 0c 30 0a 06 03 55 1d 15 04 03 0a 01 05 30 2c 02 0d 01 f0 9c 5b 70 05 a6 dc 86 e2 f9 9e f3 17 0d 32 30 30 31 33 31 30 30 30 30 30 30 5a 30 0c 30 0a 06 03 55 1d 15 04 03 0a 01 05 30 2c 02 0d 01 fe a5 81 44 7e 3b fd 3b b8 1c 24 98 17 0d 32 33 30 36 31 33 30 30 30 30 30 30 5a 30 0c 30 0a 06 03 55 1d 15 04 03 0a 01 05 30 2c 02 0d 02 16 68 25 e1 70 04 40 61 24 91 f5 40 17 0d 32 35 30 34 30 33 30 38 30 30 30 30 5a 30 0c 30 0a 06 03 55 1d 15 04 03 0a 01 05 30 2c 02 0d 02 00 8e b2 58 e7 b5 94 0c 1f f9 00 44 17 0d 32 35 30 [TRUNCATED]
          Data Ascii: 000*H=0G10UUS1"0 UGoogle Trust Services LLC10UGTS Root R4250403080000Z260228075959Z00/nGOF=I8Ss190930000000Z00U0,[p200131000000Z00U0,D~;;$230613000000Z00U0,h%p@a$@250403080000Z00U0,XD250403080000Z00U/0-0U0U#0LtI6>j0*H=i0f1>2en:IN@g=;bQZ~`NX1?^4y[$\4{;$zDeU6O


          HTTPS Proxied Packets

          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
          0192.168.2.449726100.28.201.1554432172C:\Program Files\Google\Chrome\Application\chrome.exe
          TimestampBytes transferredDirectionData
          2025-04-17 08:48:10 UTC727OUTGET /webmail.html HTTP/1.1
          Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Connection: keep-alive
          sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
          sec-ch-ua-mobile: ?0
          sec-ch-ua-platform: "Windows"
          Upgrade-Insecure-Requests: 1
          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
          Sec-Fetch-Site: none
          Sec-Fetch-Mode: navigate
          Sec-Fetch-User: ?1
          Sec-Fetch-Dest: document
          Accept-Encoding: gzip, deflate, br, zstd
          Accept-Language: en-US,en;q=0.9
          2025-04-17 08:48:10 UTC296INHTTP/1.1 401 Unauthorized
          Content-Type: text/html
          Date: Thu, 17 Apr 2025 08:48:10 GMT
          Server: Netlify
          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
          X-Nf-Request-Id: 01JS1EY8SM53YDTMECC0SHWZV1
          X-Robots-Tag: noindex
          Connection: close
          Transfer-Encoding: chunked
          2025-04-17 08:48:10 UTC890INData Raw: 64 64 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 73 73 77 6f 72 64 20 50 72 6f 74 65 63 74 69 6f 6e 3c 2f 74 69
          Data Ascii: ddf<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Password Protection</ti
          2025-04-17 08:48:10 UTC2372INData Raw: 20 20 2e 63 61 72 64 20 7b 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 36 34 70 78 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 72 67 62 28 31 34 2c 20 33 30 2c 20 33 37 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20
          Data Ascii: .card { position: relative; display: flex; flex-direction: column; width: 75%; max-width: 364px; padding: 24px; background: white; color: rgb(14, 30, 37); border-radius: 8px;
          2025-04-17 08:48:10 UTC301INData Raw: 20 61 63 63 65 73 73 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 66 6f 72 6d 2d 6e 61 6d 65 22 20 76 61 6c 75 65 3d 22 66 6f 72 6d 20 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 61 73 73 77 6f 72 64 22 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 50 61 73 73 77 6f 72 64 22 20 61 75 74 6f 66 6f 63 75 73 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 22 3e 53 75 62 6d 69 74 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 3c 2f 66 6f 72 6d 3e 0a 20 20 20 20 20 20 3c 2f 64 69
          Data Ascii: access.</p> <form method="post"><input type="hidden" name="form-name" value="form 1" /> <input type="password" name="password" placeholder="Password" autofocus> <button class="button">Submit</button> </form> </di


          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
          1192.168.2.449725100.28.201.1554432172C:\Program Files\Google\Chrome\Application\chrome.exe
          TimestampBytes transferredDirectionData
          2025-04-17 08:48:10 UTC705OUTGET /favicon.ico HTTP/1.1
          Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Connection: keep-alive
          sec-ch-ua-platform: "Windows"
          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
          sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
          sec-ch-ua-mobile: ?0
          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
          Sec-Fetch-Site: same-origin
          Sec-Fetch-Mode: no-cors
          Sec-Fetch-Dest: image
          Referer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html
          Accept-Encoding: gzip, deflate, br, zstd
          Accept-Language: en-US,en;q=0.9
          2025-04-17 08:48:10 UTC296INHTTP/1.1 401 Unauthorized
          Content-Type: text/html
          Date: Thu, 17 Apr 2025 08:48:10 GMT
          Server: Netlify
          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
          X-Nf-Request-Id: 01JS1EY90T997YJMAD1V3JAM2P
          X-Robots-Tag: noindex
          Connection: close
          Transfer-Encoding: chunked
          2025-04-17 08:48:10 UTC890INData Raw: 64 64 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 73 73 77 6f 72 64 20 50 72 6f 74 65 63 74 69 6f 6e 3c 2f 74 69
          Data Ascii: ddf<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Password Protection</ti
          2025-04-17 08:48:10 UTC2372INData Raw: 20 20 2e 63 61 72 64 20 7b 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 36 34 70 78 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 72 67 62 28 31 34 2c 20 33 30 2c 20 33 37 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20
          Data Ascii: .card { position: relative; display: flex; flex-direction: column; width: 75%; max-width: 364px; padding: 24px; background: white; color: rgb(14, 30, 37); border-radius: 8px;
          2025-04-17 08:48:10 UTC301INData Raw: 20 61 63 63 65 73 73 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 66 6f 72 6d 2d 6e 61 6d 65 22 20 76 61 6c 75 65 3d 22 66 6f 72 6d 20 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 61 73 73 77 6f 72 64 22 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 50 61 73 73 77 6f 72 64 22 20 61 75 74 6f 66 6f 63 75 73 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 22 3e 53 75 62 6d 69 74 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 3c 2f 66 6f 72 6d 3e 0a 20 20 20 20 20 20 3c 2f 64 69
          Data Ascii: access.</p> <form method="post"><input type="hidden" name="form-name" value="form 1" /> <input type="password" name="password" placeholder="Password" autofocus> <button class="button">Submit</button> </form> </di


          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
          2192.168.2.449738100.28.201.1554432172C:\Program Files\Google\Chrome\Application\chrome.exe
          TimestampBytes transferredDirectionData
          2025-04-17 08:48:22 UTC1010OUTPOST /webmail.html HTTP/1.1
          Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Connection: keep-alive
          Content-Length: 45
          Cache-Control: max-age=0
          sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
          sec-ch-ua-mobile: ?0
          sec-ch-ua-platform: "Windows"
          Origin: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Content-Type: application/x-www-form-urlencoded
          Upgrade-Insecure-Requests: 1
          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
          Sec-Fetch-Site: same-origin
          Sec-Fetch-Mode: navigate
          Sec-Fetch-User: ?1
          Sec-Fetch-Dest: document
          Referer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html
          Accept-Encoding: gzip, deflate, br, zstd
          Accept-Language: en-US,en;q=0.9
          2025-04-17 08:48:22 UTC45OUTData Raw: 66 6f 72 6d 2d 6e 61 6d 65 3d 66 6f 72 6d 2b 31 26 70 61 73 73 77 6f 72 64 3d 53 42 25 32 42 48 37 36 6c 25 32 42 25 33 43 4b 25 37 42
          Data Ascii: form-name=form+1&password=SB%2BH76l%2B%3CK%7B
          2025-04-17 08:48:22 UTC296INHTTP/1.1 401 Unauthorized
          Content-Type: text/html
          Date: Thu, 17 Apr 2025 08:48:22 GMT
          Server: Netlify
          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
          X-Nf-Request-Id: 01JS1EYMF87WGTZJ6WKSYEAR1S
          X-Robots-Tag: noindex
          Connection: close
          Transfer-Encoding: chunked
          2025-04-17 08:48:22 UTC890INData Raw: 65 37 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 73 73 77 6f 72 64 20 50 72 6f 74 65 63 74 69 6f 6e 3c 2f 74 69
          Data Ascii: e70<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Password Protection</ti
          2025-04-17 08:48:22 UTC2372INData Raw: 20 20 2e 63 61 72 64 20 7b 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 36 34 70 78 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 72 67 62 28 31 34 2c 20 33 30 2c 20 33 37 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20
          Data Ascii: .card { position: relative; display: flex; flex-direction: column; width: 75%; max-width: 364px; padding: 24px; background: white; color: rgb(14, 30, 37); border-radius: 8px;
          2025-04-17 08:48:22 UTC446INData Raw: 20 61 63 63 65 73 73 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 61 73 73 77 6f 72 64 2d 65 72 72 6f 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 70 20 63 6c 61 73 73 3d 22 61 6c 65 72 74 2d 62 6f 78 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 57 72 6f 6e 67 20 70 61 73 73 77 6f 72 64 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 2e 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 66 6f 72 6d 2d 6e 61 6d 65 22 20 76 61 6c 75 65 3d 22 66 6f 72 6d 20 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 69 6e
          Data Ascii: access.</p> <div class="password-error"> <p class="alert-box"> Wrong password, please try again. </p> </div> <form method="post"><input type="hidden" name="form-name" value="form 1" /> <in


          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
          3192.168.2.449737100.28.201.1554432172C:\Program Files\Google\Chrome\Application\chrome.exe
          TimestampBytes transferredDirectionData
          2025-04-17 08:48:23 UTC705OUTGET /favicon.ico HTTP/1.1
          Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Connection: keep-alive
          sec-ch-ua-platform: "Windows"
          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
          sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
          sec-ch-ua-mobile: ?0
          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
          Sec-Fetch-Site: same-origin
          Sec-Fetch-Mode: no-cors
          Sec-Fetch-Dest: image
          Referer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html
          Accept-Encoding: gzip, deflate, br, zstd
          Accept-Language: en-US,en;q=0.9
          2025-04-17 08:48:23 UTC296INHTTP/1.1 401 Unauthorized
          Content-Type: text/html
          Date: Thu, 17 Apr 2025 08:48:23 GMT
          Server: Netlify
          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
          X-Nf-Request-Id: 01JS1EYN8PTEY9JHEQWN7HQMD2
          X-Robots-Tag: noindex
          Connection: close
          Transfer-Encoding: chunked
          2025-04-17 08:48:23 UTC890INData Raw: 64 64 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 73 73 77 6f 72 64 20 50 72 6f 74 65 63 74 69 6f 6e 3c 2f 74 69
          Data Ascii: ddf<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Password Protection</ti
          2025-04-17 08:48:23 UTC2372INData Raw: 20 20 2e 63 61 72 64 20 7b 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 36 34 70 78 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 72 67 62 28 31 34 2c 20 33 30 2c 20 33 37 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20
          Data Ascii: .card { position: relative; display: flex; flex-direction: column; width: 75%; max-width: 364px; padding: 24px; background: white; color: rgb(14, 30, 37); border-radius: 8px;
          2025-04-17 08:48:23 UTC301INData Raw: 20 61 63 63 65 73 73 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 66 6f 72 6d 2d 6e 61 6d 65 22 20 76 61 6c 75 65 3d 22 66 6f 72 6d 20 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 61 73 73 77 6f 72 64 22 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 50 61 73 73 77 6f 72 64 22 20 61 75 74 6f 66 6f 63 75 73 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 22 3e 53 75 62 6d 69 74 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 3c 2f 66 6f 72 6d 3e 0a 20 20 20 20 20 20 3c 2f 64 69
          Data Ascii: access.</p> <form method="post"><input type="hidden" name="form-name" value="form 1" /> <input type="password" name="password" placeholder="Password" autofocus> <button class="button">Submit</button> </form> </di


          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
          4192.168.2.449740100.28.201.1554432172C:\Program Files\Google\Chrome\Application\chrome.exe
          TimestampBytes transferredDirectionData
          2025-04-17 08:48:34 UTC1010OUTPOST /webmail.html HTTP/1.1
          Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Connection: keep-alive
          Content-Length: 48
          Cache-Control: max-age=0
          sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
          sec-ch-ua-mobile: ?0
          sec-ch-ua-platform: "Windows"
          Origin: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Content-Type: application/x-www-form-urlencoded
          Upgrade-Insecure-Requests: 1
          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
          Sec-Fetch-Site: same-origin
          Sec-Fetch-Mode: navigate
          Sec-Fetch-User: ?1
          Sec-Fetch-Dest: document
          Referer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html
          Accept-Encoding: gzip, deflate, br, zstd
          Accept-Language: en-US,en;q=0.9
          2025-04-17 08:48:34 UTC48OUTData Raw: 66 6f 72 6d 2d 6e 61 6d 65 3d 66 6f 72 6d 2b 31 26 70 61 73 73 77 6f 72 64 3d 52 33 44 49 4c 25 32 36 49 53 35 7a 25 32 33 67 78 46 25 33 43 2e
          Data Ascii: form-name=form+1&password=R3DIL%26IS5z%23gxF%3C.
          2025-04-17 08:48:35 UTC296INHTTP/1.1 401 Unauthorized
          Content-Type: text/html
          Date: Thu, 17 Apr 2025 08:48:34 GMT
          Server: Netlify
          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
          X-Nf-Request-Id: 01JS1EZ0DBN37H4PF839BNP5H3
          X-Robots-Tag: noindex
          Connection: close
          Transfer-Encoding: chunked
          2025-04-17 08:48:35 UTC890INData Raw: 65 37 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 73 73 77 6f 72 64 20 50 72 6f 74 65 63 74 69 6f 6e 3c 2f 74 69
          Data Ascii: e70<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Password Protection</ti
          2025-04-17 08:48:35 UTC2372INData Raw: 20 20 2e 63 61 72 64 20 7b 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 36 34 70 78 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 72 67 62 28 31 34 2c 20 33 30 2c 20 33 37 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20
          Data Ascii: .card { position: relative; display: flex; flex-direction: column; width: 75%; max-width: 364px; padding: 24px; background: white; color: rgb(14, 30, 37); border-radius: 8px;
          2025-04-17 08:48:35 UTC446INData Raw: 20 61 63 63 65 73 73 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 61 73 73 77 6f 72 64 2d 65 72 72 6f 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 70 20 63 6c 61 73 73 3d 22 61 6c 65 72 74 2d 62 6f 78 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 57 72 6f 6e 67 20 70 61 73 73 77 6f 72 64 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 2e 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 66 6f 72 6d 2d 6e 61 6d 65 22 20 76 61 6c 75 65 3d 22 66 6f 72 6d 20 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 69 6e
          Data Ascii: access.</p> <div class="password-error"> <p class="alert-box"> Wrong password, please try again. </p> </div> <form method="post"><input type="hidden" name="form-name" value="form 1" /> <in


          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
          5192.168.2.449741100.28.201.1554432172C:\Program Files\Google\Chrome\Application\chrome.exe
          TimestampBytes transferredDirectionData
          2025-04-17 08:48:35 UTC705OUTGET /favicon.ico HTTP/1.1
          Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Connection: keep-alive
          sec-ch-ua-platform: "Windows"
          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
          sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
          sec-ch-ua-mobile: ?0
          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
          Sec-Fetch-Site: same-origin
          Sec-Fetch-Mode: no-cors
          Sec-Fetch-Dest: image
          Referer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html
          Accept-Encoding: gzip, deflate, br, zstd
          Accept-Language: en-US,en;q=0.9
          2025-04-17 08:48:35 UTC296INHTTP/1.1 401 Unauthorized
          Content-Type: text/html
          Date: Thu, 17 Apr 2025 08:48:35 GMT
          Server: Netlify
          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
          X-Nf-Request-Id: 01JS1EZ0W8RV0RQM1FHH7P6X0J
          X-Robots-Tag: noindex
          Connection: close
          Transfer-Encoding: chunked
          2025-04-17 08:48:35 UTC890INData Raw: 64 64 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 73 73 77 6f 72 64 20 50 72 6f 74 65 63 74 69 6f 6e 3c 2f 74 69
          Data Ascii: ddf<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Password Protection</ti
          2025-04-17 08:48:35 UTC2372INData Raw: 20 20 2e 63 61 72 64 20 7b 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 36 34 70 78 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 72 67 62 28 31 34 2c 20 33 30 2c 20 33 37 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20
          Data Ascii: .card { position: relative; display: flex; flex-direction: column; width: 75%; max-width: 364px; padding: 24px; background: white; color: rgb(14, 30, 37); border-radius: 8px;
          2025-04-17 08:48:35 UTC301INData Raw: 20 61 63 63 65 73 73 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 66 6f 72 6d 2d 6e 61 6d 65 22 20 76 61 6c 75 65 3d 22 66 6f 72 6d 20 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 61 73 73 77 6f 72 64 22 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 50 61 73 73 77 6f 72 64 22 20 61 75 74 6f 66 6f 63 75 73 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 22 3e 53 75 62 6d 69 74 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 3c 2f 66 6f 72 6d 3e 0a 20 20 20 20 20 20 3c 2f 64 69
          Data Ascii: access.</p> <form method="post"><input type="hidden" name="form-name" value="form 1" /> <input type="password" name="password" placeholder="Password" autofocus> <button class="button">Submit</button> </form> </di


          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
          6192.168.2.449742100.28.201.1554432172C:\Program Files\Google\Chrome\Application\chrome.exe
          TimestampBytes transferredDirectionData
          2025-04-17 08:48:46 UTC1010OUTPOST /webmail.html HTTP/1.1
          Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Connection: keep-alive
          Content-Length: 43
          Cache-Control: max-age=0
          sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
          sec-ch-ua-mobile: ?0
          sec-ch-ua-platform: "Windows"
          Origin: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Content-Type: application/x-www-form-urlencoded
          Upgrade-Insecure-Requests: 1
          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
          Sec-Fetch-Site: same-origin
          Sec-Fetch-Mode: navigate
          Sec-Fetch-User: ?1
          Sec-Fetch-Dest: document
          Referer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html
          Accept-Encoding: gzip, deflate, br, zstd
          Accept-Language: en-US,en;q=0.9
          2025-04-17 08:48:46 UTC43OUTData Raw: 66 6f 72 6d 2d 6e 61 6d 65 3d 66 6f 72 6d 2b 31 26 70 61 73 73 77 6f 72 64 3d 4b 56 43 6d 53 66 31 46 35 4e 25 34 30 33 25 33 42
          Data Ascii: form-name=form+1&password=KVCmSf1F5N%403%3B
          2025-04-17 08:48:47 UTC296INHTTP/1.1 401 Unauthorized
          Content-Type: text/html
          Date: Thu, 17 Apr 2025 08:48:47 GMT
          Server: Netlify
          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
          X-Nf-Request-Id: 01JS1EZC5ZE0W8H4WTZ9C5JGC6
          X-Robots-Tag: noindex
          Connection: close
          Transfer-Encoding: chunked
          2025-04-17 08:48:47 UTC890INData Raw: 65 37 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 73 73 77 6f 72 64 20 50 72 6f 74 65 63 74 69 6f 6e 3c 2f 74 69
          Data Ascii: e70<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Password Protection</ti
          2025-04-17 08:48:47 UTC2372INData Raw: 20 20 2e 63 61 72 64 20 7b 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 36 34 70 78 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 72 67 62 28 31 34 2c 20 33 30 2c 20 33 37 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20
          Data Ascii: .card { position: relative; display: flex; flex-direction: column; width: 75%; max-width: 364px; padding: 24px; background: white; color: rgb(14, 30, 37); border-radius: 8px;
          2025-04-17 08:48:47 UTC446INData Raw: 20 61 63 63 65 73 73 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 61 73 73 77 6f 72 64 2d 65 72 72 6f 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 70 20 63 6c 61 73 73 3d 22 61 6c 65 72 74 2d 62 6f 78 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 57 72 6f 6e 67 20 70 61 73 73 77 6f 72 64 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 2e 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 66 6f 72 6d 2d 6e 61 6d 65 22 20 76 61 6c 75 65 3d 22 66 6f 72 6d 20 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 69 6e
          Data Ascii: access.</p> <div class="password-error"> <p class="alert-box"> Wrong password, please try again. </p> </div> <form method="post"><input type="hidden" name="form-name" value="form 1" /> <in


          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
          7192.168.2.449743100.28.201.1554432172C:\Program Files\Google\Chrome\Application\chrome.exe
          TimestampBytes transferredDirectionData
          2025-04-17 08:48:47 UTC705OUTGET /favicon.ico HTTP/1.1
          Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Connection: keep-alive
          sec-ch-ua-platform: "Windows"
          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
          sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
          sec-ch-ua-mobile: ?0
          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
          Sec-Fetch-Site: same-origin
          Sec-Fetch-Mode: no-cors
          Sec-Fetch-Dest: image
          Referer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html
          Accept-Encoding: gzip, deflate, br, zstd
          Accept-Language: en-US,en;q=0.9
          2025-04-17 08:48:47 UTC296INHTTP/1.1 401 Unauthorized
          Content-Type: text/html
          Date: Thu, 17 Apr 2025 08:48:47 GMT
          Server: Netlify
          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
          X-Nf-Request-Id: 01JS1EZCN0JSPSVN1YAPWS4VS2
          X-Robots-Tag: noindex
          Connection: close
          Transfer-Encoding: chunked
          2025-04-17 08:48:47 UTC890INData Raw: 64 64 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 73 73 77 6f 72 64 20 50 72 6f 74 65 63 74 69 6f 6e 3c 2f 74 69
          Data Ascii: ddf<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Password Protection</ti
          2025-04-17 08:48:47 UTC2372INData Raw: 20 20 2e 63 61 72 64 20 7b 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 36 34 70 78 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 72 67 62 28 31 34 2c 20 33 30 2c 20 33 37 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20
          Data Ascii: .card { position: relative; display: flex; flex-direction: column; width: 75%; max-width: 364px; padding: 24px; background: white; color: rgb(14, 30, 37); border-radius: 8px;
          2025-04-17 08:48:47 UTC301INData Raw: 20 61 63 63 65 73 73 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 66 6f 72 6d 2d 6e 61 6d 65 22 20 76 61 6c 75 65 3d 22 66 6f 72 6d 20 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 61 73 73 77 6f 72 64 22 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 50 61 73 73 77 6f 72 64 22 20 61 75 74 6f 66 6f 63 75 73 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 22 3e 53 75 62 6d 69 74 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 3c 2f 66 6f 72 6d 3e 0a 20 20 20 20 20 20 3c 2f 64 69
          Data Ascii: access.</p> <form method="post"><input type="hidden" name="form-name" value="form 1" /> <input type="password" name="password" placeholder="Password" autofocus> <button class="button">Submit</button> </form> </di


          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
          8192.168.2.449744100.28.201.1554432172C:\Program Files\Google\Chrome\Application\chrome.exe
          TimestampBytes transferredDirectionData
          2025-04-17 08:48:55 UTC1010OUTPOST /webmail.html HTTP/1.1
          Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Connection: keep-alive
          Content-Length: 26
          Cache-Control: max-age=0
          sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
          sec-ch-ua-mobile: ?0
          sec-ch-ua-platform: "Windows"
          Origin: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Content-Type: application/x-www-form-urlencoded
          Upgrade-Insecure-Requests: 1
          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
          Sec-Fetch-Site: same-origin
          Sec-Fetch-Mode: navigate
          Sec-Fetch-User: ?1
          Sec-Fetch-Dest: document
          Referer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html
          Accept-Encoding: gzip, deflate, br, zstd
          Accept-Language: en-US,en;q=0.9
          2025-04-17 08:48:55 UTC26OUTData Raw: 66 6f 72 6d 2d 6e 61 6d 65 3d 66 6f 72 6d 2b 31 26 70 61 73 73 77 6f 72 64 3d
          Data Ascii: form-name=form+1&password=
          2025-04-17 08:48:55 UTC296INHTTP/1.1 401 Unauthorized
          Content-Type: text/html
          Date: Thu, 17 Apr 2025 08:48:55 GMT
          Server: Netlify
          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
          X-Nf-Request-Id: 01JS1EZMV4VBSVBMM0AJP5MK4B
          X-Robots-Tag: noindex
          Connection: close
          Transfer-Encoding: chunked
          2025-04-17 08:48:55 UTC890INData Raw: 65 37 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 73 73 77 6f 72 64 20 50 72 6f 74 65 63 74 69 6f 6e 3c 2f 74 69
          Data Ascii: e70<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Password Protection</ti
          2025-04-17 08:48:55 UTC2372INData Raw: 20 20 2e 63 61 72 64 20 7b 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 36 34 70 78 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 72 67 62 28 31 34 2c 20 33 30 2c 20 33 37 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20
          Data Ascii: .card { position: relative; display: flex; flex-direction: column; width: 75%; max-width: 364px; padding: 24px; background: white; color: rgb(14, 30, 37); border-radius: 8px;
          2025-04-17 08:48:55 UTC446INData Raw: 20 61 63 63 65 73 73 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 61 73 73 77 6f 72 64 2d 65 72 72 6f 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 70 20 63 6c 61 73 73 3d 22 61 6c 65 72 74 2d 62 6f 78 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 57 72 6f 6e 67 20 70 61 73 73 77 6f 72 64 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 2e 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 66 6f 72 6d 2d 6e 61 6d 65 22 20 76 61 6c 75 65 3d 22 66 6f 72 6d 20 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 69 6e
          Data Ascii: access.</p> <div class="password-error"> <p class="alert-box"> Wrong password, please try again. </p> </div> <form method="post"><input type="hidden" name="form-name" value="form 1" /> <in


          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
          9192.168.2.449745100.28.201.1554432172C:\Program Files\Google\Chrome\Application\chrome.exe
          TimestampBytes transferredDirectionData
          2025-04-17 08:48:55 UTC705OUTGET /favicon.ico HTTP/1.1
          Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Connection: keep-alive
          sec-ch-ua-platform: "Windows"
          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
          sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
          sec-ch-ua-mobile: ?0
          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
          Sec-Fetch-Site: same-origin
          Sec-Fetch-Mode: no-cors
          Sec-Fetch-Dest: image
          Referer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html
          Accept-Encoding: gzip, deflate, br, zstd
          Accept-Language: en-US,en;q=0.9
          2025-04-17 08:48:55 UTC296INHTTP/1.1 401 Unauthorized
          Content-Type: text/html
          Date: Thu, 17 Apr 2025 08:48:55 GMT
          Server: Netlify
          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
          X-Nf-Request-Id: 01JS1EZN1YXFHDM1QVPMTCTP9D
          X-Robots-Tag: noindex
          Connection: close
          Transfer-Encoding: chunked
          2025-04-17 08:48:55 UTC890INData Raw: 64 64 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 73 73 77 6f 72 64 20 50 72 6f 74 65 63 74 69 6f 6e 3c 2f 74 69
          Data Ascii: ddf<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Password Protection</ti
          2025-04-17 08:48:55 UTC2372INData Raw: 20 20 2e 63 61 72 64 20 7b 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 36 34 70 78 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 72 67 62 28 31 34 2c 20 33 30 2c 20 33 37 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20
          Data Ascii: .card { position: relative; display: flex; flex-direction: column; width: 75%; max-width: 364px; padding: 24px; background: white; color: rgb(14, 30, 37); border-radius: 8px;
          2025-04-17 08:48:55 UTC301INData Raw: 20 61 63 63 65 73 73 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 66 6f 72 6d 2d 6e 61 6d 65 22 20 76 61 6c 75 65 3d 22 66 6f 72 6d 20 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 61 73 73 77 6f 72 64 22 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 50 61 73 73 77 6f 72 64 22 20 61 75 74 6f 66 6f 63 75 73 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 22 3e 53 75 62 6d 69 74 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 3c 2f 66 6f 72 6d 3e 0a 20 20 20 20 20 20 3c 2f 64 69
          Data Ascii: access.</p> <form method="post"><input type="hidden" name="form-name" value="form 1" /> <input type="password" name="password" placeholder="Password" autofocus> <button class="button">Submit</button> </form> </di


          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
          10192.168.2.449750100.28.201.1554432172C:\Program Files\Google\Chrome\Application\chrome.exe
          TimestampBytes transferredDirectionData
          2025-04-17 08:49:04 UTC1010OUTPOST /webmail.html HTTP/1.1
          Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Connection: keep-alive
          Content-Length: 26
          Cache-Control: max-age=0
          sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
          sec-ch-ua-mobile: ?0
          sec-ch-ua-platform: "Windows"
          Origin: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Content-Type: application/x-www-form-urlencoded
          Upgrade-Insecure-Requests: 1
          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
          Sec-Fetch-Site: same-origin
          Sec-Fetch-Mode: navigate
          Sec-Fetch-User: ?1
          Sec-Fetch-Dest: document
          Referer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html
          Accept-Encoding: gzip, deflate, br, zstd
          Accept-Language: en-US,en;q=0.9
          2025-04-17 08:49:04 UTC26OUTData Raw: 66 6f 72 6d 2d 6e 61 6d 65 3d 66 6f 72 6d 2b 31 26 70 61 73 73 77 6f 72 64 3d
          Data Ascii: form-name=form+1&password=
          2025-04-17 08:49:04 UTC296INHTTP/1.1 401 Unauthorized
          Content-Type: text/html
          Date: Thu, 17 Apr 2025 08:49:04 GMT
          Server: Netlify
          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
          X-Nf-Request-Id: 01JS1EZXG33GY05GNQGF0RTS96
          X-Robots-Tag: noindex
          Connection: close
          Transfer-Encoding: chunked
          2025-04-17 08:49:04 UTC890INData Raw: 65 37 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 73 73 77 6f 72 64 20 50 72 6f 74 65 63 74 69 6f 6e 3c 2f 74 69
          Data Ascii: e70<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Password Protection</ti
          2025-04-17 08:49:04 UTC2372INData Raw: 20 20 2e 63 61 72 64 20 7b 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 36 34 70 78 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 72 67 62 28 31 34 2c 20 33 30 2c 20 33 37 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20
          Data Ascii: .card { position: relative; display: flex; flex-direction: column; width: 75%; max-width: 364px; padding: 24px; background: white; color: rgb(14, 30, 37); border-radius: 8px;
          2025-04-17 08:49:04 UTC446INData Raw: 20 61 63 63 65 73 73 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 61 73 73 77 6f 72 64 2d 65 72 72 6f 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 70 20 63 6c 61 73 73 3d 22 61 6c 65 72 74 2d 62 6f 78 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 57 72 6f 6e 67 20 70 61 73 73 77 6f 72 64 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 2e 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 66 6f 72 6d 2d 6e 61 6d 65 22 20 76 61 6c 75 65 3d 22 66 6f 72 6d 20 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 69 6e
          Data Ascii: access.</p> <div class="password-error"> <p class="alert-box"> Wrong password, please try again. </p> </div> <form method="post"><input type="hidden" name="form-name" value="form 1" /> <in


          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
          11192.168.2.449749100.28.201.1554432172C:\Program Files\Google\Chrome\Application\chrome.exe
          TimestampBytes transferredDirectionData
          2025-04-17 08:49:04 UTC705OUTGET /favicon.ico HTTP/1.1
          Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Connection: keep-alive
          sec-ch-ua-platform: "Windows"
          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
          sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
          sec-ch-ua-mobile: ?0
          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
          Sec-Fetch-Site: same-origin
          Sec-Fetch-Mode: no-cors
          Sec-Fetch-Dest: image
          Referer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html
          Accept-Encoding: gzip, deflate, br, zstd
          Accept-Language: en-US,en;q=0.9
          2025-04-17 08:49:04 UTC296INHTTP/1.1 401 Unauthorized
          Content-Type: text/html
          Date: Thu, 17 Apr 2025 08:49:04 GMT
          Server: Netlify
          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
          X-Nf-Request-Id: 01JS1EZXNQVXP7STZG3X4XJ012
          X-Robots-Tag: noindex
          Connection: close
          Transfer-Encoding: chunked
          2025-04-17 08:49:04 UTC890INData Raw: 64 64 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 73 73 77 6f 72 64 20 50 72 6f 74 65 63 74 69 6f 6e 3c 2f 74 69
          Data Ascii: ddf<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Password Protection</ti
          2025-04-17 08:49:04 UTC2372INData Raw: 20 20 2e 63 61 72 64 20 7b 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 36 34 70 78 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 72 67 62 28 31 34 2c 20 33 30 2c 20 33 37 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20
          Data Ascii: .card { position: relative; display: flex; flex-direction: column; width: 75%; max-width: 364px; padding: 24px; background: white; color: rgb(14, 30, 37); border-radius: 8px;
          2025-04-17 08:49:04 UTC301INData Raw: 20 61 63 63 65 73 73 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 66 6f 72 6d 2d 6e 61 6d 65 22 20 76 61 6c 75 65 3d 22 66 6f 72 6d 20 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 61 73 73 77 6f 72 64 22 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 50 61 73 73 77 6f 72 64 22 20 61 75 74 6f 66 6f 63 75 73 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 22 3e 53 75 62 6d 69 74 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 3c 2f 66 6f 72 6d 3e 0a 20 20 20 20 20 20 3c 2f 64 69
          Data Ascii: access.</p> <form method="post"><input type="hidden" name="form-name" value="form 1" /> <input type="password" name="password" placeholder="Password" autofocus> <button class="button">Submit</button> </form> </di


          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
          12192.168.2.449754100.28.201.1554432172C:\Program Files\Google\Chrome\Application\chrome.exe
          TimestampBytes transferredDirectionData
          2025-04-17 08:49:13 UTC1010OUTPOST /webmail.html HTTP/1.1
          Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Connection: keep-alive
          Content-Length: 26
          Cache-Control: max-age=0
          sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
          sec-ch-ua-mobile: ?0
          sec-ch-ua-platform: "Windows"
          Origin: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Content-Type: application/x-www-form-urlencoded
          Upgrade-Insecure-Requests: 1
          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
          Sec-Fetch-Site: same-origin
          Sec-Fetch-Mode: navigate
          Sec-Fetch-User: ?1
          Sec-Fetch-Dest: document
          Referer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html
          Accept-Encoding: gzip, deflate, br, zstd
          Accept-Language: en-US,en;q=0.9
          2025-04-17 08:49:13 UTC26OUTData Raw: 66 6f 72 6d 2d 6e 61 6d 65 3d 66 6f 72 6d 2b 31 26 70 61 73 73 77 6f 72 64 3d
          Data Ascii: form-name=form+1&password=
          2025-04-17 08:49:13 UTC296INHTTP/1.1 401 Unauthorized
          Content-Type: text/html
          Date: Thu, 17 Apr 2025 08:49:13 GMT
          Server: Netlify
          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
          X-Nf-Request-Id: 01JS1F062M8VM1MWMHA5P9JADY
          X-Robots-Tag: noindex
          Connection: close
          Transfer-Encoding: chunked
          2025-04-17 08:49:13 UTC890INData Raw: 65 37 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 73 73 77 6f 72 64 20 50 72 6f 74 65 63 74 69 6f 6e 3c 2f 74 69
          Data Ascii: e70<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Password Protection</ti
          2025-04-17 08:49:13 UTC2372INData Raw: 20 20 2e 63 61 72 64 20 7b 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 36 34 70 78 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 72 67 62 28 31 34 2c 20 33 30 2c 20 33 37 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20
          Data Ascii: .card { position: relative; display: flex; flex-direction: column; width: 75%; max-width: 364px; padding: 24px; background: white; color: rgb(14, 30, 37); border-radius: 8px;
          2025-04-17 08:49:13 UTC446INData Raw: 20 61 63 63 65 73 73 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 61 73 73 77 6f 72 64 2d 65 72 72 6f 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 70 20 63 6c 61 73 73 3d 22 61 6c 65 72 74 2d 62 6f 78 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 57 72 6f 6e 67 20 70 61 73 73 77 6f 72 64 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 2e 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 66 6f 72 6d 2d 6e 61 6d 65 22 20 76 61 6c 75 65 3d 22 66 6f 72 6d 20 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 69 6e
          Data Ascii: access.</p> <div class="password-error"> <p class="alert-box"> Wrong password, please try again. </p> </div> <form method="post"><input type="hidden" name="form-name" value="form 1" /> <in


          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
          13192.168.2.449755100.28.201.1554432172C:\Program Files\Google\Chrome\Application\chrome.exe
          TimestampBytes transferredDirectionData
          2025-04-17 08:49:13 UTC705OUTGET /favicon.ico HTTP/1.1
          Host: 67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app
          Connection: keep-alive
          sec-ch-ua-platform: "Windows"
          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
          sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
          sec-ch-ua-mobile: ?0
          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
          Sec-Fetch-Site: same-origin
          Sec-Fetch-Mode: no-cors
          Sec-Fetch-Dest: image
          Referer: https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html
          Accept-Encoding: gzip, deflate, br, zstd
          Accept-Language: en-US,en;q=0.9
          2025-04-17 08:49:13 UTC296INHTTP/1.1 401 Unauthorized
          Content-Type: text/html
          Date: Thu, 17 Apr 2025 08:49:13 GMT
          Server: Netlify
          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
          X-Nf-Request-Id: 01JS1F068CR9ZFHS5DMW8RH993
          X-Robots-Tag: noindex
          Connection: close
          Transfer-Encoding: chunked
          2025-04-17 08:49:13 UTC890INData Raw: 64 64 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 73 73 77 6f 72 64 20 50 72 6f 74 65 63 74 69 6f 6e 3c 2f 74 69
          Data Ascii: ddf<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Password Protection</ti
          2025-04-17 08:49:13 UTC2372INData Raw: 20 20 2e 63 61 72 64 20 7b 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 36 34 70 78 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 72 67 62 28 31 34 2c 20 33 30 2c 20 33 37 29 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0a 20 20 20 20 20 20
          Data Ascii: .card { position: relative; display: flex; flex-direction: column; width: 75%; max-width: 364px; padding: 24px; background: white; color: rgb(14, 30, 37); border-radius: 8px;
          2025-04-17 08:49:13 UTC301INData Raw: 20 61 63 63 65 73 73 2e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 66 6f 72 6d 2d 6e 61 6d 65 22 20 76 61 6c 75 65 3d 22 66 6f 72 6d 20 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 61 73 73 77 6f 72 64 22 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 50 61 73 73 77 6f 72 64 22 20 61 75 74 6f 66 6f 63 75 73 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 22 3e 53 75 62 6d 69 74 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 3c 2f 66 6f 72 6d 3e 0a 20 20 20 20 20 20 3c 2f 64 69
          Data Ascii: access.</p> <form method="post"><input type="hidden" name="form-name" value="form 1" /> <input type="password" name="password" placeholder="Password" autofocus> <button class="button">Submit</button> </form> </di


          Statistics

          CPU Usage

          020406080s020406080100

          Click to jump to process

          Memory Usage

          020406080s0.0050100MB

          Click to jump to process

          Behavior

          Click to jump to process

          System Behavior

          General

          Target ID:1
          Start time:04:47:59
          Start date:17/04/2025
          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
          Wow64 process (32bit):false
          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
          Imagebase:0x7ff786830000
          File size:3'388'000 bytes
          MD5 hash:E81F54E6C1129887AEA47E7D092680BF
          Has elevated privileges:true
          Has administrator privileges:true
          Programmed in:C, C++ or other language
          Reputation:low
          Has exited:false
          Show Windows behavior

          File Activities

          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
          Show Windows behavior

          COM Activities

          Show Windows behavior

          Process Activities

          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
          Show Windows behavior

          Memory Activities

          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
          Show Windows behavior

          Process Token Activities


          General

          Target ID:2
          Start time:04:48:02
          Start date:17/04/2025
          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
          Wow64 process (32bit):false
          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2420,i,1892827117926094393,10130407658345944235,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2448 /prefetch:3
          Imagebase:0x7ff786830000
          File size:3'388'000 bytes
          MD5 hash:E81F54E6C1129887AEA47E7D092680BF
          Has elevated privileges:true
          Has administrator privileges:true
          Programmed in:C, C++ or other language
          Reputation:low
          Has exited:false
          Show Windows behavior

          File Activities

          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
          Show Windows behavior

          Memory Activities

          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

          General

          Target ID:4
          Start time:04:48:08
          Start date:17/04/2025
          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
          Wow64 process (32bit):false
          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://67f7c4539f4dde93d06ad6dd--vermillion-lamington-e17e55.netlify.app/webmail.html#david.butler@sfsi.ie"
          Imagebase:0x7ff786830000
          File size:3'388'000 bytes
          MD5 hash:E81F54E6C1129887AEA47E7D092680BF
          Has elevated privileges:true
          Has administrator privileges:true
          Programmed in:C, C++ or other language
          Reputation:low
          Has exited:true
          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

          Disassembly

          No disassembly