Edit tour

Windows Analysis Report
https://u46572644.ct.sendgrid.net/ss/c/u001.7BTxB98bYe88lmQCKsz4HIUFNbf01nIu4ZcW2aaj0_pd-l6kidrn8FZ1e4mQuSvQbCCTviI-SCCVd1ROqf4SHYEvPXndfDx61afLByHPSZcFQrBthkk5rMcJkTcWcsh2Y-04Q7_JEfWcTBXPxGiRwnM6zn7lKLdtrKqrgIvHZ7-ZHGnbTg0RqOtmbRRIr4nTaTDT-FfA0-iHw8aKci1JA5ozJdj9jMCTsyvfXnsSI2VmtCNQJeZkVL3XN7Fq7YIc

Overview

General Information

Sample URL:	https://u46572644.ct.sendgrid.net/ss/c/u001.7BTxB98bYe88lmQCKsz4HIUFNbf01nIu4ZcW2aaj0_pd-l6kidrn8FZ1e4mQuSvQbCCTviI-SCCVd1ROqf4SHYEvPXndfDx61afLByHPSZcFQrBthkk5rMcJkTcWcsh2Y-04Q7_JEfWcTBXPxGiRwnM6zn7l
Analysis ID:	1591999
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Detected suspicious crossdomain redirect

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5500 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 2548 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2372 --field-trial-handle=2184,i,2393202216367057900,6619591652826660894,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 5544 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://u46572644.ct.sendgrid.net/ss/c/u001.7BTxB98bYe88lmQCKsz4HIUFNbf01nIu4ZcW2aaj0_pd-l6kidrn8FZ1e4mQuSvQbCCTviI-SCCVd1ROqf4SHYEvPXndfDx61afLByHPSZcFQrBthkk5rMcJkTcWcsh2Y-04Q7_JEfWcTBXPxGiRwnM6zn7lKLdtrKqrgIvHZ7-ZHGnbTg0RqOtmbRRIr4nTaTDT-FfA0-iHw8aKci1JA5ozJdj9jMCTsyvfXnsSI2VmtCNQJeZkVL3XN7Fq7YIcd_S1s_bwbouuhRGv2QcHaQ/4d5/eQm1NPMBQRmL486sFVGLLQ/h23/h001.SsZOuACjv5TImktMo-3w6vBgBU7odoj-WlNwWKGNCC0" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49914 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:50026 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: u46572644.ct.sendgrid.net to https://user.cartseefashion.com/status/unsubscribe?content=uiuejg1qdt2moih%2b5bdd2u%2fozy%2bk6klrdtzr9ks%2fc9g%2fvwqo%2b3ddtyo3wluy6gpy%2fr%2buqczqnrlfhwdgdemrrg%3d%3d&cartseehreftrace=10001

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ss/c/u001.7BTxB98bYe88lmQCKsz4HIUFNbf01nIu4ZcW2aaj0_pd-l6kidrn8FZ1e4mQuSvQbCCTviI-SCCVd1ROqf4SHYEvPXndfDx61afLByHPSZcFQrBthkk5rMcJkTcWcsh2Y-04Q7_JEfWcTBXPxGiRwnM6zn7lKLdtrKqrgIvHZ7-ZHGnbTg0RqOtmbRRIr4nTaTDT-FfA0-iHw8aKci1JA5ozJdj9jMCTsyvfXnsSI2VmtCNQJeZkVL3XN7Fq7YIcd_S1s_bwbouuhRGv2QcHaQ/4d5/eQm1NPMBQRmL486sFVGLLQ/h23/h001.SsZOuACjv5TImktMo-3w6vBgBU7odoj-WlNwWKGNCC0 HTTP/1.1Host: u46572644.ct.sendgrid.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001 HTTP/1.1Host: user.cartseefashion.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /status/js/cartxLog.js HTTP/1.1Host: user.cartseefashion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /status/js/request.js HTTP/1.1Host: user.cartseefashion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /status/img/tuidingqueren.svg HTTP/1.1Host: user.cartseefashion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-js/axios.min.js HTTP/1.1Host: app.cartsee.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://user.cartseefashion.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /status/js/cartxLog.js HTTP/1.1Host: user.cartseefashion.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /status/js/request.js HTTP/1.1Host: user.cartseefashion.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /status/img/tuidingqueren.svg HTTP/1.1Host: user.cartseefashion.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /status/favicon.ico HTTP/1.1Host: user.cartseefashion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-js/axios.min.js HTTP/1.1Host: app.cartsee.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /status/favicon.ico HTTP/1.1Host: user.cartseefashion.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cartsee/form/getCompanyInfo HTTP/1.1Host: us-service.cartsee-from.cartx.cloudConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /status/img/logo.svg HTTP/1.1Host: user.cartseefashion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /status/img/logo.svg HTTP/1.1Host: user.cartseefashion.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cartsee/form/unsubscribe HTTP/1.1Host: us-service.cartsee-from.cartx.cloudConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /status/resubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&lange=US HTTP/1.1Host: user.cartseefashion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cartsee/form/subscribe HTTP/1.1Host: us-service.cartsee-from.cartx.cloudConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: u46572644.ct.sendgrid.net
Source: global traffic	DNS traffic detected: DNS query: user.cartseefashion.com
Source: global traffic	DNS traffic detected: DNS query: app.cartsee.com
Source: global traffic	DNS traffic detected: DNS query: us-service.cartsee-from.cartx.cloud
Source: global traffic	DNS traffic detected: DNS query: 59b517704ce43f0f.cartx.cloud

Source: unknown

HTTP traffic detected: POST /cartsee/form/monitor/request HTTP/1.1Host: us-service.cartsee-from.cartx.cloudConnection: keep-aliveContent-Length: 736sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: multipart/form-data; boundary=----WebKitFormBoundary6PvAz3BA53VupkrRAccept: */*Origin: https://user.cartseefashion.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://user.cartseefashion.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_72.3.dr	String found in binary or memory: https://59b517704ce43f0f.cartx.cloud/monitor/request
Source: chromecache_59.3.dr, chromecache_58.3.dr	String found in binary or memory: https://app.cartsee.com/cdn-js/axios.min.js
Source: chromecache_74.3.dr, chromecache_66.3.dr	String found in binary or memory: https://test-service.cartsee-form-us.cartx.cloud
Source: chromecache_74.3.dr, chromecache_66.3.dr	String found in binary or memory: https://us-service.cartsee-from.cartx.cloud
Source: chromecache_58.3.dr	String found in binary or memory: https://us-service.cartsee-from.cartx.cloud/cartsee/form/monitor/request

Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822

Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49914 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:50026 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@17/25@18/8

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2372 --field-trial-handle=2184,i,2393202216367057900,6619591652826660894,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://u46572644.ct.sendgrid.net/ss/c/u001.7BTxB98bYe88lmQCKsz4HIUFNbf01nIu4ZcW2aaj0_pd-l6kidrn8FZ1e4mQuSvQbCCTviI-SCCVd1ROqf4SHYEvPXndfDx61afLByHPSZcFQrBthkk5rMcJkTcWcsh2Y-04Q7_JEfWcTBXPxGiRwnM6zn7lKLdtrKqrgIvHZ7-ZHGnbTg0RqOtmbRRIr4nTaTDT-FfA0-iHw8aKci1JA5ozJdj9jMCTsyvfXnsSI2VmtCNQJeZkVL3XN7Fq7YIcd_S1s_bwbouuhRGv2QcHaQ/4d5/eQm1NPMBQRmL486sFVGLLQ/h23/h001.SsZOuACjv5TImktMo-3w6vBgBU7odoj-WlNwWKGNCC0"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2372 --field-trial-handle=2184,i,2393202216367057900,6619591652826660894,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://u46572644.ct.sendgrid.net/ss/c/u001.7BTxB98bYe88lmQCKsz4HIUFNbf01nIu4ZcW2aaj0_pd-l6kidrn8FZ1e4mQuSvQbCCTviI-SCCVd1ROqf4SHYEvPXndfDx61afLByHPSZcFQrBthkk5rMcJkTcWcsh2Y-04Q7_JEfWcTBXPxGiRwnM6zn7lKLdtrKqrgIvHZ7-ZHGnbTg0RqOtmbRRIr4nTaTDT-FfA0-iHw8aKci1JA5ozJdj9jMCTsyvfXnsSI2VmtCNQJeZkVL3XN7Fq7YIcd_S1s_bwbouuhRGv2QcHaQ/4d5/eQm1NPMBQRmL486sFVGLLQ/h23/h001.SsZOuACjv5TImktMo-3w6vBgBU7odoj-WlNwWKGNCC0	0%	Avira URL Cloud	safe

Source	Detection	Scanner	Label
https://user.cartseefashion.com/status/favicon.ico	0%	Avira URL Cloud	safe
https://app.cartsee.com/cdn-js/axios.min.js	0%	Avira URL Cloud	safe
https://user.cartseefashion.com/status/img/logo.svg	0%	Avira URL Cloud	safe
https://user.cartseefashion.com/status/img/tuidingqueren.svg	0%	Avira URL Cloud	safe
https://user.cartseefashion.com/status/js/cartxLog.js	0%	Avira URL Cloud	safe
https://test-service.cartsee-form-us.cartx.cloud	0%	Avira URL Cloud	safe
https://user.cartseefashion.com/status/js/request.js	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
59b517704ce43f0f.cartx.cloud	47.106.172.22	true	false	high
user.cartseefashion.com	47.253.95.248	true	false	unknown
www.google.com	142.250.186.100	true	false	high
app.cartsee.com.w.cdngslb.com	163.181.131.216	true	false	unknown
us-service.cartsee-from.cartx.cloud	47.253.95.248	true	false	high
u46572644.ct.sendgrid.net	167.89.115.147	true	false	unknown
app.cartsee.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://app.cartsee.com/cdn-js/axios.min.js	false	Avira URL Cloud: safe	unknown
https://us-service.cartsee-from.cartx.cloud/cartsee/form/unsubscribe	false		high
https://59b517704ce43f0f.cartx.cloud/monitor/request	false		high
https://user.cartseefashion.com/status/js/cartxLog.js	false	Avira URL Cloud: safe	unknown
https://user.cartseefashion.com/status/favicon.ico	false	Avira URL Cloud: safe	unknown
https://us-service.cartsee-from.cartx.cloud/cartsee/form/monitor/request	false		high
https://us-service.cartsee-from.cartx.cloud/cartsee/form/getCompanyInfo	false		high
https://us-service.cartsee-from.cartx.cloud/cartsee/form/subscribe	false		high
https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001	false		unknown
https://user.cartseefashion.com/status/img/logo.svg	false	Avira URL Cloud: safe	unknown
https://user.cartseefashion.com/status/resubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&lange=US	false		unknown
https://user.cartseefashion.com/status/img/tuidingqueren.svg	false	Avira URL Cloud: safe	unknown
https://user.cartseefashion.com/status/js/request.js	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://us-service.cartsee-from.cartx.cloud	chromecache_74.3.dr, chromecache_66.3.dr	false		high
https://test-service.cartsee-form-us.cartx.cloud	chromecache_74.3.dr, chromecache_66.3.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
163.181.131.216	app.cartsee.com.w.cdngslb.com	United States	24429	TAOBAOZhejiangTaobaoNetworkCoLtdCN	false
163.181.131.208	unknown	United States	24429	TAOBAOZhejiangTaobaoNetworkCoLtdCN	false
167.89.115.147	u46572644.ct.sendgrid.net	United States	11377	SENDGRIDUS	false
47.253.95.248	user.cartseefashion.com	United States	45102	CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
47.106.172.22	59b517704ce43f0f.cartx.cloud	China	37963	CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd	false
142.250.186.100	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.6

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1591999
Start date and time:	2025-01-15 16:27:59 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 0s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://u46572644.ct.sendgrid.net/ss/c/u001.7BTxB98bYe88lmQCKsz4HIUFNbf01nIu4ZcW2aaj0_pd-l6kidrn8FZ1e4mQuSvQbCCTviI-SCCVd1ROqf4SHYEvPXndfDx61afLByHPSZcFQrBthkk5rMcJkTcWcsh2Y-04Q7_JEfWcTBXPxGiRwnM6zn7lKLdtrKqrgIvHZ7-ZHGnbTg0RqOtmbRRIr4nTaTDT-FfA0-iHw8aKci1JA5ozJdj9jMCTsyvfXnsSI2VmtCNQJeZkVL3XN7Fq7YIcd_S1s_bwbouuhRGv2QcHaQ/4d5/eQm1NPMBQRmL486sFVGLLQ/h23/h001.SsZOuACjv5TImktMo-3w6vBgBU7odoj-WlNwWKGNCC0
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	9
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@17/25@18/8

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 74.125.206.84, 142.250.186.131, 142.250.185.110, 172.217.16.206, 216.58.206.46, 142.250.184.206, 2.17.190.73, 199.232.210.172, 142.250.185.238, 216.58.206.78, 142.250.186.78, 142.250.184.238, 142.250.184.227, 142.250.186.46, 142.250.185.206, 2.22.50.131, 13.107.253.45, 2.23.242.162, 20.12.23.50
Excluded domains from analysis (whitelisted): client.wns.windows.com, fs.microsoft.com, accounts.google.com, otelrules.azureedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://u46572644.ct.sendgrid.net/ss/c/u001.7BTxB98bYe88lmQCKsz4HIUFNbf01nIu4ZcW2aaj0_pd-l6kidrn8FZ1e4mQuSvQbCCTviI-SCCVd1ROqf4SHYEvPXndfDx61afLByHPSZcFQrBthkk5rMcJkTcWcsh2Y-04Q7_JEfWcTBXPxGiRwnM6zn7lKLdtrKqrgIvHZ7-ZHGnbTg0RqOtmbRRIr4nTaTDT-FfA0-iHw8aKci1JA5ozJdj9jMCTsyvfXnsSI2VmtCNQJeZkVL3XN7Fq7YIcd_S1s_bwbouuhRGv2QcHaQ/4d5/eQm1NPMBQRmL486sFVGLLQ/h23/h001.SsZOuACjv5TImktMo-3w6vBgBU7odoj-WlNwWKGNCC0

Input	Output
URL: https://user.cartseefashion.com/status/resubscribe... Model: Joe Sandbox AI	{ "risk_score": 4, "reasoning": "The script appears to be a subscription management interface that retrieves and displays content based on query parameters. While it does not exhibit any high-risk behaviors, it has some moderate-risk indicators, such as external data transmission and fallback domains. Additionally, the script uses dynamic content rendering, which could potentially be abused. Overall, the script requires further review due to its aggressive DOM manipulation and potential for misuse, but it does not appear to be inherently malicious." }
const search = new URLSearchParams(window?.location?.search); const getContent = () => { const c = search.get("content"); const content = c ? c : ""; return content; }; const getLange = () => { const c = search.get("lange"); const lange = c ? c : ""; return lange; }; const start = () => { document.title = "Subscribe"; document .querySelector('meta[property="og:title"]') ?.setAttribute("content", "Subscribe"); subscribeInterface({ content: getContent() }) .then((res) => { const companyInfo = res?.data?.data; const changeInfo = (companyInfo) => { if ( companyInfo && companyInfo.logo && companyInfo.logo.length > 0 ) { document.getElementById("img").src = companyInfo.logo; } if ( res?.data?.data?.companyId == "173" && location?.pathname === "/resubscribe" ) { document.getElementById("text").innerHTML = ""; } else { let lange = getLange() let resubTest = '' let ubTest = '' if(lange === 'US'){ resubTest = `You've successfully been resubscribed.` ubTest = `You've successfully been subscribed.` } if(lange === 'KR'){ resubTest = ` .` ubTest = ` ` } if(lange === 'DK'){ resubTest = `Du er blevet tilmeldt igen` ubTest = `Du er blevet tilmeldt.` } if(lange === 'SE'){ resubTest = `Du har prenumererats p nytt.` ubTest = `Du har framgngsrikt prenumererat.` } if(!lange){ resubTest = `You've successfully been resubscribed.` ubTest = `You've successfully been subscribed.` } document.getElementById("text").innerHTML = location.pathname === "/resubscribe" ? resubTest : ubTest; } }; if (window?.document?.body) { changeInfo(companyInfo); } else { let hasListen = false; window?.document?.addEventListener( "readystatechange", (event) => { if ( event.target.readyState === "interactive" \|\| event.target.readyState === "complete" ) { if (!hasListen) { hasListen = true; changeInfo(companyInfo); } } } ); } }) .catch((res) => {}); }; start();
URL: https://user.cartseefashion.com/status/unsubscribe... Model: Joe Sandbox AI	{ "risk_score": 4, "reasoning": "The script has some moderate-risk indicators, such as external data transmission and aggressive DOM manipulation, but it also has legitimate use cases like analytics and unsubscribe functionality. The script requires further review due to the unclear or potentially overly aggressive behavior." }
const start = () => { logUnsubscribeInfo({ type: "Unsubscribe-PV" }); document.title = "Unsubscribe"; document .querySelector('meta[property="og:title"]') ?.setAttribute("content", "Unsubscribe"); }; start(); const search = new URLSearchParams(window?.location?.search); const getContent = () => { const c = search.get("content"); const content = c ? c : ""; return content; }; let companySite = ""; const hasHttpRegex = (str) => { // const reg = new RegExp("http://"); // return reg.test(str); return /https?:\/\//.test(str); }; const browseWebsite = () => { logUnsubscribeInfo({ type: "Unsubscribe-Website" }); console.log(companySite,'site--------------site') const url = hasHttpRegex(companySite) ? companySite : "http://" + companySite; console.log(url,'url-------url') window.open(url); }; let copywriting = { Copywriting1: "You've Been Unsubscribed.", Copywriting2: "If you'd like to re-subscribe to this list, use the link below.", Copywriting3: "re-subscribe", loadingText:'Unsubscribe' }; let unsubscribePageLanguage const domain = window.location.origin ? window.location.origin : window.location.protocol + "//" + window.location.hostname; const UnsubscribeOk = () => { logUnsubscribeInfo({ type: "Unsubscribe-OK" }); document.getElementById("img").src = "./img/logo.svg"; document.getElementById("ok-before").style.display = 'none'; document.getElementById("ok-ing").style.display = 'inline-block'; document.getElementById("loadText").innerHTML = copywriting.loadingText document.getElementById("ok").style.borderColor = '#B9B2FF'; unsubscribeInterface({ content: getContent() }) .then((res) => { if (res?.data?.data?.companyId == "173") { copywriting.Copywriting1 = ""; copywriting.Copywriting2 = ""; copywriting.Copywriting3 = ""; } // else { // copywriting.Copywriting1 = "You've Been Unsubscribed."; // copywriting.Copywriting2 = // "If you'd like to re-subscribe to this list, use the link below."; // copywriting.Copywriting3 = "re-subscribe"; // } document.getElementById("tip").style.display = "none"; document.getElementById("ok").style.display = "none"; document.getElementById("no").style.display = "none"; document.getElementById("browse").style.display = "none"; const writing1 = document?.getElementById("writing1"); const writing2 = document?.getElementById("writing2"); const writing3 = document?.getElementById("writing3"); document.getElementById("writing1Text").innerHTML = copywriting.Copywriting1; writing2.innerHTML = copywriting.Copywriting2; document.getElementById("writing3Text").innerHTML = copywriting.Copywriting3; writing1.style.display = "block"; writing2.style.display = "block"; writing3.style.display = "block"; }) .catch((res) => { document.getElementById("ok-before").style.display = 'inline-block'; document.getElementById("ok-ing").style.display = 'none'; document.getElementById("ok").style.borderColor = 'rgb(81, 62, 255)'; }); }; const UnsubscribeNo = () => { logUnsubscribeInfo({ type: "Unsubscribe-NO" }); document.getElementById("ok").style.display = "none"; document.getElementById("no").style.display = "none"; if(unsubscribePageLanguage === 'US'){ document.getElementById("tip").innerHTML = "Thank you for your trust, we will provide you with better service."; document.getElementById("browseId").innerHTML = "browse the website"; } if(unsubscribePageLanguage === 'KR'){ document.getElementById("tip").innerHTML = " , ."; document.getElementById("browseId").innerHTML = " ";
URL: https://user.cartseefashion.com/status/js/cartxLog... Model: Joe Sandbox AI	{ "risk_score": 4, "reasoning": "The provided JavaScript code has a moderate risk level. It includes some behaviors that could be concerning, such as sending user data to external servers and using the `FormData` object to transmit data. However, the code also has some legitimate use cases, such as logging errors and performance metrics. The overall risk is mitigated by the fact that the code appears to be part of a larger application and the data being sent is not highly sensitive. Further review may be necessary to fully understand the context and intent of the code." }
/** * * @param params / const logToServer = (params) => { let data = Object.assign({date:Date.now()}, params); // data = Object.assign(data, readGlobalParams()); // data = Object.assign(data, readBrowserParams()); // const fd = new FormData(); if (data['companyId']) { fd.append('companyId', data['companyId']); delete data.companyId; } if (data['site']) { fd.append('site', data['site']); delete data.site; } if (data['ru']) { fd.append('requestUrl', data['ru']); delete data.ru; } if (data['em']) { fd.append('reason', data['em']); delete data.em; } if (data['type']) { fd.append('type', data['type']); } if (data['time']) { fd.append('time', `${Math.ceil(Number(data['time']))}`); delete data.time; } if (data['cost']) { fd.append('cost', data['cost']); delete data.cost; } fd.append('param', JSON.stringify(data)); // if (navigator?.sendBeacon) { navigator.sendBeacon('https://59b517704ce43f0f.cartx.cloud/monitor/request', fd); } else { const xhr = new XMLHttpRequest(); xhr.open("POST", "https://59b517704ce43f0f.cartx.cloud/monitor/request"); xhr.send(fd); } } /* * * @returns / const readGlobalParams = () => { const companyInfo = localStorage.getItem('companyInfo'); return { companyId: companyInfo ? (JSON.parse(companyInfo)?.id ?? '') : '', // id companyName: localStorage.getItem('companyName') ?? '', // displayInfo: localStorage.getItem('displayInfo') ?? '', // } } /* * * @returns / const readBrowserParams = () => { return { site:window.location.href, ua:window.navigator?.userAgent, } } /* * js * @param error js / var LogJsError = (error) => { // let data = { type: 'JSERROR', error: null, } if (typeof error != 'object') { data.error = `${error}`; } else { data = Object.assign({type:'JSERROR'}, error); } // logToServer(data); } /* * 500 * @param error url / var Log500Error = (error) => { // let data = { type: '500ERROR', error: null, } if (typeof error != 'object') { data.error = `${error}`; } else { data = Object.assign({type:'500ERROR'}, error); } // logToServer(data); } var LogTimeoutError = (error) => { // let data = { type: 'TIMEOUTERROR', error: null, } if (typeof error != 'object') { data.error = `${error}`; } else { data = Object.assign({type:'TIMEOUTERROR'}, error); } // logToServer(data); } /* * */ var LogRequestInfo = (info) => { // let data = { type: 'requestDuration', em: 'requestDuration', error: null, } if (typeof info != 'object') { data.error = `${info}`; } else { data = Object.assign({type:'requestDuration', em: 'requestDuration',}, info); } // logToServer(data); }
URL: https://user.cartseefashion.com/status/js/request.... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a configuration for an Axios HTTP client, which is a common and legitimate practice. It sets up a base URL, timeout, and request/response interceptors to handle logging and error handling. While the code includes some logging and error reporting functionality, it does not exhibit any high-risk indicators like dynamic code execution, data exfiltration, or obfuscation. The overall behavior seems to be focused on improving the reliability and observability of the HTTP requests, which is a common and expected practice in web development." }
var service2 = axios.create({ baseURL: 'https://us-service.cartsee-from.cartx.cloud', // baseURL:'https://test-service.cartsee-form-us.cartx.cloud', timeout: 120000, }); service2.interceptors.request.use( (config) => { config.cartxTime = performance?.now() \|\| Date.now(); return config; }, (error) => { return Promise.reject(error); }, ); service2.interceptors.response.use( (response) => { const config = response?.config; if (config?.cartxTime) { const t = performance?.now() \|\| Date.now(); const duration = t - config?.cartxTime; LogRequestInfo({ ru:response.config?.url\|\|(response.request?.custom?.url\|\|''), // request url rp:response.config?.data\|\|(response.request?.custom?.options?.body\|\|''), // request params ru1:response.request?.responseURL\|\|'', // response url m:response.config?.method\|\|'POST', // method em:response.status\|\|'', // error message er:{code:response?.data?.code,message:response?.data?.message}\|\|'', // error response time: duration, }); } if (!response.data \|\| response.data.code !== 0) { return Promise.reject(new Error(response && response.data && response.data.message\|\| 'Error')); } return response; }, (error) => { if (error?.config?.cartxTime) { const t = performance?.now() \|\| Date.now(); const duration = t - error?.config?.cartxTime; LogRequestInfo({ ru:error.config?.url\|\|(error.request?.custom?.url\|\|''), // request url rp:error.config?.data\|\|(error.request?.custom?.options?.body\|\|''), // request params ru1:error.request?.responseURL\|\|'', // response url m:error.config?.method\|\|'POST', // method em:error.message\|\|(error.status\|\|error.status?.status), // error message er:error.response?.data\|\|'', // error response time: duration, }); } if (error.request && error.request.readyState == 4 && error.request.status >= 500) { Log500Error({ ru:error.config?.url\|\|(error.request?.custom?.url\|\|''), // request url rp:error.config?.data\|\|(error.request?.custom?.options?.body\|\|''), // request params ru1:error.request?.responseURL\|\|'', // response url m:error.config?.method\|\|'POST', // method em:error.message\|\|(error.status\|\|'500+'), // error message er:error.response?.data\|\|'', // error response }); } if (error?.message?.includes('timeout')) { LogTimeoutError({ ru:error.config?.url\|\|(error.request?.custom?.url\|\|''), // request url rp:error.config?.data\|\|(error.request?.custom?.options?.body\|\|''), // request params ru1:error.request?.responseURL\|\|'', // response url m:error.config?.method\|\|'POST', // method em:error?.message\|\|(error?.status\|\|error.request?.status\|\|'504'), // error message er:error.response?.data\|\|'', // error response }); } return Promise.reject(error); }, ); window.service2 = service2;
URL: https://user.cartseefashion.com/status/unsubscribe... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a logging/analytics utility that collects and sends data to a server. While it uses some legacy practices like `XDomainRequest`, the overall behavior is consistent with typical analytics functionality and does not demonstrate any high-risk indicators. The script interacts with a known domain (`cartsee-from.cartx.cloud`) and the data being sent does not appear to contain sensitive information. Therefore, this script is assessed as low risk." }
const logToServer1 = (params) => { let data = Object.assign({ date: Date.now() }, params); // data = Object.assign(data, readGlobalParams1()); // data = Object.assign(data, readBrowserParams1()); // const fd = new FormData(); if (data["companyId"]) { fd.append("companyId", data["companyId"]); delete data.companyId; } if (data["site"]) { fd.append("site", data["site"]); delete data.site; } if (data["ru"]) { fd.append("requestUrl", data["ru"]); delete data.ru; } if (data["em"]) { fd.append("reason", data["em"]); delete data.em; } if (data["type"]) { fd.append("type", data["type"]); } if (data["time"]) { fd.append("time", `${Math.ceil(Number(data["time"]))}`); delete data.time; } if (data["cost"]) { fd.append("cost", data["cost"]); delete data.cost; } fd.append("param", JSON.stringify(data)); if (navigator?.sendBeacon) { navigator.sendBeacon( "https://us-service.cartsee-from.cartx.cloud/cartsee/form/monitor/request", fd ); } else { const xhr = new XMLHttpRequest(); xhr.open( "POST", "https://us-service.cartsee-from.cartx.cloud/cartsee/form/monitor/request" ); xhr.send(fd); } }; /** * * @returns / const readGlobalParams1 = () => { const companyInfo = localStorage.getItem("companyInfo"); return { companyId: companyInfo ? JSON.parse(companyInfo)?.id ?? "" : "", // id companyName: localStorage.getItem("companyName") ?? "", // displayInfo: localStorage.getItem("displayInfo") ?? "", // }; }; /* * * @returns / const readBrowserParams1 = () => { return { site: window.location.href, ua: window.navigator?.userAgent, }; }; /* * */ var logUnsubscribeInfo = (info) => { // let data = { type: "PV", }; if (typeof info != "object") { data.error = `${info}`; } else { data = Object.assign({ type: "PV" }, info); } // logToServer1(data); };
URL: https://user.cartseefashion.com/status/resubscribe... Model: Joe Sandbox AI	{ "risk_score": 5, "reasoning": "The provided JavaScript snippet has a mix of moderate-risk and low-risk indicators. It retrieves content and language parameters from the URL, updates the document title and meta tags, and then calls a 'subscribeInterface' function. While the code does not exhibit any high-risk behaviors, it has some potentially concerning aspects, such as the use of dynamic content retrieval and the possibility of sending user data to an external service. Further review of the 'subscribeInterface' function and the overall context of the application would be necessary to determine the full risk profile." }
const search = new URLSearchParams(window?.location?.search); const getContent = () => { const c = search.get("content"); const content = c ? c : ""; return content; }; const getLange = () => { const c = search.get("lange"); const lange = c ? c : ""; return lange; }; const start = () => { document.title = "Subscribe"; document .querySelector('meta[property="og:title"]') ?.setAttribute("content", "Subscribe"); subscribeInterface({ content: getContent() }) .then((res) => { const companyInfo = res?.data?.data; const changeInfo = (companyInfo) => { if ( companyInfo && companyInfo.logo && companyInfo.logo.length > 0 ) { document.getElementById("img").src = companyInfo.logo; } if ( res?.data?.data?.companyId == "173" && location?.pathname === "/resubscribe" ) { document.getElementById("text").innerHTML = ""; } else { let lange = getLange() let resubTest = '' let ubTest = '' if(lange === 'US'){ resubTest = `You've successfully been resubscribed.` ubTest = `You've successfully been subscribed.` } if(lange === 'KR'){ resubTest = `
URL: https://cartseefashion.com Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": false, "brand_spoofing_attempt": false, "third_party_hosting": false, "reasoning": "This appears to be a straightforward e-commerce domain with a conventional .com TLD. No suspicious elements are detected in the URL structure." }
URL: https://cartseefashion.com
URL: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001 Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Are you sure you want to unsubscribe?", "prominent_button_name": "Yes, unsubscribe", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://app.cartsee.com/cdn-js/axios.min.js... Model: Joe Sandbox AI	```json { "risk_score": 1, "reasoning": "The script appears to be a minified version of a library (likely Axios) with no high-risk behaviors such as dynamic code execution or data exfiltration. It does not interact with external domains or exhibit obfuscation indicative of malicious intent. The use of modern JavaScript practices suggests a low risk." }
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e\|\|self).axios=t()}(this,(function(){"use strict";function e(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function t(t){for(var n=1;n<arguments.length;n++){var r=null!=arguments[n]?arguments[n]:{};n%2?e(Object(r),!0).forEach((function(e){a(t,e,r[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(r)):e(Object(r)).forEach((function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(r,e))}))}return t}function n(e){return n="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},n(e)}function r(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}function o(e,t){for(var n=0;n<t.length;n++){var r=t[n];r.enumerable=r.enumerable\|\|!1,r.configurable=!0,"value"in r&&(r.writable=!0),Object.defineProperty(e,r.key,r)}}function i(e,t,n){return t&&o(e.prototype,t),n&&o(e,n),Object.defineProperty(e,"prototype",{writable:!1}),e}function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function s(e,t){return c(e)\|\|function(e,t){var n=null==e?null:"undefined"!=typeof Symbol&&e[Symbol.iterator]\|\|e["@@iterator"];if(null==n)return;var r,o,i=[],a=!0,s=!1;try{for(n=n.call(e);!(a=(r=n.next()).done)&&(i.push(r.value),!t\|\|i.length!==t);a=!0);}catch(e){s=!0,o=e}finally{try{a\|\|null==n.return\|\|n.return()}finally{if(s)throw o}}return i}(e,t)\|\|l(e,t)\|\|p()}function u(e){return function(e){if(Array.isArray(e))return d(e)}(e)\|\|f(e)\|\|l(e)\|\|function(){throw new TypeError("Invalid attempt to spread non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}()}function c(e){if(Array.isArray(e))return e}function f(e){if("undefined"!=typeof Symbol&&null!=e[Symbol.iterator]\|\|null!=e["@@iterator"])return Array.from(e)}function l(e,t){if(e){if("string"==typeof e)return d(e,t);var n=Object.prototype.toString.call(e).slice(8,-1);return"Object"===n&&e.constructor&&(n=e.constructor.name),"Map"===n\|\|"Set"===n?Array.from(e):"Arguments"===n\|\|/^(?:Ui\|I)nt(?:8\|16\|32)(?:Clamped)?Array$/.test(n)?d(e,t):void 0}}function d(e,t){(null==t\|\|t>e.length)&&(t=e.length);for(var n=0,r=new Array(t);n<t;n++)r[n]=e[n];return r}function p(){throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}function h(e,t){return function(){return e.apply(t,arguments)}}var m,y=Object.prototype.toString,v=Object.getPrototypeOf,b=(m=Object.create(null),function(e){var t=y.call(e);return m[t]\|\|(m[t]=t.slice(8,-1).toLowerCase())}),g=function(e){return e=e.toLowerCase(),function(t){return b(t)===e}},w=function(e){return function(t){return n(t)===e}},O=Array.isArray,E=w("undefined");var S=g("ArrayBuffer");var R=w("string"),A=w("function"),j=w("number"),T=function(e){return null!==e&&"object"===n(e)},P=function(e){if("object"!==b(e))return!1;var t=v(e);return!(null!==t&&t!==Object.prototype&&null!==Object.getPrototypeOf(t)\|\|Symbol.toStringTag in e\|\|Symbol.iterator in e)},N=g("Date"),x=g("File"),C=g("Blob"),k=g("FileList"),_=g("URLSearchParams");function F(e,t){var r,o,i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{},a=i.allOwnKeys,s=void 0!==a&&a;if(null!=e)if("object"!==n(e)&&(e=[e]),O(e))for(r=0,o=e.length;r<o;r++)t.call(null,e[r],r,e);else{var u,c=s?Object.getOwnPropertyNames(e):Object.keys(e),f=c.length;for(r=0;r<f;r++)u=c[r],t.call(null,e[u],u,e)}}function U(e,t){t=t.toLowerCase();for(var n,r=Object.keys(e),o=r.length;o
URL: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001 Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://user.cartseefashion.com/status/resubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&lange=US Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://user.cartseefashion.com/status/resubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&lange=US Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text
Category:	downloaded
Size (bytes):	19830
Entropy (8bit):	5.323070562008143
Encrypted:	false
SSDEEP:	384:2nEa+wKw/hC4iziQiniqoicixiyaiiuijZKNiK/iC2Wy5JigilzuMWs6RGKn62xK:2nEVWtiaR4D/jpVay5Q9pB
MD5:	05185E3B76EFCA00318D103E4B2DD5A7
SHA1:	2A6B7C7A62CF6829E51169546EA70983ECA8D22E
SHA-256:	D69F0783887926120AD89711FB9C05632ACE969C5DABE188E60F3AC03B0D4636
SHA-512:	E791FEA91695C00C816C1B4B7840C4B903D7D5BFA67C30156EACDE613382661920201E6BBAEC530FBB4A5EF5DD53BF762171C51FC62A1E0488E261F4DC4B7AB7
Malicious:	false
Reputation:	low
URL:	https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001
Preview:	<!DOCTYPE html>.<html>..<head>...<meta charset="utf-8" />...<meta http-equiv="X-UA-Compatible" content="IE=edge" />...<meta....name="viewport"....content="width=device-width,initial-scale=1,maximum-scale=1,minimum-scale=1,user-scalable=no" />...<link rel="icon" href="./favicon.ico" />...<title>Unsubscribe</title>...<style>....* {.....box-sizing: border-box;.....font-family: PingFang SC, Microsoft YaHei, Avenir, Tahoma, Arial,......sans-serif;....}.....#app,....body,....html {.....-webkit-font-smoothing: antialiased;....}.....body,....html {.....-webkit-text-size-adjust: 100%;....}.....body,....dd,....dl,....dt,....fieldset,....form,....h1,....h2,....h3,....h4,....h5,....h6,....html,....img,....input,....legend,....li,....ol,....p,....select,....textarea,....ul {.....margin: 0;.....padding: 0;.....-webkit-tap-highlight-color: transparent;....}.....button,....fieldset,....img,....input {.....border: none;.....padding: 0;.....margin: 0;.....outline-style: none;....}.....#app {.....min-wid

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 15, 2025 16:28:56.731091022 CET	53	57286	1.1.1.1	192.168.2.6
Jan 15, 2025 16:28:56.732543945 CET	53	53075	1.1.1.1	192.168.2.6
Jan 15, 2025 16:28:57.762094975 CET	53	50369	1.1.1.1	192.168.2.6
Jan 15, 2025 16:28:59.567084074 CET	64274	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:28:59.567320108 CET	55818	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:28:59.573824883 CET	53	64274	1.1.1.1	192.168.2.6
Jan 15, 2025 16:28:59.574270010 CET	53	55818	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:01.753588915 CET	63905	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:01.753957033 CET	50439	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:01.762792110 CET	53	63905	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:01.763254881 CET	53	50439	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:02.627665997 CET	54935	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:02.627855062 CET	54557	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:03.051018953 CET	53	54935	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:03.227622032 CET	53	54557	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:03.826714993 CET	59558	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:03.837743044 CET	63970	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:04.390326023 CET	53	59558	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:04.390367985 CET	53	63970	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:04.439306974 CET	57422	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:04.439460993 CET	61471	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:04.862828016 CET	53	61471	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:05.397897959 CET	53	57422	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:10.899300098 CET	57858	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:10.899462938 CET	59284	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:10.906570911 CET	53	57858	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:10.958445072 CET	64127	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:10.958594084 CET	59188	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:11.185293913 CET	53	59284	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:11.248368979 CET	53	64127	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:11.514045954 CET	53	59188	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:12.192567110 CET	57002	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:12.192735910 CET	53134	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:12.193737030 CET	51825	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:12.193737984 CET	53181	53	192.168.2.6	1.1.1.1
Jan 15, 2025 16:29:12.200848103 CET	53	51825	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:12.405268908 CET	53	53134	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:12.483289003 CET	53	53181	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:12.612926006 CET	53	57002	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:14.776858091 CET	53	60499	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:33.639434099 CET	53	58337	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:56.243335962 CET	53	54936	1.1.1.1	192.168.2.6
Jan 15, 2025 16:29:56.367638111 CET	53	51213	1.1.1.1	192.168.2.6

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Jan 15, 2025 16:29:03.227745056 CET	192.168.2.6	1.1.1.1	c22c	(Port unreachable)	Destination Unreachable
Jan 15, 2025 16:29:11.185358047 CET	192.168.2.6	1.1.1.1	c23a	(Port unreachable)	Destination Unreachable
Jan 15, 2025 16:29:12.483431101 CET	192.168.2.6	1.1.1.1	c23a	(Port unreachable)	Destination Unreachable

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:28:57 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 78 67 34 64 65 57 4e 65 66 55 71 70 61 58 66 4c 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 66 30 34 38 65 32 66 62 62 36 66 34 63 62 33 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: xg4deWNefUqpaXfL.1Context: 3f048e2fbb6f4cb3
2025-01-15 15:28:57 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-15 15:28:57 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 78 67 34 64 65 57 4e 65 66 55 71 70 61 58 66 4c 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 66 30 34 38 65 32 66 62 62 36 66 34 63 62 33 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 48 6f 43 35 44 51 76 30 65 64 47 63 6a 74 33 31 74 37 34 53 6f 71 2b 2f 77 48 2f 2b 57 4f 41 62 4c 67 31 73 4f 37 64 6d 77 69 62 68 74 33 32 45 39 30 4c 4c 79 53 63 56 4d 6d 6a 6b 62 73 79 48 30 6b 78 61 52 38 6e 5a 50 4b 31 49 2f 4e 71 49 6b 78 59 30 57 62 65 46 6a 37 54 6f 31 44 70 37 72 6c 4f 6c 50 4f 62 69 58 37 55 58 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: xg4deWNefUqpaXfL.2Context: 3f048e2fbb6f4cb3<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaHoC5DQv0edGcjt31t74Soq+/wH/+WOAbLg1sO7dmwibht32E90LLyScVMmjkbsyH0kxaR8nZPK1I/NqIkxY0WbeFj7To1Dp7rlOlPObiX7UX
2025-01-15 15:28:57 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 78 67 34 64 65 57 4e 65 66 55 71 70 61 58 66 4c 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 66 30 34 38 65 32 66 62 62 36 66 34 63 62 33 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: xg4deWNefUqpaXfL.3Context: 3f048e2fbb6f4cb3<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-15 15:28:57 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-15 15:28:57 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 49 56 31 4d 63 6a 48 30 32 45 32 33 43 48 79 51 67 4d 62 50 4f 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: IV1McjH02E23CHyQgMbPOw.0Payload parsing failed.

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:02 UTC	1036	OUT	GET /ss/c/u001.7BTxB98bYe88lmQCKsz4HIUFNbf01nIu4ZcW2aaj0_pd-l6kidrn8FZ1e4mQuSvQbCCTviI-SCCVd1ROqf4SHYEvPXndfDx61afLByHPSZcFQrBthkk5rMcJkTcWcsh2Y-04Q7_JEfWcTBXPxGiRwnM6zn7lKLdtrKqrgIvHZ7-ZHGnbTg0RqOtmbRRIr4nTaTDT-FfA0-iHw8aKci1JA5ozJdj9jMCTsyvfXnsSI2VmtCNQJeZkVL3XN7Fq7YIcd_S1s_bwbouuhRGv2QcHaQ/4d5/eQm1NPMBQRmL486sFVGLLQ/h23/h001.SsZOuACjv5TImktMo-3w6vBgBU7odoj-WlNwWKGNCC0 HTTP/1.1 Host: u46572644.ct.sendgrid.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:02 UTC	389	IN	HTTP/1.1 302 Found Server: nginx Date: Wed, 15 Jan 2025 15:29:02 GMT Content-Type: text/html; charset=utf-8 Content-Length: 217 Connection: close Location: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001 X-Robots-Tag: noindex, nofollow
2025-01-15 15:29:02 UTC	217	IN	Data Raw: 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 72 2e 63 61 72 74 73 65 65 66 61 73 68 69 6f 6e 2e 63 6f 6d 2f 73 74 61 74 75 73 2f 75 6e 73 75 62 73 63 72 69 62 65 3f 63 6f 6e 74 65 6e 74 3d 75 69 75 45 4a 67 31 71 44 74 32 4d 4f 49 48 25 32 42 35 62 64 44 32 75 25 32 46 6f 5a 59 25 32 42 6b 36 6b 4c 72 44 74 7a 52 39 4b 53 25 32 46 63 39 47 25 32 46 76 57 51 6f 25 32 42 33 64 64 54 59 6f 33 77 6c 75 79 36 67 70 59 25 32 46 52 25 32 42 55 71 43 7a 71 6e 72 6c 46 68 77 44 47 44 65 6d 52 72 67 25 33 44 25 33 44 26 61 6d 70 3b 63 61 72 74 73 65 65 48 72 65 66 54 72 61 63 65 3d 31 30 30 30 31 22 3e 46 6f 75 6e 64 3c 2f 61 3e 2e 0a 0a Data Ascii: <a href="https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001">Found</a>.

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:03 UTC	824	OUT	GET /status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001 HTTP/1.1 Host: user.cartseefashion.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:03 UTC	278	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 15:29:03 GMT Content-Type: text/html Content-Length: 19830 Connection: close Last-Modified: Tue, 24 Sep 2024 02:37:48 GMT ETag: "66f225fc-4d76" Accept-Ranges: bytes Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-15 15:29:03 UTC	4096	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 09 09 3c 6d 65 74 61 0a 09 09 09 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 0a 09 09 09 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d Data Ascii: <!DOCTYPE html><html><head><meta charset="utf-8" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><metaname="viewport"content="width=device-width,initial-scale=1,maximum-scale=1,minimum-scale=1,user-scalable=no" /><link rel=
2025-01-15 15:29:03 UTC	4096	IN	Data Raw: 22 73 69 74 65 22 5d 29 20 7b 0a 09 09 09 09 09 66 64 2e 61 70 70 65 6e 64 28 22 73 69 74 65 22 2c 20 64 61 74 61 5b 22 73 69 74 65 22 5d 29 3b 0a 09 09 09 09 09 64 65 6c 65 74 65 20 64 61 74 61 2e 73 69 74 65 3b 0a 09 09 09 09 7d 0a 09 09 09 09 69 66 20 28 64 61 74 61 5b 22 72 75 22 5d 29 20 7b 0a 09 09 09 09 09 66 64 2e 61 70 70 65 6e 64 28 22 72 65 71 75 65 73 74 55 72 6c 22 2c 20 64 61 74 61 5b 22 72 75 22 5d 29 3b 0a 09 09 09 09 09 64 65 6c 65 74 65 20 64 61 74 61 2e 72 75 3b 0a 09 09 09 09 7d 0a 09 09 09 09 69 66 20 28 64 61 74 61 5b 22 65 6d 22 5d 29 20 7b 0a 09 09 09 09 09 66 64 2e 61 70 70 65 6e 64 28 22 72 65 61 73 6f 6e 22 2c 20 64 61 74 61 5b 22 65 6d 22 5d 29 3b 0a 09 09 09 09 09 64 65 6c 65 74 65 20 64 61 74 61 2e 65 6d 3b 0a 09 09 09 09 7d Data Ascii: "site"]) {fd.append("site", data["site"]);delete data.site;}if (data["ru"]) {fd.append("requestUrl", data["ru"]);delete data.ru;}if (data["em"]) {fd.append("reason", data["em"]);delete data.em;}
2025-01-15 15:29:03 UTC	4096	IN	Data Raw: 67 54 65 78 74 0a 09 09 09 09 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6f 6b 22 29 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 43 6f 6c 6f 72 20 3d 20 27 23 42 39 42 32 46 46 27 3b 0a 09 09 09 09 75 6e 73 75 62 73 63 72 69 62 65 49 6e 74 65 72 66 61 63 65 28 7b 20 63 6f 6e 74 65 6e 74 3a 20 67 65 74 43 6f 6e 74 65 6e 74 28 29 20 7d 29 0a 09 09 09 09 09 2e 74 68 65 6e 28 28 72 65 73 29 20 3d 3e 20 7b 0a 09 09 09 09 09 09 69 66 20 28 72 65 73 3f 2e 64 61 74 61 3f 2e 64 61 74 61 3f 2e 63 6f 6d 70 61 6e 79 49 64 20 3d 3d 20 22 31 37 33 22 29 20 7b 0a 09 09 09 09 09 09 09 63 6f 70 79 77 72 69 74 69 6e 67 2e 43 6f 70 79 77 72 69 74 69 6e 67 31 20 3d 0a 09 09 09 09 09 09 09 09 22 e3 83 a1 e3 83 bc e3 83 ab e3 83 9e e3 82 ac e3 82 b8 Data Ascii: gTextdocument.getElementById("ok").style.borderColor = '#B9B2FF';unsubscribeInterface({ content: getContent() }).then((res) => {if (res?.data?.data?.companyId == "173") {copywriting.Copywriting1 ="
2025-01-15 15:29:03 UTC	4096	IN	Data Raw: 69 63 6b 22 2c 20 28 29 20 3d 3e 20 7b 0a 09 09 09 09 09 09 72 65 73 75 62 73 63 72 69 62 65 49 6e 55 6e 6c 6f 61 64 28 29 3b 0a 09 09 09 09 09 7d 29 3b 0a 09 09 09 7d 3b 0a 0a 09 09 09 69 66 20 28 77 69 6e 64 6f 77 3f 2e 64 6f 63 75 6d 65 6e 74 3f 2e 62 6f 64 79 29 20 7b 0a 09 09 09 09 61 64 64 42 74 6e 48 61 6e 64 6c 65 28 29 3b 0a 09 09 09 7d 20 65 6c 73 65 20 7b 0a 09 09 09 09 6c 65 74 20 68 61 73 4c 69 73 74 65 6e 20 3d 20 66 61 6c 73 65 3b 0a 09 09 09 09 77 69 6e 64 6f 77 3f 2e 64 6f 63 75 6d 65 6e 74 3f 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 22 2c 20 28 65 76 65 6e 74 29 20 3d 3e 20 7b 0a 09 09 09 09 09 69 66 20 28 0a 09 09 09 09 09 09 65 76 65 6e 74 2e 74 61 72 67 65 74 2e 72 65 61 Data Ascii: ick", () => {resubscribeInUnload();});};if (window?.document?.body) {addBtnHandle();} else {let hasListen = false;window?.document?.addEventListener("readystatechange", (event) => {if (event.target.rea
2025-01-15 15:29:03 UTC	3446	IN	Data Raw: 72 6f 6b 65 3d 22 63 75 72 72 65 6e 74 43 6f 6c 6f 72 22 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 34 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 34 38 20 34 38 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 66 6f 63 75 73 61 62 6c 65 3d 22 66 61 6c 73 65 22 20 63 6c 61 73 73 3d 22 61 72 63 6f 2d 69 63 6f 6e 20 61 72 63 6f 2d 69 63 6f 6e 2d 6c 6f 61 64 69 6e 67 22 3e 3c 70 61 74 68 20 64 3d 22 4d 34 32 20 32 34 63 30 20 39 2e 39 34 31 2d 38 2e 30 35 39 20 31 38 2d 31 38 20 31 38 53 36 20 33 33 2e 39 34 31 20 36 20 32 34 20 31 34 2e 30 35 39 20 36 20 32 34 20 36 22 3e 3c 2f 70 61 74 68 3e 3c 2f 73 76 67 3e 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 3c 64 69 76 20 69 64 3d 22 62 75 74 74 6f 6e 49 64 22 20 73 74 79 6c 65 3d 22 6d 61 72 Data Ascii: roke="currentColor" stroke-width="4" viewBox="0 0 48 48" aria-hidden="true" focusable="false" class="arco-icon arco-icon-loading"><path d="M42 24c0 9.941-8.059 18-18 18S6 33.941 6 24 14.059 6 24 6"></path></svg></div><div id="buttonId" style="mar

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:04 UTC	710	OUT	GET /status/js/cartxLog.js HTTP/1.1 Host: user.cartseefashion.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:04 UTC	289	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 15:29:04 GMT Content-Type: application/javascript Content-Length: 3389 Connection: close Last-Modified: Tue, 24 Sep 2024 02:37:48 GMT ETag: "66f225fc-d3d" Accept-Ranges: bytes Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-15 15:29:04 UTC	3389	IN	Data Raw: 0a 2f 2a 2a 0a 20 2a 20 e6 96 b9 e6 b3 95 e5 ae 9e e7 8e b0 e9 87 8c ef bc 8c e9 9c 80 e8 a6 81 e6 8a 8a e8 83 bd e8 af bb e5 88 b0 e7 9a 84 e5 8f 82 e6 95 b0 e9 83 bd e8 af bb e5 87 ba e6 9d a5 ef bc 8c e4 b8 8a e6 8a a5 e5 b0 b1 e8 a6 81 e4 b8 8a e6 8a a5 e5 85 a8 e9 9d a2 ef bc 8c e6 9c 89 e5 88 a9 e4 ba 8e e5 88 86 e6 9e 90 e6 95 b0 e6 8d ae 0a 20 2a 20 40 70 61 72 61 6d 20 70 61 72 61 6d 73 20 e4 b8 8a e6 8a a5 e7 9a 84 e5 8f 82 e6 95 b0 0a 20 2a 2f 0a 63 6f 6e 73 74 20 6c 6f 67 54 6f 53 65 72 76 65 72 20 3d 20 28 70 61 72 61 6d 73 29 20 3d 3e 20 7b 0a 20 20 6c 65 74 20 64 61 74 61 20 3d 20 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 7b 64 61 74 65 3a 44 61 74 65 2e 6e 6f 77 28 29 7d 2c 20 70 61 72 61 6d 73 29 3b 0a 20 20 2f 2f 20 e6 b7 bb e5 8a a0 e5 Data Ascii: /** * * @param params */const logToServer = (params) => { let data = Object.assign({date:Date.now()}, params); //

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:04 UTC	709	OUT	GET /status/js/request.js HTTP/1.1 Host: user.cartseefashion.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:04 UTC	289	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 15:29:04 GMT Content-Type: application/javascript Content-Length: 3029 Connection: close Last-Modified: Tue, 24 Sep 2024 02:37:48 GMT ETag: "66f225fc-bd5" Accept-Ranges: bytes Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-15 15:29:04 UTC	3029	IN	Data Raw: 76 61 72 20 73 65 72 76 69 63 65 32 20 3d 20 61 78 69 6f 73 2e 63 72 65 61 74 65 28 7b 0a 20 20 62 61 73 65 55 52 4c 3a 20 27 68 74 74 70 73 3a 2f 2f 75 73 2d 73 65 72 76 69 63 65 2e 63 61 72 74 73 65 65 2d 66 72 6f 6d 2e 63 61 72 74 78 2e 63 6c 6f 75 64 27 2c 0a 20 20 2f 2f 20 62 61 73 65 55 52 4c 3a 27 68 74 74 70 73 3a 2f 2f 74 65 73 74 2d 73 65 72 76 69 63 65 2e 63 61 72 74 73 65 65 2d 66 6f 72 6d 2d 75 73 2e 63 61 72 74 78 2e 63 6c 6f 75 64 27 2c 0a 20 20 74 69 6d 65 6f 75 74 3a 20 31 32 30 30 30 30 2c 0a 7d 29 3b 0a 0a 73 65 72 76 69 63 65 32 2e 69 6e 74 65 72 63 65 70 74 6f 72 73 2e 72 65 71 75 65 73 74 2e 75 73 65 28 0a 20 20 28 63 6f 6e 66 69 67 29 20 3d 3e 20 7b 0a 20 20 20 20 63 6f 6e 66 69 67 2e 63 61 72 74 78 54 69 6d 65 20 3d 20 70 65 72 66 Data Ascii: var service2 = axios.create({ baseURL: 'https://us-service.cartsee-from.cartx.cloud', // baseURL:'https://test-service.cartsee-form-us.cartx.cloud', timeout: 120000,});service2.interceptors.request.use( (config) => { config.cartxTime = perf

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:05 UTC	777	OUT	GET /status/img/tuidingqueren.svg HTTP/1.1 Host: user.cartseefashion.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:05 UTC	282	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 15:29:05 GMT Content-Type: image/svg+xml Content-Length: 10570 Connection: close Last-Modified: Tue, 24 Sep 2024 02:37:48 GMT ETag: "66f225fc-294a" Accept-Ranges: bytes Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-15 15:29:05 UTC	4096	IN	Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 0a 3c 73 76 67 20 77 69 64 74 68 3d 22 32 33 30 70 78 22 20 68 65 69 67 68 74 3d 22 32 30 30 70 78 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 32 33 30 20 32 30 30 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 31 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 78 6d 6c 6e 73 3a 78 6c 69 6e 6b 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 6c 69 6e 6b 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e e7 8a b9 e8 b1 ab 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 67 20 69 64 3d 22 e9 a1 b5 e9 9d a2 2d 31 22 20 73 74 72 6f 6b 65 3d 22 6e 6f 6e 65 22 20 73 74 72 6f 6b 65 Data Ascii: <?xml version="1.0" encoding="UTF-8"?><svg width="230px" height="200px" viewBox="0 0 230 200" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> <title></title> <g id="-1" stroke="none" stroke
2025-01-15 15:29:05 UTC	4096	IN	Data Raw: 38 36 30 31 39 20 4c 36 34 2e 35 35 34 37 32 37 37 2c 33 34 2e 34 38 36 30 31 39 20 43 36 36 2e 34 39 32 31 34 34 35 2c 33 34 2e 34 38 36 30 31 39 20 36 38 2e 30 34 32 30 37 37 39 2c 33 36 2e 30 33 35 39 35 32 34 20 36 38 2e 30 34 32 30 37 37 39 2c 33 37 2e 39 37 33 33 36 39 32 20 4c 36 38 2e 30 34 32 30 37 37 39 2c 33 37 2e 39 37 33 33 36 39 32 20 43 36 38 2e 30 34 32 30 37 37 39 2c 33 39 2e 39 31 30 37 38 36 20 36 36 2e 34 39 32 31 34 34 35 2c 34 31 2e 34 36 30 37 31 39 35 20 36 34 2e 35 35 34 37 32 37 37 2c 34 31 2e 34 36 30 37 31 39 35 20 4c 32 30 2e 33 38 31 36 32 34 37 2c 34 31 2e 34 36 30 37 31 39 35 20 43 31 38 2e 34 34 34 32 30 37 39 2c 34 31 2e 34 36 30 37 31 39 35 20 31 36 2e 38 39 34 32 37 34 35 2c 33 39 2e 39 31 30 37 38 36 20 31 36 2e 38 39 Data Ascii: 86019 L64.5547277,34.486019 C66.4921445,34.486019 68.0420779,36.0359524 68.0420779,37.9733692 L68.0420779,37.9733692 C68.0420779,39.910786 66.4921445,41.4607195 64.5547277,41.4607195 L20.3816247,41.4607195 C18.4442079,41.4607195 16.8942745,39.910786 16.89
2025-01-15 15:29:05 UTC	2378	IN	Data Raw: 34 20 31 37 38 2e 33 37 38 34 32 39 22 3e 3c 2f 70 6f 6c 79 67 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 20 64 3d 22 4d 35 35 2e 30 32 32 36 33 37 31 2c 31 34 31 2e 31 30 32 35 32 39 20 4c 38 34 2e 34 37 31 33 37 32 34 2c 31 34 31 2e 31 30 32 35 32 39 20 43 38 36 2e 36 34 31 32 37 39 32 2c 31 34 31 2e 31 30 32 35 32 39 20 38 38 2e 33 34 36 32 30 36 2c 31 34 32 2e 38 30 37 34 35 36 20 38 38 2e 33 34 36 32 30 36 2c 31 34 34 2e 39 37 37 33 36 33 20 4c 38 38 2e 33 34 36 32 30 36 2c 31 34 34 2e 39 37 37 33 36 33 20 43 38 38 2e 33 34 36 32 30 36 2c 31 34 37 2e 31 34 37 32 37 20 38 36 2e 36 34 31 32 37 39 32 2c 31 34 38 2e 38 35 32 31 39 37 20 38 34 2e 34 37 31 33 37 32 34 2c 31 34 38 2e 38 35 32 31 39 37 20 4c 35 35 2e 30 32 32 Data Ascii: 4 178.378429"></polygon> <path d="M55.0226371,141.102529 L84.4713724,141.102529 C86.6412792,141.102529 88.346206,142.807456 88.346206,144.977363 L88.346206,144.977363 C88.346206,147.14727 86.6412792,148.852197 84.4713724,148.852197 L55.022

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:05 UTC	541	OUT	GET /cdn-js/axios.min.js HTTP/1.1 Host: app.cartsee.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://user.cartseefashion.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:10 UTC	620	IN	HTTP/1.1 200 OK Server: Tuser Content-Type: application/javascript Content-Length: 33621 Connection: close Vary: Accept-Encoding Date: Wed, 15 Jan 2025 15:29:10 GMT Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT Vary: Accept-Encoding ETag: "1dc09d84-8355" Accept-Ranges: bytes Via: cache19.l2fr1[3283,3283,200-0,M], cache8.l2fr1[3283,0], ens-cache2.de7[5336,5336,200-0,M], ens-cache8.de7[5339,0] Ali-Swift-Global-Savetime: 1736954950 X-Cache: MISS TCP_MISS dirn:-2:-2 X-Swift-SaveTime: Wed, 15 Jan 2025 15:29:10 GMT X-Swift-CacheTime: 86400 Timing-Allow-Origin: * EagleId: a3b5839c17369549453383229e
2025-01-15 15:29:10 UTC	15764	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 74 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 74 29 3a 28 65 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 65 7c 7c 73 65 6c 66 29 2e 61 78 69 6f 73 3d 74 28 29 7d 28 74 68 69 73 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 65 28 65 2c 74 29 7b 76 61 72 20 6e 3d 4f 62 6a Data Ascii: !function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e\|\|self).axios=t()}(this,(function(){"use strict";function e(e,t){var n=Obj
2025-01-15 15:29:10 UTC	16303	IN	Data Raw: 78 74 2f 70 6c 61 69 6e 2c 20 2a 2f 2a 22 2c 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 3a 76 6f 69 64 20 30 7d 7d 7d 3b 47 2e 66 6f 72 45 61 63 68 28 5b 22 64 65 6c 65 74 65 22 2c 22 67 65 74 22 2c 22 68 65 61 64 22 2c 22 70 6f 73 74 22 2c 22 70 75 74 22 2c 22 70 61 74 63 68 22 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 65 2e 68 65 61 64 65 72 73 5b 65 5d 3d 7b 7d 7d 29 29 3b 76 61 72 20 62 65 3d 76 65 2c 67 65 3d 47 2e 74 6f 4f 62 6a 65 63 74 53 65 74 28 5b 22 61 67 65 22 2c 22 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 22 2c 22 63 6f 6e 74 65 6e 74 2d 6c 65 6e 67 74 68 22 2c 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 2c 22 65 74 61 67 22 2c 22 65 78 70 69 72 65 73 22 2c 22 66 72 6f 6d 22 2c 22 68 6f 73 74 22 2c 22 69 66 2d 6d 6f 64 69 66 69 65 64 2d 73 Data Ascii: xt/plain, /","Content-Type":void 0}}};G.forEach(["delete","get","head","post","put","patch"],(function(e){ve.headers[e]={}}));var be=ve,ge=G.toObjectSet(["age","authorization","content-length","content-type","etag","expires","from","host","if-modified-s
2025-01-15 15:29:10 UTC	1554	IN	Data Raw: 74 68 6f 64 4e 6f 74 41 6c 6c 6f 77 65 64 3a 34 30 35 2c 4e 6f 74 41 63 63 65 70 74 61 62 6c 65 3a 34 30 36 2c 50 72 6f 78 79 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 52 65 71 75 69 72 65 64 3a 34 30 37 2c 52 65 71 75 65 73 74 54 69 6d 65 6f 75 74 3a 34 30 38 2c 43 6f 6e 66 6c 69 63 74 3a 34 30 39 2c 47 6f 6e 65 3a 34 31 30 2c 4c 65 6e 67 74 68 52 65 71 75 69 72 65 64 3a 34 31 31 2c 50 72 65 63 6f 6e 64 69 74 69 6f 6e 46 61 69 6c 65 64 3a 34 31 32 2c 50 61 79 6c 6f 61 64 54 6f 6f 4c 61 72 67 65 3a 34 31 33 2c 55 72 69 54 6f 6f 4c 6f 6e 67 3a 34 31 34 2c 55 6e 73 75 70 70 6f 72 74 65 64 4d 65 64 69 61 54 79 70 65 3a 34 31 35 2c 52 61 6e 67 65 4e 6f 74 53 61 74 69 73 66 69 61 62 6c 65 3a 34 31 36 2c 45 78 70 65 63 74 61 74 69 6f 6e 46 61 69 6c 65 64 3a 34 Data Ascii: thodNotAllowed:405,NotAcceptable:406,ProxyAuthenticationRequired:407,RequestTimeout:408,Conflict:409,Gone:410,LengthRequired:411,PreconditionFailed:412,PayloadTooLarge:413,UriTooLong:414,UnsupportedMediaType:415,RangeNotSatisfiable:416,ExpectationFailed:4

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:07 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 7a 43 36 2b 63 6f 48 6a 75 55 71 78 42 6e 6b 78 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 38 65 37 63 66 66 66 35 35 31 38 30 63 35 39 36 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: zC6+coHjuUqxBnkx.1Context: 8e7cfff55180c596
2025-01-15 15:29:07 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-15 15:29:07 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 7a 43 36 2b 63 6f 48 6a 75 55 71 78 42 6e 6b 78 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 38 65 37 63 66 66 66 35 35 31 38 30 63 35 39 36 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 48 6f 43 35 44 51 76 30 65 64 47 63 6a 74 33 31 74 37 34 53 6f 71 2b 2f 77 48 2f 2b 57 4f 41 62 4c 67 31 73 4f 37 64 6d 77 69 62 68 74 33 32 45 39 30 4c 4c 79 53 63 56 4d 6d 6a 6b 62 73 79 48 30 6b 78 61 52 38 6e 5a 50 4b 31 49 2f 4e 71 49 6b 78 59 30 57 62 65 46 6a 37 54 6f 31 44 70 37 72 6c 4f 6c 50 4f 62 69 58 37 55 58 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: zC6+coHjuUqxBnkx.2Context: 8e7cfff55180c596<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaHoC5DQv0edGcjt31t74Soq+/wH/+WOAbLg1sO7dmwibht32E90LLyScVMmjkbsyH0kxaR8nZPK1I/NqIkxY0WbeFj7To1Dp7rlOlPObiX7UX
2025-01-15 15:29:07 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 7a 43 36 2b 63 6f 48 6a 75 55 71 78 42 6e 6b 78 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 38 65 37 63 66 66 66 35 35 31 38 30 63 35 39 36 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: zC6+coHjuUqxBnkx.3Context: 8e7cfff55180c596<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-15 15:29:07 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-15 15:29:07 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 54 4d 5a 61 34 71 6b 45 6e 6b 6d 39 7a 6b 6b 39 38 79 63 63 64 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: TMZa4qkEnkm9zkk98yccdw.0Payload parsing failed.

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	10570
Entropy (8bit):	4.697194187654488
Encrypted:	false
SSDEEP:	192:z9fiMdN6iaVT+TxhGzTODeS0GDy2Ml/WB3ct1X2YSJZVwEh1n:htdE7+TTZOBBoVn
MD5:	509F4211B45CD3B483F47C1C5172367A
SHA1:	8A2AEDC17D641ED954CE3CF7CC8647A901C41977
SHA-256:	08889F6E5BBC891AAB29A81E462AD1315D518FB5E25EAC501C1F0CD166457BD1
SHA-512:	C9E9B640D4AB569E42EE5A667763A2E45B73C9289A32BB9ECB2259F1AA23D9B56F41296E5F6AC51B929FD625656B05C0FA392D1FE895A339E9043808D59713B7
Malicious:	false
Reputation:	low
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<svg width="230px" height="200px" viewBox="0 0 230 200" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">. <title>..</title>. <g id="..-1" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">. <g id="...." transform="translate(-609.000000, -298.000000)">. <g id=".." transform="translate(609.000000, 298.000000)">. <ellipse id="..." fill="#DCDEF5" cx="92.2210396" cy="176.750998" rx="92.2210396" ry="23.2490016"></ellipse>. <g id="..-2" transform="translate(162.148554, 62.111907) rotate(33.000000) translate(-162.148554, -62.111907) translate(106.029583, 24.496035)" fill="#DCDEF5">. <ellipse id="..._1_" transform="translate(62.386984, 66.700702) rotate(89.999871) translate(-62.386984, -66.700702) " cx="62.3869844" cy="66.7007018" rx="6.58721711" ry="25.9613851"></ellipse>.

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	20577
Entropy (8bit):	4.264290841583294
Encrypted:	false
SSDEEP:	384:iSJBF4Fe3BVwzxCpIQnxgMkmBcW+AOQmB2PNOk:DBF4mBS4pzFkWcWBW2PNOk
MD5:	96A897DB3272B20BCAC26C63360C659A
SHA1:	4B129034C7954991C75224A243C4CC7DDDC24AC5
SHA-256:	00A3B7E1EB3B8959CFC195AF6584424BC4A6D801E73CFEF72038F1ED5C5B352E
SHA-512:	4A2BEE70968AADF8249288086E5E73C0A3F3439AC1CDA224984A7B1657D798F246F26C56CF4E002A17FB7054E13ABF5DB9758CF8D93CCF51C87D29BE624F006F
Malicious:	false
Reputation:	low
URL:	https://user.cartseefashion.com/status/img/logo.svg
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<svg width="220px" height="190px" viewBox="0 0 220 190" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">. <title>undraw_mailbox_re_dvds</title>. <g id="......" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">. <g transform="translate(-610.000000, -92.000000)" fill-rule="nonzero" id="undraw_mailbox_re_dvds">. <g transform="translate(610.000000, 92.000000)">. <path d="M65.7113848,188.135443 C69.3008322,185.132061 71.4811162,180.387558 70.9093384,175.768763 C70.3375606,171.149969 66.796122,166.903881 62.2023982,165.923062 C57.6086743,164.942242 52.3721135,167.657311 50.9768431,172.100839 C50.2089612,163.533902 49.3241135,154.608007 44.724409,147.312457 C40.5594875,140.706514 33.345767,135.979705 25.5277276,135.134084 C17.7096881,134.288463 9.47829081,137.482284 4.60246356,143.592638 C-0.273363695,149.702992 -1.46718936,158.586175 1.94771497,1

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	20577
Entropy (8bit):	4.264290841583294
Encrypted:	false
SSDEEP:	384:iSJBF4Fe3BVwzxCpIQnxgMkmBcW+AOQmB2PNOk:DBF4mBS4pzFkWcWBW2PNOk
MD5:	96A897DB3272B20BCAC26C63360C659A
SHA1:	4B129034C7954991C75224A243C4CC7DDDC24AC5
SHA-256:	00A3B7E1EB3B8959CFC195AF6584424BC4A6D801E73CFEF72038F1ED5C5B352E
SHA-512:	4A2BEE70968AADF8249288086E5E73C0A3F3439AC1CDA224984A7B1657D798F246F26C56CF4E002A17FB7054E13ABF5DB9758CF8D93CCF51C87D29BE624F006F
Malicious:	false
Reputation:	low
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<svg width="220px" height="190px" viewBox="0 0 220 190" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">. <title>undraw_mailbox_re_dvds</title>. <g id="......" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">. <g transform="translate(-610.000000, -92.000000)" fill-rule="nonzero" id="undraw_mailbox_re_dvds">. <g transform="translate(610.000000, 92.000000)">. <path d="M65.7113848,188.135443 C69.3008322,185.132061 71.4811162,180.387558 70.9093384,175.768763 C70.3375606,171.149969 66.796122,166.903881 62.2023982,165.923062 C57.6086743,164.942242 52.3721135,167.657311 50.9768431,172.100839 C50.2089612,163.533902 49.3241135,154.608007 44.724409,147.312457 C40.5594875,140.706514 33.345767,135.979705 25.5277276,135.134084 C17.7096881,134.288463 9.47829081,137.482284 4.60246356,143.592638 C-0.273363695,149.702992 -1.46718936,158.586175 1.94771497,1

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:11 UTC	767	OUT	GET /status/favicon.ico HTTP/1.1 Host: user.cartseefashion.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:11 UTC	280	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 15:29:11 GMT Content-Type: image/x-icon Content-Length: 4286 Connection: close Last-Modified: Tue, 24 Sep 2024 02:37:48 GMT ETag: "66f225fc-10be" Accept-Ranges: bytes Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-15 15:29:11 UTC	4096	IN	Data Raw: 00 00 01 00 01 00 20 20 00 00 01 00 20 00 a8 10 00 00 16 00 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 80 80 02 ff 5d 6c 62 ff 5b 6c db ff 5c 6d 74 ff 80 80 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 5e 6f 3c ff 5c 6c cd ff 5b 6b ff ff 5b 6b ff ff Data Ascii: ( @ ]lb[l\mt^o<\l[k[k
2025-01-15 15:29:11 UTC	190	IN	Data Raw: 6d 74 ff 80 80 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff fe ff ff ff f8 3f ff ff e0 0f ff ff 80 03 ff ff 00 01 ff fc 00 00 7f f0 06 c0 1f e0 1e f0 07 c0 3e fc 07 c0 fe fe 07 c3 fe ff 87 c3 fe ff 87 c3 fe ff 87 c3 fe ff 9f c3 fe ff ff c3 fc 7f ff c3 f0 1f ff c3 e3 87 ff c3 8f e3 9f c2 1f f8 87 c0 7f fc 07 c1 ff ff 07 c0 ff ff 07 c0 7f fc 07 c0 1f f0 07 f0 07 c0 1f fc 01 80 7f ff 00 01 ff ff 80 03 ff ff e0 0f ff ff f8 3f ff ff fe ff ff Data Ascii: mt?>?

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:11 UTC	716	OUT	POST /cartsee/form/monitor/request HTTP/1.1 Host: us-service.cartsee-from.cartx.cloud Connection: keep-alive Content-Length: 736 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: multipart/form-data; boundary=----WebKitFormBoundary6PvAz3BA53VupkrR Accept: / Origin: https://user.cartseefashion.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://user.cartseefashion.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:11 UTC	736	OUT	Data Raw: 2d 2d 2d 2d 2d 2d 57 65 62 4b 69 74 46 6f 72 6d 42 6f 75 6e 64 61 72 79 36 50 76 41 7a 33 42 41 35 33 56 75 70 6b 72 52 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 73 69 74 65 22 0d 0a 0d 0a 68 74 74 70 73 3a 2f 2f 75 73 65 72 2e 63 61 72 74 73 65 65 66 61 73 68 69 6f 6e 2e 63 6f 6d 2f 73 74 61 74 75 73 2f 75 6e 73 75 62 73 63 72 69 62 65 3f 63 6f 6e 74 65 6e 74 3d 75 69 75 45 4a 67 31 71 44 74 32 4d 4f 49 48 25 32 42 35 62 64 44 32 75 25 32 46 6f 5a 59 25 32 42 6b 36 6b 4c 72 44 74 7a 52 39 4b 53 25 32 46 63 39 47 25 32 46 76 57 51 6f 25 32 42 33 64 64 54 59 6f 33 77 6c 75 79 36 67 70 59 25 32 46 52 25 32 42 55 71 43 7a 71 6e 72 6c 46 68 77 44 47 44 65 6d 52 72 67 25 33 44 25 33 Data Ascii: ------WebKitFormBoundary6PvAz3BA53VupkrRContent-Disposition: form-data; name="site"https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3
2025-01-15 15:29:11 UTC	334	IN	HTTP/1.1 200 Date: Wed, 15 Jan 2025 15:29:11 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding Access-Control-Allow-Origin: * X-Trace-Id: Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-15 15:29:11 UTC	66	IN	Data Raw: 33 63 0d 0a 7b 22 63 6f 64 65 22 3a 30 2c 22 6d 65 73 73 61 67 65 22 3a 22 73 75 63 63 65 73 73 22 2c 22 64 61 74 61 22 3a 74 72 75 65 2c 22 63 6f 73 74 22 3a 31 2e 32 32 33 32 39 45 2d 34 7d 0d 0a Data Ascii: 3c{"code":0,"message":"success","data":true,"cost":1.22329E-4}
2025-01-15 15:29:11 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:11 UTC	563	OUT	OPTIONS /cartsee/form/getCompanyInfo HTTP/1.1 Host: us-service.cartsee-from.cartx.cloud Connection: keep-alive Accept: / Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://user.cartseefashion.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Sec-Fetch-Dest: empty Referer: https://user.cartseefashion.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:11 UTC	357	IN	HTTP/1.1 200 Date: Wed, 15 Jan 2025 15:29:11 GMT Content-Length: 0 Connection: close Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST Access-Control-Allow-Headers: content-type Strict-Transport-Security: max-age=15724800; includeSubDomains

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:12 UTC	358	OUT	GET /cdn-js/axios.min.js HTTP/1.1 Host: app.cartsee.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:12 UTC	621	IN	HTTP/1.1 200 OK Server: Tuser Content-Type: application/javascript Content-Length: 33621 Connection: close Vary: Accept-Encoding Date: Wed, 15 Jan 2025 15:29:10 GMT Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT Vary: Accept-Encoding ETag: "1dc09d84-8355" Accept-Ranges: bytes Via: cache19.l2fr1[3283,3283,200-0,M], cache8.l2fr1[3283,0], ens-cache2.de7[0,0,200-0,H], ens-cache4.de7[1,0] Age: 2 Ali-Swift-Global-Savetime: 1736954950 X-Cache: HIT TCP_MEM_HIT dirn:-2:-2 X-Swift-SaveTime: Wed, 15 Jan 2025 15:29:10 GMT X-Swift-CacheTime: 86400 Timing-Allow-Origin: * EagleId: a3b5839817369549522521564e
2025-01-15 15:29:12 UTC	755	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 74 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 74 29 3a 28 65 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 65 7c 7c 73 65 6c 66 29 2e 61 78 69 6f 73 3d 74 28 29 7d 28 74 68 69 73 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 65 28 65 2c 74 29 7b 76 61 72 20 6e 3d 4f 62 6a Data Ascii: !function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e\|\|self).axios=t()}(this,(function(){"use strict";function e(e,t){var n=Obj
2025-01-15 15:29:12 UTC	16384	IN	Data Raw: 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 28 72 2c 65 29 29 7d 29 29 7d 72 65 74 75 72 6e 20 74 7d 66 75 6e 63 74 69 6f 6e 20 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 22 73 79 6d 62 6f 6c 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 3f 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 79 70 65 6f 66 20 65 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 53 79 6d 62 6f 6c 26 26 65 21 3d 3d 53 79 6d 62 6f 6c 2e 70 72 6f 74 6f 74 79 70 65 Data Ascii: Object.getOwnPropertyDescriptor(r,e))}))}return t}function n(e){return n="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype
2025-01-15 15:29:12 UTC	16384	IN	Data Raw: 2d 63 6f 6f 6b 69 65 22 3d 3d 3d 61 3f 63 5b 61 5d 3f 63 5b 61 5d 2e 70 75 73 68 28 73 29 3a 63 5b 61 5d 3d 5b 73 5d 3a 63 5b 61 5d 3d 63 5b 61 5d 3f 63 5b 61 5d 2b 22 2c 20 22 2b 73 3a 73 29 7d 29 29 2c 63 29 2c 74 29 3a 6e 75 6c 6c 21 3d 65 26 26 6f 28 74 2c 65 2c 6e 29 2c 74 68 69 73 7d 7d 2c 7b 6b 65 79 3a 22 67 65 74 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 65 3d 4f 65 28 65 29 29 7b 76 61 72 20 6e 3d 47 2e 66 69 6e 64 4b 65 79 28 74 68 69 73 2c 65 29 3b 69 66 28 6e 29 7b 76 61 72 20 72 3d 74 68 69 73 5b 6e 5d 3b 69 66 28 21 74 29 72 65 74 75 72 6e 20 72 3b 69 66 28 21 30 3d 3d 3d 74 29 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 2c 6e 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 Data Ascii: -cookie"===a?c[a]?c[a].push(s):c[a]=[s]:c[a]=c[a]?c[a]+", "+s:s)})),c),t):null!=e&&o(t,e,n),this}},{key:"get",value:function(e,t){if(e=Oe(e)){var n=G.findKey(this,e);if(n){var r=this[n];if(!t)return r;if(!0===t)return function(e){for(var t,n=Object.create
2025-01-15 15:29:12 UTC	98	IN	Data Raw: 2c 51 65 2e 67 65 74 41 64 61 70 74 65 72 3d 44 65 2c 51 65 2e 48 74 74 70 53 74 61 74 75 73 43 6f 64 65 3d 24 65 2c 51 65 2e 64 65 66 61 75 6c 74 3d 51 65 2c 51 65 7d 29 29 3b 0a 2f 2f 23 20 73 6f 75 72 63 65 4d 61 70 70 69 6e 67 55 52 4c 3d 61 78 69 6f 73 2e 6d 69 6e 2e 6a 73 2e 6d 61 70 0a Data Ascii: ,Qe.getAdapter=De,Qe.HttpStatusCode=$e,Qe.default=Qe,Qe}));//# sourceMappingURL=axios.min.js.map

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:12 UTC	690	OUT	POST /cartsee/form/getCompanyInfo HTTP/1.1 Host: us-service.cartsee-from.cartx.cloud Connection: keep-alive Content-Length: 102 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: application/json, text/plain, / Content-Type: application/json sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://user.cartseefashion.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://user.cartseefashion.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:12 UTC	102	OUT	Data Raw: 7b 22 63 6f 6e 74 65 6e 74 22 3a 22 75 69 75 45 4a 67 31 71 44 74 32 4d 4f 49 48 2b 35 62 64 44 32 75 2f 6f 5a 59 2b 6b 36 6b 4c 72 44 74 7a 52 39 4b 53 2f 63 39 47 2f 76 57 51 6f 2b 33 64 64 54 59 6f 33 77 6c 75 79 36 67 70 59 2f 52 2b 55 71 43 7a 71 6e 72 6c 46 68 77 44 47 44 65 6d 52 72 67 3d 3d 22 7d Data Ascii: {"content":"uiuEJg1qDt2MOIH+5bdD2u/oZY+k6kLrDtzR9KS/c9G/vWQo+3ddTYo3wluy6gpY/R+UqCzqnrlFhwDGDemRrg=="}
2025-01-15 15:29:12 UTC	334	IN	HTTP/1.1 200 Date: Wed, 15 Jan 2025 15:29:12 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding Access-Control-Allow-Origin: * X-Trace-Id: Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-15 15:29:12 UTC	159	IN	Data Raw: 39 39 0d 0a 7b 22 63 6f 64 65 22 3a 30 2c 22 6d 65 73 73 61 67 65 22 3a 22 73 75 63 63 65 73 73 22 2c 22 64 61 74 61 22 3a 7b 22 63 6f 6d 70 61 6e 79 49 64 22 3a 31 33 38 32 2c 22 73 69 74 65 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 6e 75 61 67 65 77 65 61 72 73 2e 63 6f 6d 2f 22 2c 22 6c 6f 67 6f 22 3a 22 22 2c 22 75 6e 73 75 62 73 63 72 69 62 65 50 61 67 65 4c 61 6e 67 75 61 67 65 22 3a 22 55 53 22 7d 2c 22 63 6f 73 74 22 3a 30 2e 30 30 38 31 30 32 32 31 32 7d 0d 0a Data Ascii: 99{"code":0,"message":"success","data":{"companyId":1382,"site":"https://www.nuagewears.com/","logo":"","unsubscribePageLanguage":"US"},"cost":0.008102212}
2025-01-15 15:29:12 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:12 UTC	386	OUT	GET /cartsee/form/getCompanyInfo HTTP/1.1 Host: us-service.cartsee-from.cartx.cloud Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:12 UTC	302	IN	HTTP/1.1 200 Date: Wed, 15 Jan 2025 15:29:12 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding X-Trace-Id: Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-15 15:29:12 UTC	363	IN	Data Raw: 31 36 34 0d 0a 7b 22 63 6f 64 65 22 3a 35 30 30 2c 22 6d 65 73 73 61 67 65 22 3a 22 6f 72 67 2e 73 70 72 69 6e 67 66 72 61 6d 65 77 6f 72 6b 2e 68 74 74 70 2e 63 6f 6e 76 65 72 74 65 72 2e 48 74 74 70 4d 65 73 73 61 67 65 4e 6f 74 52 65 61 64 61 62 6c 65 45 78 63 65 70 74 69 6f 6e 3a 20 52 65 71 75 69 72 65 64 20 72 65 71 75 65 73 74 20 62 6f 64 79 20 69 73 20 6d 69 73 73 69 6e 67 3a 20 70 75 62 6c 69 63 20 63 6f 6d 2e 63 61 72 74 78 2e 6d 61 72 74 65 63 68 2e 6d 61 72 73 2e 61 62 73 74 72 61 63 74 73 2e 42 61 73 65 52 65 73 70 6f 6e 73 65 3c 63 6f 6d 2e 61 6c 69 62 61 62 61 2e 66 61 73 74 6a 73 6f 6e 2e 4a 53 4f 4e 4f 62 6a 65 63 74 3e 20 63 6f 6d 2e 63 61 72 74 78 2e 6d 61 72 74 65 63 68 2e 63 61 72 74 73 65 65 2e 63 6f 6e 74 72 6f 6c 6c 65 72 2e 54 46 Data Ascii: 164{"code":500,"message":"org.springframework.http.converter.HttpMessageNotReadableException: Required request body is missing: public com.cartx.martech.mars.abstracts.BaseResponse<com.alibaba.fastjson.JSONObject> com.cartx.martech.cartsee.controller.TF
2025-01-15 15:29:12 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:13 UTC	697	OUT	POST /monitor/request HTTP/1.1 Host: 59b517704ce43f0f.cartx.cloud Connection: keep-alive Content-Length: 1295 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryvETBNWdy84jElbYs Accept: / Origin: https://user.cartseefashion.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://user.cartseefashion.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:13 UTC	1295	OUT	Data Raw: 2d 2d 2d 2d 2d 2d 57 65 62 4b 69 74 46 6f 72 6d 42 6f 75 6e 64 61 72 79 76 45 54 42 4e 57 64 79 38 34 6a 45 6c 62 59 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 73 69 74 65 22 0d 0a 0d 0a 68 74 74 70 73 3a 2f 2f 75 73 65 72 2e 63 61 72 74 73 65 65 66 61 73 68 69 6f 6e 2e 63 6f 6d 2f 73 74 61 74 75 73 2f 75 6e 73 75 62 73 63 72 69 62 65 3f 63 6f 6e 74 65 6e 74 3d 75 69 75 45 4a 67 31 71 44 74 32 4d 4f 49 48 25 32 42 35 62 64 44 32 75 25 32 46 6f 5a 59 25 32 42 6b 36 6b 4c 72 44 74 7a 52 39 4b 53 25 32 46 63 39 47 25 32 46 76 57 51 6f 25 32 42 33 64 64 54 59 6f 33 77 6c 75 79 36 67 70 59 25 32 46 52 25 32 42 55 71 43 7a 71 6e 72 6c 46 68 77 44 47 44 65 6d 52 72 67 25 33 44 25 33 Data Ascii: ------WebKitFormBoundaryvETBNWdy84jElbYsContent-Disposition: form-data; name="site"https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3
2025-01-15 15:29:14 UTC	310	IN	HTTP/1.1 200 OK Server: nginx/1.26.1 Date: Wed, 15 Jan 2025 15:29:14 GMT Content-Type: application/octet-stream Content-Length: 0 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE, PUT Access-Control-Allow-Headers: Content-Type, Authorization

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:22 UTC	560	OUT	OPTIONS /cartsee/form/unsubscribe HTTP/1.1 Host: us-service.cartsee-from.cartx.cloud Connection: keep-alive Accept: / Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://user.cartseefashion.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Sec-Fetch-Dest: empty Referer: https://user.cartseefashion.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:22 UTC	357	IN	HTTP/1.1 200 Date: Wed, 15 Jan 2025 15:29:22 GMT Content-Length: 0 Connection: close Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST Access-Control-Allow-Headers: content-type Strict-Transport-Security: max-age=15724800; includeSubDomains

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:22 UTC	768	OUT	GET /status/img/logo.svg HTTP/1.1 Host: user.cartseefashion.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:22 UTC	282	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 15:29:22 GMT Content-Type: image/svg+xml Content-Length: 20577 Connection: close Last-Modified: Tue, 24 Sep 2024 02:37:48 GMT ETag: "66f225fc-5061" Accept-Ranges: bytes Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-15 15:29:22 UTC	4096	IN	Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 0a 3c 73 76 67 20 77 69 64 74 68 3d 22 32 32 30 70 78 22 20 68 65 69 67 68 74 3d 22 31 39 30 70 78 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 32 32 30 20 31 39 30 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 31 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 78 6d 6c 6e 73 3a 78 6c 69 6e 6b 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 6c 69 6e 6b 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 75 6e 64 72 61 77 5f 6d 61 69 6c 62 6f 78 5f 72 65 5f 64 76 64 73 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 67 20 69 64 3d 22 e5 8f 96 e6 b6 88 e8 ae a2 e9 98 85 e5 bc Data Ascii: <?xml version="1.0" encoding="UTF-8"?><svg width="220px" height="190px" viewBox="0 0 220 190" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> <title>undraw_mailbox_re_dvds</title> <g id="
2025-01-15 15:29:22 UTC	4096	IN	Data Raw: 20 20 20 20 20 20 20 3c 70 61 74 68 20 64 3d 22 4d 37 38 2e 32 31 30 35 32 36 33 2c 38 30 20 43 37 34 2e 34 36 32 35 35 33 37 2c 37 39 2e 39 39 35 36 37 34 33 20 37 31 2e 34 32 35 32 37 34 35 2c 37 36 2e 38 38 33 36 36 35 39 20 37 31 2e 34 32 31 30 35 32 36 2c 37 33 2e 30 34 33 34 37 38 33 20 4c 37 31 2e 34 32 31 30 35 32 36 2c 32 33 2e 31 38 38 34 30 35 38 20 43 37 31 2e 34 32 30 33 37 30 38 2c 32 32 2e 35 34 38 33 36 35 33 20 37 30 2e 39 31 34 31 34 34 38 2c 32 32 2e 30 32 39 36 38 34 31 20 37 30 2e 32 38 39 34 37 33 37 2c 32 32 2e 30 32 38 39 38 35 35 20 4c 34 33 2e 38 38 35 39 36 34 39 2c 32 32 2e 30 32 38 39 38 35 35 20 43 34 32 2e 38 34 34 38 37 35 2c 32 32 2e 30 32 37 37 35 30 33 20 34 32 2e 30 30 31 32 30 35 36 2c 32 31 2e 31 36 33 33 32 33 32 20 Data Ascii: <path d="M78.2105263,80 C74.4625537,79.9956743 71.4252745,76.8836659 71.4210526,73.0434783 L71.4210526,23.1884058 C71.4203708,22.5483653 70.9141448,22.0296841 70.2894737,22.0289855 L43.8859649,22.0289855 C42.844875,22.0277503 42.0012056,21.1633232
2025-01-15 15:29:22 UTC	4096	IN	Data Raw: 31 36 2c 34 35 2e 38 34 39 39 36 33 36 20 31 35 37 2e 37 32 39 31 36 37 2c 34 37 2e 32 33 30 39 34 32 34 20 31 35 39 2e 30 34 38 30 38 31 2c 34 37 2e 34 39 32 33 34 38 35 20 4c 31 35 39 2e 30 34 38 30 38 31 2c 34 37 2e 34 39 32 33 37 33 39 20 5a 22 20 69 64 3d 22 e8 b7 af e5 be 84 22 20 66 69 6c 6c 3d 22 23 46 46 46 46 46 46 22 3e 3c 2f 70 61 74 68 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 20 64 3d 22 4d 31 35 36 2e 33 35 37 30 37 2c 35 34 2e 32 31 31 35 31 33 35 20 43 31 35 36 2e 37 35 36 30 37 34 2c 35 34 2e 39 35 32 34 38 39 37 20 31 35 37 2e 34 34 31 30 37 38 2c 35 35 2e 34 34 33 31 31 34 37 20 31 35 38 2e 32 30 39 37 34 33 2c 35 35 2e 35 33 38 34 36 34 36 20 4c 31 36 38 2e 30 35 36 33 32 31 2c 35 36 2e 37 35 38 31 38 35 32 Data Ascii: 16,45.8499636 157.729167,47.2309424 159.048081,47.4923485 L159.048081,47.4923739 Z" id="" fill="#FFFFFF"></path> <path d="M156.35707,54.2115135 C156.756074,54.9524897 157.441078,55.4431147 158.209743,55.5384646 L168.056321,56.7581852
2025-01-15 15:29:22 UTC	744	IN	Data Raw: 31 33 31 33 20 4c 31 36 35 2e 35 30 37 30 37 35 2c 37 31 2e 39 35 37 31 35 33 37 20 4c 31 35 35 2e 30 34 39 39 34 37 2c 36 39 2e 39 37 33 31 34 39 20 4c 31 35 34 2e 31 30 38 37 37 35 2c 37 30 2e 32 30 30 33 32 37 35 20 5a 20 4d 31 35 34 2e 31 30 38 37 37 35 2c 37 30 2e 32 30 30 33 32 37 35 20 4c 31 36 34 2e 35 36 35 39 30 33 2c 37 32 2e 31 38 34 33 33 36 20 4c 31 36 37 2e 39 30 35 37 31 38 2c 37 32 2e 38 31 38 34 38 39 37 20 43 31 36 38 2e 33 30 31 31 32 31 2c 37 32 2e 38 39 32 31 32 35 35 20 31 36 38 2e 37 30 39 32 33 32 2c 37 32 2e 37 39 33 36 32 30 38 20 31 36 39 2e 30 32 37 30 37 38 2c 37 32 2e 35 34 37 38 33 20 4c 31 37 31 2e 37 30 39 31 36 31 2c 37 30 2e 34 36 30 32 31 30 32 20 4c 31 37 30 2e 37 36 37 39 37 34 2c 37 30 2e 36 38 37 33 37 37 33 20 4c Data Ascii: 1313 L165.507075,71.9571537 L155.049947,69.973149 L154.108775,70.2003275 Z M154.108775,70.2003275 L164.565903,72.184336 L167.905718,72.8184897 C168.301121,72.8921255 168.709232,72.7936208 169.027078,72.54783 L171.709161,70.4602102 L170.767974,70.6873773 L
2025-01-15 15:29:22 UTC	4096	IN	Data Raw: 34 32 35 35 36 20 32 30 36 2e 37 35 31 37 38 39 2c 34 33 2e 30 30 31 30 36 33 37 20 43 32 30 36 2e 35 35 30 30 36 39 2c 34 33 2e 30 30 36 38 37 34 39 20 32 30 36 2e 33 35 32 33 37 31 2c 34 33 2e 30 35 38 37 32 37 35 20 32 30 36 2e 31 37 33 38 39 35 2c 34 33 2e 31 35 32 36 33 35 32 20 43 32 30 36 2e 30 39 31 34 37 34 2c 34 33 2e 31 39 31 36 32 38 31 20 32 30 36 2e 30 31 33 37 32 36 2c 34 33 2e 32 33 39 37 36 34 35 20 32 30 35 2e 39 34 32 31 32 36 2c 34 33 2e 32 39 36 31 33 31 36 20 4c 31 39 38 2e 39 33 33 2c 34 38 2e 37 35 33 30 37 34 20 4c 31 38 38 2e 37 35 33 36 34 31 2c 35 36 2e 36 38 31 31 36 35 39 20 4c 31 38 35 2e 33 34 33 34 36 2c 35 39 2e 33 33 37 30 34 30 33 20 4c 31 38 35 2e 33 34 34 31 35 35 2c 35 39 2e 33 33 39 38 39 38 32 20 4c 31 38 35 2e 33 Data Ascii: 42556 206.751789,43.0010637 C206.550069,43.0068749 206.352371,43.0587275 206.173895,43.1526352 C206.091474,43.1916281 206.013726,43.2397645 205.942126,43.2961316 L198.933,48.753074 L188.753641,56.6811659 L185.34346,59.3370403 L185.344155,59.3398982 L185.3
2025-01-15 15:29:22 UTC	3449	IN	Data Raw: 32 33 39 37 36 34 35 20 32 30 35 2e 39 34 32 31 32 36 2c 34 33 2e 32 39 36 31 33 31 36 20 4c 31 39 38 2e 39 33 33 2c 34 38 2e 37 35 33 30 37 34 20 4c 31 38 38 2e 37 35 33 36 34 31 2c 35 36 2e 36 38 31 31 36 35 39 20 4c 31 38 35 2e 33 34 33 34 36 2c 35 39 2e 33 33 37 30 34 30 33 20 4c 31 38 35 2e 33 34 34 31 35 35 2c 35 39 2e 33 33 39 38 39 38 32 20 4c 31 38 35 2e 33 34 31 32 32 2c 35 39 2e 33 34 30 36 30 36 20 4c 31 37 32 2e 38 33 35 33 37 36 2c 36 39 2e 30 37 34 32 31 38 38 20 4c 31 37 30 2e 37 36 37 39 38 31 2c 37 30 2e 36 38 37 33 37 33 35 20 4c 31 36 38 2e 37 38 31 31 33 39 2c 37 32 2e 32 33 32 37 37 31 39 20 43 31 36 38 2e 35 35 34 30 36 36 2c 37 32 2e 34 30 38 33 34 36 20 31 36 38 2e 32 36 32 35 32 33 2c 37 32 2e 34 37 38 37 31 34 36 20 31 36 37 2e Data Ascii: 2397645 205.942126,43.2961316 L198.933,48.753074 L188.753641,56.6811659 L185.34346,59.3370403 L185.344155,59.3398982 L185.34122,59.340606 L172.835376,69.0742188 L170.767981,70.6873735 L168.781139,72.2327719 C168.554066,72.408346 168.262523,72.4787146 167.

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:23 UTC	687	OUT	POST /cartsee/form/unsubscribe HTTP/1.1 Host: us-service.cartsee-from.cartx.cloud Connection: keep-alive Content-Length: 102 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: application/json, text/plain, / Content-Type: application/json sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://user.cartseefashion.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://user.cartseefashion.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:23 UTC	102	OUT	Data Raw: 7b 22 63 6f 6e 74 65 6e 74 22 3a 22 75 69 75 45 4a 67 31 71 44 74 32 4d 4f 49 48 2b 35 62 64 44 32 75 2f 6f 5a 59 2b 6b 36 6b 4c 72 44 74 7a 52 39 4b 53 2f 63 39 47 2f 76 57 51 6f 2b 33 64 64 54 59 6f 33 77 6c 75 79 36 67 70 59 2f 52 2b 55 71 43 7a 71 6e 72 6c 46 68 77 44 47 44 65 6d 52 72 67 3d 3d 22 7d Data Ascii: {"content":"uiuEJg1qDt2MOIH+5bdD2u/oZY+k6kLrDtzR9KS/c9G/vWQo+3ddTYo3wluy6gpY/R+UqCzqnrlFhwDGDemRrg=="}
2025-01-15 15:29:23 UTC	334	IN	HTTP/1.1 200 Date: Wed, 15 Jan 2025 15:29:23 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding Access-Control-Allow-Origin: * X-Trace-Id: Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-15 15:29:23 UTC	91	IN	Data Raw: 35 35 0d 0a 7b 22 63 6f 64 65 22 3a 30 2c 22 6d 65 73 73 61 67 65 22 3a 22 73 75 63 63 65 73 73 22 2c 22 64 61 74 61 22 3a 7b 22 63 6f 6d 70 61 6e 79 49 64 22 3a 31 33 38 32 2c 22 6c 6f 67 6f 22 3a 22 22 7d 2c 22 63 6f 73 74 22 3a 30 2e 30 30 32 39 30 31 36 33 33 7d 0d 0a Data Ascii: 55{"code":0,"message":"success","data":{"companyId":1382,"logo":""},"cost":0.002901633}
2025-01-15 15:29:23 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 58

Chrome Cache Entry: 59

Chrome Cache Entry: 60

Chrome Cache Entry: 61

Chrome Cache Entry: 62

Chrome Cache Entry: 63

Chrome Cache Entry: 64

Chrome Cache Entry: 65

Chrome Cache Entry: 66

Chrome Cache Entry: 67

Chrome Cache Entry: 68

Chrome Cache Entry: 69

Chrome Cache Entry: 70

Chrome Cache Entry: 71

Chrome Cache Entry: 72

Chrome Cache Entry: 73

Chrome Cache Entry: 74

Static File Info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

ICMP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTPS Proxied Packets

Statistics

CPU Usage

Memory Usage

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:23 UTC	383	OUT	GET /cartsee/form/unsubscribe HTTP/1.1 Host: us-service.cartsee-from.cartx.cloud Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:23 UTC	302	IN	HTTP/1.1 200 Date: Wed, 15 Jan 2025 15:29:23 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding X-Trace-Id: Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-15 15:29:23 UTC	351	IN	Data Raw: 31 35 38 0d 0a 7b 22 63 6f 64 65 22 3a 35 30 30 2c 22 6d 65 73 73 61 67 65 22 3a 22 6f 72 67 2e 73 70 72 69 6e 67 66 72 61 6d 65 77 6f 72 6b 2e 68 74 74 70 2e 63 6f 6e 76 65 72 74 65 72 2e 48 74 74 70 4d 65 73 73 61 67 65 4e 6f 74 52 65 61 64 61 62 6c 65 45 78 63 65 70 74 69 6f 6e 3a 20 52 65 71 75 69 72 65 64 20 72 65 71 75 65 73 74 20 62 6f 64 79 20 69 73 20 6d 69 73 73 69 6e 67 3a 20 70 75 62 6c 69 63 20 63 6f 6d 2e 63 61 72 74 78 2e 6d 61 72 74 65 63 68 2e 6d 61 72 73 2e 61 62 73 74 72 61 63 74 73 2e 42 61 73 65 52 65 73 70 6f 6e 73 65 3c 63 6f 6d 2e 61 6c 69 62 61 62 61 2e 66 61 73 74 6a 73 6f 6e 2e 4a 53 4f 4e 4f 62 6a 65 63 74 3e 20 63 6f 6d 2e 63 61 72 74 78 2e 6d 61 72 74 65 63 68 2e 63 61 72 74 73 65 65 2e 63 6f 6e 74 72 6f 6c 6c 65 72 2e 54 46 Data Ascii: 158{"code":500,"message":"org.springframework.http.converter.HttpMessageNotReadableException: Required request body is missing: public com.cartx.martech.mars.abstracts.BaseResponse<com.alibaba.fastjson.JSONObject> com.cartx.martech.cartsee.controller.TF
2025-01-15 15:29:23 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:26 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 4a 34 4a 63 69 69 30 6b 46 30 71 4e 70 42 54 71 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 35 66 35 65 64 37 63 30 61 39 35 35 64 34 37 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: J4Jcii0kF0qNpBTq.1Context: 45f5ed7c0a955d47
2025-01-15 15:29:26 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-15 15:29:26 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 4a 34 4a 63 69 69 30 6b 46 30 71 4e 70 42 54 71 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 35 66 35 65 64 37 63 30 61 39 35 35 64 34 37 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 48 6f 43 35 44 51 76 30 65 64 47 63 6a 74 33 31 74 37 34 53 6f 71 2b 2f 77 48 2f 2b 57 4f 41 62 4c 67 31 73 4f 37 64 6d 77 69 62 68 74 33 32 45 39 30 4c 4c 79 53 63 56 4d 6d 6a 6b 62 73 79 48 30 6b 78 61 52 38 6e 5a 50 4b 31 49 2f 4e 71 49 6b 78 59 30 57 62 65 46 6a 37 54 6f 31 44 70 37 72 6c 4f 6c 50 4f 62 69 58 37 55 58 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: J4Jcii0kF0qNpBTq.2Context: 45f5ed7c0a955d47<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaHoC5DQv0edGcjt31t74Soq+/wH/+WOAbLg1sO7dmwibht32E90LLyScVMmjkbsyH0kxaR8nZPK1I/NqIkxY0WbeFj7To1Dp7rlOlPObiX7UX
2025-01-15 15:29:26 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 4a 34 4a 63 69 69 30 6b 46 30 71 4e 70 42 54 71 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 35 66 35 65 64 37 63 30 61 39 35 35 64 34 37 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: J4Jcii0kF0qNpBTq.3Context: 45f5ed7c0a955d47<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-15 15:29:26 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-15 15:29:26 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 53 2f 62 6f 70 53 50 4e 52 6b 79 31 74 38 44 64 61 58 49 56 52 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: S/bopSPNRky1t8DdaXIVRA.0Payload parsing failed.

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:27 UTC	697	OUT	POST /monitor/request HTTP/1.1 Host: 59b517704ce43f0f.cartx.cloud Connection: keep-alive Content-Length: 1289 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryfVOEynlvgIoOHAoy Accept: / Origin: https://user.cartseefashion.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://user.cartseefashion.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:27 UTC	1289	OUT	Data Raw: 2d 2d 2d 2d 2d 2d 57 65 62 4b 69 74 46 6f 72 6d 42 6f 75 6e 64 61 72 79 66 56 4f 45 79 6e 6c 76 67 49 6f 4f 48 41 6f 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 73 69 74 65 22 0d 0a 0d 0a 68 74 74 70 73 3a 2f 2f 75 73 65 72 2e 63 61 72 74 73 65 65 66 61 73 68 69 6f 6e 2e 63 6f 6d 2f 73 74 61 74 75 73 2f 75 6e 73 75 62 73 63 72 69 62 65 3f 63 6f 6e 74 65 6e 74 3d 75 69 75 45 4a 67 31 71 44 74 32 4d 4f 49 48 25 32 42 35 62 64 44 32 75 25 32 46 6f 5a 59 25 32 42 6b 36 6b 4c 72 44 74 7a 52 39 4b 53 25 32 46 63 39 47 25 32 46 76 57 51 6f 25 32 42 33 64 64 54 59 6f 33 77 6c 75 79 36 67 70 59 25 32 46 52 25 32 42 55 71 43 7a 71 6e 72 6c 46 68 77 44 47 44 65 6d 52 72 67 25 33 44 25 33 Data Ascii: ------WebKitFormBoundaryfVOEynlvgIoOHAoyContent-Disposition: form-data; name="site"https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3
2025-01-15 15:29:27 UTC	310	IN	HTTP/1.1 200 OK Server: nginx/1.26.1 Date: Wed, 15 Jan 2025 15:29:27 GMT Content-Type: application/octet-stream Content-Length: 0 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE, PUT Access-Control-Allow-Headers: Content-Type, Authorization

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:34 UTC	1018	OUT	GET /status/resubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&lange=US HTTP/1.1 Host: user.cartseefashion.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://user.cartseefashion.com/status/unsubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3D&cartseeHrefTrace=10001 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:34 UTC	277	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 15:29:34 GMT Content-Type: text/html Content-Length: 5743 Connection: close Last-Modified: Tue, 24 Sep 2024 02:37:48 GMT ETag: "66f225fc-166f" Accept-Ranges: bytes Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-15 15:29:34 UTC	4096	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 09 09 3c 6d 65 74 61 0a 09 09 09 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 0a 09 09 09 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d Data Ascii: <!DOCTYPE html><html><head><meta charset="utf-8" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><metaname="viewport"content="width=device-width,initial-scale=1,maximum-scale=1,minimum-scale=1,user-scalable=no" /><link rel=
2025-01-15 15:29:34 UTC	1647	IN	Data Raw: 28 6c 61 6e 67 65 20 3d 3d 3d 20 27 53 45 27 29 7b 0a 09 09 09 09 09 09 09 09 09 72 65 73 75 62 54 65 73 74 20 3d 20 60 44 75 20 68 61 72 20 70 72 65 6e 75 6d 65 72 65 72 61 74 73 20 70 c3 a5 20 6e 79 74 74 2e 60 0a 09 09 09 09 09 09 09 09 09 75 62 54 65 73 74 20 3d 20 60 44 75 20 68 61 72 20 66 72 61 6d 67 c3 a5 6e 67 73 72 69 6b 74 20 70 72 65 6e 75 6d 65 72 65 72 61 74 2e 60 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 09 69 66 28 21 6c 61 6e 67 65 29 7b 0a 09 09 09 09 09 09 09 09 09 72 65 73 75 62 54 65 73 74 20 3d 20 60 59 6f 75 27 76 65 20 73 75 63 63 65 73 73 66 75 6c 6c 79 20 62 65 65 6e 20 72 65 73 75 62 73 63 72 69 62 65 64 2e 60 0a 09 09 09 09 09 09 09 09 09 75 62 54 65 73 74 20 3d 20 60 59 6f 75 27 76 65 20 73 75 63 63 65 73 73 66 75 Data Ascii: (lange === 'SE'){resubTest = `Du har prenumererats p nytt.`ubTest = `Du har framgngsrikt prenumererat.`}if(!lange){resubTest = `You've successfully been resubscribed.`ubTest = `You've successfu

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:35 UTC	558	OUT	OPTIONS /cartsee/form/subscribe HTTP/1.1 Host: us-service.cartsee-from.cartx.cloud Connection: keep-alive Accept: / Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://user.cartseefashion.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Sec-Fetch-Dest: empty Referer: https://user.cartseefashion.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:35 UTC	357	IN	HTTP/1.1 200 Date: Wed, 15 Jan 2025 15:29:35 GMT Content-Length: 0 Connection: close Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST Access-Control-Allow-Headers: content-type Strict-Transport-Security: max-age=15724800; includeSubDomains

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:35 UTC	685	OUT	POST /cartsee/form/subscribe HTTP/1.1 Host: us-service.cartsee-from.cartx.cloud Connection: keep-alive Content-Length: 102 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: application/json, text/plain, / Content-Type: application/json sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://user.cartseefashion.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://user.cartseefashion.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:35 UTC	102	OUT	Data Raw: 7b 22 63 6f 6e 74 65 6e 74 22 3a 22 75 69 75 45 4a 67 31 71 44 74 32 4d 4f 49 48 2b 35 62 64 44 32 75 2f 6f 5a 59 2b 6b 36 6b 4c 72 44 74 7a 52 39 4b 53 2f 63 39 47 2f 76 57 51 6f 2b 33 64 64 54 59 6f 33 77 6c 75 79 36 67 70 59 2f 52 2b 55 71 43 7a 71 6e 72 6c 46 68 77 44 47 44 65 6d 52 72 67 3d 3d 22 7d Data Ascii: {"content":"uiuEJg1qDt2MOIH+5bdD2u/oZY+k6kLrDtzR9KS/c9G/vWQo+3ddTYo3wluy6gpY/R+UqCzqnrlFhwDGDemRrg=="}
2025-01-15 15:29:35 UTC	334	IN	HTTP/1.1 200 Date: Wed, 15 Jan 2025 15:29:35 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding Access-Control-Allow-Origin: * X-Trace-Id: Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-15 15:29:35 UTC	91	IN	Data Raw: 35 35 0d 0a 7b 22 63 6f 64 65 22 3a 30 2c 22 6d 65 73 73 61 67 65 22 3a 22 73 75 63 63 65 73 73 22 2c 22 64 61 74 61 22 3a 7b 22 63 6f 6d 70 61 6e 79 49 64 22 3a 31 33 38 32 2c 22 6c 6f 67 6f 22 3a 22 22 7d 2c 22 63 6f 73 74 22 3a 30 2e 30 30 32 34 38 33 39 39 31 7d 0d 0a Data Ascii: 55{"code":0,"message":"success","data":{"companyId":1382,"logo":""},"cost":0.002483991}
2025-01-15 15:29:35 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:36 UTC	381	OUT	GET /cartsee/form/subscribe HTTP/1.1 Host: us-service.cartsee-from.cartx.cloud Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:36 UTC	302	IN	HTTP/1.1 200 Date: Wed, 15 Jan 2025 15:29:36 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding X-Trace-Id: Strict-Transport-Security: max-age=15724800; includeSubDomains
2025-01-15 15:29:36 UTC	349	IN	Data Raw: 31 35 36 0d 0a 7b 22 63 6f 64 65 22 3a 35 30 30 2c 22 6d 65 73 73 61 67 65 22 3a 22 6f 72 67 2e 73 70 72 69 6e 67 66 72 61 6d 65 77 6f 72 6b 2e 68 74 74 70 2e 63 6f 6e 76 65 72 74 65 72 2e 48 74 74 70 4d 65 73 73 61 67 65 4e 6f 74 52 65 61 64 61 62 6c 65 45 78 63 65 70 74 69 6f 6e 3a 20 52 65 71 75 69 72 65 64 20 72 65 71 75 65 73 74 20 62 6f 64 79 20 69 73 20 6d 69 73 73 69 6e 67 3a 20 70 75 62 6c 69 63 20 63 6f 6d 2e 63 61 72 74 78 2e 6d 61 72 74 65 63 68 2e 6d 61 72 73 2e 61 62 73 74 72 61 63 74 73 2e 42 61 73 65 52 65 73 70 6f 6e 73 65 3c 63 6f 6d 2e 61 6c 69 62 61 62 61 2e 66 61 73 74 6a 73 6f 6e 2e 4a 53 4f 4e 4f 62 6a 65 63 74 3e 20 63 6f 6d 2e 63 61 72 74 78 2e 6d 61 72 74 65 63 68 2e 63 61 72 74 73 65 65 2e 63 6f 6e 74 72 6f 6c 6c 65 72 2e 54 46 Data Ascii: 156{"code":500,"message":"org.springframework.http.converter.HttpMessageNotReadableException: Required request body is missing: public com.cartx.martech.mars.abstracts.BaseResponse<com.alibaba.fastjson.JSONObject> com.cartx.martech.cartsee.controller.TF
2025-01-15 15:29:36 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:37 UTC	697	OUT	POST /monitor/request HTTP/1.1 Host: 59b517704ce43f0f.cartx.cloud Connection: keep-alive Content-Length: 1271 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: multipart/form-data; boundary=----WebKitFormBoundarywNqXR82bxOXXEnMX Accept: / Origin: https://user.cartseefashion.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://user.cartseefashion.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 15:29:37 UTC	1271	OUT	Data Raw: 2d 2d 2d 2d 2d 2d 57 65 62 4b 69 74 46 6f 72 6d 42 6f 75 6e 64 61 72 79 77 4e 71 58 52 38 32 62 78 4f 58 58 45 6e 4d 58 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 73 69 74 65 22 0d 0a 0d 0a 68 74 74 70 73 3a 2f 2f 75 73 65 72 2e 63 61 72 74 73 65 65 66 61 73 68 69 6f 6e 2e 63 6f 6d 2f 73 74 61 74 75 73 2f 72 65 73 75 62 73 63 72 69 62 65 3f 63 6f 6e 74 65 6e 74 3d 75 69 75 45 4a 67 31 71 44 74 32 4d 4f 49 48 25 32 42 35 62 64 44 32 75 25 32 46 6f 5a 59 25 32 42 6b 36 6b 4c 72 44 74 7a 52 39 4b 53 25 32 46 63 39 47 25 32 46 76 57 51 6f 25 32 42 33 64 64 54 59 6f 33 77 6c 75 79 36 67 70 59 25 32 46 52 25 32 42 55 71 43 7a 71 6e 72 6c 46 68 77 44 47 44 65 6d 52 72 67 25 33 44 25 33 Data Ascii: ------WebKitFormBoundarywNqXR82bxOXXEnMXContent-Disposition: form-data; name="site"https://user.cartseefashion.com/status/resubscribe?content=uiuEJg1qDt2MOIH%2B5bdD2u%2FoZY%2Bk6kLrDtzR9KS%2Fc9G%2FvWQo%2B3ddTYo3wluy6gpY%2FR%2BUqCzqnrlFhwDGDemRrg%3D%3
2025-01-15 15:29:37 UTC	310	IN	HTTP/1.1 200 OK Server: nginx/1.26.1 Date: Wed, 15 Jan 2025 15:29:37 GMT Content-Type: application/octet-stream Content-Length: 0 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE, PUT Access-Control-Allow-Headers: Content-Type, Authorization

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:29:51 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 31 56 57 4a 7a 55 69 53 46 30 71 44 6a 73 79 64 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 38 66 61 62 31 33 39 34 61 35 65 65 33 30 62 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: 1VWJzUiSF0qDjsyd.1Context: 58fab1394a5ee30b
2025-01-15 15:29:51 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-15 15:29:51 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 31 56 57 4a 7a 55 69 53 46 30 71 44 6a 73 79 64 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 38 66 61 62 31 33 39 34 61 35 65 65 33 30 62 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 48 6f 43 35 44 51 76 30 65 64 47 63 6a 74 33 31 74 37 34 53 6f 71 2b 2f 77 48 2f 2b 57 4f 41 62 4c 67 31 73 4f 37 64 6d 77 69 62 68 74 33 32 45 39 30 4c 4c 79 53 63 56 4d 6d 6a 6b 62 73 79 48 30 6b 78 61 52 38 6e 5a 50 4b 31 49 2f 4e 71 49 6b 78 59 30 57 62 65 46 6a 37 54 6f 31 44 70 37 72 6c 4f 6c 50 4f 62 69 58 37 55 58 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: 1VWJzUiSF0qDjsyd.2Context: 58fab1394a5ee30b<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaHoC5DQv0edGcjt31t74Soq+/wH/+WOAbLg1sO7dmwibht32E90LLyScVMmjkbsyH0kxaR8nZPK1I/NqIkxY0WbeFj7To1Dp7rlOlPObiX7UX
2025-01-15 15:29:51 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 31 56 57 4a 7a 55 69 53 46 30 71 44 6a 73 79 64 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 38 66 61 62 31 33 39 34 61 35 65 65 33 30 62 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: 1VWJzUiSF0qDjsyd.3Context: 58fab1394a5ee30b<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-15 15:29:51 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-15 15:29:51 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 70 7a 68 75 49 30 6b 6e 34 6b 71 5a 66 61 43 36 6b 30 48 76 6e 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: pzhuI0kn4kqZfaC6k0HvnA.0Payload parsing failed.

Timestamp	Bytes transferred	Direction	Data
2025-01-15 15:30:19 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 4a 6c 32 57 75 43 75 2f 2b 6b 65 45 4a 56 63 42 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 36 62 39 37 31 62 63 64 32 39 66 35 65 37 34 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: Jl2WuCu/+keEJVcB.1Context: 96b971bcd29f5e74
2025-01-15 15:30:19 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-15 15:30:19 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 4a 6c 32 57 75 43 75 2f 2b 6b 65 45 4a 56 63 42 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 36 62 39 37 31 62 63 64 32 39 66 35 65 37 34 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 61 48 6f 43 35 44 51 76 30 65 64 47 63 6a 74 33 31 74 37 34 53 6f 71 2b 2f 77 48 2f 2b 57 4f 41 62 4c 67 31 73 4f 37 64 6d 77 69 62 68 74 33 32 45 39 30 4c 4c 79 53 63 56 4d 6d 6a 6b 62 73 79 48 30 6b 78 61 52 38 6e 5a 50 4b 31 49 2f 4e 71 49 6b 78 59 30 57 62 65 46 6a 37 54 6f 31 44 70 37 72 6c 4f 6c 50 4f 62 69 58 37 55 58 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: Jl2WuCu/+keEJVcB.2Context: 96b971bcd29f5e74<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAaHoC5DQv0edGcjt31t74Soq+/wH/+WOAbLg1sO7dmwibht32E90LLyScVMmjkbsyH0kxaR8nZPK1I/NqIkxY0WbeFj7To1Dp7rlOlPObiX7UX
2025-01-15 15:30:19 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 4a 6c 32 57 75 43 75 2f 2b 6b 65 45 4a 56 63 42 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 36 62 39 37 31 62 63 64 32 39 66 35 65 37 34 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: Jl2WuCu/+keEJVcB.3Context: 96b971bcd29f5e74<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-15 15:30:19 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-15 15:30:19 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 79 48 75 2f 50 4e 4c 50 4a 45 53 55 6d 67 2f 37 30 33 6c 76 5a 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: yHu/PNLPJESUmg/703lvZg.0Payload parsing failed.