Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://api-d.dropbox.com/r14/put_mobile_log?app_platform=windowstab&app_version=23.4.27.0&log_level=ANALYTICS&user_ids=%5B%5D&device_id=B383jVBSDsfyDtMa4BQkZCTLzjYL1jpZeysZxkH2M7U6&sys_model=097C&sys_version=10.0.22631.4317&ts=1729769006

Overview

General Information

Sample URL:https://api-d.dropbox.com/r14/put_mobile_log?app_platform=windowstab&app_version=23.4.27.0&log_level=ANALYTICS&user_ids=%5B%5D&device_id=B383jVBSDsfyDtMa4BQkZCTLzjYL1jpZeysZxkH2M7U6&sys_model=097C&sys
Analysis ID:1541175
Infos:

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 740 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
    • chrome.exe (PID: 6012 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=2020,i,2644156548133602700,17094965150171016535,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • chrome.exe (PID: 4188 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://api-d.dropbox.com/r14/put_mobile_log?app_platform=windowstab&app_version=23.4.27.0&log_level=ANALYTICS&user_ids=%5B%5D&device_id=B383jVBSDsfyDtMa4BQkZCTLzjYL1jpZeysZxkH2M7U6&sys_model=097C&sys_version=10.0.22631.4317&ts=1729769006" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49692 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49698 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.18:49711 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.18:49721 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.159.64:443 -> 192.168.2.18:49722 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.159.64:443 -> 192.168.2.18:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.23.209.132:443 -> 192.168.2.18:49729 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: global trafficHTTP traffic detected: GET /r14/put_mobile_log?app_platform=windowstab&app_version=23.4.27.0&log_level=ANALYTICS&user_ids=%5B%5D&device_id=B383jVBSDsfyDtMa4BQkZCTLzjYL1jpZeysZxkH2M7U6&sys_model=097C&sys_version=10.0.22631.4317&ts=1729769006 HTTP/1.1Host: api-d.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /www/en-us/illustrations/spot/target-miss.svg HTTP/1.1Host: assets.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /www/en-us/illustrations/spot/target-miss.svg HTTP/1.1Host: assets.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=k6EgaueRmdoBk4b&MD=hhvu6lcf HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api-d.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /www/en-us/illustrations/spot/look-magnifying-glass.svg HTTP/1.1Host: assets.dropbox.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://api-d.dropbox.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /www/en-us/illustrations/spot/look-magnifying-glass.svg HTTP/1.1Host: assets.dropbox.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=k6EgaueRmdoBk4b&MD=hhvu6lcf HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /client/config?cc=CH&setlang=en-CH HTTP/1.1X-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateAccept-Encoding: gzip, deflateX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-UserAgeClass: UnknownX-BM-Market: CHX-BM-DateFormat: dd/MM/yyyyX-Device-OSSKU: 48X-BM-DTZ: -240X-DeviceID: 01000A410900B03DX-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75X-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard TimeX-BM-Theme: 000000;0078d7X-Search-RPSToken: t%3DEwDoAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAQFSct7n4yhQ1nCFKHvuUuLE32wNgjrswj2dn8tzAxrPUkq4%2Bwy4Pa8zBZ663BBMDOt/5QGu6vZI/RYAhwlZLcLAPIktxeJJ49gFmNCYCdAlHuCpURxXXzJLPuCoRJvCH7eMc2aqH5VOUj4YU02NP2MHPyxK4fQT1h1gpEK9Piq7xwfg%2BdLxqzS7Bj3wmPfNpPQ4da%2BwMEWk0f8krA%2BIkTM3sLDjKaLVpDEIERWaowk//4iFVtFoTQxmRxaF5vtSaDuZniynQ9qLrtbTD6I%2B9KOIT3vsh4EZwg2sVIpRDCQYnPsW21azeqDQPMAnfDLyyH4cF8OvEXIuyWVwZAl5rDYQZgAAEAq3rZytPyZ6O/W7J1vZOiKwAZub8iaZqg5gUsHezq1oSI%2B1AXwoxcgfphjDLSvgN%2B4KAQWIVuCaMMpPIObIRtDgDEvP%2BSG%2BH6X87Vw6mR53B2VL0vIm1xwQZl5q6Rw4Xb4gfq74yatb0R6Bk4w4PdJxM9KpWoRs8j6fN89A0ro8bst1i0mrv6D6tvlYejsl6IQrZ1U%2BhyZVyjATpvRtjFcZSEP%2BH5K/JQBUQkCIew4Hw6wMUX24w9e/DtmnYDpu651O83SJ1PsSHOPKeUXPpd4J/aQGGWyz0n2J6FifeT3W/KaV/SjI3xC1INqWoK28zsRl1bSfxg80zaDWPUpYcy20cQp3uHJRZHf2rLY/TbgeFnNV9iynG5UpJny8OKeATaNFovLFtrHKon9eG8mtm6JZU95HZtCRSgAPUonFwVLXRx9ratMhpDx1R90aNhEUfiMQSmRxlmiSAUWv0R63kmTktG3rbKn0yuaERKfDppHW8etvV1M6tGb6ynWR9sVSeAWHLUpUrpANnzFnMUDjKcUOQm1bk/E/4gQUhrKiqGTmposO1cNTCi/nrD4kuCVHEquCt%2BB5R1zcAkvAf694y9spONoB%26p%3DX-Agent-DeviceId: 01000A410900B03DX-BM-CBT: 1729773590User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045X-Device-isOptin: falseAccept-language: en-GB, en, en-USX-Device-Touch: falseX-Device-ClientSession: 97C7E014F2A94A03BF222167EA15FABDX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIHost: www.bing.comConnection: Keep-AliveCookie: SRCHUID=V=2&GUID=B4BB39E5F80E411D94C438C0FA7ACF94&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&LUT=1707317051026&IPMH=6b344233&IPMID=1707317270835&HV=1707317277; ANON=A=680C1B1A649CBD64DD40EBFCFFFFFFFF; MUID=BC76BB0020D345C1A049A4820CB4C03C; MUIDB=BC76BB0020D345C1A049A4820CB4C03C
Source: global trafficDNS traffic detected: DNS query: api-d.dropbox.com
Source: global trafficDNS traffic detected: DNS query: cfl.dropboxstatic.com
Source: global trafficDNS traffic detected: DNS query: assets.dropbox.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownHTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 3592Host: login.live.com
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 1233Content-Type: text/htmlDate: Thu, 24 Oct 2024 12:39:13 GMTServer: envoyX-Dropbox-Response-Origin: remoteX-Dropbox-Request-Id: c7622a1c936b49f58da4c7f62846a4f2Connection: close
Source: chromecache_67.1.drString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0Open
Source: chromecache_68.1.drString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0Webfont
Source: chromecache_68.1.dr, chromecache_67.1.drString found in binary or memory: http://www.ascendercorp.com/http://www.ascendercorp.com/typedesigners.htmlLicensed
Source: chromecache_64.1.drString found in binary or memory: https://assets.dropbox.com/www/en-us/illustrations/spot/look-magnifying-glass.svg
Source: chromecache_66.1.drString found in binary or memory: https://assets.dropbox.com/www/en-us/illustrations/spot/target-miss.svg
Source: chromecache_66.1.dr, chromecache_64.1.drString found in binary or memory: https://cfl.dropboxstatic.com/static/images/favicon.ico
Source: chromecache_66.1.dr, chromecache_64.1.drString found in binary or memory: https://cfl.dropboxstatic.com/static/metaserver/static/css/error.css
Source: chromecache_66.1.drString found in binary or memory: https://forums.dropbox.com
Source: chromecache_66.1.drString found in binary or memory: https://status.dropbox.com
Source: chromecache_64.1.drString found in binary or memory: https://www.dropbox.com/business?_tk=fof
Source: chromecache_66.1.drString found in binary or memory: https://www.dropbox.com/help
Source: chromecache_64.1.drString found in binary or memory: https://www.dropbox.com/help?_tk=fof
Source: chromecache_66.1.drString found in binary or memory: https://www.dropbox.com/home
Source: chromecache_64.1.drString found in binary or memory: https://www.dropbox.com/home?_tk=fof
Source: chromecache_64.1.drString found in binary or memory: https://www.dropbox.com/login?_tk=fof
Source: chromecache_64.1.drString found in binary or memory: https://www.dropbox.com/plus?_tk=fof
Source: chromecache_64.1.drString found in binary or memory: https://www.dropbox.com/register?_tk=fof
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49697 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49697
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49696
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49696 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49692
Source: unknownNetwork traffic detected: HTTP traffic on port 49692 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49692 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49698 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.18:49711 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.18:49721 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.159.64:443 -> 192.168.2.18:49722 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.159.64:443 -> 192.168.2.18:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.23.209.132:443 -> 192.168.2.18:49729 version: TLS 1.2
Source: classification engineClassification label: clean0.win@17/21@16/6
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=2020,i,2644156548133602700,17094965150171016535,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://api-d.dropbox.com/r14/put_mobile_log?app_platform=windowstab&app_version=23.4.27.0&log_level=ANALYTICS&user_ids=%5B%5D&device_id=B383jVBSDsfyDtMa4BQkZCTLzjYL1jpZeysZxkH2M7U6&sys_model=097C&sys_version=10.0.22631.4317&ts=1729769006"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=2020,i,2644156548133602700,17094965150171016535,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
d-edge.v.dropbox.com
162.125.6.20
truefalse
    		unknown
    www.google.com
    		142.250.185.132
    		truefalse
      		unknown
      assets.dropbox.com
      		52.222.236.76
      		truefalse
        		unknown
        api-d.dropbox.com
        		unknown
        		unknownfalse
          		unknown
          cfl.dropboxstatic.com
          		unknown
          		unknownfalse
            		unknown

            Contacted URLs

            NameMaliciousAntivirus DetectionReputation
            https://api-d.dropbox.com/false
              		unknown
              https://assets.dropbox.com/www/en-us/illustrations/spot/look-magnifying-glass.svgfalse
                		unknown
                https://assets.dropbox.com/www/en-us/illustrations/spot/target-miss.svgfalse
                  		unknown
                  https://api-d.dropbox.com/r14/put_mobile_log?app_platform=windowstab&app_version=23.4.27.0&log_level=ANALYTICS&user_ids=%5B%5D&device_id=B383jVBSDsfyDtMa4BQkZCTLzjYL1jpZeysZxkH2M7U6&sys_model=097C&sys_version=10.0.22631.4317&ts=1729769006false
                    		unknown

                    URLs from Memory and Binaries

                    NameSourceMaliciousAntivirus DetectionReputation
                    http://www.ascendercorp.com/http://www.ascendercorp.com/typedesigners.htmlLicensedchromecache_68.1.dr, chromecache_67.1.drfalse
                      		unknown
                      https://www.dropbox.com/login?_tk=fofchromecache_64.1.drfalse
                        		unknown
                        https://www.dropbox.com/plus?_tk=fofchromecache_64.1.drfalse
                          		unknown
                          http://www.apache.org/licenses/LICENSE-2.0Openchromecache_67.1.drfalse
                            		unknown
                            https://www.dropbox.com/business?_tk=fofchromecache_64.1.drfalse
                              		unknown
                              https://cfl.dropboxstatic.com/static/images/favicon.icochromecache_66.1.dr, chromecache_64.1.drfalse
                                		unknown
                                https://www.dropbox.com/home?_tk=fofchromecache_64.1.drfalse
                                  		unknown
                                  http://www.apache.org/licenses/LICENSE-2.0Webfontchromecache_68.1.drfalse
                                    		unknown
                                    https://cfl.dropboxstatic.com/static/metaserver/static/css/error.csschromecache_66.1.dr, chromecache_64.1.drfalse
                                      		unknown
                                      https://forums.dropbox.comchromecache_66.1.drfalse
                                        		unknown
                                        https://www.dropbox.com/homechromecache_66.1.drfalse
                                          		unknown
                                          https://www.dropbox.com/register?_tk=fofchromecache_64.1.drfalse
                                            		unknown
                                            https://status.dropbox.comchromecache_66.1.drfalse
                                              		unknown
                                              https://www.dropbox.com/help?_tk=fofchromecache_64.1.drfalse
                                                		unknown
                                                https://www.dropbox.com/helpchromecache_66.1.drfalse
                                                  		unknown

                                                  World Map of Contacted IPs

                                                  • No. of IPs < 25%
                                                  • 25% < No. of IPs < 50%
                                                  • 50% < No. of IPs < 75%
                                                  • 75% < No. of IPs

                                                  Public IPs

                                                  IPDomainCountryFlagASNASN NameMalicious
                                                  142.250.185.132
                                                  		www.google.comUnited States
                                                  		15169GOOGLEUSfalse
                                                  52.222.236.76
                                                  		assets.dropbox.comUnited States
                                                  		16509AMAZON-02USfalse
                                                  239.255.255.250
                                                  		unknownReserved
                                                  		unknownunknownfalse
                                                  162.125.6.20
                                                  		d-edge.v.dropbox.comUnited States
                                                  		19679DROPBOXUSfalse
                                                  52.222.236.19
                                                  		unknownUnited States
                                                  		16509AMAZON-02USfalse

                                                  Private

                                                  IP
                                                  192.168.2.18

                                                  General Information

                                                  Joe Sandbox version:41.0.0 Charoite
                                                  Analysis ID:1541175
                                                  Start date and time:2024-10-24 14:38:19 +02:00
                                                  Joe Sandbox product:CloudBasic
                                                  Overall analysis duration:0h 3m 19s
                                                  Hypervisor based Inspection enabled:false
                                                  Report type:full
                                                  Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                  Sample URL:https://api-d.dropbox.com/r14/put_mobile_log?app_platform=windowstab&app_version=23.4.27.0&log_level=ANALYTICS&user_ids=%5B%5D&device_id=B383jVBSDsfyDtMa4BQkZCTLzjYL1jpZeysZxkH2M7U6&sys_model=097C&sys_version=10.0.22631.4317&ts=1729769006
                                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                  Number of analysed new started processes analysed:16
                                                  Number of new started drivers analysed:0
                                                  Number of existing processes analysed:0
                                                  Number of existing drivers analysed:0
                                                  Number of injected processes analysed:0
                                                  Technologies:
                                                  • EGA enabled
                                                  • AMSI enabled
                                                  Analysis Mode:default
                                                  Analysis stop reason:Timeout
                                                  Detection:CLEAN
                                                  Classification:clean0.win@17/21@16/6

                                                  Warnings

                                                  • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
                                                  • Excluded IPs from analysis (whitelisted): 142.250.185.131, 216.58.206.78, 108.177.15.84, 34.104.35.123, 104.16.100.29, 104.16.99.29, 199.232.214.172, 142.250.185.195, 142.250.184.238
                                                  • Excluded domains from analysis (whitelisted): www.bing.com, clients1.google.com, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, cfl.dropboxstatic.com.cdn.cloudflare.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, login.live.com, update.googleapis.com, clients.l.google.com
                                                  • Not all processes where analyzed, report is missing behavior information
                                                  • VT rate limit hit for: https://api-d.dropbox.com/r14/put_mobile_log?app_platform=windowstab&app_version=23.4.27.0&log_level=ANALYTICS&user_ids=%5B%5D&device_id=B383jVBSDsfyDtMa4BQkZCTLzjYL1jpZeysZxkH2M7U6&sys_model=097C&sys_version=10.0.22631.4317&ts=1729769006

                                                  Simulations

                                                  Behavior and APIs

                                                  No simulations

                                                  LLM Input / Output

                                                  InputOutput
                                                  URL: https://api-d.dropbox.com/ Model: claude-3-haiku-20240307
                                                  ```json
{
  "contains_trigger_text": true,
  "trigger_text": "We can't find the page you're looking for.",
  "prominent_button_name": "Home",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                  URL: https://api-d.dropbox.com/ Model: claude-3-haiku-20240307
                                                  ```json
{
  "brands": [
    "Dropbox"
  ]
}

                                                  Joe Sandbox View / Context

                                                  IPs

                                                  No context

                                                  Domains

                                                  No context

                                                  ASNs

                                                  No context

                                                  JA3 Fingerprints

                                                  No context

                                                  Dropped Files

                                                  No context

                                                  Created / dropped Files

                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 11:38:53 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                  Category:dropped
                                                  Size (bytes):2675
                                                  Entropy (8bit):3.9737668832001023
                                                  Encrypted:false
                                                  SSDEEP:48:8SrdsT5cDHI2HMidAKZdA1rehwiZUklqeh1y+3:8SmVcDHgey
                                                  MD5:BA92FE00E92A6EBB55A2772FE02F2F8D
                                                  SHA1:A2213AD60FA31053A8B721304B3F3BD2E1CDF390
                                                  SHA-256:994452A0A87947D61195FD2F5E3B7E7A7FD4BFA9EB195BFF67858FFEF2E13F71
                                                  SHA-512:1FCE7DDBE82FF40F344B5BFB76B0D314F5D170ADF1F1E26C6D0CC535077ED22543E8FFA1E20341C06D0B7663DF4B5AC839587608DE5CE0AABBF38C4420C0E071
                                                  Malicious:false
                                                  Reputation:low
                                                  Preview:L..................F.@.. ...$+.,......o..&......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.IXY.d....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.d....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.VXY.d....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.VXY.d...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXY.d.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 11:38:53 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                  Category:dropped
                                                  Size (bytes):2677
                                                  Entropy (8bit):3.9922421313771563
                                                  Encrypted:false
                                                  SSDEEP:48:81rdsT5cDHI2HMidAKZdA1ceh/iZUkAQkqehOy+2:81mVcDH89QLy
                                                  MD5:42221D1A56251267AF02FAB7E69F164D
                                                  SHA1:DD29B236F95FE8CA3DD9A84C879D90381DC34A32
                                                  SHA-256:084E79DB1EB0A7AA0FECF8DC977FD08EBCA556CA4453756A8693835C4D0C11DF
                                                  SHA-512:E0D1BA524DE7CFFF68B75FB010B3D532BA85DD9AE3ED1B44CA5D83702743502DBD35EB2BBC31324A556806F750A69E8AAA7C8A65867DF6DD3772A2C3FDC8C92F
                                                  Malicious:false
                                                  Reputation:low
                                                  Preview:L..................F.@.. ...$+.,......b..&......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.IXY.d....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.d....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.VXY.d....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.VXY.d...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXY.d.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 09:23:19 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                  Category:dropped
                                                  Size (bytes):2691
                                                  Entropy (8bit):4.001445961436747
                                                  Encrypted:false
                                                  SSDEEP:48:8XRrdsT5cDHSHMidAKZdA14Aeh7sFiZUkmgqeh7sky+BX:8hmVcDHJnCy
                                                  MD5:E80B24BF895533AE68B1311D14611F38
                                                  SHA1:F27CA831CC0219B03A9B9EC75155F7BBE3301727
                                                  SHA-256:FD8F00B3D4715D3CA161916994483251AE02B76A88830403008DC344CA0C1C14
                                                  SHA-512:5E0D24E9A63D0E2AD6DE77566271CFDFD3B785B6B5341FE5A4B5F215AFCF4B10F9BB9284F81714B7936E7D28A4F5D4AC78C2ACB12DB79869E3116AAAB6188E18
                                                  Malicious:false
                                                  Reputation:low
                                                  Preview:L..................F.@.. ...$+.,....?.4 ?.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.IXY.d....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.d....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.VXY.d....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.VXY.d...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.R.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 11:38:53 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                  Category:dropped
                                                  Size (bytes):2679
                                                  Entropy (8bit):3.9892734375979115
                                                  Encrypted:false
                                                  SSDEEP:48:8yrdsT5cDHI2HMidAKZdA1JehDiZUkwqehKy+R:8ymVcDHRsy
                                                  MD5:2E90824D4D8990DA1C1C5E814800E454
                                                  SHA1:041A02290B27DFA5237145D15EFFF14B98444878
                                                  SHA-256:74DBA918753BE611347DC5D71D9EE6C519E513FDF2F139BA47481AAD1EFD561D
                                                  SHA-512:4FAF7D9BB01A76F440545592FDA85F7299EEB974AFE5EFA66E9B1E873655474486D082AB2242920B2152A450606B7F8D3EE111A0D7EAC98EF78F11DEBA29FA26
                                                  Malicious:false
                                                  Reputation:low
                                                  Preview:L..................F.@.. ...$+.,....<.\..&......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.IXY.d....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.d....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.VXY.d....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.VXY.d...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXY.d.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 11:38:53 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                  Category:dropped
                                                  Size (bytes):2679
                                                  Entropy (8bit):3.973482511753345
                                                  Encrypted:false
                                                  SSDEEP:48:8CrdsT5cDHI2HMidAKZdA1XehBiZUk1W1qehIy+C:8CmVcDHR9oy
                                                  MD5:FAE441F5CED88B465847B7E132D5B3CB
                                                  SHA1:E7B0CA8F50861950A32D9AC619CA62DC2B129293
                                                  SHA-256:6D126FA4024F5BDAE380F5B382E84F8FFD1DF71CC5EE122724C829CFC9841274
                                                  SHA-512:B24EB660806C8A248CDB42B995CDF410043EFEBF964A1C9F5E1C566DD31621D5F8DFF119083462F975417E8E530FEFC935B3D3865A00CF0409CFFF142CCCD2C2
                                                  Malicious:false
                                                  Reputation:low
                                                  Preview:L..................F.@.. ...$+.,....g1i..&......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.IXY.d....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.d....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.VXY.d....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.VXY.d...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXY.d.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 11:38:53 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                  Category:dropped
                                                  Size (bytes):2681
                                                  Entropy (8bit):3.9859989761112984
                                                  Encrypted:false
                                                  SSDEEP:48:8hrdsT5cDHI2HMidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbCy+yT+:8hmVcDHTT/TbxWOvTbCy7T
                                                  MD5:387F75916729E5EF7F30F89D2C6CDD74
                                                  SHA1:B2E7B1B23E31EAE0026543B1C12959DD7FDCC70F
                                                  SHA-256:61D8CD6BBA73D38C98FBDAAC8F2B66A623795305C1926FD62ED6B927FFE69321
                                                  SHA-512:E50D3D3808080AD0CAAC7139BF2C6B47F4C8C50AC5DE9B4F80E2CFA3C83BFEEDF3AB646ADD48F1AEDEFA1B828B1B0D2AFA254A54190A58CF9B93DEA42F216B26
                                                  Malicious:false
                                                  Reputation:low
                                                  Preview:L..................F.@.. ...$+.,....g8S..&......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.IXY.d....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.d....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.VXY.d....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.VXY.d...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXY.d.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                  Chrome Cache Entry: 63

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:SVG Scalable Vector Graphics image
                                                  Category:dropped
                                                  Size (bytes):10635
                                                  Entropy (8bit):3.7708640282312342
                                                  Encrypted:false
                                                  SSDEEP:192:lwsp3KmiWvmeX8ogtlAt0ZpbQryQN4P49kPidCgRvFxInbHP:asJrvvXFht0Zpj040k6VRvFxE
                                                  MD5:91BE8BB57512787AEA2A3765FD9850A5
                                                  SHA1:422D9E3C077D09B9D8CEC7C2F4273506203EC696
                                                  SHA-256:51CF6CE31001DD4D93E4C6B873F734F64522948A804F75D03104C1DD8A95D616
                                                  SHA-512:342C7FECA0B37FC53F7422ED6C1A8463061DF9C7EBA4FEAB17F8CA0B115594B75C808422F43AACD284C08D42CB7834DFA7C4DBDE627EAD1845C592951C3CB27B
                                                  Malicious:false
                                                  Reputation:low
                                                  Preview:<svg viewBox="0 0 500 500" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M246.62 107.482c-30.685-9.455-69.799-4.018-95.508 16.935-22.036 17.997-34.61 47.497-36.367 75.517-4.526 72.018 43.802 144.627 121.053 151.276 24.437 2.115 46.96 8.138 60.783 29.607 2.721 4.188 4.968 10.863 9.187 14.06 6.36 4.877 15.857 5.41 21.97 11.203 12.224 11.618 9.776 25.107 30.177 26.624 21.748 1.608 25.849-19.57 14.508-34.589-6.907-9.157-18.217-13.172-25.828-21.586-6.289-6.979-10.136-16.147-13.997-24.559-7.722-16.859-5.665-46.91-21.084-58.356-6.297-4.679-24.416-6.911-21.953-19.381 1.159-5.892 18.548-17.896 23.59-22.042 25.511-20.924 46.388-56.647 25.323-88.757-13.125-20.043-44.597-22.384-63.582-34.88-10.633-6.893-13.093-16.397-28.272-21.072z" fill="#E39D77"/><path d="M298.683 273.654c.402 5.763.939 11.325 1.174 16.853.302 6.299.201 12.598.537 18.864.503 9.012 1.208 18.025 1.879 27.004.302 3.987.805 7.975 1.006 11.995.168 3.083-.167 3.384-2.885 4.49-.503.201-1.007.435-1.543.536-4.932.938-9.864 1.84

                                                  Chrome Cache Entry: 64

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:HTML document, ASCII text, with very long lines (628)
                                                  Category:downloaded
                                                  Size (bytes):1233
                                                  Entropy (8bit):5.054563453147532
                                                  Encrypted:false
                                                  SSDEEP:24:hYjkspFAuaDg5+DCpdgcxtYk5jwmjeU2XT2Xhi2XOV2X+3B2XJeG2X/:4pl5lx1FeU6wilfRgu
                                                  MD5:9B6419564E2517BCA5C02656EE34428A
                                                  SHA1:82FA924AB283FDCED730A5A01980BC16038A4EBC
                                                  SHA-256:7C3062F4433DA04B86FB2A95156B3598D5E9E030494F9956755DCFF563579A4A
                                                  SHA-512:5D95F22C06E9685F3728CAD4AEC555C002E5CCFFB9BEAD9930B77F852C996C2EB97F33F569950271393FDADB2E84E469CCF995E4743B0D5F6512741BE9C2366B
                                                  Malicious:false
                                                  Reputation:low
                                                  URL:https://api-d.dropbox.com/
                                                  Preview:<!DOCTYPE html>.<html>.<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8">.<meta name="viewport" content="width=device-width, initial-scale=1" />.<title>Dropbox - 404</title>.<link href="https://cfl.dropboxstatic.com/static/metaserver/static/css/error.css" rel="stylesheet" type="text/css"/>.<link rel="shortcut icon" href="https://cfl.dropboxstatic.com/static/images/favicon.ico"/>.</head>.<body>.<div class="figure">.<img src="https://assets.dropbox.com/www/en-us/illustrations/spot/look-magnifying-glass.svg" alt="Error: 404"/>.</div>.<div id="errorbox">.<div class="not-found"> <h1>Error (404)</h1> We can't find the page you're looking for. <div class="not-found--links"> Here are a few links that may be helpful: <ul> <li><a href="https://www.dropbox.com/home?_tk=fof">Home</a></li> <li><a href="https://www.dropbox.com/help?_tk=fof">Help center</a></li> <li><a href="https://www.dropbox.com/login?_tk=fof">Sign in</a></li> <li><a href="https://www.dropbox.com/register?_t

                                                  Chrome Cache Entry: 65

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (24618)
                                                  Category:downloaded
                                                  Size (bytes):40688
                                                  Entropy (8bit):5.085623750424761
                                                  Encrypted:false
                                                  SSDEEP:384:l2UpFA1YOf7EzY+Ye77bUnz3DCTFpDx1qYk7IdbBFeWaO2tnmKxMKCSXL2QKl1lt:sUctEzY+Ye77bUnz3DCLDexKCMvX
                                                  MD5:3722BA393034D203DA0569BA75872A2D
                                                  SHA1:06418B3D4464929C2129667167B12F96642E40CD
                                                  SHA-256:2905C5F19A165A3E3792B504D9A61513337F6D2FD7333E888546ED4757F8D145
                                                  SHA-512:1E2AA7D28D2B0CBFB9E33820B1BCDB9F782B431822679D71D7F9C24CBD14FF3A0AA4E10C91E649602F1EB150CCE70751358E82B27AFAE0D79FA0E216E577D20F
                                                  Malicious:false
                                                  Reputation:low
                                                  URL:https://cfl.dropboxstatic.com/static/metaserver/static/css/error.css
                                                  Preview:body,input,textarea,select,button,.normal{font-family:"Open Sans","lucida grande","Segoe UI",arial,verdana,"lucida sans unicode",tahoma,sans-serif;font-size:13px;color:var(--dig-color__text__base, #000);font-weight:normal}.maestro body:not(.dig-Button),.maestro input:not(.dig-Button),.maestro textarea:not(.dig-Button),.maestro select:not(.dig-Button),.maestro button:not(.dig-Button),.maestro .normal:not(.dig-Button){font-family:var(--dig-type__bodyfontstack, "Atlas Grotesk Web","Atlas Grotesk",AtlasGrotesk,sans-serif)}body{background-color:var(--dig-color__background__base, #fff);min-height:100%;margin:0;padding:0}a,a *{cursor:pointer;outline:none}a{color:var(--dig-color__primary__base, #0061ff);text-decoration:none}a:focus{text-decoration:underline}a img{border:0}p,h1,h2,h3,h4,h5{margin:0 0 1em 0;line-height:1.6em}h1{font-size:18pt;font-weight:normal;margin:10px 0}h2{padding-top:3px;padding-bottom:10px;margin-bottom:4px;font-size:10pt}h3{padding:0;margin:0;font-size:10pt}h4{margin:0 0

                                                  Chrome Cache Entry: 66

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:HTML document, ASCII text, with very long lines (410)
                                                  Category:downloaded
                                                  Size (bytes):1005
                                                  Entropy (8bit):4.975853752907989
                                                  Encrypted:false
                                                  SSDEEP:24:hYjkspFAutDg5+DCpdgc6oCL+lX8YDUdwlKXG/PEuXW:4plWl6alL14
                                                  MD5:F5BDC47D8AD8CF7E15D3A7E4DB3ACE2B
                                                  SHA1:3B4C9BE3D122C2D3E7F643660FFE3F51F420878C
                                                  SHA-256:908D29AB23B6F6308C30176E3AA65989A95D972B6B5FCAD9A8EB2FCBF596C144
                                                  SHA-512:C217B52F66E2EC4F601427C6D8492FE14C3A8FC51A3FBF30AA8897F566E94C523029FD613D7C6498B52D1911FCC57EF8825ADE752B647B477931D0926FB6411A
                                                  Malicious:false
                                                  Reputation:low
                                                  URL:https://api-d.dropbox.com/r14/put_mobile_log?app_platform=windowstab&app_version=23.4.27.0&log_level=ANALYTICS&user_ids=%5B%5D&device_id=B383jVBSDsfyDtMa4BQkZCTLzjYL1jpZeysZxkH2M7U6&sys_model=097C&sys_version=10.0.22631.4317&ts=1729769006
                                                  Preview:<!DOCTYPE html>.<html>.<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8">.<meta name="viewport" content="width=device-width, initial-scale=1" />.<title>Dropbox - 405</title>.<link href="https://cfl.dropboxstatic.com/static/metaserver/static/css/error.css" rel="stylesheet" type="text/css"/>.<link rel="shortcut icon" href="https://cfl.dropboxstatic.com/static/images/favicon.ico"/>.</head>.<body>.<div class="figure">.<img src="https://assets.dropbox.com/www/en-us/illustrations/spot/target-miss.svg" alt="Error: 405"/>.</div>.<div id="errorbox">.<h1>Error (405)</h1>Something went wrong. Don't worry, your files are still safe and the Dropbox team has been notified. Check out our <a href="https://status.dropbox.com">Status Page</a> to see if there is a known incident, our <a href="https://www.dropbox.com/help">Help Center</a> and <a href="https://forums.dropbox.com">forums</a> for help, or head back to <a href="https://www.dropbox.com/home">home</a>..</div>..</body>.</h

                                                  Chrome Cache Entry: 67

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:TrueType Font data, 19 tables, 1st "FFTM", 17 names, Microsoft, language 0x409, Digitized data copyright \251 2010-2011, Google Corporation.Open Sans LightRegularAscender - Ope
                                                  Category:downloaded
                                                  Size (bytes):159776
                                                  Entropy (8bit):6.326641853623106
                                                  Encrypted:false
                                                  SSDEEP:3072:VFfCT8E5BKiJXIuJ6mUjkF66hp/uLhu07gNOMPV:aT88KYXRF66VVOMPV
                                                  MD5:B202959A841A37B5BFB12FE69B6BF0D1
                                                  SHA1:7D93DB5CD86EFD91CFB9C61FF66B210D049D5014
                                                  SHA-256:01E40EBAA4275BC99729D90B4EA47B977B88B8D734850EAE816B9037A32C825A
                                                  SHA-512:CB9CC946A7284CB29658DDF9B1000F4CA9C36DCF65D25FF93E58A664F59CEC6659FDFD60B68E7B3933534C6FF9071AC3893B4DCFDC9C54A758D8C7EC7C80B360
                                                  Malicious:false
                                                  Reputation:low
                                                  URL:https://cfl.dropboxstatic.com/static/metaserver/static/fonts/opensans/OpenSans-Light-webfont.ttf
                                                  Preview:...........0FFTMcT.l...<....GDEF.......X... GPOS......x..>\GSUB{..&..?.....OS/2.x....B....`cmapz..q..B.....cvt (.....G....8fpgm..zA..G.....gasp......Q\....glyfhj.l..Qd...head..T..4....6hhea.Y.8..5,...$hmtxP.M...5P....loca.#.T..D....hmaxp...?..K|... namewj.(..K.....post.:"t..P(...^prep.D"...o.....webfgBQ...p..............=.......B.................................................T.b..DFLT..cyrl.&grek.2latn.>..................................................kern......................:............h.n...n.........4.:...........p.............h.^.p...p...^...^.^.p.p.............h.............4...4.4.4.4...........................^.^.^.^.^.^.p.p.p.p.p.p.p.p.(.p...p.....^...^...^...........:...4.p.4.p.4.p.4.p.4.p.^.............t.....^.......4.......p...p...p...................................^.4...p...J.|...X.(.J.j...J.F.|.T.J.|.j.......T...X.....^.....$.:.^.t.......$........ ..(.. P.. b!<#.$$ b b b$.$.%.&.&.!<'$$.&.$.'6(,#.!<$.(.$.'$'$ b b'6'6.^).)..^.^*,).*,*.*.).+.*.*,.^.^+J+J*.*..^.^+.).

                                                  Chrome Cache Entry: 68

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:TrueType Font data, 19 tables, 1st "FFTM", 15 names, Microsoft, language 0x409, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegularAscender - Open Sans
                                                  Category:downloaded
                                                  Size (bytes):164032
                                                  Entropy (8bit):6.315216780051133
                                                  Encrypted:false
                                                  SSDEEP:3072:BIFfCTPJWvo6XB3eaB8gPr8eBhqJyfzRt0xjGngPYyjVNQ/G:BNTPkA6XBNBh30+yjVK+
                                                  MD5:3CBF4D3ED22E458AF0D14D76CB4777D3
                                                  SHA1:8571AE75F6DBB4055EC2B61D4DABD03B38E03764
                                                  SHA-256:AB6DDA86C87F61E7AD1AF2E733E04CA83FDCD43EDBD57F88E35ACC1878078223
                                                  SHA-512:51E6C58DFF331D5C3E16F327A7B0BC5B5578980E47BB3EA072678FBD8A695A7559C283E4C7C3A623470FF811DFDBD37C83EF0C5AC72B2B9C9B60DC7D60621FB3
                                                  Malicious:false
                                                  Reputation:low
                                                  URL:https://cfl.dropboxstatic.com/static/metaserver/static/fonts/opensans/OpenSans-Regular-webfont.ttf
                                                  Preview:...........0FFTMcG....<....GDEF.......X... GPOS......x..>\GSUB{..&..?.....OS/2.....B....`cmapz..q..B.....cvt )..*..G....8fpgm..zA..G.....gasp......Q\....glyf0.....Qd....head...2..E....6hhea......F0...$hmtx.R>...FT....locax..Z..U....hmaxp...q..\.... nameg..:..\....(post.:"t..`....^prep.D"....(....webfg.Q..................=.......51........2.......................................T.b..DFLT..cyrl.&grek.2latn.>..................................................kern......................:............h.n...n.........4.:...........p.............h.^.p...p...^...^.^.p.p.............h.............4...4.4.4.4...........................^.^.^.^.^.^.p.p.p.p.p.p.p.p.(.p...p.....^...^...^...........:...4.p.4.p.4.p.4.p.4.p.^.............t.....^.......4.......p...p...p...................................^.4...p...J.|...X.(.J.j...J.F.|.T.J.|.j.......T...X.....^.....$.:.^.t.......$........ ..(.. P.. b!<#.$$ b b b$.$.%.&.&.!<'$$.&.$.'6(,#.!<$.(.$.'$'$ b b'6'6.^).)..^.^*,).*,*.*.).+.*.*,.^.^+J+J*.*..^.^+.).

                                                  Chrome Cache Entry: 69

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:SVG Scalable Vector Graphics image
                                                  Category:dropped
                                                  Size (bytes):10784
                                                  Entropy (8bit):3.7444350542374094
                                                  Encrypted:false
                                                  SSDEEP:192:QvweyTvWvze3AgVPuL/+F1OwrUvjOktIdu0eMKibBbtoY72c3Xu/rZxx8/:WwHO4D0SDrBU3MRbBbtf2kXUTxU
                                                  MD5:B4FD17C70436CCF3118CAF6269444DCD
                                                  SHA1:F5D6458EE1B4CD390ADCEECD2753F90EF6358D43
                                                  SHA-256:FAD32278DF6F5C83BD15CD58B87F3A478012BB773E70BBBCC69AD959ABDEAC02
                                                  SHA-512:A1276418FA17A5BF36B2DD023E8FA62060390AD2575671E9168E6A717E2F0F1467A5A45A89D1DFEF61FB0F255517CA2D6D7F1C8F0C2B2BB64873F269D2FE058C
                                                  Malicious:false
                                                  Reputation:low
                                                  Preview:<svg viewBox="0 0 500 500" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M426.961 454.663c-4.738.011-9.101.034-13.463.045-22.05.057-44.089.125-66.14.137-3.257 0-6.526-.399-9.783-.388-3.406.012-6.811.319-10.217.467-1.002.046-2.027.148-2.995-.034-2.779-.512-5.524-.319-8.303-.057-1.333.126-2.7-.319-4.044-.296-4.51.057-9.009.308-13.508.296-5.911-.011-11.811-.239-17.722-.273-6.287-.046-12.574.068-18.861.023-2.973-.023-5.934-.262-8.896-.353-.717-.023-1.435.159-2.152.205-.991.068-1.993.136-2.984.136-3.429.012-6.868 0-10.297-.034-1.685-.023-3.371-.159-5.068-.193a418.93 418.93 0 0 0-8.463-.092c-5.17 0-10.341.035-15.512.046-5.012.011-10.023.057-15.035-.023-6.902-.102-13.815-.307-20.717-.467-6.174-.148-12.347-.364-18.531-.398-2.893-.023-5.832.706-8.679.41-6.914-.729-13.816-.399-20.718-.296-3.702.057-7.392.603-11.094.933-.546.046-1.093.08-1.64.08-12.665.069-25.33.125-37.984.171-.524 0-1.048-.114-1.834-.205.137-5.148-1.378-10.102-.296-15.215.387-1.834.137-3.816.137-5.729 0-3.28 0-6.56-.08

                                                  Chrome Cache Entry: 70

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
                                                  Category:dropped
                                                  Size (bytes):4286
                                                  Entropy (8bit):3.6767668884768048
                                                  Encrypted:false
                                                  SSDEEP:48:wFFFFFFFFFFFFFFFFtJdFdFSFfyFbK9MFDFCFbXFbFexKFdFcFQrDFaFNGCF7sF9:nudyjwG+jeWqQmGDB5
                                                  MD5:F25511F4158C2DFAB6AA11A07D026E4A
                                                  SHA1:99F63CF1694FA5E52F43EB967462EA0D9EEF7513
                                                  SHA-256:C0906D540D89DBE1F09B24F17B7F35B81350E8D381C1558B075C28EA913C450D
                                                  SHA-512:0BFB19AEC453A1C4D4B8F39602BF8BBF0A98182A98E29E1E1708EABFD99E3168855994A56061ED462C29B099137C226E25DDD274B46ED2F443C2C515A530B731
                                                  Malicious:false
                                                  Reputation:low
                                                  Preview:...... .... .........(... ...@..... .........%...%............a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...Q...R...`...b...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...b...]...P....C...=..T...\...b...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a..._...T...a...................a...T..._...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...b...[

                                                  Chrome Cache Entry: 71

                                                  Download File
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:SVG Scalable Vector Graphics image
                                                  Category:downloaded
                                                  Size (bytes):10635
                                                  Entropy (8bit):3.7708640282312342
                                                  Encrypted:false
                                                  SSDEEP:192:lwsp3KmiWvmeX8ogtlAt0ZpbQryQN4P49kPidCgRvFxInbHP:asJrvvXFht0Zpj040k6VRvFxE
                                                  MD5:91BE8BB57512787AEA2A3765FD9850A5
                                                  SHA1:422D9E3C077D09B9D8CEC7C2F4273506203EC696
                                                  SHA-256:51CF6CE31001DD4D93E4C6B873F734F64522948A804F75D03104C1DD8A95D616
                                                  SHA-512:342C7FECA0B37FC53F7422ED6C1A8463061DF9C7EBA4FEAB17F8CA0B115594B75C808422F43AACD284C08D42CB7834DFA7C4DBDE627EAD1845C592951C3CB27B
                                                  Malicious:false
                                                  Reputation:low
                                                  URL:https://assets.dropbox.com/www/en-us/illustrations/spot/look-magnifying-glass.svg
                                                  Preview:<svg viewBox="0 0 500 500" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M246.62 107.482c-30.685-9.455-69.799-4.018-95.508 16.935-22.036 17.997-34.61 47.497-36.367 75.517-4.526 72.018 43.802 144.627 121.053 151.276 24.437 2.115 46.96 8.138 60.783 29.607 2.721 4.188 4.968 10.863 9.187 14.06 6.36 4.877 15.857 5.41 21.97 11.203 12.224 11.618 9.776 25.107 30.177 26.624 21.748 1.608 25.849-19.57 14.508-34.589-6.907-9.157-18.217-13.172-25.828-21.586-6.289-6.979-10.136-16.147-13.997-24.559-7.722-16.859-5.665-46.91-21.084-58.356-6.297-4.679-24.416-6.911-21.953-19.381 1.159-5.892 18.548-17.896 23.59-22.042 25.511-20.924 46.388-56.647 25.323-88.757-13.125-20.043-44.597-22.384-63.582-34.88-10.633-6.893-13.093-16.397-28.272-21.072z" fill="#E39D77"/><path d="M298.683 273.654c.402 5.763.939 11.325 1.174 16.853.302 6.299.201 12.598.537 18.864.503 9.012 1.208 18.025 1.879 27.004.302 3.987.805 7.975 1.006 11.995.168 3.083-.167 3.384-2.885 4.49-.503.201-1.007.435-1.543.536-4.932.938-9.864 1.84

                                                  Static File Info

                                                  No static file info

                                                  Network Behavior

                                                  Network Port Distribution

                                                  TCP Packets

                                                  TimestampSource PortDest PortSource IPDest IP
                                                  Oct 24, 2024 14:38:51.602895021 CEST49692443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:51.602915049 CEST44349692184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:51.603013039 CEST49692443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:51.604059935 CEST49692443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:51.604083061 CEST44349692184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:52.471668005 CEST44349692184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:52.471810102 CEST49692443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:52.479063034 CEST49692443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:52.479084969 CEST44349692184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:52.479409933 CEST44349692184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:52.528872013 CEST49692443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:52.548105001 CEST49692443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:52.595331907 CEST44349692184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:52.653853893 CEST49696443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:52.653877974 CEST44349696162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:52.654031992 CEST49696443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:52.654263973 CEST49697443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:52.654304981 CEST44349697162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:52.654433966 CEST49697443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:52.654505014 CEST49696443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:52.654517889 CEST44349696162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:52.654699087 CEST49697443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:52.654728889 CEST44349697162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:52.793842077 CEST44349692184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:52.793908119 CEST44349692184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:52.793983936 CEST49692443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:52.794049025 CEST49692443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:52.794049025 CEST49692443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:52.794061899 CEST44349692184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:52.794070959 CEST44349692184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:52.825165987 CEST49698443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:52.825201035 CEST44349698184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:52.825269938 CEST49698443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:52.825548887 CEST49698443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:52.825570107 CEST44349698184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:53.329382896 CEST44349697162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:53.329648018 CEST49697443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:53.329694033 CEST44349697162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:53.330751896 CEST44349697162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:53.330837965 CEST49697443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:53.331809044 CEST49697443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:53.331893921 CEST44349697162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:53.331897974 CEST49697443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:53.332300901 CEST44349696162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:53.332482100 CEST49696443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:53.332515001 CEST44349696162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:53.333755970 CEST44349696162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:53.333868980 CEST49696443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:53.335005999 CEST49696443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:53.335105896 CEST44349696162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:53.375325918 CEST44349697162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:53.386826038 CEST49697443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:53.386826038 CEST49696443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:53.386847019 CEST44349696162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:53.386847019 CEST44349697162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:53.434890985 CEST49696443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:53.435529947 CEST49697443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:53.499427080 CEST44349697162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:53.499517918 CEST44349697162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:53.499588966 CEST49697443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:53.500251055 CEST49697443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:38:53.500278950 CEST44349697162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:38:53.541752100 CEST49700443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:53.541791916 CEST4434970052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:53.541842937 CEST49700443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:53.542032003 CEST49700443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:53.542045116 CEST4434970052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:53.655618906 CEST44349698184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:53.655695915 CEST49698443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:53.668375969 CEST49698443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:53.668395042 CEST44349698184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:53.668648958 CEST44349698184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:53.686007977 CEST49698443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:53.727334023 CEST44349698184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:53.926338911 CEST44349698184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:53.926400900 CEST44349698184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:53.926511049 CEST49698443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:53.926971912 CEST49698443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:53.926985025 CEST44349698184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:53.927006006 CEST49698443192.168.2.18184.28.90.27
                                                  Oct 24, 2024 14:38:53.927011967 CEST44349698184.28.90.27192.168.2.18
                                                  Oct 24, 2024 14:38:54.382718086 CEST4434970052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:54.383054018 CEST49700443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:54.383066893 CEST4434970052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:54.384084940 CEST4434970052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:54.384160995 CEST49700443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:54.385241032 CEST49700443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:54.385301113 CEST4434970052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:54.385407925 CEST49700443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:54.385412931 CEST4434970052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:54.437828064 CEST49700443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:55.115329981 CEST4434970052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:55.120625019 CEST4434970052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:55.120632887 CEST4434970052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:55.120671034 CEST4434970052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:55.120693922 CEST49700443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:55.120696068 CEST4434970052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:55.120712996 CEST4434970052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:55.120774984 CEST49700443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:55.121058941 CEST49700443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:55.121098042 CEST4434970052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:55.121146917 CEST49700443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:55.157094955 CEST49703443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:55.157139063 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:55.157274961 CEST49703443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:55.157478094 CEST49703443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:55.157490969 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:56.002628088 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:56.002975941 CEST49703443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:56.002985001 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:56.003978014 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:56.004185915 CEST49703443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:56.004580975 CEST49703443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:56.004580975 CEST49703443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:56.004626989 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:56.049904108 CEST49703443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:56.049911022 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:56.099185944 CEST49703443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:56.252410889 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:56.258136034 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:56.258145094 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:56.258192062 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:56.258205891 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:56.258263111 CEST49703443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:56.258274078 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:56.258430004 CEST49703443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:56.258687019 CEST49703443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:56.258721113 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:56.258878946 CEST4434970352.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:38:56.258935928 CEST49703443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:56.258935928 CEST49703443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:38:56.744771004 CEST49709443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:38:56.744807959 CEST44349709142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:38:56.744887114 CEST49709443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:38:56.745214939 CEST49709443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:38:56.745234013 CEST44349709142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:38:58.281975031 CEST44349709142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:38:58.282344103 CEST49709443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:38:58.282370090 CEST44349709142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:38:58.283914089 CEST44349709142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:38:58.283998013 CEST49709443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:38:58.285156965 CEST49709443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:38:58.285281897 CEST44349709142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:38:58.328891039 CEST49709443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:38:58.328919888 CEST44349709142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:38:58.376903057 CEST49709443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:38:58.983279943 CEST49673443192.168.2.18204.79.197.203
                                                  Oct 24, 2024 14:38:59.286926031 CEST49673443192.168.2.18204.79.197.203
                                                  Oct 24, 2024 14:38:59.894107103 CEST49673443192.168.2.18204.79.197.203
                                                  Oct 24, 2024 14:39:01.108863115 CEST49673443192.168.2.18204.79.197.203
                                                  Oct 24, 2024 14:39:03.522938967 CEST49673443192.168.2.18204.79.197.203
                                                  Oct 24, 2024 14:39:05.939830065 CEST49711443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:05.939876080 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:05.939992905 CEST49711443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:05.991975069 CEST49711443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:05.991988897 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:06.097235918 CEST49679443192.168.2.1852.182.141.63
                                                  Oct 24, 2024 14:39:06.399904966 CEST49679443192.168.2.1852.182.141.63
                                                  Oct 24, 2024 14:39:06.750814915 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:06.750953913 CEST49711443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:06.753935099 CEST49711443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:06.753945112 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:06.754368067 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:06.798249960 CEST49711443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:07.004890919 CEST49679443192.168.2.1852.182.141.63
                                                  Oct 24, 2024 14:39:07.612548113 CEST44349709142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:39:07.612618923 CEST44349709142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:39:07.612704039 CEST49709443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:39:07.642576933 CEST49711443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:07.687320948 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:07.892050982 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:07.892091036 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:07.892097950 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:07.892107964 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:07.892128944 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:07.892153025 CEST49711443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:07.892159939 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:07.892195940 CEST49711443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:07.892215014 CEST49711443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:07.892414093 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:07.892472982 CEST49711443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:07.892477036 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:07.893249989 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:07.893301964 CEST49711443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:08.202485085 CEST49709443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:39:08.202512026 CEST44349709142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:39:08.216881990 CEST49679443192.168.2.1852.182.141.63
                                                  Oct 24, 2024 14:39:08.326879025 CEST49673443192.168.2.18204.79.197.203
                                                  Oct 24, 2024 14:39:08.624972105 CEST49711443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:08.624996901 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:08.625016928 CEST49711443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:08.625022888 CEST44349711172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:10.619909048 CEST49679443192.168.2.1852.182.141.63
                                                  Oct 24, 2024 14:39:13.049455881 CEST49696443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:39:13.051019907 CEST49715443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:39:13.051047087 CEST44349715162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:39:13.051153898 CEST49715443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:39:13.051445961 CEST49715443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:39:13.051464081 CEST44349715162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:39:13.095331907 CEST44349696162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:39:13.209430933 CEST44349696162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:39:13.209497929 CEST44349696162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:39:13.209577084 CEST49696443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:39:13.210571051 CEST49696443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:39:13.210587978 CEST44349696162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:39:13.242021084 CEST49717443192.168.2.1852.222.236.19
                                                  Oct 24, 2024 14:39:13.242044926 CEST4434971752.222.236.19192.168.2.18
                                                  Oct 24, 2024 14:39:13.242114067 CEST49717443192.168.2.1852.222.236.19
                                                  Oct 24, 2024 14:39:13.242407084 CEST49717443192.168.2.1852.222.236.19
                                                  Oct 24, 2024 14:39:13.242418051 CEST4434971752.222.236.19192.168.2.18
                                                  Oct 24, 2024 14:39:13.728652000 CEST44349715162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:39:13.729145050 CEST49715443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:39:13.729161978 CEST44349715162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:39:13.729531050 CEST44349715162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:39:13.729861021 CEST49715443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:39:13.729929924 CEST44349715162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:39:13.777919054 CEST49715443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:39:14.086729050 CEST4434971752.222.236.19192.168.2.18
                                                  Oct 24, 2024 14:39:14.087048054 CEST49717443192.168.2.1852.222.236.19
                                                  Oct 24, 2024 14:39:14.087055922 CEST4434971752.222.236.19192.168.2.18
                                                  Oct 24, 2024 14:39:14.088083029 CEST4434971752.222.236.19192.168.2.18
                                                  Oct 24, 2024 14:39:14.088191032 CEST49717443192.168.2.1852.222.236.19
                                                  Oct 24, 2024 14:39:14.088464975 CEST49717443192.168.2.1852.222.236.19
                                                  Oct 24, 2024 14:39:14.088522911 CEST4434971752.222.236.19192.168.2.18
                                                  Oct 24, 2024 14:39:14.088596106 CEST49717443192.168.2.1852.222.236.19
                                                  Oct 24, 2024 14:39:14.088603020 CEST4434971752.222.236.19192.168.2.18
                                                  Oct 24, 2024 14:39:14.129916906 CEST49717443192.168.2.1852.222.236.19
                                                  Oct 24, 2024 14:39:14.829829931 CEST4434971752.222.236.19192.168.2.18
                                                  Oct 24, 2024 14:39:14.835623026 CEST4434971752.222.236.19192.168.2.18
                                                  Oct 24, 2024 14:39:14.835630894 CEST4434971752.222.236.19192.168.2.18
                                                  Oct 24, 2024 14:39:14.835673094 CEST4434971752.222.236.19192.168.2.18
                                                  Oct 24, 2024 14:39:14.835872889 CEST49717443192.168.2.1852.222.236.19
                                                  Oct 24, 2024 14:39:14.835874081 CEST49717443192.168.2.1852.222.236.19
                                                  Oct 24, 2024 14:39:14.835889101 CEST4434971752.222.236.19192.168.2.18
                                                  Oct 24, 2024 14:39:14.837006092 CEST4434971752.222.236.19192.168.2.18
                                                  Oct 24, 2024 14:39:14.837155104 CEST49717443192.168.2.1852.222.236.19
                                                  Oct 24, 2024 14:39:14.838419914 CEST49717443192.168.2.1852.222.236.19
                                                  Oct 24, 2024 14:39:14.838419914 CEST49717443192.168.2.1852.222.236.19
                                                  Oct 24, 2024 14:39:14.838435888 CEST4434971752.222.236.19192.168.2.18
                                                  Oct 24, 2024 14:39:14.838543892 CEST49717443192.168.2.1852.222.236.19
                                                  Oct 24, 2024 14:39:14.841939926 CEST49720443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:39:14.841996908 CEST4434972052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:39:14.842093945 CEST49720443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:39:14.842333078 CEST49720443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:39:14.842367887 CEST4434972052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:39:15.421027899 CEST49679443192.168.2.1852.182.141.63
                                                  Oct 24, 2024 14:39:15.680504084 CEST4434972052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:39:15.680846930 CEST49720443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:39:15.680866003 CEST4434972052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:39:15.681885958 CEST4434972052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:39:15.681973934 CEST49720443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:39:15.682244062 CEST49720443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:39:15.682306051 CEST4434972052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:39:15.682429075 CEST49720443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:39:15.682437897 CEST4434972052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:39:15.723992109 CEST49720443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:39:15.928741932 CEST4434972052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:39:15.933924913 CEST4434972052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:39:15.933960915 CEST4434972052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:39:15.934004068 CEST4434972052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:39:15.934072971 CEST49720443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:39:15.934093952 CEST4434972052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:39:15.934166908 CEST49720443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:39:15.935345888 CEST49720443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:39:15.935383081 CEST4434972052.222.236.76192.168.2.18
                                                  Oct 24, 2024 14:39:15.935447931 CEST49720443192.168.2.1852.222.236.76
                                                  Oct 24, 2024 14:39:17.930012941 CEST49673443192.168.2.18204.79.197.203
                                                  Oct 24, 2024 14:39:25.034909964 CEST49679443192.168.2.1852.182.141.63
                                                  Oct 24, 2024 14:39:45.049844027 CEST49721443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:45.049887896 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:45.050076008 CEST49721443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:45.050478935 CEST49721443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:45.050493956 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:45.818744898 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:45.818866014 CEST49721443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:45.821713924 CEST49721443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:45.821723938 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:45.821949005 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:45.828231096 CEST49721443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:45.875329018 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:46.082163095 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:46.082196951 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:46.082216024 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:46.082293987 CEST49721443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:46.082315922 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:46.082369089 CEST49721443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:46.084117889 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:46.084157944 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:46.084184885 CEST49721443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:46.084189892 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:46.084206104 CEST49721443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:46.084307909 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:46.084361076 CEST49721443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:46.085222006 CEST49721443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:46.085237026 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:46.085246086 CEST49721443192.168.2.18172.202.163.200
                                                  Oct 24, 2024 14:39:46.085251093 CEST44349721172.202.163.200192.168.2.18
                                                  Oct 24, 2024 14:39:51.850668907 CEST49722443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:51.850720882 CEST4434972220.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:51.850800991 CEST49722443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:51.851717949 CEST49722443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:51.851732016 CEST4434972220.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:52.940669060 CEST4434972220.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:52.940800905 CEST49722443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:52.972299099 CEST49722443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:52.972378969 CEST4434972220.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:52.972744942 CEST4434972220.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:52.974042892 CEST49722443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:52.974097967 CEST49722443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:52.974117994 CEST4434972220.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:53.686501026 CEST4434972220.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:53.686527014 CEST4434972220.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:53.686578035 CEST4434972220.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:53.686615944 CEST49722443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:53.686642885 CEST4434972220.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:53.686666012 CEST49722443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:53.687284946 CEST49722443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:53.687341928 CEST49722443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:53.687663078 CEST4434972220.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:53.687695980 CEST4434972220.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:53.687764883 CEST49722443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:53.774053097 CEST49724443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:53.774085045 CEST4434972420.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:53.774189949 CEST49724443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:53.774483919 CEST49724443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:53.774494886 CEST4434972420.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:54.864413023 CEST4434972420.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:54.864526033 CEST49724443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:54.872371912 CEST49724443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:54.872384071 CEST4434972420.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:54.872642994 CEST4434972420.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:54.873130083 CEST49724443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:54.873167992 CEST49724443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:54.873204947 CEST4434972420.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:55.211260080 CEST4434972420.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:55.211298943 CEST4434972420.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:55.211348057 CEST4434972420.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:55.211610079 CEST49724443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:55.211625099 CEST4434972420.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:55.211863995 CEST49724443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:55.211863995 CEST49724443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:55.212093115 CEST4434972420.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:55.212146997 CEST4434972420.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:55.212208986 CEST49724443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:55.264782906 CEST49725443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:55.264812946 CEST4434972520.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:55.264909983 CEST49725443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:55.265089989 CEST49725443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:55.265101910 CEST4434972520.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:56.344438076 CEST4434972520.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:56.345159054 CEST49725443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:56.345182896 CEST4434972520.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:56.345911980 CEST49725443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:56.345918894 CEST4434972520.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:56.345963955 CEST49725443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:56.345972061 CEST4434972520.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:56.715332985 CEST4434972520.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:56.715359926 CEST4434972520.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:56.715390921 CEST4434972520.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:56.715496063 CEST49725443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:56.715518951 CEST4434972520.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:56.716041088 CEST49725443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:56.716057062 CEST4434972520.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:56.716065884 CEST49725443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:56.716224909 CEST4434972520.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:56.716263056 CEST4434972520.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:56.716311932 CEST49725443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:56.762636900 CEST49726443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:56.762650013 CEST4434972620.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:56.762732983 CEST49726443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:56.762886047 CEST49726443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:56.762897015 CEST4434972620.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:56.797056913 CEST49727443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:39:56.797094107 CEST44349727142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:39:56.797199011 CEST49727443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:39:56.797419071 CEST49727443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:39:56.797430992 CEST44349727142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:39:57.650374889 CEST44349727142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:39:57.650762081 CEST49727443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:39:57.650775909 CEST44349727142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:39:57.651103020 CEST44349727142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:39:57.651513100 CEST49727443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:39:57.651576996 CEST44349727142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:39:57.691030025 CEST49727443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:39:57.854438066 CEST4434972620.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:57.855182886 CEST49726443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:57.855211020 CEST4434972620.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:57.856045961 CEST49726443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:57.856045961 CEST49726443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:57.856055975 CEST4434972620.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:57.856074095 CEST4434972620.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:58.617310047 CEST4434972620.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:58.617341042 CEST4434972620.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:58.617383957 CEST4434972620.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:58.617486954 CEST49726443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:58.617486954 CEST49726443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:58.617505074 CEST4434972620.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:58.617957115 CEST49726443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:58.617957115 CEST49726443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:58.617974043 CEST4434972620.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:58.618129015 CEST4434972620.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:58.618165970 CEST4434972620.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:58.618208885 CEST49726443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:58.666006088 CEST49728443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:58.666055918 CEST4434972820.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:58.666134119 CEST49728443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:58.666305065 CEST49728443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:58.666320086 CEST4434972820.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:58.744105101 CEST49715443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:39:58.744122982 CEST44349715162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:39:59.759491920 CEST4434972820.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:59.760270119 CEST49728443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:59.760310888 CEST4434972820.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:59.760977030 CEST49728443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:59.760984898 CEST4434972820.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:39:59.761023045 CEST49728443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:39:59.761033058 CEST4434972820.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:40:00.124315023 CEST4434972820.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:40:00.124340057 CEST4434972820.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:40:00.124417067 CEST4434972820.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:40:00.124418020 CEST49728443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:40:00.124461889 CEST4434972820.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:40:00.124483109 CEST49728443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:40:00.124839067 CEST49728443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:40:00.124856949 CEST4434972820.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:40:00.124866009 CEST49728443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:40:00.125021935 CEST4434972820.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:40:00.125062943 CEST4434972820.190.159.64192.168.2.18
                                                  Oct 24, 2024 14:40:00.125109911 CEST49728443192.168.2.1820.190.159.64
                                                  Oct 24, 2024 14:40:00.346498966 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:00.346582890 CEST443497292.23.209.132192.168.2.18
                                                  Oct 24, 2024 14:40:00.346677065 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:00.348933935 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:00.348978996 CEST443497292.23.209.132192.168.2.18
                                                  Oct 24, 2024 14:40:01.193948030 CEST443497292.23.209.132192.168.2.18
                                                  Oct 24, 2024 14:40:01.194082975 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:01.202359915 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:01.202370882 CEST443497292.23.209.132192.168.2.18
                                                  Oct 24, 2024 14:40:01.202616930 CEST443497292.23.209.132192.168.2.18
                                                  Oct 24, 2024 14:40:01.202688932 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:01.204653025 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:01.204679966 CEST443497292.23.209.132192.168.2.18
                                                  Oct 24, 2024 14:40:01.510055065 CEST443497292.23.209.132192.168.2.18
                                                  Oct 24, 2024 14:40:01.510098934 CEST443497292.23.209.132192.168.2.18
                                                  Oct 24, 2024 14:40:01.510130882 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:01.510158062 CEST443497292.23.209.132192.168.2.18
                                                  Oct 24, 2024 14:40:01.510170937 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:01.510196924 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:01.510304928 CEST443497292.23.209.132192.168.2.18
                                                  Oct 24, 2024 14:40:01.510351896 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:01.510377884 CEST443497292.23.209.132192.168.2.18
                                                  Oct 24, 2024 14:40:01.510420084 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:01.513256073 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:01.513256073 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:01.513273001 CEST443497292.23.209.132192.168.2.18
                                                  Oct 24, 2024 14:40:01.513312101 CEST49729443192.168.2.182.23.209.132
                                                  Oct 24, 2024 14:40:07.649522066 CEST44349727142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:40:07.649595022 CEST44349727142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:40:07.649794102 CEST49727443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:40:08.192732096 CEST49727443192.168.2.18142.250.185.132
                                                  Oct 24, 2024 14:40:08.192786932 CEST44349727142.250.185.132192.168.2.18
                                                  Oct 24, 2024 14:40:14.196048021 CEST49715443192.168.2.18162.125.6.20
                                                  Oct 24, 2024 14:40:14.196170092 CEST44349715162.125.6.20192.168.2.18
                                                  Oct 24, 2024 14:40:14.196254015 CEST49715443192.168.2.18162.125.6.20

                                                  UDP Packets

                                                  TimestampSource PortDest PortSource IPDest IP
                                                  Oct 24, 2024 14:38:51.958966970 CEST53494351.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:38:52.027141094 CEST53591711.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:38:52.644144058 CEST5957953192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:38:52.644335985 CEST6049453192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:38:52.653112888 CEST53595791.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:38:52.653181076 CEST53604941.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:38:53.235655069 CEST53612911.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:38:53.529762983 CEST5522853192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:38:53.530076981 CEST5364153192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:38:53.531147957 CEST5500953192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:38:53.531367064 CEST6136753192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:38:53.541274071 CEST53550091.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:38:53.541281939 CEST53613671.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:38:55.137475014 CEST5134853192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:38:55.137651920 CEST5305453192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:38:55.146286011 CEST53530541.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:38:55.156457901 CEST53513481.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:38:56.735932112 CEST5395153192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:38:56.736140966 CEST5974753192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:38:56.743525028 CEST53539511.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:38:56.743814945 CEST53597471.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:38:56.913002968 CEST5749453192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:38:56.913197041 CEST6262553192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:39:10.278250933 CEST53653101.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:39:13.222311020 CEST5918753192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:39:13.222481966 CEST6202953192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:39:13.223041058 CEST5846453192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:39:13.223205090 CEST5808653192.168.2.181.1.1.1
                                                  Oct 24, 2024 14:39:13.240225077 CEST53580861.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:39:13.241390944 CEST53584641.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:39:28.979928970 CEST53578991.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:39:51.846267939 CEST53589651.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:39:51.942193985 CEST53522021.1.1.1192.168.2.18
                                                  Oct 24, 2024 14:40:06.300398111 CEST138138192.168.2.18192.168.2.255
                                                  Oct 24, 2024 14:40:20.417751074 CEST53531301.1.1.1192.168.2.18

                                                  DNS Queries

                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                  Oct 24, 2024 14:38:52.644144058 CEST192.168.2.181.1.1.10x2076Standard query (0)api-d.dropbox.comA (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:52.644335985 CEST192.168.2.181.1.1.10x9df9Standard query (0)api-d.dropbox.com65IN (0x0001)false
                                                  Oct 24, 2024 14:38:53.529762983 CEST192.168.2.181.1.1.10xb6a1Standard query (0)cfl.dropboxstatic.comA (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:53.530076981 CEST192.168.2.181.1.1.10x7baStandard query (0)cfl.dropboxstatic.com65IN (0x0001)false
                                                  Oct 24, 2024 14:38:53.531147957 CEST192.168.2.181.1.1.10x8394Standard query (0)assets.dropbox.comA (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:53.531367064 CEST192.168.2.181.1.1.10x4b3eStandard query (0)assets.dropbox.com65IN (0x0001)false
                                                  Oct 24, 2024 14:38:55.137475014 CEST192.168.2.181.1.1.10xaea5Standard query (0)assets.dropbox.comA (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:55.137651920 CEST192.168.2.181.1.1.10xfbeeStandard query (0)assets.dropbox.com65IN (0x0001)false
                                                  Oct 24, 2024 14:38:56.735932112 CEST192.168.2.181.1.1.10x8719Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:56.736140966 CEST192.168.2.181.1.1.10x7af3Standard query (0)www.google.com65IN (0x0001)false
                                                  Oct 24, 2024 14:38:56.913002968 CEST192.168.2.181.1.1.10x4928Standard query (0)cfl.dropboxstatic.comA (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:56.913197041 CEST192.168.2.181.1.1.10xb277Standard query (0)cfl.dropboxstatic.com65IN (0x0001)false
                                                  Oct 24, 2024 14:39:13.222311020 CEST192.168.2.181.1.1.10xad70Standard query (0)cfl.dropboxstatic.comA (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:39:13.222481966 CEST192.168.2.181.1.1.10xc571Standard query (0)cfl.dropboxstatic.com65IN (0x0001)false
                                                  Oct 24, 2024 14:39:13.223041058 CEST192.168.2.181.1.1.10x174fStandard query (0)assets.dropbox.comA (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:39:13.223205090 CEST192.168.2.181.1.1.10x5349Standard query (0)assets.dropbox.com65IN (0x0001)false

                                                  DNS Answers

                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                  Oct 24, 2024 14:38:52.653112888 CEST1.1.1.1192.168.2.180x2076No error (0)api-d.dropbox.comd.v.dropbox.comCNAME (Canonical name)IN (0x0001)false
                                                  Oct 24, 2024 14:38:52.653112888 CEST1.1.1.1192.168.2.180x2076No error (0)d.v.dropbox.comd-edge.v.dropbox.comCNAME (Canonical name)IN (0x0001)false
                                                  Oct 24, 2024 14:38:52.653112888 CEST1.1.1.1192.168.2.180x2076No error (0)d-edge.v.dropbox.com162.125.6.20A (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:52.653181076 CEST1.1.1.1192.168.2.180x9df9No error (0)api-d.dropbox.comd.v.dropbox.comCNAME (Canonical name)IN (0x0001)false
                                                  Oct 24, 2024 14:38:52.653181076 CEST1.1.1.1192.168.2.180x9df9No error (0)d.v.dropbox.comd-edge.v.dropbox.comCNAME (Canonical name)IN (0x0001)false
                                                  Oct 24, 2024 14:38:53.539222956 CEST1.1.1.1192.168.2.180x7baNo error (0)cfl.dropboxstatic.comcfl.dropboxstatic.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                  Oct 24, 2024 14:38:53.539851904 CEST1.1.1.1192.168.2.180xb6a1No error (0)cfl.dropboxstatic.comcfl.dropboxstatic.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                  Oct 24, 2024 14:38:53.541274071 CEST1.1.1.1192.168.2.180x8394No error (0)assets.dropbox.com52.222.236.76A (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:53.541274071 CEST1.1.1.1192.168.2.180x8394No error (0)assets.dropbox.com52.222.236.51A (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:53.541274071 CEST1.1.1.1192.168.2.180x8394No error (0)assets.dropbox.com52.222.236.37A (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:53.541274071 CEST1.1.1.1192.168.2.180x8394No error (0)assets.dropbox.com52.222.236.19A (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:55.156457901 CEST1.1.1.1192.168.2.180xaea5No error (0)assets.dropbox.com52.222.236.76A (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:55.156457901 CEST1.1.1.1192.168.2.180xaea5No error (0)assets.dropbox.com52.222.236.37A (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:55.156457901 CEST1.1.1.1192.168.2.180xaea5No error (0)assets.dropbox.com52.222.236.19A (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:55.156457901 CEST1.1.1.1192.168.2.180xaea5No error (0)assets.dropbox.com52.222.236.51A (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:56.743525028 CEST1.1.1.1192.168.2.180x8719No error (0)www.google.com142.250.185.132A (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:38:56.743814945 CEST1.1.1.1192.168.2.180x7af3No error (0)www.google.com65IN (0x0001)false
                                                  Oct 24, 2024 14:38:56.920813084 CEST1.1.1.1192.168.2.180xb277No error (0)cfl.dropboxstatic.comcfl.dropboxstatic.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                  Oct 24, 2024 14:38:56.921356916 CEST1.1.1.1192.168.2.180x4928No error (0)cfl.dropboxstatic.comcfl.dropboxstatic.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                  Oct 24, 2024 14:39:13.230606079 CEST1.1.1.1192.168.2.180xc571No error (0)cfl.dropboxstatic.comcfl.dropboxstatic.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                  Oct 24, 2024 14:39:13.230855942 CEST1.1.1.1192.168.2.180xad70No error (0)cfl.dropboxstatic.comcfl.dropboxstatic.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                  Oct 24, 2024 14:39:13.241390944 CEST1.1.1.1192.168.2.180x174fNo error (0)assets.dropbox.com52.222.236.19A (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:39:13.241390944 CEST1.1.1.1192.168.2.180x174fNo error (0)assets.dropbox.com52.222.236.51A (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:39:13.241390944 CEST1.1.1.1192.168.2.180x174fNo error (0)assets.dropbox.com52.222.236.37A (IP address)IN (0x0001)false
                                                  Oct 24, 2024 14:39:13.241390944 CEST1.1.1.1192.168.2.180x174fNo error (0)assets.dropbox.com52.222.236.76A (IP address)IN (0x0001)false

                                                  HTTP Request Dependency Graph

                                                  • api-d.dropbox.com
                                                  • fs.microsoft.com
                                                  • assets.dropbox.com
                                                  • slscr.update.microsoft.com
                                                  • https:
                                                  • login.live.com
                                                  • www.bing.com

                                                  HTTPS Proxied Packets

                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                  0192.168.2.1849692184.28.90.27443
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:38:52 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                  Connection: Keep-Alive
                                                  Accept: */*
                                                  Accept-Encoding: identity
                                                  User-Agent: Microsoft BITS/7.8
                                                  Host: fs.microsoft.com
                                                  2024-10-24 12:38:52 UTC466INHTTP/1.1 200 OK
                                                  Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                  Content-Type: application/octet-stream
                                                  ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                  Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                  Server: ECAcc (lpl/EF06)
                                                  X-CID: 11
                                                  X-Ms-ApiVersion: Distribute 1.2
                                                  X-Ms-Region: prod-neu-z1
                                                  Cache-Control: public, max-age=14846
                                                  Date: Thu, 24 Oct 2024 12:38:52 GMT
                                                  Connection: close
                                                  X-CID: 2


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  1192.168.2.1849697162.125.6.204436012C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:38:53 UTC872OUTGET /r14/put_mobile_log?app_platform=windowstab&app_version=23.4.27.0&log_level=ANALYTICS&user_ids=%5B%5D&device_id=B383jVBSDsfyDtMa4BQkZCTLzjYL1jpZeysZxkH2M7U6&sys_model=097C&sys_version=10.0.22631.4317&ts=1729769006 HTTP/1.1
                                                  Host: api-d.dropbox.com
                                                  Connection: keep-alive
                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                  sec-ch-ua-mobile: ?0
                                                  sec-ch-ua-platform: "Windows"
                                                  Upgrade-Insecure-Requests: 1
                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                  Sec-Fetch-Site: none
                                                  Sec-Fetch-Mode: navigate
                                                  Sec-Fetch-User: ?1
                                                  Sec-Fetch-Dest: document
                                                  Accept-Encoding: gzip, deflate, br
                                                  Accept-Language: en-US,en;q=0.9
                                                  2024-10-24 12:38:53 UTC343INHTTP/1.1 405 Method Not Allowed
                                                  Content-Type: text/html
                                                  Content-Security-Policy: sandbox allow-forms allow-scripts
                                                  Date: Thu, 24 Oct 2024 12:38:53 GMT
                                                  Server: envoy
                                                  X-Dropbox-Is-Upstream-Batch: true
                                                  Content-Length: 1005
                                                  X-Dropbox-Response-Origin: far_remote
                                                  X-Dropbox-Request-Id: 8307bb9402434a80bb4492c92422029c
                                                  Connection: close
                                                  2024-10-24 12:38:53 UTC1005INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 44 72 6f 70 62 6f 78 20 2d 20 34 30 35 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 66 6c 2e 64 72 6f 70 62 6f 78 73 74 61 74 69 63 2e 63 6f 6d 2f 73 74 61 74 69 63 2f 6d 65 74 61 73 65 72 76 65
                                                  Data Ascii: <!DOCTYPE html><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><meta name="viewport" content="width=device-width, initial-scale=1" /><title>Dropbox - 405</title><link href="https://cfl.dropboxstatic.com/static/metaserve


                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                  2192.168.2.1849698184.28.90.27443
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:38:53 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                  Connection: Keep-Alive
                                                  Accept: */*
                                                  Accept-Encoding: identity
                                                  If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                  Range: bytes=0-2147483646
                                                  User-Agent: Microsoft BITS/7.8
                                                  Host: fs.microsoft.com
                                                  2024-10-24 12:38:53 UTC514INHTTP/1.1 200 OK
                                                  ApiVersion: Distribute 1.1
                                                  Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                  Content-Type: application/octet-stream
                                                  ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                  Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                  Server: ECAcc (lpl/EF06)
                                                  X-CID: 11
                                                  X-Ms-ApiVersion: Distribute 1.2
                                                  X-Ms-Region: prod-weu-z1
                                                  Cache-Control: public, max-age=25929
                                                  Date: Thu, 24 Oct 2024 12:38:53 GMT
                                                  Content-Length: 55
                                                  Connection: close
                                                  X-CID: 2
                                                  2024-10-24 12:38:53 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                  Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  3192.168.2.184970052.222.236.764436012C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:38:54 UTC586OUTGET /www/en-us/illustrations/spot/target-miss.svg HTTP/1.1
                                                  Host: assets.dropbox.com
                                                  Connection: keep-alive
                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                  sec-ch-ua-mobile: ?0
                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                  sec-ch-ua-platform: "Windows"
                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                  Sec-Fetch-Site: cross-site
                                                  Sec-Fetch-Mode: no-cors
                                                  Sec-Fetch-Dest: image
                                                  Accept-Encoding: gzip, deflate, br
                                                  Accept-Language: en-US,en;q=0.9
                                                  2024-10-24 12:38:55 UTC733INHTTP/1.1 200 OK
                                                  Content-Type: image/svg+xml
                                                  Content-Length: 10784
                                                  Connection: close
                                                  Date: Thu, 24 Oct 2024 12:38:54 GMT
                                                  Server: Apache
                                                  X-Dispatcher: dispatcher2uswest1-28645028
                                                  X-Vhost: dropbox-prod.adobemsbasic.com
                                                  Content-Disposition: attachment; filename="target-miss.svg"
                                                  X-Content-Type-Options: nosniff
                                                  Last-Modified: Tue, 08 Jun 2021 16:59:58 GMT
                                                  Accept-Ranges: bytes
                                                  Cache-Control: max-age=86400
                                                  Expires: Fri, 25 Oct 2024 12:38:54 GMT
                                                  X-Frame-Options: SAMEORIGIN
                                                  ETag: "2a20"
                                                  Vary: Accept-Encoding
                                                  X-Cache: Miss from cloudfront
                                                  Via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
                                                  X-Amz-Cf-Pop: FRA56-P4
                                                  X-Amz-Cf-Id: RjRMJo2kU3xoGyIdDnNu-CHxgVYUyA5xvVZ0jxM-UGW7hwEQh1QMiA==
                                                  Age: 16570
                                                  2024-10-24 12:38:55 UTC10784INData Raw: 3c 73 76 67 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 35 30 30 20 35 30 30 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 3c 70 61 74 68 20 64 3d 22 4d 34 32 36 2e 39 36 31 20 34 35 34 2e 36 36 33 63 2d 34 2e 37 33 38 2e 30 31 31 2d 39 2e 31 30 31 2e 30 33 34 2d 31 33 2e 34 36 33 2e 30 34 35 2d 32 32 2e 30 35 2e 30 35 37 2d 34 34 2e 30 38 39 2e 31 32 35 2d 36 36 2e 31 34 2e 31 33 37 2d 33 2e 32 35 37 20 30 2d 36 2e 35 32 36 2d 2e 33 39 39 2d 39 2e 37 38 33 2d 2e 33 38 38 2d 33 2e 34 30 36 2e 30 31 32 2d 36 2e 38 31 31 2e 33 31 39 2d 31 30 2e 32 31 37 2e 34 36 37 2d 31 2e 30 30 32 2e 30 34 36 2d 32 2e 30 32 37 2e 31 34 38 2d 32 2e 39 39 35 2d 2e 30 33 34 2d
                                                  Data Ascii: <svg viewBox="0 0 500 500" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M426.961 454.663c-4.738.011-9.101.034-13.463.045-22.05.057-44.089.125-66.14.137-3.257 0-6.526-.399-9.783-.388-3.406.012-6.811.319-10.217.467-1.002.046-2.027.148-2.995-.034-


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  4192.168.2.184970352.222.236.764436012C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:38:56 UTC386OUTGET /www/en-us/illustrations/spot/target-miss.svg HTTP/1.1
                                                  Host: assets.dropbox.com
                                                  Connection: keep-alive
                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                  Accept: */*
                                                  Sec-Fetch-Site: none
                                                  Sec-Fetch-Mode: cors
                                                  Sec-Fetch-Dest: empty
                                                  Accept-Encoding: gzip, deflate, br
                                                  Accept-Language: en-US,en;q=0.9
                                                  2024-10-24 12:38:56 UTC732INHTTP/1.1 200 OK
                                                  Content-Type: image/svg+xml
                                                  Content-Length: 10784
                                                  Connection: close
                                                  Date: Thu, 24 Oct 2024 12:38:54 GMT
                                                  Server: Apache
                                                  X-Dispatcher: dispatcher2uswest1-28645028
                                                  X-Vhost: dropbox-prod.adobemsbasic.com
                                                  Content-Disposition: attachment; filename="target-miss.svg"
                                                  X-Content-Type-Options: nosniff
                                                  Last-Modified: Tue, 08 Jun 2021 16:59:58 GMT
                                                  Accept-Ranges: bytes
                                                  Cache-Control: max-age=86400
                                                  Expires: Fri, 25 Oct 2024 12:38:54 GMT
                                                  X-Frame-Options: SAMEORIGIN
                                                  ETag: "2a20"
                                                  Vary: Accept-Encoding
                                                  X-Cache: Hit from cloudfront
                                                  Via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
                                                  X-Amz-Cf-Pop: FRA56-P4
                                                  X-Amz-Cf-Id: nA6ofCXXWerv8HTtpZhu_N91rm7-UMYrRAzWH8WV9d_JfxngPCG3sw==
                                                  Age: 16571
                                                  2024-10-24 12:38:56 UTC9594INData Raw: 3c 73 76 67 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 35 30 30 20 35 30 30 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 3c 70 61 74 68 20 64 3d 22 4d 34 32 36 2e 39 36 31 20 34 35 34 2e 36 36 33 63 2d 34 2e 37 33 38 2e 30 31 31 2d 39 2e 31 30 31 2e 30 33 34 2d 31 33 2e 34 36 33 2e 30 34 35 2d 32 32 2e 30 35 2e 30 35 37 2d 34 34 2e 30 38 39 2e 31 32 35 2d 36 36 2e 31 34 2e 31 33 37 2d 33 2e 32 35 37 20 30 2d 36 2e 35 32 36 2d 2e 33 39 39 2d 39 2e 37 38 33 2d 2e 33 38 38 2d 33 2e 34 30 36 2e 30 31 32 2d 36 2e 38 31 31 2e 33 31 39 2d 31 30 2e 32 31 37 2e 34 36 37 2d 31 2e 30 30 32 2e 30 34 36 2d 32 2e 30 32 37 2e 31 34 38 2d 32 2e 39 39 35 2d 2e 30 33 34 2d
                                                  Data Ascii: <svg viewBox="0 0 500 500" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M426.961 454.663c-4.738.011-9.101.034-13.463.045-22.05.057-44.089.125-66.14.137-3.257 0-6.526-.399-9.783-.388-3.406.012-6.811.319-10.217.467-1.002.046-2.027.148-2.995-.034-
                                                  2024-10-24 12:38:56 UTC1190INData Raw: 2e 35 33 2d 32 2e 35 39 37 20 35 2e 32 33 39 2d 36 2e 34 30 31 20 36 2e 38 37 39 2d 31 30 2e 32 38 34 20 31 2e 38 33 34 2d 34 2e 33 35 31 20 31 2e 30 30 32 2d 38 2e 35 38 37 2d 2e 35 34 37 2d 31 32 2e 36 39 39 2d 2e 35 38 31 2d 31 2e 35 33 37 2d 31 2e 37 38 38 2d 33 2e 30 34 31 2d 33 2e 30 38 36 2d 34 2e 30 37 37 2d 34 2e 32 37 31 2d 33 2e 34 33 39 2d 39 2e 31 34 36 2d 35 2e 34 36 37 2d 31 34 2e 37 35 2d 35 2e 34 35 35 7a 22 2f 3e 3c 2f 67 3e 3c 70 61 74 68 20 64 3d 22 4d 33 38 39 2e 36 33 38 20 31 30 39 2e 33 36 36 63 2d 2e 30 36 39 20 31 2e 38 32 32 2d 2e 39 39 31 20 32 2e 32 34 33 2d 32 2e 30 36 32 20 32 2e 30 32 37 2d 31 2e 35 38 33 2d 2e 33 30 37 2d 33 2e 32 2d 2e 37 30 36 2d 34 2e 36 37 2d 31 2e 33 35 35 2d 31 31 2e 37 37 36 2d 35 2e 31 33 37 2d 32
                                                  Data Ascii: .53-2.597 5.239-6.401 6.879-10.284 1.834-4.351 1.002-8.587-.547-12.699-.581-1.537-1.788-3.041-3.086-4.077-4.271-3.439-9.146-5.467-14.75-5.455z"/></g><path d="M389.638 109.366c-.069 1.822-.991 2.243-2.062 2.027-1.583-.307-3.2-.706-4.67-1.355-11.776-5.137-2


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  5192.168.2.1849711172.202.163.200443
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:39:07 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=k6EgaueRmdoBk4b&MD=hhvu6lcf HTTP/1.1
                                                  Connection: Keep-Alive
                                                  Accept: */*
                                                  User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                  Host: slscr.update.microsoft.com
                                                  2024-10-24 12:39:07 UTC560INHTTP/1.1 200 OK
                                                  Cache-Control: no-cache
                                                  Pragma: no-cache
                                                  Content-Type: application/octet-stream
                                                  Expires: -1
                                                  Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                  ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                  MS-CorrelationId: 8d6be972-c619-4ae8-ac0f-30dce5726d17
                                                  MS-RequestId: e1e0647a-d487-431e-a2a9-0ad8bd5f012d
                                                  MS-CV: 1TMZa3FVBkK3Ok3V.0
                                                  X-Microsoft-SLSClientCache: 2880
                                                  Content-Disposition: attachment; filename=environment.cab
                                                  X-Content-Type-Options: nosniff
                                                  Date: Thu, 24 Oct 2024 12:39:07 GMT
                                                  Connection: close
                                                  Content-Length: 24490
                                                  2024-10-24 12:39:07 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                  Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                  2024-10-24 12:39:07 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                  Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  6192.168.2.1849696162.125.6.204436012C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:39:13 UTC660OUTGET / HTTP/1.1
                                                  Host: api-d.dropbox.com
                                                  Connection: keep-alive
                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                  sec-ch-ua-mobile: ?0
                                                  sec-ch-ua-platform: "Windows"
                                                  Upgrade-Insecure-Requests: 1
                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                  Sec-Fetch-Site: none
                                                  Sec-Fetch-Mode: navigate
                                                  Sec-Fetch-User: ?1
                                                  Sec-Fetch-Dest: document
                                                  Accept-Encoding: gzip, deflate, br
                                                  Accept-Language: en-US,en;q=0.9
                                                  2024-10-24 12:39:13 UTC235INHTTP/1.1 404 Not Found
                                                  Content-Length: 1233
                                                  Content-Type: text/html
                                                  Date: Thu, 24 Oct 2024 12:39:13 GMT
                                                  Server: envoy
                                                  X-Dropbox-Response-Origin: remote
                                                  X-Dropbox-Request-Id: c7622a1c936b49f58da4c7f62846a4f2
                                                  Connection: close
                                                  2024-10-24 12:39:13 UTC1233INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 44 72 6f 70 62 6f 78 20 2d 20 34 30 34 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 66 6c 2e 64 72 6f 70 62 6f 78 73 74 61 74 69 63 2e 63 6f 6d 2f 73 74 61 74 69 63 2f 6d 65 74 61 73 65 72 76 65
                                                  Data Ascii: <!DOCTYPE html><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><meta name="viewport" content="width=device-width, initial-scale=1" /><title>Dropbox - 404</title><link href="https://cfl.dropboxstatic.com/static/metaserve


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  7192.168.2.184971752.222.236.194436012C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:39:14 UTC632OUTGET /www/en-us/illustrations/spot/look-magnifying-glass.svg HTTP/1.1
                                                  Host: assets.dropbox.com
                                                  Connection: keep-alive
                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                  sec-ch-ua-mobile: ?0
                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                  sec-ch-ua-platform: "Windows"
                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                  Sec-Fetch-Site: same-site
                                                  Sec-Fetch-Mode: no-cors
                                                  Sec-Fetch-Dest: image
                                                  Referer: https://api-d.dropbox.com/
                                                  Accept-Encoding: gzip, deflate, br
                                                  Accept-Language: en-US,en;q=0.9
                                                  2024-10-24 12:39:14 UTC743INHTTP/1.1 200 OK
                                                  Content-Type: image/svg+xml
                                                  Content-Length: 10635
                                                  Connection: close
                                                  Date: Thu, 24 Oct 2024 12:39:14 GMT
                                                  Server: Apache
                                                  X-Dispatcher: dispatcher2uswest1-28645028
                                                  X-Vhost: dropbox-prod.adobemsbasic.com
                                                  Content-Disposition: attachment; filename="look-magnifying-glass.svg"
                                                  X-Content-Type-Options: nosniff
                                                  Last-Modified: Tue, 08 Jun 2021 16:59:13 GMT
                                                  Accept-Ranges: bytes
                                                  Cache-Control: max-age=86400
                                                  Expires: Fri, 25 Oct 2024 12:39:14 GMT
                                                  X-Frame-Options: SAMEORIGIN
                                                  ETag: "298b"
                                                  Vary: Accept-Encoding
                                                  X-Cache: Miss from cloudfront
                                                  Via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
                                                  X-Amz-Cf-Pop: FRA56-P4
                                                  X-Amz-Cf-Id: zpz2PCBwwWMzRsrkh4fDaquY0x10vsxXAhO6CuonOK7RGMXekQqVVg==
                                                  Age: 16592
                                                  2024-10-24 12:39:14 UTC10635INData Raw: 3c 73 76 67 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 35 30 30 20 35 30 30 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 3c 70 61 74 68 20 64 3d 22 4d 32 34 36 2e 36 32 20 31 30 37 2e 34 38 32 63 2d 33 30 2e 36 38 35 2d 39 2e 34 35 35 2d 36 39 2e 37 39 39 2d 34 2e 30 31 38 2d 39 35 2e 35 30 38 20 31 36 2e 39 33 35 2d 32 32 2e 30 33 36 20 31 37 2e 39 39 37 2d 33 34 2e 36 31 20 34 37 2e 34 39 37 2d 33 36 2e 33 36 37 20 37 35 2e 35 31 37 2d 34 2e 35 32 36 20 37 32 2e 30 31 38 20 34 33 2e 38 30 32 20 31 34 34 2e 36 32 37 20 31 32 31 2e 30 35 33 20 31 35 31 2e 32 37 36 20 32 34 2e 34 33 37 20 32 2e 31 31 35 20 34 36 2e 39 36 20 38 2e 31 33 38 20 36 30 2e 37 38
                                                  Data Ascii: <svg viewBox="0 0 500 500" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M246.62 107.482c-30.685-9.455-69.799-4.018-95.508 16.935-22.036 17.997-34.61 47.497-36.367 75.517-4.526 72.018 43.802 144.627 121.053 151.276 24.437 2.115 46.96 8.138 60.78


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  8192.168.2.184972052.222.236.764436012C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:39:15 UTC396OUTGET /www/en-us/illustrations/spot/look-magnifying-glass.svg HTTP/1.1
                                                  Host: assets.dropbox.com
                                                  Connection: keep-alive
                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                  Accept: */*
                                                  Sec-Fetch-Site: none
                                                  Sec-Fetch-Mode: cors
                                                  Sec-Fetch-Dest: empty
                                                  Accept-Encoding: gzip, deflate, br
                                                  Accept-Language: en-US,en;q=0.9
                                                  2024-10-24 12:39:15 UTC742INHTTP/1.1 200 OK
                                                  Content-Type: image/svg+xml
                                                  Content-Length: 10635
                                                  Connection: close
                                                  Date: Thu, 24 Oct 2024 12:39:14 GMT
                                                  Server: Apache
                                                  X-Dispatcher: dispatcher2uswest1-28645028
                                                  X-Vhost: dropbox-prod.adobemsbasic.com
                                                  Content-Disposition: attachment; filename="look-magnifying-glass.svg"
                                                  X-Content-Type-Options: nosniff
                                                  Last-Modified: Tue, 08 Jun 2021 16:59:13 GMT
                                                  Accept-Ranges: bytes
                                                  Cache-Control: max-age=86400
                                                  Expires: Fri, 25 Oct 2024 12:39:14 GMT
                                                  X-Frame-Options: SAMEORIGIN
                                                  ETag: "298b"
                                                  Vary: Accept-Encoding
                                                  X-Cache: Hit from cloudfront
                                                  Via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
                                                  X-Amz-Cf-Pop: FRA56-P4
                                                  X-Amz-Cf-Id: RAncf7wXJZLgMbljRnY8i7d7H-OEJv7EA6XPA93B5slSzYxRGlF3ig==
                                                  Age: 16593
                                                  2024-10-24 12:39:15 UTC10635INData Raw: 3c 73 76 67 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 35 30 30 20 35 30 30 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 3c 70 61 74 68 20 64 3d 22 4d 32 34 36 2e 36 32 20 31 30 37 2e 34 38 32 63 2d 33 30 2e 36 38 35 2d 39 2e 34 35 35 2d 36 39 2e 37 39 39 2d 34 2e 30 31 38 2d 39 35 2e 35 30 38 20 31 36 2e 39 33 35 2d 32 32 2e 30 33 36 20 31 37 2e 39 39 37 2d 33 34 2e 36 31 20 34 37 2e 34 39 37 2d 33 36 2e 33 36 37 20 37 35 2e 35 31 37 2d 34 2e 35 32 36 20 37 32 2e 30 31 38 20 34 33 2e 38 30 32 20 31 34 34 2e 36 32 37 20 31 32 31 2e 30 35 33 20 31 35 31 2e 32 37 36 20 32 34 2e 34 33 37 20 32 2e 31 31 35 20 34 36 2e 39 36 20 38 2e 31 33 38 20 36 30 2e 37 38
                                                  Data Ascii: <svg viewBox="0 0 500 500" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M246.62 107.482c-30.685-9.455-69.799-4.018-95.508 16.935-22.036 17.997-34.61 47.497-36.367 75.517-4.526 72.018 43.802 144.627 121.053 151.276 24.437 2.115 46.96 8.138 60.78


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  9192.168.2.1849721172.202.163.200443
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:39:45 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=k6EgaueRmdoBk4b&MD=hhvu6lcf HTTP/1.1
                                                  Connection: Keep-Alive
                                                  Accept: */*
                                                  User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                  Host: slscr.update.microsoft.com
                                                  2024-10-24 12:39:46 UTC560INHTTP/1.1 200 OK
                                                  Cache-Control: no-cache
                                                  Pragma: no-cache
                                                  Content-Type: application/octet-stream
                                                  Expires: -1
                                                  Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                  ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                                  MS-CorrelationId: 212714de-788b-46e9-8c89-4b9ef4ed7982
                                                  MS-RequestId: f0d1eaa5-77de-4a95-b545-3af6fd89d8d4
                                                  MS-CV: 5x9yghKX0ESjqvoU.0
                                                  X-Microsoft-SLSClientCache: 1440
                                                  Content-Disposition: attachment; filename=environment.cab
                                                  X-Content-Type-Options: nosniff
                                                  Date: Thu, 24 Oct 2024 12:39:45 GMT
                                                  Connection: close
                                                  Content-Length: 30005
                                                  2024-10-24 12:39:46 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                                  Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                                  2024-10-24 12:39:46 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                                  Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  10192.168.2.184972220.190.159.64443
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:39:52 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                  Connection: Keep-Alive
                                                  Content-Type: application/soap+xml
                                                  Accept: */*
                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                  Content-Length: 3592
                                                  Host: login.live.com
                                                  2024-10-24 12:39:52 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                  Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                  2024-10-24 12:39:53 UTC569INHTTP/1.1 200 OK
                                                  Cache-Control: no-store, no-cache
                                                  Pragma: no-cache
                                                  Content-Type: application/soap+xml; charset=utf-8
                                                  Expires: Thu, 24 Oct 2024 12:38:53 GMT
                                                  P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                  x-ms-route-info: C539_BL2
                                                  x-ms-request-id: 9868e3c6-435c-427c-b291-6c3db5bf53aa
                                                  PPServer: PPV: 30 H: BL02EPF0001D9DB V: 0
                                                  X-Content-Type-Options: nosniff
                                                  Strict-Transport-Security: max-age=31536000
                                                  X-XSS-Protection: 1; mode=block
                                                  Date: Thu, 24 Oct 2024 12:39:53 GMT
                                                  Connection: close
                                                  Content-Length: 11392
                                                  2024-10-24 12:39:53 UTC11392INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                  Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  11192.168.2.184972420.190.159.64443
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:39:54 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                  Connection: Keep-Alive
                                                  Content-Type: application/soap+xml
                                                  Accept: */*
                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                  Content-Length: 3592
                                                  Host: login.live.com
                                                  2024-10-24 12:39:54 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                  Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                  2024-10-24 12:39:55 UTC569INHTTP/1.1 200 OK
                                                  Cache-Control: no-store, no-cache
                                                  Pragma: no-cache
                                                  Content-Type: application/soap+xml; charset=utf-8
                                                  Expires: Thu, 24 Oct 2024 12:38:55 GMT
                                                  P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                  x-ms-route-info: C539_BL2
                                                  x-ms-request-id: 11ba3b28-e0cc-414e-a432-66d989b9d951
                                                  PPServer: PPV: 30 H: BL02EPF0001D7CF V: 0
                                                  X-Content-Type-Options: nosniff
                                                  Strict-Transport-Security: max-age=31536000
                                                  X-XSS-Protection: 1; mode=block
                                                  Date: Thu, 24 Oct 2024 12:39:54 GMT
                                                  Connection: close
                                                  Content-Length: 11392
                                                  2024-10-24 12:39:55 UTC11392INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                  Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  12192.168.2.184972520.190.159.64443
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:39:56 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                  Connection: Keep-Alive
                                                  Content-Type: application/soap+xml
                                                  Accept: */*
                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                  Content-Length: 4775
                                                  Host: login.live.com
                                                  2024-10-24 12:39:56 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                  Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                  2024-10-24 12:39:56 UTC569INHTTP/1.1 200 OK
                                                  Cache-Control: no-store, no-cache
                                                  Pragma: no-cache
                                                  Content-Type: application/soap+xml; charset=utf-8
                                                  Expires: Thu, 24 Oct 2024 12:38:56 GMT
                                                  P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                  x-ms-route-info: C539_SN1
                                                  x-ms-request-id: 0690a312-aaa9-41f8-901d-185e0768dc2d
                                                  PPServer: PPV: 30 H: SN1PEPF0002F90B V: 0
                                                  X-Content-Type-Options: nosniff
                                                  Strict-Transport-Security: max-age=31536000
                                                  X-XSS-Protection: 1; mode=block
                                                  Date: Thu, 24 Oct 2024 12:39:56 GMT
                                                  Connection: close
                                                  Content-Length: 11412
                                                  2024-10-24 12:39:56 UTC11412INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                  Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  13192.168.2.184972620.190.159.64443
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:39:57 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                  Connection: Keep-Alive
                                                  Content-Type: application/soap+xml
                                                  Accept: */*
                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                  Content-Length: 4775
                                                  Host: login.live.com
                                                  2024-10-24 12:39:57 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                  Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                  2024-10-24 12:39:58 UTC569INHTTP/1.1 200 OK
                                                  Cache-Control: no-store, no-cache
                                                  Pragma: no-cache
                                                  Content-Type: application/soap+xml; charset=utf-8
                                                  Expires: Thu, 24 Oct 2024 12:38:58 GMT
                                                  P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                  x-ms-route-info: C539_BAY
                                                  x-ms-request-id: 3cefcdf3-f7a2-489f-8439-4325a86b5fe8
                                                  PPServer: PPV: 30 H: PH1PEPF00011ED1 V: 0
                                                  X-Content-Type-Options: nosniff
                                                  Strict-Transport-Security: max-age=31536000
                                                  X-XSS-Protection: 1; mode=block
                                                  Date: Thu, 24 Oct 2024 12:39:58 GMT
                                                  Connection: close
                                                  Content-Length: 11412
                                                  2024-10-24 12:39:58 UTC11412INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                  Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  14192.168.2.184972820.190.159.64443
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:39:59 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                  Connection: Keep-Alive
                                                  Content-Type: application/soap+xml
                                                  Accept: */*
                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                  Content-Length: 4828
                                                  Host: login.live.com
                                                  2024-10-24 12:39:59 UTC4828OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                  Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                  2024-10-24 12:40:00 UTC569INHTTP/1.1 200 OK
                                                  Cache-Control: no-store, no-cache
                                                  Pragma: no-cache
                                                  Content-Type: application/soap+xml; charset=utf-8
                                                  Expires: Thu, 24 Oct 2024 12:38:59 GMT
                                                  P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                  x-ms-route-info: C539_SN1
                                                  x-ms-request-id: 97468ce9-4942-4f80-acaf-32149205799f
                                                  PPServer: PPV: 30 H: SN1PEPF0002F957 V: 0
                                                  X-Content-Type-Options: nosniff
                                                  Strict-Transport-Security: max-age=31536000
                                                  X-XSS-Protection: 1; mode=block
                                                  Date: Thu, 24 Oct 2024 12:39:59 GMT
                                                  Connection: close
                                                  Content-Length: 11197
                                                  2024-10-24 12:40:00 UTC11197INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                  Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  15192.168.2.18497292.23.209.132443
                                                  TimestampBytes transferredDirectionData
                                                  2024-10-24 12:40:01 UTC2748OUTGET /client/config?cc=CH&setlang=en-CH HTTP/1.1
                                                  X-Search-CortanaAvailableCapabilities: None
                                                  X-Search-SafeSearch: Moderate
                                                  Accept-Encoding: gzip, deflate
                                                  X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                  X-UserAgeClass: Unknown
                                                  X-BM-Market: CH
                                                  X-BM-DateFormat: dd/MM/yyyy
                                                  X-Device-OSSKU: 48
                                                  X-BM-DTZ: -240
                                                  X-DeviceID: 01000A410900B03D
                                                  X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75
                                                  X-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard Time
                                                  X-BM-Theme: 000000;0078d7
                                                  X-Search-RPSToken: t%3DEwDoAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAQFSct7n4yhQ1nCFKHvuUuLE32wNgjrswj2dn8tzAxrPUkq4%2Bwy4Pa8zBZ663BBMDOt/5QGu6vZI/RYAhwlZLcLAPIktxeJJ49gFmNCYCdAlHuCpURxXXzJLPuCoRJvCH7eMc2aqH5VOUj4YU02NP2MHPyxK4fQT1h1gpEK9Piq7xwfg%2BdLxqzS7Bj3wmPfNpPQ4da%2BwMEWk0f8krA%2BIkTM3sLDjKaLVpDEIERWaowk//4iFVtFoTQxmRxaF5vtSaDuZniynQ9qLrtbTD6I%2B9KOIT3vsh4EZwg2sVIpRDCQYnPsW21azeqDQPMAnfDLyyH4cF8OvEXIuyWVwZAl5rDYQZgAAEAq3rZytPyZ6O/W7J1vZOiKwAZub8iaZqg5gUsHezq1oSI%2B1AXwoxcgfphjDLSvgN%2B4KAQWIVuCaMMpPIObIRtDgDEvP%2BSG%2BH6X87Vw6mR53B2VL0vIm1xwQZl5q6Rw4Xb4gfq74yatb0R6Bk4w4PdJxM9KpWoRs8j6fN89A0ro8bst1i0mrv6D6tvlYejsl6IQrZ1U%2BhyZVyjATpvRtjFcZSEP%2BH5K/JQBUQkCIew4Hw6wMUX24w9e/DtmnYDpu651O83SJ1PsSHOPKeUXPpd4J/aQGGWyz0n2J6FifeT3W/KaV/SjI3xC1INqWoK28zsRl1bSfxg80zaDWPUpYcy20cQp3uHJRZHf2rLY/TbgeFnNV9iynG5UpJny8OKeATaNFovLFtrHKon9eG8mtm6JZU95HZtCRSgAPUonFwVLXRx9ratMhpDx1R90aNhEUfiMQSmRxlmiSAUWv0R63kmTktG3rbKn0yuaERKfDppHW8etvV1M6tGb6ynWR9sVSeAWHLUpUrpANnzFnMUDjKcUOQm1bk/E/4gQUhrKiqGTmposO1cNTCi/nrD4kuCVHEquCt%2BB5R1zcA [TRUNCATED]
                                                  X-Agent-DeviceId: 01000A410900B03D
                                                  X-BM-CBT: 1729773590
                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                  X-Device-isOptin: false
                                                  Accept-language: en-GB, en, en-US
                                                  X-Device-Touch: false
                                                  X-Device-ClientSession: 97C7E014F2A94A03BF222167EA15FABD
                                                  X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                  Host: www.bing.com
                                                  Connection: Keep-Alive
                                                  Cookie: SRCHUID=V=2&GUID=B4BB39E5F80E411D94C438C0FA7ACF94&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&LUT=1707317051026&IPMH=6b344233&IPMID=1707317270835&HV=1707317277; ANON=A=680C1B1A649CBD64DD40EBFCFFFFFFFF; MUID=BC76BB0020D345C1A049A4820CB4C03C; MUIDB=BC76BB0020D345C1A049A4820CB4C03C
                                                  2024-10-24 12:40:01 UTC1196INHTTP/1.1 200 OK
                                                  Content-Length: 2215
                                                  Content-Type: application/json; charset=utf-8
                                                  Cache-Control: private
                                                  X-EventID: 671a4021022940848bfc6af7f13b9bba
                                                  X-AS-SetSessionMarket: de-ch
                                                  UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                  X-XSS-Protection: 0
                                                  P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
                                                  Date: Thu, 24 Oct 2024 12:40:01 GMT
                                                  Connection: close
                                                  Set-Cookie: _EDGE_S=SID=36CA3496C66760F20B8621B4C7976109&mkt=de-ch; domain=.bing.com; path=/; HttpOnly
                                                  Set-Cookie: SRCHHPGUSR=SRCHLANG=en&LUT=1707317051026&IPMH=6b344233&IPMID=1707317270835&HV=1707317277; domain=.bing.com; expires=Tue, 18-Nov-2025 12:40:01 GMT; path=/; secure; SameSite=None
                                                  Set-Cookie: WLS=C=0000000000000000&N=; domain=.bing.com; path=/; secure; SameSite=None
                                                  Set-Cookie: _SS=SID=36CA3496C66760F20B8621B4C7976109; domain=.bing.com; path=/; secure; SameSite=None
                                                  Alt-Svc: h3=":443"; ma=93600
                                                  X-CDN-TraceID: 0.28d01702.1729773601.9d40a00
                                                  2024-10-24 12:40:01 UTC2215INData Raw: 7b 22 76 65 72 73 69 6f 6e 22 3a 31 2c 22 63 6f 6e 66 69 67 22 3a 7b 22 46 65 61 74 75 72 65 43 6f 6e 66 69 67 22 3a 7b 22 53 65 61 72 63 68 42 6f 78 49 62 65 61 6d 50 6f 69 6e 74 65 72 4f 6e 48 6f 76 65 72 22 3a 7b 22 76 61 6c 75 65 22 3a 74 72 75 65 2c 22 66 65 61 74 75 72 65 22 3a 22 22 7d 2c 22 53 68 6f 77 53 65 61 72 63 68 47 6c 79 70 68 4c 65 66 74 4f 66 53 65 61 72 63 68 42 6f 78 22 3a 7b 22 76 61 6c 75 65 22 3a 74 72 75 65 2c 22 66 65 61 74 75 72 65 22 3a 22 22 7d 2c 22 53 65 61 72 63 68 42 6f 78 55 73 65 53 65 61 72 63 68 49 63 6f 6e 41 74 52 65 73 74 22 3a 7b 22 76 61 6c 75 65 22 3a 66 61 6c 73 65 2c 22 66 65 61 74 75 72 65 22 3a 22 22 7d 2c 22 53 65 61 72 63 68 42 75 74 74 6f 6e 55 73 65 53 65 61 72 63 68 49 63 6f 6e 22 3a 7b 22 76 61 6c 75 65
                                                  Data Ascii: {"version":1,"config":{"FeatureConfig":{"SearchBoxIbeamPointerOnHover":{"value":true,"feature":""},"ShowSearchGlyphLeftOfSearchBox":{"value":true,"feature":""},"SearchBoxUseSearchIconAtRest":{"value":false,"feature":""},"SearchButtonUseSearchIcon":{"value


                                                  Statistics

                                                  CPU Usage

                                                  Click to jump to process

                                                  Memory Usage

                                                  Click to jump to process

                                                  Behavior

                                                  Click to jump to process

                                                  System Behavior

                                                  General

                                                  Target ID:0
                                                  Start time:08:38:50
                                                  Start date:24/10/2024
                                                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                                  Imagebase:0x7ff728d30000
                                                  File size:3'242'272 bytes
                                                  MD5 hash:83395EAB5B03DEA9720F8D7AC0D15CAA
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:low
                                                  Has exited:false

                                                  General

                                                  Target ID:1
                                                  Start time:08:38:51
                                                  Start date:24/10/2024
                                                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=2020,i,2644156548133602700,17094965150171016535,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                  Imagebase:0x7ff728d30000
                                                  File size:3'242'272 bytes
                                                  MD5 hash:83395EAB5B03DEA9720F8D7AC0D15CAA
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:low
                                                  Has exited:false

                                                  General

                                                  Target ID:2
                                                  Start time:08:38:51
                                                  Start date:24/10/2024
                                                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://api-d.dropbox.com/r14/put_mobile_log?app_platform=windowstab&app_version=23.4.27.0&log_level=ANALYTICS&user_ids=%5B%5D&device_id=B383jVBSDsfyDtMa4BQkZCTLzjYL1jpZeysZxkH2M7U6&sys_model=097C&sys_version=10.0.22631.4317&ts=1729769006"
                                                  Imagebase:0x7ff728d30000
                                                  File size:3'242'272 bytes
                                                  MD5 hash:83395EAB5B03DEA9720F8D7AC0D15CAA
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:low
                                                  Has exited:true

                                                  Disassembly

                                                  No disassembly