Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://expressinvoice.mijnparagon-cc.nl/

Overview

General Information

Sample URL:https://expressinvoice.mijnparagon-cc.nl/
Analysis ID:714894
Infos:

Detection

Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5828 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank MD5: 0FEC2748F363150DC54C1CAFFB1A9408)
    • chrome.exe (PID: 6072 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1712,i,2555390636374715220,16926103728944639964,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8 MD5: 0FEC2748F363150DC54C1CAFFB1A9408)
  • chrome.exe (PID: 4296 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" "https://expressinvoice.mijnparagon-cc.nl/ MD5: 0FEC2748F363150DC54C1CAFFB1A9408)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://expressinvoice.mijnparagon-cc.nl/Avira URL Cloud: detection malicious, Label: phishing
Multi AV Scanner detection for submitted file
Source: https://expressinvoice.mijnparagon-cc.nl/Virustotal: Detection: 6%Perma Link
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\GoogleUpdaterJump to behavior
Source: unknownHTTPS traffic detected: 84.241.158.7:443 -> 192.168.2.5:49740 version: TLS 1.2
Source: unknownHTTPS traffic detected: 84.241.158.7:443 -> 192.168.2.5:49741 version: TLS 1.2
Source: unknownDNS traffic detected: queries for: accounts.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: global trafficHTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-104.0.5112.81Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /_lib/community/css/1/masterLayout.css HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://expressinvoice.mijnparagon-cc.nl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/community/css/1/controls.css HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://expressinvoice.mijnparagon-cc.nl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/community/css/1/content.css HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://expressinvoice.mijnparagon-cc.nl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/community/css/1/colorScheme.css HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://expressinvoice.mijnparagon-cc.nl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/css/jquery/flora/flora.all.css HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://expressinvoice.mijnparagon-cc.nl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/js/tntscripts.js HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://expressinvoice.mijnparagon-cc.nl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/js/jquery/jquery-1.2.6.min.js HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://expressinvoice.mijnparagon-cc.nl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/js/jquery/ui.core.js HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://expressinvoice.mijnparagon-cc.nl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/js/jquery/ui.tabs.js HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://expressinvoice.mijnparagon-cc.nl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/js/jquery/ui.datepicker.js HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://expressinvoice.mijnparagon-cc.nl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/community/css/1/flora.css HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://expressinvoice.mijnparagon-cc.nl/_lib/community/css/1/controls.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/css/jquery/flora/flora.css HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://expressinvoice.mijnparagon-cc.nl/_lib/css/jquery/flora/flora.all.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/css/jquery/flora/flora.accordion.css HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://expressinvoice.mijnparagon-cc.nl/_lib/css/jquery/flora/flora.all.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/css/jquery/flora/flora.datepicker.css HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://expressinvoice.mijnparagon-cc.nl/_lib/css/jquery/flora/flora.all.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/css/jquery/flora/flora.dialog.css HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://expressinvoice.mijnparagon-cc.nl/_lib/css/jquery/flora/flora.all.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/css/jquery/flora/flora.resizable.css HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://expressinvoice.mijnparagon-cc.nl/_lib/css/jquery/flora/flora.all.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/css/jquery/flora/flora.slider.css HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://expressinvoice.mijnparagon-cc.nl/_lib/css/jquery/flora/flora.all.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/css/jquery/flora/flora.tabs.css HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://expressinvoice.mijnparagon-cc.nl/_lib/css/jquery/flora/flora.all.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/community/img/1/background-page.gif HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://expressinvoice.mijnparagon-cc.nl/_lib/community/css/1/masterLayout.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/community/img/1/logo.png HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://expressinvoice.mijnparagon-cc.nl/_lib/community/css/1/colorScheme.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/img/icons/loggedIn.gif HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://expressinvoice.mijnparagon-cc.nl/_lib/community/css/1/masterLayout.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/community/img/1/menu_arrow.gif HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://expressinvoice.mijnparagon-cc.nl/_lib/community/css/1/masterLayout.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/community/css/1/i/tabs.gif HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://expressinvoice.mijnparagon-cc.nl/_lib/community/css/1/controls.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/img/contentWindow.gif HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://expressinvoice.mijnparagon-cc.nl/_lib/community/css/1/content.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: expressinvoice.mijnparagon-cc.nlConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://expressinvoice.mijnparagon-cc.nl/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
Source: global trafficHTTP traffic detected: GET /_lib/community/img/1/background-page.gif HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: expressinvoice.mijnparagon-cc.nl
Source: global trafficHTTP traffic detected: GET /_lib/community/img/1/logo.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: expressinvoice.mijnparagon-cc.nl
Source: global trafficHTTP traffic detected: GET /_lib/community/img/1/menu_arrow.gif HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: expressinvoice.mijnparagon-cc.nl
Source: global trafficHTTP traffic detected: GET /_lib/img/icons/loggedIn.gif HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: expressinvoice.mijnparagon-cc.nl
Source: global trafficHTTP traffic detected: GET /_lib/community/img/1/background-title.gif HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: expressinvoice.mijnparagon-cc.nl
Source: global trafficHTTP traffic detected: GET /_lib/community/css/1/i/tabs.gif HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: expressinvoice.mijnparagon-cc.nl
Source: global trafficHTTP traffic detected: GET /_lib/img/contentWindow.gif HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: expressinvoice.mijnparagon-cc.nl
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Frame-Options: SAMEORIGINStrict-Transport-Security: max-age=86400Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockDate: Mon, 03 Oct 2022 09:56:39 GMTConnection: closeContent-Length: 1245
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Frame-Options: SAMEORIGINStrict-Transport-Security: max-age=86400Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockDate: Mon, 03 Oct 2022 09:56:39 GMTConnection: closeContent-Length: 1245
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Frame-Options: SAMEORIGINStrict-Transport-Security: max-age=86400Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockDate: Mon, 03 Oct 2022 09:56:41 GMTConnection: closeContent-Length: 1245
Source: unknownHTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: unknownHTTPS traffic detected: 84.241.158.7:443 -> 192.168.2.5:49740 version: TLS 1.2
Source: unknownHTTPS traffic detected: 84.241.158.7:443 -> 192.168.2.5:49741 version: TLS 1.2
Source: classification engineClassification label: mal56.win@24/0@6/8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1712,i,2555390636374715220,16926103728944639964,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "https://expressinvoice.mijnparagon-cc.nl/
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1712,i,2555390636374715220,16926103728944639964,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\GoogleUpdaterJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\GoogleUpdaterJump to behavior

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath Interception1
Process Injection		2
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network Medium1
Encrypted Channel		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth4
Non-Application Layer Protocol		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration5
Application Layer Protocol		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled Transfer3
Ingress Tool Transfer		SIM Card SwapCarrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://expressinvoice.mijnparagon-cc.nl/7%VirustotalBrowse
https://expressinvoice.mijnparagon-cc.nl/100%Avira URL Cloudphishing

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
accounts.google.com
142.250.203.109
truefalse
    		high
    expressinvoice.mijnparagon-cc.nl
    		84.241.158.7
    		truefalse
      		unknown
      www.google.com
      		142.250.203.100
      		truefalse
        		high
        clients.l.google.com
        		142.250.203.110
        		truefalse
          		high
          clients2.google.com
          		unknown
          		unknownfalse
            		high

            Contacted URLs

            NameMaliciousAntivirus DetectionReputation
            https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1false
              		high
              https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standardfalse
                		high

                World Map of Contacted IPs

                • No. of IPs < 25%
                • 25% < No. of IPs < 50%
                • 50% < No. of IPs < 75%
                • 75% < No. of IPs

                Public IPs

                IPDomainCountryFlagASNASN NameMalicious
                239.255.255.250
                		unknownReserved
                		unknownunknownfalse
                84.241.158.7
                		expressinvoice.mijnparagon-cc.nlNetherlands
                		20847PREVIDER-ASNLfalse
                142.250.203.100
                		www.google.comUnited States
                		15169GOOGLEUSfalse
                142.250.203.110
                		clients.l.google.comUnited States
                		15169GOOGLEUSfalse
                142.250.203.109
                		accounts.google.comUnited States
                		15169GOOGLEUSfalse

                Private

                IP
                192.168.2.30
                192.168.2.1
                127.0.0.1

                General Information

                Joe Sandbox Version:36.0.0 Rainbow Opal
                Analysis ID:714894
                Start date and time:2022-10-03 11:55:37 +02:00
                Joe Sandbox Product:CloudBasic
                Overall analysis duration:0h 4m 49s
                Hypervisor based Inspection enabled:false
                Report type:full
                Cookbook file name:browseurl.jbs
                Sample URL:https://expressinvoice.mijnparagon-cc.nl/
                Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
                Number of analysed new started processes analysed:5
                Number of new started drivers analysed:0
                Number of existing processes analysed:0
                Number of existing drivers analysed:0
                Number of injected processes analysed:0
                Technologies:
                • HCA enabled
                • EGA enabled
                • HDC enabled
                • AMSI enabled
                Analysis Mode:default
                Analysis stop reason:Timeout
                Detection:MAL
                Classification:mal56.win@24/0@6/8
                EGA Information:Failed
                HDC Information:Failed
                HCA Information:
                • Successful, ratio: 100%
                • Number of executed functions: 0
                • Number of non-executed functions: 0

                Warnings

                • Exclude process from analysis (whitelisted): MpCmdRun.exe, conhost.exe
                • Excluded IPs from analysis (whitelisted): 142.250.203.99, 34.104.35.123
                • Excluded domains from analysis (whitelisted): edgedl.me.gvt1.com, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com
                • Not all processes where analyzed, report is missing behavior information
                • Report size getting too big, too many NtWriteVirtualMemory calls found.

                Simulations

                Behavior and APIs

                No simulations

                Joe Sandbox View / Context

                IPs

                No context

                Domains

                No context

                ASNs

                No context

                JA3 Fingerprints

                No context

                Dropped Files

                No context

                Created / dropped Files

                No created / dropped files found

                Static File Info

                No static file info

                Network Behavior

                Network Port Distribution

                TCP Packets

                TimestampSource PortDest PortSource IPDest IP
                Oct 3, 2022 11:56:36.802522898 CEST49702443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:36.802567959 CEST44349702142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:36.802642107 CEST49702443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:36.803244114 CEST49704443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:36.803281069 CEST44349704142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:36.803339005 CEST49704443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:36.805332899 CEST49706443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:36.805357933 CEST44349706142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:36.805408955 CEST49706443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:36.806371927 CEST49707443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:36.806408882 CEST44349707142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:36.806472063 CEST49707443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:36.807224989 CEST49702443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:36.807246923 CEST44349702142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:36.809135914 CEST49704443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:36.809159040 CEST44349704142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:36.810020924 CEST49706443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:36.810045004 CEST44349706142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:36.810764074 CEST49707443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:36.810800076 CEST44349707142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:36.876770973 CEST44349707142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:36.889477015 CEST44349702142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:36.908255100 CEST44349704142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:36.908296108 CEST44349706142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:36.929084063 CEST49707443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:36.953272104 CEST49702443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:36.953278065 CEST49704443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:36.965177059 CEST49707443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:36.965215921 CEST44349707142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:36.966243029 CEST49702443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:36.966262102 CEST44349702142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:36.966444016 CEST49706443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:36.966475964 CEST44349706142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:36.966619968 CEST49704443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:36.966633081 CEST44349704142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:36.967267036 CEST44349706142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:36.967291117 CEST44349706142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:36.967370987 CEST49706443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:36.968233109 CEST44349704142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:36.968307972 CEST49704443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:36.968499899 CEST44349707142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:36.968513966 CEST44349707142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:36.968564987 CEST49707443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:36.968926907 CEST44349706142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:36.968982935 CEST49706443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:36.971777916 CEST44349702142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:36.971798897 CEST44349702142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:36.971856117 CEST49702443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:36.973300934 CEST44349702142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:36.973364115 CEST49702443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:37.131469011 CEST49707443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:38.493216991 CEST49706443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:38.493261099 CEST44349706142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:38.493405104 CEST44349706142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:38.493485928 CEST49702443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:38.493516922 CEST44349702142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:38.493608952 CEST44349702142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:38.494334936 CEST49704443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:38.494364977 CEST44349704142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:38.494477034 CEST44349704142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:38.494535923 CEST49707443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:38.494579077 CEST44349707142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:38.494816065 CEST44349707142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:38.494865894 CEST49706443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:38.494910002 CEST44349706142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:38.495619059 CEST49704443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:38.495646000 CEST44349704142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:38.501148939 CEST49708443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.501190901 CEST4434970884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.501266003 CEST49708443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.501573086 CEST49708443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.501589060 CEST4434970884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.529129028 CEST44349706142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:38.529237032 CEST49706443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:38.529273987 CEST44349706142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:38.529293060 CEST44349706142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:38.529345036 CEST49706443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:38.535465002 CEST49706443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:38.535501003 CEST44349706142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:38.548425913 CEST44349704142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:38.548490047 CEST49704443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:38.548523903 CEST44349704142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:38.548604965 CEST44349704142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:38.548648119 CEST49704443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:38.552473068 CEST49702443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:38.552490950 CEST44349702142.250.203.110192.168.2.5
                Oct 3, 2022 11:56:38.558408976 CEST49704443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:38.558445930 CEST44349704142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:38.594161034 CEST4434970884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.604497910 CEST49708443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.604537964 CEST4434970884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.605909109 CEST4434970884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.606008053 CEST49708443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.620671988 CEST49708443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.620702982 CEST4434970884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.620934963 CEST49708443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.620945930 CEST4434970884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.623953104 CEST4434970884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.624532938 CEST49707443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:38.624582052 CEST44349707142.250.203.109192.168.2.5
                Oct 3, 2022 11:56:38.652494907 CEST49702443192.168.2.5142.250.203.110
                Oct 3, 2022 11:56:38.672492027 CEST4434970884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.672597885 CEST4434970884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.672658920 CEST49708443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.672669888 CEST4434970884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.672679901 CEST49708443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.672709942 CEST49708443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.681919098 CEST49708443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.681960106 CEST4434970884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.727981091 CEST49707443192.168.2.5142.250.203.109
                Oct 3, 2022 11:56:38.753875971 CEST49709443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.753972054 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.754050970 CEST49709443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.754599094 CEST49710443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.754647017 CEST4434971084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.754719019 CEST49710443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.755944014 CEST49711443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.755980968 CEST4434971184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.756043911 CEST49711443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.756216049 CEST49709443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.756261110 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.757119894 CEST49712443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.757173061 CEST4434971284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.757237911 CEST49712443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.757539034 CEST49713443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.757580042 CEST4434971384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.757883072 CEST49713443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.757895947 CEST49710443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.757932901 CEST4434971084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.758464098 CEST49714443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.758500099 CEST4434971484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.758552074 CEST49714443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.759093046 CEST49711443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.759119034 CEST4434971184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.759531975 CEST49712443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.759562016 CEST4434971284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.759706020 CEST49713443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.759723902 CEST4434971384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.759943962 CEST49714443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.759963989 CEST4434971484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.857325077 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.860564947 CEST49709443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.860609055 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.861491919 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.862040043 CEST49709443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.862071991 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.862431049 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.862618923 CEST49709443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.862638950 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.864425898 CEST4434971084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.864732981 CEST49710443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.864777088 CEST4434971084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.865238905 CEST4434971084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.865814924 CEST49710443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.865850925 CEST4434971084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.865957022 CEST4434971084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.865995884 CEST49710443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.866009951 CEST4434971084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.872273922 CEST4434971384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.872880936 CEST49713443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.872920990 CEST4434971384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.874213934 CEST4434971384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.874284029 CEST49713443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.874737978 CEST49713443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.874751091 CEST4434971384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.874914885 CEST4434971384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.875143051 CEST49713443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.875159025 CEST4434971384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.880362988 CEST4434971484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.880688906 CEST49714443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.880718946 CEST4434971484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.881978035 CEST4434971484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.882042885 CEST49714443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.882668018 CEST49714443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.882675886 CEST4434971484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.882802963 CEST4434971484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.882929087 CEST49714443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.882942915 CEST4434971484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.889519930 CEST4434971284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.889967918 CEST49712443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.889987946 CEST4434971284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.891267061 CEST4434971284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.891350985 CEST49712443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.891839027 CEST49712443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.891855001 CEST4434971284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.891957045 CEST4434971284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.892294884 CEST49712443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.892308950 CEST4434971284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.894500017 CEST4434971184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.895034075 CEST49711443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.895062923 CEST4434971184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.896951914 CEST4434971184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.897030115 CEST49711443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.897633076 CEST49711443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.897650003 CEST4434971184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.897823095 CEST4434971184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.898776054 CEST49711443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.898793936 CEST4434971184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.912899017 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.912938118 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.913002968 CEST49709443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.913038969 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.913064003 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.913105965 CEST49709443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.913117886 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.913151026 CEST49709443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.913158894 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.913197994 CEST49709443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.919225931 CEST4434971084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.919294119 CEST49710443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.919327974 CEST4434971084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.919358015 CEST4434971084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.919367075 CEST49710443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.919398069 CEST49710443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.924629927 CEST49714443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.927615881 CEST4434971384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.927697897 CEST4434971384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.927731037 CEST49713443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.927759886 CEST49713443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.930831909 CEST49709443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.930867910 CEST4434970984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.931587934 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.931632996 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.931749105 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.933605909 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.933626890 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.936378002 CEST4434971484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.936404943 CEST4434971484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.936454058 CEST49714443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.936474085 CEST4434971484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.936517000 CEST49714443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.943310976 CEST4434971284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.943392038 CEST49712443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.948973894 CEST4434971184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.949050903 CEST49711443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.949074984 CEST4434971184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.949093103 CEST4434971184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.949142933 CEST49711443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.961508989 CEST49710443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.961558104 CEST4434971084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.962328911 CEST49717443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.962378025 CEST4434971784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.962454081 CEST49717443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.963730097 CEST49717443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.963754892 CEST4434971784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.973124027 CEST49713443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.973177910 CEST4434971384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.974024057 CEST49718443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.974067926 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.974214077 CEST49718443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.976335049 CEST49718443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.976370096 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.980622053 CEST49712443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.980648041 CEST4434971284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.981370926 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.981395006 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.981479883 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.983175039 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.983189106 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.985548019 CEST49714443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.985584974 CEST4434971484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:38.986483097 CEST49711443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:38.986507893 CEST4434971184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.026597023 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.027048111 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.027077913 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.027702093 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.028212070 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.028224945 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.028322935 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.033349037 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.033366919 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.053745031 CEST4434971784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.054157972 CEST49717443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.054197073 CEST4434971784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.054621935 CEST4434971784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.055198908 CEST49717443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.055217028 CEST4434971784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.055301905 CEST4434971784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.055680037 CEST49717443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.055690050 CEST4434971784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.066549063 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.066916943 CEST49718443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.066962957 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.068881989 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.068995953 CEST49718443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.069732904 CEST49718443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.069757938 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.069920063 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.070122957 CEST49718443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.070147991 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.070662975 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.070930958 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.070967913 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.072163105 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.072247028 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.072926998 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.072938919 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.073046923 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.073323011 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.073338985 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.081584930 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.081655025 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.081758022 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.081792116 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.109817982 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.109930992 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.109978914 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.110008955 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.110032082 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.110059023 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.110157967 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.110220909 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.110230923 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.110274076 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.110522985 CEST4434971784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.110553026 CEST4434971784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.110611916 CEST49717443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.110626936 CEST4434971784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.110642910 CEST4434971784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.110671043 CEST49717443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.110722065 CEST4434971784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.110794067 CEST49717443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.121097088 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.121275902 CEST49718443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.121308088 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.121357918 CEST49718443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.121654987 CEST49717443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.121686935 CEST4434971784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.124943018 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.125081062 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.125104904 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.125148058 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.139056921 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.139152050 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.139205933 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.139229059 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.139256954 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.139286995 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.139312983 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.139354944 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.139395952 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.139411926 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.139497042 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.139544964 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.139977932 CEST49716443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.139996052 CEST4434971684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.148190022 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.148210049 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.148298025 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.148386002 CEST49718443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.148415089 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.148435116 CEST49718443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.148441076 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.148468971 CEST49718443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.148528099 CEST49718443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.154237986 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.154261112 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.154299021 CEST49718443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.154321909 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.154325008 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.154336929 CEST4434971884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.154369116 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.154371977 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.154381990 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.154387951 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.154419899 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.154443026 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.154449940 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.154455900 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.154495955 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.154505968 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.154541969 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.180906057 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.180988073 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.181011915 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.181034088 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.181054115 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.181065083 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.181086063 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.181091070 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.181116104 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.181134939 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.181209087 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.181260109 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.181267023 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.181282043 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.181319952 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.181325912 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.181375980 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.181423903 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.182305098 CEST49719443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.182324886 CEST4434971984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.193053961 CEST49720443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.193121910 CEST4434972084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.193219900 CEST49720443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.193880081 CEST49720443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.193898916 CEST4434972084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.199630976 CEST49721443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.199683905 CEST4434972184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.199754953 CEST49721443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.200005054 CEST49721443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.200020075 CEST4434972184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.200675011 CEST49722443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.200711012 CEST4434972284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.200779915 CEST49722443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.200942039 CEST49722443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.200953007 CEST4434972284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.201406956 CEST49723443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.201458931 CEST4434972384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.201522112 CEST49723443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.201908112 CEST49724443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.201920986 CEST4434972484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.201973915 CEST49724443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.202086926 CEST49723443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.202101946 CEST4434972384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.202235937 CEST49724443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.202245951 CEST4434972484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.202791929 CEST49725443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.202831030 CEST4434972584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.202897072 CEST49725443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.203274012 CEST49725443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.203288078 CEST4434972584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.223959923 CEST49726443192.168.2.5142.250.203.100
                Oct 3, 2022 11:56:39.224025965 CEST44349726142.250.203.100192.168.2.5
                Oct 3, 2022 11:56:39.224100113 CEST49726443192.168.2.5142.250.203.100
                Oct 3, 2022 11:56:39.224431992 CEST49726443192.168.2.5142.250.203.100
                Oct 3, 2022 11:56:39.224452972 CEST44349726142.250.203.100192.168.2.5
                Oct 3, 2022 11:56:39.286441088 CEST4434972084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.286784887 CEST49720443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.286830902 CEST4434972084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.287374973 CEST4434972084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.287902117 CEST49720443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.287931919 CEST4434972084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.288100004 CEST49720443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.288113117 CEST4434972084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.288326979 CEST4434972084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.292043924 CEST44349726142.250.203.100192.168.2.5
                Oct 3, 2022 11:56:39.292428017 CEST49726443192.168.2.5142.250.203.100
                Oct 3, 2022 11:56:39.292473078 CEST44349726142.250.203.100192.168.2.5
                Oct 3, 2022 11:56:39.293864965 CEST44349726142.250.203.100192.168.2.5
                Oct 3, 2022 11:56:39.293946981 CEST49726443192.168.2.5142.250.203.100
                Oct 3, 2022 11:56:39.294429064 CEST4434972184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.294718981 CEST49721443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.294744015 CEST4434972184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.295522928 CEST4434972184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.296590090 CEST49721443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.296611071 CEST4434972184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.296787024 CEST49726443192.168.2.5142.250.203.100
                Oct 3, 2022 11:56:39.296813011 CEST44349726142.250.203.100192.168.2.5
                Oct 3, 2022 11:56:39.296870947 CEST4434972184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.296984911 CEST49721443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.296997070 CEST4434972184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.297327042 CEST4434972484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.297427893 CEST44349726142.250.203.100192.168.2.5
                Oct 3, 2022 11:56:39.297550917 CEST49724443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.297581911 CEST4434972484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.298774004 CEST4434972484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.298862934 CEST49724443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.299308062 CEST49724443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.299320936 CEST4434972484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.299421072 CEST4434972484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.299753904 CEST49724443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.299772024 CEST4434972484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.308291912 CEST4434972584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.308784962 CEST49725443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.308824062 CEST4434972584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.310039997 CEST4434972584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.310106993 CEST49725443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.316615105 CEST49725443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.316637993 CEST4434972584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.316790104 CEST4434972584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.317188978 CEST49725443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.317203999 CEST4434972584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.319740057 CEST4434972284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.320025921 CEST49722443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.320046902 CEST4434972284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.321322918 CEST4434972284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.321417093 CEST49722443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.322305918 CEST49722443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.322314024 CEST4434972284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.322412014 CEST4434972284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.322691917 CEST4434972384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.322796106 CEST49722443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.322807074 CEST4434972284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.323021889 CEST49723443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.323055983 CEST4434972384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.324848890 CEST4434972384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.324914932 CEST49723443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.325345039 CEST49723443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.325355053 CEST4434972384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.325480938 CEST4434972384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.325767994 CEST49723443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.325783014 CEST4434972384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.338656902 CEST4434972084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.338759899 CEST49720443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.348417044 CEST4434972184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.348572969 CEST4434972184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.348660946 CEST49721443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.352546930 CEST49726443192.168.2.5142.250.203.100
                Oct 3, 2022 11:56:39.352588892 CEST44349726142.250.203.100192.168.2.5
                Oct 3, 2022 11:56:39.353363991 CEST4434972484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.353451967 CEST4434972484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.353455067 CEST49724443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.353502035 CEST49724443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.353900909 CEST49720443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.353929996 CEST4434972084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.354484081 CEST49727443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.354521036 CEST4434972784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.354585886 CEST49727443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.355135918 CEST49727443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.355153084 CEST4434972784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.359146118 CEST49721443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.359184980 CEST4434972184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.359707117 CEST49728443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.359771013 CEST4434972884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.359860897 CEST49728443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.361615896 CEST49728443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.361649036 CEST4434972884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.361825943 CEST49724443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.361851931 CEST4434972484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.363138914 CEST4434972584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.363224030 CEST4434972584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.363223076 CEST49725443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.363264084 CEST49725443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.366018057 CEST49725443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.366044044 CEST4434972584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.377697945 CEST4434972284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.377770901 CEST49722443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.377791882 CEST4434972284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.377832890 CEST49722443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.378393888 CEST4434972284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.378482103 CEST4434972284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.378525972 CEST49722443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.379055023 CEST4434972384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.379122019 CEST49723443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.379160881 CEST4434972384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.379189014 CEST4434972384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.379229069 CEST49723443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.380625010 CEST49722443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.380642891 CEST4434972284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.380654097 CEST49722443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.380692959 CEST49722443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.384387970 CEST49723443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.384458065 CEST4434972384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.445729017 CEST4434972784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.449295998 CEST49727443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.449342966 CEST4434972784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.449944973 CEST4434972784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.450444937 CEST49727443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.450481892 CEST4434972784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.450587988 CEST4434972784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.450773001 CEST49727443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.450788021 CEST4434972784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.452537060 CEST49726443192.168.2.5142.250.203.100
                Oct 3, 2022 11:56:39.452821016 CEST4434972884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.453248978 CEST49728443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.453284025 CEST4434972884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.453922033 CEST4434972884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.454379082 CEST49728443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.454395056 CEST4434972884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.454514027 CEST4434972884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.454955101 CEST49728443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.454967976 CEST4434972884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.500051022 CEST4434972784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.500169992 CEST4434972784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.500252008 CEST49727443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.502597094 CEST49727443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.502640963 CEST4434972784.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.506467104 CEST4434972884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.506561995 CEST4434972884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.506614923 CEST49728443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.508227110 CEST49728443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.508256912 CEST4434972884.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.545016050 CEST49729443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.545075893 CEST4434972984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.545161009 CEST49729443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.545461893 CEST49729443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.545485973 CEST4434972984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.545960903 CEST49730443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.546000957 CEST4434973084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.546071053 CEST49730443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.546391010 CEST49730443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.546406984 CEST4434973084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.547012091 CEST49731443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.547060013 CEST4434973184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.547122002 CEST49731443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.547293901 CEST49731443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.547311068 CEST4434973184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.649425030 CEST49732443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.649509907 CEST4434973284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.649590015 CEST49732443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.649812937 CEST49732443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.649837017 CEST4434973284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.659337997 CEST49733443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.659377098 CEST4434973384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.659466982 CEST49733443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.660028934 CEST49733443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.660048008 CEST4434973384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.662394047 CEST4434973084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.662758112 CEST49730443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.662782907 CEST4434973084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.663753033 CEST4434973084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.664211035 CEST49730443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.664235115 CEST4434973084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.664328098 CEST4434973084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.664545059 CEST49730443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.664560080 CEST4434973084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.666035891 CEST49734443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.666081905 CEST4434973484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.666157007 CEST49734443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.666455984 CEST49734443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.666480064 CEST4434973484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.669164896 CEST4434973184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.669487953 CEST49731443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.669543028 CEST4434973184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.671066046 CEST4434973184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.671166897 CEST49731443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.671751022 CEST49731443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.671767950 CEST4434973184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.671901941 CEST4434973184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.671926975 CEST49731443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.671937943 CEST4434973184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.692756891 CEST4434972984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.694650888 CEST49729443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.694688082 CEST4434972984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.695301056 CEST4434972984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.695909023 CEST49729443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.695943117 CEST4434972984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.696094990 CEST4434972984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.696099997 CEST49729443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.696110964 CEST4434972984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.716133118 CEST4434973084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.716414928 CEST4434973084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.716681957 CEST49730443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.720249891 CEST49730443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.720304966 CEST4434973084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.722414970 CEST4434973184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.722582102 CEST4434973184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.722588062 CEST49731443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.722614050 CEST4434973184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.722635031 CEST49731443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.722651958 CEST49731443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.722659111 CEST4434973184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.722704887 CEST4434973184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.722742081 CEST49731443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.725893021 CEST4434972984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.726023912 CEST49729443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.740787029 CEST4434973284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.745857954 CEST49732443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.745903969 CEST4434973284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.747276068 CEST4434973284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.747394085 CEST49732443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.761950970 CEST4434973484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.775295019 CEST49734443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.775336981 CEST4434973484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.775727987 CEST49732443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.775769949 CEST4434973284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.775913000 CEST4434973284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.776062012 CEST4434973484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.776609898 CEST49734443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.776634932 CEST4434973484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.776743889 CEST4434973484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.776770115 CEST49732443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.776808977 CEST4434973284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.777158976 CEST49734443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.777179956 CEST4434973484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.781910896 CEST49729443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.781945944 CEST4434972984.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.782969952 CEST49731443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.783003092 CEST4434973184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.783355951 CEST4434973384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.783926964 CEST49733443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.783967018 CEST4434973384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.785258055 CEST4434973384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.785346985 CEST49733443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.785892010 CEST49733443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.785913944 CEST4434973384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.786047935 CEST4434973384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.786094904 CEST49733443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.786112070 CEST4434973384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.806914091 CEST4434973284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.807024002 CEST49732443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.811866999 CEST49732443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.811898947 CEST4434973284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.819295883 CEST4434973484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.819446087 CEST4434973484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.819547892 CEST49734443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.823427916 CEST49734443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.823463917 CEST4434973484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.840924025 CEST4434973384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.841079950 CEST49733443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.855268955 CEST49733443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.855307102 CEST4434973384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.886836052 CEST49735443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.886913061 CEST4434973584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.886991024 CEST49735443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.887295008 CEST49735443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.887314081 CEST4434973584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.977077961 CEST4434973584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.977435112 CEST49735443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.977472067 CEST4434973584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.977984905 CEST4434973584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.979280949 CEST49735443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.979307890 CEST4434973584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.979409933 CEST4434973584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:39.979696989 CEST49735443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:39.979707003 CEST4434973584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:40.033499002 CEST4434973584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:40.033616066 CEST4434973584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:40.033669949 CEST49735443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:40.040247917 CEST49735443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:40.040302992 CEST4434973584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.511146069 CEST49740443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.511203051 CEST4434974084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.511362076 CEST49740443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.517266035 CEST49740443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.517302990 CEST4434974084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.517591953 CEST49741443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.517667055 CEST4434974184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.517748117 CEST49741443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.529525995 CEST49741443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.529586077 CEST4434974184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.609366894 CEST4434974084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.609445095 CEST49740443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.624737978 CEST4434974184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.624929905 CEST49741443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.692679882 CEST49740443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.692709923 CEST4434974084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.692799091 CEST49741443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.692852974 CEST4434974184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.693113089 CEST4434974084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.693185091 CEST49740443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.693574905 CEST4434974184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.693645000 CEST49741443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.695534945 CEST49741443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.695564985 CEST4434974184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.696111917 CEST49740443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.696135044 CEST4434974084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.725363016 CEST4434974184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.725452900 CEST4434974084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.725483894 CEST4434974084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.725503922 CEST49740443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.725528002 CEST4434974084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.725544930 CEST49740443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.725598097 CEST49740443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.726955891 CEST49741443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.726989985 CEST4434974184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.727066040 CEST49741443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.727143049 CEST4434974184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.727191925 CEST49741443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.727210045 CEST4434974084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.727233887 CEST4434974184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.727274895 CEST49740443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.727292061 CEST4434974084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.727307081 CEST4434974084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.727312088 CEST49741443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.727336884 CEST49740443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.727355957 CEST49740443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.734693050 CEST49741443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.734755039 CEST4434974184.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.736143112 CEST49740443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.736177921 CEST4434974084.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.905982971 CEST49742443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.906048059 CEST4434974284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.906126022 CEST49742443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.906265974 CEST49743443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.906310081 CEST4434974384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.906377077 CEST49743443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.907046080 CEST49743443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:41.907064915 CEST4434974384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.996741056 CEST4434974384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:41.996859074 CEST49743443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.003217936 CEST49742443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.003258944 CEST4434974284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.005146980 CEST49743443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.005170107 CEST4434974384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.007072926 CEST49743443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.007092953 CEST4434974384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.052424908 CEST4434974384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.052525997 CEST49743443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.052531958 CEST4434974384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.052573919 CEST49743443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.062391043 CEST49743443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.062422037 CEST4434974384.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.063489914 CEST49744443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.063530922 CEST4434974484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.063591957 CEST49744443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.064027071 CEST49744443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.064040899 CEST4434974484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.094347954 CEST4434974284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.094511032 CEST49742443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.147469997 CEST49742443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.147522926 CEST4434974284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.149367094 CEST49742443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.149389982 CEST4434974284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.155019999 CEST4434974484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.155085087 CEST49744443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.155602932 CEST49744443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.155616045 CEST4434974484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.158411980 CEST49744443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.158432007 CEST4434974484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.179728985 CEST4434974284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.179795027 CEST49742443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.179826021 CEST4434974284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.179847002 CEST4434974284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.179871082 CEST49742443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.179902077 CEST49742443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.187566996 CEST49742443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.187609911 CEST4434974284.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.193430901 CEST49745443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.193506002 CEST4434974584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.193571091 CEST49745443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.210834026 CEST4434974484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.210901022 CEST49744443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.210927010 CEST4434974484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.210983992 CEST49744443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.211009026 CEST4434974484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.211050987 CEST49744443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.211067915 CEST4434974484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.211111069 CEST49744443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.222678900 CEST49745443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.222727060 CEST4434974584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.226947069 CEST49744443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.226995945 CEST4434974484.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.228847980 CEST49746443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.228899002 CEST4434974684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.228960991 CEST49746443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.229716063 CEST49746443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.229732037 CEST4434974684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.312864065 CEST4434974584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.313019991 CEST49745443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.320673943 CEST4434974684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.320839882 CEST49746443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.328747034 CEST49745443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.328775883 CEST4434974584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.330423117 CEST49745443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.330447912 CEST4434974584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.330837011 CEST49746443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.330853939 CEST4434974684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.332652092 CEST49746443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.332669973 CEST4434974684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.368232012 CEST4434974584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.368321896 CEST49745443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.368326902 CEST4434974584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.368374109 CEST49745443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.368606091 CEST49745443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.368635893 CEST4434974584.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.368653059 CEST49745443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.368688107 CEST49745443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.376410007 CEST4434974684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.376507998 CEST4434974684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:42.376507998 CEST49746443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.376563072 CEST49746443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.383116007 CEST49746443192.168.2.584.241.158.7
                Oct 3, 2022 11:56:42.383157969 CEST4434974684.241.158.7192.168.2.5
                Oct 3, 2022 11:56:49.301446915 CEST44349726142.250.203.100192.168.2.5
                Oct 3, 2022 11:56:49.301546097 CEST44349726142.250.203.100192.168.2.5
                Oct 3, 2022 11:56:49.301666021 CEST49726443192.168.2.5142.250.203.100
                Oct 3, 2022 11:56:53.790751934 CEST49726443192.168.2.5142.250.203.100
                Oct 3, 2022 11:56:53.790802956 CEST44349726142.250.203.100192.168.2.5
                Oct 3, 2022 11:57:23.661742926 CEST49702443192.168.2.5142.250.203.110
                Oct 3, 2022 11:57:23.661786079 CEST44349702142.250.203.110192.168.2.5
                Oct 3, 2022 11:57:23.801403999 CEST49707443192.168.2.5142.250.203.109
                Oct 3, 2022 11:57:23.801445007 CEST44349707142.250.203.109192.168.2.5
                Oct 3, 2022 11:57:40.335052967 CEST49707443192.168.2.5142.250.203.109
                Oct 3, 2022 11:57:40.335098982 CEST49702443192.168.2.5142.250.203.110
                Oct 3, 2022 11:57:40.335213900 CEST44349707142.250.203.109192.168.2.5
                Oct 3, 2022 11:57:40.335285902 CEST49707443192.168.2.5142.250.203.109
                Oct 3, 2022 11:57:40.335370064 CEST44349702142.250.203.110192.168.2.5
                Oct 3, 2022 11:57:40.335433006 CEST49702443192.168.2.5142.250.203.110
                Oct 3, 2022 11:57:40.335589886 CEST49766443192.168.2.5142.250.203.100
                Oct 3, 2022 11:57:40.335624933 CEST44349766142.250.203.100192.168.2.5
                Oct 3, 2022 11:57:40.335680008 CEST49766443192.168.2.5142.250.203.100
                Oct 3, 2022 11:57:40.336150885 CEST49766443192.168.2.5142.250.203.100
                Oct 3, 2022 11:57:40.336165905 CEST44349766142.250.203.100192.168.2.5
                Oct 3, 2022 11:57:40.392767906 CEST44349766142.250.203.100192.168.2.5
                Oct 3, 2022 11:57:40.393449068 CEST49766443192.168.2.5142.250.203.100
                Oct 3, 2022 11:57:40.393497944 CEST44349766142.250.203.100192.168.2.5
                Oct 3, 2022 11:57:40.394032955 CEST44349766142.250.203.100192.168.2.5
                Oct 3, 2022 11:57:40.395090103 CEST49766443192.168.2.5142.250.203.100
                Oct 3, 2022 11:57:40.395113945 CEST44349766142.250.203.100192.168.2.5
                Oct 3, 2022 11:57:40.395211935 CEST44349766142.250.203.100192.168.2.5
                Oct 3, 2022 11:57:40.479578018 CEST49766443192.168.2.5142.250.203.100
                Oct 3, 2022 11:57:50.387608051 CEST44349766142.250.203.100192.168.2.5
                Oct 3, 2022 11:57:50.387716055 CEST44349766142.250.203.100192.168.2.5
                Oct 3, 2022 11:57:50.387840986 CEST49766443192.168.2.5142.250.203.100

                UDP Packets

                TimestampSource PortDest PortSource IPDest IP
                Oct 3, 2022 11:56:36.246303082 CEST4917753192.168.2.58.8.8.8
                Oct 3, 2022 11:56:36.246367931 CEST5144153192.168.2.58.8.8.8
                Oct 3, 2022 11:56:36.272711039 CEST53491778.8.8.8192.168.2.5
                Oct 3, 2022 11:56:36.285123110 CEST53514418.8.8.8192.168.2.5
                Oct 3, 2022 11:56:38.370270967 CEST6532353192.168.2.58.8.8.8
                Oct 3, 2022 11:56:38.407946110 CEST53653238.8.8.8192.168.2.5
                Oct 3, 2022 11:56:39.199728966 CEST5675153192.168.2.58.8.8.8
                Oct 3, 2022 11:56:39.219069004 CEST53567518.8.8.8192.168.2.5
                Oct 3, 2022 11:56:41.465269089 CEST5922053192.168.2.58.8.8.8
                Oct 3, 2022 11:56:41.484415054 CEST53592208.8.8.8192.168.2.5
                Oct 3, 2022 11:57:40.306819916 CEST5847253192.168.2.58.8.8.8
                Oct 3, 2022 11:57:40.333372116 CEST53584728.8.8.8192.168.2.5

                DNS Queries

                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                Oct 3, 2022 11:56:36.246303082 CEST192.168.2.58.8.8.80xbd13Standard query (0)accounts.google.comA (IP address)IN (0x0001)false
                Oct 3, 2022 11:56:36.246367931 CEST192.168.2.58.8.8.80xf0faStandard query (0)clients2.google.comA (IP address)IN (0x0001)false
                Oct 3, 2022 11:56:38.370270967 CEST192.168.2.58.8.8.80x65d8Standard query (0)expressinvoice.mijnparagon-cc.nlA (IP address)IN (0x0001)false
                Oct 3, 2022 11:56:39.199728966 CEST192.168.2.58.8.8.80xdb0eStandard query (0)www.google.comA (IP address)IN (0x0001)false
                Oct 3, 2022 11:56:41.465269089 CEST192.168.2.58.8.8.80xeeffStandard query (0)expressinvoice.mijnparagon-cc.nlA (IP address)IN (0x0001)false
                Oct 3, 2022 11:57:40.306819916 CEST192.168.2.58.8.8.80xd842Standard query (0)www.google.comA (IP address)IN (0x0001)false

                DNS Answers

                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                Oct 3, 2022 11:56:36.272711039 CEST8.8.8.8192.168.2.50xbd13No error (0)accounts.google.com142.250.203.109A (IP address)IN (0x0001)false
                Oct 3, 2022 11:56:36.285123110 CEST8.8.8.8192.168.2.50xf0faNo error (0)clients2.google.comclients.l.google.comCNAME (Canonical name)IN (0x0001)false
                Oct 3, 2022 11:56:36.285123110 CEST8.8.8.8192.168.2.50xf0faNo error (0)clients.l.google.com142.250.203.110A (IP address)IN (0x0001)false
                Oct 3, 2022 11:56:38.407946110 CEST8.8.8.8192.168.2.50x65d8No error (0)expressinvoice.mijnparagon-cc.nl84.241.158.7A (IP address)IN (0x0001)false
                Oct 3, 2022 11:56:39.219069004 CEST8.8.8.8192.168.2.50xdb0eNo error (0)www.google.com142.250.203.100A (IP address)IN (0x0001)false
                Oct 3, 2022 11:56:41.484415054 CEST8.8.8.8192.168.2.50xeeffNo error (0)expressinvoice.mijnparagon-cc.nl84.241.158.7A (IP address)IN (0x0001)false
                Oct 3, 2022 11:57:40.333372116 CEST8.8.8.8192.168.2.50xd842No error (0)www.google.com142.250.203.100A (IP address)IN (0x0001)false

                HTTP Request Dependency Graph

                • clients2.google.com
                • accounts.google.com
                • expressinvoice.mijnparagon-cc.nl
                • https:

                HTTPS Proxied Packets

                Session IDSource IPSource PortDestination IPDestination PortProcess
                0192.168.2.549706142.250.203.110443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:38 UTC0OUTGET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1
                Host: clients2.google.com
                Connection: keep-alive
                X-Goog-Update-Interactivity: fg
                X-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda
                X-Goog-Update-Updater: chromecrx-104.0.5112.81
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: empty
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2022-10-03 09:56:38 UTC1INHTTP/1.1 200 OK
                Content-Security-Policy: script-src 'report-sample' 'nonce-gwWk9cqYx34oOKpg4uxcVg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
                Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                Pragma: no-cache
                Expires: Mon, 01 Jan 1990 00:00:00 GMT
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Content-Type: text/xml; charset=UTF-8
                X-Daynum: 5754
                X-Daystart: 10598
                X-Content-Type-Options: nosniff
                X-Frame-Options: SAMEORIGIN
                X-XSS-Protection: 1; mode=block
                Server: GSE
                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                Accept-Ranges: none
                Vary: Accept-Encoding
                Connection: close
                Transfer-Encoding: chunked
                2022-10-03 09:56:38 UTC2INData Raw: 32 63 39 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 67 75 70 64 61 74 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 75 70 64 61 74 65 32 2f 72 65 73 70 6f 6e 73 65 22 20 70 72 6f 74 6f 63 6f 6c 3d 22 32 2e 30 22 20 73 65 72 76 65 72 3d 22 70 72 6f 64 22 3e 3c 64 61 79 73 74 61 72 74 20 65 6c 61 70 73 65 64 5f 64 61 79 73 3d 22 35 37 35 34 22 20 65 6c 61 70 73 65 64 5f 73 65 63 6f 6e 64 73 3d 22 31 30 35 39 38 22 2f 3e 3c 61 70 70 20 61 70 70 69 64 3d 22 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 22 20 63 6f 68 6f 72 74 3d 22 31 3a 3a 22 20 63 6f 68 6f 72 74 6e 61 6d 65 3d 22 22
                Data Ascii: 2c9<?xml version="1.0" encoding="UTF-8"?><gupdate xmlns="http://www.google.com/update2/response" protocol="2.0" server="prod"><daystart elapsed_days="5754" elapsed_seconds="10598"/><app appid="nmmhkkegccagdldgiimedpiccmgmieda" cohort="1::" cohortname=""
                2022-10-03 09:56:38 UTC2INData Raw: 6d 78 76 59 6e 4d 76 4e 7a 49 30 51 55 46 58 4e 56 39 7a 54 32 52 76 64 55 77 79 4d 45 52 45 53 45 5a 47 56 6d 4a 6e 51 51 2f 31 2e 30 2e 30 2e 36 5f 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 2e 63 72 78 22 20 66 70 3d 22 31 2e 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 68 61 73 68 5f 73 68 61 32 35 36 3d 22 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 70 72 6f 74 65 63 74 65 64 3d 22 30 22 20 73 69
                Data Ascii: mxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crx" fp="1.81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" hash_sha256="81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" protected="0" si
                2022-10-03 09:56:38 UTC2INData Raw: 30 0d 0a 0d 0a
                Data Ascii: 0


                Session IDSource IPSource PortDestination IPDestination PortProcess
                1192.168.2.549704142.250.203.109443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:38 UTC0OUTPOST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1
                Host: accounts.google.com
                Connection: keep-alive
                Content-Length: 1
                Origin: https://www.google.com
                Content-Type: application/x-www-form-urlencoded
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: empty
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2022-10-03 09:56:38 UTC1OUTData Raw: 20
                Data Ascii:
                2022-10-03 09:56:38 UTC2INHTTP/1.1 200 OK
                Content-Type: application/json; charset=utf-8
                Access-Control-Allow-Origin: https://www.google.com
                Access-Control-Allow-Credentials: true
                X-Content-Type-Options: nosniff
                Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                Pragma: no-cache
                Expires: Mon, 01 Jan 1990 00:00:00 GMT
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Strict-Transport-Security: max-age=31536000; includeSubDomains
                Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
                Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/IdentityListAccountsHttp/cspreport
                Content-Security-Policy: script-src 'report-sample' 'nonce-3UwDvr8MgT6ioqg_XRNsQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityListAccountsHttp/cspreport;worker-src 'self'
                Content-Security-Policy: script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdentityListAccountsHttp/cspreport/allowlist
                Report-To: {"group":"IdentityListAccountsHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external"}]}
                Cross-Origin-Opener-Policy: same-origin; report-to="IdentityListAccountsHttp"
                Server: ESF
                X-XSS-Protection: 0
                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                Accept-Ranges: none
                Vary: Accept-Encoding
                Connection: close
                Transfer-Encoding: chunked
                2022-10-03 09:56:38 UTC4INData Raw: 31 31 0d 0a 5b 22 67 61 69 61 2e 6c 2e 61 2e 72 22 2c 5b 5d 5d 0d 0a
                Data Ascii: 11["gaia.l.a.r",[]]
                2022-10-03 09:56:38 UTC4INData Raw: 30 0d 0a 0d 0a
                Data Ascii: 0


                Session IDSource IPSource PortDestination IPDestination PortProcess
                10192.168.2.54971784.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC45OUTGET /_lib/js/jquery/ui.core.js HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: */*
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: script
                Referer: https://expressinvoice.mijnparagon-cc.nl/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC76INHTTP/1.1 200 OK
                Content-Type: application/javascript
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 7940
                2022-10-03 09:56:39 UTC76INData Raw: 2f 2a 0d 0a 20 2a 20 6a 51 75 65 72 79 20 55 49 20 31 2e 35 2e 32 0d 0a 20 2a 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 30 38 20 50 61 75 6c 20 42 61 6b 61 75 73 20 28 75 69 2e 6a 71 75 65 72 79 2e 63 6f 6d 29 0d 0a 20 2a 20 44 75 61 6c 20 6c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 28 4d 49 54 2d 4c 49 43 45 4e 53 45 2e 74 78 74 29 0d 0a 20 2a 20 61 6e 64 20 47 50 4c 20 28 47 50 4c 2d 4c 49 43 45 4e 53 45 2e 74 78 74 29 20 6c 69 63 65 6e 73 65 73 2e 0d 0a 20 2a 0d 0a 20 2a 20 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6a 71 75 65 72 79 2e 63 6f 6d 2f 55 49 0d 0a 20 2a 2f 0d 0a 3b 28 66 75 6e 63 74 69 6f 6e 28 24 29 20 7b 0d 0a 0d 0a 24 2e 75 69 20 3d 20 7b 0d 0a 09 70 6c 75 67 69 6e 3a 20 7b 0d 0a 09 09 61 64 64 3a
                Data Ascii: /* * jQuery UI 1.5.2 * * Copyright (c) 2008 Paul Bakaus (ui.jquery.com) * Dual licensed under the MIT (MIT-LICENSE.txt) * and GPL (GPL-LICENSE.txt) licenses. * * http://docs.jquery.com/UI */;(function($) {$.ui = {plugin: {add:
                2022-10-03 09:56:39 UTC82INData Raw: 2e 5f 6d 6f 75 73 65 55 6e 73 65 6c 65 63 74 61 62 6c 65 29 29 3b 0d 0a 09 7d 2c 0d 0a 09 0d 0a 09 6d 6f 75 73 65 44 6f 77 6e 3a 20 66 75 6e 63 74 69 6f 6e 28 65 29 20 7b 0d 0a 09 09 2f 2f 20 77 65 20 6d 61 79 20 68 61 76 65 20 6d 69 73 73 65 64 20 6d 6f 75 73 65 75 70 20 28 6f 75 74 20 6f 66 20 77 69 6e 64 6f 77 29 0d 0a 09 09 28 74 68 69 73 2e 5f 6d 6f 75 73 65 53 74 61 72 74 65 64 20 26 26 20 74 68 69 73 2e 6d 6f 75 73 65 55 70 28 65 29 29 3b 0d 0a 09 09 0d 0a 09 09 74 68 69 73 2e 5f 6d 6f 75 73 65 44 6f 77 6e 45 76 65 6e 74 20 3d 20 65 3b 0d 0a 09 09 0d 0a 09 09 76 61 72 20 73 65 6c 66 20 3d 20 74 68 69 73 2c 0d 0a 09 09 09 62 74 6e 49 73 4c 65 66 74 20 3d 20 28 65 2e 77 68 69 63 68 20 3d 3d 20 31 29 2c 0d 0a 09 09 09 65 6c 49 73 43 61 6e 63 65 6c 20
                Data Ascii: ._mouseUnselectable));},mouseDown: function(e) {// we may have missed mouseup (out of window)(this._mouseStarted && this.mouseUp(e));this._mouseDownEvent = e;var self = this,btnIsLeft = (e.which == 1),elIsCancel


                Session IDSource IPSource PortDestination IPDestination PortProcess
                11192.168.2.54971884.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC45OUTGET /_lib/js/jquery/ui.tabs.js HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: */*
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: script
                Referer: https://expressinvoice.mijnparagon-cc.nl/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC84INHTTP/1.1 200 OK
                Content-Type: application/javascript
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 18691
                2022-10-03 09:56:39 UTC85INData Raw: ef bb bf 2f 2a 0d 0a 20 2a 20 6a 51 75 65 72 79 20 55 49 20 54 61 62 73 0d 0a 20 2a 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 30 37 2c 20 32 30 30 38 20 4b 6c 61 75 73 20 48 61 72 74 6c 20 28 73 74 69 6c 62 75 65 72 6f 2e 64 65 29 0d 0a 20 2a 20 44 75 61 6c 20 6c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 28 4d 49 54 2d 4c 49 43 45 4e 53 45 2e 74 78 74 29 0d 0a 20 2a 20 61 6e 64 20 47 50 4c 20 28 47 50 4c 2d 4c 49 43 45 4e 53 45 2e 74 78 74 29 20 6c 69 63 65 6e 73 65 73 2e 0d 0a 20 2a 0d 0a 20 2a 20 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6a 71 75 65 72 79 2e 63 6f 6d 2f 55 49 2f 54 61 62 73 0d 0a 20 2a 0d 0a 20 2a 20 44 65 70 65 6e 64 73 3a 0d 0a 20 2a 09 75 69 2e 63 6f 72 65 2e 6a 73 0d 0a 20 2a 2f 0d 0a 28 66 75
                Data Ascii: /* * jQuery UI Tabs * * Copyright (c) 2007, 2008 Klaus Hartl (stilbuero.de) * Dual licensed under the MIT (MIT-LICENSE.txt) * and GPL (GPL-LICENSE.txt) licenses. * * http://docs.jquery.com/UI/Tabs * * Depends: *ui.core.js */(fu
                2022-10-03 09:56:39 UTC121INData Raw: 6f 6e 73 74 72 75 63 74 6f 72 20 3d 3d 20 41 72 72 61 79 29 0d 0a 09 09 09 68 69 64 65 46 78 20 3d 20 6f 2e 66 78 5b 30 5d 20 7c 7c 20 62 61 73 65 46 78 2c 20 73 68 6f 77 46 78 20 3d 20 6f 2e 66 78 5b 31 5d 20 7c 7c 20 62 61 73 65 46 78 3b 0d 0a 09 09 65 6c 73 65 0d 0a 09 09 09 68 69 64 65 46 78 20 3d 20 73 68 6f 77 46 78 20 3d 20 6f 2e 66 78 20 7c 7c 20 62 61 73 65 46 78 3b 0d 0a 0d 0a 09 09 2f 2f 20 72 65 73 65 74 20 73 6f 6d 65 20 73 74 79 6c 65 73 20 74 6f 20 6d 61 69 6e 74 61 69 6e 20 70 72 69 6e 74 20 73 74 79 6c 65 20 73 68 65 65 74 73 20 65 74 63 2e 0d 0a 09 09 76 61 72 20 72 65 73 65 74 43 53 53 20 3d 20 7b 20 64 69 73 70 6c 61 79 3a 20 27 27 2c 20 6f 76 65 72 66 6c 6f 77 3a 20 27 27 2c 20 68 65 69 67 68 74 3a 20 27 27 20 7d 3b 0d 0a 09 09 69 66
                Data Ascii: onstructor == Array)hideFx = o.fx[0] || baseFx, showFx = o.fx[1] || baseFx;elsehideFx = showFx = o.fx || baseFx;// reset some styles to maintain print style sheets etc.var resetCSS = { display: '', overflow: '', height: '' };if
                2022-10-03 09:56:39 UTC129INData Raw: 0d 0a 09 09 69 66 20 28 69 6e 64 65 78 20 21 3d 20 6f 2e 73 65 6c 65 63 74 65 64 29 20 7b 20 2f 2f 20 63 61 6e 6e 6f 74 20 64 69 73 61 62 6c 65 20 61 6c 72 65 61 64 79 20 73 65 6c 65 63 74 65 64 20 74 61 62 0d 0a 09 09 09 74 68 69 73 2e 24 6c 69 73 2e 65 71 28 69 6e 64 65 78 29 2e 61 64 64 43 6c 61 73 73 28 6f 2e 64 69 73 61 62 6c 65 64 43 6c 61 73 73 29 3b 0d 0a 0d 0a 09 09 09 6f 2e 64 69 73 61 62 6c 65 64 2e 70 75 73 68 28 69 6e 64 65 78 29 3b 0d 0a 09 09 09 6f 2e 64 69 73 61 62 6c 65 64 2e 73 6f 72 74 28 29 3b 0d 0a 0d 0a 09 09 09 2f 2f 20 63 61 6c 6c 62 61 63 6b 0d 0a 09 09 09 74 68 69 73 2e 65 6c 65 6d 65 6e 74 2e 74 72 69 67 67 65 72 48 61 6e 64 6c 65 72 28 27 74 61 62 73 64 69 73 61 62 6c 65 27 2c 0d 0a 09 09 09 09 5b 74 68 69 73 2e 66 61 6b 65 45
                Data Ascii: if (index != o.selected) { // cannot disable already selected tabthis.$lis.eq(index).addClass(o.disabledClass);o.disabled.push(index);o.disabled.sort();// callbackthis.element.triggerHandler('tabsdisable',[this.fakeE


                Session IDSource IPSource PortDestination IPDestination PortProcess
                12192.168.2.54971984.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC46OUTGET /_lib/js/jquery/ui.datepicker.js HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: */*
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: script
                Referer: https://expressinvoice.mijnparagon-cc.nl/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC90INHTTP/1.1 200 OK
                Content-Type: application/javascript
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 68305
                2022-10-03 09:56:39 UTC90INData Raw: 2f 2a 0d 0a 20 2a 20 6a 51 75 65 72 79 20 55 49 20 44 61 74 65 70 69 63 6b 65 72 0d 0a 20 2a 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 30 36 2c 20 32 30 30 37 2c 20 32 30 30 38 20 4d 61 72 63 20 47 72 61 62 61 6e 73 6b 69 0d 0a 20 2a 20 44 75 61 6c 20 6c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 28 4d 49 54 2d 4c 49 43 45 4e 53 45 2e 74 78 74 29 0d 0a 20 2a 20 61 6e 64 20 47 50 4c 20 28 47 50 4c 2d 4c 49 43 45 4e 53 45 2e 74 78 74 29 20 6c 69 63 65 6e 73 65 73 2e 0d 0a 20 2a 20 0d 0a 20 2a 20 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6a 71 75 65 72 79 2e 63 6f 6d 2f 55 49 2f 44 61 74 65 70 69 63 6b 65 72 0d 0a 20 2a 0d 0a 20 2a 20 44 65 70 65 6e 64 73 3a 0d 0a 20 2a 09 75 69 2e 63 6f 72 65 2e 6a 73 0d 0a 20 2a 0d 0a
                Data Ascii: /* * jQuery UI Datepicker * * Copyright (c) 2006, 2007, 2008 Marc Grabanski * Dual licensed under the MIT (MIT-LICENSE.txt) * and GPL (GPL-LICENSE.txt) licenses. * * http://docs.jquery.com/UI/Datepicker * * Depends: *ui.core.js *
                2022-10-03 09:56:39 UTC134INData Raw: 72 72 65 6e 74 20 79 65 61 72 20 28 2d 6e 6e 3a 2b 6e 6e 29 20 6f 72 20 61 62 73 6f 6c 75 74 65 20 28 6e 6e 6e 6e 3a 6e 6e 6e 6e 29 0d 0a 09 09 63 68 61 6e 67 65 46 69 72 73 74 44 61 79 3a 20 74 72 75 65 2c 20 2f 2f 20 54 72 75 65 20 74 6f 20 63 6c 69 63 6b 20 6f 6e 20 64 61 79 20 6e 61 6d 65 20 74 6f 20 63 68 61 6e 67 65 2c 20 66 61 6c 73 65 20 74 6f 20 72 65 6d 61 69 6e 20 61 73 20 73 65 74 0d 0a 09 09 68 69 67 68 6c 69 67 68 74 57 65 65 6b 3a 20 66 61 6c 73 65 2c 20 2f 2f 20 54 72 75 65 20 74 6f 20 68 69 67 68 6c 69 67 68 74 20 74 68 65 20 73 65 6c 65 63 74 65 64 20 77 65 65 6b 0d 0a 09 09 73 68 6f 77 4f 74 68 65 72 4d 6f 6e 74 68 73 3a 20 66 61 6c 73 65 2c 20 2f 2f 20 54 72 75 65 20 74 6f 20 73 68 6f 77 20 64 61 74 65 73 20 69 6e 20 6f 74 68 65 72 20
                Data Ascii: rrent year (-nn:+nn) or absolute (nnnn:nnnn)changeFirstDay: true, // True to click on day name to change, false to remain as sethighlightWeek: false, // True to highlight the selected weekshowOtherMonths: false, // True to show dates in other
                2022-10-03 09:56:39 UTC142INData Raw: 74 68 69 73 2e 5f 64 69 61 6c 6f 67 49 6e 70 75 74 2e 76 61 6c 28 64 61 74 65 54 65 78 74 29 3b 0d 0a 0d 0a 09 09 74 68 69 73 2e 5f 70 6f 73 20 3d 20 28 70 6f 73 20 3f 20 28 70 6f 73 2e 6c 65 6e 67 74 68 20 3f 20 70 6f 73 20 3a 20 5b 70 6f 73 2e 70 61 67 65 58 2c 20 70 6f 73 2e 70 61 67 65 59 5d 29 20 3a 20 6e 75 6c 6c 29 3b 0d 0a 09 09 69 66 20 28 21 74 68 69 73 2e 5f 70 6f 73 29 20 7b 0d 0a 09 09 09 76 61 72 20 62 72 6f 77 73 65 72 57 69 64 74 68 20 3d 20 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 57 69 64 74 68 20 7c 7c 20 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 69 65 6e 74 57 69 64 74 68 20 7c 7c 09 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 63 6c 69 65 6e 74 57 69 64 74 68 3b 0d 0a 09 09 09 76 61 72 20 62 72 6f 77 73
                Data Ascii: this._dialogInput.val(dateText);this._pos = (pos ? (pos.length ? pos : [pos.pageX, pos.pageY]) : null);if (!this._pos) {var browserWidth = window.innerWidth || document.documentElement.clientWidth ||document.body.clientWidth;var brows
                2022-10-03 09:56:39 UTC146INData Raw: 72 20 64 69 76 69 73 69 6f 6e 20 6f 72 20 73 70 61 6e 0d 0a 09 20 20 20 40 70 61 72 61 6d 20 20 6e 61 6d 65 20 20 20 20 6f 62 6a 65 63 74 20 2d 20 74 68 65 20 6e 65 77 20 73 65 74 74 69 6e 67 73 20 74 6f 20 75 70 64 61 74 65 20 6f 72 0d 0a 09 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 73 74 72 69 6e 67 20 2d 20 74 68 65 20 6e 61 6d 65 20 6f 66 20 74 68 65 20 73 65 74 74 69 6e 67 20 74 6f 20 63 68 61 6e 67 65 20 6f 72 0d 0a 09 20 20 20 40 70 61 72 61 6d 20 20 76 61 6c 75 65 20 20 20 61 6e 79 20 2d 20 74 68 65 20 6e 65 77 20 76 61 6c 75 65 20 66 6f 72 20 74 68 65 20 73 65 74 74 69 6e 67 20 28 6f 6d 69 74 20 69 66 20 61 62 6f 76 65 20 69 73 20 61 6e 20 6f 62 6a 65 63 74 29 20 2a 2f 0d 0a 09 5f 63 68 61 6e 67 65 44 61 74 65 70 69 63 6b 65 72 3a
                Data Ascii: r division or span @param name object - the new settings to update or string - the name of the setting to change or @param value any - the new value for the setting (omit if above is an object) */_changeDatepicker:
                2022-10-03 09:56:39 UTC154INData Raw: 3a 20 30 29 29 3b 0d 0a 09 09 65 6c 73 65 0d 0a 09 09 09 6f 66 66 73 65 74 2e 6c 65 66 74 20 2d 3d 20 28 69 73 46 69 78 65 64 20 3f 20 73 63 72 6f 6c 6c 58 20 3a 20 30 29 3b 0d 0a 09 09 2f 2f 20 72 65 70 6f 73 69 74 69 6f 6e 20 64 61 74 65 20 70 69 63 6b 65 72 20 76 65 72 74 69 63 61 6c 6c 79 20 69 66 20 6f 75 74 73 69 64 65 20 74 68 65 20 62 72 6f 77 73 65 72 20 77 69 6e 64 6f 77 0d 0a 09 09 69 66 20 28 28 6f 66 66 73 65 74 2e 74 6f 70 20 2b 20 69 6e 73 74 2e 64 70 44 69 76 2e 68 65 69 67 68 74 28 29 20 2d 20 73 63 72 6f 6c 6c 59 29 20 3e 20 62 72 6f 77 73 65 72 48 65 69 67 68 74 29 0d 0a 09 09 09 6f 66 66 73 65 74 2e 74 6f 70 20 3d 20 4d 61 74 68 2e 6d 61 78 28 28 69 73 46 69 78 65 64 20 3f 20 30 20 3a 20 73 63 72 6f 6c 6c 59 29 2c 0d 0a 09 09 09 09 70
                Data Ascii: : 0));elseoffset.left -= (isFixed ? scrollX : 0);// reposition date picker vertically if outside the browser windowif ((offset.top + inst.dpDiv.height() - scrollY) > browserHeight)offset.top = Math.max((isFixed ? 0 : scrollY),p
                2022-10-03 09:56:39 UTC162INData Raw: 73 2e 5f 67 65 74 28 69 6e 73 74 2c 20 27 72 61 6e 67 65 53 65 70 61 72 61 74 6f 72 27 29 20 2b 20 74 68 69 73 2e 66 6f 72 6d 61 74 44 61 74 65 28 0d 0a 09 09 09 09 61 6c 74 46 6f 72 6d 61 74 2c 20 64 61 74 65 5b 31 5d 20 7c 7c 20 64 61 74 65 5b 30 5d 2c 20 74 68 69 73 2e 5f 67 65 74 46 6f 72 6d 61 74 43 6f 6e 66 69 67 28 69 6e 73 74 29 29 29 20 3a 0d 0a 09 09 09 09 74 68 69 73 2e 66 6f 72 6d 61 74 44 61 74 65 28 61 6c 74 46 6f 72 6d 61 74 2c 20 64 61 74 65 2c 20 74 68 69 73 2e 5f 67 65 74 46 6f 72 6d 61 74 43 6f 6e 66 69 67 28 69 6e 73 74 29 29 29 3b 0d 0a 09 09 09 24 28 61 6c 74 46 69 65 6c 64 29 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 20 7b 20 24 28 74 68 69 73 29 2e 76 61 6c 28 64 61 74 65 53 74 72 29 3b 20 7d 29 3b 0d 0a 09 09 7d 0d 0a 09 7d
                Data Ascii: s._get(inst, 'rangeSeparator') + this.formatDate(altFormat, date[1] || date[0], this._getFormatConfig(inst))) :this.formatDate(altFormat, date, this._getFormatConfig(inst)));$(altField).each(function() { $(this).val(dateStr); });}}
                2022-10-03 09:56:39 UTC170INData Raw: 72 6d 61 74 20 2a 2f 0d 0a 09 66 6f 72 6d 61 74 44 61 74 65 3a 20 66 75 6e 63 74 69 6f 6e 20 28 66 6f 72 6d 61 74 2c 20 64 61 74 65 2c 20 73 65 74 74 69 6e 67 73 29 20 7b 0d 0a 09 09 69 66 20 28 21 64 61 74 65 29 0d 0a 09 09 09 72 65 74 75 72 6e 20 27 27 3b 0d 0a 09 09 76 61 72 20 64 61 79 4e 61 6d 65 73 53 68 6f 72 74 20 3d 20 28 73 65 74 74 69 6e 67 73 20 3f 20 73 65 74 74 69 6e 67 73 2e 64 61 79 4e 61 6d 65 73 53 68 6f 72 74 20 3a 20 6e 75 6c 6c 29 20 7c 7c 20 74 68 69 73 2e 5f 64 65 66 61 75 6c 74 73 2e 64 61 79 4e 61 6d 65 73 53 68 6f 72 74 3b 0d 0a 09 09 76 61 72 20 64 61 79 4e 61 6d 65 73 20 3d 20 28 73 65 74 74 69 6e 67 73 20 3f 20 73 65 74 74 69 6e 67 73 2e 64 61 79 4e 61 6d 65 73 20 3a 20 6e 75 6c 6c 29 20 7c 7c 20 74 68 69 73 2e 5f 64 65 66 61
                Data Ascii: rmat */formatDate: function (format, date, settings) {if (!date)return '';var dayNamesShort = (settings ? settings.dayNamesShort : null) || this._defaults.dayNamesShort;var dayNames = (settings ? settings.dayNames : null) || this._defa
                2022-10-03 09:56:39 UTC178INData Raw: 65 61 72 29 20 2b 0d 0a 09 09 09 27 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d 63 6c 6f 73 65 22 3e 3c 61 20 6f 6e 63 6c 69 63 6b 3d 22 6a 51 75 65 72 79 2e 64 61 74 65 70 69 63 6b 65 72 2e 5f 68 69 64 65 44 61 74 65 70 69 63 6b 65 72 28 29 3b 22 27 20 2b 0d 0a 09 09 09 28 73 68 6f 77 53 74 61 74 75 73 20 3f 20 74 68 69 73 2e 5f 61 64 64 53 74 61 74 75 73 28 69 6e 73 74 2c 20 74 68 69 73 2e 5f 67 65 74 28 69 6e 73 74 2c 20 27 63 6c 6f 73 65 53 74 61 74 75 73 27 29 20 7c 7c 20 27 26 23 78 61 30 3b 27 29 20 3a 20 27 27 29 20 2b 20 27 3e 27 20 2b 0d 0a 09 09 09 74 68 69 73 2e 5f 67 65 74 28 69 6e 73 74 2c 20 27 63 6c 6f 73 65 54 65 78 74 27 29 20 2b 20 27 3c 2f 61 3e 3c 2f 64 69 76 3e 27 20 2b 20 28 69 73 52 54 4c 20 3f 20
                Data Ascii: ear) +'<div class="ui-datepicker-close"><a onclick="jQuery.datepicker._hideDatepicker();"' +(showStatus ? this._addStatus(inst, this._get(inst, 'closeStatus') || '&#xa0;') : '') + '>' +this._get(inst, 'closeText') + '</a></div>' + (isRTL ?
                2022-10-03 09:56:39 UTC186INData Raw: 20 27 27 29 20 2b 20 27 3b 27 20 2b 20 2f 2f 20 68 69 67 68 6c 69 67 68 74 20 73 65 6c 65 63 74 69 6f 6e 20 77 65 65 6b 0d 0a 09 09 09 09 09 09 09 28 21 73 68 6f 77 53 74 61 74 75 73 20 7c 7c 20 28 6f 74 68 65 72 4d 6f 6e 74 68 20 26 26 20 21 73 68 6f 77 4f 74 68 65 72 4d 6f 6e 74 68 73 29 20 3f 20 27 27 20 3a 20 27 6a 51 75 65 72 79 28 5c 27 23 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d 73 74 61 74 75 73 2d 27 20 2b 0d 0a 09 09 09 09 09 09 09 69 6e 73 74 2e 69 64 20 2b 20 27 5c 27 29 2e 68 74 6d 6c 28 5c 27 27 20 2b 20 28 64 61 74 65 53 74 61 74 75 73 2e 61 70 70 6c 79 28 28 69 6e 73 74 2e 69 6e 70 75 74 20 3f 20 69 6e 73 74 2e 69 6e 70 75 74 5b 30 5d 20 3a 20 6e 75 6c 6c 29 2c 0d 0a 09 09 09 09 09 09 09 5b 70 72 69 6e 74 44 61 74 65 2c 20 69 6e 73 74 5d
                Data Ascii: '') + ';' + // highlight selection week(!showStatus || (otherMonth && !showOtherMonths) ? '' : 'jQuery(\'#ui-datepicker-status-' +inst.id + '\').html(\'' + (dateStatus.apply((inst.input ? inst.input[0] : null),[printDate, inst]
                2022-10-03 09:56:39 UTC194INData Raw: 65 73 53 68 6f 72 74 3a 20 74 68 69 73 2e 5f 67 65 74 28 69 6e 73 74 2c 20 27 64 61 79 4e 61 6d 65 73 53 68 6f 72 74 27 29 2c 20 64 61 79 4e 61 6d 65 73 3a 20 74 68 69 73 2e 5f 67 65 74 28 69 6e 73 74 2c 20 27 64 61 79 4e 61 6d 65 73 27 29 2c 0d 0a 09 09 09 6d 6f 6e 74 68 4e 61 6d 65 73 53 68 6f 72 74 3a 20 74 68 69 73 2e 5f 67 65 74 28 69 6e 73 74 2c 20 27 6d 6f 6e 74 68 4e 61 6d 65 73 53 68 6f 72 74 27 29 2c 20 6d 6f 6e 74 68 4e 61 6d 65 73 3a 20 74 68 69 73 2e 5f 67 65 74 28 69 6e 73 74 2c 20 27 6d 6f 6e 74 68 4e 61 6d 65 73 27 29 7d 3b 0d 0a 09 7d 2c 0d 0a 0d 0a 09 2f 2a 20 46 6f 72 6d 61 74 20 74 68 65 20 67 69 76 65 6e 20 64 61 74 65 20 66 6f 72 20 64 69 73 70 6c 61 79 2e 20 2a 2f 0d 0a 09 5f 66 6f 72 6d 61 74 44 61 74 65 3a 20 66 75 6e 63 74 69 6f
                Data Ascii: esShort: this._get(inst, 'dayNamesShort'), dayNames: this._get(inst, 'dayNames'),monthNamesShort: this._get(inst, 'monthNamesShort'), monthNames: this._get(inst, 'monthNames')};},/* Format the given date for display. */_formatDate: functio


                Session IDSource IPSource PortDestination IPDestination PortProcess
                13192.168.2.54972084.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC196OUTGET /_lib/community/css/1/flora.css HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://expressinvoice.mijnparagon-cc.nl/_lib/community/css/1/controls.css
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC200INHTTP/1.1 200 OK
                Content-Type: text/css
                Last-Modified: Mon, 09 Mar 2015 10:46:29 GMT
                Accept-Ranges: bytes
                ETag: "87acb64c565ad01:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 0


                Session IDSource IPSource PortDestination IPDestination PortProcess
                14192.168.2.54972184.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC196OUTGET /_lib/css/jquery/flora/flora.css HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://expressinvoice.mijnparagon-cc.nl/_lib/css/jquery/flora/flora.all.css
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC200INHTTP/1.1 200 OK
                Content-Type: text/css
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 100
                2022-10-03 09:56:39 UTC201INData Raw: 2e 75 69 2d 77 72 61 70 70 65 72 20 7b 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 39 39 39 39 39 39 3b 20 7d 0d 0a 2e 75 69 2d 77 72 61 70 70 65 72 20 69 6e 70 75 74 2c 20 2e 75 69 2d 77 72 61 70 70 65 72 20 74 65 78 74 61 72 65 61 20 7b 20 62 6f 72 64 65 72 3a 20 30 3b 20 7d 0d 0a
                Data Ascii: .ui-wrapper { border: 1px solid #999999; }.ui-wrapper input, .ui-wrapper textarea { border: 0; }


                Session IDSource IPSource PortDestination IPDestination PortProcess
                15192.168.2.54972484.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC197OUTGET /_lib/css/jquery/flora/flora.accordion.css HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://expressinvoice.mijnparagon-cc.nl/_lib/css/jquery/flora/flora.all.css
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC201INHTTP/1.1 200 OK
                Content-Type: text/css
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 1378
                2022-10-03 09:56:39 UTC201INData Raw: 2e 75 69 2d 61 63 63 6f 72 64 69 6f 6e 20 7b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 20 6c 69 73 74 2d 73 74 79 6c 65 2d 74 79 70 65 3a 20 6e 6f 6e 65 3b 20 7d 0d 0a 2e 75 69 2d 61 63 63 6f 72 64 69 6f 6e 20 6c 69 20 7b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 32 70 78 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 20 7d 0d 0a 2e 75 69 2d 61 63 63 6f 72 64 69 6f 6e 20 6c 69 20 2e 75 69 2d 61 63 63 6f 72 64 69 6f 6e 2d 68 65 61 64 65 72 20 7b 0d 0a 09 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0d 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 35 70 78 3b 0d 0a 09 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 33 70 78 3b 0d 0a 09 68 65 69 67 68 74 3a 20 32 38 70 78 3b 0d 0a 09 62 61 63 6b 67 72 6f
                Data Ascii: .ui-accordion { margin: 0; padding: 0; list-style-type: none; }.ui-accordion li { margin: 0; margin-bottom: 2px; padding: 0; }.ui-accordion li .ui-accordion-header {display: block;padding-left: 5px;margin-right: 3px;height: 28px;backgro


                Session IDSource IPSource PortDestination IPDestination PortProcess
                16192.168.2.54972584.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC198OUTGET /_lib/css/jquery/flora/flora.datepicker.css HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://expressinvoice.mijnparagon-cc.nl/_lib/css/jquery/flora/flora.all.css
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC203INHTTP/1.1 200 OK
                Content-Type: text/css
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 4537
                2022-10-03 09:56:39 UTC203INData Raw: 2f 2a 20 4d 61 69 6e 20 46 6c 6f 72 61 20 53 74 79 6c 65 20 53 68 65 65 74 20 66 6f 72 20 6a 51 75 65 72 79 20 55 49 20 75 69 2d 64 61 74 65 70 69 63 6b 65 72 20 2a 2f 0d 0a 23 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d 64 69 76 2c 20 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d 69 6e 6c 69 6e 65 20 7b 0d 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 0d 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0d 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0d 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0d 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 45 30 46 34 44 37 3b 0d 0a 09 77 69 64 74 68 3a 20 31 38 35 70 78 3b 0d 0a 7d 0d 0a 23 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d 64 69 76 20 7b 0d
                Data Ascii: /* Main Flora Style Sheet for jQuery UI ui-datepicker */#ui-datepicker-div, .ui-datepicker-inline {font-family: Arial,Helvetica,sans-serif;font-size: 14px;padding: 0;margin: 0;background: #E0F4D7;width: 185px;}#ui-datepicker-div {


                Session IDSource IPSource PortDestination IPDestination PortProcess
                17192.168.2.54972284.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC198OUTGET /_lib/css/jquery/flora/flora.dialog.css HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://expressinvoice.mijnparagon-cc.nl/_lib/css/jquery/flora/flora.all.css
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC208INHTTP/1.1 200 OK
                Content-Type: text/css
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 3338
                2022-10-03 09:56:39 UTC208INData Raw: 2f 2a 20 54 68 69 73 20 66 69 6c 65 20 73 6b 69 6e 73 20 64 69 61 6c 6f 67 20 2a 2f 0d 0a 0d 0a 2e 66 6c 6f 72 61 20 2e 75 69 2d 64 69 61 6c 6f 67 2c 0d 0a 2e 66 6c 6f 72 61 2e 75 69 2d 64 69 61 6c 6f 67 20 7b 0d 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 65 36 66 37 64 34 3b 0d 0a 7d 0d 0a 0d 0a 2e 66 6c 6f 72 61 20 2e 75 69 2d 64 69 61 6c 6f 67 20 2e 75 69 2d 64 69 61 6c 6f 67 2d 74 69 74 6c 65 62 61 72 2c 0d 0a 2e 66 6c 6f 72 61 2e 75 69 2d 64 69 61 6c 6f 67 20 2e 75 69 2d 64 69 61 6c 6f 67 2d 74 69 74 6c 65 62 61 72 20 7b 0d 0a 09 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 64 38 64 32 61 61 3b 0d 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 39 39 30 30 20 75 72 6c 28 69 2f 64 69 61 6c 6f 67
                Data Ascii: /* This file skins dialog */.flora .ui-dialog,.flora.ui-dialog {background-color: #e6f7d4;}.flora .ui-dialog .ui-dialog-titlebar,.flora.ui-dialog .ui-dialog-titlebar {border-bottom: 1px solid #d8d2aa;background: #ff9900 url(i/dialog


                Session IDSource IPSource PortDestination IPDestination PortProcess
                18192.168.2.54972384.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC199OUTGET /_lib/css/jquery/flora/flora.resizable.css HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://expressinvoice.mijnparagon-cc.nl/_lib/css/jquery/flora/flora.all.css
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC211INHTTP/1.1 200 OK
                Content-Type: text/css
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 1688
                2022-10-03 09:56:39 UTC212INData Raw: 2f 2a 20 54 68 69 73 20 66 69 6c 65 20 73 6b 69 6e 73 20 72 65 73 69 7a 61 62 6c 65 73 20 2a 2f 0d 0a 0d 0a 2e 75 69 2d 72 65 73 69 7a 61 62 6c 65 20 7b 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 20 7d 0d 0a 0d 0a 2f 2a 20 47 6c 6f 62 61 6c 20 68 61 6e 64 6c 65 20 73 74 79 6c 65 73 20 2a 2f 0d 0a 2e 75 69 2d 72 65 73 69 7a 61 62 6c 65 2d 68 61 6e 64 6c 65 20 7b 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 30 2e 31 70 78 3b 20 7d 0d 0a 2e 75 69 2d 72 65 73 69 7a 61 62 6c 65 20 2e 75 69 2d 72 65 73 69 7a 61 62 6c 65 2d 68 61 6e 64 6c 65 20 7b 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 20 7d 0d 0a 62 6f 64 79 20 2e 75 69 2d 72 65 73 69 7a 61
                Data Ascii: /* This file skins resizables */.ui-resizable { position: relative; }/* Global handle styles */.ui-resizable-handle { position: absolute; display: none; font-size: 0.1px; }.ui-resizable .ui-resizable-handle { display: block; }body .ui-resiza


                Session IDSource IPSource PortDestination IPDestination PortProcess
                19192.168.2.54972784.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC213OUTGET /_lib/css/jquery/flora/flora.slider.css HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://expressinvoice.mijnparagon-cc.nl/_lib/css/jquery/flora/flora.all.css
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC215INHTTP/1.1 200 OK
                Content-Type: text/css
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 751
                2022-10-03 09:56:39 UTC215INData Raw: 2f 2a 20 54 68 69 73 20 66 69 6c 65 20 73 6b 69 6e 73 20 73 6c 69 64 65 72 73 20 2a 2f 0d 0a 0d 0a 2e 75 69 2d 73 6c 69 64 65 72 20 7b 20 77 69 64 74 68 3a 20 32 30 30 70 78 3b 20 68 65 69 67 68 74 3a 20 32 33 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 6e 6f 2d 72 65 70 65 61 74 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 63 65 6e 74 65 72 20 63 65 6e 74 65 72 3b 20 7d 0d 0a 2e 75 69 2d 73 6c 69 64 65 72 2d 68 61 6e 64 6c 65 20 7b 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 20 7a 2d 69 6e 64 65 78 3a 20 31 3b 20 68 65 69 67 68 74 3a 20 32 33 70 78 3b 20 77 69 64 74 68 3a 20 31 32 70 78 3b 20 74 6f 70 3a 20 30 70 78 3b 20 6c 65 66
                Data Ascii: /* This file skins sliders */.ui-slider { width: 200px; height: 23px; position: relative; background-repeat: no-repeat; background-position: center center; }.ui-slider-handle { position: absolute; z-index: 1; height: 23px; width: 12px; top: 0px; lef


                Session IDSource IPSource PortDestination IPDestination PortProcess
                2192.168.2.54970884.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:38 UTC4OUTGET / HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2022-10-03 09:56:38 UTC5INHTTP/1.1 200 OK
                Cache-Control: private, no-store
                Content-Type: text/html; charset=utf-8
                Server: Microsoft-IIS/8.5
                X-AspNet-Version: 2.0.50727
                Set-Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf; path=/; HttpOnly
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 10302
                2022-10-03 09:56:38 UTC5INData Raw: 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70
                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta http
                2022-10-03 09:56:38 UTC10INData Raw: 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 73 65 72 49 6e 66 6f 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 4e 69 63 68 74 20 61 6e 67 65 6d 65 6c 64 65 74 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 69 67 6e 4f 75 74 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 61 6e 67 75 61 67 65 53 65 6c 65 63 74 69 6f 6e 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 65 6c 65 63 74 20 6e 61 6d 65 3d 22 64 64 6c 43 75 6c 74 75 72 65 22 20 6f 6e 63
                Data Ascii: <div class="userInfo"> Nicht angemeldet </div> <div class="signOut"> </div> <div class="languageSelection"> <select name="ddlCulture" onc


                Session IDSource IPSource PortDestination IPDestination PortProcess
                20192.168.2.54972884.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC214OUTGET /_lib/css/jquery/flora/flora.tabs.css HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://expressinvoice.mijnparagon-cc.nl/_lib/css/jquery/flora/flora.all.css
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC216INHTTP/1.1 200 OK
                Content-Type: text/css
                Last-Modified: Mon, 12 Sep 2022 06:20:45 GMT
                Accept-Ranges: bytes
                ETag: "1999e8ca6fc6d81:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 60
                2022-10-03 09:56:39 UTC217INData Raw: 2f 2a 20 68 61 62 72 61 20 32 30 32 32 30 39 31 32 20 74 6f 65 67 65 76 6f 65 67 64 20 2d 20 6f 6e 74 62 72 65 6b 65 6e 64 20 76 6f 6c 67 65 6e 73 20 46 31 32 20 2a 2f 0d 0a 0d 0a
                Data Ascii: /* habra 20220912 toegevoegd - ontbrekend volgens F12 */


                Session IDSource IPSource PortDestination IPDestination PortProcess
                21192.168.2.54973084.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC217OUTGET /_lib/community/img/1/background-page.gif HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: image
                Referer: https://expressinvoice.mijnparagon-cc.nl/_lib/community/css/1/masterLayout.css
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC219INHTTP/1.1 200 OK
                Content-Type: image/gif
                Last-Modified: Fri, 22 Oct 2021 10:00:30 GMT
                Accept-Ranges: bytes
                ETag: "f2ccbca52bc7d71:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:39 GMT
                Connection: close
                Content-Length: 68
                2022-10-03 09:56:39 UTC219INData Raw: 47 49 46 38 37 61 03 00 82 00 a1 02 00 4d 14 8c ff 66 00 ff ff ff ff ff ff 2c 00 00 00 00 03 00 82 00 40 02 1d 94 8f a9 6b e0 0f a3 64 b4 1e 89 a3 dd bc d7 0c 86 a0 47 96 e6 89 7a e2 ca b6 6e 58 00 00 3b
                Data Ascii: GIF87aMf,@kdGznX;


                Session IDSource IPSource PortDestination IPDestination PortProcess
                22192.168.2.54973184.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC217OUTGET /_lib/community/img/1/logo.png HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: image
                Referer: https://expressinvoice.mijnparagon-cc.nl/_lib/community/css/1/colorScheme.css
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC219INHTTP/1.1 200 OK
                Content-Type: image/png
                Last-Modified: Fri, 22 Oct 2021 09:47:11 GMT
                Accept-Ranges: bytes
                ETag: "116585c929c7d71:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:39 GMT
                Connection: close
                Content-Length: 8190
                2022-10-03 09:56:39 UTC220INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 03 34 00 00 00 4b 08 06 00 00 00 a6 ee c2 fe 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 0a 3a 69 43 43 50 50 68 6f 74 6f 73 68 6f 70 20 49 43 43 20 70 72 6f 66 69 6c 65 00 00 48 89 9d 96 77 54 54 d7 16 87 cf bd 77 7a a1 cd 30 14 29 43 ef bd 0d 20 bd 37 a9 d2 44 61 98 19 60 28 03 0e 33 34 b1 21 a2 02 11 45 44 04 15 41 82 22 06 8c 86 22 b1 22 8a 85 80 60 c1 1e 90 20 a0 c4 60 14 51 51 79 33 b2 56 74 e5 e5 bd 97 97 df 1f 67 7d 6b 9f bd f7 3d 67 ef 7d d6 ba 00 90 bc fd b9 bc 74 58 0a 80 34 9e 80 1f e2 e5 4a 8f 8c 8a a6 63 fb 01 0c f0 00 03 cc 00 60 b2 32 33 02 42 3d c3 80 48 3e 1e 6e f4 4c 91 13 f8 22 08 80 37 77 c4 2b 00 37 8d bc 83 e8 74 f0 ff 49 9a 95 c1 17 88 d2 04 89 d8 82 cd c9 64 89 b8 50
                Data Ascii: PNGIHDR4KgAMAa:iCCPPhotoshop ICC profileHwTTwz0)C 7Da`(34!EDA"""` `QQy3Vtg}k=g}tX4Jc`23B=H>nL"7w+7tIdP
                2022-10-03 09:56:39 UTC225INData Raw: 8e d6 e4 ce 82 d3 bb a1 f8 ba d8 56 65 93 81 50 73 71 67 75 a4 95 d3 42 85 9d 3f 7d 36 52 c7 77 a4 4e 74 24 db 8c 64 94 e7 c2 ef 44 5b 3f 9a a0 30 d2 f1 86 6b e3 48 b6 13 6b 1b 8f 75 bb c6 da 46 22 22 22 32 de 81 c6 18 fb 83 89 b7 c5 71 cb 7d 65 1c 7b af 8e c6 9a ae 21 9d 8b 6d 2f 56 50 be e9 0c 49 69 36 00 ba da 7a e9 73 86 5e 19 ed e6 fb ca 58 74 73 21 7d 4e 0f 87 77 9c a5 a7 bd 2f e4 49 1c de 56 cb 91 ed b5 00 f8 fd 81 98 96 f1 8d 59 4f 1b bc fe 33 d8 bf 3e 74 10 0a 18 70 f3 df c0 0d 0f c2 fa ef c3 fe 17 43 d7 ab 29 87 57 7e 10 1c 7d 29 5e 36 b8 cc ef 87 d6 ea 60 70 a9 78 27 18 6c ba 9a 60 ea 22 a8 d9 0f 1d f5 0a 34 44 be 7c f3 70 23 2e 17 97 45 13 4c 2e 1c f1 09 d7 f1 8d b4 43 1f e9 36 47 fa 4e 24 fb 1f 69 a4 2a 9a b6 1c cd b6 22 09 6b 91 b4 71 b4 db
                Data Ascii: VePsqguB?}6RwNt$dD[?0kHkuF"""2q}e{!m/VPIi6zs^Xts!}Nw/IVYO3>tpC)W~})^6`px'l`"4D|p#.EL.C6GN$i*"kq


                Session IDSource IPSource PortDestination IPDestination PortProcess
                23192.168.2.54972984.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC218OUTGET /_lib/img/icons/loggedIn.gif HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: image
                Referer: https://expressinvoice.mijnparagon-cc.nl/_lib/community/css/1/masterLayout.css
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC228INHTTP/1.1 200 OK
                Content-Type: image/gif
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:39 GMT
                Connection: close
                Content-Length: 153
                2022-10-03 09:56:39 UTC228INData Raw: 47 49 46 38 39 61 12 00 0e 00 b3 0f 00 e3 e3 e2 e5 e5 e4 e1 e0 df fd fd fd de de d9 e0 df de de de dd a6 a5 98 e0 e0 df fe fe fe de de dc dd dd db a5 a4 97 a6 a5 99 ff ff ff ff ff ff 21 f9 04 01 00 00 0f 00 2c 00 00 00 00 12 00 0e 00 00 04 46 f0 c9 49 ab bd 78 b6 9d 6b 73 60 d3 69 49 29 8e 4f 53 26 67 d7 10 db db 5e cd 62 df 4b 1b 6b 4a 6f f4 8a 59 63 70 3a 14 18 02 84 00 39 4b 11 53 00 06 60 2a 15 3e 53 01 46 60 ab d5 71 24 8c f0 24 cc 40 99 25 11 00 3b
                Data Ascii: GIF89a!,FIxks`iI)OS&g^bKkJoYcp:9KS`*>SF`q$$@%;


                Session IDSource IPSource PortDestination IPDestination PortProcess
                24192.168.2.54973284.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC228OUTGET /_lib/community/img/1/menu_arrow.gif HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: image
                Referer: https://expressinvoice.mijnparagon-cc.nl/_lib/community/css/1/masterLayout.css
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC231INHTTP/1.1 200 OK
                Content-Type: image/gif
                Last-Modified: Thu, 16 Oct 2014 12:16:23 GMT
                Accept-Ranges: bytes
                ETag: "4717003be9cf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:39 GMT
                Connection: close
                Content-Length: 51
                2022-10-03 09:56:39 UTC231INData Raw: 47 49 46 38 39 61 05 00 07 00 80 01 00 99 99 99 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 05 00 07 00 00 02 0a 04 82 61 a9 97 db 10 84 a1 00 00 3b
                Data Ascii: GIF89a!,a;


                Session IDSource IPSource PortDestination IPDestination PortProcess
                25192.168.2.54973484.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC229OUTGET /_lib/community/css/1/i/tabs.gif HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: image
                Referer: https://expressinvoice.mijnparagon-cc.nl/_lib/community/css/1/controls.css
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC231INHTTP/1.1 404 Not Found
                Content-Type: text/html
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:39 GMT
                Connection: close
                Content-Length: 1245
                2022-10-03 09:56:39 UTC232INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c
                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>404 - Fil


                Session IDSource IPSource PortDestination IPDestination PortProcess
                26192.168.2.54973384.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC230OUTGET /_lib/img/contentWindow.gif HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: image
                Referer: https://expressinvoice.mijnparagon-cc.nl/_lib/community/css/1/content.css
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC233INHTTP/1.1 200 OK
                Content-Type: image/gif
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:39 GMT
                Connection: close
                Content-Length: 316
                2022-10-03 09:56:39 UTC233INData Raw: 47 49 46 38 39 61 0c 00 a0 00 c4 00 00 fe fe fe fd fd fd fb fb fb fc fc fc ea ea ea f4 f4 f4 e7 e7 e7 f2 f2 f2 fa fa fa f8 f8 f8 f0 f0 f0 ec ec ec f6 f6 f6 f5 f5 f5 ed ed ed ef ef ef e6 e6 e6 f7 f7 f7 e3 e3 e3 f3 f3 f3 f1 f1 f1 e8 e8 e8 e2 e2 e2 e9 e9 e9 e4 e4 e4 eb eb eb f9 f9 f9 ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 21 f9 04 00 00 00 00 00 2c 00 00 00 00 0c 00 a0 00 00 05 b9 a0 24 59 a4 68 4a 18 a4 ae 2c 64 bc f0 5b cd d5 15 df 32 a1 ef 7c ef eb 99 85 70 48 14 3a 8e c8 e4 f1 c1 6c 3a 99 8a a8 74 1a 3d 50 ae d7 83 76 cb ed 6e 0b 93 70 b8 40 2e 9b cf e5 86 7a cd 56 33 de f0 f8 3b 42 af d7 13 f8 bc 3e af e9 fb ff 7d 08 08 80 80 82 84 7f 86 87 1a 82 8c 8d 8d 02 90 91 92 93 94 92 03 97 98 99 98 01 9c 9d 9e 9f a0 9d 9a a3 03 a1 9f 00 a8 a9 aa a8 1b ad
                Data Ascii: GIF89a!,$YhJ,d[2|pH:l:t=Pvnp@.zV3;B>}


                Session IDSource IPSource PortDestination IPDestination PortProcess
                27192.168.2.54973584.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC234OUTGET /favicon.ico HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: image
                Referer: https://expressinvoice.mijnparagon-cc.nl/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:40 UTC234INHTTP/1.1 404 Not Found
                Content-Type: text/html
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:39 GMT
                Connection: close
                Content-Length: 1245
                2022-10-03 09:56:40 UTC235INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c
                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>404 - Fil


                Session IDSource IPSource PortDestination IPDestination PortProcess
                28192.168.2.54974184.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:41 UTC236OUTGET /_lib/community/img/1/background-page.gif HTTP/1.1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
                Host: expressinvoice.mijnparagon-cc.nl
                2022-10-03 09:56:41 UTC236INHTTP/1.1 200 OK
                Content-Type: image/gif
                Last-Modified: Fri, 22 Oct 2021 10:00:30 GMT
                Accept-Ranges: bytes
                ETag: "f2ccbca52bc7d71:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:41 GMT
                Connection: close
                Content-Length: 68
                2022-10-03 09:56:41 UTC237INData Raw: 47 49 46 38 37 61 03 00 82 00 a1 02 00 4d 14 8c ff 66 00 ff ff ff ff ff ff 2c 00 00 00 00 03 00 82 00 40 02 1d 94 8f a9 6b e0 0f a3 64 b4 1e 89 a3 dd bc d7 0c 86 a0 47 96 e6 89 7a e2 ca b6 6e 58 00 00 3b
                Data Ascii: GIF87aMf,@kdGznX;


                Session IDSource IPSource PortDestination IPDestination PortProcess
                29192.168.2.54974084.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:41 UTC236OUTGET /_lib/community/img/1/logo.png HTTP/1.1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
                Host: expressinvoice.mijnparagon-cc.nl
                2022-10-03 09:56:41 UTC237INHTTP/1.1 200 OK
                Content-Type: image/png
                Last-Modified: Fri, 22 Oct 2021 09:47:11 GMT
                Accept-Ranges: bytes
                ETag: "116585c929c7d71:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:41 GMT
                Connection: close
                Content-Length: 8190
                2022-10-03 09:56:41 UTC237INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 03 34 00 00 00 4b 08 06 00 00 00 a6 ee c2 fe 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 0a 3a 69 43 43 50 50 68 6f 74 6f 73 68 6f 70 20 49 43 43 20 70 72 6f 66 69 6c 65 00 00 48 89 9d 96 77 54 54 d7 16 87 cf bd 77 7a a1 cd 30 14 29 43 ef bd 0d 20 bd 37 a9 d2 44 61 98 19 60 28 03 0e 33 34 b1 21 a2 02 11 45 44 04 15 41 82 22 06 8c 86 22 b1 22 8a 85 80 60 c1 1e 90 20 a0 c4 60 14 51 51 79 33 b2 56 74 e5 e5 bd 97 97 df 1f 67 7d 6b 9f bd f7 3d 67 ef 7d d6 ba 00 90 bc fd b9 bc 74 58 0a 80 34 9e 80 1f e2 e5 4a 8f 8c 8a a6 63 fb 01 0c f0 00 03 cc 00 60 b2 32 33 02 42 3d c3 80 48 3e 1e 6e f4 4c 91 13 f8 22 08 80 37 77 c4 2b 00 37 8d bc 83 e8 74 f0 ff 49 9a 95 c1 17 88 d2 04 89 d8 82 cd c9 64 89 b8 50
                Data Ascii: PNGIHDR4KgAMAa:iCCPPhotoshop ICC profileHwTTwz0)C 7Da`(34!EDA"""` `QQy3Vtg}k=g}tX4Jc`23B=H>nL"7w+7tIdP
                2022-10-03 09:56:41 UTC243INData Raw: 8e d6 e4 ce 82 d3 bb a1 f8 ba d8 56 65 93 81 50 73 71 67 75 a4 95 d3 42 85 9d 3f 7d 36 52 c7 77 a4 4e 74 24 db 8c 64 94 e7 c2 ef 44 5b 3f 9a a0 30 d2 f1 86 6b e3 48 b6 13 6b 1b 8f 75 bb c6 da 46 22 22 22 32 de 81 c6 18 fb 83 89 b7 c5 71 cb 7d 65 1c 7b af 8e c6 9a ae 21 9d 8b 6d 2f 56 50 be e9 0c 49 69 36 00 ba da 7a e9 73 86 5e 19 ed e6 fb ca 58 74 73 21 7d 4e 0f 87 77 9c a5 a7 bd 2f e4 49 1c de 56 cb 91 ed b5 00 f8 fd 81 98 96 f1 8d 59 4f 1b bc fe 33 d8 bf 3e 74 10 0a 18 70 f3 df c0 0d 0f c2 fa ef c3 fe 17 43 d7 ab 29 87 57 7e 10 1c 7d 29 5e 36 b8 cc ef 87 d6 ea 60 70 a9 78 27 18 6c ba 9a 60 ea 22 a8 d9 0f 1d f5 0a 34 44 be 7c f3 70 23 2e 17 97 45 13 4c 2e 1c f1 09 d7 f1 8d b4 43 1f e9 36 47 fa 4e 24 fb 1f 69 a4 2a 9a b6 1c cd b6 22 09 6b 91 b4 71 b4 db
                Data Ascii: VePsqguB?}6RwNt$dD[?0kHkuF"""2q}e{!m/VPIi6zs^Xts!}Nw/IVYO3>tpC)W~})^6`px'l`"4D|p#.EL.C6GN$i*"kq


                Session IDSource IPSource PortDestination IPDestination PortProcess
                3192.168.2.54970984.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:38 UTC15OUTGET /_lib/community/css/1/masterLayout.css HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://expressinvoice.mijnparagon-cc.nl/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:38 UTC19INHTTP/1.1 200 OK
                Content-Type: text/css
                Last-Modified: Tue, 30 Nov 2021 14:18:58 GMT
                Accept-Ranges: bytes
                ETag: "d6b61e37f5e5d71:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 9428
                2022-10-03 09:56:38 UTC20INData Raw: 2f 2a 20 4d 41 53 54 45 52 4c 41 59 4f 55 54 20 2a 2f 0d 0a 68 74 6d 6c 20 7b 20 0d 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 0d 0a 7d 0d 0a 62 6f 64 79 20 7b 20 0d 0a 09 6d 61 72 67 69 6e 3a 30 3b 0d 0a 09 70 61 64 64 69 6e 67 3a 30 3b 0d 0a 09 62 6f 72 64 65 72 3a 30 3b 0d 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0d 0a 09 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 0d 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 23 43 43 43 43 43 43 20 75 72 6c 28 2e 2e 2f 2e 2e 2f 2e 2e 2f 69 6d 67 2f 73 68 61 64 6f 77 2e 67 69 66 29 20 72 65 70 65 61 74 2d 79 20 63 65 6e 74 65 72 20 74 6f 70 3b 0d 0a 09 66 6f 6e 74 3a 6e 6f 72 6d 61 6c 20 31 32 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69
                Data Ascii: /* MASTERLAYOUT */html { width:100%; height:100%; }body { margin:0;padding:0;border:0;width:100%;min-height:100%;background:#CCCCCC url(../../../img/shadow.gif) repeat-y center top;font:normal 12px Arial, Helvetica, sans-seri
                2022-10-03 09:56:38 UTC25INData Raw: 0d 0a 09 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 0d 0a 09 09 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 0d 0a 09 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 38 70 78 3b 0d 0a 09 09 70 61 64 64 69 6e 67 3a 30 70 78 20 30 70 78 20 30 70 78 20 35 70 78 3b 0d 0a 09 09 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 0d 0a 09 09 6d 61 72 67 69 6e 3a 30 70 78 3b 0d 0a 09 7d 0d 0a 09 2e 63 6f 6c 52 69 67 68 74 20 2e 66 61 76 6f 72 69 74 65 73 20 2e 74 69 74 6c 65 20 7b 0d 0a 09 09 62 61 63 6b 67 72 6f 75 6e 64 3a 23 41 41 41 41 41 41 20 75 72 6c 28 2e 2e 2f 2e 2e 2f 2e 2e 2f 69 6d 67 2f 62 67 53 74 61 72 2e 67 69 66 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 20 74 6f 70 3b 0d 0a 09 09 70 61 64 64 69 6e 67 3a 30 70 78 20 30 70 78 20 30 70 78 20
                Data Ascii: font-weight:bold;font-size:14px;line-height:18px;padding:0px 0px 0px 5px;overflow:hidden;margin:0px;}.colRight .favorites .title {background:#AAAAAA url(../../../img/bgStar.gif) no-repeat left top;padding:0px 0px 0px


                Session IDSource IPSource PortDestination IPDestination PortProcess
                30192.168.2.54974384.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:42 UTC245OUTGET /_lib/community/img/1/menu_arrow.gif HTTP/1.1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
                Host: expressinvoice.mijnparagon-cc.nl
                2022-10-03 09:56:42 UTC246INHTTP/1.1 200 OK
                Content-Type: image/gif
                Last-Modified: Thu, 16 Oct 2014 12:16:23 GMT
                Accept-Ranges: bytes
                ETag: "4717003be9cf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:41 GMT
                Connection: close
                Content-Length: 51
                2022-10-03 09:56:42 UTC246INData Raw: 47 49 46 38 39 61 05 00 07 00 80 01 00 99 99 99 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 05 00 07 00 00 02 0a 04 82 61 a9 97 db 10 84 a1 00 00 3b
                Data Ascii: GIF89a!,a;


                Session IDSource IPSource PortDestination IPDestination PortProcess
                31192.168.2.54974284.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:42 UTC246OUTGET /_lib/img/icons/loggedIn.gif HTTP/1.1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
                Host: expressinvoice.mijnparagon-cc.nl
                2022-10-03 09:56:42 UTC247INHTTP/1.1 200 OK
                Content-Type: image/gif
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:41 GMT
                Connection: close
                Content-Length: 153
                2022-10-03 09:56:42 UTC247INData Raw: 47 49 46 38 39 61 12 00 0e 00 b3 0f 00 e3 e3 e2 e5 e5 e4 e1 e0 df fd fd fd de de d9 e0 df de de de dd a6 a5 98 e0 e0 df fe fe fe de de dc dd dd db a5 a4 97 a6 a5 99 ff ff ff ff ff ff 21 f9 04 01 00 00 0f 00 2c 00 00 00 00 12 00 0e 00 00 04 46 f0 c9 49 ab bd 78 b6 9d 6b 73 60 d3 69 49 29 8e 4f 53 26 67 d7 10 db db 5e cd 62 df 4b 1b 6b 4a 6f f4 8a 59 63 70 3a 14 18 02 84 00 39 4b 11 53 00 06 60 2a 15 3e 53 01 46 60 ab d5 71 24 8c f0 24 cc 40 99 25 11 00 3b
                Data Ascii: GIF89a!,FIxks`iI)OS&g^bKkJoYcp:9KS`*>SF`q$$@%;


                Session IDSource IPSource PortDestination IPDestination PortProcess
                32192.168.2.54974484.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:42 UTC246OUTGET /_lib/community/img/1/background-title.gif HTTP/1.1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
                Host: expressinvoice.mijnparagon-cc.nl
                2022-10-03 09:56:42 UTC247INHTTP/1.1 200 OK
                Content-Type: image/gif
                Last-Modified: Thu, 16 Oct 2014 12:16:23 GMT
                Accept-Ranges: bytes
                ETag: "f43d6f03be9cf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:41 GMT
                Connection: close
                Content-Length: 880
                2022-10-03 09:56:42 UTC248INData Raw: 47 49 46 38 39 61 91 02 22 00 b3 00 00 fe f0 e7 fd ef e6 fd fd fd ff f9 f4 ff f9 f5 bb bb bb 7e 80 85 7b 7d 81 ff ff ff ff 66 00 75 77 7c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21 f9 04 00 00 00 00 00 2c 00 00 00 00 91 02 22 00 00 04 ff 30 c9 49 2b 2d 38 eb cd bb ff 60 28 8e 64 69 9e 68 aa ae 6c eb be 70 2c cf 74 6d df b8 6b ed 7c cf 23 03 82 70 48 2c 1a 8f c8 a4 72 c9 6c 3a 9f d0 a8 74 4a ad 5a af d8 ac 76 cb ed 7a bf 4a 80 78 4c 2e 9b cf e8 b4 7a cd 6e a7 03 f0 b8 bc e0 ab db 2b 08 85 e1 a0 e8 eb f9 7e 7b 7e 7f 83 82 81 80 7d 86 89 88 84 87 85 8c 8a 8d 8b 8f 94 8e 96 93 97 92 9a 91 9c 90 9e 95 98 a1 9b 9f 99 9d a0 a3 a7 a6 a5 a4 a2 aa ad ac a8 ab a9 b0 ae b1 af b3 b8 b2 ba b7 bb b6 be b5 c0 b4 c2 b9 bc c5 bf c3 bd 82 02 74 77 cd 3e 08 c1 c4 c7 d2
                Data Ascii: GIF89a"~{}fuw|!,"0I+-8`(dihlp,tmk|#pH,rl:tJZvzJxL.zn+~{~}tw>


                Session IDSource IPSource PortDestination IPDestination PortProcess
                33192.168.2.54974584.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:42 UTC249OUTGET /_lib/community/css/1/i/tabs.gif HTTP/1.1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
                Host: expressinvoice.mijnparagon-cc.nl
                2022-10-03 09:56:42 UTC249INHTTP/1.1 404 Not Found
                Content-Type: text/html
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:41 GMT
                Connection: close
                Content-Length: 1245
                2022-10-03 09:56:42 UTC249INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c
                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>404 - Fil


                Session IDSource IPSource PortDestination IPDestination PortProcess
                34192.168.2.54974684.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:42 UTC249OUTGET /_lib/img/contentWindow.gif HTTP/1.1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
                Host: expressinvoice.mijnparagon-cc.nl
                2022-10-03 09:56:42 UTC251INHTTP/1.1 200 OK
                Content-Type: image/gif
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:41 GMT
                Connection: close
                Content-Length: 316
                2022-10-03 09:56:42 UTC251INData Raw: 47 49 46 38 39 61 0c 00 a0 00 c4 00 00 fe fe fe fd fd fd fb fb fb fc fc fc ea ea ea f4 f4 f4 e7 e7 e7 f2 f2 f2 fa fa fa f8 f8 f8 f0 f0 f0 ec ec ec f6 f6 f6 f5 f5 f5 ed ed ed ef ef ef e6 e6 e6 f7 f7 f7 e3 e3 e3 f3 f3 f3 f1 f1 f1 e8 e8 e8 e2 e2 e2 e9 e9 e9 e4 e4 e4 eb eb eb f9 f9 f9 ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 21 f9 04 00 00 00 00 00 2c 00 00 00 00 0c 00 a0 00 00 05 b9 a0 24 59 a4 68 4a 18 a4 ae 2c 64 bc f0 5b cd d5 15 df 32 a1 ef 7c ef eb 99 85 70 48 14 3a 8e c8 e4 f1 c1 6c 3a 99 8a a8 74 1a 3d 50 ae d7 83 76 cb ed 6e 0b 93 70 b8 40 2e 9b cf e5 86 7a cd 56 33 de f0 f8 3b 42 af d7 13 f8 bc 3e af e9 fb ff 7d 08 08 80 80 82 84 7f 86 87 1a 82 8c 8d 8d 02 90 91 92 93 94 92 03 97 98 99 98 01 9c 9d 9e 9f a0 9d 9a a3 03 a1 9f 00 a8 a9 aa a8 1b ad
                Data Ascii: GIF89a!,$YhJ,d[2|pH:l:t=Pvnp@.zV3;B>}


                Session IDSource IPSource PortDestination IPDestination PortProcess
                4192.168.2.54971084.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:38 UTC16OUTGET /_lib/community/css/1/controls.css HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://expressinvoice.mijnparagon-cc.nl/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:38 UTC29INHTTP/1.1 200 OK
                Content-Type: text/css
                Last-Modified: Thu, 16 Oct 2014 12:16:23 GMT
                Accept-Ranges: bytes
                ETag: "e0a06503be9cf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 6388
                2022-10-03 09:56:38 UTC29INData Raw: 40 69 6d 70 6f 72 74 20 22 66 6c 6f 72 61 2e 63 73 73 22 3b 0d 0a 0d 0a 2f 2a 20 43 61 75 74 69 6f 6e 21 20 45 6e 73 75 72 65 20 61 63 63 65 73 73 69 62 69 6c 69 74 79 20 69 6e 20 70 72 69 6e 74 20 61 6e 64 20 6f 74 68 65 72 20 6d 65 64 69 61 20 74 79 70 65 73 2e 2e 2e 20 2a 2f 0d 0a 40 6d 65 64 69 61 20 70 72 6f 6a 65 63 74 69 6f 6e 2c 20 73 63 72 65 65 6e 20 7b 20 2f 2a 20 55 73 65 20 63 6c 61 73 73 20 66 6f 72 20 73 68 6f 77 69 6e 67 2f 68 69 64 69 6e 67 20 74 61 62 20 63 6f 6e 74 65 6e 74 2c 20 73 6f 20 74 68 61 74 20 76 69 73 69 62 69 6c 69 74 79 20 63 61 6e 20 62 65 20 62 65 74 74 65 72 20 63 6f 6e 74 72 6f 6c 6c 65 64 20 69 6e 20 64 69 66 66 65 72 65 6e 74 20 6d 65 64 69 61 20 74 79 70 65 73 2e 2e 2e 20 2a 2f 0d 0a 20 20 20 20 2e 75 69 2d 74 61 62
                Data Ascii: @import "flora.css";/* Caution! Ensure accessibility in print and other media types... */@media projection, screen { /* Use class for showing/hiding tab content, so that visibility can be better controlled in different media types... */ .ui-tab
                2022-10-03 09:56:38 UTC35INData Raw: 73 73 77 6f 72 64 2c 0d 0a 2e 66 6c 64 56 61 72 69 61 6e 74 35 20 73 65 6c 65 63 74 2c 20 2e 66 6c 64 56 61 72 69 61 6e 74 35 20 74 65 78 74 61 72 65 61 2c 20 74 64 2e 66 6c 64 56 61 72 69 61 6e 74 35 20 7b 0d 0a 20 20 20 20 77 69 64 74 68 3a 33 30 30 70 78 3b 0d 0a 7d 0d 0a 69 6e 70 75 74 2e 66 6c 64 56 61 72 69 61 6e 74 36 2c 20 74 65 78 74 61 72 65 61 2e 66 6c 64 56 61 72 69 61 6e 74 36 2c 20 73 65 6c 65 63 74 2e 66 6c 64 56 61 72 69 61 6e 74 36 2c 20 66 69 6c 65 2e 66 6c 64 56 61 72 69 61 6e 74 36 2c 20 70 61 73 73 77 6f 72 64 2e 66 6c 64 56 61 72 69 61 6e 74 36 2c 0d 0a 74 64 2e 66 6c 64 56 61 72 69 61 6e 74 36 20 7b 0d 0a 20 20 20 20 77 69 64 74 68 3a 34 30 30 70 78 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 7d 0d 0a 74 65 78 74 61 72 65 61 2e 66 6c
                Data Ascii: ssword,.fldVariant5 select, .fldVariant5 textarea, td.fldVariant5 { width:300px;}input.fldVariant6, textarea.fldVariant6, select.fldVariant6, file.fldVariant6, password.fldVariant6,td.fldVariant6 { width:400px !important;}textarea.fl


                Session IDSource IPSource PortDestination IPDestination PortProcess
                5192.168.2.54971384.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:38 UTC17OUTGET /_lib/community/css/1/content.css HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://expressinvoice.mijnparagon-cc.nl/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:38 UTC36INHTTP/1.1 200 OK
                Content-Type: text/css
                Last-Modified: Thu, 16 Oct 2014 12:16:23 GMT
                Accept-Ranges: bytes
                ETag: "e0a06503be9cf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 3169
                2022-10-03 09:56:38 UTC36INData Raw: 61 20 7b 0d 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 0d 0a 7d 0d 0a 61 3a 68 6f 76 65 72 20 7b 0d 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 3b 0d 0a 20 20 20 20 2f 2a 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 0d 0a 20 20 20 20 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 3b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 36 36 36 36 36 36 3b 2a 2f 0d 0a 7d 0d 0a 2e 62 61 63 6b 42 75 74 74 6f 6e 2c 0d 0a 2e 62 61 63 6b 42 75 74 74 6f 6e 20 61 20 7b 0d 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 23 39 39 39 39 39 39 20 75 72 6c 28 2e 2e 2f 2e 2e 2f 2e 2e 2f 69 6d 67 2f 62 61 63 6b 42 75 74 74 6f 6e 2e 67 69 66 29 20 6e 6f 2d 72 65 70 65 61
                Data Ascii: a { text-decoration:none;}a:hover { text-decoration:underline; /*text-decoration:none; color:#FFFFFF; background-color:#666666;*/}.backButton,.backButton a {background:#999999 url(../../../img/backButton.gif) no-repea


                Session IDSource IPSource PortDestination IPDestination PortProcess
                6192.168.2.54971484.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:38 UTC17OUTGET /_lib/community/css/1/colorScheme.css HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://expressinvoice.mijnparagon-cc.nl/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:38 UTC39INHTTP/1.1 200 OK
                Content-Type: text/css
                Last-Modified: Tue, 30 Nov 2021 14:18:13 GMT
                Accept-Ranges: bytes
                ETag: "bc86501cf5e5d71:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 1611
                2022-10-03 09:56:38 UTC40INData Raw: ef bb bf 0d 0a 2f 2a 20 47 65 72 6d 61 6e 20 6c 6f 67 6f 20 2a 2f 0d 0a 2e 68 65 61 64 65 72 20 2e 6c 6f 67 6f 20 73 70 61 6e 20 7b 0d 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c 28 2e 2e 2f 2e 2e 2f 69 6d 67 2f 31 2f 6c 6f 67 6f 2e 70 6e 67 29 3b 09 09 2f 2a 20 43 6c 69 65 6e 74 20 6c 6f 67 6f 20 28 31 30 30 20 2a 20 37 30 29 20 2a 2f 0d 0a 09 77 69 64 74 68 3a 38 31 35 70 78 3b 0d 0a 09 68 65 69 67 68 74 3a 31 31 35 70 78 3b 0d 0a 09 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 20 2f 2a 6f 6c 64 3a 20 61 62 73 6f 6c 75 74 65 3b 2a 2f 0d 0a 09 6c 65 66 74 3a 20 31 70 78 3b 09 09 09 2f 2a 20 6f 6c 64 3a 20 33 33 70 78 3b 2a 2f 0d 0a 09 74 6f 70 3a 20 2d 32 30 70 78 3b 0d 0a 7d 0d 0a 0d 0a 0d 0a 2e 74 69 74 6c 65 41 72 72
                Data Ascii: /* German logo */.header .logo span {background-image:url(../../img/1/logo.png);/* Client logo (100 * 70) */width:815px;height:115px;position: relative; /*old: absolute;*/left: 1px;/* old: 33px;*/top: -20px;}.titleArr


                Session IDSource IPSource PortDestination IPDestination PortProcess
                7192.168.2.54971284.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:38 UTC18OUTGET /_lib/css/jquery/flora/flora.all.css HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://expressinvoice.mijnparagon-cc.nl/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:38 UTC41INHTTP/1.1 200 OK
                Content-Type: text/css
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 202
                2022-10-03 09:56:38 UTC42INData Raw: 40 69 6d 70 6f 72 74 20 22 66 6c 6f 72 61 2e 63 73 73 22 3b 0d 0a 40 69 6d 70 6f 72 74 20 22 66 6c 6f 72 61 2e 61 63 63 6f 72 64 69 6f 6e 2e 63 73 73 22 3b 0d 0a 40 69 6d 70 6f 72 74 20 22 66 6c 6f 72 61 2e 64 61 74 65 70 69 63 6b 65 72 2e 63 73 73 22 3b 0d 0a 40 69 6d 70 6f 72 74 20 22 66 6c 6f 72 61 2e 64 69 61 6c 6f 67 2e 63 73 73 22 3b 0d 0a 40 69 6d 70 6f 72 74 20 22 66 6c 6f 72 61 2e 72 65 73 69 7a 61 62 6c 65 2e 63 73 73 22 3b 0d 0a 40 69 6d 70 6f 72 74 20 22 66 6c 6f 72 61 2e 73 6c 69 64 65 72 2e 63 73 73 22 3b 0d 0a 40 69 6d 70 6f 72 74 20 22 66 6c 6f 72 61 2e 74 61 62 73 2e 63 73 73 22 3b
                Data Ascii: @import "flora.css";@import "flora.accordion.css";@import "flora.datepicker.css";@import "flora.dialog.css";@import "flora.resizable.css";@import "flora.slider.css";@import "flora.tabs.css";


                Session IDSource IPSource PortDestination IPDestination PortProcess
                8192.168.2.54971184.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:38 UTC19OUTGET /_lib/js/tntscripts.js HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: */*
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: script
                Referer: https://expressinvoice.mijnparagon-cc.nl/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:38 UTC42INHTTP/1.1 200 OK
                Content-Type: application/javascript
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 1600
                2022-10-03 09:56:38 UTC42INData Raw: 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 20 56 41 52 49 41 42 4c 45 53 20 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 0d 0a 76 61 72 20 6f 62 6a 42 6f 64 79 3b 0d 0a 0d 0a 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 20 53 54 41 52 54 20 42 4f 44 59 20 4c 4f 41 44 20 45 56 45 4e 54 53 20 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 0d 0a 66 75 6e 63 74 69 6f 6e 20 61 64 64 4c 6f 61 64 45 76 65 6e 74 28 66 75 6e 63 29 20 7b 0d 0a 20 20 76 61 72 20 6f 6c 64 6f 6e 6c 6f 61 64 20 3d 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3b 0d 0a 20 20 69 66 20 28 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 21 3d 20 27 66 75 6e 63 74 69 6f 6e 27 29 20 7b 0d 0a 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 3b 0d 0a 20 20 7d 20 65 6c 73 65 20 7b 0d 0a 20 20 20 20 77 69 6e 64 6f 77 2e
                Data Ascii: ////////// VARIABLES //////////var objBody;////////// START BODY LOAD EVENTS //////////function addLoadEvent(func) { var oldonload = window.onload; if (typeof window.onload != 'function') { window.onload = func; } else { window.


                Session IDSource IPSource PortDestination IPDestination PortProcess
                9192.168.2.54971684.241.158.7443C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampkBytes transferredDirectionData
                2022-10-03 09:56:39 UTC44OUTGET /_lib/js/jquery/jquery-1.2.6.min.js HTTP/1.1
                Host: expressinvoice.mijnparagon-cc.nl
                Connection: keep-alive
                sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: */*
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: script
                Referer: https://expressinvoice.mijnparagon-cc.nl/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: ASP.NET_SessionId=0flkt1efcw5ludfyrl5mikyf
                2022-10-03 09:56:39 UTC46INHTTP/1.1 200 OK
                Content-Type: application/javascript
                Last-Modified: Wed, 10 Sep 2014 12:51:00 GMT
                Accept-Ranges: bytes
                ETag: "09227dff5cccf1:0"
                Server: Microsoft-IIS/8.5
                X-Frame-Options: SAMEORIGIN
                Strict-Transport-Security: max-age=86400
                Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                Date: Mon, 03 Oct 2022 09:56:38 GMT
                Connection: close
                Content-Length: 55774
                2022-10-03 09:56:39 UTC47INData Raw: 2f 2a 0a 20 2a 20 6a 51 75 65 72 79 20 31 2e 32 2e 36 20 2d 20 4e 65 77 20 57 61 76 65 20 4a 61 76 61 73 63 72 69 70 74 0a 20 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 30 38 20 4a 6f 68 6e 20 52 65 73 69 67 20 28 6a 71 75 65 72 79 2e 63 6f 6d 29 0a 20 2a 20 44 75 61 6c 20 6c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 28 4d 49 54 2d 4c 49 43 45 4e 53 45 2e 74 78 74 29 0a 20 2a 20 61 6e 64 20 47 50 4c 20 28 47 50 4c 2d 4c 49 43 45 4e 53 45 2e 74 78 74 29 20 6c 69 63 65 6e 73 65 73 2e 0a 20 2a 0a 20 2a 20 24 44 61 74 65 3a 20 32 30 30 38 2d 30 35 2d 32 34 20 31 34 3a 32 32 3a 31 37 20 2d 30 34 30 30 20 28 53 61 74 2c 20 32 34 20 4d 61 79 20 32 30 30 38 29 20 24 0a 20 2a 20 24 52 65 76 3a 20 35 36 38 35 20 24 0a 20
                Data Ascii: /* * jQuery 1.2.6 - New Wave Javascript * * Copyright (c) 2008 John Resig (jquery.com) * Dual licensed under the MIT (MIT-LICENSE.txt) * and GPL (GPL-LICENSE.txt) licenses. * * $Date: 2008-05-24 14:22:17 -0400 (Sat, 24 May 2008) $ * $Rev: 5685 $
                2022-10-03 09:56:39 UTC52INData Raw: 6f 72 28 76 61 72 20 69 3d 6f 6e 65 3f 69 6e 64 65 78 3a 30 2c 6d 61 78 3d 6f 6e 65 3f 69 6e 64 65 78 2b 31 3a 6f 70 74 69 6f 6e 73 2e 6c 65 6e 67 74 68 3b 69 3c 6d 61 78 3b 69 2b 2b 29 7b 76 61 72 20 6f 70 74 69 6f 6e 3d 6f 70 74 69 6f 6e 73 5b 69 5d 3b 69 66 28 6f 70 74 69 6f 6e 2e 73 65 6c 65 63 74 65 64 29 7b 76 61 6c 75 65 3d 6a 51 75 65 72 79 2e 62 72 6f 77 73 65 72 2e 6d 73 69 65 26 26 21 6f 70 74 69 6f 6e 2e 61 74 74 72 69 62 75 74 65 73 2e 76 61 6c 75 65 2e 73 70 65 63 69 66 69 65 64 3f 6f 70 74 69 6f 6e 2e 74 65 78 74 3a 6f 70 74 69 6f 6e 2e 76 61 6c 75 65 3b 69 66 28 6f 6e 65 29 72 65 74 75 72 6e 20 76 61 6c 75 65 3b 76 61 6c 75 65 73 2e 70 75 73 68 28 76 61 6c 75 65 29 3b 7d 7d 72 65 74 75 72 6e 20 76 61 6c 75 65 73 3b 7d 65 6c 73 65 0a 72 65
                Data Ascii: or(var i=one?index:0,max=one?index+1:options.length;i<max;i++){var option=options[i];if(option.selected){value=jQuery.browser.msie&&!option.attributes.value.specified?option.text:option.value;if(one)return value;values.push(value);}}return values;}elsere
                2022-10-03 09:56:39 UTC60INData Raw: 76 61 72 20 63 61 6d 65 6c 43 61 73 65 3d 6e 61 6d 65 2e 72 65 70 6c 61 63 65 28 2f 5c 2d 28 5c 77 29 2f 67 2c 66 75 6e 63 74 69 6f 6e 28 61 6c 6c 2c 6c 65 74 74 65 72 29 7b 72 65 74 75 72 6e 20 6c 65 74 74 65 72 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 3b 7d 29 3b 72 65 74 3d 65 6c 65 6d 2e 63 75 72 72 65 6e 74 53 74 79 6c 65 5b 6e 61 6d 65 5d 7c 7c 65 6c 65 6d 2e 63 75 72 72 65 6e 74 53 74 79 6c 65 5b 63 61 6d 65 6c 43 61 73 65 5d 3b 69 66 28 21 2f 5e 5c 64 2b 28 70 78 29 3f 24 2f 69 2e 74 65 73 74 28 72 65 74 29 26 26 2f 5e 5c 64 2f 2e 74 65 73 74 28 72 65 74 29 29 7b 76 61 72 20 6c 65 66 74 3d 73 74 79 6c 65 2e 6c 65 66 74 2c 72 73 4c 65 66 74 3d 65 6c 65 6d 2e 72 75 6e 74 69 6d 65 53 74 79 6c 65 2e 6c 65 66 74 3b 65 6c 65 6d 2e 72 75 6e 74 69 6d 65
                Data Ascii: var camelCase=name.replace(/\-(\w)/g,function(all,letter){return letter.toUpperCase();});ret=elem.currentStyle[name]||elem.currentStyle[camelCase];if(!/^\d+(px)?$/i.test(ret)&&/^\d/.test(ret)){var left=style.left,rsLeft=elem.runtimeStyle.left;elem.runtime
                2022-10-03 09:56:39 UTC68INData Raw: 65 6c 65 6d 2c 70 72 6f 70 29 7b 72 65 74 75 72 6e 20 65 6c 65 6d 5b 30 5d 26 26 70 61 72 73 65 49 6e 74 28 6a 51 75 65 72 79 2e 63 75 72 43 53 53 28 65 6c 65 6d 5b 30 5d 2c 70 72 6f 70 2c 74 72 75 65 29 2c 31 30 29 7c 7c 30 3b 7d 76 61 72 20 63 68 61 72 73 3d 6a 51 75 65 72 79 2e 62 72 6f 77 73 65 72 2e 73 61 66 61 72 69 26 26 70 61 72 73 65 49 6e 74 28 6a 51 75 65 72 79 2e 62 72 6f 77 73 65 72 2e 76 65 72 73 69 6f 6e 29 3c 34 31 37 3f 22 28 3f 3a 5b 5c 5c 77 2a 5f 2d 5d 7c 5c 5c 5c 5c 2e 29 22 3a 22 28 3f 3a 5b 5c 5c 77 5c 75 30 31 32 38 2d 5c 75 46 46 46 46 2a 5f 2d 5d 7c 5c 5c 5c 5c 2e 29 22 2c 71 75 69 63 6b 43 68 69 6c 64 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 3e 5c 5c 73 2a 28 22 2b 63 68 61 72 73 2b 22 2b 29 22 29 2c 71 75 69 63 6b 49 44 3d 6e
                Data Ascii: elem,prop){return elem[0]&&parseInt(jQuery.curCSS(elem[0],prop,true),10)||0;}var chars=jQuery.browser.safari&&parseInt(jQuery.browser.version)<417?"(?:[\\w*_-]|\\\\.)":"(?:[\\w\u0128-\uFFFF*_-]|\\\\.)",quickChild=new RegExp("^>\\s*("+chars+"+)"),quickID=n
                2022-10-03 09:56:39 UTC96INData Raw: 65 64 7c 7c 28 74 79 70 65 6f 66 20 74 79 70 65 73 3d 3d 22 73 74 72 69 6e 67 22 26 26 74 79 70 65 73 2e 63 68 61 72 41 74 28 30 29 3d 3d 22 2e 22 29 29 66 6f 72 28 76 61 72 20 74 79 70 65 20 69 6e 20 65 76 65 6e 74 73 29 74 68 69 73 2e 72 65 6d 6f 76 65 28 65 6c 65 6d 2c 74 79 70 65 2b 28 74 79 70 65 73 7c 7c 22 22 29 29 3b 65 6c 73 65 7b 69 66 28 74 79 70 65 73 2e 74 79 70 65 29 7b 68 61 6e 64 6c 65 72 3d 74 79 70 65 73 2e 68 61 6e 64 6c 65 72 3b 74 79 70 65 73 3d 74 79 70 65 73 2e 74 79 70 65 3b 7d 6a 51 75 65 72 79 2e 65 61 63 68 28 74 79 70 65 73 2e 73 70 6c 69 74 28 2f 5c 73 2b 2f 29 2c 66 75 6e 63 74 69 6f 6e 28 69 6e 64 65 78 2c 74 79 70 65 29 7b 76 61 72 20 70 61 72 74 73 3d 74 79 70 65 2e 73 70 6c 69 74 28 22 2e 22 29 3b 74 79 70 65 3d 70 61 72
                Data Ascii: ed||(typeof types=="string"&&types.charAt(0)=="."))for(var type in events)this.remove(elem,type+(types||""));else{if(types.type){handler=types.handler;types=types.type;}jQuery.each(types.split(/\s+/),function(index,type){var parts=type.split(".");type=par
                2022-10-03 09:56:39 UTC104INData Raw: 61 72 65 6e 74 21 3d 65 6c 65 6d 29 74 72 79 7b 70 61 72 65 6e 74 3d 70 61 72 65 6e 74 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 7d 63 61 74 63 68 28 65 72 72 6f 72 29 7b 70 61 72 65 6e 74 3d 65 6c 65 6d 3b 7d 72 65 74 75 72 6e 20 70 61 72 65 6e 74 3d 3d 65 6c 65 6d 3b 7d 3b 6a 51 75 65 72 79 28 77 69 6e 64 6f 77 29 2e 62 69 6e 64 28 22 75 6e 6c 6f 61 64 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 6a 51 75 65 72 79 28 22 2a 22 29 2e 61 64 64 28 64 6f 63 75 6d 65 6e 74 29 2e 75 6e 62 69 6e 64 28 29 3b 7d 29 3b 6a 51 75 65 72 79 2e 66 6e 2e 65 78 74 65 6e 64 28 7b 5f 6c 6f 61 64 3a 6a 51 75 65 72 79 2e 66 6e 2e 6c 6f 61 64 2c 6c 6f 61 64 3a 66 75 6e 63 74 69 6f 6e 28 75 72 6c 2c 70 61 72 61 6d 73 2c 63 61 6c 6c 62 61 63 6b 29 7b 69 66 28 74 79 70 65 6f 66 20 75 72 6c
                Data Ascii: arent!=elem)try{parent=parent.parentNode;}catch(error){parent=elem;}return parent==elem;};jQuery(window).bind("unload",function(){jQuery("*").add(document).unbind();});jQuery.fn.extend({_load:jQuery.fn.load,load:function(url,params,callback){if(typeof url
                2022-10-03 09:56:39 UTC112INData Raw: 68 74 3a 22 68 69 64 65 22 2c 77 69 64 74 68 3a 22 68 69 64 65 22 2c 6f 70 61 63 69 74 79 3a 22 68 69 64 65 22 7d 2c 73 70 65 65 64 2c 63 61 6c 6c 62 61 63 6b 29 3a 74 68 69 73 2e 66 69 6c 74 65 72 28 22 3a 76 69 73 69 62 6c 65 22 29 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 6f 6c 64 62 6c 6f 63 6b 3d 74 68 69 73 2e 6f 6c 64 62 6c 6f 63 6b 7c 7c 6a 51 75 65 72 79 2e 63 73 73 28 74 68 69 73 2c 22 64 69 73 70 6c 61 79 22 29 3b 74 68 69 73 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 3d 22 6e 6f 6e 65 22 3b 7d 29 2e 65 6e 64 28 29 3b 7d 2c 5f 74 6f 67 67 6c 65 3a 6a 51 75 65 72 79 2e 66 6e 2e 74 6f 67 67 6c 65 2c 74 6f 67 67 6c 65 3a 66 75 6e 63 74 69 6f 6e 28 66 6e 2c 66 6e 32 29 7b 72 65 74 75 72 6e 20 6a 51 75 65 72 79 2e 69 73 46 75
                Data Ascii: ht:"hide",width:"hide",opacity:"hide"},speed,callback):this.filter(":visible").each(function(){this.oldblock=this.oldblock||jQuery.css(this,"display");this.style.display="none";}).end();},_toggle:jQuery.fn.toggle,toggle:function(fn,fn2){return jQuery.isFu
                2022-10-03 09:56:39 UTC120INData Raw: 65 74 75 72 6e 20 72 65 73 75 6c 74 73 3b 7d 3b 6a 51 75 65 72 79 2e 66 6e 2e 65 78 74 65 6e 64 28 7b 70 6f 73 69 74 69 6f 6e 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6c 65 66 74 3d 30 2c 74 6f 70 3d 30 2c 72 65 73 75 6c 74 73 3b 69 66 28 74 68 69 73 5b 30 5d 29 7b 76 61 72 20 6f 66 66 73 65 74 50 61 72 65 6e 74 3d 74 68 69 73 2e 6f 66 66 73 65 74 50 61 72 65 6e 74 28 29 2c 6f 66 66 73 65 74 3d 74 68 69 73 2e 6f 66 66 73 65 74 28 29 2c 70 61 72 65 6e 74 4f 66 66 73 65 74 3d 2f 5e 62 6f 64 79 7c 68 74 6d 6c 24 2f 69 2e 74 65 73 74 28 6f 66 66 73 65 74 50 61 72 65 6e 74 5b 30 5d 2e 74 61 67 4e 61 6d 65 29 3f 7b 74 6f 70 3a 30 2c 6c 65 66 74 3a 30 7d 3a 6f 66 66 73 65 74 50 61 72 65 6e 74 2e 6f 66 66 73 65 74 28 29 3b 6f 66 66 73 65 74 2e 74 6f 70 2d
                Data Ascii: eturn results;};jQuery.fn.extend({position:function(){var left=0,top=0,results;if(this[0]){var offsetParent=this.offsetParent(),offset=this.offset(),parentOffset=/^body|html$/i.test(offsetParent[0].tagName)?{top:0,left:0}:offsetParent.offset();offset.top-


                Statistics

                CPU Usage

                Click to jump to process

                Memory Usage

                Click to jump to process

                High Level Behavior Distribution

                Click to dive into process behavior distribution

                Behavior

                Click to jump to process

                System Behavior

                General

                Target ID:0
                Start time:11:56:32
                Start date:03/10/2022
                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                Wow64 process (32bit):false
                Commandline:C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
                Imagebase:0x7ff7d31b0000
                File size:2851656 bytes
                MD5 hash:0FEC2748F363150DC54C1CAFFB1A9408
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low

                General

                Target ID:1
                Start time:11:56:33
                Start date:03/10/2022
                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                Wow64 process (32bit):false
                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1712,i,2555390636374715220,16926103728944639964,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
                Imagebase:0x7ff7d31b0000
                File size:2851656 bytes
                MD5 hash:0FEC2748F363150DC54C1CAFFB1A9408
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low

                General

                Target ID:2
                Start time:11:56:34
                Start date:03/10/2022
                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                Wow64 process (32bit):false
                Commandline:C:\Program Files\Google\Chrome\Application\chrome.exe" "https://expressinvoice.mijnparagon-cc.nl/
                Imagebase:0x7ff7d31b0000
                File size:2851656 bytes
                MD5 hash:0FEC2748F363150DC54C1CAFFB1A9408
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low

                Disassembly

                No disassembly