Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
QUOTE 452362.eml

Overview

General Information

Sample name:QUOTE 452362.eml
Analysis ID:1530787
MD5:c5da031682d07545611f4336226a24cf
SHA1:ed3e66f0f96f0efffcff680c9279a3865a0f0745
SHA256:23b733192fc8d50db460b5e20058bfde80c709ec8a978566905bf7644ec20a67
Infos:

Detection

Score:2
Range:0 - 100
Whitelisted:false
Confidence:60%

Signatures

IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Queries the volume information (name, serial number etc) of a device
Sigma detected: Office Autorun Keys Modification
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • OUTLOOK.EXE (PID: 6712 cmdline: "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /eml "C:\Users\user\Desktop\QUOTE 452362.eml" MD5: 91A5292942864110ED734005B7E005C0)
    • ai.exe (PID: 2648 cmdline: "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "E7D18160-CC43-4C8E-B574-ADC7AAB96AD4" "7188BDE5-66D5-491E-AE9C-E48C4525983E" "6712" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx" MD5: EC652BEDD90E089D9406AFED89A8A8BD)
    • chrome.exe (PID: 4064 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 6916 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1940,i,7224633850826834353,5271304985398107482,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4824 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 2408 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1948,i,9948224342545650432,7023359487037002687,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

Sigma detected: Office Autorun Keys Modification
Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 , EventID: 13, EventType: SetValue, Image: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE, ProcessId: 6712, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\OneNote.OutlookAddin\1

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793dHTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 20.190.160.14:443 -> 192.168.2.16:49706 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49709 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.160.14:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: Joe Sandbox ViewIP Address: 172.66.40.88 172.66.40.88
Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
Source: Joe Sandbox ViewIP Address: 104.22.74.115 104.22.74.115
Source: Joe Sandbox ViewIP Address: 172.66.43.168 172.66.43.168
Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.14
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=42ycGH7ZShD68cc&MD=fKTz3ubA HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d HTTP/1.1Host: campaign-statistics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /css/styles.css HTTP/1.1Host: stats.sender.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://campaign-statistics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fonts/suisseintl-regular-webxl.woff2 HTTP/1.1Host: stats.sender.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://campaign-statistics.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://campaign-statistics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fonts/suisseintl-semibold-webxl.woff2 HTTP/1.1Host: stats.sender.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://campaign-statistics.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://campaign-statistics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /img/sender-logo-coloured.svg HTTP/1.1Host: stats.sender.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://campaign-statistics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /img/vectors/vector-group.svg HTTP/1.1Host: stats.sender.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://campaign-statistics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /img/vectors/vector-group-2.svg HTTP/1.1Host: stats.sender.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://campaign-statistics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /img/compressed/error-occurred.webp HTTP/1.1Host: stats.sender.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://campaign-statistics.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /img/vectors/vector-group.svg HTTP/1.1Host: stats.sender.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /img/sender-logo-coloured.svg HTTP/1.1Host: stats.sender.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /img/vectors/vector-group-2.svg HTTP/1.1Host: stats.sender.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /img/compressed/error-occurred.webp HTTP/1.1Host: stats.sender.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: campaign-statistics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: campaign-statistics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=42ycGH7ZShD68cc&MD=fKTz3ubA HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d HTTP/1.1Host: campaign-statistics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: campaign-statistics.com
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: stats.sender.net
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownHTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 3592Host: login.live.com
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 10 Oct 2024 12:42:27 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeaccess-control-allow-origin: *access-control-allow-methods: *access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Typecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ryLni%2FihghpUFyWWmrK8R20k4ZOap7WmDZZVTwX2G%2BAFflqdgJNYjt2nHSEjLOJoETO6JVAhj6fKUCfAPwL7i2xC3Xsyc7HurtZEt4RsOS%2Fcmt6GqclfRxO%2F9GpvBsCwSzbxztgZn37NrA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Speculation-Rules: "/cdn-cgi/speculation"Server: cloudflareCF-RAY: 8d06b0be7a8542e6-EWRalt-svc: h3=":443"; ma=86400
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 10 Oct 2024 12:42:48 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeaccess-control-allow-origin: *access-control-allow-methods: *access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Typecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dm3UpvNCihDfek4HUDrbsbZlEbX4TY6f8fQoBP%2Bqehf5B0lO%2FNniudYDltzy8MPWIN7tU0s1XI42Zgpmzx5fWGKs%2FICaADwDl0JDbcy4L9tPopXTqKHrHJEZBARuYMKMKgN6c5%2BR2rjLCA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Speculation-Rules: "/cdn-cgi/speculation"Server: cloudflareCF-RAY: 8d06b146f9c842e9-EWRalt-svc: h3=":443"; ma=86400
Source: ~WRS{06449F0E-441D-4BD5-8997-03F32AA50A48}.tmp.0.drString found in binary or memory: http://www.bridge-care.co.uk/
Source: ~WRS{06449F0E-441D-4BD5-8997-03F32AA50A48}.tmp.0.drString found in binary or memory: https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d
Source: ~WRS{06449F0E-441D-4BD5-8997-03F32AA50A48}.tmp.0.drString found in binary or memory: https://pub.lucidpress.com/50f1c535-8058-4eec-b469-2bd69fae4557/
Source: chromecache_81.12.drString found in binary or memory: https://stats.sender.net/css/styles.css
Source: chromecache_81.12.drString found in binary or memory: https://stats.sender.net/fonts/suisseintl-regular-webxl.woff2
Source: chromecache_81.12.drString found in binary or memory: https://stats.sender.net/fonts/suisseintl-semibold-webxl.woff2
Source: chromecache_81.12.drString found in binary or memory: https://stats.sender.net/img/compressed/error-occurred
Source: chromecache_81.12.drString found in binary or memory: https://stats.sender.net/img/compressed/error-occurred.png
Source: chromecache_81.12.drString found in binary or memory: https://stats.sender.net/img/compressed/error-occurred.webp
Source: chromecache_81.12.drString found in binary or memory: https://stats.sender.net/img/sender-logo-coloured.svg
Source: chromecache_81.12.drString found in binary or memory: https://stats.sender.net/img/vectors/vector-group-2.svg
Source: chromecache_81.12.drString found in binary or memory: https://stats.sender.net/img/vectors/vector-group.svg
Source: chromecache_81.12.drString found in binary or memory: https://www.sender.net/
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 20.190.160.14:443 -> 192.168.2.16:49706 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49709 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.160.14:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: classification engineClassification label: clean2.winEML@24/45@12/7
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmpJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20241010T0841530636-6712.etlJump to behavior
Source: unknownProcess created: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /eml "C:\Users\user\Desktop\QUOTE 452362.eml"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "E7D18160-CC43-4C8E-B574-ADC7AAB96AD4" "7188BDE5-66D5-491E-AE9C-E48C4525983E" "6712" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1940,i,7224633850826834353,5271304985398107482,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1948,i,9948224342545650432,7023359487037002687,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "E7D18160-CC43-4C8E-B574-ADC7AAB96AD4" "7188BDE5-66D5-491E-AE9C-E48C4525983E" "6712" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793dJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793dJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1940,i,7224633850826834353,5271304985398107482,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1948,i,9948224342545650432,7023359487037002687,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: c2r64.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: userenv.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{F959DBBB-3867-41F2-8E5F-3B8BEFAA81B3}\InprocServer32Jump to behavior
Source: Google Drive.lnk.11.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.11.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.11.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.11.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.11.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.11.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEWindow found: window name: SysTabControl32Jump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\CommonJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile Volume queried: C:\Windows\SysWOW64 FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information queried: ProcessInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeQueries volume information: C:\Program Files (x86)\Microsoft Office\root\Office16\AI\WordCombinedFloatieLreOnline.onnx VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
DLL Side-Loading		1
Process Injection		1
Masquerading		OS Credential Dumping1
Process Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
Registry Run Keys / Startup Folder		1
DLL Side-Loading		1
Process Injection		LSASS Memory13
System Information Discovery		Remote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Registry Run Keys / Startup Folder		1
DLL Side-Loading		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1530787 Sample: QUOTE 452362.eml Startdate: 10/10/2024 Architecture: WINDOWS Score: 2 6 OUTLOOK.EXE 70 124 2->6         started        process3 8 chrome.exe 9 6->8         started        11 chrome.exe 6->11         started        13 ai.exe 6->13         started        dnsIp4 20 192.168.2.16, 138, 443, 49319 unknown unknown 8->20 22 239.255.255.250 unknown Reserved 8->22 15 chrome.exe 8->15         started        18 chrome.exe 11->18         started        process5 dnsIp6 24 www.google.com 142.250.186.132, 443, 49742, 49752 GOOGLEUS United States 15->24 26 a.nel.cloudflare.com 35.190.80.1, 443, 49719, 49723 GOOGLEUS United States 15->26 28 3 other IPs or domains 15->28

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
a.nel.cloudflare.com
35.190.80.1
truefalse
    		unknown
    stats.sender.net
    		104.22.74.115
    		truefalse
      		unknown
      campaign-statistics.com
      		172.66.40.88
      		truefalse
        		unknown
        www.google.com
        		142.250.186.132
        		truefalse
          		unknown

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          https://stats.sender.net/img/compressed/error-occurred.webpfalse
            		unknown
            https://stats.sender.net/img/vectors/vector-group.svgfalse
              		unknown
              https://stats.sender.net/fonts/suisseintl-semibold-webxl.woff2false
                		unknown
                https://campaign-statistics.com/favicon.icofalse
                  		unknown
                  https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793dfalse
                    		unknown
                    https://a.nel.cloudflare.com/report/v4?s=Dm3UpvNCihDfek4HUDrbsbZlEbX4TY6f8fQoBP%2Bqehf5B0lO%2FNniudYDltzy8MPWIN7tU0s1XI42Zgpmzx5fWGKs%2FICaADwDl0JDbcy4L9tPopXTqKHrHJEZBARuYMKMKgN6c5%2BR2rjLCA%3D%3Dfalse
                      		unknown
                      https://stats.sender.net/css/styles.cssfalse
                        		unknown
                        https://a.nel.cloudflare.com/report/v4?s=ryLni%2FihghpUFyWWmrK8R20k4ZOap7WmDZZVTwX2G%2BAFflqdgJNYjt2nHSEjLOJoETO6JVAhj6fKUCfAPwL7i2xC3Xsyc7HurtZEt4RsOS%2Fcmt6GqclfRxO%2F9GpvBsCwSzbxztgZn37NrA%3D%3Dfalse
                          		unknown
                          https://stats.sender.net/img/sender-logo-coloured.svgfalse
                            		unknown
                            https://stats.sender.net/img/vectors/vector-group-2.svgfalse
                              		unknown
                              https://stats.sender.net/fonts/suisseintl-regular-webxl.woff2false
                                		unknown

                                URLs from Memory and Binaries

                                NameSourceMaliciousAntivirus DetectionReputation
                                https://pub.lucidpress.com/50f1c535-8058-4eec-b469-2bd69fae4557/~WRS{06449F0E-441D-4BD5-8997-03F32AA50A48}.tmp.0.drfalse
                                  		unknown
                                  https://stats.sender.net/img/compressed/error-occurredchromecache_81.12.drfalse
                                    		unknown
                                    https://www.sender.net/chromecache_81.12.drfalse
                                      		unknown
                                      http://www.bridge-care.co.uk/~WRS{06449F0E-441D-4BD5-8997-03F32AA50A48}.tmp.0.drfalse
                                        		unknown
                                        https://stats.sender.net/img/compressed/error-occurred.pngchromecache_81.12.drfalse
                                          		unknown

                                          World Map of Contacted IPs

                                          • No. of IPs < 25%
                                          • 25% < No. of IPs < 50%
                                          • 50% < No. of IPs < 75%
                                          • 75% < No. of IPs

                                          Public IPs

                                          IPDomainCountryFlagASNASN NameMalicious
                                          172.66.40.88
                                          		campaign-statistics.comUnited States
                                          		13335CLOUDFLARENETUSfalse
                                          239.255.255.250
                                          		unknownReserved
                                          		unknownunknownfalse
                                          104.22.74.115
                                          		stats.sender.netUnited States
                                          		13335CLOUDFLARENETUSfalse
                                          172.66.43.168
                                          		unknownUnited States
                                          		13335CLOUDFLARENETUSfalse
                                          142.250.186.132
                                          		www.google.comUnited States
                                          		15169GOOGLEUSfalse
                                          35.190.80.1
                                          		a.nel.cloudflare.comUnited States
                                          		15169GOOGLEUSfalse

                                          Private

                                          IP
                                          192.168.2.16

                                          General Information

                                          Joe Sandbox version:41.0.0 Charoite
                                          Analysis ID:1530787
                                          Start date and time:2024-10-10 14:40:48 +02:00
                                          Joe Sandbox product:CloudBasic
                                          Overall analysis duration:0h 5m 7s
                                          Hypervisor based Inspection enabled:false
                                          Report type:full
                                          Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                          Number of analysed new started processes analysed:18
                                          Number of new started drivers analysed:0
                                          Number of existing processes analysed:0
                                          Number of existing drivers analysed:0
                                          Number of injected processes analysed:0
                                          Technologies:
                                          • HCA enabled
                                          • EGA enabled
                                          • AMSI enabled
                                          Analysis Mode:default
                                          Analysis stop reason:Timeout
                                          Sample name:QUOTE 452362.eml
                                          Detection:CLEAN
                                          Classification:clean2.winEML@24/45@12/7
                                          EGA Information:Failed
                                          HCA Information:
                                          • Successful, ratio: 100%
                                          • Number of executed functions: 0
                                          • Number of non-executed functions: 0
                                          Cookbook Comments:
                                          • Found application associated with file extension: .eml

                                          Warnings

                                          • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                          • Excluded IPs from analysis (whitelisted): 52.113.194.132, 23.60.203.209, 52.109.68.129, 2.19.126.160, 2.19.126.151, 93.184.221.240, 20.42.73.31, 142.250.185.67, 142.250.186.174, 74.125.71.84, 34.104.35.123, 20.42.65.84, 20.42.65.90, 20.189.173.5, 142.250.186.99, 20.189.173.18, 142.250.184.206
                                          • Excluded domains from analysis (whitelisted): omex.cdn.office.net, onedscolprdwus04.westus.cloudapp.azure.com, slscr.update.microsoft.com, clientservices.googleapis.com, onedscolprdeus14.eastus.cloudapp.azure.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, eur.roaming1.live.com.akadns.net, onedscolprdeus21.eastus.cloudapp.azure.com, onedscolprdwus15.westus.cloudapp.azure.com, mobile.events.data.microsoft.com, ecs-office.s-0005.s-msedge.net, roaming.officeapps.live.com, clients2.google.com, login.live.com, e16604.g.akamaiedge.net, onedscolprdeus02.eastus.cloudapp.azure.com, update.googleapis.com, frc-azsc-000.roaming.officeapps.live.com, prod.fs.microsoft.com.akadns.net, a1864.dscd.akamai.net, clients1.google.com, ecs.office.com, fs.microsoft.com, accounts.google.com, osiprod-frc-buff-azsc-000.francecentral.cloudapp.azure.com, ctldl.windowsupdate.com, prod.roaming1.live.com.akadns.net, s-0005-office.config.skype.com, fe3cr.delivery.mp.microsoft.com, edg
                                          • Not all processes where analyzed, report is missing behavior information
                                          • Report size getting too big, too many NtQueryAttributesFile calls found.
                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                          • Report size getting too big, too many NtReadVirtualMemory calls found.
                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                          • VT rate limit hit for: QUOTE 452362.eml

                                          Simulations

                                          Behavior and APIs

                                          No simulations

                                          LLM Input / Output

                                          InputOutput
                                          URL: https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d Model: jbxai
                                          {
"brands":["Sender"],
"contains_trigger_text":false,
"trigger_text":"",
"prominent_button_name":"unknown",
"text_input_field_labels":"unknown",
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"text":"Page Not Found The page you are looking for might have been removed,
 had its name changed or is temporarily unavailable.",
"has_visible_qrcode":false}
                                          URL: Email Model: jbxai
                                          {
"brands":["BridgeCare"],
"contains_trigger_text":false,
"trigger_text":"",
"prominent_button_name":"unknown",
"text_input_field_labels":"unknown",
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"text":"Hi,
 Please see attached and get back to me Kind Regards Colin Joyce MCIHT Senior Project Manager m: +44 (0)7793 589 721 www.bridge-care.co.uk Address Royds Works,
 184 Attercliffe Road,
 Sheffield,
 S4 7WZ,
 UK Company Name: ASG Highways Ltd trading as Bridgecare Registered Office: Royds Works,
 184 Attercliffe Road,
 Sheffield,
 S4 7WZ UK Company Registration: 14858741 VAT Number: 450 6006 30",
"has_visible_qrcode":false}

                                          Joe Sandbox View / Context

                                          IPs

                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                          239.255.255.250https://www.google.es/url?q=3HOSozuuQiApLjODz3yh&rct=tTPSJ3J3wDFX0jkXyycT&sa=t&esrc=WSECxFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=XpPkDfJ9mfdQ6lDJVS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp%2Foilproductionpower.com%2Fddd%2Ff3E2tG5ASlq4OLZ8xJKHkkFY/TExQQG5vdm96eW1lcy5jb20=Get hashmaliciousHTMLPhisherBrowse
                                            https://nicholstyreman.com/Get hashmaliciousHtmlDropperBrowse
                                              https://clickproxy.retailrocket.net/?url=https://veritasbd.net//cgibin/bin/philipp.ettle/cGhpbGlwcC5ldHRsZUBid3QtcGhhcm1hLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                Quarantined Messages(12).zipGet hashmaliciousUnknownBrowse
                                                  https://trendydigitalbuzze.com.de/YrWXF/Get hashmaliciousUnknownBrowse
                                                    https://uk01.l.antigena.com/l/gSyI41Gz96sNln53sagX7eNcywQQOoEnYDagSj-Ka4rmvUc~~ge2uUdYhkRZf~qdeCYR20MfqPF0Cl22iQAPA~D-kwryf6JMugP38-hVRau_ADDrbJG64mdp-ZsyZX_NR5Aqy8QOMomREd_j~F2RHekIK09DCim8Shqfhw4hZXnXF1DPP7U2UTL09nH60jVmeQTVNhtpj6BYLNdVUlIVUBIDlYaiNtMQkkHjcq1woyuQdpbGd~TSAUVGet hashmaliciousUnknownBrowse
                                                      http://beststarsoffers.click/img/FJHpEbd9pzMLCgDTGet hashmaliciousUnknownBrowse
                                                        http://beststarsoffers.click/img/BftYnyQgrWDRxBpxGet hashmaliciousUnknownBrowse
                                                          https://na4.docusign.net/Signing/EmailStart.aspx?a=b4cf6218-13ec-46d9-aa5c-10723ebe7e7f&etti=24&acct=d9c705c1-5012-4d8b-98f5-b9c62798fde2&er=efa4815b-08b1-4fe7-b32f-ac28ff7e2554Get hashmaliciousHTMLPhisherBrowse
                                                            https://loadfile.komanda.cl/Get hashmaliciousUnknownBrowse
                                                              104.22.74.115https://d38rqs2egh08o4.cloudfront.net/unsubscribe/axr8Zr-lxA5J1J-4kvVDfGet hashmaliciousUnknownBrowse
                                                                (No subject) (45).emlGet hashmaliciousUnknownBrowse
                                                                  https://campaign-statistics.com/b/c/S0VSEapY0V_SDNs2Get hashmaliciousUnknownBrowse
                                                                    https://stats.sender.net/link_click/Nu93UxgKac_LOvKV/51f5d7aac5a578c427add26c88f58b63#YW5kcmVha29iZWxpYUBqZWZmZXJkcy5jb20=Get hashmaliciousUnknownBrowse
                                                                      https://stats.sender.net/link_click/Nu93UxgKac_LOvKV/51f5d7aac5a578c427add26c88f58b63#YW5kcmVha29iZWxpYUBqZWZmZXJkcy5jb20=Get hashmaliciousUnknownBrowse
                                                                        https://stats.sender.net/link_click/NvvBE0tfsA_LRaqr/5133dccc258c2ef3d2b7493bb02d5ed1#ZGF2ZS5jb3hAbWlkbGFuZGNvbXB1dGVycy5jb20=Get hashmaliciousHTMLPhisherBrowse
                                                                          https://stats.sender.net/link_click/NuoFnYd1dw_LMgXF/a688273cd4a393802dbf8a14d5e1a550#ZG91Z0BlY2l3b3JsZC5jb20=Get hashmaliciousUnknownBrowse
                                                                            https://stats.sender.net/link_click/NuoFnYd1dw_LMgXF/a688273cd4a393802dbf8a14d5e1a550#cGF5cm9sbEBvbGdvb25pay5jb20=Get hashmaliciousHTMLPhisherBrowse
                                                                              https://stats.sender.net/link_click/NuoFnYd1dw_LMgXF/a688273cd4a393802dbf8a14d5e1a550#cm9iaW5zb252QGFpcmJvcm4uY29tGet hashmaliciousHTMLPhisherBrowse
                                                                                phish_alert_iocp_v1.4.48 (39).emlGet hashmaliciousHTMLPhisherBrowse
                                                                                  172.66.43.168https://campaign-statistics.com/link_click/Szf94EH9mw_MhOm2/31fcb5390be9c8e4830896e0dbeaed9bGet hashmaliciousHTMLPhisherBrowse
                                                                                    https://campaign-statistics.com/link_click/RqeqbFIupG_SarXt/c7754e02779513a9011493d63e2dacdcGet hashmaliciousAsyncRATBrowse
                                                                                      https://campaign-statistics.com/link_click/QHJe4o5YKl_QCAlR/438c93ee7495df2433a8df4557894908Get hashmaliciousUnknownBrowse
                                                                                        https://unilever3.demdex.net/firstevent?d_event=click&d_bu=317196&c_medium=display&c_destination=Retailer&c_country=BD&c_campaignname=L-LifebuoyHandsanitizerLaunchComm&c_prodcat=CH1097&c_brandcode=BH0300&d_adgroup=All_KV&c_contenttype=display&c_source=Dhaka%20Tribune&d_rd=https://campaign-statistics.com/link_click/PidJvkyg2S_O4JTm/159dfdb0ade49a7c5597d3c1d9bd3d8aGet hashmaliciousUnknownBrowse
                                                                                          https://campaign-statistics.com/link_click/P9658jqNDU_MXsId/826b94c66982f5cd1366bf96bf66388cGet hashmaliciousUnknownBrowse
                                                                                            https://campaign-statistics.com/link_click/OOIhh4OKHe_NcHPG/8cb76dcdebff138ed04c1331049114e6Get hashmaliciousUnknownBrowse
                                                                                              S23UhdW5DH.exeGet hashmaliciousLummaC, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                https://campaign-statistics.com/link_click/Nz2GgwBSQV_LUqIa/ddad3a69108cbcf4c600149122902d14#bHluZWxsZS5iZW5hbGxpZUBiaWEuZ292Get hashmaliciousHTMLPhisherBrowse
                                                                                                  https://campaign-statistics.com/link_click/Nz2GgwBSQV_LUqIa/ddad3a69108cbcf4c600149122902d14#Y2FybG9zX3Bvc2FkYUBnZW5zbGVyLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                                                                    https://campaign-statistics.com/link_click/JLtaSbWx5D_GODxE/ccdd107767553aaaae6527ab9c7fc3a9Get hashmaliciousUnknownBrowse
                                                                                                      172.66.40.88S23UhdW5DH.exeGet hashmaliciousLummaC, Glupteba, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                      • warriorplus.com/PhpMyAdmin/

                                                                                                      Domains

                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                      campaign-statistics.comhttps://campaign-statistics.com/link_click/Szf94EH9mw_MhOm2/31fcb5390be9c8e4830896e0dbeaed9bGet hashmaliciousHTMLPhisherBrowse
                                                                                                      • 172.66.43.168
                                                                                                      https://campaign-statistics.com/b/c/S0VSEapY0V_SDNs2Get hashmaliciousUnknownBrowse
                                                                                                      • 172.66.40.88
                                                                                                      (No subject) (30).emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                      • 172.66.40.88
                                                                                                      https://campaign-statistics.com/link_click/RqeqbFIupG_SarXt/c7754e02779513a9011493d63e2dacdcGet hashmaliciousAsyncRATBrowse
                                                                                                      • 172.66.43.168
                                                                                                      https://campaign-statistics.com/link_click/QSXl0E11nR_QVugY/ed1d525de18b7af7fe2c018254cb2f5cGet hashmaliciousUnknownBrowse
                                                                                                      • 172.66.40.88
                                                                                                      https://campaign-statistics.com/link_click/QHJe4o5YKl_QCAlR/438c93ee7495df2433a8df4557894908Get hashmaliciousUnknownBrowse
                                                                                                      • 172.66.43.168
                                                                                                      https://unilever3.demdex.net/firstevent?d_event=click&d_bu=317196&c_medium=display&c_destination=Retailer&c_country=BD&c_campaignname=L-LifebuoyHandsanitizerLaunchComm&c_prodcat=CH1097&c_brandcode=BH0300&d_adgroup=All_KV&c_contenttype=display&c_source=Dhaka%20Tribune&d_rd=https://campaign-statistics.com/link_click/PidJvkyg2S_O4JTm/159dfdb0ade49a7c5597d3c1d9bd3d8aGet hashmaliciousUnknownBrowse
                                                                                                      • 172.66.43.168
                                                                                                      https://campaign-statistics.com/link_click/PJygYHTMZ2_OXDfP/30633247af9f78d20f1e067eab9a8276Get hashmaliciousHTMLPhisherBrowse
                                                                                                      • 172.66.40.88
                                                                                                      https://campaign-statistics.com/link_click/P9658jqNDU_MXsId/826b94c66982f5cd1366bf96bf66388cGet hashmaliciousUnknownBrowse
                                                                                                      • 172.66.43.168
                                                                                                      https://campaign-statistics.com/link_click/OOIhh4OKHe_NcHPG/8cb76dcdebff138ed04c1331049114e6Get hashmaliciousUnknownBrowse
                                                                                                      • 172.66.43.168
                                                                                                      stats.sender.nethttps://d38rqs2egh08o4.cloudfront.net/unsubscribe/axr8Zr-lxA5J1J-4kvVDfGet hashmaliciousUnknownBrowse
                                                                                                      • 104.22.74.115
                                                                                                      (No subject) (45).emlGet hashmaliciousUnknownBrowse
                                                                                                      • 104.22.74.115
                                                                                                      https://campaign-statistics.com/b/c/S0VSEapY0V_SDNs2Get hashmaliciousUnknownBrowse
                                                                                                      • 104.22.75.115
                                                                                                      https://atpscan.global.hornetsecurity.com/index.php?atp_str=8B8Q674nKweUpOPaXKM6VOMa9rVmT9F88gJKf7UnPIk7lVcTg1Q-V4IPa1qZ6xDW_Np8A6rXdvweyDFb4X_duRJq__NRXl8C6nr4Fp6_6jXTKY8i-eq9zaGF1nRMS5Naow-X8iPhCaW7gWnz15HywoXkRlBcF-HA5u9xlgwyXxJSOjg--X44rz6dyWRvR2kCcFbMVsikMsdWQtd8ernHlT8lEInagAkd6hInpq8HnR6qVnxsrq7Rp44guKAEXU6p35hzk1o7dqF0S746O9GWjNgbNSAsbClpjLwncPp2G24UeXuZxJpZDdiZxjV9eCg9jbcVC3za2iUP-qdmWbyOqIbtGcKK-4aGuNt5n-Ty9INr0JazCx6mCM_Aqb3V9vOzIhqqb3prxifizllceSNEbCM6OiMEWF8fLffrzjsUM-YjOjojHP7D4cEHhs3d2aEM0AucrgGet hashmaliciousHTMLPhisherBrowse
                                                                                                      • 172.67.27.94
                                                                                                      https://unilever3.demdex.net/firstevent?d_event=click&d_bu=317196&c_medium=display&c_destination=Retailer&c_country=BD&c_campaignname=L-LifebuoyHandsanitizerLaunchComm&c_prodcat=CH1097&c_brandcode=BH0300&d_adgroup=All_KV&c_contenttype=display&c_source=Dhaka%20Tribune&d_rd=https://stats.sender.net/link_click/PgFPXioPcc_O4175/a962cfda8e603330f7e8d8ca837fba55Get hashmaliciousUnknownBrowse
                                                                                                      • 104.22.75.115
                                                                                                      https://unilever3.demdex.net/firstevent?d_event=click&d_bu=317196&c_medium=display&c_destination=Retailer&c_country=BD&c_campaignname=L-LifebuoyHandsanitizerLaunchComm&c_prodcat=CH1097&c_brandcode=BH0300&d_adgroup=All_KV&c_contenttype=display&c_source=Dhaka%20Tribune&d_rd=https://stats.sender.net/link_click/PhlF6qDsha_O41AS/fc724c846281293f8804c72815515f62Get hashmaliciousUnknownBrowse
                                                                                                      • 104.22.75.115
                                                                                                      https://stats.sender.net/link_click/NusQNZDUYx_LOWjE/3b6a6119e6b002f57aa9b386f2c1d9dc/#RYWNjb3VudHNwYXlhYmxlQHJvY2t5bW91bnRhaW5lZXIuY29tGet hashmaliciousHTMLPhisherBrowse
                                                                                                      • 172.67.27.94
                                                                                                      https://stats.sender.net/link_click/Nu93UxgKac_LOvKV/51f5d7aac5a578c427add26c88f58b63#YW5kcmVha29iZWxpYUBqZWZmZXJkcy5jb20=Get hashmaliciousUnknownBrowse
                                                                                                      • 104.22.74.115
                                                                                                      https://stats.sender.net/link_click/Nu93UxgKac_LOvKV/51f5d7aac5a578c427add26c88f58b63#YW5kcmVha29iZWxpYUBqZWZmZXJkcy5jb20=Get hashmaliciousUnknownBrowse
                                                                                                      • 104.22.74.115
                                                                                                      https://stats.sender.net/link_click/NvvBE0tfsA_LRaqr/5133dccc258c2ef3d2b7493bb02d5ed1#ZGF2ZS5jb3hAbWlkbGFuZGNvbXB1dGVycy5jb20=Get hashmaliciousHTMLPhisherBrowse
                                                                                                      • 104.22.74.115

                                                                                                      ASNs

                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                      CLOUDFLARENETUShttps://www.google.es/url?q=3HOSozuuQiApLjODz3yh&rct=tTPSJ3J3wDFX0jkXyycT&sa=t&esrc=WSECxFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=XpPkDfJ9mfdQ6lDJVS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp%2Foilproductionpower.com%2Fddd%2Ff3E2tG5ASlq4OLZ8xJKHkkFY/TExQQG5vdm96eW1lcy5jb20=Get hashmaliciousHTMLPhisherBrowse
                                                                                                      • 188.114.96.3
                                                                                                      https://nicholstyreman.com/Get hashmaliciousHtmlDropperBrowse
                                                                                                      • 188.114.97.3
                                                                                                      alWUxZvrvU.exeGet hashmaliciousFormBookBrowse
                                                                                                      • 188.114.97.3
                                                                                                      https://clickproxy.retailrocket.net/?url=https://veritasbd.net//cgibin/bin/philipp.ettle/cGhpbGlwcC5ldHRsZUBid3QtcGhhcm1hLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                                                                      • 188.114.96.3
                                                                                                      SecuriteInfo.com.Trojan-Ransom.Win32.Zerber.gkca.4990.15640.exeGet hashmaliciousUnknownBrowse
                                                                                                      • 172.67.143.163
                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                      • 172.67.206.204
                                                                                                      YyhAkj09dy.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                      • 104.26.13.205
                                                                                                      SecuriteInfo.com.Trojan-Ransom.Win32.Zerber.gkca.4990.15640.exeGet hashmaliciousUnknownBrowse
                                                                                                      • 172.67.143.163
                                                                                                      Swift Payment.pdf.exeGet hashmaliciousMassLogger RATBrowse
                                                                                                      • 188.114.96.3
                                                                                                      SecuriteInfo.com.Win32.CrypterX-gen.28129.24663.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                      • 188.114.96.3
                                                                                                      CLOUDFLARENETUShttps://www.google.es/url?q=3HOSozuuQiApLjODz3yh&rct=tTPSJ3J3wDFX0jkXyycT&sa=t&esrc=WSECxFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=XpPkDfJ9mfdQ6lDJVS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp%2Foilproductionpower.com%2Fddd%2Ff3E2tG5ASlq4OLZ8xJKHkkFY/TExQQG5vdm96eW1lcy5jb20=Get hashmaliciousHTMLPhisherBrowse
                                                                                                      • 188.114.96.3
                                                                                                      https://nicholstyreman.com/Get hashmaliciousHtmlDropperBrowse
                                                                                                      • 188.114.97.3
                                                                                                      alWUxZvrvU.exeGet hashmaliciousFormBookBrowse
                                                                                                      • 188.114.97.3
                                                                                                      https://clickproxy.retailrocket.net/?url=https://veritasbd.net//cgibin/bin/philipp.ettle/cGhpbGlwcC5ldHRsZUBid3QtcGhhcm1hLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                                                                      • 188.114.96.3
                                                                                                      SecuriteInfo.com.Trojan-Ransom.Win32.Zerber.gkca.4990.15640.exeGet hashmaliciousUnknownBrowse
                                                                                                      • 172.67.143.163
                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                      • 172.67.206.204
                                                                                                      YyhAkj09dy.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                      • 104.26.13.205
                                                                                                      SecuriteInfo.com.Trojan-Ransom.Win32.Zerber.gkca.4990.15640.exeGet hashmaliciousUnknownBrowse
                                                                                                      • 172.67.143.163
                                                                                                      Swift Payment.pdf.exeGet hashmaliciousMassLogger RATBrowse
                                                                                                      • 188.114.96.3
                                                                                                      SecuriteInfo.com.Win32.CrypterX-gen.28129.24663.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                      • 188.114.96.3
                                                                                                      CLOUDFLARENETUShttps://www.google.es/url?q=3HOSozuuQiApLjODz3yh&rct=tTPSJ3J3wDFX0jkXyycT&sa=t&esrc=WSECxFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=XpPkDfJ9mfdQ6lDJVS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp%2Foilproductionpower.com%2Fddd%2Ff3E2tG5ASlq4OLZ8xJKHkkFY/TExQQG5vdm96eW1lcy5jb20=Get hashmaliciousHTMLPhisherBrowse
                                                                                                      • 188.114.96.3
                                                                                                      https://nicholstyreman.com/Get hashmaliciousHtmlDropperBrowse
                                                                                                      • 188.114.97.3
                                                                                                      alWUxZvrvU.exeGet hashmaliciousFormBookBrowse
                                                                                                      • 188.114.97.3
                                                                                                      https://clickproxy.retailrocket.net/?url=https://veritasbd.net//cgibin/bin/philipp.ettle/cGhpbGlwcC5ldHRsZUBid3QtcGhhcm1hLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                                                                      • 188.114.96.3
                                                                                                      SecuriteInfo.com.Trojan-Ransom.Win32.Zerber.gkca.4990.15640.exeGet hashmaliciousUnknownBrowse
                                                                                                      • 172.67.143.163
                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                      • 172.67.206.204
                                                                                                      YyhAkj09dy.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                      • 104.26.13.205
                                                                                                      SecuriteInfo.com.Trojan-Ransom.Win32.Zerber.gkca.4990.15640.exeGet hashmaliciousUnknownBrowse
                                                                                                      • 172.67.143.163
                                                                                                      Swift Payment.pdf.exeGet hashmaliciousMassLogger RATBrowse
                                                                                                      • 188.114.96.3
                                                                                                      SecuriteInfo.com.Win32.CrypterX-gen.28129.24663.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                      • 188.114.96.3

                                                                                                      JA3 Fingerprints

                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                      28a2c9bd18a11de089ef85a160da29e4https://www.google.es/url?q=3HOSozuuQiApLjODz3yh&rct=tTPSJ3J3wDFX0jkXyycT&sa=t&esrc=WSECxFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=XpPkDfJ9mfdQ6lDJVS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp%2Foilproductionpower.com%2Fddd%2Ff3E2tG5ASlq4OLZ8xJKHkkFY/TExQQG5vdm96eW1lcy5jb20=Get hashmaliciousHTMLPhisherBrowse
                                                                                                      • 20.190.160.14
                                                                                                      • 20.109.210.53
                                                                                                      https://nicholstyreman.com/Get hashmaliciousHtmlDropperBrowse
                                                                                                      • 20.190.160.14
                                                                                                      • 20.109.210.53
                                                                                                      https://clickproxy.retailrocket.net/?url=https://veritasbd.net//cgibin/bin/philipp.ettle/cGhpbGlwcC5ldHRsZUBid3QtcGhhcm1hLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                                                                      • 20.190.160.14
                                                                                                      • 20.109.210.53
                                                                                                      https://trendydigitalbuzze.com.de/YrWXF/Get hashmaliciousUnknownBrowse
                                                                                                      • 20.190.160.14
                                                                                                      • 20.109.210.53
                                                                                                      https://uk01.l.antigena.com/l/gSyI41Gz96sNln53sagX7eNcywQQOoEnYDagSj-Ka4rmvUc~~ge2uUdYhkRZf~qdeCYR20MfqPF0Cl22iQAPA~D-kwryf6JMugP38-hVRau_ADDrbJG64mdp-ZsyZX_NR5Aqy8QOMomREd_j~F2RHekIK09DCim8Shqfhw4hZXnXF1DPP7U2UTL09nH60jVmeQTVNhtpj6BYLNdVUlIVUBIDlYaiNtMQkkHjcq1woyuQdpbGd~TSAUVGet hashmaliciousUnknownBrowse
                                                                                                      • 20.190.160.14
                                                                                                      • 20.109.210.53
                                                                                                      http://beststarsoffers.click/img/FJHpEbd9pzMLCgDTGet hashmaliciousUnknownBrowse
                                                                                                      • 20.190.160.14
                                                                                                      • 20.109.210.53
                                                                                                      http://beststarsoffers.click/img/BftYnyQgrWDRxBpxGet hashmaliciousUnknownBrowse
                                                                                                      • 20.190.160.14
                                                                                                      • 20.109.210.53
                                                                                                      https://loadfile.komanda.cl/Get hashmaliciousUnknownBrowse
                                                                                                      • 20.190.160.14
                                                                                                      • 20.109.210.53
                                                                                                      http://growthsparkplus.thsite.top/?email=anna@cellnextelecom.comGet hashmaliciousUnknownBrowse
                                                                                                      • 20.190.160.14
                                                                                                      • 20.109.210.53
                                                                                                      MFSA-MiFID-APS-P2_20241007-Annex2_DOC-R-v1.1.exeGet hashmaliciousUnknownBrowse
                                                                                                      • 20.190.160.14
                                                                                                      • 20.109.210.53

                                                                                                      Dropped Files

                                                                                                      No context

                                                                                                      Created / dropped Files

                                                                                                      C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:data
                                                                                                      Category:dropped
                                                                                                      Size (bytes):231348
                                                                                                      Entropy (8bit):4.383226892710296
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:1536:IBqYLT3gsiapprbVxSLfgssPNcAz79ysQqt2ptQpLYqoQI5rcm0Fv4np2yGJUISu:e7gibqgRmiGu21qoQKrt0FvwgYm6tCAw
                                                                                                      MD5:4D0755D56E2C74A1F4EA30FC69F39CA1
                                                                                                      SHA1:EC5E37E8B9A662BB05E06BA5534D11CB9730A3B8
                                                                                                      SHA-256:6EE06485DB5B29F2642009429FF0FFAFEA84CAFA6978F04851DE7402E04083FA
                                                                                                      SHA-512:D75701A5F17C14ACC29E410375BC6E31AD5BC0C123498E1E35FFCEB1C5E7A2C2064D6B7B84AB790CDD432BCA95B171BCFD2F33CF6B07841BC3010B62B66B2D54
                                                                                                      Malicious:false
                                                                                                      Reputation:low
                                                                                                      Preview:TH02...... ..s.........SM01X...,...@..............IPM.Activity...........h...............h............H..h........K.m....h..........0.H..h\cal ...pDat...h0\'.0...p......h[.....7........h........_`Pk...h....@...I.lw...h....H...8.Uk...0....T...............d.........2h...............k..t.......f...!h.............. h.i............#h....8.........$h..0.....8....."h.B*......@*...'h..............1h[...<.........0h....4....Uk../h....h.....UkH..h..7.p.........-h .............+h.................. ...... ..............F7..............FIPM.Activity....Form....Standard....Journal Entry...IPM.Microsoft.FolderDesign.FormsDescription................F.k..........1122110020000000....Microsoft...This form is used to create journal entries.........kf...... ..........&...........(.......(... ...@.....................................................................................................................fffffffff........wwwwwwww.p....pp..............p...............pw..............pw..DDDDO..

                                                                                                      C:\Users\user\AppData\Local\Microsoft\FontCache\4\Catalog\ListAll.Json

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:JSON data
                                                                                                      Category:dropped
                                                                                                      Size (bytes):521377
                                                                                                      Entropy (8bit):4.9084889265453135
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:3072:gdTb5Sb3F2FqSrfZm+CnQsbzxZO7aYb6f5780K2:wb5q3umBnzT
                                                                                                      MD5:C37972CBD8748E2CA6DA205839B16444
                                                                                                      SHA1:9834B46ACF560146DD7EE9086DB6019FBAC13B4E
                                                                                                      SHA-256:D4CFBB0E8B9D3E36ECE921B9B51BD37EF1D3195A9CFA1C4586AEA200EB3434A7
                                                                                                      SHA-512:02B4D134F84122B6EE9A304D79745A003E71803C354FB01BAF986BD15E3BA57BA5EF167CC444ED67B9BA5964FF5922C50E2E92A8A09862059852ECD9CEF1A900
                                                                                                      Malicious:false
                                                                                                      Reputation:moderate, very likely benign file
                                                                                                      Preview:{"MajorVersion":4,"MinorVersion":40,"Expiration":14,"Fonts":[{"a":[4294966911],"f":"Abadi","fam":[],"sf":[{"c":[1,0],"dn":"Abadi","fs":32696,"ful":[{"lcp":983041,"lsc":"Latn","ltx":"Abadi"}],"gn":"Abadi","id":"23643452060","p":[2,11,6,4,2,1,4,2,2,4],"sub":[],"t":"ttf","u":[2147483651,0,0,0],"v":197263,"w":26215680},{"c":[1,0],"dn":"Abadi Extra Light","fs":22180,"ful":[{"lcp":983042,"lsc":"Latn","ltx":"Abadi Extra Light"}],"gn":"Abadi Extra Light","id":"17656736728","p":[2,11,2,4,2,1,4,2,2,4],"sub":[],"t":"ttf","u":[2147483651,0,0,0],"v":197263,"w":13108480}]},{"a":[4294966911],"f":"ADLaM Display","fam":[],"sf":[{"c":[536870913,0],"dn":"ADLaM Display Regular","fs":140072,"ful":[{"lcp":983040,"lsc":"Latn","ltx":"ADLaM Display"}],"gn":"ADLaM Display","id":"31965479471","p":[2,1,0,0,0,0,0,0,0,0],"sub":[],"t":"ttf","u":[2147491951,1107296330,0,0],"v":131072,"w":26215680}]},{"a":[4294966911],"f":"Agency FB","fam":[],"sf":[{"c":[536870913,0],"dn":"Agency FB Bold","fs":54372,"ful":[{"lcp":9830

                                                                                                      C:\Users\user\AppData\Local\Microsoft\FontCache\4\PreviewFont\flat_officeFontsPreview_4_40.ttf

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:TrueType Font data, 10 tables, 1st "OS/2", 7 names, Microsoft, language 0x409, \251 2018 Microsoft Corporation. All Rights Reserved.msofp_4_40RegularVersion 4.40;O365
                                                                                                      Category:dropped
                                                                                                      Size (bytes):773040
                                                                                                      Entropy (8bit):6.55939673749297
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:12288:Zn84XULLDs51UJQSOf9VvLXHyheIQ47gEFGHtAgk3+/cLQ/zhm1kjFKy6Nyjbqq+:N8XPDs5+ivOXgo1kYvyz2
                                                                                                      MD5:4296A064B917926682E7EED650D4A745
                                                                                                      SHA1:3953A6AA9100F652A6CA533C2E05895E52343718
                                                                                                      SHA-256:E04E41C74D6C78213BA1588BACEE64B42C0EDECE85224C474A714F39960D8083
                                                                                                      SHA-512:A25388DDCE58D9F06716C0F0BDF2AEFA7F68EBCA7171077533AF4A9BE99A08E3DCD8DFE1A278B7AA5DE65DA9F32501B4B0B0ECAB51F9AF0F12A3A8A75363FF2C
                                                                                                      Malicious:false
                                                                                                      Reputation:moderate, very likely benign file
                                                                                                      Preview:........... OS/29....(...`cmap.s.,.......pglyf..&....|....head2..........6hheaE.@v.......$hmtx...........@loca.U.....8...Dmaxp........... name.P+........post...<...... .........b~1_.<...........<......r......Aa...................Q....Aa....Aa.........................~...................................................3..............................MS .@.......(...Q................. ...........d...........0...J.......8.......>..........+a..#...,................................................/...K.......z...............N......*...!...-...+........z.......h..%^..3...&j..+...+%..'R..+..."....................k......$A...,.......g...&...=.......X..&........*......&....B..(B...............#.......j...............+...P...5...@...)..........#...)Q...............*...{.. ....?..'...#....N...7......<...;>.............. ]...........5......#....s.......$.......$.......^..................+...>....H.......%...7.......6.......O...V...........K......"........c...N......!...............$...&...*p..

                                                                                                      C:\Users\user\AppData\Local\Microsoft\Office\16.0\AddInClassifierCache\OfficeSharedEntities.bin

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                      Category:dropped
                                                                                                      Size (bytes):322260
                                                                                                      Entropy (8bit):4.000299760592446
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:6144:dztCFLNyoAHq5Rv2SCtUTnRe4N2+A/3oKBL37GZbTSB+pMZIrh:HMLgvKz9CtgRemO3oUHi3SBSMZIl
                                                                                                      MD5:CC90D669144261B198DEAD45AA266572
                                                                                                      SHA1:EF164048A8BC8BD3A015CF63E78BDAC720071305
                                                                                                      SHA-256:89C701EEFF939A44F28921FD85365ECD87041935DCD0FE0BAF04957DA12C9899
                                                                                                      SHA-512:16F8A8A6DCBAEAEFB88C7CFF910BCCC71B76A723CF808B810F500E28E543112C2FAE2491D4D209569BD810490EDFF564A2B084709B02963BCAF6FDF1AEEC59AC
                                                                                                      Malicious:false
                                                                                                      Preview:51253fe60063c31af0d295afb42228b0:v2:2:1:1590:2:8479:76bd602437550e98c9043d06a55186ab7d95dea5a0e935a599f73e62a8c9b158e0afcb19351f6c353940c06a38172b94d18c02cf92bb8a80184eccca0392b259ab3e71dae73e491c7941997cb36ad4a198661f622dad478d840f66d530a0dde78acea3367f91fff62fbb3dc18faff0c708ad30edef5bea8b22c5fd782b770d8993386eaa784fd19a3c3e1db3b537b1a94d3d4fbd46f8df8fddf6d16611969fe0a97c50e0f3ac24750c93257cf5c161184aa7385800c87d803b339632a3d8ec7fe17a0afd83ce9e9d0e3f7b8d579637928a811f1f7e6d1887df2ddc7d4f752c4d600235e426c92c7bf8a1362f95457998cc0e5d4261f0efa4fada0f866dbcefb407dacab7a2914e91c2f08200f38c2d9d621962145b1464b0f204b326118a53ecdcab22bff005fdd5257c99a6dc51ac0600a49f2ef782396987e78c08b846dad5db55e8ccefffc64863bc2c3e90b95a09d25d0814a848c98fe01a82d4e30e6682dd546e12c45ca0d280a45295ab4bd632dafb070edfdc3c9e38313d5aeb195972986f8011b66817028fd8c78b67a0ac7e780eecc3fb6a31f5a025b8a9a3db278a98c0696aeaac739b18688b0f9c7d751bba02cc5f4e41853fb119b3c0c915059aaa92971244a1989124f12881ca88e6410df70b793a2c3a736ff4

                                                                                                      C:\Users\user\AppData\Local\Microsoft\Office\16.0\AddInClassifierCache\OfficeSharedEntitiesUpdated.bin

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                      Category:dropped
                                                                                                      Size (bytes):10
                                                                                                      Entropy (8bit):2.6464393446710157
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:3:LNQdA:hGA
                                                                                                      MD5:D9673107D7F1613A9FDF0C4AA38526BE
                                                                                                      SHA1:E63B9A9F210070FEBBB65715DDA0A574AF9F4B81
                                                                                                      SHA-256:BB0F85CF4087079E14224D6593CD9CCCACC9F9DC4F8BEEC56BCAD24053030DD9
                                                                                                      SHA-512:3C7E969677BD5C405BA993B1B3AED1DCB87CE9739C65772B3E1FE3091EF60D4C9175D38F9D6569516B278CF28D832F08E39DE54D13C98D3BE97BF47907204CE1
                                                                                                      Malicious:false
                                                                                                      Preview:1728564117

                                                                                                      C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3034001, writer version 2, read version 2, file counter 2, database pages 1, cookie 0, schema 0, largest root page 1, unknown 0 encoding, version-valid-for 2
                                                                                                      Category:dropped
                                                                                                      Size (bytes):4096
                                                                                                      Entropy (8bit):0.09304735440217722
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:3:lSWFN3l/klslpEl9Xll:l9F8E+9
                                                                                                      MD5:D0DE7DB24F7B0C0FE636B34E253F1562
                                                                                                      SHA1:6EF2957FDEDDC3EB84974F136C22E39553287B80
                                                                                                      SHA-256:B6DC74E4A39FFA38ED8C93D58AADEB7E7A0674DAC1152AF413E9DA7313ADE6ED
                                                                                                      SHA-512:42D00510CD9771CE63D44991EA10C10C8FBCF69DF08819D60B7F8E7B0F9B1D385AE26912C847A024D1D127EC098904784147218869AE8D2050BCE9B306DB2DDE
                                                                                                      Malicious:false
                                                                                                      Preview:SQLite format 3......@ ..........................................................................K.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                      C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:SQLite Rollback Journal
                                                                                                      Category:dropped
                                                                                                      Size (bytes):4616
                                                                                                      Entropy (8bit):0.13784977103055013
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:3:7FEG2l+sK/FllkpMRgSWbNFl/sl+ltlslN04l9XllE:7+/lzSg9bNFlEs1E39M
                                                                                                      MD5:30234BF40C378CCE2C49A6D2254BC772
                                                                                                      SHA1:7291B9A78872D78C3C223C436CAD8C20F082EA1D
                                                                                                      SHA-256:EAD97EC27E700B263835823856225994C822F83B861344023BFBB8F17D2BFA21
                                                                                                      SHA-512:6EC0C62CFC9DF52C1927B35DDABF716752057D83074A30D5EFA66DC1C13662306D2FC10FF46A6D817F4328BB62F7755677C6DC32BB07A07E456647D54F245199
                                                                                                      Malicious:false
                                                                                                      Preview:.... .c.....2o.B....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................SQLite format 3......@ ..........................................................................K.................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                      C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-shm

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:data
                                                                                                      Category:dropped
                                                                                                      Size (bytes):32768
                                                                                                      Entropy (8bit):0.0446603401158491
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:6:G4l2MhFy8+4l2MhFy8PqL9XXPH4l942U:l2l8d2l8i5A0
                                                                                                      MD5:E7BD639A6E9C15818E68F26C996CEC63
                                                                                                      SHA1:6E37495144174E4EB0CB82FA96B82B7B0E77092E
                                                                                                      SHA-256:7C56C0D99D5D2BA4420070316F8B92FBA3354EC7608A79A1314A46DAB3B25BA0
                                                                                                      SHA-512:F364CE71373E38CD8329AB6DDACDB238ECEFBFD4F692120A9EBFA75C732510C56022C7DEECE224A4762CCF5975C104ECAEA1FB7F5EC97509CE6226D3AB022E1D
                                                                                                      Malicious:false
                                                                                                      Preview:..-.........................<.l...+9..&...Nd..u...-.........................<.l...+9..&...Nd..u.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                      C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-wal

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                      Category:modified
                                                                                                      Size (bytes):45352
                                                                                                      Entropy (8bit):0.396570392435988
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:24:KgFXAQMIzRDIyill7DBtDi4kZERDIyxqt8VtbDBtDi4kZERD:HAQjNill7DYMxxO8VFDYM
                                                                                                      MD5:E49BB193AFF4ECE82B29F2B8F5049BD8
                                                                                                      SHA1:E5D0F97249CAB866829C66062F231CB3BC83FCB3
                                                                                                      SHA-256:F38F747259D57C168E481FFE62A19FBF709EB66630FE318AC83D1817F1688A6B
                                                                                                      SHA-512:66AE6139E91D797DEA86298FDC0CF8C2A7898A8B99667C6E1DB210E636FF83A7879505AB07B2FD3216938DFDDA193EB83D40082419A9837E1E3395A385E188C3
                                                                                                      Malicious:false
                                                                                                      Preview:7....-............+9..&....%`!............+9..&..bb....7SQLite format 3......@ ..........................................................................K.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\9D6CBD1A.dat

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:PNG image data, 423 x 97, 8-bit/color RGBA, non-interlaced
                                                                                                      Category:dropped
                                                                                                      Size (bytes):12583
                                                                                                      Entropy (8bit):7.946884846402382
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:192:f3xJ+b17p29hR7YaiG8BnZLDdfAw/OliOYDsTGWGYWdR2WlcfvTAD8EfeF4kqH:fhJ8IDrQTHtAzxSsKlYyR2UTfeF+
                                                                                                      MD5:82C4F9B1EE2532CED9218A8230B02ACE
                                                                                                      SHA1:65C57B72D3ABC2F9196338595A3986385A77ACA2
                                                                                                      SHA-256:82CF0D93349DEC7A1899136888925544F69AF7DB9085BC7AB2078E303A94C1BB
                                                                                                      SHA-512:2EEA256D78F757ADF8730E7A03683BE862B55AB88BE26DADB85C890E26DB65C8A6FCB74C92A733BA1648C8719B2C04679EA582546D1E82979B6C9CD20B0D2520
                                                                                                      Malicious:false
                                                                                                      Preview:.PNG........IHDR.......a.....r)n....FiCCPICC Profile..H..W.XS...[RIh..H...R.K..E.T.FH..%. bW.Up."...(..@..,..?,.(.b....X...{.;.7..9s..Jf...N-O*.Cu....."BX...Y.....@.........h.e..wyw.ZC........=.P.....8S ..C...../...@.z.i.R%.....&..T...T.3.Je....x..d..'..@...YE.l.}.bW.@,.@..q _..@......%.v.!....qf.q.x.CX].J.b.4.7..l....<.`.;8h"Yd..f....QJL..G.....>.....=.(U..LV..|9...0!v..B. 6.8\.....gf..........I..ByX...VV..7..d....'S.U.P.&.5.7EB. ...QR.:g.Z$N..X.b.<71Jm...8..62E.2........5?69K..............X....%Ejxv.y... n.J..<B....Z...0u..%.$YS/.)-.I......k.q.0/B....T^.......T.....$u.xf.ol.:...D....,..#.... n.i..3..d ....F3....k"(..@$..!.....A..!.....T.E*.\...|....o..K2.-.<...?..a.yp(...cCM.F...e..Z....Hb8..7..q.<.^..p.}p..l..'<!t.....:.........b@'....9..q;......r.L....a$6..c{B-G......V.7]..Q\)(e.%............vH.k.P_9C3...|.i..G}o.-..b..c.Y. ..X.......R.U.X....%...<....ib*;)wmp.v...+..+...S ...g..Yl.........,wWw7.....c..S.~@........w.r....X.@+.K...........

                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\C967F653.dat

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:PNG image data, 346 x 117, 8-bit/color RGBA, non-interlaced
                                                                                                      Category:dropped
                                                                                                      Size (bytes):51905
                                                                                                      Entropy (8bit):7.993775811647558
                                                                                                      Encrypted:true
                                                                                                      SSDEEP:1536:R/xUTscCu3c0wuQJ7k8HpNP2T+shq9qYoaVi9zg:R/1cCuq71A+shuJViVg
                                                                                                      MD5:277DF12FC4595F71C1547C102D35500C
                                                                                                      SHA1:787606F044CD88BE8FEA2836F0FE75604D104694
                                                                                                      SHA-256:C45D845122D50A0EEBFA433B088D10B45FE61B3E932524B78D81D678D49F268E
                                                                                                      SHA-512:74952BD0FC18F129D530E938B86769385206B15C955419806C7BA678F7E991EF8CDD61A8C5E7B1FD355857D295AA5011EAA5F6CB71A7A2F745CF476C7C482998
                                                                                                      Malicious:false
                                                                                                      Preview:.PNG........IHDR...Z...u.......)!....sRGB....... .IDATx^...e.U%...&l.J[..U.*U.{.@...2..<.HH...1.0kVCwkX3...F...f......p=0j\#@B...I......gg.>...~....2+.VVFF|..}..{.>....eYa...G.5|A......S.|...oPU.....(...}.We....d..z.J...........@..@Y.*r.q.W-uE..(B.....eQ N".%._....(.@.o....5...}. s..=...=*.,.R.......<J.V@.w....r...VWR.y.,/........D6>.>......%...G..v0..a..C7."......$..T..S@?.....}.7_+F.9...:z/7(...'@...'....5....y..@..c.}.G..\....c..u..?...gK....I3.J^.^... .........nj^...x.9G ...s.....&...'.....M.zm./[...k....P.l... ..... K.h.......m).(..a...J..0....%a.k5@E`...k.s.'..O.k...Z.,..X.........6.aym..!Fy.".QE..d.....!...H._.\b..b.......a/.wCE...p+}..(..DU.8.b.Z....*..D .W...A.!F.$.6.'0....G!.'z.j.&LO.(.1.Z.n.p9..wT.....r.{U!&.r.......J.Oy..(Jt..di.....X.&...h.]..2p.k.3......y.M...7.`.s6"....x.... ..!\.6}O.......\.....f....-.......[.R...../.b-^=L.N.(I... ..W.....#.0F.H.).M.kN...Q..2...%..r.......9a.......*.'..A..HT...?..g`dJ.wq1#.(.,.........zlm.tXpc.q.#.

                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{06449F0E-441D-4BD5-8997-03F32AA50A48}.tmp

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:data
                                                                                                      Category:dropped
                                                                                                      Size (bytes):3764
                                                                                                      Entropy (8bit):3.0577789051694846
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:48:li7s+3w1TmLihC5T0fzXNhgggggkT2b9/AI2WM:li7st5Zhgggggko9YI2J
                                                                                                      MD5:6154FB6D8E89B9D2E502E657F5B5795D
                                                                                                      SHA1:AD557F3C6CC5F05AAEDA9CF65620AA30CE5094F8
                                                                                                      SHA-256:20F393E0C44EA0291D71C6A66EC0268E66939207E06A9C3528F70C9CFF8659A2
                                                                                                      SHA-512:F900F67EA3ACEF4AE6DE8C2F136D6130BA9DC50029C03B80F1DA40C82A65775F1E53BC5A3CDF66804E630D4465C8D6564E3CD013BEB6CF3B70139267DE932A37
                                                                                                      Malicious:false
                                                                                                      Preview:............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................@...D...L...N...................................................................................................................................................................................................................................................................................................$..$.If....:V.......t.....6......4........4........a....*...$..$.If........!v..h.#v....:V.......t.....6......5.......4........4........a.......-D..M.......................-

                                                                                                      C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1728564113853210200_38D7F205-5C57-48A1-8959-C4195BE2998A.log

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:ASCII text, with very long lines (28757), with CRLF line terminators
                                                                                                      Category:dropped
                                                                                                      Size (bytes):20971520
                                                                                                      Entropy (8bit):0.16474608948520722
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:1536:6tdMAibfZ0TfuOTRdnLJJGzBRmQlJ6uxZ3iWmojeXWEY6FOrwo2xAhbipGKqq9Fh:2KfGCOTLjFC6z6bq
                                                                                                      MD5:740D2641B6F7B9424B0BED08246FA86B
                                                                                                      SHA1:E945017E5689AD230D00CD991E540E3594839261
                                                                                                      SHA-256:123DFC78CECD22382A9C14B97CCC62A1FF94A27414DB36261DD2128C8189935B
                                                                                                      SHA-512:ABFE385DF5AE23D9BCAE00C5D4BAD30460FEF3E3CAD4CAFE8B8C96357D8A7B3F7F1332BDAD148483EFC1533E3C9BA126E76B1333B2206DE40692F7832B4D9713
                                                                                                      Malicious:false
                                                                                                      Preview:Timestamp.Process.TID.Area.Category.EventID.Level.Message.Correlation..10/10/2024 12:41:53.890.OUTLOOK (0x1A38).0x1A84.Microsoft Outlook.Telemetry Event.b7vzq.Medium.SendEvent {"EventName":"Office.Text.GDIAssistant.HandleCallback","Flags":30962256044949761,"InternalSequenceNumber":25,"Time":"2024-10-10T12:41:53.890Z","Contract":"Office.System.Activity","Activity.CV":"BfLXOFdcoUiJWcQZW+KZig.4.11","Activity.Duration":12,"Activity.Count":1,"Activity.AggMode":0,"Activity.Success":true,"Data.GdiFamilyName":"","Data.CloudFontStatus":6,"Data.CloudFontTypes":256}...10/10/2024 12:41:53.906.OUTLOOK (0x1A38).0x1A84.Microsoft Outlook.Telemetry Event.b7vzq.Medium.SendEvent {"EventName":"Office.Text.ResourceClient.Deserialize","Flags":30962256044949761,"InternalSequenceNumber":27,"Time":"2024-10-10T12:41:53.906Z","Contract":"Office.System.Activity","Activity.CV":"BfLXOFdcoUiJWcQZW+KZig.4.12","Activity.Duration":12236,"Activity.Count":1,"Activity.AggMode":0,"Activity.Success":true,"Data.JsonFileMajor

                                                                                                      C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1728564113854207800_38D7F205-5C57-48A1-8959-C4195BE2998A.log

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:data
                                                                                                      Category:dropped
                                                                                                      Size (bytes):20971520
                                                                                                      Entropy (8bit):0.0
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:3::
                                                                                                      MD5:8F4E33F3DC3E414FF94E5FB6905CBA8C
                                                                                                      SHA1:9674344C90C2F0646F0B78026E127C9B86E3AD77
                                                                                                      SHA-256:CD52D81E25F372E6FA4DB2C0DFCEB59862C1969CAB17096DA352B34950C973CC
                                                                                                      SHA-512:7FB91E868F3923BBD043725818EF3A5D8D08EBF1059A18AC0FE07040D32EEBA517DA11515E6A4AFAEB29BCC5E0F1543BA2C595B0FE8E6167DDC5E6793EDEF5BB
                                                                                                      Malicious:false
                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                      C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20241010T0841530636-6712.etl

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:data
                                                                                                      Category:dropped
                                                                                                      Size (bytes):106496
                                                                                                      Entropy (8bit):4.488778176932979
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:3072:k4mZ72gZYFyXHY+MJ9Ifv+dZ4Hd2vNdhlZxk4Y0HvD4mInRnlXJnjA:2ZYFyXHY+MJ9Ifv+dZ4Hd2vNdhlZxk4/
                                                                                                      MD5:A77BCD0952ED7AB336E5A75D0F4B9862
                                                                                                      SHA1:DFFF88EC65513BA103CD2EFAC47EA9A967AEA187
                                                                                                      SHA-256:FC4AA44DFD5E3DF096569EADB8276C10364152DD87886C5179C268DFE0B3F203
                                                                                                      SHA-512:D2D60C9554ADCD52C7DE43798FB7D3FC85EF9A83ADCBF513490E7B81FE5D403DEAD562594527ADDE5E8C4C0DB4E4D09FBCCD86330A8C67AA64687CE8ED5E0005
                                                                                                      Malicious:false
                                                                                                      Preview:............................................................................`.......8....Y......................eJ..............Zb..2...................................,...@.t.z.r.e.s...d.l.l.,.-.1.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.1.1.1..............................................................*.Y...........Y..............v.2._.O.U.T.L.O.O.K.:.1.a.3.8.:.9.e.f.9.6.b.3.9.4.5.3.a.4.d.8.4.8.d.1.a.4.0.2.9.7.d.f.1.d.d.b.c...C.:.\.U.s.e.r.s.\.c.a.l.i.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.O.u.t.l.o.o.k. .L.o.g.g.i.n.g.\.O.U.T.L.O.O.K._.1.6._.0._.1.6.8.2.7._.2.0.1.3.0.-.2.0.2.4.1.0.1.0.T.0.8.4.1.5.3.0.6.3.6.-.6.7.1.2...e.t.l.......P.P.....8....Y..............................................................................................................................................................................................................................................................................................................

                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Office\MSO3072.acl

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:data
                                                                                                      Category:dropped
                                                                                                      Size (bytes):30
                                                                                                      Entropy (8bit):1.2389205950315936
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:3:Telt:e
                                                                                                      MD5:7CB3C0545ACE82BE690BF80C90EB3944
                                                                                                      SHA1:00A1DB877D74CD3AE6CCD13A36E78F496EC92CC0
                                                                                                      SHA-256:4E252094343A7D06FAE0011139C5C0C400DBFA46C2A2827D84839A281556EEF9
                                                                                                      SHA-512:B675C0857C89D67ADF456DCFDC6A71B027BECFC886A0D4A17C521632C8128A70FFFCE04171F4DEB9268924ED10EEB1205A0C65C6E9FF4829E287CEE9F5EA4005
                                                                                                      Malicious:false
                                                                                                      Preview:..............................

                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Outlook\NoEmail.srs

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:Composite Document File V2 Document, Cannot read section info
                                                                                                      Category:dropped
                                                                                                      Size (bytes):16384
                                                                                                      Entropy (8bit):0.6694773661801112
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:12:rl3baFYVqLKeTy2MyheC8T23BMyhe+S7wzQP9zNMyhe+S7xMyheCEnVm:rymnq1Py961EVm
                                                                                                      MD5:112CCF629ACC9E2F5C1146002FF0DA5A
                                                                                                      SHA1:0A12C8D34131D22A3235149CC00245A7FBBCB405
                                                                                                      SHA-256:BCFA3D7BDFB7BB35044330ED98A75BF84D7F4805A9889463ECC8FC22851B31BE
                                                                                                      SHA-512:832CEA83FE21BB6BEB8E8783F63DCC27D41972E9F15541B20F5C63B6CB7AE0AB6D8F120E23F497A134B4FF26F8232FCC410C04B30FDC174E3105CAE6205B50AC
                                                                                                      Malicious:false
                                                                                                      Preview:......................>...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 11:42:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                      Category:dropped
                                                                                                      Size (bytes):2673
                                                                                                      Entropy (8bit):3.9816202991944696
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:48:8lbdKT26lHqidAKZdA1FehwiZUklqehVy+3:8lcTq2y
                                                                                                      MD5:6FE7E256168149A3F8A88A2AFD86BA39
                                                                                                      SHA1:4BB7A76081182D5D02FFD09230BC66ACB71FEA40
                                                                                                      SHA-256:854F944BCC51E10103A61AD1D2312E41B4FE4BE6BCF51E998025C36C95A1A875
                                                                                                      SHA-512:5C5D9C7493A565214CC9AC3E69E56F903CE5C3DEF240AB9AE2F81A7938906F5A371259A5DBC21BAB40F3E49C9B8B08D19DA27B92200530DC9304ED8FED496292
                                                                                                      Malicious:false
                                                                                                      Preview:L..................F.@.. ...$+.,.....~ .....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IJY0e....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VJYMe....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VJYMe....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VJYMe..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VJYNe...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............T.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 11:42:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                      Category:dropped
                                                                                                      Size (bytes):2675
                                                                                                      Entropy (8bit):3.993800067631335
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:48:8KbdKT26lHqidAKZdA1seh/iZUkAQkqehmy+2:8KcTE9Qry
                                                                                                      MD5:0334B2F7154670788BE609D3E502C7D1
                                                                                                      SHA1:D610CF3F4B62EA37D06C67239EA4155B32BE108B
                                                                                                      SHA-256:F2B2C4698637ABF70996EA160546375C2C6919D7F06B4A377E9D757C71C137BF
                                                                                                      SHA-512:DB48ED837984152297E410476001A7ED3046742331B9E81D2E85F5636984C20B2CB73F09C52DB211997E0DC4A05C4AC98A1E18966B3C0535654270C98473FC10
                                                                                                      Malicious:false
                                                                                                      Preview:L..................F.@.. ...$+.,............N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IJY0e....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VJYMe....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VJYMe....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VJYMe..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VJYNe...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............T.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                      Category:dropped
                                                                                                      Size (bytes):2689
                                                                                                      Entropy (8bit):4.00530806057263
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:48:8+dKT26AHqidAKZdA14meh7sFiZUkmgqeh7sMy+BX:83T/nyy
                                                                                                      MD5:0CF24C771B24D110DE33956A87B4D3A6
                                                                                                      SHA1:011991FD5A8F30C2D20B3458660E21E72A1426A1
                                                                                                      SHA-256:915715DA00A586587CF7370410D391FEA485C8F85DBAB5E4B241E7D2C1A66AB2
                                                                                                      SHA-512:D136A37B448B43885AC227BAFDB8C67F32141107F7E83F9308556298A4B6262113A43DFFA657F571AFA7D8FEF1EC70075F9945E224AC2015C8EC415C3181F229
                                                                                                      Malicious:false
                                                                                                      Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IJY0e....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VJYMe....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VJYMe....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VJYMe..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............T.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 11:42:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                      Category:dropped
                                                                                                      Size (bytes):2677
                                                                                                      Entropy (8bit):3.996837210218356
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:48:8ckbdKT26lHqidAKZdA1TehDiZUkwqeh6y+R:8ckcTfUy
                                                                                                      MD5:E9B82A0C5260EDD1791EB14E5E8CF953
                                                                                                      SHA1:477CB7AC33D26C351CB0CEC4BC985A2C1D81AC20
                                                                                                      SHA-256:23D6AA4F841285D2100492E9F999DE619C63E328491736BFA2FA93D42F72FFEC
                                                                                                      SHA-512:45702BFD7965A817370E38FA692B2F47AEA6644F4AB0D75AD9F10D3D4977D183282182DA905E2535C638F2F6410D133DE7262BFA9A3FC457652C659B4DA5667D
                                                                                                      Malicious:false
                                                                                                      Preview:L..................F.@.. ...$+.,............N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IJY0e....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VJYMe....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VJYMe....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VJYMe..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VJYNe...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............T.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 11:42:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                      Category:dropped
                                                                                                      Size (bytes):2677
                                                                                                      Entropy (8bit):3.984081389400462
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:48:8lbdKT26lHqidAKZdA1dehBiZUk1W1qeh4y+C:8lcT/9Yy
                                                                                                      MD5:F9C91B99B5E0C7891707E65B74673330
                                                                                                      SHA1:490398A0FE174346870509F5435929B7CBD591F8
                                                                                                      SHA-256:AA571DDC8E8AA1B3AEDE0BC9BB898FE124A368AE76A13FDD18FB8AE2D073AC97
                                                                                                      SHA-512:5C963484CCC97E570934A71DEB279D8CF3AC22643EFB74911602463A3490CBC0154A094D6E18AB8D570855BE095FE9104CE6AC0E9215425F4490883E2F8025B0
                                                                                                      Malicious:false
                                                                                                      Preview:L..................F.@.. ...$+.,...........N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IJY0e....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VJYMe....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VJYMe....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VJYMe..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VJYNe...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............T.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 10 11:42:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                      Category:dropped
                                                                                                      Size (bytes):2679
                                                                                                      Entropy (8bit):3.9885190352137414
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:48:8nbdKT26lHqidAKZdA1duTeehOuTbbiZUk5OjqehOuTbyy+yT+:8ncTDTfTbxWOvTbyy7T
                                                                                                      MD5:A17B7DBA552B6C2DC56EFF842295EDF9
                                                                                                      SHA1:88EBCC5A85BD419EAF5A071924192BD73B072B2C
                                                                                                      SHA-256:1622182C12255E96617D75EB0950C3C008EEFB14FFEDEE129B074D5DD9830D94
                                                                                                      SHA-512:73EC6E5B06AEAF4E26C51E79A05030661AB3115075AC46698D0110F2C66321573CC579BCD218773849DA9A9DB9D5F8BDB1D304A508F5181A69CD359C974BA30C
                                                                                                      Malicious:false
                                                                                                      Preview:L..................F.@.. ...$+.,.....L......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IJY0e....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VJYMe....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VJYMe....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VJYMe..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VJYNe...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............T.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                      C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:Microsoft Outlook email folder (>=2003)
                                                                                                      Category:dropped
                                                                                                      Size (bytes):271360
                                                                                                      Entropy (8bit):4.97559239338379
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:3072:iCKfEIn2YbMC9TfnsM2GkIFK3xCRp9Gx/p9:zHYlf9AM2VItR2/
                                                                                                      MD5:1398D1D08AC596BD8C3F98FFAAB2E25A
                                                                                                      SHA1:180451E2833AA1E6A5D739BD02834A9487AB689E
                                                                                                      SHA-256:99EA717AD792956722F751B82A025ED3217B949E7BA9623E9A139A9255D6441C
                                                                                                      SHA-512:2A52E7B3E52F3402E225E70F5AD00A67C52C6DDEF212C55FD6FA6F257EE1A181DD168FF91C0CE38329A8B74E6D06B4DEA96D95C5937F3F316D78D13D07810823
                                                                                                      Malicious:false
                                                                                                      Preview:!BDN...}SM......\...............H.......f................@...........@...@...................................@...........................................................................$.......D......................G...............D........~............................................................................................................................................................................................................................................................................................}..h......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                      C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp

                                                                                                      Download File
                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                      File Type:data
                                                                                                      Category:dropped
                                                                                                      Size (bytes):262144
                                                                                                      Entropy (8bit):4.266733218101383
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:1536:XDW53jEpEHP4qQ10PAwr1lgBU8xfXvPsMIqCIBjCMf8W2Phe2giMG89KuW53jEpj:X1p95r5vDC4zf5KM2Dkwcp9LyE
                                                                                                      MD5:48E9DAB873B5D02BB24626076586C877
                                                                                                      SHA1:704B796022FF17CD20FC8A73D3899B56E1620CAF
                                                                                                      SHA-256:6E62C526C0482E7F816AC372FBFD30DCA4D382E131B6FCD084C0DE1D170A498E
                                                                                                      SHA-512:E798D122FE4B85E43A42914CD09973D28C882BD9093FCC9B4B7EDF1A951591E0DA3235B055610D54FB4264289B117D97C8F6FDE58AD5CE1CFFA56F52B7953B01
                                                                                                      Malicious:false
                                                                                                      Preview:._".C...q.......8....V........................#.!BDN...}SM......\...............H.......f................@...........@...@...................................@...........................................................................$.......D......................G...............D........~............................................................................................................................................................................................................................................................................................}..h...V...........B............#.........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                      Chrome Cache Entry: 73

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:SVG Scalable Vector Graphics image
                                                                                                      Category:dropped
                                                                                                      Size (bytes):1108
                                                                                                      Entropy (8bit):4.620441648817938
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:24:twn8ztusAI55S8PSfxHnxjo2MRkGDVBJyB54GFJEE4GTMwlF8WgxRt:68/NI4WxH5aIlTlFgR
                                                                                                      MD5:6AFB13186E9A763923D81539AC40DFD5
                                                                                                      SHA1:C60F20D279378ED3DA708B6B6BD501A1A8254BAE
                                                                                                      SHA-256:3888AB1A5C21B5177EF0C6D4F879C7BC9539C772F134FED8766E0E8B1FE8FACF
                                                                                                      SHA-512:2B71A30172F7EB601949FE0EF29C8F55BB37B5EF4A33104B8E99F12AAE7068B9FEEECD8B8E168528924480D053555BB5F6B48DFBFAAAFFB64928161A7DCFA25C
                                                                                                      Malicious:false
                                                                                                      Preview:<svg width="208" height="110" viewBox="0 0 208 110" fill="none" xmlns="http://www.w3.org/2000/svg">.<path d="M17.3327 5.42983L17.3325 5.42996C15.2463 6.64668 13.5169 8.39066 12.3177 10.4869C11.1185 12.5832 10.4918 14.9579 10.5003 17.3729C10.5089 19.788 11.1524 22.1583 12.3664 24.246C13.5802 26.3334 15.3216 28.0648 17.4159 29.2667C17.4162 29.2669 17.4165 29.2671 17.4169 29.2673L25.6477 33.9463L54.4554 16.9637L25.643 0.577082L17.3327 5.42983Z" stroke="#F8F3F0"/>.<path d="M117.924 57.1595L87.5606 39.7288L57.7597 57.4469L87.848 74.5652L117.924 57.1595Z" fill="#F8F3F0"/>.<path d="M87.8459 108.826L116.923 91.998L87.5651 75.1446L58.7541 92.2741L87.8459 108.826Z" stroke="#F8F3F0"/>.<path d="M207.275 39.4307L176.912 22L147.099 39.7181L177.187 56.8364L207.275 39.4307Z" fill="#F8F3F0"/>.<path d="M148.011 108.826L177.1 91.9979L147.742 75.1446L118.919 92.2742L148.011 108.826Z" stroke="#F8F3F0"/>.<path d="M60.1641 93.4932L29.8009 76L-1.90735e-05 93.7181L11.1581 100.066C16.9185 103.342 23.4361 105.05

                                                                                                      Chrome Cache Entry: 74

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:SVG Scalable Vector Graphics image
                                                                                                      Category:downloaded
                                                                                                      Size (bytes):3897
                                                                                                      Entropy (8bit):4.939684101691333
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:48:c3UknLhEnH9LuCH9LuzH9Lue+P/hlc/SDM6Yr9wFlYKwNusa4uhFNWupyNR9yNXj:xknCnl8I3cmY5nudcjRal4Ju
                                                                                                      MD5:7DFEED736D6A66B947A8D7DD6E776EB2
                                                                                                      SHA1:D44FBB142B9943F5732E372BACC8E12225857732
                                                                                                      SHA-256:E56E9E257859DE5DE4DF546FA0F47526CE55B72BF4B12EE2AAFF44D3A63A2A18
                                                                                                      SHA-512:D31CB064871ABF6C72E2134BD26416B401BB57EC36E3B2E2BE126611E9E3875A4EF9EF5D0418FEBC31B5C81959927DD0D904D87B7F3EECD73FBCF665F69BB72B
                                                                                                      Malicious:false
                                                                                                      URL:https://stats.sender.net/img/sender-logo-coloured.svg
                                                                                                      Preview:<?xml version="1.0" encoding="UTF-8"?>.<svg version="1.1" viewBox="0 0 673.88 196.48" xml:space="preserve" xmlns="http://www.w3.org/2000/svg" xmlns:cc="http://creativecommons.org/ns#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"><metadata><rdf:RDF><cc:Work rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type rdf:resource="http://purl.org/dc/dcmitype/StillImage"/></cc:Work></rdf:RDF></metadata><defs><linearGradient id="c" x2="1" gradientTransform="matrix(-1039.7 -1039.7 -1039.7 1039.7 2010.7 1472.7)" gradientUnits="userSpaceOnUse"><stop stop-color="#f57724" offset="0"/><stop stop-color="#ed1e24" offset="1"/></linearGradient><linearGradient id="b" x2="1" gradientTransform="matrix(-1307.1 -1307.1 -1307.1 1307.1 1442.4 1171.8)" gradientUnits="userSpaceOnUse"><stop stop-color="#f57724" offset="0"/><stop stop-color="#ed1e24" offset="1"/></linearGradient><linearGradient id="a" x2="1" gradientTransform="matrix(-202.55 -202.55 -202.55

                                                                                                      Chrome Cache Entry: 75

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:RIFF (little-endian) data, Web/P image
                                                                                                      Category:downloaded
                                                                                                      Size (bytes):21702
                                                                                                      Entropy (8bit):7.986450524379623
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:384:9HAxODiSxah//aMsfc6eIWdRsvv/gKjaoTI/O+YVmsSqh6vJqb8vw2+:/01iRLeIYsXYBR/OFVTjcs8vwL
                                                                                                      MD5:45299E83AE30B9807C5C8C9EC5642D3B
                                                                                                      SHA1:84D8A2FD843BA0C566829BB3113460353A98307C
                                                                                                      SHA-256:92E68E3B34A4FBA6DFF4054C841ECE330A0D7C97A5C29DF46A70292C60FC08A6
                                                                                                      SHA-512:CA62CDE68E82179FD94023F90E2834A2FA00BEEF2A471AB9F311C0CA72EAAA6B06AADAD1E8545BDACB0F22BACA18EFE188F93F88897589B296074F33214D406B
                                                                                                      Malicious:false
                                                                                                      URL:https://stats.sender.net/img/compressed/error-occurred.webp
                                                                                                      Preview:RIFF.T..WEBPVP8L.T../9.n......D...T....1.j..R.%.-.J..mK........5.U.\....\.jE........]...Pu.=.l9...@...mkj.k....hk..nntS.m...k|.......?.~../..*^..].sU.......'.d.aD.PK+..P...+).gDqx.....hq....a.M..w....p..2\......e.t.n..a...7......7n...0.&.4.......y$...2.F....[.#.~.Q.l.H%W..p....6s..A~A..$.H$..L. ....E(....]T#..n..A[A..4..$...f.N\P.T.P.....T...*RP ....A..d..2$.$.P`..'.~vY..<..^.....s.,.ifRU.h.......9.|.p..a......G.p..5lr.N...5.Z.....s.......G._....o..?.j....x....6.i..r2)~g}.x......o?...1x...9/6...@.G..b....w#..H...^U.g..jS....p)..s.....ze.H...fE|D..Y.....3..F....ZL..[....#.xY.h./S_....s..?]....\=..u...R.d<.d:.d../'..Z.. ..j.jk.p..6;3.....k....;...p.0...=._..>...AeX....>..M....o.W9..6r......#..........=+3#...*..2......../....O.{6....m....mi.p".bf.B...._...3..f.0-.'.-C8if..)...*im...s.MuZZ.QU...F.JV."E.2....56?.O.....,3.^ff^.Ae,..d.qx...2....,.....b.J.*...G.X..2.Ru.....{.s.......VS....Ma.o.../J......3g..KGn.}.Sy..6.$.r....l.n."....MZJ.....?_.m+.d

                                                                                                      Chrome Cache Entry: 76

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:SVG Scalable Vector Graphics image
                                                                                                      Category:downloaded
                                                                                                      Size (bytes):1108
                                                                                                      Entropy (8bit):4.620441648817938
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:24:twn8ztusAI55S8PSfxHnxjo2MRkGDVBJyB54GFJEE4GTMwlF8WgxRt:68/NI4WxH5aIlTlFgR
                                                                                                      MD5:6AFB13186E9A763923D81539AC40DFD5
                                                                                                      SHA1:C60F20D279378ED3DA708B6B6BD501A1A8254BAE
                                                                                                      SHA-256:3888AB1A5C21B5177EF0C6D4F879C7BC9539C772F134FED8766E0E8B1FE8FACF
                                                                                                      SHA-512:2B71A30172F7EB601949FE0EF29C8F55BB37B5EF4A33104B8E99F12AAE7068B9FEEECD8B8E168528924480D053555BB5F6B48DFBFAAAFFB64928161A7DCFA25C
                                                                                                      Malicious:false
                                                                                                      URL:https://stats.sender.net/img/vectors/vector-group.svg
                                                                                                      Preview:<svg width="208" height="110" viewBox="0 0 208 110" fill="none" xmlns="http://www.w3.org/2000/svg">.<path d="M17.3327 5.42983L17.3325 5.42996C15.2463 6.64668 13.5169 8.39066 12.3177 10.4869C11.1185 12.5832 10.4918 14.9579 10.5003 17.3729C10.5089 19.788 11.1524 22.1583 12.3664 24.246C13.5802 26.3334 15.3216 28.0648 17.4159 29.2667C17.4162 29.2669 17.4165 29.2671 17.4169 29.2673L25.6477 33.9463L54.4554 16.9637L25.643 0.577082L17.3327 5.42983Z" stroke="#F8F3F0"/>.<path d="M117.924 57.1595L87.5606 39.7288L57.7597 57.4469L87.848 74.5652L117.924 57.1595Z" fill="#F8F3F0"/>.<path d="M87.8459 108.826L116.923 91.998L87.5651 75.1446L58.7541 92.2741L87.8459 108.826Z" stroke="#F8F3F0"/>.<path d="M207.275 39.4307L176.912 22L147.099 39.7181L177.187 56.8364L207.275 39.4307Z" fill="#F8F3F0"/>.<path d="M148.011 108.826L177.1 91.9979L147.742 75.1446L118.919 92.2742L148.011 108.826Z" stroke="#F8F3F0"/>.<path d="M60.1641 93.4932L29.8009 76L-1.90735e-05 93.7181L11.1581 100.066C16.9185 103.342 23.4361 105.05

                                                                                                      Chrome Cache Entry: 77

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:SVG Scalable Vector Graphics image
                                                                                                      Category:dropped
                                                                                                      Size (bytes):801
                                                                                                      Entropy (8bit):4.671035276083725
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:24:tAYDDuBlUDla0s6bGeuNGjJ1+BNGm1AwU:vDi0sgqv9S
                                                                                                      MD5:564A7F44F5912C58F688C788855B4EFE
                                                                                                      SHA1:40B37B80AE91ADE5982B691F8B42A3B8E3F3B3AC
                                                                                                      SHA-256:1649AE705B570522F7AA00AAEE848BDEC024822C39B6D4C84E1CF4FFB48A6C06
                                                                                                      SHA-512:024807CDBEAC093918CF960A0FBE99F4F0BFA0976F54D4BFB67BE0B6762BA8C2A0059E60DEE91B6CB3BB661B2EBFC33316CBF64F2BF55052A33D543B9D6AF625
                                                                                                      Malicious:false
                                                                                                      Preview:<svg width="82" height="114" viewBox="0 0 82 114" fill="none" xmlns="http://www.w3.org/2000/svg">.<path d="M17.7461 4.9084L17.7459 4.90853C15.8853 5.9937 14.3429 7.54913 13.2733 9.41875C12.2038 11.2884 11.6448 13.4064 11.6524 15.5603C11.66 17.7142 12.234 19.8282 13.3168 21.6902C14.3993 23.5519 15.9524 25.0962 17.8202 26.1681C17.8205 26.1683 17.8209 26.1685 17.8212 26.1687L25.1668 30.3446L50.8656 15.1947L25.1635 0.577082L17.7461 4.9084Z" stroke="#F8F3F0"/>.<path d="M28.0977 66.4227L0.902157 50.8104L-25.7897 66.6801L1.15956 82.0125L28.0977 66.4227Z" fill="#F8F3F0"/>.<path d="M1.15744 112.638L27.0964 97.6267L0.906576 82.5918L-24.7953 97.8728L1.15744 112.638Z" stroke="#F8F3F0"/>.<path d="M55.0486 112.638L80.9986 97.6266L54.8089 82.5918L29.096 97.8729L55.0486 112.638Z" stroke="#F8F3F0"/>.</svg>.

                                                                                                      Chrome Cache Entry: 78

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:Web Open Font Format (Version 2), TrueType, length 68956, version 2.32767
                                                                                                      Category:downloaded
                                                                                                      Size (bytes):68956
                                                                                                      Entropy (8bit):7.996948952615057
                                                                                                      Encrypted:true
                                                                                                      SSDEEP:1536:bO5cyFJccdE82S4WLO6PaExqPAK9N+GKzeAwc7qE+6JKcL0dzHOJnTz4EZ:GcyoS4WLI9NbKzeANquL4aJTz4q
                                                                                                      MD5:9C1ACA0D3F7E29E25A05B3799F3D14DC
                                                                                                      SHA1:6DA26EF84E51EA45022A9F25FAB790D9BC648CCF
                                                                                                      SHA-256:4889BED9299840D1C7A2D663D0C90F4741991D5F70A290CCC636B84411FA5FDD
                                                                                                      SHA-512:5E968EF1D33651088DC79EA2A944A84E94AF95239864E148B1E6C2CBA550B229DFA7958440AEE3DC79A45892602EEC4F6CAB785250210914B7D2A93DB846D697
                                                                                                      Malicious:false
                                                                                                      URL:https://stats.sender.net/fonts/suisseintl-semibold-webxl.woff2
                                                                                                      Preview:wOF2.......\......................................L...$..v.._.`...."..s.....(..d...(.6.$..l..8.. ..$. ...[-....2v....:...............h.O.............@..s..X/.e..........c..H{w....n.s?.2]a9+!...9.3.sI).Z!.C......M1..`..`D1%..........v..K.U.7....p..8R.UJ.....`.8A..-0..m9...n.r..i.n....f.9..*H.......9.0U_.K}S....fK8,..!yY.v)E=%Gk.*..s..3~..Ww.D...]F~>.?%:....<oF..'....(vTH..,:&.['5..O.....9a...|>.?7_..e..#F.DL.S*.dJ....!'.N?.......,.......Bb..0R.......R.@,U.X.h.....b@.gHt...os.o..-.t.....S..}n.......?.+{...>._t.-.S6/..a.R.U../.{j..z.NNb.C.?#U..y....$S...(....X.8..d..$! ;T.`...[.f.$.q.d.Fc.d.<.1.{..IE....>0qIy.....Z.W=U=...."i...Pm....QQQ.@G...<...y?...3................b.f."*&&.....)..C(.2.$w6..O.0..mv..a.`.E..+...^..b!"F...b..B....+.1]...)....K;..K.(8..ap.'.PG.......!.....)...#..S..H r.....m.~.....N.0..o.Y;.U.>........v-..pt..M.`..{N?....,.,.e.....$M.I.:o:D.......pa..K^..~.ve.f.....m.ym..l.......R..`c.l............F.F.W......._.....Z..U..p....Li.

                                                                                                      Chrome Cache Entry: 79

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:SVG Scalable Vector Graphics image
                                                                                                      Category:downloaded
                                                                                                      Size (bytes):801
                                                                                                      Entropy (8bit):4.671035276083725
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:24:tAYDDuBlUDla0s6bGeuNGjJ1+BNGm1AwU:vDi0sgqv9S
                                                                                                      MD5:564A7F44F5912C58F688C788855B4EFE
                                                                                                      SHA1:40B37B80AE91ADE5982B691F8B42A3B8E3F3B3AC
                                                                                                      SHA-256:1649AE705B570522F7AA00AAEE848BDEC024822C39B6D4C84E1CF4FFB48A6C06
                                                                                                      SHA-512:024807CDBEAC093918CF960A0FBE99F4F0BFA0976F54D4BFB67BE0B6762BA8C2A0059E60DEE91B6CB3BB661B2EBFC33316CBF64F2BF55052A33D543B9D6AF625
                                                                                                      Malicious:false
                                                                                                      URL:https://stats.sender.net/img/vectors/vector-group-2.svg
                                                                                                      Preview:<svg width="82" height="114" viewBox="0 0 82 114" fill="none" xmlns="http://www.w3.org/2000/svg">.<path d="M17.7461 4.9084L17.7459 4.90853C15.8853 5.9937 14.3429 7.54913 13.2733 9.41875C12.2038 11.2884 11.6448 13.4064 11.6524 15.5603C11.66 17.7142 12.234 19.8282 13.3168 21.6902C14.3993 23.5519 15.9524 25.0962 17.8202 26.1681C17.8205 26.1683 17.8209 26.1685 17.8212 26.1687L25.1668 30.3446L50.8656 15.1947L25.1635 0.577082L17.7461 4.9084Z" stroke="#F8F3F0"/>.<path d="M28.0977 66.4227L0.902157 50.8104L-25.7897 66.6801L1.15956 82.0125L28.0977 66.4227Z" fill="#F8F3F0"/>.<path d="M1.15744 112.638L27.0964 97.6267L0.906576 82.5918L-24.7953 97.8728L1.15744 112.638Z" stroke="#F8F3F0"/>.<path d="M55.0486 112.638L80.9986 97.6266L54.8089 82.5918L29.096 97.8729L55.0486 112.638Z" stroke="#F8F3F0"/>.</svg>.

                                                                                                      Chrome Cache Entry: 80

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:SVG Scalable Vector Graphics image
                                                                                                      Category:dropped
                                                                                                      Size (bytes):3897
                                                                                                      Entropy (8bit):4.939684101691333
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:48:c3UknLhEnH9LuCH9LuzH9Lue+P/hlc/SDM6Yr9wFlYKwNusa4uhFNWupyNR9yNXj:xknCnl8I3cmY5nudcjRal4Ju
                                                                                                      MD5:7DFEED736D6A66B947A8D7DD6E776EB2
                                                                                                      SHA1:D44FBB142B9943F5732E372BACC8E12225857732
                                                                                                      SHA-256:E56E9E257859DE5DE4DF546FA0F47526CE55B72BF4B12EE2AAFF44D3A63A2A18
                                                                                                      SHA-512:D31CB064871ABF6C72E2134BD26416B401BB57EC36E3B2E2BE126611E9E3875A4EF9EF5D0418FEBC31B5C81959927DD0D904D87B7F3EECD73FBCF665F69BB72B
                                                                                                      Malicious:false
                                                                                                      Preview:<?xml version="1.0" encoding="UTF-8"?>.<svg version="1.1" viewBox="0 0 673.88 196.48" xml:space="preserve" xmlns="http://www.w3.org/2000/svg" xmlns:cc="http://creativecommons.org/ns#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"><metadata><rdf:RDF><cc:Work rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type rdf:resource="http://purl.org/dc/dcmitype/StillImage"/></cc:Work></rdf:RDF></metadata><defs><linearGradient id="c" x2="1" gradientTransform="matrix(-1039.7 -1039.7 -1039.7 1039.7 2010.7 1472.7)" gradientUnits="userSpaceOnUse"><stop stop-color="#f57724" offset="0"/><stop stop-color="#ed1e24" offset="1"/></linearGradient><linearGradient id="b" x2="1" gradientTransform="matrix(-1307.1 -1307.1 -1307.1 1307.1 1442.4 1171.8)" gradientUnits="userSpaceOnUse"><stop stop-color="#f57724" offset="0"/><stop stop-color="#ed1e24" offset="1"/></linearGradient><linearGradient id="a" x2="1" gradientTransform="matrix(-202.55 -202.55 -202.55

                                                                                                      Chrome Cache Entry: 81

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:HTML document, ASCII text
                                                                                                      Category:downloaded
                                                                                                      Size (bytes):2955
                                                                                                      Entropy (8bit):4.947787096769878
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:48:mMW0RuRVRNRhsjvydQvpTZ6YdR6FwyutyudzxL65rYkrDrY/reLrYhrY/rmF:XDupNLsLiw6YdQ+DddL65rYkrDrY/rew
                                                                                                      MD5:B466939C0189393CE047AC91FA448EDA
                                                                                                      SHA1:F051DEA42FF215555BE44BDF1AF20CD7947C440D
                                                                                                      SHA-256:D927AA31D8F6C57AD03C05E3F8FB3B2B7B8BD52F195D1AA4906DF5E4C5A94FB5
                                                                                                      SHA-512:EAF4642789CD65CF9369D6696C3FF410FE81AA06588F44188BE883D97BFD43FB79E5F36B526A25CB0781BD32C457BEF5E327A661DF66E64ED2B1CB47069667FB
                                                                                                      Malicious:false
                                                                                                      URL:https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d
                                                                                                      Preview:<!DOCTYPE html>.<html lang="en">.<head>. <meta charset="UTF-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <meta http-equiv="X-UA-Compatible" content="ie=edge">. <title>Sender.net - Page Not Found</title>.. <link rel="stylesheet" href="https://stats.sender.net/css/styles.css" />. <link rel="preload" href="https://stats.sender.net/fonts/suisseintl-regular-webxl.woff2" as="font" crossorigin="anonymous" />. <link rel="preload" href="https://stats.sender.net/fonts/suisseintl-semibold-webxl.woff2" as="font" crossorigin="anonymous" />.</head>...<body>.<div>. <div class="container">. <div class="logo-cont d-flex flex-justify-center">. <a href="https://www.sender.net/" title="Sender.net Homepage">. <img src="https://stats.sender.net/img/sender-logo-coloured.svg" alt="Sender logo">. </a>. </div>. <div class="hero text-center">. <h1 class="mb-24 mb-md-16">Page Not Found</h1>

                                                                                                      Chrome Cache Entry: 82

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:RIFF (little-endian) data, Web/P image
                                                                                                      Category:dropped
                                                                                                      Size (bytes):21702
                                                                                                      Entropy (8bit):7.986450524379623
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:384:9HAxODiSxah//aMsfc6eIWdRsvv/gKjaoTI/O+YVmsSqh6vJqb8vw2+:/01iRLeIYsXYBR/OFVTjcs8vwL
                                                                                                      MD5:45299E83AE30B9807C5C8C9EC5642D3B
                                                                                                      SHA1:84D8A2FD843BA0C566829BB3113460353A98307C
                                                                                                      SHA-256:92E68E3B34A4FBA6DFF4054C841ECE330A0D7C97A5C29DF46A70292C60FC08A6
                                                                                                      SHA-512:CA62CDE68E82179FD94023F90E2834A2FA00BEEF2A471AB9F311C0CA72EAAA6B06AADAD1E8545BDACB0F22BACA18EFE188F93F88897589B296074F33214D406B
                                                                                                      Malicious:false
                                                                                                      Preview:RIFF.T..WEBPVP8L.T../9.n......D...T....1.j..R.%.-.J..mK........5.U.\....\.jE........]...Pu.=.l9...@...mkj.k....hk..nntS.m...k|.......?.~../..*^..].sU.......'.d.aD.PK+..P...+).gDqx.....hq....a.M..w....p..2\......e.t.n..a...7......7n...0.&.4.......y$...2.F....[.#.~.Q.l.H%W..p....6s..A~A..$.H$..L. ....E(....]T#..n..A[A..4..$...f.N\P.T.P.....T...*RP ....A..d..2$.$.P`..'.~vY..<..^.....s.,.ifRU.h.......9.|.p..a......G.p..5lr.N...5.Z.....s.......G._....o..?.j....x....6.i..r2)~g}.x......o?...1x...9/6...@.G..b....w#..H...^U.g..jS....p)..s.....ze.H...fE|D..Y.....3..F....ZL..[....#.xY.h./S_....s..?]....\=..u...R.d<.d:.d../'..Z.. ..j.jk.p..6;3.....k....;...p.0...=._..>...AeX....>..M....o.W9..6r......#..........=+3#...*..2......../....O.{6....m....mi.p".bf.B...._...3..f.0-.'.-C8if..)...*im...s.MuZZ.QU...F.JV."E.2....56?.O.....,3.^ff^.Ae,..d.qx...2....,.....b.J.*...G.X..2.Ru.....{.s.......VS....Ma.o.../J......3g..KGn.}.Sy..6.$.r....l.n."....MZJ.....?_.m+.d

                                                                                                      Chrome Cache Entry: 83

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:Web Open Font Format (Version 2), TrueType, length 68316, version 2.32767
                                                                                                      Category:downloaded
                                                                                                      Size (bytes):68316
                                                                                                      Entropy (8bit):7.997124335291101
                                                                                                      Encrypted:true
                                                                                                      SSDEEP:1536:giF8ETh3JEwSFImKgzIWSGQNxpbnKr/JUzuwFDBx:giFTh3JcFvsGMjKNU6wFDBx
                                                                                                      MD5:B5C7CF1C74AA9B19421670F7E0986D67
                                                                                                      SHA1:540C72F2F67AB5247CD45AD2D2D9E5E388F8A854
                                                                                                      SHA-256:595C9B95CC4D52B94A19987DC9F2E2743C4E74F140510B04A91A9602C6E5BDDF
                                                                                                      SHA-512:058367BD3D8F98063558A6F78591EF7F0199DC51CA8F0D48A2A5C92B0C7931FEFAF5ED388A3FEED14F04A3AB477149C911E9FC14575D1A356E22DE3AC8FCB9D7
                                                                                                      Malicious:false
                                                                                                      URL:https://stats.sender.net/fonts/suisseintl-regular-webxl.woff2
                                                                                                      Preview:wOF2..................q..........................L......v.._.`....$..s........"...(.6.$..l..8.. ..$. ..7[.....2v}...a.1...s..W.8....n...Uv.~..kU..87'....Wd...........%..*.-P[w....f..L.T.F..L..+..2.r4W*.h>.Lge.Q...).&.K...Z..F.09.q=`+S..i.=..d.:5nun...J.6".CU...u.>.O.T.o.v..lA....D\./..7..DM.q....h....[.....g...\m...0.A.Z..H.U.tvVq?)gb......Imi.}.+.N.Y..<-.L...G/01z.......#c!6b..k(.6.._D....m<..fD....O.Q......|...y.b.!....==..X....U..E..i.3!..I..b..f...8.]e^.c.........J.........$6I..6..<.Z...O$.1..B.@S.JSI..V.`T..._!._...K.l2.2...\pJH.*....&\.........J.~....=h.2..k...'./.O...O.\w...w....R.p.sa...............*.E.j.......`...o9...g...{...Hd.....`.k...A.b.:OOp......d.gM.SZZ?=@s.6pb%H..".%...z......1....F.1`DMZZ.QQ...tB.<...w..... ..B..P.[.WF........b.m.Q..#.h.........QX..)1.E..Y..hm.. <..G%..?...<.T.....*...1..p.......(.......>...T..m.?..lg{...yd.$V.o.............9H.$.."..A.^....+zjj.F... ..X........JN....Y....Q.%YlY.....>p.p+..8w..:eX.c.

                                                                                                      Chrome Cache Entry: 84

                                                                                                      Download File
                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      File Type:assembler source, ASCII text
                                                                                                      Category:downloaded
                                                                                                      Size (bytes):8333
                                                                                                      Entropy (8bit):4.798772317609426
                                                                                                      Encrypted:false
                                                                                                      SSDEEP:192:Qr+7sXrO9pdQcgvkhBkWcn9VrxKejcogCi8SwRMOL+/6:SXWpcWaxKejcNBzzOL+C
                                                                                                      MD5:0021185F2B750FEE3930EA674E53FF8D
                                                                                                      SHA1:1ED183067471046904279D867F8358D09A0718FD
                                                                                                      SHA-256:A9AF6CCC7986217BF89585732B962366ECF4AA4867866B4D37821B3566DFE46C
                                                                                                      SHA-512:1080B9E7F4988894E2C44FCCFFAC3242EF0737C28F6EED7EB837589ABB5CABE57503681A16406A40FBBB5BFEFAF421A2F903A0D6EE18F9D10D3BEF7F38D61215
                                                                                                      Malicious:false
                                                                                                      URL:https://stats.sender.net/css/styles.css
                                                                                                      Preview:/* todo: split into multiple stylesheets to include only needed styles per page */..* {. box-sizing: border-box;.}..body {. margin: 0;. -webkit-font-smoothing: antialiased;. -moz-osx-font-smoothing: grayscale;. font-family: 'suisseintl', sans-serif;. color: #7E7F8F;. background-color: #F8F3F0;.}.@font-face {. font-family: 'suisseintl';. src: url('../fonts/suisseintl-regular-webxl.woff2') format('woff2'),. url('../fonts/suisseintl-regular-webxl.woff') format('woff');. font-weight: normal;. font-style: normal;.}..@font-face {. font-family: 'suisseintl';. src: url('../fonts/suisseintl-semibold-webxl.woff2') format('woff2'),. url('../fonts/suisseintl-semibold-webxl.woff') format('woff');. font-weight: 600;. font-style: normal;.}..h1, p {. margin: 0;.}...h1 {. font-weight: 600;. font-size: 56px;. line-height: 64px;. color: #0A083B;.}..p {. font-size: 20px;. line-height: 32px;.}...break-word {. word-break: bre

                                                                                                      Static File Info

                                                                                                      General

                                                                                                      File type:ASCII text, with very long lines (347), with CRLF line terminators
                                                                                                      Entropy (8bit):6.096297076513513
                                                                                                      TrID:
                                                                                                        File name:QUOTE 452362.eml
                                                                                                        File size:115'990 bytes
                                                                                                        MD5:c5da031682d07545611f4336226a24cf
                                                                                                        SHA1:ed3e66f0f96f0efffcff680c9279a3865a0f0745
                                                                                                        SHA256:23b733192fc8d50db460b5e20058bfde80c709ec8a978566905bf7644ec20a67
                                                                                                        SHA512:424688f2258935406ea943ce3fe1541609e42446427eaaf0179b3da37bdccd2e1bb8f7c94150b8239cef41ce6549b4a4482669c0321c7f17194f588182c50f72
                                                                                                        SSDEEP:3072:8YP9MBraVoUFVSOXSVWfGNQjovyEwRx/p:8e9MuuOXy3Nbstp
                                                                                                        TLSH:2CB3F2B027121972AA101E107B1CBA197E71BD0F517B94D1B8FF524E56BEFFA2D90B80
                                                                                                        File Content Preview:Authentication-Results: relay.mimecast.com;...dkim=none;...arc=pass ("microsoft.com:s=arcselector10001:i=1");...dmarc=none;...spf=pass (relay.mimecast.com: domain of colin.joyce@bridge-care.com designates 40.107.121.137 as permitted sender) smtp.mailfrom=

                                                                                                        Static Mail

                                                                                                        General

                                                                                                        Subject:QUOTE 452362
                                                                                                        From:Colin Joyce <colin.joyce@bridge-care.com>
                                                                                                        To:Colin Joyce <colin.joyce@bridge-care.com>
                                                                                                        Cc:
                                                                                                        BCC:
                                                                                                        Date:Tue, 08 Oct 2024 09:43:24 +0000
                                                                                                        Communications:
                                                                                                        • [A picture containing graphical user interface Description automatically generated]<https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d> Hi, Please see attached and get back to me Kind Regards Colin Joyce MCIHT Senior Project Manager m: +44 (0)7793 589 721 www.bridge-care.co.uk<http://www.bridge-care.co.uk/> [A blue logo with a curved line Description automatically generated] Address Royds Works, 184 Attercliffe Road, Sheffield, S4 7WZ, UK ________________________________ Company Name: ASG Highways Ltd trading as Bridgecare Registered Office: Royds Works, 184 Attercliffe Road, Sheffield, S4 7WZ UK Company Registration: 14858741 VAT Number: 450 6006 30
                                                                                                        Attachments:
                                                                                                        • image001.png
                                                                                                        • image002.png

                                                                                                        Headers

                                                                                                        Key Value
                                                                                                        Authentication-Resultsrelay.mimecast.com; dkim=none; arc=pass ("microsoft.com:s=arcselector10001:i=1"); dmarc=none; spf=pass (relay.mimecast.com: domain of colin.joyce@bridge-care.com designates 40.107.121.137 as permitted sender) smtp.mailfrom=colin.joyce@bridge-care.com
                                                                                                        Receivedfrom CWXP123MB3879.GBRP123.PROD.OUTLOOK.COM ([fe80::df29:319d:9426:c55]) by CWXP123MB3879.GBRP123.PROD.OUTLOOK.COM ([fe80::df29:319d:9426:c55%7]) with mapi id 15.20.8026.020; Tue, 8 Oct 2024 09:43:24 +0000
                                                                                                        X-MC-UniqueGVZEKBH0OQy7s3MgctFECg-1
                                                                                                        ARC-Seali=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Ljim2vGhtkmi0g4i70+Wuhz0l5g/q50faL0r+ZBqDfMWi+8Dpmc/x6GHln8FYyECSD6Yqzg478PCvdKEKqrrygXW1dWeKzQBeUebJFJj/PyJET+vSUHId3MgLrb6YFLv57CzODNEPZOYV9GWdYdb41OnKYVwX3iSUre9GXgQMMjEw6XRnou/yP771AceINp9j+Dm1VKotJlvcGETBh8icy8gEg/jlBijzF4aE+/8dfS6aNN+oLKOO1HWmr53o3U1PVGTtoqaeR5iAwKR4WS9GtzIAO7giGYzjfs4y4+mcxzeXbFp8+GNulq07w8hfIIM1DBpdWvt9aOIT+0wPEe2aQ==
                                                                                                        ARC-Message-Signaturei=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0plMvEcFrKLFUZ7QTqetKaHfQOlh+xCaMpUnuoPCLt4=; b=ku+NJLC0y3S7F6u3Xu1c3GO/fPNHdZ6PPug+3lEFC6fOiZx3V5OKOK4B+I0NRnxkUEJ9Qwnr9MCD0U0/cBT8fVB2iDRDxLKgsdDzNJIwr/1bAeR8HoiJE1Qznei2DfemOpeaYe0woxiXk73AUuX3ZtxusNyX1S/F+PdZkJsgJHVV8f7VgKtzruFFx6LWFEx7MS7iMUTh//6ARbUIYG2bP3mpmjcvNzINSecc7DLaWkU0bV9Frz2Uv4hD3yB0OM0fQuqJMQ2ivU44rkYu0frZP2p7DAxTfXunsHJeH/ZfF+ozyWqWGMbpWDfoJ03rV7lDFCc1lMDFOoz8Vyc9dnt9BQ==
                                                                                                        ARC-Authentication-Resultsi=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=bridge-care.com; dmarc=pass action=none header.from=bridge-care.com; dkim=pass header.d=bridge-care.com; arc=none
                                                                                                        FromColin Joyce <colin.joyce@bridge-care.com>
                                                                                                        ToColin Joyce <colin.joyce@bridge-care.com>
                                                                                                        SubjectQUOTE 452362
                                                                                                        Thread-TopicQUOTE 452362
                                                                                                        Thread-IndexAQHbGWaEpDemU9Id/kCUPSBurAi1OQ==
                                                                                                        Importancehigh
                                                                                                        X-Priority1
                                                                                                        DateTue, 08 Oct 2024 09:43:24 +0000
                                                                                                        Message-ID<90FEA98E-0B26-415B-8DC5-C46FE335539C@bridge-care.com>
                                                                                                        Accept-Languageen-GB, en-US
                                                                                                        X-MS-Has-Attachyes
                                                                                                        X-MS-TNEF-Correlator
                                                                                                        x-ms-publictraffictypeEmail
                                                                                                        x-ms-traffictypediagnosticCWXP123MB3879:EE_|LO0P123MB7766:EE_
                                                                                                        x-ms-office365-filtering-correlation-id0932229d-c664-4ba9-5c19-08dce77da755
                                                                                                        x-ms-exchange-senderadcheck1
                                                                                                        x-ms-exchange-antispam-relay0
                                                                                                        x-microsoft-antispamBCL:0;ARA:13230040|7416014|376014|1800799024|366016|38070700018
                                                                                                        x-microsoft-antispam-message-infoP0i97PCDlLI6RsLgbggwD6AVoyex6srzEFAXZQB81VUJbydxGXUQVfYw6KZM6HDZDVRu6Ppmyda/4CgVdGMFPRZEh0j0Z9s8cZwdie40NwlspoTARUB0mV/HYb8N2eRKCh3qaDzhLKqJ0KQa/PjDhr97TZDM3/LtYBsMU+bGytUte3yPADLdeUUk0vhHS3j4neBs3T38GAp80wnInvMBw2VbLc0iZGlPLn7wzJNQzaTmorFVeJxGSgrSlJ95wMToXnWGTqtlILWkieZkrdLmTU7TtFOGjqE5gvHGtSxgi1+XClC62DM5VDbndDOBPWWe50OsahvKaYnxX695Qc22KdHJxpn4HZBiyDOVnlPG6vQRrWSFV50fYrFkog37JcQ9AaIWAoU2UpZq8yJ9FWwpWlzdTn7NmIhtMeGHWoZ2UAFqAvIrPYzqbUP97pVHCvjR6i+MAbgldcTDJ06Qao3BABwkkE+o98u+fFqIGi1AIdjqd4hP3TckdZDX3mACOZoFgUokqzsEDQZ5fAClyv6JAOqL2h3tDkZ8B1PqfF3s4inX1p3x8nc6r6fGKmGyrpUDu/twvKic3n+EjCNG9lrjJ4Z3QMx3XPLp+vUG09pbnVMgAXxf0uaQcbS0AzTw8S0COidsDM7Eo6nDIvFHJQeViT7X3Es45Bf+ZnLeiewl0SzXIyf+k3Zho4I+KHr25N5zcXmSwwW4K+GQWzHkXk967rQ5itXJnPTHHIIWYXVvFSFFhn1emY5E68Q8JvvHWl6QJo2EoRz2dWBI7hnM9gcprpnVH4wxFjtUhEDT82NkzN+efPzQhVX7tXbIoJgEMxHmTuHK2D6hgUKXkJ2eNDMl2hgZ7jqBOVg+LMyxx1KSRL45vdgh5ja4JClSTfhOOzr3qSf8BY07lDlht0mkBUuKtlu8QL0n26OUC9H6oknXOtrMPDpW1EMXSHwzwFjYqn/5IWo1wOA45PH3LEZE/gTR3cv3Msi6yGUtMJc97591gCoU8dQbJ2x34MsKOpONCNFj/xfwqaMGxSNUnoe0Myd63iJnA8MehCBoyHGPzwUhM9Xg5j0IdwavOSO4SlpXzFNRCXAJOaXr6wUQDpphutURqi57vqPZ16KkLeqfJ+FTRAW5ma+Pl00oo2Qg2v3PVCLXxPlw2O3kU8dPGEVlw/MLCyJssovCsNrb4kt0LadQUMBWVIDJGfwv8ORNBk/5yKJSi8Wv15CBwORA4NcVdzMYVPOm/IKdA3ikfbVtX2r6c3eCa4r6KwP/LRO9VmdS8YZ6zRxlD6fg86kWvXCmwgV4Yg==
                                                                                                        x-forefront-antispam-reportCIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CWXP123MB3879.GBRP123.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(7416014)(376014)(1800799024)(366016)(38070700018);DIR:OUT;SFP:1102
                                                                                                        x-ms-exchange-antispam-messagedata-chunkcount1
                                                                                                        x-ms-exchange-antispam-messagedata-003BriZGrY1njmK7oIF7xmaIdPsO2s03ixbkvuX/CpMzpFcFLfOKnsuZ6IwZXsS5fwi0FE/4LsLM6Ma4C/DCRU2z2tlUJgXVTF4YSW6xYBiBLId0Ae0I9iseBOaqghSqOSSQh07ceMxuGq7KazRrh4aE5wqFhFenQtkwcsITvCNd3hCpM3AyjrpfCOkrxCCB7xq+kZj400RNjAQNsXpFS4zOBAcKkeD1odzLERJwLiLexO6x98RPbuGlMIo0YclbGnrvpt1UAr7WvHCAOX5y8or8UMc2eodI4Oq6ny/rPf/dK47h/ao8qWXbWGjltLkf8L27/5YQXJDJvgnzvJWb6twOWDz41UwS9BDtK0DX2j3DavHixhOsDvdfN5UOUwozB4yjwYFNzALmAvNBkBSfefwknSQmnNroFTCfJrg7Slmd9/MQjQH8eSi7eZBxBRb8QYQjIARudKI9MAwu12YI3Xrg6FawUuYiumi3uNeoUp98cdJL0fHC4mV40BdoIx81O+fUcBISuezQRm43dRMG5OWYIAeVgCPak5m1SaNdLzBDeoM5eK7inNJvZfuxiFpG5LxA/CupSY1KJCoMOg3MXO9bp9x6W9o6mjAfxQ+tO0/h+rADqR+wGCqXOrH/tyZBL7upEszjYJzgT5ioDwiERd8Nqn6jbHvlVxFV9IAjhXnCIzySet+mehvKdUkLewk2iIz0e8ZosZAUnNfAHG18/bAGpOp3SgHJKRwxAVWTKZaz2zLQzevnA1V8dAaayE0dCE8lHArmJcs0ET0jw9gW3b0d1q2zjd8BI0how3MUBh1Xb4Swnb875NkXHZl2qzRKSrDVHPoFIIQietjwjFCtrOfzjIamoFVVr63F+AjXKxWDe1wKlrF5GDWIIHGuVNM/g2vvMFTUs0jaweY87FqYB8VTp4dnKFiM80iUps/jDK9X/lFx9TNKB3uwhucilkOZKl/nVu0+TTqynzMs3BwKBEQm58vrjIKs/InO1F8fHy17fH5wl6Ge+drFiZyV03ezDp25IPL1scfRk3Jfe5jnDVx1dHKd+yALlHEGVzfa37oFGdIQQamwClldSU2xYr/sCGbkJkt/9oVF2bxtD7szNnnrAPIPHNGi6rpT01vEMFBszuUowFFTT0YauT+kAnUtJ5kzbpNfxpFQJFf57M7OR2UV7Vp7yioLLs2EFhWs+t9jgsY9TvRvSEfyWQJq03wchXqUinQvb6sPhX+EWU0rTmY7wNKxZAvtANXte9tDI7ot2JsBVYNQAOj10HHk/11xG28M0nDCxSnaB1kQVzeQ4S6H/Jf2U87QSQBRRyR3WPiEqdKmXwx+rQn4+G19UvOOyeiwDJLhdHnuUdjijMpipDbCxMEoNLAyGR6TO2JW0ZpgNkvNxtTUq7CZzAPBLsdSeJAQfcmyb1SOnNsOiD1FB7EYomDxyZoJnZE6GdCs4OxmCs2Iz/d9I8oe8PVv1bOe7oB/ZPYHotfiwQuLYgT9TX5H1+uzC1zmfnCn0K14EEkxY7hr5l1bwkNisW8yTChsgeTSbhRa5ppYbqe5rnI3AyT5lvB/D9HSNAq6ITGFOsWX6NVIVo65YAXmzUkLkQV15MaoRU+o3uZYdeHvfpgYoyQ==
                                                                                                        MIME-Version1.0
                                                                                                        X-OriginatorOrgbridge-care.com
                                                                                                        X-MS-Exchange-CrossTenant-AuthAsInternal
                                                                                                        X-MS-Exchange-CrossTenant-AuthSourceCWXP123MB3879.GBRP123.PROD.OUTLOOK.COM
                                                                                                        X-MS-Exchange-CrossTenant-Network-Message-Id0932229d-c664-4ba9-5c19-08dce77da755
                                                                                                        X-MS-Exchange-CrossTenant-originalarrivaltime08 Oct 2024 09:43:24.3861 (UTC)
                                                                                                        X-MS-Exchange-CrossTenant-fromentityheaderHosted
                                                                                                        X-MS-Exchange-CrossTenant-idde9fe840-b9a9-44da-aed4-463746cf750b
                                                                                                        X-MS-Exchange-CrossTenant-mailboxtypeHOSTED
                                                                                                        X-MS-Exchange-CrossTenant-userprincipalname+/YvuTjFmEr98QS+Y4JIc8nhaWLch2kFG7oEhKeZlylyweH1BHl6i8mHac1h3aIDifpDVyB22wNBsxm8TIBGhk5uDI4Loab4lTzXih7eYFs=
                                                                                                        X-MS-Exchange-Transport-CrossTenantHeadersStampedLO0P123MB7766
                                                                                                        X-Mimecast-Spam-Score6
                                                                                                        Content-Languageen-US
                                                                                                        Content-Typemultipart/related; boundary="_005_90FEA98E0B26415B8DC5C46FE335539Cbridgecarecom_"; type="multipart/alternative"

                                                                                                        File Icon

                                                                                                        Icon Hash:46070c0a8e0c67d6

                                                                                                        Network Behavior

                                                                                                        Network Port Distribution

                                                                                                        TCP Packets

                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                        Oct 10, 2024 14:41:55.013655901 CEST49673443192.168.2.16204.79.197.203
                                                                                                        Oct 10, 2024 14:41:55.326044083 CEST49673443192.168.2.16204.79.197.203
                                                                                                        Oct 10, 2024 14:41:55.938040972 CEST49673443192.168.2.16204.79.197.203
                                                                                                        Oct 10, 2024 14:41:57.143021107 CEST49673443192.168.2.16204.79.197.203
                                                                                                        Oct 10, 2024 14:41:58.070611000 CEST4968980192.168.2.16192.229.211.108
                                                                                                        Oct 10, 2024 14:41:59.549022913 CEST49673443192.168.2.16204.79.197.203
                                                                                                        Oct 10, 2024 14:42:00.364141941 CEST49706443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:00.364171982 CEST4434970620.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:00.364248037 CEST49706443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:00.378635883 CEST49706443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:00.378643990 CEST4434970620.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:01.166352034 CEST4434970620.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:01.166445017 CEST49706443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:01.199958086 CEST49706443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:01.199987888 CEST4434970620.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:01.200318098 CEST4434970620.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:01.201493979 CEST49706443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:01.201540947 CEST49706443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:01.201596022 CEST4434970620.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:01.523817062 CEST4434970620.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:01.523849964 CEST4434970620.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:01.523906946 CEST4434970620.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:01.523977041 CEST49706443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:01.523978949 CEST4434970620.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:01.524029970 CEST49706443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:01.524621010 CEST49706443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:01.524650097 CEST4434970620.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:01.524672985 CEST49706443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:01.524678946 CEST4434970620.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:01.657104015 CEST49708443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:01.657206059 CEST4434970820.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:01.657318115 CEST49708443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:01.657620907 CEST49708443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:01.657651901 CEST4434970820.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.055635929 CEST49709443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:02.055651903 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.055727005 CEST49709443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:02.056725025 CEST49709443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:02.056731939 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.430984020 CEST4434970820.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.431560993 CEST49708443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:02.431586981 CEST4434970820.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.432766914 CEST49708443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:02.432771921 CEST4434970820.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.432794094 CEST49708443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:02.432804108 CEST4434970820.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.704794884 CEST4434970820.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.704968929 CEST4434970820.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.705023050 CEST4434970820.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.705092907 CEST49708443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:02.705094099 CEST49708443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:02.705132008 CEST4434970820.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.705163002 CEST4434970820.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.705212116 CEST49708443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:02.705405951 CEST49708443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:02.705431938 CEST4434970820.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.705440998 CEST49708443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:02.705446959 CEST4434970820.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.751828909 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.751914024 CEST49709443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:02.753876925 CEST49709443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:02.753895044 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.754304886 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.806025982 CEST49709443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:02.829636097 CEST49709443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:02.846796036 CEST49711443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:02.846899033 CEST4434971120.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.847007036 CEST49711443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:02.847433090 CEST49711443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:02.847467899 CEST4434971120.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:02.871416092 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.072815895 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.072844982 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.072851896 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.072875977 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.072887897 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.072894096 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.072916031 CEST49709443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:03.072951078 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.072973013 CEST49709443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:03.073025942 CEST49709443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:03.073658943 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.073720932 CEST49709443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:03.073729992 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.073837996 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.073888063 CEST49709443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:03.087596893 CEST49709443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:03.087614059 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.087630033 CEST49709443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:03.087635994 CEST4434970920.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.174633026 CEST49678443192.168.2.1620.189.173.10
                                                                                                        Oct 10, 2024 14:42:03.478030920 CEST49678443192.168.2.1620.189.173.10
                                                                                                        Oct 10, 2024 14:42:03.649991989 CEST4434971120.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.650084019 CEST49711443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:03.658884048 CEST49711443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:03.658926964 CEST4434971120.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.659166098 CEST4434971120.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.660736084 CEST49711443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:03.660785913 CEST49711443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:03.660818100 CEST4434971120.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.964415073 CEST4434971120.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.964440107 CEST4434971120.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.964473009 CEST4434971120.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.964515924 CEST49711443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:03.964567900 CEST4434971120.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.964602947 CEST49711443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:03.964826107 CEST4434971120.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.964972973 CEST49711443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:03.965135098 CEST49711443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:03.965135098 CEST49711443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:03.965178013 CEST4434971120.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:03.965200901 CEST4434971120.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:04.021006107 CEST49713443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:04.021044016 CEST4434971320.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:04.021128893 CEST49713443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:04.021281004 CEST49713443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:04.021295071 CEST4434971320.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:04.083172083 CEST49678443192.168.2.1620.189.173.10
                                                                                                        Oct 10, 2024 14:42:04.355000973 CEST49673443192.168.2.16204.79.197.203
                                                                                                        Oct 10, 2024 14:42:05.054964066 CEST4434971320.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:05.055504084 CEST49713443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:05.055542946 CEST4434971320.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:05.056302071 CEST49713443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:05.056308985 CEST4434971320.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:05.056379080 CEST49713443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:05.056386948 CEST4434971320.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:05.293051958 CEST49678443192.168.2.1620.189.173.10
                                                                                                        Oct 10, 2024 14:42:05.434678078 CEST4434971320.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:05.434746027 CEST4434971320.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:05.434798002 CEST4434971320.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:05.434820890 CEST49713443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:05.434839010 CEST4434971320.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:05.434855938 CEST49713443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:05.435194016 CEST4434971320.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:05.435197115 CEST49713443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:05.435214996 CEST49713443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:05.435250998 CEST4434971320.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:05.435260057 CEST49713443192.168.2.1620.190.160.14
                                                                                                        Oct 10, 2024 14:42:05.435276031 CEST4434971320.190.160.14192.168.2.16
                                                                                                        Oct 10, 2024 14:42:07.658185005 CEST4968080192.168.2.16192.229.211.108
                                                                                                        Oct 10, 2024 14:42:07.706015110 CEST49678443192.168.2.1620.189.173.10
                                                                                                        Oct 10, 2024 14:42:07.961049080 CEST4968080192.168.2.16192.229.211.108
                                                                                                        Oct 10, 2024 14:42:08.569013119 CEST4968080192.168.2.16192.229.211.108
                                                                                                        Oct 10, 2024 14:42:09.779031992 CEST4968080192.168.2.16192.229.211.108
                                                                                                        Oct 10, 2024 14:42:12.191085100 CEST4968080192.168.2.16192.229.211.108
                                                                                                        Oct 10, 2024 14:42:12.508053064 CEST49678443192.168.2.1620.189.173.10
                                                                                                        Oct 10, 2024 14:42:13.958003044 CEST49673443192.168.2.16204.79.197.203
                                                                                                        Oct 10, 2024 14:42:16.993052006 CEST4968080192.168.2.16192.229.211.108
                                                                                                        Oct 10, 2024 14:42:22.110030890 CEST49678443192.168.2.1620.189.173.10
                                                                                                        Oct 10, 2024 14:42:25.880206108 CEST49714443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:25.880275011 CEST44349714172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:25.880343914 CEST49714443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:25.881339073 CEST49714443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:25.881351948 CEST44349714172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:26.373765945 CEST44349714172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:26.374301910 CEST49714443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:26.374346972 CEST44349714172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:26.375325918 CEST44349714172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:26.375420094 CEST49714443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:26.378345966 CEST49714443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:26.378386021 CEST49714443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:26.378436089 CEST44349714172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:26.378448963 CEST49714443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:26.378484011 CEST49714443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:26.379044056 CEST49718443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:26.379091024 CEST44349718172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:26.379148006 CEST49718443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:26.379375935 CEST49718443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:26.379398108 CEST44349718172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:26.603949070 CEST4968080192.168.2.16192.229.211.108
                                                                                                        Oct 10, 2024 14:42:26.850004911 CEST44349718172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:26.850346088 CEST49718443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:26.850378036 CEST44349718172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:26.851372004 CEST44349718172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:26.851449013 CEST49718443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:26.853435040 CEST49718443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:26.853534937 CEST44349718172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:26.855109930 CEST49718443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:26.855118990 CEST44349718172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:26.907013893 CEST49718443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:27.100939035 CEST44349718172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.101207972 CEST44349718172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.101241112 CEST44349718172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.101265907 CEST49718443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:27.101289034 CEST44349718172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.101346016 CEST44349718172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.101393938 CEST49718443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:27.103037119 CEST49718443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:27.103055000 CEST44349718172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.114713907 CEST49719443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.114762068 CEST4434971935.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.114836931 CEST49719443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.115264893 CEST49719443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.115283012 CEST4434971935.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.133981943 CEST49720443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.134035110 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.134111881 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.134159088 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.134191036 CEST49720443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.134219885 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.134255886 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.134263039 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.134432077 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.134536982 CEST49720443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.134548903 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.134685040 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.134700060 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.134828091 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.134836912 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.600104094 CEST4434971935.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.600253105 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.600428104 CEST49719443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.600441933 CEST4434971935.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.600600004 CEST49720443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.600616932 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.601578951 CEST4434971935.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.601655960 CEST49719443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.601675034 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.601727009 CEST49720443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.602793932 CEST49719443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.602861881 CEST4434971935.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.604259968 CEST49720443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.604336023 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.604424000 CEST49719443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.604432106 CEST4434971935.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.604535103 CEST49720443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.604545116 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.610626936 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.612035036 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.613305092 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.613312006 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.613441944 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.613450050 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.614312887 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.614387035 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.614500046 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.614553928 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.614921093 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.614984035 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.615243912 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.615309000 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.615436077 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.615443945 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.615534067 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.615539074 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.655976057 CEST49719443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.655976057 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.655988932 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.655998945 CEST49720443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.745440006 CEST4434971935.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.745517969 CEST4434971935.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.745663881 CEST49719443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.745949984 CEST49719443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.745965004 CEST4434971935.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.745991945 CEST49719443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.746014118 CEST49719443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.746644974 CEST49723443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.746689081 CEST4434972335.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.746773005 CEST49723443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.747050047 CEST49723443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:27.747064114 CEST4434972335.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.768121958 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.768162966 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.768197060 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.768217087 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.768224955 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.768237114 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.768260956 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.768548012 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.768600941 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.768613100 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.768712997 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.768764019 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.768773079 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.769299984 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.769354105 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.769364119 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.786082983 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.786137104 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.786180973 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.786215067 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.786227942 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.786236048 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.786271095 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.786278009 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.786282063 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.786309004 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.786344051 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.786384106 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.786389112 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.786978960 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.787030935 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.787039995 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.788275957 CEST49724443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.788324118 CEST44349724104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.788398981 CEST49724443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.788815022 CEST49725443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.788883924 CEST44349725104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.789048910 CEST49726443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.789089918 CEST44349726104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.789122105 CEST49725443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.789381981 CEST49724443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.789396048 CEST44349724104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.789426088 CEST49726443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.789606094 CEST49725443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.789638996 CEST44349725104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.789836884 CEST49726443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.789865017 CEST44349726104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.791012049 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.791107893 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.791116953 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.814950943 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.814959049 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.838534117 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.838582993 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.838613987 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.838643074 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.838656902 CEST49720443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.838675022 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.838705063 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.838725090 CEST49720443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.838736057 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.838767052 CEST49720443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.838773012 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.838819027 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.838857889 CEST49720443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.839832067 CEST49720443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.839848995 CEST44349720104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.841816902 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.841861963 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.841986895 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.842200041 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.842211008 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.846978903 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.859060049 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.859105110 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.859132051 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.859138012 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.859169960 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.859184027 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.859220982 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.859255075 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.859271049 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.859282017 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.859397888 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.859843969 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.860229969 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.860263109 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.860277891 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.860285997 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.860321999 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.860373974 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.860382080 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.860428095 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.860862017 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.860914946 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.861067057 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.861098051 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.861110926 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.861128092 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.861139059 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.861165047 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.861308098 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.861315012 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.876940966 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.877106905 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.877139091 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.877202034 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.877213001 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.877259016 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.877518892 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.877655983 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.877712011 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.877721071 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.877916098 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.877948999 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.877963066 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.877968073 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.878031969 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.878036976 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.878155947 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.878197908 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.878204107 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.878760099 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.878788948 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.878810883 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.878815889 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.878921032 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.878926039 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.878954887 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.879064083 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.879069090 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.879703999 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.879734039 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.879755020 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.879760027 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.879820108 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.879836082 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.901209116 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.901257992 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.901278019 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.901294947 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.901340008 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.923974037 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.923980951 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.951426983 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.951513052 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.951546907 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.951575994 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.951603889 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.951602936 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.951617956 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.951641083 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.951680899 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.951688051 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.951797009 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.951848030 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.951854944 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.951898098 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.952028036 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.952084064 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.952143908 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.952179909 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.952183962 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.952213049 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.952263117 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.952270031 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.952299118 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.952308893 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.952343941 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.952502012 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.952516079 CEST44349722104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.952538013 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.952559948 CEST49722443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.968050003 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.968091965 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.968127966 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.968128920 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.968188047 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.968215942 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.968491077 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.968501091 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.968542099 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.968549967 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.968570948 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.968625069 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.968628883 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.968861103 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.968864918 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.968970060 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.969016075 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.969019890 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.969074011 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.969122887 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.969388008 CEST49721443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:27.969397068 CEST44349721104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.225785017 CEST4434972335.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.226139069 CEST49723443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:28.226156950 CEST4434972335.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.226488113 CEST4434972335.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.226886988 CEST49723443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:28.226953030 CEST4434972335.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.227080107 CEST49723443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:28.245573997 CEST44349726104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.245870113 CEST49726443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.245934963 CEST44349726104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.247014046 CEST44349726104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.247112989 CEST49726443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.247464895 CEST49726443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.247539997 CEST44349726104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.247684956 CEST49726443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.249757051 CEST44349725104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.250094891 CEST49725443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.250114918 CEST44349725104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.250475883 CEST44349725104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.250809908 CEST49725443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.250889063 CEST44349725104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.250988007 CEST49725443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.255842924 CEST44349724104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.256072044 CEST49724443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.256086111 CEST44349724104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.256406069 CEST44349724104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.256839037 CEST49724443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.256902933 CEST44349724104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.257000923 CEST49724443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.271399021 CEST4434972335.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.289007902 CEST49726443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.289053917 CEST44349726104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.295399904 CEST44349725104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.303411007 CEST44349724104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.305001020 CEST49724443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.323187113 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.323463917 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.323482990 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.324525118 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.324589014 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.324975014 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.325040102 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.325140953 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.325148106 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.336972952 CEST49726443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.357567072 CEST4434972335.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.358035088 CEST49723443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:28.358088017 CEST4434972335.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.358164072 CEST49723443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:42:28.368980885 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.392220020 CEST44349725104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.392355919 CEST44349725104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.392541885 CEST49725443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.393166065 CEST49725443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.393197060 CEST44349725104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.399756908 CEST44349726104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.399806023 CEST44349726104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.399835110 CEST44349726104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.399903059 CEST49726443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.399926901 CEST44349726104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.399955988 CEST44349726104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.399980068 CEST49726443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.400015116 CEST49726443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.400867939 CEST49726443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.400883913 CEST44349726104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.409385920 CEST49729443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.409411907 CEST44349729104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.409527063 CEST49729443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.409579992 CEST49730443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.409590960 CEST44349730104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.409627914 CEST49730443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.409852028 CEST49729443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.409862995 CEST44349729104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.410018921 CEST49730443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.410027027 CEST44349730104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.411276102 CEST44349724104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.411375999 CEST44349724104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.411716938 CEST49724443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.411999941 CEST49724443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.412019014 CEST44349724104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.414441109 CEST49731443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.414478064 CEST44349731104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.414546013 CEST49731443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.414800882 CEST49731443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.414819002 CEST44349731104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.479470015 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.479521990 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.479562044 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.479584932 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.479621887 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.479620934 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.479652882 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.479667902 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.479768038 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.480146885 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.480638027 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.480674982 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.480696917 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.480725050 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.480748892 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.480762005 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.485675097 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.485742092 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.485769033 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.528984070 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.568015099 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.568089962 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.568191051 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.568209887 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.568638086 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.568685055 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.568692923 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.568725109 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.568763018 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.569005966 CEST49727443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.569019079 CEST44349727104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.574362993 CEST49732443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:28.574398041 CEST44349732172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.574455023 CEST49732443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:28.574757099 CEST49732443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:28.574768066 CEST44349732172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.576395035 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.576427937 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.576546907 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.576827049 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.576842070 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.872807026 CEST44349731104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.873110056 CEST49731443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.873136997 CEST44349731104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.873428106 CEST44349729104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.873622894 CEST49729443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.873646021 CEST44349729104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.874206066 CEST44349731104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.874269962 CEST49731443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.874567986 CEST49731443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.874634027 CEST44349731104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.874649048 CEST44349729104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.874746084 CEST49729443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.875078917 CEST49729443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.875137091 CEST49731443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.875152111 CEST44349731104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.875159025 CEST44349729104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.875206947 CEST49729443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.896637917 CEST44349730104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.897038937 CEST49730443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.897056103 CEST44349730104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.898065090 CEST44349730104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.898194075 CEST49730443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.898541927 CEST49730443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.898607969 CEST44349730104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.898731947 CEST49730443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.898739100 CEST44349730104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.915410042 CEST44349729104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.924957991 CEST49731443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.925080061 CEST49729443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.925086975 CEST44349729104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.939975023 CEST49730443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:28.970978975 CEST49729443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.017117023 CEST44349729104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.017168045 CEST44349729104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.017225981 CEST49729443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.017235994 CEST44349729104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.017385960 CEST44349729104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.017472982 CEST44349729104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.017554998 CEST49729443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.017554998 CEST49729443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.018285990 CEST49729443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.018299103 CEST44349729104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.024393082 CEST44349731104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.024504900 CEST44349731104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.024559021 CEST49731443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.025146961 CEST49731443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.025175095 CEST44349731104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.035962105 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.036226988 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.036307096 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.037389994 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.037460089 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.037533045 CEST44349732172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.037776947 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.037854910 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.037919998 CEST49732443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:29.037935019 CEST44349732172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.038024902 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.038042068 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.038531065 CEST44349730104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.038630962 CEST44349730104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.038747072 CEST49730443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.039411068 CEST49730443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.039417982 CEST44349730104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.039551020 CEST44349732172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.039607048 CEST49732443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:29.040013075 CEST49732443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:29.040030956 CEST49732443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:29.040077925 CEST49732443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:29.040189981 CEST44349732172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.040318966 CEST49732443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:29.040384054 CEST49735443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:29.040416956 CEST44349735172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.040501118 CEST49735443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:29.040697098 CEST49735443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:29.040714979 CEST44349735172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.079987049 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.188132048 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.188179016 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.188203096 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.188252926 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.188265085 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.188311100 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.188371897 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.188376904 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.188544989 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.188683033 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.188895941 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.188991070 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.188997030 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.193021059 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.193057060 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.193128109 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.193134069 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.193140030 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.193192959 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.274755001 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.275170088 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.275389910 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.275418997 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.275495052 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.275566101 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.275662899 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.275815964 CEST49733443192.168.2.16104.22.74.115
                                                                                                        Oct 10, 2024 14:42:29.275826931 CEST44349733104.22.74.115192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.497085094 CEST44349735172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.500272989 CEST49735443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:29.500291109 CEST44349735172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.500689030 CEST44349735172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.504532099 CEST49735443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:29.504621029 CEST44349735172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.504697084 CEST49735443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:29.551402092 CEST44349735172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.649326086 CEST44349735172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.649394989 CEST44349735172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.649502039 CEST49735443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:29.650352955 CEST49735443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:29.650372028 CEST44349735172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.668359995 CEST49739443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:29.668395996 CEST44349739172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.668620110 CEST49739443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:29.669050932 CEST49739443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:29.669064999 CEST44349739172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.239572048 CEST44349739172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.240169048 CEST49739443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.240190029 CEST44349739172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.241229057 CEST44349739172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.241384983 CEST49739443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.241889954 CEST49739443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.241889954 CEST49739443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.241889954 CEST49739443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.241956949 CEST44349739172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.242043972 CEST49739443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.242305040 CEST49741443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.242333889 CEST44349741172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.242425919 CEST49741443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.242750883 CEST49741443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.242763042 CEST44349741172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.685615063 CEST49742443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:42:30.685656071 CEST44349742142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.685767889 CEST49742443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:42:30.686003923 CEST49742443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:42:30.686026096 CEST44349742142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.697422981 CEST44349741172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.697720051 CEST49741443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.697737932 CEST44349741172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.698724985 CEST44349741172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.698820114 CEST49741443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.699350119 CEST49741443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.699417114 CEST44349741172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.699639082 CEST49741443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.699645042 CEST44349741172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.740091085 CEST49741443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.845385075 CEST44349741172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.845469952 CEST44349741172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.845619917 CEST49741443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.846658945 CEST49741443192.168.2.16172.66.43.168
                                                                                                        Oct 10, 2024 14:42:30.846673965 CEST44349741172.66.43.168192.168.2.16
                                                                                                        Oct 10, 2024 14:42:31.337937117 CEST44349742142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:42:31.338251114 CEST49742443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:42:31.338265896 CEST44349742142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:42:31.339279890 CEST44349742142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:42:31.339412928 CEST49742443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:42:31.340667009 CEST49742443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:42:31.340734959 CEST44349742142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:42:31.395035982 CEST49742443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:42:31.395046949 CEST44349742142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:42:31.442991972 CEST49742443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:42:39.613270998 CEST49743443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:39.613321066 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:39.613431931 CEST49743443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:39.613861084 CEST49743443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:39.613874912 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:40.285079956 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:40.285243988 CEST49743443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:40.286838055 CEST49743443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:40.286849976 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:40.287103891 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:40.288539886 CEST49743443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:40.335405111 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:40.536370993 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:40.536393881 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:40.536427021 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:40.536470890 CEST49743443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:40.536500931 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:40.536514997 CEST49743443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:40.536561012 CEST49743443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:40.537440062 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:40.537475109 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:40.537499905 CEST49743443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:40.537506104 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:40.537539005 CEST49743443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:40.537741899 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:40.537791014 CEST49743443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:40.539611101 CEST49743443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:40.539624929 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:40.539637089 CEST49743443192.168.2.1620.109.210.53
                                                                                                        Oct 10, 2024 14:42:40.539644003 CEST4434974320.109.210.53192.168.2.16
                                                                                                        Oct 10, 2024 14:42:41.266091108 CEST44349742142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:42:41.266261101 CEST44349742142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:42:41.266436100 CEST49742443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:42:42.174993992 CEST49742443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:42:42.175020933 CEST44349742142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.046061039 CEST49744443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.046117067 CEST44349744172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.046221972 CEST49744443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.046380997 CEST49745443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.046430111 CEST44349745172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.046487093 CEST49745443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.051347971 CEST49745443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.051362991 CEST44349745172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.051671982 CEST49744443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.051701069 CEST44349744172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.508595943 CEST44349744172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.509021044 CEST49744443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.509047985 CEST44349744172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.510471106 CEST44349744172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.510548115 CEST49744443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.510895967 CEST49744443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.510915995 CEST49744443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.510974884 CEST44349744172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.510999918 CEST49744443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.511032104 CEST49744443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.511374950 CEST49746443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.511424065 CEST44349746172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.511499882 CEST49746443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.511698961 CEST49746443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.511709929 CEST44349746172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.562549114 CEST44349745172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.563004971 CEST49745443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.563034058 CEST44349745172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.566138983 CEST44349745172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.566222906 CEST49745443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.566720009 CEST49745443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.566761017 CEST49745443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.566781998 CEST44349745172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.566847086 CEST49745443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.566854954 CEST44349745172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.566891909 CEST49745443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.566904068 CEST49745443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.567430973 CEST49747443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.567492008 CEST44349747172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:47.567559004 CEST49747443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.567884922 CEST49747443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:47.567904949 CEST44349747172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:48.676057100 CEST44349746172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:48.676409006 CEST49746443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:48.676430941 CEST44349746172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:48.677862883 CEST44349746172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:48.677923918 CEST49746443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:48.678322077 CEST49746443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:48.678410053 CEST44349746172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:48.678522110 CEST49746443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:48.678529024 CEST44349746172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:48.679909945 CEST44349747172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:48.680149078 CEST49747443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:48.680180073 CEST44349747172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:48.683715105 CEST44349747172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:48.683779955 CEST49747443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:48.684089899 CEST49747443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:48.684262037 CEST44349747172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:48.732875109 CEST49747443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:48.732894897 CEST49746443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:48.732903957 CEST44349747172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:48.780909061 CEST49747443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:49.103547096 CEST44349746172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:49.103679895 CEST44349746172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:49.103769064 CEST44349746172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:49.103781939 CEST49746443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:49.103813887 CEST44349746172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:49.103872061 CEST49746443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:49.103880882 CEST44349746172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:49.104011059 CEST44349746172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:42:49.104063988 CEST49746443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:49.105169058 CEST49746443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:42:49.105184078 CEST44349746172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:43:02.940723896 CEST44349747172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:43:02.940804958 CEST44349747172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:43:02.940917015 CEST49747443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:43:04.168807030 CEST49747443192.168.2.16172.66.40.88
                                                                                                        Oct 10, 2024 14:43:04.168834925 CEST44349747172.66.40.88192.168.2.16
                                                                                                        Oct 10, 2024 14:43:27.112987041 CEST49750443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.113023043 CEST4434975035.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:27.113104105 CEST49750443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.113378048 CEST49750443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.113392115 CEST4434975035.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:27.574368954 CEST4434975035.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:27.574606895 CEST49750443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.574625969 CEST4434975035.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:27.575659037 CEST4434975035.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:27.575720072 CEST49750443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.575999022 CEST49750443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.576056004 CEST4434975035.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:27.576139927 CEST49750443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.576148987 CEST4434975035.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:27.622061014 CEST49750443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.702636957 CEST4434975035.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:27.702864885 CEST4434975035.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:27.702953100 CEST49750443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.703026056 CEST49750443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.703039885 CEST4434975035.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:27.703052998 CEST49750443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.703083038 CEST49750443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.703634977 CEST49751443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.703671932 CEST4434975135.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:27.703762054 CEST49751443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.703984976 CEST49751443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:27.703999996 CEST4434975135.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:28.178848982 CEST4434975135.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:28.179105997 CEST49751443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:28.179121971 CEST4434975135.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:28.179611921 CEST4434975135.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:28.179919958 CEST49751443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:28.179990053 CEST4434975135.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:28.180033922 CEST49751443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:28.223422050 CEST4434975135.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:28.229852915 CEST49751443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:28.310264111 CEST4434975135.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:28.310390949 CEST4434975135.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:28.310461998 CEST49751443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:28.310765028 CEST49751443192.168.2.1635.190.80.1
                                                                                                        Oct 10, 2024 14:43:28.310790062 CEST4434975135.190.80.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:30.739095926 CEST49752443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:43:30.739147902 CEST44349752142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:43:30.739242077 CEST49752443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:43:30.739599943 CEST49752443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:43:30.739612103 CEST44349752142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:43:31.373682022 CEST44349752142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:43:31.374147892 CEST49752443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:43:31.374165058 CEST44349752142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:43:31.374633074 CEST44349752142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:43:31.375034094 CEST49752443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:43:31.375111103 CEST44349752142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:43:31.423824072 CEST49752443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:43:41.301078081 CEST44349752142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:43:41.301148891 CEST44349752142.250.186.132192.168.2.16
                                                                                                        Oct 10, 2024 14:43:41.301215887 CEST49752443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:43:42.177375078 CEST49752443192.168.2.16142.250.186.132
                                                                                                        Oct 10, 2024 14:43:42.177405119 CEST44349752142.250.186.132192.168.2.16

                                                                                                        UDP Packets

                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                        Oct 10, 2024 14:42:25.839946032 CEST5282953192.168.2.161.1.1.1
                                                                                                        Oct 10, 2024 14:42:25.840440035 CEST5468053192.168.2.161.1.1.1
                                                                                                        Oct 10, 2024 14:42:25.840688944 CEST53527831.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:25.848515987 CEST53528291.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:25.850788116 CEST53546801.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:25.945852041 CEST53515291.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:26.943262100 CEST53621691.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.106405020 CEST6139553192.168.2.161.1.1.1
                                                                                                        Oct 10, 2024 14:42:27.106704950 CEST5787453192.168.2.161.1.1.1
                                                                                                        Oct 10, 2024 14:42:27.113770962 CEST53613951.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.114022970 CEST53578741.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.122044086 CEST4931953192.168.2.161.1.1.1
                                                                                                        Oct 10, 2024 14:42:27.122453928 CEST6351253192.168.2.161.1.1.1
                                                                                                        Oct 10, 2024 14:42:27.132793903 CEST53635121.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:27.133485079 CEST53493191.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.396950006 CEST4932853192.168.2.161.1.1.1
                                                                                                        Oct 10, 2024 14:42:28.397176981 CEST5490753192.168.2.161.1.1.1
                                                                                                        Oct 10, 2024 14:42:28.405652046 CEST53549071.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:28.408541918 CEST53493281.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.653412104 CEST5569653192.168.2.161.1.1.1
                                                                                                        Oct 10, 2024 14:42:29.653569937 CEST6331553192.168.2.161.1.1.1
                                                                                                        Oct 10, 2024 14:42:29.661135912 CEST53556961.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:29.666033030 CEST53633151.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.677409887 CEST6036353192.168.2.161.1.1.1
                                                                                                        Oct 10, 2024 14:42:30.677649975 CEST6416653192.168.2.161.1.1.1
                                                                                                        Oct 10, 2024 14:42:30.684551001 CEST53641661.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:30.684617996 CEST53603631.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:44.000834942 CEST53644291.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:42:59.353741884 CEST138138192.168.2.16192.168.2.255
                                                                                                        Oct 10, 2024 14:43:02.932965994 CEST53579771.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:26.640337944 CEST53621131.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:26.640373945 CEST53634681.1.1.1192.168.2.16
                                                                                                        Oct 10, 2024 14:43:55.359309912 CEST53587031.1.1.1192.168.2.16

                                                                                                        DNS Queries

                                                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                        Oct 10, 2024 14:42:25.839946032 CEST192.168.2.161.1.1.10xfa8aStandard query (0)campaign-statistics.comA (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:25.840440035 CEST192.168.2.161.1.1.10x92b3Standard query (0)campaign-statistics.com65IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:27.106405020 CEST192.168.2.161.1.1.10x6ea5Standard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:27.106704950 CEST192.168.2.161.1.1.10x6b52Standard query (0)a.nel.cloudflare.com65IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:27.122044086 CEST192.168.2.161.1.1.10xb0caStandard query (0)stats.sender.netA (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:27.122453928 CEST192.168.2.161.1.1.10xac1aStandard query (0)stats.sender.net65IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:28.396950006 CEST192.168.2.161.1.1.10x1974Standard query (0)stats.sender.netA (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:28.397176981 CEST192.168.2.161.1.1.10x74f3Standard query (0)stats.sender.net65IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:29.653412104 CEST192.168.2.161.1.1.10xffa6Standard query (0)campaign-statistics.comA (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:29.653569937 CEST192.168.2.161.1.1.10xe013Standard query (0)campaign-statistics.com65IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:30.677409887 CEST192.168.2.161.1.1.10xc450Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:30.677649975 CEST192.168.2.161.1.1.10x8065Standard query (0)www.google.com65IN (0x0001)false

                                                                                                        DNS Answers

                                                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                        Oct 10, 2024 14:42:25.848515987 CEST1.1.1.1192.168.2.160xfa8aNo error (0)campaign-statistics.com172.66.40.88A (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:25.848515987 CEST1.1.1.1192.168.2.160xfa8aNo error (0)campaign-statistics.com172.66.43.168A (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:25.850788116 CEST1.1.1.1192.168.2.160x92b3No error (0)campaign-statistics.com65IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:27.113770962 CEST1.1.1.1192.168.2.160x6ea5No error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:27.132793903 CEST1.1.1.1192.168.2.160xac1aNo error (0)stats.sender.net65IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:27.133485079 CEST1.1.1.1192.168.2.160xb0caNo error (0)stats.sender.net104.22.74.115A (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:27.133485079 CEST1.1.1.1192.168.2.160xb0caNo error (0)stats.sender.net104.22.75.115A (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:27.133485079 CEST1.1.1.1192.168.2.160xb0caNo error (0)stats.sender.net172.67.27.94A (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:28.405652046 CEST1.1.1.1192.168.2.160x74f3No error (0)stats.sender.net65IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:28.408541918 CEST1.1.1.1192.168.2.160x1974No error (0)stats.sender.net104.22.74.115A (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:28.408541918 CEST1.1.1.1192.168.2.160x1974No error (0)stats.sender.net104.22.75.115A (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:28.408541918 CEST1.1.1.1192.168.2.160x1974No error (0)stats.sender.net172.67.27.94A (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:29.661135912 CEST1.1.1.1192.168.2.160xffa6No error (0)campaign-statistics.com172.66.43.168A (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:29.661135912 CEST1.1.1.1192.168.2.160xffa6No error (0)campaign-statistics.com172.66.40.88A (IP address)IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:29.666033030 CEST1.1.1.1192.168.2.160xe013No error (0)campaign-statistics.com65IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:30.684551001 CEST1.1.1.1192.168.2.160x8065No error (0)www.google.com65IN (0x0001)false
                                                                                                        Oct 10, 2024 14:42:30.684617996 CEST1.1.1.1192.168.2.160xc450No error (0)www.google.com142.250.186.132A (IP address)IN (0x0001)false

                                                                                                        HTTP Request Dependency Graph

                                                                                                        • login.live.com
                                                                                                        • slscr.update.microsoft.com
                                                                                                        • campaign-statistics.com
                                                                                                        • https:
                                                                                                          • stats.sender.net
                                                                                                        • a.nel.cloudflare.com

                                                                                                        HTTPS Proxied Packets

                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        0192.168.2.164970620.190.160.14443
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:01 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                        Connection: Keep-Alive
                                                                                                        Content-Type: application/soap+xml
                                                                                                        Accept: */*
                                                                                                        User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                        Content-Length: 3592
                                                                                                        Host: login.live.com
                                                                                                        2024-10-10 12:42:01 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                        Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                        2024-10-10 12:42:01 UTC569INHTTP/1.1 200 OK
                                                                                                        Cache-Control: no-store, no-cache
                                                                                                        Pragma: no-cache
                                                                                                        Content-Type: application/soap+xml; charset=utf-8
                                                                                                        Expires: Thu, 10 Oct 2024 12:41:01 GMT
                                                                                                        P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                        x-ms-route-info: C538_SN1
                                                                                                        x-ms-request-id: 94246a14-937c-4939-bb5f-b66a27f0408a
                                                                                                        PPServer: PPV: 30 H: SN1PEPF0002FA3B V: 0
                                                                                                        X-Content-Type-Options: nosniff
                                                                                                        Strict-Transport-Security: max-age=31536000
                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                        Date: Thu, 10 Oct 2024 12:42:00 GMT
                                                                                                        Connection: close
                                                                                                        Content-Length: 11389
                                                                                                        2024-10-10 12:42:01 UTC11389INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        1192.168.2.164970820.190.160.14443
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:02 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                        Connection: Keep-Alive
                                                                                                        Content-Type: application/soap+xml
                                                                                                        Accept: */*
                                                                                                        User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                        Content-Length: 4775
                                                                                                        Host: login.live.com
                                                                                                        2024-10-10 12:42:02 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                        Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                        2024-10-10 12:42:02 UTC569INHTTP/1.1 200 OK
                                                                                                        Cache-Control: no-store, no-cache
                                                                                                        Pragma: no-cache
                                                                                                        Content-Type: application/soap+xml; charset=utf-8
                                                                                                        Expires: Thu, 10 Oct 2024 12:41:02 GMT
                                                                                                        P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                        x-ms-route-info: C538_BL2
                                                                                                        x-ms-request-id: 09cc4652-3979-4897-ba80-9bf81dcd70be
                                                                                                        PPServer: PPV: 30 H: BL02EPF0001D9D6 V: 0
                                                                                                        X-Content-Type-Options: nosniff
                                                                                                        Strict-Transport-Security: max-age=31536000
                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                        Date: Thu, 10 Oct 2024 12:42:01 GMT
                                                                                                        Connection: close
                                                                                                        Content-Length: 11409
                                                                                                        2024-10-10 12:42:02 UTC11409INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        2192.168.2.164970920.109.210.53443
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:02 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=42ycGH7ZShD68cc&MD=fKTz3ubA HTTP/1.1
                                                                                                        Connection: Keep-Alive
                                                                                                        Accept: */*
                                                                                                        User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                        Host: slscr.update.microsoft.com
                                                                                                        2024-10-10 12:42:03 UTC560INHTTP/1.1 200 OK
                                                                                                        Cache-Control: no-cache
                                                                                                        Pragma: no-cache
                                                                                                        Content-Type: application/octet-stream
                                                                                                        Expires: -1
                                                                                                        Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                        ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                        MS-CorrelationId: 500f72bf-406c-41a8-b668-2be222490dea
                                                                                                        MS-RequestId: 4963b8de-81d6-487d-b776-234ed4916236
                                                                                                        MS-CV: n7ZzpqX78E+EgoqJ.0
                                                                                                        X-Microsoft-SLSClientCache: 2880
                                                                                                        Content-Disposition: attachment; filename=environment.cab
                                                                                                        X-Content-Type-Options: nosniff
                                                                                                        Date: Thu, 10 Oct 2024 12:42:02 GMT
                                                                                                        Connection: close
                                                                                                        Content-Length: 24490
                                                                                                        2024-10-10 12:42:03 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                        Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                        2024-10-10 12:42:03 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                        Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        3192.168.2.164971120.190.160.14443
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:03 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                        Connection: Keep-Alive
                                                                                                        Content-Type: application/soap+xml
                                                                                                        Accept: */*
                                                                                                        User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                        Content-Length: 4775
                                                                                                        Host: login.live.com
                                                                                                        2024-10-10 12:42:03 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                        Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                        2024-10-10 12:42:03 UTC569INHTTP/1.1 200 OK
                                                                                                        Cache-Control: no-store, no-cache
                                                                                                        Pragma: no-cache
                                                                                                        Content-Type: application/soap+xml; charset=utf-8
                                                                                                        Expires: Thu, 10 Oct 2024 12:41:03 GMT
                                                                                                        P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                        x-ms-route-info: C538_SN1
                                                                                                        x-ms-request-id: ba3b4b09-3acb-40c1-872f-0dba59656eb0
                                                                                                        PPServer: PPV: 30 H: SN1PEPF0002F094 V: 0
                                                                                                        X-Content-Type-Options: nosniff
                                                                                                        Strict-Transport-Security: max-age=31536000
                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                        Date: Thu, 10 Oct 2024 12:42:03 GMT
                                                                                                        Connection: close
                                                                                                        Content-Length: 11409
                                                                                                        2024-10-10 12:42:03 UTC11409INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        4192.168.2.164971320.190.160.14443
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:05 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                        Connection: Keep-Alive
                                                                                                        Content-Type: application/soap+xml
                                                                                                        Accept: */*
                                                                                                        User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                        Content-Length: 4762
                                                                                                        Host: login.live.com
                                                                                                        2024-10-10 12:42:05 UTC4762OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                        Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                        2024-10-10 12:42:05 UTC569INHTTP/1.1 200 OK
                                                                                                        Cache-Control: no-store, no-cache
                                                                                                        Pragma: no-cache
                                                                                                        Content-Type: application/soap+xml; charset=utf-8
                                                                                                        Expires: Thu, 10 Oct 2024 12:41:05 GMT
                                                                                                        P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                        x-ms-route-info: C538_SN1
                                                                                                        x-ms-request-id: 5668ab87-5298-4734-a2b4-09b51fadbb51
                                                                                                        PPServer: PPV: 30 H: SN1PEPF0002F954 V: 0
                                                                                                        X-Content-Type-Options: nosniff
                                                                                                        Strict-Transport-Security: max-age=31536000
                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                        Date: Thu, 10 Oct 2024 12:42:04 GMT
                                                                                                        Connection: close
                                                                                                        Content-Length: 10197
                                                                                                        2024-10-10 12:42:05 UTC10197INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        5192.168.2.1649718172.66.40.884436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:26 UTC731OUTGET /link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d HTTP/1.1
                                                                                                        Host: campaign-statistics.com
                                                                                                        Connection: keep-alive
                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                        Sec-Fetch-Site: none
                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                        Sec-Fetch-User: ?1
                                                                                                        Sec-Fetch-Dest: document
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:27 UTC862INHTTP/1.1 404 Not Found
                                                                                                        Date: Thu, 10 Oct 2024 12:42:27 GMT
                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                        Transfer-Encoding: chunked
                                                                                                        Connection: close
                                                                                                        access-control-allow-origin: *
                                                                                                        access-control-allow-methods: *
                                                                                                        access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        cf-cache-status: DYNAMIC
                                                                                                        vary: accept-encoding
                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ryLni%2FihghpUFyWWmrK8R20k4ZOap7WmDZZVTwX2G%2BAFflqdgJNYjt2nHSEjLOJoETO6JVAhj6fKUCfAPwL7i2xC3Xsyc7HurtZEt4RsOS%2Fcmt6GqclfRxO%2F9GpvBsCwSzbxztgZn37NrA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                        Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b0be7a8542e6-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                        2024-10-10 12:42:27 UTC507INData Raw: 62 38 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 69 65 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 53 65 6e 64 65 72 2e 6e 65 74 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 0a 20 20
                                                                                                        Data Ascii: b8b<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <title>Sender.net - Page Not Found</title>
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 64 65 72 2e 6e 65 74 2f 66 6f 6e 74 73 2f 73 75 69 73 73 65 69 6e 74 6c 2d 73 65 6d 69 62 6f 6c 64 2d 77 65 62 78 6c 2e 77 6f 66 66 32 22 20 61 73 3d 22 66 6f 6e 74 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 2f 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 2d 63 6f 6e 74 20 64 2d 66 6c 65 78 20 66 6c 65 78 2d 6a 75 73 74 69 66 79 2d 63 65 6e 74 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 73 65 6e 64 65 72 2e 6e 65 74 2f 22 20 74 69 74 6c 65 3d 22 53 65 6e 64 65 72 2e 6e
                                                                                                        Data Ascii: der.net/fonts/suisseintl-semibold-webxl.woff2" as="font" crossorigin="anonymous" /></head><body><div> <div class="container"> <div class="logo-cont d-flex flex-justify-center"> <a href="https://www.sender.net/" title="Sender.n
                                                                                                        2024-10-10 12:42:27 UTC1086INData Raw: 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 20 64 3d 22 4d 33 31 2e 30 30 38 20 33 34 2e 38 32 35 34 4c 36 30 2e 30 38 34 37 20 31 37 2e 39 39 37 39 4c 33 30 2e 37 32 37 32 20 31 2e 31 34 34 35 4c 31 2e 39 31 36 32 34 20 31 38 2e 32 37 34 4c 33 31 2e 30 30 38 20 33 34 2e 38 32 35 34 5a 22 20 73 74 72 6f 6b 65 3d 22 77 68 69 74 65 22 3e 3c 2f 70 61 74 68 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 76 67 3e 0a 20 20 20 20 20 20 20 20 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 3c 70 69 63 74 75 72 65 20 63 6c 61 73 73 3d 22 65 72 72 6f 72 2d 69 6d 67 2d 68 6f 6c 64 65 72 20 64 2d 62 6c 6f 63 6b 20 70 2d
                                                                                                        Data Ascii: none" xmlns="http://www.w3.org/2000/svg"> <path d="M31.008 34.8254L60.0847 17.9979L30.7272 1.1445L1.91624 18.274L31.008 34.8254Z" stroke="white"></path> </svg> </span> <picture class="error-img-holder d-block p-
                                                                                                        2024-10-10 12:42:27 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                        Data Ascii: 0


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        6192.168.2.164971935.190.80.14436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:27 UTC560OUTOPTIONS /report/v4?s=ryLni%2FihghpUFyWWmrK8R20k4ZOap7WmDZZVTwX2G%2BAFflqdgJNYjt2nHSEjLOJoETO6JVAhj6fKUCfAPwL7i2xC3Xsyc7HurtZEt4RsOS%2Fcmt6GqclfRxO%2F9GpvBsCwSzbxztgZn37NrA%3D%3D HTTP/1.1
                                                                                                        Host: a.nel.cloudflare.com
                                                                                                        Connection: keep-alive
                                                                                                        Origin: https://campaign-statistics.com
                                                                                                        Access-Control-Request-Method: POST
                                                                                                        Access-Control-Request-Headers: content-type
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:27 UTC336INHTTP/1.1 200 OK
                                                                                                        Content-Length: 0
                                                                                                        access-control-max-age: 86400
                                                                                                        access-control-allow-methods: POST, OPTIONS
                                                                                                        access-control-allow-origin: *
                                                                                                        access-control-allow-headers: content-length, content-type
                                                                                                        date: Thu, 10 Oct 2024 12:42:27 GMT
                                                                                                        Via: 1.1 google
                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                        Connection: close


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        7192.168.2.1649720104.22.74.1154436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:27 UTC551OUTGET /css/styles.css HTTP/1.1
                                                                                                        Host: stats.sender.net
                                                                                                        Connection: keep-alive
                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                        Accept: text/css,*/*;q=0.1
                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                        Sec-Fetch-Dest: style
                                                                                                        Referer: https://campaign-statistics.com/
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:27 UTC697INHTTP/1.1 200 OK
                                                                                                        Date: Thu, 10 Oct 2024 12:42:27 GMT
                                                                                                        Content-Type: text/css
                                                                                                        Transfer-Encoding: chunked
                                                                                                        Connection: close
                                                                                                        Last-Modified: Mon, 19 Aug 2024 11:58:59 GMT
                                                                                                        ETag: W/"66c33383-208d"
                                                                                                        Access-Control-Allow-Origin: *
                                                                                                        Access-Control-Allow-Methods: *
                                                                                                        Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                        CF-Cache-Status: HIT
                                                                                                        referrer-policy: same-origin
                                                                                                        x-content-type-options: nosniff
                                                                                                        x-frame-options: SAMEORIGIN
                                                                                                        x-xss-protection: 1; mode=block
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b0c329684362-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                        2024-10-10 12:42:27 UTC672INData Raw: 32 30 38 64 0d 0a 2f 2a 20 74 6f 64 6f 3a 20 73 70 6c 69 74 20 69 6e 74 6f 20 6d 75 6c 74 69 70 6c 65 20 73 74 79 6c 65 73 68 65 65 74 73 20 74 6f 20 69 6e 63 6c 75 64 65 20 6f 6e 6c 79 20 6e 65 65 64 65 64 20 73 74 79 6c 65 73 20 70 65 72 20 70 61 67 65 20 2a 2f 0a 0a 2a 20 7b 0a 20 20 20 20 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 62 6f 72 64 65 72 2d 62 6f 78 3b 0a 7d 0a 0a 62 6f 64 79 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 20 61 6e 74 69 61 6c 69 61 73 65 64 3b 0a 20 20 20 20 2d 6d 6f 7a 2d 6f 73 78 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 20 67 72 61 79 73 63 61 6c 65 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 73 75 69 73 73 65 69 6e 74
                                                                                                        Data Ascii: 208d/* todo: split into multiple stylesheets to include only needed styles per page */* { box-sizing: border-box;}body { margin: 0; -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; font-family: 'suisseint
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 77 6f 66 66 32 27 29 2c 0a 20 20 20 20 20 20 20 20 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 73 2f 73 75 69 73 73 65 69 6e 74 6c 2d 73 65 6d 69 62 6f 6c 64 2d 77 65 62 78 6c 2e 77 6f 66 66 27 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 27 29 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 7d 0a 0a 68 31 2c 20 70 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 7d 0a 0a 0a 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 35 36 70 78 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 36 34 70 78 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 30 41 30 38 33 42 3b 0a 7d 0a 0a 70 20 7b 0a 20
                                                                                                        Data Ascii: woff2'), url('../fonts/suisseintl-semibold-webxl.woff') format('woff'); font-weight: 600; font-style: normal;}h1, p { margin: 0;}h1 { font-weight: 600; font-size: 56px; line-height: 64px; color: #0A083B;}p {
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 77 65 69 67 68 74 3a 20 36 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 35 34 70 78 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 30 41 30 38 33 42 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 0a 2e 6d 61 69 6e 2d 73 75 62 68 65 61 64 69 6e 67 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 0a 2e 6d 61 69 6e 2d 73 75 62 68 65 61 64 69 6e 67 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 36 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68
                                                                                                        Data Ascii: weight: 600; line-height: 54px; color: #0A083B; text-align: center;}.main-subheading { display: flex; justify-content: center; text-align: center;}.main-subheading p { font-size: 16px; font-weight: 400; line-heigh
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 3a 20 61 75 74 6f 3b 0a 7d 0a 0a 2f 2a 20 62 75 74 74 6f 6e 73 20 2a 2f 0a 2e 62 75 74 74 6f 6e 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 67 61 70 3a 20 31 72 65 6d 3b 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 36 70 78 20 33 32 70 78 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 35 30 70 78 3b 0a 20 20 20 20 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 62 75 74 74 6f 6e 2d 2d 6f 75 74 6c 69 6e 65 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 77 68 69 74 65 3b 0a 20 20 20 20 63 6f 6c 6f 72
                                                                                                        Data Ascii: : auto;}/* buttons */.button { display: flex; justify-content: center; gap: 1rem; padding: 16px 32px; border-radius: 50px; cursor: pointer; text-decoration: none;}.button--outline { background-color: white; color
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 7d 20 2a 2f 0a 0a 2e 62 74 6e 2e 70 72 69 6d 61 72 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 37 35 62 31 31 3b 0a 20 20 20 20 74 72 61 6e 73 69 74 69 6f 6e 3a 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 20 32 30 30 6d 73 20 65 61 73 65 3b 0a 7d 0a 0a 2e 62 74 6e 2e 70 72 69 6d 61 72 79 3a 68 6f 76 65 72 2c 20 2e 62 74 6e 2e 70 72 69 6d 61 72 79 3a 66 6f 63 75 73 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 46 38 39 35 39 3b 0a 7d 0a 0a 2e 62 74 6e 2e 73 65 63 6f 6e 64 61 72 79 20 7b 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 31 70 78 20 33 31 70 78 3b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 0a 20 20 20 20
                                                                                                        Data Ascii: } */.btn.primary { background-color: #f75b11; transition: background-color 200ms ease;}.btn.primary:hover, .btn.primary:focus { background-color: #EF8959;}.btn.secondary { padding: 11px 31px; background-color: transparent;
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 20 7d 0a 20 20 20 20 2e 76 63 20 7b 0a 20 20 20 20 20 20 20 20 6c 65 66 74 3a 20 31 38 38 70 78 3b 0a 20 20 20 20 7d 0a 7d 0a 0a 2f 2a 20 76 69 65 77 70 6f 72 74 20 3e 3d 20 31 34 34 30 70 78 20 20 2a 2f 0a 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 34 34 30 70 78 29 20 7b 0a 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 37 36 72 65 6d 3b 0a 20 20 20 20 7d 0a 7d 0a 0a 2f 2a 20 76 69 65 77 70 6f 72 74 20 3c 20 39 39 32 70 78 20 2a 2f 0a 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 39 39 31 2e 39 38 70 78 29 20 7b 0a 20 20 20 20 68 31 20 7b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 33
                                                                                                        Data Ascii: } .vc { left: 188px; }}/* viewport >= 1440px */@media screen and (min-width: 1440px) { .container { max-width: 76rem; }}/* viewport < 992px */@media screen and (max-width: 991.98px) { h1 { font-size: 3
                                                                                                        2024-10-10 12:42:27 UTC824INData Raw: 6c 6c 65 72 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 37 70 78 20 32 33 70 78 3b 0a 20 20 20 20 7d 0a 7d 0a 0a 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 37 36 37 2e 39 38 70 78 29 20 7b 0a 20 20 20 20 2e 64 2d 73 6d 2d 62 6c 6f 63 6b 20 7b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2e 64 2d 73 6d 2d 6e 6f 6e 65 20 7b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2e 65 72 72 6f 72 2d 69 6d 67 2d 68 6f 6c 64 65 72 20 7b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 32 34 70 78 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20
                                                                                                        Data Ascii: ller { padding: 7px 23px; }}@media screen and (max-width: 767.98px) { .d-sm-block { display: block; } .d-sm-none { display: none; } .error-img-holder { margin-left: -24px; margin-right:
                                                                                                        2024-10-10 12:42:27 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                        Data Ascii: 0


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        8192.168.2.1649722104.22.74.1154436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:27 UTC595OUTGET /fonts/suisseintl-regular-webxl.woff2 HTTP/1.1
                                                                                                        Host: stats.sender.net
                                                                                                        Connection: keep-alive
                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                        Origin: https://campaign-statistics.com
                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                        Accept: */*
                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                        Sec-Fetch-Mode: cors
                                                                                                        Sec-Fetch-Dest: font
                                                                                                        Referer: https://campaign-statistics.com/
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:27 UTC739INHTTP/1.1 200 OK
                                                                                                        Date: Thu, 10 Oct 2024 12:42:27 GMT
                                                                                                        Content-Type: application/octet-stream
                                                                                                        Content-Length: 68316
                                                                                                        Connection: close
                                                                                                        Last-Modified: Fri, 08 Oct 2021 11:06:28 GMT
                                                                                                        ETag: "61602634-10adc"
                                                                                                        Access-Control-Allow-Origin: *
                                                                                                        Access-Control-Allow-Methods: *
                                                                                                        Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                        CF-Cache-Status: HIT
                                                                                                        Age: 835
                                                                                                        Accept-Ranges: bytes
                                                                                                        referrer-policy: same-origin
                                                                                                        x-content-type-options: nosniff
                                                                                                        x-frame-options: SAMEORIGIN
                                                                                                        x-xss-protection: 1; mode=block
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b0c34ca56a5b-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                        2024-10-10 12:42:27 UTC630INData Raw: 77 4f 46 32 00 01 00 00 00 01 0a dc 00 13 00 00 00 02 f3 90 00 01 0a 71 00 02 7f ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1a 82 4c 1b 81 e4 2e 1c c8 76 14 89 5f 06 60 00 98 14 08 24 09 82 73 11 14 0a 87 92 1c 86 a2 22 12 81 b9 28 01 36 02 24 03 a6 6c 0b 93 38 00 04 20 05 86 24 07 20 0c 81 37 5b 98 b0 92 0d 99 32 76 7d 1e 1a 00 61 ce 31 d1 10 b5 73 b4 fd 57 05 38 95 05 e5 06 6e c8 86 07 bd 55 76 8e 7e d0 b9 0f 6b 55 be 1b 38 37 27 dc b8 95 9e db b6 57 64 c8 85 85 ec ff ff ff ff ff ff ff f7 25 1d e2 2a d0 2d 50 5b 77 2e af 02 9a 66 1e a3 4c b9 54 85 46 cd cc 4c 16 ba 2b 83 19 32 1a 72 34 57 2a e2 68 3e 99 4c 67 65 9e 51 a4 cf cd 29 9d 26 16 4b c4 ca d5 5a b4 d5 46 b8 30 39 91 71 3d 60 2b 53 d9 81 94 69 8a 3d a5 ed b4 64 e1 99 3a 35 6e
                                                                                                        Data Ascii: wOF2qL.v_`$s"(6$l8 $ 7[2v}a1sW8nUv~kU87'Wd%*-P[w.fLTFL+2r4W*h>LgeQ)&KZF09q=`+Si=d:5n
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 1c 70 10 73 61 ae 92 aa 07 10 ff 1d a5 ac a6 80 a8 12 8f e2 2a 0c 45 8f 6a 09 be be ea 19 8f ca 60 a0 b6 e3 a4 6f 39 c4 d4 d8 97 67 a0 e3 d6 7b 02 10 a0 48 64 b0 a1 06 94 1b 60 ca 6b f7 b9 e8 41 a4 62 7f 3a 4f 4f 70 e4 f7 a7 ea f6 cc bc 64 01 67 4d e7 53 5a 5a 3f 3d 40 73 eb 36 70 62 25 48 0e c1 22 ea 25 f4 11 8b 7a e1 11 14 91 a8 8d 31 18 8c 1a a3 46 f4 80 31 60 44 4d 5a 5a c1 51 51 a3 e6 c8 74 42 13 3c bf f6 af 77 ce fb 1b c0 0d 20 81 8a 42 14 92 50 86 5b 15 57 46 d7 fa f0 fc dc fe dc fb 62 cd 82 6d 8c 51 83 11 23 c3 68 e4 f3 a9 12 ed 1f 85 89 1d 88 51 58 89 fa 29 31 86 45 a4 d1 85 59 e4 06 68 6d be 80 20 3c fd cf 47 25 9f fc 3f 7f 1f d1 3c fd 54 a9 a0 82 a2 0d 2a d6 8c cc d9 9b 31 17 ba 70 82 bd b0 a6 9b d3 85 ab 28 80 00 c8 7f 06 db ed 3e 0f 11 d4 54
                                                                                                        Data Ascii: psa*Ej`o9g{Hd`kAb:OOpdgMSZZ?=@s6pb%H"%z1F1`DMZZQQtB<w BP[WFbmQ#hQX)1EYhm <G%?<T*1p(>T
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: d0 8f 21 a0 40 81 9d 14 9d 92 92 82 bf e5 34 68 97 08 24 2b e4 a2 14 94 92 27 17 c8 7d 26 18 33 c2 d4 65 fc b1 c3 f8 48 e3 d8 9f d7 0f 08 cc 76 da dd 13 66 10 e0 00 1f 9f 87 2d 0d 34 e3 61 38 30 cc 30 2b 97 ca 5d 4a 65 c4 f0 e1 31 28 c9 b2 d3 74 69 a5 32 4f e0 9a 25 fd a0 a1 e1 13 14 1a 1c ca 02 fd f7 fb ad 7e ee 79 8b 49 68 1a 12 25 11 69 51 c4 32 89 12 c4 2a 1e 19 22 25 42 85 24 b7 53 09 5f a7 45 84 df c4 ef 5f 7d 66 5e ee f6 e3 85 5d 84 51 37 aa ea 0c ca 20 84 50 14 55 08 d5 b8 66 73 fb ff 40 97 ea 18 16 fa a9 39 d1 ea ed 7c 2b b9 bb af 2d 2c 26 98 20 84 09 c2 0c 83 10 22 bb 61 fc db 28 bf ee b8 ca a3 bb ba 4b 44 c4 39 c9 44 44 24 48 90 52 8a c8 83 32 1b cb 56 79 f8 bb e4 52 aa 14 66 bc f6 d3 7e 16 2c 49 a7 c4 c1 d2 50 01 ed 2b b9 bb f7 fd c0 58 db 6b
                                                                                                        Data Ascii: !@4h$+'}&3eHvf-4a800+]Je1(ti2O%~yIh%iQ2*"%B$S_E_}f^]Q7 PUfs@9|+-,& "a(KD9DD$HR2VyRf~,IP+Xk
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 3a 7a ec f8 e4 e4 dc cf 3f 2a 3a 3e b3 79 68 64 74 3a 39 16 e9 be 86 c3 a5 17 6b 4f 1e ca 6c 3a 23 0a b3 cc e3 d9 47 73 4a 82 4d 1f b6 c8 ec a2 64 1f 1b ac 80 29 2a cb 72 51 3a ea 4b 64 2a b4 aa ba 19 9f e4 35 29 cf 2f a6 02 d2 aa ec d2 28 5b a1 24 7d a6 48 4f b4 91 45 b7 67 90 e4 ea 13 6b 4a aa 36 a1 07 5e e4 6c f8 cb 18 d9 60 11 1b 57 3b a7 1e 91 b8 4d 49 bc 51 b2 dc fc b6 33 93 bc 13 92 e6 6b 06 69 56 58 b3 d9 e7 ec de 15 40 8b 98 52 ca b4 4a a3 75 21 9a b4 35 4e bb c2 f4 31 90 0f ee e6 d8 b4 8c e9 b8 ac 13 29 6d 4d cb c3 66 95 b0 70 d7 58 66 31 8b 60 31 eb 24 94 d4 52 f9 76 d0 4d 2f 58 55 cc ee ae b8 aa 4d 64 63 51 85 15 94 da d3 14 32 9c 12 75 41 ea 54 aa 21 8d e6 43 e5 88 1a 4f 22 2b 2a 0b 59 b4 c0 4c 2a d2 a9 87 cc cc 7a 01 6b dc 73 6d 64 46 e1 22
                                                                                                        Data Ascii: :z?*:>yhdt:9kOl:#GsJMd)*rQ:Kd*5)/([$}HOEgkJ6^l`W;MIQ3kiVX@RJu!5N1)mMfpXf1`1$RvM/XUMdcQ2uAT!CO"+*YL*zksmdF"
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 84 2b 4d 42 a8 58 19 42 58 04 09 07 dc ac a3 94 a4 a8 b3 94 f7 58 b3 16 ca 85 89 0b cf 84 91 5e ef 62 e8 33 ee d1 44 3c e2 e8 38 b1 5f 4c 02 17 c9 10 12 2c ea 91 60 b1 1b 59 b9 56 5a 64 b2 d3 cf 15 bb 1d b5 c6 d7 a8 95 79 62 6b 5d b1 20 a4 80 73 45 73 47 ba f5 0e b5 62 4f 60 47 ae c8 6e b5 c0 6c c1 2d df 71 81 c2 bb 8a a5 bc 55 e6 bc ea 4a 05 f7 a1 c4 b7 6a dd 5c 5d 69 01 ba 9a a0 41 57 1a b6 ab f9 81 82 cc 77 25 87 8b 5e d7 af 48 5e 6c 6d 65 83 a8 50 69 6b 90 b8 c6 5d 1a 08 83 6b 83 6b 47 c6 35 65 10 0c 8e 06 a3 81 77 32 ac ae cb 52 cf 85 30 38 19 18 d9 d9 c3 db 2f d9 9b 7a e5 d4 d3 29 6c e8 21 7b 68 5d 0f 39 37 96 fb a5 d1 ea c8 89 1e 7e bd f9 46 3d e6 30 45 55 98 d1 ef a3 4c 4b d2 b9 39 2f 70 6e 9e 85 6b 29 72 75 5a 74 45 83 9f 8f 43 21 2d 2f 93 c3 b4
                                                                                                        Data Ascii: +MBXBXX^b3D<8_L,`YVZdybk] sEsGbO`Gnl-qUJj\]iAWw%^H^lmePik]kkG5ew2R08/z)l!{h]97~F=0EULK9/pnk)ruZtEC!-/
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: db ff 92 00 4a 43 59 17 b5 e4 a4 e3 a5 09 8b 15 76 3f 7d d4 4c 8a 79 8b e5 89 95 72 b3 77 10 92 32 11 7c fc 54 a1 3b ba e2 4e 4f 59 80 55 bb ee db 2e 05 e1 1d 5b 6e e4 a6 17 95 18 9f c9 d4 3e 7f f4 74 f0 f6 b4 b9 5a 07 be 3b a4 c3 5f fe 61 a7 4e 9d bc f4 e7 3f e5 dd 67 f7 d9 a7 4f df cc cd 1e ed a0 24 7a 0e 25 ae de b9 1b b0 1f 21 6e 24 01 11 96 68 2c 4d a0 10 f7 22 7f 3c 43 3c c9 f0 cb 67 b1 c9 e9 45 11 15 eb f6 8c f9 fc 34 8a 41 77 99 b6 60 3b ae c8 eb d3 84 9d 56 c4 f9 19 f3 69 e6 1d fe d4 6c 2b ac e1 40 c5 72 7d e2 b8 13 f2 22 e4 4b 2a 88 50 08 a1 30 02 e1 88 08 3a 1d 58 e9 48 a1 13 b9 ce 18 5d 68 44 46 2a 4a 34 de af 94 62 22 2f 49 32 91 14 bc 54 22 69 78 e9 44 32 b0 fa 90 c9 a4 d6 97 4a 3f d6 fa d3 1a 40 65 60 14 9b 25 07 67 3e 89 dc 28 b4 d2 5a 42
                                                                                                        Data Ascii: JCYv?}Lyrw2|T;NOYU.[n>tZ;_aN?gO$z%!n$h,M"<C<gE4Aw`;Vil+@r}"K*P0:XH]hDF*J4b"/I2T"ixD2J?@e`%g>(ZB
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: ce 69 0c a2 fe 2b 72 06 f6 43 b9 b9 f6 aa 56 2a eb ea 87 b5 a3 7b 3f bb a6 93 44 26 c1 41 00 9e fa 91 3f 8d f7 3c be e0 e4 ca d4 6e 94 a2 12 9c 13 7c 7a f1 c1 e9 bb 15 28 6c 68 36 0c b9 7e 25 23 cf 97 3f 63 af 2f e3 91 7d d4 62 ea cf b9 be 29 3b af eb b8 5c b3 81 75 49 76 28 a7 be 44 f6 76 1e 69 86 57 5e 99 2f 71 a0 39 80 c2 8c 2e 11 da 33 f1 f7 4c ed 23 cd 53 34 6f 3f 04 2d 8a 93 e7 60 31 3d 53 fa 19 73 75 4b f9 2b e1 b8 ea 02 5c b0 96 de 7a 5b 05 6a f0 4d 84 1f c9 c6 70 54 04 d7 27 86 1b 35 77 2c 0f 1c 13 9e e7 a8 75 a8 2e 02 de 7c 7c aa 54 f2 23 22 fe df c5 02 04 12 3a 57 c9 09 06 a9 d0 f4 8d cc bf 62 45 4e 89 50 a1 bb d6 9b 59 72 30 ce 12 fe 66 ac 05 16 e3 2d b1 7c e9 56 d0 84 93 b7 74 9c 70 38 ca de da 56 44 e2 20 61 b6 b3 4e 39 8d 73 c6 05 bc 9b f4
                                                                                                        Data Ascii: i+rCV*{?D&A?<n|z(lh6~%#?c/}b);\uIv(DviW^/q9.3L#S4o?-`1=SsuK+\z[jMpT'5w,u.||T#":WbENPYr0f-|Vtp8VD aN9s
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: c9 4a 79 f8 b9 c8 bb 12 d9 da 2c 5f cb 37 18 30 1b 13 74 4e ba 38 90 ba 0d 9e b9 9b 49 59 9a 28 47 3d bb 1f 66 f5 04 26 d6 c9 61 91 05 cf 99 14 cf e6 a2 9c d4 d2 2e ca 20 f9 0f 6b f0 a2 95 1a 6e 9f ea 2f 41 1d f4 22 ef 21 47 cc fd b0 26 05 a2 19 04 44 63 33 22 ee d2 d6 75 ed 4a 0f 01 f8 3d 9a e8 35 15 5b bc 2a 95 b7 50 f8 75 a4 f4 26 e2 7f 79 e8 1d 76 46 8c 06 e8 45 5b 39 74 79 6a 4b 98 de 68 6a 41 2c fb 1e 44 6e fb 56 d9 bb 65 24 11 d0 bb c8 66 2d c3 17 78 df 7e 45 2d 1e d2 31 24 04 19 a9 22 e8 3b 76 6f 88 c4 bc d5 19 74 a6 e9 6b f2 90 10 1d ce 68 da 0c b9 00 88 6a 4b b1 b9 26 19 23 3a 6c d5 e5 79 1c 49 22 25 f3 49 56 3e a7 01 32 16 0d 7f 67 15 bb e4 62 7d a9 ea 02 c4 d6 fd c5 29 62 ec 1d 64 ed c1 3a ae 08 e3 02 ea c1 d4 43 38 46 97 84 3d ef f0 96 31 2f
                                                                                                        Data Ascii: Jy,_70tN8IY(G=f&a. kn/A"!G&Dc3"uJ=5[*Pu&yvFE[9tyjKhjA,DnVe$f-x~E-1$";votkhjK&#:lyI"%IV>2gb})bd:C8F=1/
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 7a 6e ff 29 64 ea 0f 2e a5 43 7e 7d aa e8 d3 80 89 70 bd 8c 18 33 83 2a 41 cb f8 97 4d f7 5f b9 73 55 fd 2f 01 20 13 a9 08 26 50 ef f4 64 ac 60 8d b9 4c 3d cc d8 0f ca a0 9d f3 68 b9 69 a4 e6 ea 6c cc f7 3c bc f6 d6 ef 0c a5 54 e3 c8 79 1a d3 ea 16 dd 15 6b 49 2a 0d 66 ff 65 cc ec 33 e0 ec 4d f8 19 5b 63 74 47 04 e6 24 45 f4 f1 ec 2e 80 50 b3 20 73 0f 90 b0 f3 71 74 e8 b9 41 36 c2 05 ca d1 58 89 60 ae f0 9e 5e 4f d0 7f 34 28 4d e5 a0 43 1c b0 db 2e 06 bd da 00 c6 f9 7c d8 4d c8 c7 7f 4c 2e 09 ed ec 05 d0 35 65 fb a4 cc 05 a8 7e ee 41 6f 9f 3e e6 12 c4 c4 44 68 8d 15 18 74 c7 5d b0 86 eb f0 72 17 e0 69 d0 f1 6f f2 78 20 ba bc f4 7a 80 86 17 5a 4b 4e f4 77 e8 d1 bb f0 20 55 55 26 3c 83 e3 c3 a8 ef 2b 36 b4 51 9c df 18 da ea 77 8e fa 52 62 59 58 5f 54 67 4c
                                                                                                        Data Ascii: zn)d.C~}p3*AM_sU/ &Pd`L=hil<TykI*fe3M[ctG$E.P sqtA6X`^O4(MC.|ML.5e~Ao>Dht]riox zZKNw UU&<+6QwRbYX_TgL
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 9a ac d1 92 09 d8 b4 cb 44 82 92 5d 23 4a a5 bb 93 7b cc 63 cd 03 07 c6 91 6b ea f0 b8 02 55 be 87 11 50 3d e1 88 3a 1e f1 bc 70 2a ff 46 d6 e5 c8 e5 bd ab 51 88 cf ed 55 47 69 e3 92 a3 95 80 ee 1c 87 89 dd 5c 67 d4 79 68 51 a0 fd 77 6e 19 fe 97 17 34 5f 86 1c cd 85 f6 35 96 85 df fc 26 c4 e4 68 79 84 f6 1d fa 3e c7 1a 3e c2 a7 d8 c4 17 f4 6b e0 3b c7 39 15 0e 16 c7 39 73 f7 39 f3 ac e8 f2 62 8d 32 39 62 93 fd fe 4f 3f 0f 00 10 ae 72 db b0 e5 0a 01 b7 f2 bb 7e b9 0d 13 40 0c 29 27 8b fe 3b 6d 98 32 6a 4e 53 42 17 63 83 0c 57 0d ba ef 6c 72 b5 70 18 47 33 1e ce 2f 46 f4 4a 80 92 40 8c 49 c8 75 82 34 fa c9 d6 7c 50 69 b6 45 49 6b aa 34 34 5a 5f 88 14 11 4c 6d d5 18 27 ab d1 43 13 a5 a9 1a 63 8c 73 b6 f5 71 28 d1 11 63 2b 3b ab a3 ed 08 1d 9b 75 b1 e1 ac 9f
                                                                                                        Data Ascii: D]#J{ckUP=:p*FQUGi\gyhQwn4_5&hy>>k;99s9b29bO?r~@)';m2jNSBcWlrpG3/FJ@Iu4|PiEIk44Z_Lm'Ccsq(c+;u


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        9192.168.2.1649721104.22.74.1154436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:27 UTC596OUTGET /fonts/suisseintl-semibold-webxl.woff2 HTTP/1.1
                                                                                                        Host: stats.sender.net
                                                                                                        Connection: keep-alive
                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                        Origin: https://campaign-statistics.com
                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                        Accept: */*
                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                        Sec-Fetch-Mode: cors
                                                                                                        Sec-Fetch-Dest: font
                                                                                                        Referer: https://campaign-statistics.com/
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:27 UTC740INHTTP/1.1 200 OK
                                                                                                        Date: Thu, 10 Oct 2024 12:42:27 GMT
                                                                                                        Content-Type: application/octet-stream
                                                                                                        Content-Length: 68956
                                                                                                        Connection: close
                                                                                                        Last-Modified: Fri, 08 Oct 2021 11:06:28 GMT
                                                                                                        ETag: "61602634-10d5c"
                                                                                                        Access-Control-Allow-Origin: *
                                                                                                        Access-Control-Allow-Methods: *
                                                                                                        Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                        CF-Cache-Status: HIT
                                                                                                        Age: 4441
                                                                                                        Accept-Ranges: bytes
                                                                                                        referrer-policy: same-origin
                                                                                                        x-content-type-options: nosniff
                                                                                                        x-frame-options: SAMEORIGIN
                                                                                                        x-xss-protection: 1; mode=block
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b0c339a54217-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                        2024-10-10 12:42:27 UTC629INData Raw: 77 4f 46 32 00 01 00 00 00 01 0d 5c 00 13 00 00 00 02 ee f0 00 01 0c f0 00 02 7f ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1a 82 4c 1b 81 e3 24 1c c8 76 14 89 5f 06 60 00 98 14 08 22 09 82 73 11 14 0a 87 8a 28 86 9a 64 12 81 b9 28 01 36 02 24 03 a6 6c 0b 93 38 00 04 20 05 86 24 07 20 0c 81 16 5b 2d ac 92 0a a5 32 76 ff 94 01 dd 8a 3a a2 1a d5 ae 11 cd dc e9 12 0b a9 fa cf e7 e4 c9 90 68 ec 4f d7 18 95 0c 06 ea ea d4 fe 03 07 d8 c6 40 ab d7 73 db ba 82 58 2f c5 65 ff ff ff ff ff ff ff 92 a4 12 63 96 14 48 7b 77 00 08 a0 02 6e aa 73 3f 1f 32 5d 61 39 2b 21 05 92 0b 39 d8 33 9c 73 49 29 b1 5a 21 c2 43 1c d1 f5 03 c6 13 4d 31 f7 b4 60 f5 f3 60 44 31 25 bf f8 95 0b d2 c6 bb 90 8d c3 de 76 9c c5 4b 8f 55 ec 37 de d1 ba d8 e1 70 f6 af 38 52
                                                                                                        Data Ascii: wOF2\L$v_`"s(d(6$l8 $ [-2v:hO@sX/ecH{wns?2]a9+!93sI)Z!CM1``D1%vKU7p8R
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: f4 c0 3e 30 71 49 79 d5 fc f0 df ff 5a e4 ad 57 3d 55 3d b3 00 fc ff 22 69 00 12 86 50 6d 10 15 c3 f1 51 51 51 cc 8a 40 47 01 b7 ff 3c bf b6 ee 79 3f e7 cf 0c 33 cd 14 b4 c3 08 03 e2 80 02 06 88 89 89 18 d9 8b 18 eb 62 05 66 02 22 2a 26 26 18 1d bb ad 1b 29 da 0b 43 28 c1 32 aa 24 77 36 87 88 4f c4 30 1e a0 6d 76 c2 86 ce 61 05 60 d4 ac 45 1b 0b 2b 99 13 b3 5e 19 8a 62 21 22 46 ce c0 9c 62 c6 8c c4 42 17 af cc 99 85 2b 9d 31 5d 94 f6 b4 29 b0 bd af fb 4b 3b 9d fb 4b af 28 38 b2 b8 61 70 00 27 95 50 47 03 0f b9 f6 f6 16 f2 21 7f 7f b3 93 c9 b4 29 a5 94 a2 23 a4 bb 53 e6 d8 48 20 72 a4 ce c8 13 be 6d ee a7 7e 0c af e7 f7 f2 4e f6 30 dd ad 1e 6f bc 59 3b 80 55 da 3e a4 14 8a f0 aa a4 ed 8f 0b 06 a2 76 2d 06 1a 70 74 c5 da 4d 9a 60 f6 a2 7b 4e 3f 98 d3 fe 93
                                                                                                        Data Ascii: >0qIyZW=U="iPmQQQ@G<y?3bf"*&&)C(2$w6O0mva`E+^b!"FbB+1])K;K(8ap'PG!)#SH rm~N0oY;U>v-ptM`{N?
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: bb 7e fd 6a a0 aa ba 49 74 a3 01 b2 05 70 04 10 94 86 46 da 47 34 e4 48 48 f7 0a 10 03 48 9a 80 83 b5 26 ba f3 63 d2 33 44 13 bb 43 88 e3 b0 c6 da 20 31 36 bc 88 e1 c4 f1 a1 ca d6 20 14 53 b7 b6 ea f1 ad 6a 32 5e de 40 a4 91 66 22 22 22 22 46 64 32 59 d6 e3 df 8e ab ef fc f2 fb 72 e4 ee 3d 17 d2 84 4c cd a5 c6 53 08 b5 30 c6 08 63 8c 30 9e c2 84 bc e5 6b 96 1d 74 66 88 c9 b0 c4 87 be 53 fd 4e aa 6f 2b c3 cc 5e ff ba f6 1e ad b5 68 2d 22 a2 b5 78 9e 12 25 22 b6 77 bd 48 b2 ef ff 6f 16 37 01 2a 96 d7 be c0 49 05 19 2a ca 88 32 bb 8c 75 cf bf ac c3 49 61 e9 c5 ba 1b 17 d7 86 90 fe 6e ba 86 3d 58 f6 6e ef 28 4c aa 2e c6 9f b8 d6 ef 93 e8 b8 6d e9 22 62 98 61 86 19 a3 9b a2 4d fb ff 7d 2c 35 0b 2e 72 9a 73 a5 3a 65 ab 56 46 1d 10 20 4a 1b 90 f2 be 3b 96 aa 91
                                                                                                        Data Ascii: ~jItpFG4HHH&c3DC 16 Sj2^@f""""Fd2Yr=LS0c0ktfSNo+^h-"x%"wHo7*I*2uIan=Xn(L.m"baM},5.rs:eVF J;
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 30 32 97 0f 59 c8 6a d6 f2 95 90 58 01 96 54 24 73 3d b2 ee 19 dd 16 42 aa d2 da 64 0b c3 08 f9 83 02 51 47 3c 94 21 89 72 b6 c8 26 6b e6 6b a5 eb 30 53 9b cc f5 24 17 08 d1 58 e6 0c d5 7c d9 b9 48 9f 1b fa ab 8a c2 62 44 18 6d 71 d7 ed 62 8c 65 84 d7 18 59 3c d3 8a 18 b0 05 5e be 5a 4a 93 22 12 b1 54 de 2f 24 25 ca c6 32 51 1d 71 a3 75 1c 99 66 74 b7 60 73 99 7e 2b 4b 5d be c5 0a 20 85 a0 48 8a 73 4a 28 a5 5c 2a 40 a5 d4 f4 53 2b 75 46 bd 34 80 46 9a 84 0a 69 5e 26 2d 08 db 3d 9f 1e e7 35 5d d0 79 c3 80 0c d2 8d 30 8d 82 49 f9 d0 13 2c 78 da 67 16 d5 da 41 14 44 58 3d 40 98 74 95 fa 21 c2 62 90 cc 30 2a 5b 5e 6b 19 cd b0 43 e9 a0 30 b6 8a 30 06 f9 36 e2 fe da 48 b8 6b ed 76 14 d5 9a 7d e8 8c 28 46 77 65 0e f6 cf d5 f9 86 bb 36 1c 15 98 1a 52 4e 93 45 12
                                                                                                        Data Ascii: 02YjXT$s=BdQG<!r&kk0S$X|HbDmqbeY<^ZJ"T/$%2Qquft`s~+K] HsJ(\*@S+uF4Fi^&-=5]y0I,xgADX=@t!b0*[^kC006Hkv}(Fwe6RNE
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 23 fc e9 84 7c eb 06 b3 2d 7c c6 7c 2d f9 11 3e af d4 fc 79 d8 62 7c 23 99 4d 51 5e 7b d9 95 64 dc 29 c4 37 03 74 0a 6b df 0a cf 04 a4 7d 21 00 af 53 39 33 bd 4c 20 10 7f 7f 06 d4 84 66 64 6d 54 c6 d4 45 67 42 0b 85 99 d4 88 2b 4c 4f b2 50 b0 16 63 87 a7 8b cb fd cc da e0 a0 b9 63 e4 40 0a f7 72 79 e9 20 46 3a e2 a4 93 9f d2 28 76 10 a2 b1 56 44 0b 3c d4 10 04 41 53 4c 72 21 19 96 b7 84 5b cd ad b1 72 c4 ec ee 36 77 f0 3c b6 2e d0 2d 38 5f d9 28 9a 88 76 82 c2 9e 19 e4 2e 38 d3 f6 65 37 9b 77 39 44 d2 33 85 00 58 b8 cc ce 2f d0 67 4e e2 c8 99 37 8d 85 2f 68 c8 8b 25 79 8c 52 e3 10 50 06 44 40 69 7e bc 98 94 20 8b d8 8e 85 45 a2 70 53 ad 3e 07 aa 5b 5b 7f 12 32 ae f4 64 52 af 4f c5 79 99 46 b8 88 43 a9 53 54 4f 34 5d 8a a4 1a 5b 46 3f 4b 8f fd 89 d0 d6 3e
                                                                                                        Data Ascii: #|-||->yb|#MQ^{d)7tk}!S93L fdmTEgB+LOPcc@ry F:(vVD<ASLr![r6w<.-8_(v.8e7w9D3X/gN7/h%yRPD@i~ EpS>[[2dROyFCSTO4][F?K>
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 2c 52 34 44 e7 1c 1e 04 52 6a e4 4e 74 59 45 a6 1c ef 69 08 52 dd e1 95 6b 87 bb be 10 54 9a 7b 81 fd a5 82 de 74 5e 19 32 b9 a7 9c 73 a1 2e fd 40 80 39 a7 ce 0f 89 8a 49 3f 9a 0d f6 4a 60 34 50 28 eb 7c ec 06 b8 c9 2d 6e 73 87 bb fc e6 0f 7f ef 1a eb ed 1b e7 5c 70 99 1e d2 49 87 5b 81 6b 88 67 a8 8e f1 a0 9e fb 0d a9 d5 5e 0f 96 84 33 a6 ce fc b5 c6 37 f5 23 d5 aa 97 1b 33 2b b3 8e 39 16 82 b5 c1 ba db 58 d9 34 b6 d8 4e ee 6c 3d dc 78 04 1e f3 84 a7 3c e3 79 f0 62 e5 25 af 78 cd 1b 3e ba 4f 83 cf 90 2f e0 2b df f8 ae 7e de 25 d6 33 d3 41 21 12 e7 52 00 80 10 8c a0 18 4e 25 68 74 46 70 12 f9 ff f7 2c d8 70 e0 0a af 26 7c 20 40 88 48 c4 10 09 90 06 b2 ff c7 e5 28 28 46 a9 ef 1b b6 a7 95 60 51 34 80 08 33 7a bf 82 9b 2e 47 a0 0b a1 7f e4 fc 27 23 5c 98 30
                                                                                                        Data Ascii: ,R4DRjNtYEiRkT{t^2s.@9I?J`4P(|-ns\pI[kg^37#3+9X4Nl=x<yb%x>O/+~%3A!RN%htFp,p&| @H((F`Q43z.G'#\0
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 88 7f c7 9b 6f 11 51 9e a5 64 cb d8 0b 96 47 86 49 02 81 61 35 d9 82 a8 e1 10 f7 eb bc 2b ae 12 5c 73 8b 08 8a 27 c9 7d cf 30 3f 97 de e0 c5 df a9 bc f4 03 c5 8f 7e 21 7b e5 7e 5d f4 da ef 04 7f f8 4b 37 2d 60 92 30 ca e9 a1 ff 39 93 e1 af 29 32 63 0d 03 88 bd 22 1a 69 1a 02 cd f5 99 b6 d4 5a 59 f2 d6 ce 90 99 a4 28 34 39 49 52 91 24 09 31 62 9e 84 06 24 7c 42 25 63 ca f1 b8 a4 a3 0e 22 83 15 7a 08 d7 2d 1f 6c 8a f3 5b 1f b5 94 30 d4 43 4d c3 52 4c 48 29 85 89 db 02 b3 20 ac 04 cd 81 19 71 16 5b 94 71 3e a0 64 92 b4 4b 24 aa 95 fb 9b 90 96 27 36 f0 e7 7f fb 0f 2d 55 bc b4 c6 d6 d0 ff 33 2d 5b 08 51 89 84 21 49 73 d8 9d 89 73 25 1b 78 16 ba c2 69 e5 a4 3f f8 aa 69 5d af 5b ac 9c 31 d4 34 2c c5 28 e1 53 f1 8e 40 21 45 37 25 20 81 3c a7 93 14 0d a2 e6 fa 4c
                                                                                                        Data Ascii: oQdGIa5+\s'}0?~!{~]K7-`09)2c"iZY(49IR$1b$|B%c"z-l[0CMRLH) q[q>dK$'6-U3-[Q!Iss%xi?i][14,(S@!E7% <L
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: 13 59 c9 41 ae ea 92 87 86 75 53 04 85 28 4a f1 4a 11 45 79 2a 51 a5 ea d5 a2 ce 16 bd df 59 f8 42 bf 08 71 42 52 a4 c9 51 c9 20 cf bc de f3 ed 6c 98 31 26 79 0f 81 04 6e 3e f8 25 bb 20 6f 6b 1e de 08 23 7f 53 39 67 c7 c2 2d c5 92 36 a0 60 93 d5 22 4c df 6a 2c 9d 10 8c b9 84 38 17 98 35 70 3b 63 6b 31 c1 41 30 3b 19 73 47 0f 1b 36 05 6b 2e cb f6 40 c1 69 42 cf 9e b0 a1 90 e2 42 50 7a a1 f0 ba 80 15 97 67 d8 5f 24 96 37 71 d6 83 25 41 88 6c ec db e9 70 47 23 e5 67 ee 36 38 d3 ef 10 56 20 93 c5 5d e0 ff 3b 4b 7f 37 82 5b be 31 e0 64 d7 6a 2a 64 c2 e5 b1 c9 16 fc 8f 20 eb db c1 27 01 57 db ce 5d 32 8f 02 45 1b a6 8f 57 e3 e4 ea e5 15 e4 ee a3 b2 49 c9 e0 43 05 4e dc 45 82 77 21 bb f0 32 0f b9 70 49 d3 b5 64 93 50 a2 eb 40 47 e0 9d 64 de 7f 30 45 d6 11 cd 4d
                                                                                                        Data Ascii: YAuS(JJEy*QYBqBRQ l1&yn>% ok#S9g-6`"Lj,85p;ck1A0;sG6k.@iBBPzg_$7q%AlpG#g68V ];K7[1dj*d 'W]2EWICNEw!2pIdP@Gd0EM
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: c5 ba ea 15 37 1a ac bd fc a5 ff 9c 73 c5 40 b6 5e 52 40 db ac 83 c1 cb 7a 59 f5 c3 44 2a 18 34 f6 39 9a 5f b4 9b 9a 35 c9 97 f6 06 b4 4f 05 e8 7a f9 82 c4 84 d5 01 fa 4f fa 4b 92 56 7f 48 d1 72 5c ca 19 de c5 24 d6 0a aa 32 59 ee 17 db 13 27 d6 42 57 f3 8a 70 23 1f ba 33 3e ff 2b 46 7f 89 85 ec 8a 1f 70 a7 08 97 2c f7 67 a8 a5 fe 08 58 04 9a 57 6e c6 23 c6 ad 97 70 60 49 6b d2 5c e9 f2 7c 94 bf 2f 9f 88 a1 a7 c8 35 f4 cc 64 c8 a1 11 80 14 6c 62 ab 16 59 37 b9 c8 73 cf c4 3e 73 50 87 80 cf 79 7b dd 7c 2d fd cd 2b ae cc 1b 0d 90 95 e2 94 8a 9b cb 42 df 0f 4b 57 d7 d9 aa e4 fa 97 5a 56 e7 8e 30 74 d7 6a 43 22 d3 7c 79 4e a7 8e 1c f4 cd 66 9d 0a b7 1b 05 39 9e d3 db 87 73 d9 7d bd 68 48 74 5a 40 f2 22 80 6b 73 53 73 e9 8d 31 6d 4f d8 f3 5e 70 fa 7a 45 df dd
                                                                                                        Data Ascii: 7s@^R@zYD*49_5OzOKVHr\$2Y'BWp#3>+Fp,gXWn#p`Ik\|/5dlbY7s>sPy{|-+BKWZV0tjC"|yNf9s}hHtZ@"ksSs1mO^pzE
                                                                                                        2024-10-10 12:42:27 UTC1369INData Raw: ec 6e 00 0a 2f 6b 18 9d ca 56 b3 2f bd 89 89 aa 2d f4 79 7a 94 94 06 b9 68 21 08 b8 3b e6 38 b3 25 1c e3 94 94 ae 0b dc 89 7c 2b 8a 3c 76 78 89 92 d6 19 98 35 71 5c fa 62 dc 0e 4c ec 93 dc 82 76 7a cf 04 8e 29 f4 cf 4d 82 d4 7f d2 4a c9 59 92 a2 96 8f ce 9c 2e d4 8b c4 64 a5 2d 5a 35 6d e9 f8 af e6 f9 a6 f1 e1 29 29 2d 0f bc 93 ae 9e a0 71 da d3 aa 0d 95 7e b0 26 9a a1 40 b5 f2 15 6e a9 b5 e7 ab 6c de 4d df fb b8 59 5d b7 12 22 63 1a f3 0e 38 cf 8d 53 9c e3 12 d7 b8 05 dd 4d fc 59 c4 04 85 94 84 a4 24 a3 11 f4 9d 29 4b 45 9e a7 26 1d e9 cc 8b bc ec 95 e2 e7 5d 13 65 a1 7d d6 19 41 91 5a 68 5b 39 7e 7b 0f fd ae 3d 0c 31 ea 3a e4 3a ea 9a 60 72 c8 9e 70 9d 62 f2 75 de 75 e5 ab 7a e5 5e 97 98 73 3d 69 d1 27 73 5d 6f 9c 7b df 5a 9b 6f f2 13 d2 15 61 19 fe 62
                                                                                                        Data Ascii: n/kV/-yzh!;8%|+<vx5q\bLvz)MJY.d-Z5m))-q~&@nlMY]"c8SMY$)KE&]e}AZh[9~{=1::`rpbuuz^s=i's]o{Zoab


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        10192.168.2.164972335.190.80.14436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:28 UTC494OUTPOST /report/v4?s=ryLni%2FihghpUFyWWmrK8R20k4ZOap7WmDZZVTwX2G%2BAFflqdgJNYjt2nHSEjLOJoETO6JVAhj6fKUCfAPwL7i2xC3Xsyc7HurtZEt4RsOS%2Fcmt6GqclfRxO%2F9GpvBsCwSzbxztgZn37NrA%3D%3D HTTP/1.1
                                                                                                        Host: a.nel.cloudflare.com
                                                                                                        Connection: keep-alive
                                                                                                        Content-Length: 458
                                                                                                        Content-Type: application/reports+json
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:28 UTC458OUTData Raw: 5b 7b 22 61 67 65 22 3a 34 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 31 31 32 34 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 37 32 2e 36 36 2e 34 30 2e 38 38 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 34 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 61 6d 70 61 69 67 6e 2d 73 74 61 74 69 73 74
                                                                                                        Data Ascii: [{"age":4,"body":{"elapsed_time":1124,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"172.66.40.88","status_code":404,"type":"http.error"},"type":"network-error","url":"https://campaign-statist
                                                                                                        2024-10-10 12:42:28 UTC168INHTTP/1.1 200 OK
                                                                                                        Content-Length: 0
                                                                                                        date: Thu, 10 Oct 2024 12:42:27 GMT
                                                                                                        Via: 1.1 google
                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                        Connection: close


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        11192.168.2.1649726104.22.74.1154436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:28 UTC611OUTGET /img/sender-logo-coloured.svg HTTP/1.1
                                                                                                        Host: stats.sender.net
                                                                                                        Connection: keep-alive
                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                        Sec-Fetch-Dest: image
                                                                                                        Referer: https://campaign-statistics.com/
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:28 UTC712INHTTP/1.1 200 OK
                                                                                                        Date: Thu, 10 Oct 2024 12:42:28 GMT
                                                                                                        Content-Type: image/svg+xml
                                                                                                        Transfer-Encoding: chunked
                                                                                                        Connection: close
                                                                                                        Last-Modified: Wed, 05 Oct 2022 10:20:25 GMT
                                                                                                        ETag: W/"633d5a69-f39"
                                                                                                        Access-Control-Allow-Origin: *
                                                                                                        Access-Control-Allow-Methods: *
                                                                                                        Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                        CF-Cache-Status: HIT
                                                                                                        Age: 3821
                                                                                                        referrer-policy: same-origin
                                                                                                        x-content-type-options: nosniff
                                                                                                        x-frame-options: SAMEORIGIN
                                                                                                        x-xss-protection: 1; mode=block
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b0c73a23436d-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                        2024-10-10 12:42:28 UTC657INData Raw: 66 33 39 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 0a 3c 73 76 67 20 76 65 72 73 69 6f 6e 3d 22 31 2e 31 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 36 37 33 2e 38 38 20 31 39 36 2e 34 38 22 20 78 6d 6c 3a 73 70 61 63 65 3d 22 70 72 65 73 65 72 76 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 78 6d 6c 6e 73 3a 63 63 3d 22 68 74 74 70 3a 2f 2f 63 72 65 61 74 69 76 65 63 6f 6d 6d 6f 6e 73 2e 6f 72 67 2f 6e 73 23 22 20 78 6d 6c 6e 73 3a 64 63 3d 22 68 74 74 70 3a 2f 2f 70 75 72 6c 2e 6f 72 67 2f 64 63 2f 65 6c 65 6d 65 6e 74 73 2f 31 2e 31 2f 22 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e
                                                                                                        Data Ascii: f39<?xml version="1.0" encoding="UTF-8"?><svg version="1.1" viewBox="0 0 673.88 196.48" xml:space="preserve" xmlns="http://www.w3.org/2000/svg" xmlns:cc="http://creativecommons.org/ns#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.
                                                                                                        2024-10-10 12:42:28 UTC1369INData Raw: 22 23 65 64 31 65 32 34 22 20 6f 66 66 73 65 74 3d 22 31 22 2f 3e 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 62 22 20 78 32 3d 22 31 22 20 67 72 61 64 69 65 6e 74 54 72 61 6e 73 66 6f 72 6d 3d 22 6d 61 74 72 69 78 28 2d 31 33 30 37 2e 31 20 2d 31 33 30 37 2e 31 20 2d 31 33 30 37 2e 31 20 31 33 30 37 2e 31 20 31 34 34 32 2e 34 20 31 31 37 31 2e 38 29 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 66 35 37 37 32 34 22 20 6f 66 66 73 65 74 3d 22 30 22 2f 3e 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 65 64 31 65 32 34 22 20 6f 66 66 73 65 74 3d 22 31 22 2f 3e 3c 2f 6c 69
                                                                                                        Data Ascii: "#ed1e24" offset="1"/></linearGradient><linearGradient id="b" x2="1" gradientTransform="matrix(-1307.1 -1307.1 -1307.1 1307.1 1442.4 1171.8)" gradientUnits="userSpaceOnUse"><stop stop-color="#f57724" offset="0"/><stop stop-color="#ed1e24" offset="1"/></li
                                                                                                        2024-10-10 12:42:28 UTC1369INData Raw: 35 35 2e 34 37 2d 32 31 33 2e 36 34 20 32 30 32 2e 38 37 2d 32 31 33 2e 36 34 20 35 31 2e 33 33 20 30 20 31 32 34 2e 32 31 20 36 2e 36 32 31 20 31 36 37 2e 32 36 20 32 37 2e 33 33 32 6c 2d 39 2e 31 20 36 34 2e 35 37 38 63 2d 34 38 2e 38 36 2d 35 2e 37 38 39 2d 31 30 36 2e 38 33 2d 39 2e 39 33 2d 31 34 35 2e 37 34 2d 39 2e 39 33 2d 36 39 2e 35 36 20 30 2d 31 30 30 2e 32 20 31 34 2e 38 39 39 2d 31 30 38 2e 34 38 20 38 38 2e 36 30 32 68 31 36 35 2e 36 31 22 20 66 69 6c 6c 3d 22 23 32 34 32 33 32 32 22 2f 3e 3c 70 61 74 68 20 64 3d 22 6d 33 35 36 32 2e 39 20 37 33 32 2e 36 31 68 2d 38 34 2e 34 36 76 2d 34 30 35 2e 37 35 68 31 30 31 2e 30 32 76 32 38 32 2e 33 38 63 35 35 2e 34 38 20 33 31 2e 34 36 35 20 39 32 2e 37 34 20 34 39 2e 36 38 34 20 31 33 33 2e 33 32
                                                                                                        Data Ascii: 55.47-213.64 202.87-213.64 51.33 0 124.21 6.621 167.26 27.332l-9.1 64.578c-48.86-5.789-106.83-9.93-145.74-9.93-69.56 0-100.2 14.899-108.48 88.602h165.61" fill="#242322"/><path d="m3562.9 732.61h-84.46v-405.75h101.02v282.38c55.48 31.465 92.74 49.684 133.32
                                                                                                        2024-10-10 12:42:28 UTC509INData Raw: 76 32 38 36 2e 35 32 63 35 37 2e 39 36 20 32 33 2e 31 38 34 20 39 35 2e 32 32 20 33 36 2e 34 33 38 20 31 33 34 2e 31 35 20 33 36 2e 34 33 38 68 32 38 2e 39 37 6c 31 30 2e 37 37 20 39 34 2e 33 39 38 22 20 66 69 6c 6c 3d 22 23 32 34 32 33 32 32 22 2f 3e 3c 70 61 74 68 20 64 3d 22 6d 31 37 34 37 2e 39 20 31 34 37 33 2e 36 2d 31 35 39 2e 39 35 2d 31 33 34 2e 39 34 68 32 30 33 2e 32 36 6c 2d 38 35 37 2e 35 37 2d 36 37 31 2e 38 32 76 2d 31 39 36 2e 34 33 6c 39 34 36 2e 32 20 37 36 38 2e 35 31 76 2d 31 36 36 2e 38 38 6c 31 32 39 2e 39 34 20 31 31 30 2e 39 36 76 32 39 30 2e 36 68 2d 32 36 31 2e 38 38 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 63 29 22 20 66 69 6c 6c 2d 72 75 6c 65 3d 22 65 76 65 6e 6f 64 64 22 2f 3e 3c 70 61 74 68 20 64 3d 22 6d 31 37 34 34 2e 38 20
                                                                                                        Data Ascii: v286.52c57.96 23.184 95.22 36.438 134.15 36.438h28.97l10.77 94.398" fill="#242322"/><path d="m1747.9 1473.6-159.95-134.94h203.26l-857.57-671.82v-196.43l946.2 768.51v-166.88l129.94 110.96v290.6h-261.88" fill="url(#c)" fill-rule="evenodd"/><path d="m1744.8
                                                                                                        2024-10-10 12:42:28 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                        Data Ascii: 0


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        12192.168.2.1649725104.22.74.1154436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:28 UTC611OUTGET /img/vectors/vector-group.svg HTTP/1.1
                                                                                                        Host: stats.sender.net
                                                                                                        Connection: keep-alive
                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                        Sec-Fetch-Dest: image
                                                                                                        Referer: https://campaign-statistics.com/
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:28 UTC712INHTTP/1.1 200 OK
                                                                                                        Date: Thu, 10 Oct 2024 12:42:28 GMT
                                                                                                        Content-Type: image/svg+xml
                                                                                                        Transfer-Encoding: chunked
                                                                                                        Connection: close
                                                                                                        Last-Modified: Wed, 05 Oct 2022 10:20:25 GMT
                                                                                                        ETag: W/"633d5a69-454"
                                                                                                        Access-Control-Allow-Origin: *
                                                                                                        Access-Control-Allow-Methods: *
                                                                                                        Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                        CF-Cache-Status: HIT
                                                                                                        Age: 3655
                                                                                                        referrer-policy: same-origin
                                                                                                        x-content-type-options: nosniff
                                                                                                        x-frame-options: SAMEORIGIN
                                                                                                        x-xss-protection: 1; mode=block
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b0c73f7042c2-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                        2024-10-10 12:42:28 UTC657INData Raw: 34 35 34 0d 0a 3c 73 76 67 20 77 69 64 74 68 3d 22 32 30 38 22 20 68 65 69 67 68 74 3d 22 31 31 30 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 32 30 38 20 31 31 30 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 31 37 2e 33 33 32 37 20 35 2e 34 32 39 38 33 4c 31 37 2e 33 33 32 35 20 35 2e 34 32 39 39 36 43 31 35 2e 32 34 36 33 20 36 2e 36 34 36 36 38 20 31 33 2e 35 31 36 39 20 38 2e 33 39 30 36 36 20 31 32 2e 33 31 37 37 20 31 30 2e 34 38 36 39 43 31 31 2e 31 31 38 35 20 31 32 2e 35 38 33 32 20 31 30 2e 34 39 31 38 20 31 34 2e 39 35 37 39 20 31 30 2e 35 30 30 33 20 31 37 2e 33 37 32 39 43 31 30 2e 35 30 38 39 20 31 39 2e 37
                                                                                                        Data Ascii: 454<svg width="208" height="110" viewBox="0 0 208 110" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M17.3327 5.42983L17.3325 5.42996C15.2463 6.64668 13.5169 8.39066 12.3177 10.4869C11.1185 12.5832 10.4918 14.9579 10.5003 17.3729C10.5089 19.7
                                                                                                        2024-10-10 12:42:28 UTC458INData Raw: 39 20 31 30 38 2e 38 32 36 5a 22 20 73 74 72 6f 6b 65 3d 22 23 46 38 46 33 46 30 22 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 32 30 37 2e 32 37 35 20 33 39 2e 34 33 30 37 4c 31 37 36 2e 39 31 32 20 32 32 4c 31 34 37 2e 30 39 39 20 33 39 2e 37 31 38 31 4c 31 37 37 2e 31 38 37 20 35 36 2e 38 33 36 34 4c 32 30 37 2e 32 37 35 20 33 39 2e 34 33 30 37 5a 22 20 66 69 6c 6c 3d 22 23 46 38 46 33 46 30 22 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 31 34 38 2e 30 31 31 20 31 30 38 2e 38 32 36 4c 31 37 37 2e 31 20 39 31 2e 39 39 37 39 4c 31 34 37 2e 37 34 32 20 37 35 2e 31 34 34 36 4c 31 31 38 2e 39 31 39 20 39 32 2e 32 37 34 32 4c 31 34 38 2e 30 31 31 20 31 30 38 2e 38 32 36 5a 22 20 73 74 72 6f 6b 65 3d 22 23 46 38 46 33 46 30 22 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 36
                                                                                                        Data Ascii: 9 108.826Z" stroke="#F8F3F0"/><path d="M207.275 39.4307L176.912 22L147.099 39.7181L177.187 56.8364L207.275 39.4307Z" fill="#F8F3F0"/><path d="M148.011 108.826L177.1 91.9979L147.742 75.1446L118.919 92.2742L148.011 108.826Z" stroke="#F8F3F0"/><path d="M6
                                                                                                        2024-10-10 12:42:28 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                        Data Ascii: 0


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        13192.168.2.1649724104.22.74.1154436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:28 UTC613OUTGET /img/vectors/vector-group-2.svg HTTP/1.1
                                                                                                        Host: stats.sender.net
                                                                                                        Connection: keep-alive
                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                        Sec-Fetch-Dest: image
                                                                                                        Referer: https://campaign-statistics.com/
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:28 UTC725INHTTP/1.1 200 OK
                                                                                                        Date: Thu, 10 Oct 2024 12:42:28 GMT
                                                                                                        Content-Type: image/svg+xml
                                                                                                        Content-Length: 801
                                                                                                        Connection: close
                                                                                                        Last-Modified: Wed, 05 Oct 2022 10:20:25 GMT
                                                                                                        ETag: "633d5a69-321"
                                                                                                        Access-Control-Allow-Origin: *
                                                                                                        Access-Control-Allow-Methods: *
                                                                                                        Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                        CF-Cache-Status: HIT
                                                                                                        Age: 1389
                                                                                                        Accept-Ranges: bytes
                                                                                                        referrer-policy: same-origin
                                                                                                        x-content-type-options: nosniff
                                                                                                        x-frame-options: SAMEORIGIN
                                                                                                        x-xss-protection: 1; mode=block
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b0c74b2ec32f-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                        2024-10-10 12:42:28 UTC644INData Raw: 3c 73 76 67 20 77 69 64 74 68 3d 22 38 32 22 20 68 65 69 67 68 74 3d 22 31 31 34 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 38 32 20 31 31 34 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 31 37 2e 37 34 36 31 20 34 2e 39 30 38 34 4c 31 37 2e 37 34 35 39 20 34 2e 39 30 38 35 33 43 31 35 2e 38 38 35 33 20 35 2e 39 39 33 37 20 31 34 2e 33 34 32 39 20 37 2e 35 34 39 31 33 20 31 33 2e 32 37 33 33 20 39 2e 34 31 38 37 35 43 31 32 2e 32 30 33 38 20 31 31 2e 32 38 38 34 20 31 31 2e 36 34 34 38 20 31 33 2e 34 30 36 34 20 31 31 2e 36 35 32 34 20 31 35 2e 35 36 30 33 43 31 31 2e 36 36 20 31 37 2e 37 31 34 32 20 31 32 2e 32 33 34 20
                                                                                                        Data Ascii: <svg width="82" height="114" viewBox="0 0 82 114" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M17.7461 4.9084L17.7459 4.90853C15.8853 5.9937 14.3429 7.54913 13.2733 9.41875C12.2038 11.2884 11.6448 13.4064 11.6524 15.5603C11.66 17.7142 12.234
                                                                                                        2024-10-10 12:42:28 UTC157INData Raw: 32 38 4c 31 2e 31 35 37 34 34 20 31 31 32 2e 36 33 38 5a 22 20 73 74 72 6f 6b 65 3d 22 23 46 38 46 33 46 30 22 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 35 35 2e 30 34 38 36 20 31 31 32 2e 36 33 38 4c 38 30 2e 39 39 38 36 20 39 37 2e 36 32 36 36 4c 35 34 2e 38 30 38 39 20 38 32 2e 35 39 31 38 4c 32 39 2e 30 39 36 20 39 37 2e 38 37 32 39 4c 35 35 2e 30 34 38 36 20 31 31 32 2e 36 33 38 5a 22 20 73 74 72 6f 6b 65 3d 22 23 46 38 46 33 46 30 22 2f 3e 0a 3c 2f 73 76 67 3e 0a
                                                                                                        Data Ascii: 28L1.15744 112.638Z" stroke="#F8F3F0"/><path d="M55.0486 112.638L80.9986 97.6266L54.8089 82.5918L29.096 97.8729L55.0486 112.638Z" stroke="#F8F3F0"/></svg>


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        14192.168.2.1649727104.22.74.1154436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:28 UTC617OUTGET /img/compressed/error-occurred.webp HTTP/1.1
                                                                                                        Host: stats.sender.net
                                                                                                        Connection: keep-alive
                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                        Sec-Fetch-Dest: image
                                                                                                        Referer: https://campaign-statistics.com/
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:28 UTC750INHTTP/1.1 200 OK
                                                                                                        Date: Thu, 10 Oct 2024 12:42:28 GMT
                                                                                                        Content-Type: image/webp
                                                                                                        Content-Length: 21702
                                                                                                        Connection: close
                                                                                                        Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        Access-Control-Allow-Methods: *
                                                                                                        Access-Control-Allow-Origin: *
                                                                                                        Cf-Bgj: h2pri,csam-hash
                                                                                                        ETag: "633d5a69-54c6"
                                                                                                        Last-Modified: Wed, 05 Oct 2022 10:20:25 GMT
                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                        CF-Cache-Status: HIT
                                                                                                        Age: 1294
                                                                                                        Accept-Ranges: bytes
                                                                                                        referrer-policy: same-origin
                                                                                                        x-content-type-options: nosniff
                                                                                                        x-frame-options: SAMEORIGIN
                                                                                                        x-xss-protection: 1; mode=block
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b0c7aff18c5f-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                        2024-10-10 12:42:28 UTC619INData Raw: 52 49 46 46 be 54 00 00 57 45 42 50 56 50 38 4c b2 54 00 00 2f 39 c2 6e 10 ff 07 b9 b6 dd 44 d2 ff bf 54 d5 dd c3 0c 31 cc 6a f2 cf 81 52 a0 25 b3 2d c9 4a 03 92 6d 4b 8a 94 1f 19 11 89 bb cb 88 35 b2 55 c6 8c 5c da bb 81 0c 93 5c db b6 6a 45 eb 0a ee ee 16 09 f1 92 0b 5d 9a ee ee 50 75 df 3d e7 6c 39 da 00 10 40 f5 c7 8d 93 6d 6b 6a ec 6b d2 88 03 98 17 68 6b ed 02 6e 6e 74 53 9b 6d bb 9e 99 6b 7c 08 00 bf 9b bf ff 00 3f 01 7e ba d9 2f 80 8b 2a 5e aa 94 5d 15 73 55 bc 02 bc 00 da 02 b8 27 e5 64 10 61 44 8a 50 4b 2b ed 7f 50 c5 1b c0 2b 29 dd 67 44 71 78 17 ee c2 9d fb 7f 68 71 d9 7f c9 f2 61 dc 4d 98 09 77 11 c6 cd 85 9b 70 17 ee 32 5c ba 8b 08 19 2e c3 65 84 74 c7 6e fa 06 61 ce cd 84 1b 37 d3 ad eb ff 9d 9b 09 37 6e c6 dd f8 30 ee 26 cd 34 eb fa 7f d7
                                                                                                        Data Ascii: RIFFTWEBPVP8LT/9nDT1jR%-JmK5U\\jE]Pu=l9@mkjkhknntSmk|?~/*^]sU'daDPK+P+)gDqxhqaMwp2\.etna77n0&4
                                                                                                        2024-10-10 12:42:28 UTC1369INData Raw: 5d e5 88 cc ff a5 5c 3d 1c 9a 75 9c c9 18 52 fe 64 3c 92 64 3a c6 64 14 91 2f 27 1e c9 5a fa 14 20 da d5 6a fa 6a 6b aa 70 a4 aa 36 3b 33 ff 97 ad d3 c0 6b 8a 9c 0b fd 3b 07 f8 0a 70 03 30 05 e8 9c ad d4 3d ce 5f 9a 9f 3e 7f dc f8 41 65 58 eb fe db bc ee 9d 3e 1e c5 4d f7 b9 eb f8 6f b1 57 39 0a da 36 72 9a de e0 cf f9 f7 23 88 88 09 d0 d7 c0 0d ef 0e 8a 3d 2b 33 23 02 b4 cc b1 2a 82 a5 32 bb bb aa 90 d7 ea ee 06 2f b1 19 0d 0b 4f 0c 7b 36 bb fa b1 bc 6d db ac ba 8d b5 6d 69 a6 70 22 f7 62 66 e6 b5 42 b6 ec 85 cd dc 5f d7 df 08 33 c8 ec 66 86 30 2d 0e 27 92 2d 43 38 69 66 b6 e5 29 cb 96 1c f8 2a 69 6d de b6 aa 1a 73 0e 4d 75 5a 5a a8 51 55 11 fd 87 46 db 4a 56 e9 22 45 06 32 1f ae f4 a1 35 36 3f b1 4f ff a7 ba 8d ac 2c 33 f3 5e 66 66 5e d4 ad 41 65 2c b4
                                                                                                        Data Ascii: ]\=uRd<d:d/'Z jjkp6;3k;p0=_>AeX>MoW96r#=+3#*2/O{6mmip"bfB_3f0-'-C8if)*imsMuZZQUFJV"E256?O,3^ff^Ae,
                                                                                                        2024-10-10 12:42:28 UTC1369INData Raw: e1 d2 5e 9a 79 44 46 c7 f3 93 a2 99 b4 97 62 e6 4c 78 8f e9 b9 72 11 a6 b1 f3 dd 7b f0 cb 9d e7 24 23 a4 71 44 29 e5 65 c8 f5 ad 98 66 0f 29 1f 12 46 c7 4a 04 c1 3c 7e a1 0b 84 49 33 82 04 9a 43 19 75 ce 43 bb 54 d1 b8 a4 00 52 aa 5a 08 c9 8a fc 05 12 36 d2 63 4f 7e fc 8d 6e 10 92 95 e3 a8 42 2a cd cc 1e 58 0d 79 23 a3 05 9f ae b8 7a a9 21 11 d1 9b 42 b0 7a ba d3 11 f8 65 3e fe e0 25 30 68 36 03 48 8a 1e 54 4a 65 66 15 19 d4 82 6f 9b 28 69 f2 d5 a8 2b 59 7a b0 93 12 48 be f4 c4 cb 60 83 f7 24 d1 ec 30 e9 43 a5 54 81 d5 65 03 be a8 4c 8a c0 95 58 f0 c3 6d 78 ae c3 17 97 90 8f db 85 f5 24 69 f2 19 8e 19 85 e1 62 60 d5 74 98 27 aa f9 92 9c 3c dd e1 3a 8d 8d 1f 9b 3e be 5f bf 8d 67 65 61 39 c9 c5 02 d1 80 0f ff 28 88 5a f4 a3 a2 c3 29 d2 82 16 4a 89 00 90 6b
                                                                                                        Data Ascii: ^yDFbLxr{$#qD)ef)FJ<~I3CuCTRZ6cO~nB*Xy#z!Bze>%0h6HTJefo(i+YzH`$0CTeLXmx$ib`t'<:>_gea9(Z)Jk
                                                                                                        2024-10-10 12:42:28 UTC1369INData Raw: 80 15 68 80 f4 ea 0b 6f 0c a5 c8 58 c9 b7 6d cb 51 92 2f 1a 91 1d 58 3b 41 06 1d 57 2d 71 3a 42 33 cd 85 d3 0a 5b 41 55 5a 21 cd 95 95 8f 0e a7 71 8f 31 00 16 19 be ad 5c 4e 54 e9 46 44 e6 a4 88 89 06 2a 19 92 08 d9 44 6e 74 3b 17 eb 92 15 a4 00 66 c9 b6 92 c2 06 ea c6 47 91 84 89 d6 db 2b cb cc e0 e6 77 00 99 1c e4 41 11 e5 71 d2 db 73 0c 59 08 ab ca be fa 26 32 de fa 05 2b 56 e3 64 a4 4e 3f b5 73 f1 92 a5 e4 73 1c 98 48 b6 25 15 22 99 2b 43 32 53 0a 5a 5a 29 ef 83 91 ad c9 a4 32 06 68 be 2c 0b 64 02 5d 45 35 43 38 b9 e7 37 82 03 26 7a e1 32 f6 cd 44 16 21 79 3a 23 52 f7 29 fe 34 6e 96 f2 72 ac 9d 8e 25 0c 29 76 1d 89 9d c0 44 6b 56 66 c6 e2 91 61 ca c0 3e cd 00 18 56 2d 87 15 b6 8e a2 f2 02 c1 ab 2f ed f9 de b7 7f d5 84 ac fa d9 2f 5d 98 ec 6b 21 42 20
                                                                                                        Data Ascii: hoXmQ/X;AW-q:B3[AUZ!q1\NTFD*Dnt;fG+wAqsY&2+VdN?ssH%"+C2SZZ)2h,d]E5C87&z2D!y:#R)4nr%)vDkVfa>V-//]k!B
                                                                                                        2024-10-10 12:42:28 UTC1369INData Raw: 76 57 32 91 04 63 4d 6c aa 06 47 c8 d0 38 d5 3e c1 a0 ca 95 d8 48 a6 11 71 0e 10 99 25 03 e1 cc 52 1e a0 58 0f 2d 9c 63 77 9b 95 d5 af c2 3b dc fe a7 8a 94 13 91 02 d4 c1 fb 87 c2 e4 0c 30 33 6c d9 b9 cd c9 58 22 9f 65 12 0b 17 67 66 23 0f bd 2a a4 ea 66 16 dc fd 1b e5 8c 37 25 71 a2 e3 51 65 41 42 03 60 73 bf 53 20 0e ab 09 e6 f0 aa 3e e2 a6 31 33 6c fc b0 d0 f0 36 3f 35 8d 33 36 3c 42 95 28 c1 3f b8 85 03 b2 31 d9 39 1b e5 de af 55 08 87 4e 82 fb 6f b7 66 23 74 56 94 6e 03 ec bb bf b3 73 c7 97 c7 54 18 a8 d1 98 d5 b3 68 c5 85 1d a5 42 99 b1 b9 2b fb 2d 5c d9 8a e4 2d bf 86 4b 1d 24 75 15 fb 1f b2 af f9 ba 04 63 a8 8d fa 49 04 b0 d2 7b eb b0 91 d1 c4 02 16 26 b3 3d 04 19 c1 bc 7c 8d 58 f3 5c f0 1c 8f de 33 a0 41 00 04 04 d2 49 4b eb 40 32 0e eb 2a a5 47
                                                                                                        Data Ascii: vW2cMlG8>Hq%RX-cw;03lX"egf#*f7%qQeAB`sS >13l6?536<B(?19UNof#tVnsThB+-\-K$ucI{&=|X\3AIK@2*G
                                                                                                        2024-10-10 12:42:28 UTC1369INData Raw: 67 1b 9e 8e 46 ae 67 b3 53 d3 4c 23 00 04 e6 68 76 d7 8a b3 2b 56 80 b2 1e 84 32 1c cd df 79 de ec 05 7f ce 5f 7a e5 55 6d 84 6e 3f ab b9 e8 78 01 85 1b ac 23 76 3a e2 e8 08 b1 fb 52 3b 4f d8 4c 34 e6 92 38 9d a7 be a0 5e 32 27 10 f2 45 3b a0 68 79 56 84 c1 76 49 4a 82 40 ba cf b6 56 25 20 11 80 17 de a3 b5 ec fd 57 19 f3 88 d5 64 a5 61 e5 cc f6 56 04 23 8f 4c e9 04 8a 2b 9b 1b 4f 1a 0f 40 72 42 5b 29 8f b4 43 2d 56 80 b2 0e 52 00 46 73 b6 f7 22 5e 78 fe 39 2a 71 c8 23 15 60 46 29 17 56 b3 64 ab 8f 80 48 60 24 b1 8c 48 81 3d 0a fa 91 60 93 00 48 75 d0 d2 c2 81 90 b8 c7 f7 da 32 e2 8a 57 40 bd 62 aa 2d 2b 32 3d d5 5d 9d 18 f5 be f2 d2 0b fc 26 e9 3e fd e1 e6 37 01 fd 3b 8c 73 c0 e8 e4 f6 4e 13 4e d4 6d 4c 4f bd e1 b8 21 55 2d 6d 04 5d d9 da 56 43 2d 66 5b
                                                                                                        Data Ascii: gFgSL#hv+V2y_zUmn?x#v:R;OL48^2'E;hyVvIJ@V% WdaV#L+O@rB[)C-VRFs"^x9*q#`F)VdH`$H=`Hu2W@b-+2=]&>7;sNNmLO!U-m]VC-f[
                                                                                                        2024-10-10 12:42:28 UTC1369INData Raw: 2e 5d ac 8b e0 4b 99 32 23 11 f5 fb bb c2 02 ad 1d f4 26 70 59 54 38 55 43 54 6b eb 3f 0a e5 51 5f 4d 89 6e f6 46 40 fb e2 fb e3 d3 17 2c 6e 90 4b db 5b 27 57 5a b3 9c 22 45 26 65 43 27 36 52 86 25 b8 2d d9 58 d0 94 da dd e3 3b 2a 6d 85 02 80 ac 44 1a bc 73 e9 72 98 a9 cf 3d 63 01 55 25 f9 fc 44 bd be 07 34 24 1f 75 5a db a4 cd 7e ed 45 50 54 49 bd 3c 3f 39 6e a0 c0 fd 06 98 95 a4 19 2f 86 05 c7 86 1d 24 c8 d7 1b 08 c0 dd 25 91 e1 2c 54 e9 5e 8d f5 33 f3 b6 28 a8 fd 50 04 d5 2c 58 7f ee 3b 86 14 ba 3c 7e 1a a4 34 a2 f4 fe ae 3c fd 66 fa e3 43 17 cc ac e9 d2 d6 46 64 39 6a 3c e9 64 e3 25 0d b3 f9 5c 96 eb 0a 36 05 f2 75 b0 74 65 db d5 b2 7e b5 2c f2 cc 59 49 f6 da ef 5c be 72 09 0c a7 e1 a4 9f ab bb ff cb 13 90 44 7e e6 1b fa 1c e4 3e 3e 7a 86 50 af 2f fd
                                                                                                        Data Ascii: .]K2#&pYT8UCTk?Q_MnF@,nK['WZ"E&eC'6R%-X;*mDsr=cU%D4$uZ~EPTI<?9n/$%,T^3(P,X;<~4<fCFd9j<d%\6ute~,YI\rD~>>zP/
                                                                                                        2024-10-10 12:42:28 UTC1369INData Raw: 3f 3c dd 78 35 c2 d2 01 4e 4e 6b 78 6c 7c ec 8d 26 7a 3e 4a 27 09 a2 bb 5b 33 da 9d d4 c6 34 5f c9 85 2e 49 38 37 76 1e 32 95 a9 0e 4b 41 1f a0 94 df 7a fa ea 65 59 53 09 15 37 6b 2b 52 db e1 26 2f 27 41 69 b4 49 92 08 1b e0 1b 74 48 55 a9 e9 ba f2 ad ef 0c 39 81 90 ff 53 45 6a 83 60 01 37 4e 75 ec 30 01 a1 b1 b6 2b 6e 37 bf 77 ff cc 8c f4 9d f6 d3 bb ee ca 63 36 15 8f c5 13 19 0d a1 14 38 0d b5 77 ab 51 4a 7f f0 0d 9c 7e 90 b4 11 5d 9e 53 83 4a ea b1 5c 23 cd 6c d0 53 cb 71 30 fe 63 00 09 f4 dc ed c8 61 79 f5 40 a9 68 78 b6 7a 56 ad c8 15 54 c3 86 9a c7 70 87 df 7a e6 6a b0 5e ab 7b 1c 53 12 20 24 54 d9 8d 68 91 43 f2 82 58 81 01 a7 cc 73 55 80 6c 2b 2f c9 2b c4 e0 46 c8 32 25 2c 68 32 d6 26 92 0a 8b c2 7f 3a 43 5d 46 ea 4d 95 57 78 ff a5 a2 52 7d c7 7f
                                                                                                        Data Ascii: ?<x5NNkxl|&z>J'[34_.I87v2KAzeYS7k+R&/'AiItHU9SEj`7Nu0+n7wc68wQJ~]SJ\#lSq0cay@hxzVTpzj^{S $ThCXsUl+/+F2%,h2&:C]FMWxR}
                                                                                                        2024-10-10 12:42:28 UTC1369INData Raw: c1 a5 a9 62 3c 97 7f 37 9c 7e 66 62 c2 ea e9 8d e3 a1 42 d5 dc a2 98 c7 d7 3f 14 ce 9f 5c cf d2 d0 da 63 07 da 49 aa f2 03 d8 ae 35 6a ae 5e d4 38 3a ec ea c0 8e 46 53 35 a3 bf 79 0e 81 a9 7d a3 0c 08 e6 b8 c6 74 7a a9 b6 50 e7 ee 5e 56 5b 17 d5 2c 3e 1b ec 4b f2 c7 4a ae 3d a5 2d 47 d2 1b 9e fb 97 63 53 e2 40 9c ee 48 e4 c1 b3 7d ec 72 75 6f 87 7d 81 e8 0a 09 91 2e 57 b2 3f ad 1f 75 d3 7b e0 93 42 55 5d 67 db f3 ce f6 26 12 89 fc 04 81 34 66 43 89 54 2b 38 07 97 51 70 69 aa 98 ec d7 a7 ef 7d ff 07 c2 1a 93 bf ee 53 95 f4 30 d1 a9 76 27 e3 64 b5 a4 f2 93 70 31 68 fe a0 0f a0 e7 9e b0 e3 c2 00 15 e6 33 9d 3d 12 13 a1 93 11 73 2f 0e 7a 86 72 ac 6a 75 00 20 19 5d 17 0f 47 4d 72 65 bb 99 da 59 1b 94 b5 e4 dc 81 92 07 a3 80 91 e5 cc fa bd 2e 6e 5d 86 f8 e5 03
                                                                                                        Data Ascii: b<7~fbB?\cI5j^8:FS5y}tzP^V[,>KJ=-GcS@H}ruo}.W?u{BU]g&4fCT+8Qpi}S0v'dp1h3=s/zrju ]GMreY.n]
                                                                                                        2024-10-10 12:42:28 UTC1369INData Raw: f0 e0 4e 73 eb d6 26 d6 39 aa c7 a3 80 b2 20 a4 c5 81 00 0b 37 db 8d 68 56 af 00 73 77 64 91 ad b6 76 f1 f1 f8 74 cc 0a 17 58 dd 0a ac c3 3c 8c 2e 5a 97 59 81 c7 59 7b 2a 49 99 a7 f8 ae f4 00 05 61 a8 df db 14 3a 30 9f 1e 61 e2 fe e7 9a 7d b5 66 9b f8 4f ed b0 fd ec 27 24 29 92 a1 80 7a 4f 31 40 61 42 22 42 55 b3 b9 d0 97 bf f1 96 d7 85 25 66 6e 3a 4c 24 24 3c 21 0a c7 a3 41 19 20 11 82 a1 d1 9d 7d f1 55 00 b3 6d e5 69 8d 33 39 23 d0 91 1c 11 10 c5 78 e0 99 3d 3e 66 be 94 29 c8 fd 33 fe ed ad 9b b0 66 1a 1d 1a 3c 47 cb 22 14 f5 26 ea 06 8d 61 c9 7e c5 56 5b 72 07 af 22 d2 7f cd b1 e9 76 da 1f ff 30 3d bd aa 18 6d 3d 58 60 48 84 91 54 26 46 9c 93 61 ec 52 b8 40 14 c7 dc 9c fa fa ce 59 6c c5 3c 90 12 cf 91 93 7b da 79 70 c7 5f f6 86 1e cc 4c f7 c3 5a 3b e3
                                                                                                        Data Ascii: Ns&9 7hVswdvtX<.ZYY{*Ia:0a}fO'$)zO1@aB"BU%fn:L$$<!A }Umi39#x=>f)3f<G"&a~V[r"v0=m=X`HT&FaR@Yl<{yp_LZ;


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        15192.168.2.1649731104.22.74.1154436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:28 UTC368OUTGET /img/vectors/vector-group.svg HTTP/1.1
                                                                                                        Host: stats.sender.net
                                                                                                        Connection: keep-alive
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        Accept: */*
                                                                                                        Sec-Fetch-Site: none
                                                                                                        Sec-Fetch-Mode: cors
                                                                                                        Sec-Fetch-Dest: empty
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:29 UTC712INHTTP/1.1 200 OK
                                                                                                        Date: Thu, 10 Oct 2024 12:42:29 GMT
                                                                                                        Content-Type: image/svg+xml
                                                                                                        Transfer-Encoding: chunked
                                                                                                        Connection: close
                                                                                                        Last-Modified: Wed, 05 Oct 2022 10:20:25 GMT
                                                                                                        ETag: W/"633d5a69-454"
                                                                                                        Access-Control-Allow-Origin: *
                                                                                                        Access-Control-Allow-Methods: *
                                                                                                        Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                        CF-Cache-Status: HIT
                                                                                                        Age: 3655
                                                                                                        referrer-policy: same-origin
                                                                                                        x-content-type-options: nosniff
                                                                                                        x-frame-options: SAMEORIGIN
                                                                                                        x-xss-protection: 1; mode=block
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b0cb2c4bc425-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                        2024-10-10 12:42:29 UTC657INData Raw: 34 35 34 0d 0a 3c 73 76 67 20 77 69 64 74 68 3d 22 32 30 38 22 20 68 65 69 67 68 74 3d 22 31 31 30 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 32 30 38 20 31 31 30 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 31 37 2e 33 33 32 37 20 35 2e 34 32 39 38 33 4c 31 37 2e 33 33 32 35 20 35 2e 34 32 39 39 36 43 31 35 2e 32 34 36 33 20 36 2e 36 34 36 36 38 20 31 33 2e 35 31 36 39 20 38 2e 33 39 30 36 36 20 31 32 2e 33 31 37 37 20 31 30 2e 34 38 36 39 43 31 31 2e 31 31 38 35 20 31 32 2e 35 38 33 32 20 31 30 2e 34 39 31 38 20 31 34 2e 39 35 37 39 20 31 30 2e 35 30 30 33 20 31 37 2e 33 37 32 39 43 31 30 2e 35 30 38 39 20 31 39 2e 37
                                                                                                        Data Ascii: 454<svg width="208" height="110" viewBox="0 0 208 110" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M17.3327 5.42983L17.3325 5.42996C15.2463 6.64668 13.5169 8.39066 12.3177 10.4869C11.1185 12.5832 10.4918 14.9579 10.5003 17.3729C10.5089 19.7
                                                                                                        2024-10-10 12:42:29 UTC458INData Raw: 39 20 31 30 38 2e 38 32 36 5a 22 20 73 74 72 6f 6b 65 3d 22 23 46 38 46 33 46 30 22 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 32 30 37 2e 32 37 35 20 33 39 2e 34 33 30 37 4c 31 37 36 2e 39 31 32 20 32 32 4c 31 34 37 2e 30 39 39 20 33 39 2e 37 31 38 31 4c 31 37 37 2e 31 38 37 20 35 36 2e 38 33 36 34 4c 32 30 37 2e 32 37 35 20 33 39 2e 34 33 30 37 5a 22 20 66 69 6c 6c 3d 22 23 46 38 46 33 46 30 22 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 31 34 38 2e 30 31 31 20 31 30 38 2e 38 32 36 4c 31 37 37 2e 31 20 39 31 2e 39 39 37 39 4c 31 34 37 2e 37 34 32 20 37 35 2e 31 34 34 36 4c 31 31 38 2e 39 31 39 20 39 32 2e 32 37 34 32 4c 31 34 38 2e 30 31 31 20 31 30 38 2e 38 32 36 5a 22 20 73 74 72 6f 6b 65 3d 22 23 46 38 46 33 46 30 22 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 36
                                                                                                        Data Ascii: 9 108.826Z" stroke="#F8F3F0"/><path d="M207.275 39.4307L176.912 22L147.099 39.7181L177.187 56.8364L207.275 39.4307Z" fill="#F8F3F0"/><path d="M148.011 108.826L177.1 91.9979L147.742 75.1446L118.919 92.2742L148.011 108.826Z" stroke="#F8F3F0"/><path d="M6
                                                                                                        2024-10-10 12:42:29 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                        Data Ascii: 0


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        16192.168.2.1649729104.22.74.1154436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:28 UTC368OUTGET /img/sender-logo-coloured.svg HTTP/1.1
                                                                                                        Host: stats.sender.net
                                                                                                        Connection: keep-alive
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        Accept: */*
                                                                                                        Sec-Fetch-Site: none
                                                                                                        Sec-Fetch-Mode: cors
                                                                                                        Sec-Fetch-Dest: empty
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:29 UTC712INHTTP/1.1 200 OK
                                                                                                        Date: Thu, 10 Oct 2024 12:42:28 GMT
                                                                                                        Content-Type: image/svg+xml
                                                                                                        Transfer-Encoding: chunked
                                                                                                        Connection: close
                                                                                                        Last-Modified: Wed, 05 Oct 2022 10:20:25 GMT
                                                                                                        ETag: W/"633d5a69-f39"
                                                                                                        Access-Control-Allow-Origin: *
                                                                                                        Access-Control-Allow-Methods: *
                                                                                                        Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                        CF-Cache-Status: HIT
                                                                                                        Age: 3821
                                                                                                        referrer-policy: same-origin
                                                                                                        x-content-type-options: nosniff
                                                                                                        x-frame-options: SAMEORIGIN
                                                                                                        x-xss-protection: 1; mode=block
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b0cb1a0b42ab-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                        2024-10-10 12:42:29 UTC657INData Raw: 66 33 39 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 0a 3c 73 76 67 20 76 65 72 73 69 6f 6e 3d 22 31 2e 31 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 36 37 33 2e 38 38 20 31 39 36 2e 34 38 22 20 78 6d 6c 3a 73 70 61 63 65 3d 22 70 72 65 73 65 72 76 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 78 6d 6c 6e 73 3a 63 63 3d 22 68 74 74 70 3a 2f 2f 63 72 65 61 74 69 76 65 63 6f 6d 6d 6f 6e 73 2e 6f 72 67 2f 6e 73 23 22 20 78 6d 6c 6e 73 3a 64 63 3d 22 68 74 74 70 3a 2f 2f 70 75 72 6c 2e 6f 72 67 2f 64 63 2f 65 6c 65 6d 65 6e 74 73 2f 31 2e 31 2f 22 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e
                                                                                                        Data Ascii: f39<?xml version="1.0" encoding="UTF-8"?><svg version="1.1" viewBox="0 0 673.88 196.48" xml:space="preserve" xmlns="http://www.w3.org/2000/svg" xmlns:cc="http://creativecommons.org/ns#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.
                                                                                                        2024-10-10 12:42:29 UTC1369INData Raw: 22 23 65 64 31 65 32 34 22 20 6f 66 66 73 65 74 3d 22 31 22 2f 3e 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 62 22 20 78 32 3d 22 31 22 20 67 72 61 64 69 65 6e 74 54 72 61 6e 73 66 6f 72 6d 3d 22 6d 61 74 72 69 78 28 2d 31 33 30 37 2e 31 20 2d 31 33 30 37 2e 31 20 2d 31 33 30 37 2e 31 20 31 33 30 37 2e 31 20 31 34 34 32 2e 34 20 31 31 37 31 2e 38 29 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 66 35 37 37 32 34 22 20 6f 66 66 73 65 74 3d 22 30 22 2f 3e 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 65 64 31 65 32 34 22 20 6f 66 66 73 65 74 3d 22 31 22 2f 3e 3c 2f 6c 69
                                                                                                        Data Ascii: "#ed1e24" offset="1"/></linearGradient><linearGradient id="b" x2="1" gradientTransform="matrix(-1307.1 -1307.1 -1307.1 1307.1 1442.4 1171.8)" gradientUnits="userSpaceOnUse"><stop stop-color="#f57724" offset="0"/><stop stop-color="#ed1e24" offset="1"/></li
                                                                                                        2024-10-10 12:42:29 UTC1369INData Raw: 35 35 2e 34 37 2d 32 31 33 2e 36 34 20 32 30 32 2e 38 37 2d 32 31 33 2e 36 34 20 35 31 2e 33 33 20 30 20 31 32 34 2e 32 31 20 36 2e 36 32 31 20 31 36 37 2e 32 36 20 32 37 2e 33 33 32 6c 2d 39 2e 31 20 36 34 2e 35 37 38 63 2d 34 38 2e 38 36 2d 35 2e 37 38 39 2d 31 30 36 2e 38 33 2d 39 2e 39 33 2d 31 34 35 2e 37 34 2d 39 2e 39 33 2d 36 39 2e 35 36 20 30 2d 31 30 30 2e 32 20 31 34 2e 38 39 39 2d 31 30 38 2e 34 38 20 38 38 2e 36 30 32 68 31 36 35 2e 36 31 22 20 66 69 6c 6c 3d 22 23 32 34 32 33 32 32 22 2f 3e 3c 70 61 74 68 20 64 3d 22 6d 33 35 36 32 2e 39 20 37 33 32 2e 36 31 68 2d 38 34 2e 34 36 76 2d 34 30 35 2e 37 35 68 31 30 31 2e 30 32 76 32 38 32 2e 33 38 63 35 35 2e 34 38 20 33 31 2e 34 36 35 20 39 32 2e 37 34 20 34 39 2e 36 38 34 20 31 33 33 2e 33 32
                                                                                                        Data Ascii: 55.47-213.64 202.87-213.64 51.33 0 124.21 6.621 167.26 27.332l-9.1 64.578c-48.86-5.789-106.83-9.93-145.74-9.93-69.56 0-100.2 14.899-108.48 88.602h165.61" fill="#242322"/><path d="m3562.9 732.61h-84.46v-405.75h101.02v282.38c55.48 31.465 92.74 49.684 133.32
                                                                                                        2024-10-10 12:42:29 UTC509INData Raw: 76 32 38 36 2e 35 32 63 35 37 2e 39 36 20 32 33 2e 31 38 34 20 39 35 2e 32 32 20 33 36 2e 34 33 38 20 31 33 34 2e 31 35 20 33 36 2e 34 33 38 68 32 38 2e 39 37 6c 31 30 2e 37 37 20 39 34 2e 33 39 38 22 20 66 69 6c 6c 3d 22 23 32 34 32 33 32 32 22 2f 3e 3c 70 61 74 68 20 64 3d 22 6d 31 37 34 37 2e 39 20 31 34 37 33 2e 36 2d 31 35 39 2e 39 35 2d 31 33 34 2e 39 34 68 32 30 33 2e 32 36 6c 2d 38 35 37 2e 35 37 2d 36 37 31 2e 38 32 76 2d 31 39 36 2e 34 33 6c 39 34 36 2e 32 20 37 36 38 2e 35 31 76 2d 31 36 36 2e 38 38 6c 31 32 39 2e 39 34 20 31 31 30 2e 39 36 76 32 39 30 2e 36 68 2d 32 36 31 2e 38 38 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 63 29 22 20 66 69 6c 6c 2d 72 75 6c 65 3d 22 65 76 65 6e 6f 64 64 22 2f 3e 3c 70 61 74 68 20 64 3d 22 6d 31 37 34 34 2e 38 20
                                                                                                        Data Ascii: v286.52c57.96 23.184 95.22 36.438 134.15 36.438h28.97l10.77 94.398" fill="#242322"/><path d="m1747.9 1473.6-159.95-134.94h203.26l-857.57-671.82v-196.43l946.2 768.51v-166.88l129.94 110.96v290.6h-261.88" fill="url(#c)" fill-rule="evenodd"/><path d="m1744.8
                                                                                                        2024-10-10 12:42:29 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                        Data Ascii: 0


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        17192.168.2.1649730104.22.74.1154436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:28 UTC370OUTGET /img/vectors/vector-group-2.svg HTTP/1.1
                                                                                                        Host: stats.sender.net
                                                                                                        Connection: keep-alive
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        Accept: */*
                                                                                                        Sec-Fetch-Site: none
                                                                                                        Sec-Fetch-Mode: cors
                                                                                                        Sec-Fetch-Dest: empty
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:29 UTC725INHTTP/1.1 200 OK
                                                                                                        Date: Thu, 10 Oct 2024 12:42:29 GMT
                                                                                                        Content-Type: image/svg+xml
                                                                                                        Content-Length: 801
                                                                                                        Connection: close
                                                                                                        Last-Modified: Wed, 05 Oct 2022 10:20:25 GMT
                                                                                                        ETag: "633d5a69-321"
                                                                                                        Access-Control-Allow-Origin: *
                                                                                                        Access-Control-Allow-Methods: *
                                                                                                        Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                        CF-Cache-Status: HIT
                                                                                                        Age: 1390
                                                                                                        Accept-Ranges: bytes
                                                                                                        referrer-policy: same-origin
                                                                                                        x-content-type-options: nosniff
                                                                                                        x-frame-options: SAMEORIGIN
                                                                                                        x-xss-protection: 1; mode=block
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b0cb3eed42e0-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                        2024-10-10 12:42:29 UTC644INData Raw: 3c 73 76 67 20 77 69 64 74 68 3d 22 38 32 22 20 68 65 69 67 68 74 3d 22 31 31 34 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 38 32 20 31 31 34 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 31 37 2e 37 34 36 31 20 34 2e 39 30 38 34 4c 31 37 2e 37 34 35 39 20 34 2e 39 30 38 35 33 43 31 35 2e 38 38 35 33 20 35 2e 39 39 33 37 20 31 34 2e 33 34 32 39 20 37 2e 35 34 39 31 33 20 31 33 2e 32 37 33 33 20 39 2e 34 31 38 37 35 43 31 32 2e 32 30 33 38 20 31 31 2e 32 38 38 34 20 31 31 2e 36 34 34 38 20 31 33 2e 34 30 36 34 20 31 31 2e 36 35 32 34 20 31 35 2e 35 36 30 33 43 31 31 2e 36 36 20 31 37 2e 37 31 34 32 20 31 32 2e 32 33 34 20
                                                                                                        Data Ascii: <svg width="82" height="114" viewBox="0 0 82 114" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M17.7461 4.9084L17.7459 4.90853C15.8853 5.9937 14.3429 7.54913 13.2733 9.41875C12.2038 11.2884 11.6448 13.4064 11.6524 15.5603C11.66 17.7142 12.234
                                                                                                        2024-10-10 12:42:29 UTC157INData Raw: 32 38 4c 31 2e 31 35 37 34 34 20 31 31 32 2e 36 33 38 5a 22 20 73 74 72 6f 6b 65 3d 22 23 46 38 46 33 46 30 22 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 35 35 2e 30 34 38 36 20 31 31 32 2e 36 33 38 4c 38 30 2e 39 39 38 36 20 39 37 2e 36 32 36 36 4c 35 34 2e 38 30 38 39 20 38 32 2e 35 39 31 38 4c 32 39 2e 30 39 36 20 39 37 2e 38 37 32 39 4c 35 35 2e 30 34 38 36 20 31 31 32 2e 36 33 38 5a 22 20 73 74 72 6f 6b 65 3d 22 23 46 38 46 33 46 30 22 2f 3e 0a 3c 2f 73 76 67 3e 0a
                                                                                                        Data Ascii: 28L1.15744 112.638Z" stroke="#F8F3F0"/><path d="M55.0486 112.638L80.9986 97.6266L54.8089 82.5918L29.096 97.8729L55.0486 112.638Z" stroke="#F8F3F0"/></svg>


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        18192.168.2.1649733104.22.74.1154436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:29 UTC374OUTGET /img/compressed/error-occurred.webp HTTP/1.1
                                                                                                        Host: stats.sender.net
                                                                                                        Connection: keep-alive
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        Accept: */*
                                                                                                        Sec-Fetch-Site: none
                                                                                                        Sec-Fetch-Mode: cors
                                                                                                        Sec-Fetch-Dest: empty
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:29 UTC750INHTTP/1.1 200 OK
                                                                                                        Date: Thu, 10 Oct 2024 12:42:29 GMT
                                                                                                        Content-Type: image/webp
                                                                                                        Content-Length: 21702
                                                                                                        Connection: close
                                                                                                        Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        Access-Control-Allow-Methods: *
                                                                                                        Access-Control-Allow-Origin: *
                                                                                                        Cf-Bgj: h2pri,csam-hash
                                                                                                        ETag: "633d5a69-54c6"
                                                                                                        Last-Modified: Wed, 05 Oct 2022 10:20:25 GMT
                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                        CF-Cache-Status: HIT
                                                                                                        Age: 1295
                                                                                                        Accept-Ranges: bytes
                                                                                                        referrer-policy: same-origin
                                                                                                        x-content-type-options: nosniff
                                                                                                        x-frame-options: SAMEORIGIN
                                                                                                        x-xss-protection: 1; mode=block
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b0cc287742a9-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                        2024-10-10 12:42:29 UTC619INData Raw: 52 49 46 46 be 54 00 00 57 45 42 50 56 50 38 4c b2 54 00 00 2f 39 c2 6e 10 ff 07 b9 b6 dd 44 d2 ff bf 54 d5 dd c3 0c 31 cc 6a f2 cf 81 52 a0 25 b3 2d c9 4a 03 92 6d 4b 8a 94 1f 19 11 89 bb cb 88 35 b2 55 c6 8c 5c da bb 81 0c 93 5c db b6 6a 45 eb 0a ee ee 16 09 f1 92 0b 5d 9a ee ee 50 75 df 3d e7 6c 39 da 00 10 40 f5 c7 8d 93 6d 6b 6a ec 6b d2 88 03 98 17 68 6b ed 02 6e 6e 74 53 9b 6d bb 9e 99 6b 7c 08 00 bf 9b bf ff 00 3f 01 7e ba d9 2f 80 8b 2a 5e aa 94 5d 15 73 55 bc 02 bc 00 da 02 b8 27 e5 64 10 61 44 8a 50 4b 2b ed 7f 50 c5 1b c0 2b 29 dd 67 44 71 78 17 ee c2 9d fb 7f 68 71 d9 7f c9 f2 61 dc 4d 98 09 77 11 c6 cd 85 9b 70 17 ee 32 5c ba 8b 08 19 2e c3 65 84 74 c7 6e fa 06 61 ce cd 84 1b 37 d3 ad eb ff 9d 9b 09 37 6e c6 dd f8 30 ee 26 cd 34 eb fa 7f d7
                                                                                                        Data Ascii: RIFFTWEBPVP8LT/9nDT1jR%-JmK5U\\jE]Pu=l9@mkjkhknntSmk|?~/*^]sU'daDPK+P+)gDqxhqaMwp2\.etna77n0&4
                                                                                                        2024-10-10 12:42:29 UTC1369INData Raw: 5d e5 88 cc ff a5 5c 3d 1c 9a 75 9c c9 18 52 fe 64 3c 92 64 3a c6 64 14 91 2f 27 1e c9 5a fa 14 20 da d5 6a fa 6a 6b aa 70 a4 aa 36 3b 33 ff 97 ad d3 c0 6b 8a 9c 0b fd 3b 07 f8 0a 70 03 30 05 e8 9c ad d4 3d ce 5f 9a 9f 3e 7f dc f8 41 65 58 eb fe db bc ee 9d 3e 1e c5 4d f7 b9 eb f8 6f b1 57 39 0a da 36 72 9a de e0 cf f9 f7 23 88 88 09 d0 d7 c0 0d ef 0e 8a 3d 2b 33 23 02 b4 cc b1 2a 82 a5 32 bb bb aa 90 d7 ea ee 06 2f b1 19 0d 0b 4f 0c 7b 36 bb fa b1 bc 6d db ac ba 8d b5 6d 69 a6 70 22 f7 62 66 e6 b5 42 b6 ec 85 cd dc 5f d7 df 08 33 c8 ec 66 86 30 2d 0e 27 92 2d 43 38 69 66 b6 e5 29 cb 96 1c f8 2a 69 6d de b6 aa 1a 73 0e 4d 75 5a 5a a8 51 55 11 fd 87 46 db 4a 56 e9 22 45 06 32 1f ae f4 a1 35 36 3f b1 4f ff a7 ba 8d ac 2c 33 f3 5e 66 66 5e d4 ad 41 65 2c b4
                                                                                                        Data Ascii: ]\=uRd<d:d/'Z jjkp6;3k;p0=_>AeX>MoW96r#=+3#*2/O{6mmip"bfB_3f0-'-C8if)*imsMuZZQUFJV"E256?O,3^ff^Ae,
                                                                                                        2024-10-10 12:42:29 UTC1369INData Raw: e1 d2 5e 9a 79 44 46 c7 f3 93 a2 99 b4 97 62 e6 4c 78 8f e9 b9 72 11 a6 b1 f3 dd 7b f0 cb 9d e7 24 23 a4 71 44 29 e5 65 c8 f5 ad 98 66 0f 29 1f 12 46 c7 4a 04 c1 3c 7e a1 0b 84 49 33 82 04 9a 43 19 75 ce 43 bb 54 d1 b8 a4 00 52 aa 5a 08 c9 8a fc 05 12 36 d2 63 4f 7e fc 8d 6e 10 92 95 e3 a8 42 2a cd cc 1e 58 0d 79 23 a3 05 9f ae b8 7a a9 21 11 d1 9b 42 b0 7a ba d3 11 f8 65 3e fe e0 25 30 68 36 03 48 8a 1e 54 4a 65 66 15 19 d4 82 6f 9b 28 69 f2 d5 a8 2b 59 7a b0 93 12 48 be f4 c4 cb 60 83 f7 24 d1 ec 30 e9 43 a5 54 81 d5 65 03 be a8 4c 8a c0 95 58 f0 c3 6d 78 ae c3 17 97 90 8f db 85 f5 24 69 f2 19 8e 19 85 e1 62 60 d5 74 98 27 aa f9 92 9c 3c dd e1 3a 8d 8d 1f 9b 3e be 5f bf 8d 67 65 61 39 c9 c5 02 d1 80 0f ff 28 88 5a f4 a3 a2 c3 29 d2 82 16 4a 89 00 90 6b
                                                                                                        Data Ascii: ^yDFbLxr{$#qD)ef)FJ<~I3CuCTRZ6cO~nB*Xy#z!Bze>%0h6HTJefo(i+YzH`$0CTeLXmx$ib`t'<:>_gea9(Z)Jk
                                                                                                        2024-10-10 12:42:29 UTC1369INData Raw: 80 15 68 80 f4 ea 0b 6f 0c a5 c8 58 c9 b7 6d cb 51 92 2f 1a 91 1d 58 3b 41 06 1d 57 2d 71 3a 42 33 cd 85 d3 0a 5b 41 55 5a 21 cd 95 95 8f 0e a7 71 8f 31 00 16 19 be ad 5c 4e 54 e9 46 44 e6 a4 88 89 06 2a 19 92 08 d9 44 6e 74 3b 17 eb 92 15 a4 00 66 c9 b6 92 c2 06 ea c6 47 91 84 89 d6 db 2b cb cc e0 e6 77 00 99 1c e4 41 11 e5 71 d2 db 73 0c 59 08 ab ca be fa 26 32 de fa 05 2b 56 e3 64 a4 4e 3f b5 73 f1 92 a5 e4 73 1c 98 48 b6 25 15 22 99 2b 43 32 53 0a 5a 5a 29 ef 83 91 ad c9 a4 32 06 68 be 2c 0b 64 02 5d 45 35 43 38 b9 e7 37 82 03 26 7a e1 32 f6 cd 44 16 21 79 3a 23 52 f7 29 fe 34 6e 96 f2 72 ac 9d 8e 25 0c 29 76 1d 89 9d c0 44 6b 56 66 c6 e2 91 61 ca c0 3e cd 00 18 56 2d 87 15 b6 8e a2 f2 02 c1 ab 2f ed f9 de b7 7f d5 84 ac fa d9 2f 5d 98 ec 6b 21 42 20
                                                                                                        Data Ascii: hoXmQ/X;AW-q:B3[AUZ!q1\NTFD*Dnt;fG+wAqsY&2+VdN?ssH%"+C2SZZ)2h,d]E5C87&z2D!y:#R)4nr%)vDkVfa>V-//]k!B
                                                                                                        2024-10-10 12:42:29 UTC1369INData Raw: 76 57 32 91 04 63 4d 6c aa 06 47 c8 d0 38 d5 3e c1 a0 ca 95 d8 48 a6 11 71 0e 10 99 25 03 e1 cc 52 1e a0 58 0f 2d 9c 63 77 9b 95 d5 af c2 3b dc fe a7 8a 94 13 91 02 d4 c1 fb 87 c2 e4 0c 30 33 6c d9 b9 cd c9 58 22 9f 65 12 0b 17 67 66 23 0f bd 2a a4 ea 66 16 dc fd 1b e5 8c 37 25 71 a2 e3 51 65 41 42 03 60 73 bf 53 20 0e ab 09 e6 f0 aa 3e e2 a6 31 33 6c fc b0 d0 f0 36 3f 35 8d 33 36 3c 42 95 28 c1 3f b8 85 03 b2 31 d9 39 1b e5 de af 55 08 87 4e 82 fb 6f b7 66 23 74 56 94 6e 03 ec bb bf b3 73 c7 97 c7 54 18 a8 d1 98 d5 b3 68 c5 85 1d a5 42 99 b1 b9 2b fb 2d 5c d9 8a e4 2d bf 86 4b 1d 24 75 15 fb 1f b2 af f9 ba 04 63 a8 8d fa 49 04 b0 d2 7b eb b0 91 d1 c4 02 16 26 b3 3d 04 19 c1 bc 7c 8d 58 f3 5c f0 1c 8f de 33 a0 41 00 04 04 d2 49 4b eb 40 32 0e eb 2a a5 47
                                                                                                        Data Ascii: vW2cMlG8>Hq%RX-cw;03lX"egf#*f7%qQeAB`sS >13l6?536<B(?19UNof#tVnsThB+-\-K$ucI{&=|X\3AIK@2*G
                                                                                                        2024-10-10 12:42:29 UTC1369INData Raw: 67 1b 9e 8e 46 ae 67 b3 53 d3 4c 23 00 04 e6 68 76 d7 8a b3 2b 56 80 b2 1e 84 32 1c cd df 79 de ec 05 7f ce 5f 7a e5 55 6d 84 6e 3f ab b9 e8 78 01 85 1b ac 23 76 3a e2 e8 08 b1 fb 52 3b 4f d8 4c 34 e6 92 38 9d a7 be a0 5e 32 27 10 f2 45 3b a0 68 79 56 84 c1 76 49 4a 82 40 ba cf b6 56 25 20 11 80 17 de a3 b5 ec fd 57 19 f3 88 d5 64 a5 61 e5 cc f6 56 04 23 8f 4c e9 04 8a 2b 9b 1b 4f 1a 0f 40 72 42 5b 29 8f b4 43 2d 56 80 b2 0e 52 00 46 73 b6 f7 22 5e 78 fe 39 2a 71 c8 23 15 60 46 29 17 56 b3 64 ab 8f 80 48 60 24 b1 8c 48 81 3d 0a fa 91 60 93 00 48 75 d0 d2 c2 81 90 b8 c7 f7 da 32 e2 8a 57 40 bd 62 aa 2d 2b 32 3d d5 5d 9d 18 f5 be f2 d2 0b fc 26 e9 3e fd e1 e6 37 01 fd 3b 8c 73 c0 e8 e4 f6 4e 13 4e d4 6d 4c 4f bd e1 b8 21 55 2d 6d 04 5d d9 da 56 43 2d 66 5b
                                                                                                        Data Ascii: gFgSL#hv+V2y_zUmn?x#v:R;OL48^2'E;hyVvIJ@V% WdaV#L+O@rB[)C-VRFs"^x9*q#`F)VdH`$H=`Hu2W@b-+2=]&>7;sNNmLO!U-m]VC-f[
                                                                                                        2024-10-10 12:42:29 UTC1369INData Raw: 2e 5d ac 8b e0 4b 99 32 23 11 f5 fb bb c2 02 ad 1d f4 26 70 59 54 38 55 43 54 6b eb 3f 0a e5 51 5f 4d 89 6e f6 46 40 fb e2 fb e3 d3 17 2c 6e 90 4b db 5b 27 57 5a b3 9c 22 45 26 65 43 27 36 52 86 25 b8 2d d9 58 d0 94 da dd e3 3b 2a 6d 85 02 80 ac 44 1a bc 73 e9 72 98 a9 cf 3d 63 01 55 25 f9 fc 44 bd be 07 34 24 1f 75 5a db a4 cd 7e ed 45 50 54 49 bd 3c 3f 39 6e a0 c0 fd 06 98 95 a4 19 2f 86 05 c7 86 1d 24 c8 d7 1b 08 c0 dd 25 91 e1 2c 54 e9 5e 8d f5 33 f3 b6 28 a8 fd 50 04 d5 2c 58 7f ee 3b 86 14 ba 3c 7e 1a a4 34 a2 f4 fe ae 3c fd 66 fa e3 43 17 cc ac e9 d2 d6 46 64 39 6a 3c e9 64 e3 25 0d b3 f9 5c 96 eb 0a 36 05 f2 75 b0 74 65 db d5 b2 7e b5 2c f2 cc 59 49 f6 da ef 5c be 72 09 0c a7 e1 a4 9f ab bb ff cb 13 90 44 7e e6 1b fa 1c e4 3e 3e 7a 86 50 af 2f fd
                                                                                                        Data Ascii: .]K2#&pYT8UCTk?Q_MnF@,nK['WZ"E&eC'6R%-X;*mDsr=cU%D4$uZ~EPTI<?9n/$%,T^3(P,X;<~4<fCFd9j<d%\6ute~,YI\rD~>>zP/
                                                                                                        2024-10-10 12:42:29 UTC1369INData Raw: 3f 3c dd 78 35 c2 d2 01 4e 4e 6b 78 6c 7c ec 8d 26 7a 3e 4a 27 09 a2 bb 5b 33 da 9d d4 c6 34 5f c9 85 2e 49 38 37 76 1e 32 95 a9 0e 4b 41 1f a0 94 df 7a fa ea 65 59 53 09 15 37 6b 2b 52 db e1 26 2f 27 41 69 b4 49 92 08 1b e0 1b 74 48 55 a9 e9 ba f2 ad ef 0c 39 81 90 ff 53 45 6a 83 60 01 37 4e 75 ec 30 01 a1 b1 b6 2b 6e 37 bf 77 ff cc 8c f4 9d f6 d3 bb ee ca 63 36 15 8f c5 13 19 0d a1 14 38 0d b5 77 ab 51 4a 7f f0 0d 9c 7e 90 b4 11 5d 9e 53 83 4a ea b1 5c 23 cd 6c d0 53 cb 71 30 fe 63 00 09 f4 dc ed c8 61 79 f5 40 a9 68 78 b6 7a 56 ad c8 15 54 c3 86 9a c7 70 87 df 7a e6 6a b0 5e ab 7b 1c 53 12 20 24 54 d9 8d 68 91 43 f2 82 58 81 01 a7 cc 73 55 80 6c 2b 2f c9 2b c4 e0 46 c8 32 25 2c 68 32 d6 26 92 0a 8b c2 7f 3a 43 5d 46 ea 4d 95 57 78 ff a5 a2 52 7d c7 7f
                                                                                                        Data Ascii: ?<x5NNkxl|&z>J'[34_.I87v2KAzeYS7k+R&/'AiItHU9SEj`7Nu0+n7wc68wQJ~]SJ\#lSq0cay@hxzVTpzj^{S $ThCXsUl+/+F2%,h2&:C]FMWxR}
                                                                                                        2024-10-10 12:42:29 UTC1369INData Raw: c1 a5 a9 62 3c 97 7f 37 9c 7e 66 62 c2 ea e9 8d e3 a1 42 d5 dc a2 98 c7 d7 3f 14 ce 9f 5c cf d2 d0 da 63 07 da 49 aa f2 03 d8 ae 35 6a ae 5e d4 38 3a ec ea c0 8e 46 53 35 a3 bf 79 0e 81 a9 7d a3 0c 08 e6 b8 c6 74 7a a9 b6 50 e7 ee 5e 56 5b 17 d5 2c 3e 1b ec 4b f2 c7 4a ae 3d a5 2d 47 d2 1b 9e fb 97 63 53 e2 40 9c ee 48 e4 c1 b3 7d ec 72 75 6f 87 7d 81 e8 0a 09 91 2e 57 b2 3f ad 1f 75 d3 7b e0 93 42 55 5d 67 db f3 ce f6 26 12 89 fc 04 81 34 66 43 89 54 2b 38 07 97 51 70 69 aa 98 ec d7 a7 ef 7d ff 07 c2 1a 93 bf ee 53 95 f4 30 d1 a9 76 27 e3 64 b5 a4 f2 93 70 31 68 fe a0 0f a0 e7 9e b0 e3 c2 00 15 e6 33 9d 3d 12 13 a1 93 11 73 2f 0e 7a 86 72 ac 6a 75 00 20 19 5d 17 0f 47 4d 72 65 bb 99 da 59 1b 94 b5 e4 dc 81 92 07 a3 80 91 e5 cc fa bd 2e 6e 5d 86 f8 e5 03
                                                                                                        Data Ascii: b<7~fbB?\cI5j^8:FS5y}tzP^V[,>KJ=-GcS@H}ruo}.W?u{BU]g&4fCT+8Qpi}S0v'dp1h3=s/zrju ]GMreY.n]
                                                                                                        2024-10-10 12:42:29 UTC1369INData Raw: f0 e0 4e 73 eb d6 26 d6 39 aa c7 a3 80 b2 20 a4 c5 81 00 0b 37 db 8d 68 56 af 00 73 77 64 91 ad b6 76 f1 f1 f8 74 cc 0a 17 58 dd 0a ac c3 3c 8c 2e 5a 97 59 81 c7 59 7b 2a 49 99 a7 f8 ae f4 00 05 61 a8 df db 14 3a 30 9f 1e 61 e2 fe e7 9a 7d b5 66 9b f8 4f ed b0 fd ec 27 24 29 92 a1 80 7a 4f 31 40 61 42 22 42 55 b3 b9 d0 97 bf f1 96 d7 85 25 66 6e 3a 4c 24 24 3c 21 0a c7 a3 41 19 20 11 82 a1 d1 9d 7d f1 55 00 b3 6d e5 69 8d 33 39 23 d0 91 1c 11 10 c5 78 e0 99 3d 3e 66 be 94 29 c8 fd 33 fe ed ad 9b b0 66 1a 1d 1a 3c 47 cb 22 14 f5 26 ea 06 8d 61 c9 7e c5 56 5b 72 07 af 22 d2 7f cd b1 e9 76 da 1f ff 30 3d bd aa 18 6d 3d 58 60 48 84 91 54 26 46 9c 93 61 ec 52 b8 40 14 c7 dc 9c fa fa ce 59 6c c5 3c 90 12 cf 91 93 7b da 79 70 c7 5f f6 86 1e cc 4c f7 c3 5a 3b e3
                                                                                                        Data Ascii: Ns&9 7hVswdvtX<.ZYY{*Ia:0a}fO'$)zO1@aB"BU%fn:L$$<!A }Umi39#x=>f)3f<G"&a~V[r"v0=m=X`HT&FaR@Yl<{yp_LZ;


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        19192.168.2.1649735172.66.40.884436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:29 UTC667OUTGET /favicon.ico HTTP/1.1
                                                                                                        Host: campaign-statistics.com
                                                                                                        Connection: keep-alive
                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                        Sec-Fetch-Site: same-origin
                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                        Sec-Fetch-Dest: image
                                                                                                        Referer: https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:29 UTC988INHTTP/1.1 200 OK
                                                                                                        Date: Thu, 10 Oct 2024 12:42:29 GMT
                                                                                                        Content-Type: image/x-icon
                                                                                                        Content-Length: 0
                                                                                                        Connection: close
                                                                                                        last-modified: Thu, 08 Jul 2021 10:21:54 GMT
                                                                                                        etag: "60e6d1c2-0"
                                                                                                        access-control-allow-origin: *
                                                                                                        access-control-allow-methods: *
                                                                                                        access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        strict-transport-security: max-age=63072000; includeSubdomains
                                                                                                        x-content-type-options: nosniff
                                                                                                        Cache-Control: max-age=14400
                                                                                                        CF-Cache-Status: HIT
                                                                                                        Age: 5509
                                                                                                        Accept-Ranges: bytes
                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bo5dpd9mmVB6zLSgXdzQTyw8utNrVi7iVCIgw8YLr6dfg3plgJIn%2BbdllhVMStVyatNnPLKkiN8CRHJLmDQIkL2JoWTdH5uWd6qBzHa0EG4TjUL%2BXMtZyLT%2BWmY39CJyLEJdGcrJLQfnSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b0cf1b6f5e73-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        20192.168.2.1649741172.66.43.1684436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:30 UTC358OUTGET /favicon.ico HTTP/1.1
                                                                                                        Host: campaign-statistics.com
                                                                                                        Connection: keep-alive
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        Accept: */*
                                                                                                        Sec-Fetch-Site: none
                                                                                                        Sec-Fetch-Mode: cors
                                                                                                        Sec-Fetch-Dest: empty
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:30 UTC996INHTTP/1.1 200 OK
                                                                                                        Date: Thu, 10 Oct 2024 12:42:30 GMT
                                                                                                        Content-Type: image/x-icon
                                                                                                        Content-Length: 0
                                                                                                        Connection: close
                                                                                                        last-modified: Thu, 08 Jul 2021 10:21:54 GMT
                                                                                                        etag: "60e6d1c2-0"
                                                                                                        access-control-allow-origin: *
                                                                                                        access-control-allow-methods: *
                                                                                                        access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        strict-transport-security: max-age=63072000; includeSubdomains
                                                                                                        x-content-type-options: nosniff
                                                                                                        Cache-Control: max-age=14400
                                                                                                        CF-Cache-Status: HIT
                                                                                                        Age: 5510
                                                                                                        Accept-Ranges: bytes
                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r4M%2B%2FbS9lrgDV94OT15CQgiBof4FrsRjqmQJepWqZMM2ICvUe8gh2C1qlYAH8JpFFz%2BicY9WqcWlpk4mc%2BiNAMONf%2BmDK%2BQV%2BLOuU5miPBK9h60Nmt7o2hpgho7BAWJx7MyrHuUcWg2o6A%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b0d698ff5e66-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        21192.168.2.164974320.109.210.53443
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:40 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=42ycGH7ZShD68cc&MD=fKTz3ubA HTTP/1.1
                                                                                                        Connection: Keep-Alive
                                                                                                        Accept: */*
                                                                                                        User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                        Host: slscr.update.microsoft.com
                                                                                                        2024-10-10 12:42:40 UTC560INHTTP/1.1 200 OK
                                                                                                        Cache-Control: no-cache
                                                                                                        Pragma: no-cache
                                                                                                        Content-Type: application/octet-stream
                                                                                                        Expires: -1
                                                                                                        Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                        ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                                                                                        MS-CorrelationId: 23856e79-b3d7-49bf-8e33-33e5b921d8f8
                                                                                                        MS-RequestId: f2c46c88-a2f5-4e05-8b50-45fa17c381c4
                                                                                                        MS-CV: IDWtkThUyk+3sMvL.0
                                                                                                        X-Microsoft-SLSClientCache: 1440
                                                                                                        Content-Disposition: attachment; filename=environment.cab
                                                                                                        X-Content-Type-Options: nosniff
                                                                                                        Date: Thu, 10 Oct 2024 12:42:39 GMT
                                                                                                        Connection: close
                                                                                                        Content-Length: 30005
                                                                                                        2024-10-10 12:42:40 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                                                                                        Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                                                                                        2024-10-10 12:42:40 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                                                                                        Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        22192.168.2.1649746172.66.40.884436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:42:48 UTC731OUTGET /link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d HTTP/1.1
                                                                                                        Host: campaign-statistics.com
                                                                                                        Connection: keep-alive
                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                        Sec-Fetch-Site: none
                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                        Sec-Fetch-User: ?1
                                                                                                        Sec-Fetch-Dest: document
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:42:49 UTC862INHTTP/1.1 404 Not Found
                                                                                                        Date: Thu, 10 Oct 2024 12:42:48 GMT
                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                        Transfer-Encoding: chunked
                                                                                                        Connection: close
                                                                                                        access-control-allow-origin: *
                                                                                                        access-control-allow-methods: *
                                                                                                        access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                        cf-cache-status: DYNAMIC
                                                                                                        vary: accept-encoding
                                                                                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dm3UpvNCihDfek4HUDrbsbZlEbX4TY6f8fQoBP%2Bqehf5B0lO%2FNniudYDltzy8MPWIN7tU0s1XI42Zgpmzx5fWGKs%2FICaADwDl0JDbcy4L9tPopXTqKHrHJEZBARuYMKMKgN6c5%2BR2rjLCA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                        Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                        Server: cloudflare
                                                                                                        CF-RAY: 8d06b146f9c842e9-EWR
                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                        2024-10-10 12:42:49 UTC507INData Raw: 62 38 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 69 65 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 53 65 6e 64 65 72 2e 6e 65 74 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 0a 20 20
                                                                                                        Data Ascii: b8b<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <title>Sender.net - Page Not Found</title>
                                                                                                        2024-10-10 12:42:49 UTC1369INData Raw: 64 65 72 2e 6e 65 74 2f 66 6f 6e 74 73 2f 73 75 69 73 73 65 69 6e 74 6c 2d 73 65 6d 69 62 6f 6c 64 2d 77 65 62 78 6c 2e 77 6f 66 66 32 22 20 61 73 3d 22 66 6f 6e 74 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 2f 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 2d 63 6f 6e 74 20 64 2d 66 6c 65 78 20 66 6c 65 78 2d 6a 75 73 74 69 66 79 2d 63 65 6e 74 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 73 65 6e 64 65 72 2e 6e 65 74 2f 22 20 74 69 74 6c 65 3d 22 53 65 6e 64 65 72 2e 6e
                                                                                                        Data Ascii: der.net/fonts/suisseintl-semibold-webxl.woff2" as="font" crossorigin="anonymous" /></head><body><div> <div class="container"> <div class="logo-cont d-flex flex-justify-center"> <a href="https://www.sender.net/" title="Sender.n
                                                                                                        2024-10-10 12:42:49 UTC1086INData Raw: 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 20 64 3d 22 4d 33 31 2e 30 30 38 20 33 34 2e 38 32 35 34 4c 36 30 2e 30 38 34 37 20 31 37 2e 39 39 37 39 4c 33 30 2e 37 32 37 32 20 31 2e 31 34 34 35 4c 31 2e 39 31 36 32 34 20 31 38 2e 32 37 34 4c 33 31 2e 30 30 38 20 33 34 2e 38 32 35 34 5a 22 20 73 74 72 6f 6b 65 3d 22 77 68 69 74 65 22 3e 3c 2f 70 61 74 68 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 76 67 3e 0a 20 20 20 20 20 20 20 20 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 3c 70 69 63 74 75 72 65 20 63 6c 61 73 73 3d 22 65 72 72 6f 72 2d 69 6d 67 2d 68 6f 6c 64 65 72 20 64 2d 62 6c 6f 63 6b 20 70 2d
                                                                                                        Data Ascii: none" xmlns="http://www.w3.org/2000/svg"> <path d="M31.008 34.8254L60.0847 17.9979L30.7272 1.1445L1.91624 18.274L31.008 34.8254Z" stroke="white"></path> </svg> </span> <picture class="error-img-holder d-block p-
                                                                                                        2024-10-10 12:42:49 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                        Data Ascii: 0


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        23192.168.2.164975035.190.80.14436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:43:27 UTC560OUTOPTIONS /report/v4?s=Dm3UpvNCihDfek4HUDrbsbZlEbX4TY6f8fQoBP%2Bqehf5B0lO%2FNniudYDltzy8MPWIN7tU0s1XI42Zgpmzx5fWGKs%2FICaADwDl0JDbcy4L9tPopXTqKHrHJEZBARuYMKMKgN6c5%2BR2rjLCA%3D%3D HTTP/1.1
                                                                                                        Host: a.nel.cloudflare.com
                                                                                                        Connection: keep-alive
                                                                                                        Origin: https://campaign-statistics.com
                                                                                                        Access-Control-Request-Method: POST
                                                                                                        Access-Control-Request-Headers: content-type
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:43:27 UTC336INHTTP/1.1 200 OK
                                                                                                        Content-Length: 0
                                                                                                        access-control-max-age: 86400
                                                                                                        access-control-allow-methods: OPTIONS, POST
                                                                                                        access-control-allow-origin: *
                                                                                                        access-control-allow-headers: content-length, content-type
                                                                                                        date: Thu, 10 Oct 2024 12:43:27 GMT
                                                                                                        Via: 1.1 google
                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                        Connection: close


                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                        24192.168.2.164975135.190.80.14436916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        TimestampBytes transferredDirectionData
                                                                                                        2024-10-10 12:43:28 UTC494OUTPOST /report/v4?s=Dm3UpvNCihDfek4HUDrbsbZlEbX4TY6f8fQoBP%2Bqehf5B0lO%2FNniudYDltzy8MPWIN7tU0s1XI42Zgpmzx5fWGKs%2FICaADwDl0JDbcy4L9tPopXTqKHrHJEZBARuYMKMKgN6c5%2BR2rjLCA%3D%3D HTTP/1.1
                                                                                                        Host: a.nel.cloudflare.com
                                                                                                        Connection: keep-alive
                                                                                                        Content-Length: 462
                                                                                                        Content-Type: application/reports+json
                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                        2024-10-10 12:43:28 UTC462OUTData Raw: 5b 7b 22 61 67 65 22 3a 33 38 30 30 38 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 32 30 34 31 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 37 32 2e 36 36 2e 34 30 2e 38 38 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 34 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 61 6d 70 61 69 67 6e 2d 73 74 61
                                                                                                        Data Ascii: [{"age":38008,"body":{"elapsed_time":2041,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"172.66.40.88","status_code":404,"type":"http.error"},"type":"network-error","url":"https://campaign-sta
                                                                                                        2024-10-10 12:43:28 UTC168INHTTP/1.1 200 OK
                                                                                                        Content-Length: 0
                                                                                                        date: Thu, 10 Oct 2024 12:43:28 GMT
                                                                                                        Via: 1.1 google
                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                        Connection: close


                                                                                                        Statistics

                                                                                                        CPU Usage

                                                                                                        Click to jump to process

                                                                                                        Memory Usage

                                                                                                        Click to jump to process

                                                                                                        High Level Behavior Distribution

                                                                                                        Click to dive into process behavior distribution

                                                                                                        Behavior

                                                                                                        Click to jump to process

                                                                                                        System Behavior

                                                                                                        General

                                                                                                        Target ID:0
                                                                                                        Start time:08:41:53
                                                                                                        Start date:10/10/2024
                                                                                                        Path:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                        Wow64 process (32bit):true
                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /eml "C:\Users\user\Desktop\QUOTE 452362.eml"
                                                                                                        Imagebase:0xfd0000
                                                                                                        File size:34'446'744 bytes
                                                                                                        MD5 hash:91A5292942864110ED734005B7E005C0
                                                                                                        Has elevated privileges:true
                                                                                                        Has administrator privileges:true
                                                                                                        Programmed in:C, C++ or other language
                                                                                                        Reputation:high
                                                                                                        Has exited:false

                                                                                                        General

                                                                                                        Target ID:2
                                                                                                        Start time:08:41:54
                                                                                                        Start date:10/10/2024
                                                                                                        Path:C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe
                                                                                                        Wow64 process (32bit):false
                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "E7D18160-CC43-4C8E-B574-ADC7AAB96AD4" "7188BDE5-66D5-491E-AE9C-E48C4525983E" "6712" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
                                                                                                        Imagebase:0x7ff6bdf80000
                                                                                                        File size:710'048 bytes
                                                                                                        MD5 hash:EC652BEDD90E089D9406AFED89A8A8BD
                                                                                                        Has elevated privileges:true
                                                                                                        Has administrator privileges:true
                                                                                                        Programmed in:C, C++ or other language
                                                                                                        Reputation:high
                                                                                                        Has exited:false

                                                                                                        General

                                                                                                        Target ID:11
                                                                                                        Start time:08:42:24
                                                                                                        Start date:10/10/2024
                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        Wow64 process (32bit):false
                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d
                                                                                                        Imagebase:0x7ff7f9810000
                                                                                                        File size:3'242'272 bytes
                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                        Has elevated privileges:true
                                                                                                        Has administrator privileges:true
                                                                                                        Programmed in:C, C++ or other language
                                                                                                        Reputation:high
                                                                                                        Has exited:false

                                                                                                        General

                                                                                                        Target ID:12
                                                                                                        Start time:08:42:24
                                                                                                        Start date:10/10/2024
                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        Wow64 process (32bit):false
                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1940,i,7224633850826834353,5271304985398107482,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                        Imagebase:0x7ff7f9810000
                                                                                                        File size:3'242'272 bytes
                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                        Has elevated privileges:true
                                                                                                        Has administrator privileges:true
                                                                                                        Programmed in:C, C++ or other language
                                                                                                        Reputation:high
                                                                                                        Has exited:false

                                                                                                        General

                                                                                                        Target ID:14
                                                                                                        Start time:08:42:46
                                                                                                        Start date:10/10/2024
                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        Wow64 process (32bit):false
                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://campaign-statistics.com/link_click/epjJDQ-oZ7P8Dz-3Dc7Cq/b026cc61e40b597ae3518c0b47e7793d
                                                                                                        Imagebase:0x7ff7f9810000
                                                                                                        File size:3'242'272 bytes
                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                        Has elevated privileges:true
                                                                                                        Has administrator privileges:true
                                                                                                        Programmed in:C, C++ or other language
                                                                                                        Reputation:high
                                                                                                        Has exited:true

                                                                                                        General

                                                                                                        Target ID:15
                                                                                                        Start time:08:42:46
                                                                                                        Start date:10/10/2024
                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        Wow64 process (32bit):false
                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1948,i,9948224342545650432,7023359487037002687,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                        Imagebase:0x7ff7f9810000
                                                                                                        File size:3'242'272 bytes
                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                        Has elevated privileges:true
                                                                                                        Has administrator privileges:true
                                                                                                        Programmed in:C, C++ or other language
                                                                                                        Reputation:high
                                                                                                        Has exited:true

                                                                                                        Disassembly

                                                                                                        No disassembly