Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://sender-004.cafe24.com/filter/

Overview

General Information

Sample URL:http://sender-004.cafe24.com/filter/
Analysis ID:1430948
Infos:

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 6696 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6508 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 --field-trial-handle=2228,i,3603984539344197173,3474500485459397694,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 3948 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://sender-004.cafe24.com/filter/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: http://sender-004.cafe24.com/filter/HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49730 version: TLS 1.0
Source: unknownHTTPS traffic detected: 23.3.84.131:443 -> 192.168.2.5:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.3.84.131:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49730 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.3.84.131
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /filter/ HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /css/body.css HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,*/*;q=0.1Referer: http://sender-004.cafe24.com/filter/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /image/error/error.gif HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://sender-004.cafe24.com/filter/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /image/error/line01.gif HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://sender-004.cafe24.com/filter/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /image/error/error_adress.gif HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://sender-004.cafe24.com/filter/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /image/error/botton_home.gif HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://sender-004.cafe24.com/filter/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /image/error/copyright02.gif HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://sender-004.cafe24.com/filter/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /image/error/bg01.gif HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://sender-004.cafe24.com/filter/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /image/error/error.gif HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /image/error/line01.gif HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /image/error/botton_home.gif HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://sender-004.cafe24.com/filter/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /image/error/error_adress.gif HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /image/error/copyright02.gif HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /image/error/bg01.gif HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /index.html HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/login.jsp HTTP/1.1Host: sender-004.cafe24.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Referer: http://sender-004.cafe24.com/index.htmlAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: unknownDNS traffic detected: queries for: sender-004.cafe24.com
Source: unknownHTTP traffic detected: POST /threshold/xls.aspx HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHContent-type: text/xmlX-Agent-DeviceId: 01000A410900D492X-BM-CBT: 1696428841X-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x984X-BM-DeviceDimensionsLogical: 784x984X-BM-DeviceScale: 100X-BM-DTZ: 120X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66EX-Device-ClientSession: DB0AFB19004F47BC80E5208C7478FF22X-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A410900D492X-MSEdge-ExternalExp: d-thshld39,d-thshld42,d-thshld77,d-thshld78,staticshX-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comContent-Length: 2484Connection: Keep-AliveCache-Control: no-cacheCookie: MUID=2F4E96DB8B7049E59AD4484C3C00F7CF; _SS=SID=1A6DEABB468B65843EB5F91B47916435&CPID=1713953692707&AC=1&CPH=d1a4eb75; _EDGE_S=SID=1A6DEABB468B65843EB5F91B47916435; SRCHUID=V=2&GUID=3D32B8AC657C4AD781A584E283227995&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20231004; SRCHHPGUSR=SRCHLANG=en&IPMH=986d886c&IPMID=1696428841029&HV=1696428756; CortanaAppUID=5A290E2CC4B523E2D8B5E2E3E4CB7CB7; MUIDB=2F4E96DB8B7049E59AD4484C3C00F7CF
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: Resin/2.1.16Cache-Control: no-cacheExpires: Thu, 01 Dec 1994 16:00:00 GMTContent-Type: text/html;charset=euc-krContent-Length: 3709Date: Wed, 24 Apr 2024 10:15:07 GMTData Raw: 0d 0a 3c 48 54 4d 4c 3e 0d 0a 3c 48 45 41 44 3e 0d 0a 0d 0a 3c 74 69 74 6c 65 3e 54 68 75 6e 64 65 72 4d 61 69 6c 34 2e 35 3c 2f 74 69 74 6c 65 3e 0d 0a 0d 0a 3c 4d 45 54 41 20 68 74 74 70 2d 65 71 75 69 76 3d 43 6f 6e 74 65 6e 74 2d 54 79 70 65 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 6b 73 5f 63 5f 35 36 30 31 2d 31 39 38 37 22 3e 0d 0a 3c 4c 49 4e 4b 20 68 72 65 66 3d 22 2f 63 73 73 2f 62 6f 64 79 2e 63 73 73 22 20 74 79 70 65 3d 74 65 78 74 2f 63 73 73 20 72 65 6c 3d 73 74 79 6c 65 73 68 65 65 74 3e 0d 0a 0d 0a 3c 4d 45 54 41 20 63 6f 6e 74 65 6e 74 3d 22 4d 53 48 54 4d 4c 20 36 2e 30 30 2e 32 38 30 30 2e 31 31 30 36 22 20 6e 61 6d 65 3d 47 45 4e 45 52 41 54 4f 52 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 20 74 65 78 74 3d 23 30 30 30 30 30 30 20 6c 65 66 74 4d 61 72 67 69 6e 3d 30 20 74 6f 70 4d 61 72 67 69 6e 3d 30 20 73 63 72 6f 6c 6c 62 61 72 73 3d 22 6e 6f 22 20 6d 61 72 67 69 6e 68 65 69 67 68 74 3d 22 30 22 20 0d 0a 6d 61 72 67 69 6e 77 69 64 74 68 3d 22 30 22 3e 0d 0a 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 22 31 30 30 25 22 20 62 6f 72 64 65 72 3d 30 3e 0d 0a 20 20 3c 54 42 4f 44 59 3e 0d 0a 20 20 3c 54 52 3e 0d 0a 20 20 20 20 3c 54 44 20 68 65 69 67 68 74 3d 31 30 30 3e 26 6e 62 73 70 3b 3c 2f 54 44 3e 3c 2f 54 52 3e 0d 0a 20 20 3c 54 52 3e 0d 0a 20 20 20 20 3c 54 44 20 61 6c 69 67 6e 3d 6d 69 64 64 6c 65 20 62 61 63 6b 67 72 6f 75 6e 64 3d 2f 69 6d 61 67 65 2f 65 72 72 6f 72 2f 62 67 30 31 2e 67 69 66 20 0d 0a 20 20 68 65 69 67 68 74 3d 35 34 3e 26 6e 62 73 70 3b 3c 2f 54 44 3e 3c 2f 54 52 3e 3c 2f 54 42 4f 44 59 3e 3c 2f 54 41 42 4c 45 3e 0d 0a 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 22 31 30 30 25 22 20 62 6f 72 64 65 72 3d 30 3e 0d 0a 20 20 3c 54 42 4f 44 59 3e 0d 0a 20 20 3c 54 52 3e 0d 0a 20 20 20 20 3c 54 44 20 76 41 6c 69 67 6e 3d 74 6f 70 20 61 6c 69 67 6e 3d 6d 69 64 64 6c 65 20 62 67 43 6f 6c 6f 72 3d 23 66 61 66 61 66 61 3e 0d 0a 20 20 20 20 20 20 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 35 35 30 20 62 6f 72 64 65 72 3d 30 3e 0d 0a 20 20 20 20 20 20 20 20 3c 54 42 4f 44 59 3e 0d 0a 20 20 20 20 20 20 20 20 3c 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 54 44 20 77 69 64 74 68 3d 36 30 30 20 68 65 69 67 68 74 3d 31 30 3e 3c 2f 54 44 3e 3c 2f 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 54 44 20 61 6c 69 67 6e 3d 6d 69 64 64 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: Resin/2.1.16Cache-Control: no-cacheExpires: Thu, 01 Dec 1994 16:00:00 GMTContent-Type: text/html;charset=euc-krContent-Length: 3709Date: Wed, 24 Apr 2024 10:15:08 GMTData Raw: 0d 0a 3c 48 54 4d 4c 3e 0d 0a 3c 48 45 41 44 3e 0d 0a 0d 0a 3c 74 69 74 6c 65 3e 54 68 75 6e 64 65 72 4d 61 69 6c 34 2e 35 3c 2f 74 69 74 6c 65 3e 0d 0a 0d 0a 3c 4d 45 54 41 20 68 74 74 70 2d 65 71 75 69 76 3d 43 6f 6e 74 65 6e 74 2d 54 79 70 65 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 6b 73 5f 63 5f 35 36 30 31 2d 31 39 38 37 22 3e 0d 0a 3c 4c 49 4e 4b 20 68 72 65 66 3d 22 2f 63 73 73 2f 62 6f 64 79 2e 63 73 73 22 20 74 79 70 65 3d 74 65 78 74 2f 63 73 73 20 72 65 6c 3d 73 74 79 6c 65 73 68 65 65 74 3e 0d 0a 0d 0a 3c 4d 45 54 41 20 63 6f 6e 74 65 6e 74 3d 22 4d 53 48 54 4d 4c 20 36 2e 30 30 2e 32 38 30 30 2e 31 31 30 36 22 20 6e 61 6d 65 3d 47 45 4e 45 52 41 54 4f 52 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 20 74 65 78 74 3d 23 30 30 30 30 30 30 20 6c 65 66 74 4d 61 72 67 69 6e 3d 30 20 74 6f 70 4d 61 72 67 69 6e 3d 30 20 73 63 72 6f 6c 6c 62 61 72 73 3d 22 6e 6f 22 20 6d 61 72 67 69 6e 68 65 69 67 68 74 3d 22 30 22 20 0d 0a 6d 61 72 67 69 6e 77 69 64 74 68 3d 22 30 22 3e 0d 0a 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 22 31 30 30 25 22 20 62 6f 72 64 65 72 3d 30 3e 0d 0a 20 20 3c 54 42 4f 44 59 3e 0d 0a 20 20 3c 54 52 3e 0d 0a 20 20 20 20 3c 54 44 20 68 65 69 67 68 74 3d 31 30 30 3e 26 6e 62 73 70 3b 3c 2f 54 44 3e 3c 2f 54 52 3e 0d 0a 20 20 3c 54 52 3e 0d 0a 20 20 20 20 3c 54 44 20 61 6c 69 67 6e 3d 6d 69 64 64 6c 65 20 62 61 63 6b 67 72 6f 75 6e 64 3d 2f 69 6d 61 67 65 2f 65 72 72 6f 72 2f 62 67 30 31 2e 67 69 66 20 0d 0a 20 20 68 65 69 67 68 74 3d 35 34 3e 26 6e 62 73 70 3b 3c 2f 54 44 3e 3c 2f 54 52 3e 3c 2f 54 42 4f 44 59 3e 3c 2f 54 41 42 4c 45 3e 0d 0a 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 22 31 30 30 25 22 20 62 6f 72 64 65 72 3d 30 3e 0d 0a 20 20 3c 54 42 4f 44 59 3e 0d 0a 20 20 3c 54 52 3e 0d 0a 20 20 20 20 3c 54 44 20 76 41 6c 69 67 6e 3d 74 6f 70 20 61 6c 69 67 6e 3d 6d 69 64 64 6c 65 20 62 67 43 6f 6c 6f 72 3d 23 66 61 66 61 66 61 3e 0d 0a 20 20 20 20 20 20 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 35 35 30 20 62 6f 72 64 65 72 3d 30 3e 0d 0a 20 20 20 20 20 20 20 20 3c 54 42 4f 44 59 3e 0d 0a 20 20 20 20 20 20 20 20 3c 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 54 44 20 77 69 64 74 68 3d 36 30 30 20 68 65 69 67 68 74 3d 31 30 3e 3c 2f 54 44 3e 3c 2f 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 54 44 20 61 6c 69 67 6e 3d 6d 69 64 64 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownHTTPS traffic detected: 23.3.84.131:443 -> 192.168.2.5:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.3.84.131:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: classification engineClassification label: clean1.win@17/34@6/4
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 --field-trial-handle=2228,i,3603984539344197173,3474500485459397694,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://sender-004.cafe24.com/filter/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 --field-trial-handle=2228,i,3603984539344197173,3474500485459397694,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://sender-004.cafe24.com/filter/0%Avira URL Cloudsafe
http://sender-004.cafe24.com/filter/2%VirustotalBrowse

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.210.172
truefalse
    		unknown
    www.google.com
    		142.250.101.103
    		truefalse
      		high
      sender-004.cafe24.com
      		218.236.58.151
      		truefalse
        		high
        fp2e7a.wpc.phicdn.net
        		192.229.211.108
        		truefalse
          		unknown

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          http://sender-004.cafe24.com/css/body.cssfalse
            		high
            http://sender-004.cafe24.com/image/error/copyright02.giffalse
              		high
              http://sender-004.cafe24.com/image/error/bg01.giffalse
                		high
                http://sender-004.cafe24.com/image/error/botton_home.giffalse
                  		high
                  http://sender-004.cafe24.com/filter/false
                    		high
                    http://sender-004.cafe24.com/login/login.jspfalse
                      		high
                      http://sender-004.cafe24.com/index.htmlfalse
                        		high
                        http://sender-004.cafe24.com/favicon.icofalse
                          		high
                          http://sender-004.cafe24.com/image/error/error.giffalse
                            		high
                            http://sender-004.cafe24.com/image/error/line01.giffalse
                              		high
                              http://sender-004.cafe24.com/image/error/error_adress.giffalse
                                		high

                                World Map of Contacted IPs

                                • No. of IPs < 25%
                                • 25% < No. of IPs < 50%
                                • 50% < No. of IPs < 75%
                                • 75% < No. of IPs

                                Public IPs

                                IPDomainCountryFlagASNASN NameMalicious
                                142.250.101.103
                                		www.google.comUnited States
                                		15169GOOGLEUSfalse
                                239.255.255.250
                                		unknownReserved
                                		unknownunknownfalse
                                218.236.58.151
                                		sender-004.cafe24.comKorea Republic of
                                		9318SKB-ASSKBroadbandCoLtdKRfalse

                                Private

                                IP
                                192.168.2.5

                                General Information

                                Joe Sandbox version:40.0.0 Tourmaline
                                Analysis ID:1430948
                                Start date and time:2024-04-24 12:14:16 +02:00
                                Joe Sandbox product:CloudBasic
                                Overall analysis duration:0h 3m 13s
                                Hypervisor based Inspection enabled:false
                                Report type:full
                                Cookbook file name:browseurl.jbs
                                Sample URL:http://sender-004.cafe24.com/filter/
                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                Number of analysed new started processes analysed:7
                                Number of new started drivers analysed:0
                                Number of existing processes analysed:0
                                Number of existing drivers analysed:0
                                Number of injected processes analysed:0
                                Technologies:
                                • HCA enabled
                                • EGA enabled
                                • AMSI enabled
                                Analysis Mode:default
                                Analysis stop reason:Timeout
                                Detection:CLEAN
                                Classification:clean1.win@17/34@6/4
                                EGA Information:Failed
                                HCA Information:
                                • Successful, ratio: 100%
                                • Number of executed functions: 0
                                • Number of non-executed functions: 0
                                Cookbook Comments:
                                • Browse: http://sender-004.cafe24.com/index.html

                                Warnings

                                • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                                • Excluded IPs from analysis (whitelisted): 74.125.137.94, 142.251.2.102, 142.251.2.139, 142.251.2.138, 142.251.2.100, 142.251.2.113, 142.251.2.101, 142.251.2.84, 34.104.35.123, 23.1.234.24, 192.229.211.108, 40.68.123.157, 23.1.234.32, 52.165.164.15, 142.250.101.94, 72.21.81.240
                                • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, wu-bg-shim.trafficmanager.net, wu.azureedge.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, sls.update.microsoft.com, update.googleapis.com, hlb.apr-52dd2-0.edgecastdns.net, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
                                • Not all processes where analyzed, report is missing behavior information
                                • Report size getting too big, too many NtSetInformationFile calls found.

                                Simulations

                                Behavior and APIs

                                No simulations

                                Joe Sandbox View / Context

                                IPs

                                No context

                                Domains

                                No context

                                ASNs

                                No context

                                JA3 Fingerprints

                                No context

                                Dropped Files

                                No context

                                Created / dropped Files

                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 09:15:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                Category:dropped
                                Size (bytes):2677
                                Entropy (8bit):3.9843005433592347
                                Encrypted:false
                                SSDEEP:48:8+dzoTTsQgyEH7idAKZdA19ehwiZUklqehgy+3:88oXXgyY/y
                                MD5:38716B60A28D29BE74125A357DB095F1
                                SHA1:880584364988C7AB2942A7798F876791EA51F5B3
                                SHA-256:71DD8B890BE56B706517A4908781D9D7ADBF14A2581E45B503735E51474A914C
                                SHA-512:A6613401CEBB4DB71F42307E74E28413732A1380A514A73A8E1BDBBDA57CAC25A5C6345C4141207E1A0ADA42F05CCE689EF35375E5D512F031C47B6CD2B6EFE0
                                Malicious:false
                                Reputation:low
                                Preview:L..................F.@.. ...$+.,.....~J0...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.Q....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.Q....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.Q....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.Q..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.Q...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............P.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 09:15:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                Category:dropped
                                Size (bytes):2679
                                Entropy (8bit):3.995899043654052
                                Encrypted:false
                                SSDEEP:48:8GdzoTTsQgyEH7idAKZdA1weh/iZUkAQkqehvy+2:80oXXgyy9QWy
                                MD5:506C94C5221C93E340A46B06F833751B
                                SHA1:6CE265A8DA1F431B0A3CBBCE8896CB6FEFA0FD25
                                SHA-256:245AA48B40913A15E91397FAADD1ED2FBC2CD4E87E42B70D6982D53A21D9860F
                                SHA-512:FF2F8D687A630D265E991ED8B17F6F823CD1ADD790D88E65C8DA514540C58C3AACAE6040E057213D33A1396D173416D7F737DC653EA95326D8FF6E6BCDE50A8B
                                Malicious:false
                                Reputation:low
                                Preview:L..................F.@.. ...$+.,.....PsJ0...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.Q....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.Q....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.Q....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.Q..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.Q...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............P.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                Category:dropped
                                Size (bytes):2693
                                Entropy (8bit):4.007412162444873
                                Encrypted:false
                                SSDEEP:48:8x5dzoTTsQsH7idAKZdA14tseh7sFiZUkmgqeh7sly+BX:8xPoXXCnLy
                                MD5:9C37E545DBDA6A259A46880694ABAE94
                                SHA1:13C18E07E64F622AE90AAD6C815EDAF74D6B1BB2
                                SHA-256:B48DAC8F524B88266DBD6A2DE338D4501474B0158CEF926379DAD485384944D0
                                SHA-512:E722A8BDEF96DEBDB9CF34202CB790107839447CB74BB1D02C703BA02FDA748CF4512BA373B8ECA8C0A4F37B347DB6B2E43E81DEF91F8F52FBF17B3E68C9C061
                                Malicious:false
                                Reputation:low
                                Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.Q....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.Q....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.Q....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.Q..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............P.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 09:15:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                Category:dropped
                                Size (bytes):2681
                                Entropy (8bit):3.9966424203791457
                                Encrypted:false
                                SSDEEP:48:8YdzoTTsQgyEH7idAKZdA1vehDiZUkwqehTy+R:8qoXXgyZNy
                                MD5:82316791B7EB473953194B17ECB4935A
                                SHA1:8DEC1B0879984B3FAD8A03A35510F64EBC5EA746
                                SHA-256:6F8BF50EABAC6D7BF5C23B2345F8A407D031A9195E23F0851355B3C7FEB0BB29
                                SHA-512:D7F096B9881AF8317CB748DF4B17A6D105CFC1AAEC9AB703ED85D4D50F5BD7C1BB2C34C74534CC9B1F8B059803EA4FA90552FCA7F73D94B0D799B04CA39B2025
                                Malicious:false
                                Reputation:low
                                Preview:L..................F.@.. ...$+.,....Z.mJ0...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.Q....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.Q....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.Q....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.Q..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.Q...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............P.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 09:15:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                Category:dropped
                                Size (bytes):2681
                                Entropy (8bit):3.9848120737913364
                                Encrypted:false
                                SSDEEP:48:87CdzoTTsQgyEH7idAKZdA1hehBiZUk1W1qehBy+C:87AoXXgyp9hy
                                MD5:49E144CA3D362556624237E623773583
                                SHA1:482D1FBE1F6BB9789454BEE1ABF4405FC839A73B
                                SHA-256:2F376179C9EA1A703C399AF16ADEBC95E1F8924B1ABD9A9002E0526711A84823
                                SHA-512:EE8481FEC2B1769955B7C5370C3B418EA5A8950D0A15EA6314C5B9D33206F0B7D6C75850D59849943916D3D209A3AC3CEF78EB4D0E24291F94DDF70B42E754AA
                                Malicious:false
                                Reputation:low
                                Preview:L..................F.@.. ...$+.,....D.xJ0...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.Q....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.Q....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.Q....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.Q..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.Q...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............P.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 09:15:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                Category:dropped
                                Size (bytes):2683
                                Entropy (8bit):3.9964866945229236
                                Encrypted:false
                                SSDEEP:48:83dzoTTsQgyEH7idAKZdA1duT+ehOuTbbiZUk5OjqehOuTbLy+yT+:8BoXXgy1T/TbxWOvTbLy7T
                                MD5:C7346BACE4C126ABF5D97D5C48661743
                                SHA1:C2A0878490744A008EEA31D929C051F562402CFE
                                SHA-256:83BEDE53CACFEFA3C68C54EBF33ED3E29FCB5EC8C826A6A0A3442F3BB6658D92
                                SHA-512:7AF7AC85EF9BFD256C3B5F39BCA8EA89F328687EC6085B3F64273723866889E516CA36EDFF093C10EC0B6BF63B60BB7C8E1A2EC902CC3BBEB31B68085A9F8BC9
                                Malicious:false
                                Reputation:low
                                Preview:L..................F.@.. ...$+.,......dJ0...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.Q....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.Q....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.Q....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.Q..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.Q...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............P.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                Chrome Cache Entry: 60

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 47 x 21
                                Category:dropped
                                Size (bytes):377
                                Entropy (8bit):6.479140268837239
                                Encrypted:false
                                SSDEEP:6:9UWKvW5Hn/S2QQ5lbOy7N04sgDH7qdPwo/8PXjawEeypUdkQxVrgGYx9O42QoEh6:P5Hn/++ROojH8Pwo/AaHUdkSRms42xEM
                                MD5:59CC379C6DAE64566151B76B13AE5013
                                SHA1:B2459987339C02F288F16816C56D63DFDAB7FF83
                                SHA-256:6BF0D869D11ED17CADDD102DE991B7B9EB9E0A01D183F01A684DEE833593593C
                                SHA-512:7AC6EDC8E112DC18A0A20309A1F1E49F3A1138FFA58B0A2920BD6A71E9B0F3B4A65229D7C336954CFA38371AA8180F6EA5F2A6286361EF525DF9AD2BAE76199A
                                Malicious:false
                                Reputation:low
                                Preview:GIF89a/......KKKUUU===...```..................jjj............uuu..........................................!.......,..../.......$.di.h:Q+.p,....U..|...I..,..B.q..%)@.B'.6.O.$..p...o..V$..U.......q.+....#.9.....9.............NCP9....}...\..9...q.........:w..}f...9.....q.........Jy{.e...9..j........q.>~..........j...Z._...............C.....)!.Pa....@d(q".$*2j.X...!..;

                                Chrome Cache Entry: 61

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 85 x 54
                                Category:downloaded
                                Size (bytes):183
                                Entropy (8bit):6.553523881810732
                                Encrypted:false
                                SSDEEP:3:C3qGDRaf3rD/lsnD3HqGD1C9cr3pv+P6Yx9KLbLTlSfGqOqd1VvkMcZMnvdlen:mpi7sjqU1HIyYx9slSEqdU0ven
                                MD5:6258088CDE6C1A593D5602072A2F6EC0
                                SHA1:A6CE2CA69CE87940F1607900CB026400882793A9
                                SHA-256:F1780F6CFF4387E0C7147E2FA8C0099A96A57F07D1DCC8DB58F9DE4036B02389
                                SHA-512:CEF7A4BB91E18492401E24036722DEB455DF8F35BF6ECAF75485D9EE30C7354D20D2CED8AB1993B96C870F257605439E44334A5640B769389031C166F815D7C0
                                Malicious:false
                                Reputation:low
                                URL:http://sender-004.cafe24.com/image/error/bg01.gif
                                Preview:GIF89aU.6...............!.......,....U.6....................H........L.............X..L*.....J.....j..........N....................(8HXhx..........)9IYiy..........*:JZZZ..;

                                Chrome Cache Entry: 62

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 500 x 20
                                Category:dropped
                                Size (bytes):1338
                                Entropy (8bit):7.782410116682554
                                Encrypted:false
                                SSDEEP:24:FQqE3xNdGTEOjRU8KjQMSC7yH3NAd8+QC0WVX5F+lLDKvyC16u7sgGpaOq+Fq8VL:KqeVyOh72AdeC0KF+wcaj2n0hC
                                MD5:8FFFB3039CDDA13FD5CF1B62F26429F7
                                SHA1:AFF6CFD2E42AE242C66FBAD4ACF47D6857908C3A
                                SHA-256:44B87D550D76250C26085F4C923AF783819345C41151A21CBA52958628645782
                                SHA-512:9E4EF5FDB2B0E99FBDAF60FFEC06E607DFABF1F356E88D4F3A3EC09E73D6CCB0C8E830E8BF589D5E95F554FBD1CEFF99293138E4FC91407B365B299252F5BEF2
                                Malicious:false
                                Reputation:low
                                Preview:GIF89a..........................L.v......v....6...Fc.600......)T.YSS{ut..KFF=\.........x..1X.............N....g_^.}|v..kddRLL...[n..................................qjk.......L....Tj..."..............hx.p.....nii.......................%N...p.O..L.^XX........"m~............Zf.upr..\.......^.....n..|...]s........................................\..Q..\..R...Oh...._n....D>>......}}}...!.......,.......................C..........................g..j...................h.X.2?..,v..............wn.l0W..L..........j..i.?.N+.(...........Y..a..B92,0...AK..J.H..EP.-...!..?9VPiq....."^\..K...A.....5....S...K=^..J...........=Ky..c.......a.......PPH..J..4......U.s.....N 1Q!E..#..........4.P...%EF.0.G..K^pP....0....Mh..A.O.Q.z.i._.>...k.a...[. ....-.xl.s'z..yi.S+.-.9....^z;u.p.7C:...&n..Q..=...a.....]l..ED..5. ..%DA..[H@..5D!A.#...l.U..w..&Zw..B....p..'"p&z...Ph.m+j...U8.8..a.0..c-..U..{. ...T0A...M`B..la..$p!.I.....w9...N&QB.w.p..ID...*.y!s.b..w..X]...f...H.u/.xHr

                                Chrome Cache Entry: 63

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 47 x 21
                                Category:downloaded
                                Size (bytes):377
                                Entropy (8bit):6.479140268837239
                                Encrypted:false
                                SSDEEP:6:9UWKvW5Hn/S2QQ5lbOy7N04sgDH7qdPwo/8PXjawEeypUdkQxVrgGYx9O42QoEh6:P5Hn/++ROojH8Pwo/AaHUdkSRms42xEM
                                MD5:59CC379C6DAE64566151B76B13AE5013
                                SHA1:B2459987339C02F288F16816C56D63DFDAB7FF83
                                SHA-256:6BF0D869D11ED17CADDD102DE991B7B9EB9E0A01D183F01A684DEE833593593C
                                SHA-512:7AC6EDC8E112DC18A0A20309A1F1E49F3A1138FFA58B0A2920BD6A71E9B0F3B4A65229D7C336954CFA38371AA8180F6EA5F2A6286361EF525DF9AD2BAE76199A
                                Malicious:false
                                Reputation:low
                                URL:http://sender-004.cafe24.com/image/error/botton_home.gif
                                Preview:GIF89a/......KKKUUU===...```..................jjj............uuu..........................................!.......,..../.......$.di.h:Q+.p,....U..|...I..,..B.q..%)@.B'.6.O.$..p...o..V$..U.......q.+....#.9.....9.............NCP9....}...\..9...q.........:w..}f...9.....q.........Jy{.e...9..j........q.>~..........j...Z._...............C.....)!.Pa....@d(q".$*2j.X...!..;

                                Chrome Cache Entry: 64

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 420 x 50
                                Category:dropped
                                Size (bytes):1680
                                Entropy (8bit):7.723839368727126
                                Encrypted:false
                                SSDEEP:24:fD01XYB6rf1R7m5xnb3wZikG9ePOGo24bfIfsPEBssmk64QWn1BP+E4LfDBdrlSG:fDL6rtR7CxnUikj/CfyVCsZ/PIfbsML
                                MD5:36C6F7354811F0F681716543DF381646
                                SHA1:9F46E7656E291DF3CA6FF768658B454BF572E212
                                SHA-256:B4CC3924814D5658194075B98A569005D90D7F78DDC888EC01405A0F572D1989
                                SHA-512:FFAE5C56102AB71877E3033A9733A96F4A7C5B1A56AE3D800BB036A2D27B3687E7240CCFFC5E90A7B198E8FBA69DE3F36CFEE37C1E1765F69E6CFCBBB2386707
                                Malicious:false
                                Reputation:low
                                Preview:GIF89a..2...................................................zzzpppfff.......................................!.......,......2....` .di.h..l.p,.tm.x..|....pH,...r.l:..tJ.Z..v..z..xL....z.n...|N.....~.....V.S...,..S....$.8....2......+.D.....'.....9....2....,.A.......(.L...L.7.$......#....."..$.......$..."........#...........%......x..P..EV.H6.S....H. .A...%<...U-..K...qA...%.R.x ...'%D.h).....@..A.F...8$)....-_..(....KG.}(.]..P....... .l..d.S....Bh. ....:v.....0.0.V.Z.3.a.Z......l....s.1.......qu... ....^.p.AO._S.P....S#-..)!.Gk..m...]..6Y.@..)...!....F.":..YQDq.s..c.i"%..U.......:( .....z....+.....n.7..........6.qb..}.UG\U..]M.g_x.ex.kb..z..Q|.ESWz.PF.Y..G@`x.W.;..4Q:xA../*&..exE(.]..F.]....&.i.$......}H..O=e.|#.. q)..blm...;2...&.,c]..E............D.~b@.3E6.nOFQH.g..[$0.L.$....%..i....3...]9.PC.]%l.$@........4.@..:.....i.U...z....dW..3.9.B....Hw.:.$.[?&..H.<....3U..;.5....m..^.8..W......*0L...apmUR...r..:.B..I..k.W.X.@p..+B.#,,U'.P.K!....+..+o...|...r....

                                Chrome Cache Entry: 65

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 1 x 61
                                Category:dropped
                                Size (bytes):62
                                Entropy (8bit):4.306162995794532
                                Encrypted:false
                                SSDEEP:3:CowAaE/lmFXUs6offrlen:WAaB1rle
                                MD5:ACECA2A4B4A87AAE466F16C711306649
                                SHA1:7ED277E100148F5DB95CE04BFBEE1B49AE4ED284
                                SHA-256:66D97F18342C49919C3D5A9D042370AAAE0DE52FDC1C6D8BE2EEEC08E9A7D3E6
                                SHA-512:4CC8329BD149CAEB1265D36FA582A98130A422F0C926AEEF34C4D14517FEA5E9338D7DB3FFA73EE80C04558BE7109F2EC05DE6B474830DCE056E99AF3F6C9522
                                Malicious:false
                                Reputation:low
                                Preview:GIF89a..=................!.......,......=.....fxpq._...q#....;

                                Chrome Cache Entry: 66

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 420 x 50
                                Category:downloaded
                                Size (bytes):1680
                                Entropy (8bit):7.723839368727126
                                Encrypted:false
                                SSDEEP:24:fD01XYB6rf1R7m5xnb3wZikG9ePOGo24bfIfsPEBssmk64QWn1BP+E4LfDBdrlSG:fDL6rtR7CxnUikj/CfyVCsZ/PIfbsML
                                MD5:36C6F7354811F0F681716543DF381646
                                SHA1:9F46E7656E291DF3CA6FF768658B454BF572E212
                                SHA-256:B4CC3924814D5658194075B98A569005D90D7F78DDC888EC01405A0F572D1989
                                SHA-512:FFAE5C56102AB71877E3033A9733A96F4A7C5B1A56AE3D800BB036A2D27B3687E7240CCFFC5E90A7B198E8FBA69DE3F36CFEE37C1E1765F69E6CFCBBB2386707
                                Malicious:false
                                Reputation:low
                                URL:http://sender-004.cafe24.com/image/error/error_adress.gif
                                Preview:GIF89a..2...................................................zzzpppfff.......................................!.......,......2....` .di.h..l.p,.tm.x..|....pH,...r.l:..tJ.Z..v..z..xL....z.n...|N.....~.....V.S...,..S....$.8....2......+.D.....'.....9....2....,.A.......(.L...L.7.$......#....."..$.......$..."........#...........%......x..P..EV.H6.S....H. .A...%<...U-..K...qA...%.R.x ...'%D.h).....@..A.F...8$)....-_..(....KG.}(.]..P....... .l..d.S....Bh. ....:v.....0.0.V.Z.3.a.Z......l....s.1.......qu... ....^.p.AO._S.P....S#-..)!.Gk..m...]..6Y.@..)...!....F.":..YQDq.s..c.i"%..U.......:( .....z....+.....n.7..........6.qb..}.UG\U..]M.g_x.ex.kb..z..Q|.ESWz.PF.Y..G@`x.W.;..4Q:xA../*&..exE(.]..F.]....&.i.$......}H..O=e.|#.. q)..blm...;2...&.,c]..E............D.~b@.3E6.nOFQH.g..[$0.L.$....%..i....3...]9.PC.]%l.$@........4.@..:.....i.U...z....dW..3.9.B....Hw.:.$.[?&..H.<....3U..;.5....m..^.8..W......*0L...apmUR...r..:.B..I..k.W.X.@p..+B.#,,U'.P.K!....+..+o...|...r....

                                Chrome Cache Entry: 67

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 85 x 54
                                Category:dropped
                                Size (bytes):183
                                Entropy (8bit):6.553523881810732
                                Encrypted:false
                                SSDEEP:3:C3qGDRaf3rD/lsnD3HqGD1C9cr3pv+P6Yx9KLbLTlSfGqOqd1VvkMcZMnvdlen:mpi7sjqU1HIyYx9slSEqdU0ven
                                MD5:6258088CDE6C1A593D5602072A2F6EC0
                                SHA1:A6CE2CA69CE87940F1607900CB026400882793A9
                                SHA-256:F1780F6CFF4387E0C7147E2FA8C0099A96A57F07D1DCC8DB58F9DE4036B02389
                                SHA-512:CEF7A4BB91E18492401E24036722DEB455DF8F35BF6ECAF75485D9EE30C7354D20D2CED8AB1993B96C870F257605439E44334A5640B769389031C166F815D7C0
                                Malicious:false
                                Reputation:low
                                Preview:GIF89aU.6...............!.......,....U.6....................H........L.............X..L*.....J.....j..........N....................(8HXhx..........)9IYiy..........*:JZZZ..;

                                Chrome Cache Entry: 68

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 52 x 53
                                Category:downloaded
                                Size (bytes):1856
                                Entropy (8bit):7.506430242218989
                                Encrypted:false
                                SSDEEP:48:Yl5tGOE9ZPYYrVl1CIx385GiIJKH/RGd91iwzbHzTvzgsumQ:Yn0nLr5CIx+IJKHC91i+3zgsO
                                MD5:38BA6218471F6FAA98F060D924184258
                                SHA1:9CA1491E88B0DB52892D6701C075860A24EF276E
                                SHA-256:91AA50FE38EAD6CEE9FBD048B674D26FCF0BBE64336893F7A516B22431CE8934
                                SHA-512:435ADB72546FE41D7D04467A50D3F3ABEDDB98FDD543FFCB319B3A6DC884BE5AA861E8A9E10590BA129E675DB011BC769BE8A06506A935A354F4D0F5F48F6D63
                                Malicious:false
                                Reputation:low
                                URL:http://sender-004.cafe24.com/image/error/error.gif
                                Preview:GIF89a4.5.................3*..........gK.%&..%.............mO....4*....|..........W>.......@0.N8....e.......k....cG....R:.7+....9,..y._D.n...................a......../(....-(........v..g....tW..f........T;..m....{].}a.P9..~.q.x\.[A.oS..u...h.]B............`D..vW..c.I4.......R:. %.D1.8,.B0.[@.~b..y\........S;.q.rV....|.K5.d.i..^C....z...................y..../(.4*......."%.....lO.&&.l.q.....b....J5........Z@.z\....`E..................=.........j.B0.r..........L6....z].uY.eJ....sV...qT......D2.A0..........kO.l............'&.t.F3.....tX.f.,(.....|.=........;-.d.dH.nQ....p....x\.....$..................................................................................................................!.......,....4.5........H..@.:j.xP.E..(J<.QC....3j$.#.l C..9"...(5...a...f.HIS...7^.|y......8....#?......N..V.Q....1h.@@@'..K..P...)lh.E.d...JN.=.h..x.V.p.e..)?.....HS..8. ........ ...lY.(.y..F.NEj..gd..)....m....

                                Chrome Cache Entry: 69

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ISO-8859 text, with CRLF line terminators
                                Category:downloaded
                                Size (bytes):31
                                Entropy (8bit):4.147114052043201
                                Encrypted:false
                                SSDEEP:3:riBHz4UQ8Lyn:2RXLyn
                                MD5:722892208CCA7B046D9DEF0814EEE4C8
                                SHA1:79702089209CF396DE73F5B7A3CEC02E6AF3FC2E
                                SHA-256:A421C3448F2662687F614B9FB4D56E6E11AC902998A039BABA6060DB194F1563
                                SHA-512:3EBF293B500032C7436461EECB22BE3C749BEF9C999EA1F1703A9976C6AF1108D514561486BE5E830DACB015B9CBBC32C905990D10F265FAE3BF5E7B4B584937
                                Malicious:false
                                Reputation:low
                                URL:http://sender-004.cafe24.com/login/login.jsp
                                Preview:........ ....... ........

                                Chrome Cache Entry: 70

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:HTML document, ISO-8859 text, with CRLF line terminators
                                Category:downloaded
                                Size (bytes):3709
                                Entropy (8bit):4.708108706857925
                                Encrypted:false
                                SSDEEP:96:IM0fX06ckep5uPPEHVGTfn62oY/wm+fw6yWi:IVpckep5QEHVbgB+JG
                                MD5:D343B1EE9D51DE11734059B9DC77880C
                                SHA1:D06E61952A56D5A61C96DCD2D81EA718D688186C
                                SHA-256:5AB4631A2EE861D561D8A193035BA5113CA239C44F44F0A495D7B156D6B42595
                                SHA-512:EEFF4074C7DFA4CD53F54EB0D9748550DF7002BB32071C6D4FDD058EBD707D8527A5D63B1C9680CF43555FFA7F8D76A6E94CE8B5F402E53E71ADEFAD00C756C6
                                Malicious:false
                                Reputation:low
                                URL:http://sender-004.cafe24.com/favicon.ico
                                Preview:..<HTML>..<HEAD>....<title>ThunderMail4.5</title>....<META http-equiv=Content-Type content="text/html; charset=ks_c_5601-1987">..<LINK href="/css/body.css" type=text/css rel=stylesheet>....<META content="MSHTML 6.00.2800.1106" name=GENERATOR></HEAD>..<BODY text=#000000 leftMargin=0 topMargin=0 scrollbars="no" marginheight="0" ..marginwidth="0">..<TABLE cellSpacing=0 cellPadding=0 width="100%" border=0>.. <TBODY>.. <TR>.. <TD height=100>&nbsp;</TD></TR>.. <TR>.. <TD align=middle background=/image/error/bg01.gif .. height=54>&nbsp;</TD></TR></TBODY></TABLE>..<TABLE cellSpacing=0 cellPadding=0 width="100%" border=0>.. <TBODY>.. <TR>.. <TD vAlign=top align=middle bgColor=#fafafa>.. <TABLE cellSpacing=0 cellPadding=0 width=550 border=0>.. <TBODY>.. <TR>.. <TD width=600 height=10></TD></TR>.. <TR>.. <TD align=middle>.. <TABLE cellSpacing=0 cellPadding=0 width=368 border=0>.. <TBODY>.. <TR>..

                                Chrome Cache Entry: 71

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ISO-8859 text, with CRLF line terminators
                                Category:downloaded
                                Size (bytes):7438
                                Entropy (8bit):5.758088758399166
                                Encrypted:false
                                SSDEEP:192:Xz4U9dh261kmbTVmA2ZGu2+2JomIyiQVxWkYYEg3xJdlbpH8SDJ:sUPfeQxPTvbJ
                                MD5:0D301E7BE192EAE0E71636674DBDFF5E
                                SHA1:96E85C516C338E91139FC6C24EB8997F37EF963D
                                SHA-256:A783B850FBCF1526BB21F765167A8ED24F72D38DEA2A243E75F30E1F4496F840
                                SHA-512:9FB1AE83ECA60234A5452A561BBA2A24EA3B869930B16CC1430F6E38B2266A164A47A65B57CB22E1DC01020F8E91206D7AEF00AF72CECB6FB5189040A81287D1
                                Malicious:false
                                Reputation:low
                                URL:http://sender-004.cafe24.com/css/body.css
                                Preview:body..{...FONT-FAMILY: "Verdana", "....";.. FONT-SIZE: 9pt;...line-height:150%;...color:#666666;...vertical-align : top;...padding-bottom : 0px;...padding-left : 0px;...padding-right :0px;...padding-top : 0px;...scrollbar-face-color: #F5F5F5;.. scrollbar-highlight-color: #999999;.. scrollbar-3dlight-color: #FFFFFF;.. scrollbar-shadow-color: #999999;.. scrollbar-darkshadow-color: #FFFFFF;.. scrollbar-track-color: #FFFFFF;.. scrollbar-arrow-color: #999999..}......table.id01{...font-size: 9pt;...line-height: 120%;...font-family: "Verdana", "....";...width : 100%;...height : 100%;..}........td{...font-size: 9pt;...line-height: 180%;...font-family: "Verdana", "....";...color:#666666...}.....title..{...border : 0px;...background-color : #696969;...FONT-FAMILY: "Verdana", "....";...FONT-SIZE: 10pt;...vertical-align : middle;...text-align : right;...font-weight : bold;...padding-bottom : 0px;...padding-left : 0px;...padding-right : 0px;...padding-top : 0px;..}.......captio

                                Chrome Cache Entry: 72

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:HTML document, ISO-8859 text, with CRLF line terminators
                                Category:downloaded
                                Size (bytes):3709
                                Entropy (8bit):4.708108706857925
                                Encrypted:false
                                SSDEEP:96:IM0fX06ckep5uPPEHVGTfn62oY/wm+fw6yWi:IVpckep5QEHVbgB+JG
                                MD5:D343B1EE9D51DE11734059B9DC77880C
                                SHA1:D06E61952A56D5A61C96DCD2D81EA718D688186C
                                SHA-256:5AB4631A2EE861D561D8A193035BA5113CA239C44F44F0A495D7B156D6B42595
                                SHA-512:EEFF4074C7DFA4CD53F54EB0D9748550DF7002BB32071C6D4FDD058EBD707D8527A5D63B1C9680CF43555FFA7F8D76A6E94CE8B5F402E53E71ADEFAD00C756C6
                                Malicious:false
                                Reputation:low
                                URL:http://sender-004.cafe24.com/filter/
                                Preview:..<HTML>..<HEAD>....<title>ThunderMail4.5</title>....<META http-equiv=Content-Type content="text/html; charset=ks_c_5601-1987">..<LINK href="/css/body.css" type=text/css rel=stylesheet>....<META content="MSHTML 6.00.2800.1106" name=GENERATOR></HEAD>..<BODY text=#000000 leftMargin=0 topMargin=0 scrollbars="no" marginheight="0" ..marginwidth="0">..<TABLE cellSpacing=0 cellPadding=0 width="100%" border=0>.. <TBODY>.. <TR>.. <TD height=100>&nbsp;</TD></TR>.. <TR>.. <TD align=middle background=/image/error/bg01.gif .. height=54>&nbsp;</TD></TR></TBODY></TABLE>..<TABLE cellSpacing=0 cellPadding=0 width="100%" border=0>.. <TBODY>.. <TR>.. <TD vAlign=top align=middle bgColor=#fafafa>.. <TABLE cellSpacing=0 cellPadding=0 width=550 border=0>.. <TBODY>.. <TR>.. <TD width=600 height=10></TD></TR>.. <TR>.. <TD align=middle>.. <TABLE cellSpacing=0 cellPadding=0 width=368 border=0>.. <TBODY>.. <TR>..

                                Chrome Cache Entry: 73

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 52 x 53
                                Category:dropped
                                Size (bytes):1856
                                Entropy (8bit):7.506430242218989
                                Encrypted:false
                                SSDEEP:48:Yl5tGOE9ZPYYrVl1CIx385GiIJKH/RGd91iwzbHzTvzgsumQ:Yn0nLr5CIx+IJKHC91i+3zgsO
                                MD5:38BA6218471F6FAA98F060D924184258
                                SHA1:9CA1491E88B0DB52892D6701C075860A24EF276E
                                SHA-256:91AA50FE38EAD6CEE9FBD048B674D26FCF0BBE64336893F7A516B22431CE8934
                                SHA-512:435ADB72546FE41D7D04467A50D3F3ABEDDB98FDD543FFCB319B3A6DC884BE5AA861E8A9E10590BA129E675DB011BC769BE8A06506A935A354F4D0F5F48F6D63
                                Malicious:false
                                Reputation:low
                                Preview:GIF89a4.5.................3*..........gK.%&..%.............mO....4*....|..........W>.......@0.N8....e.......k....cG....R:.7+....9,..y._D.n...................a......../(....-(........v..g....tW..f........T;..m....{].}a.P9..~.q.x\.[A.oS..u...h.]B............`D..vW..c.I4.......R:. %.D1.8,.B0.[@.~b..y\........S;.q.rV....|.K5.d.i..^C....z...................y..../(.4*......."%.....lO.&&.l.q.....b....J5........Z@.z\....`E..................=.........j.B0.r..........L6....z].uY.eJ....sV...qT......D2.A0..........kO.l............'&.t.F3.....tX.f.,(.....|.=........;-.d.dH.nQ....p....x\.....$..................................................................................................................!.......,....4.5........H..@.:j.xP.E..(J<.QC....3j$.#.l C..9"...(5...a...f.HIS...7^.|y......8....#?......N..V.Q....1h.@@@'..K..P...)lh.E.d...JN.=.h..x.V.p.e..)?.....HS..8. ........ ...lY.(.y..F.NEj..gd..)....m....

                                Chrome Cache Entry: 74

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 1 x 61
                                Category:downloaded
                                Size (bytes):62
                                Entropy (8bit):4.306162995794532
                                Encrypted:false
                                SSDEEP:3:CowAaE/lmFXUs6offrlen:WAaB1rle
                                MD5:ACECA2A4B4A87AAE466F16C711306649
                                SHA1:7ED277E100148F5DB95CE04BFBEE1B49AE4ED284
                                SHA-256:66D97F18342C49919C3D5A9D042370AAAE0DE52FDC1C6D8BE2EEEC08E9A7D3E6
                                SHA-512:4CC8329BD149CAEB1265D36FA582A98130A422F0C926AEEF34C4D14517FEA5E9338D7DB3FFA73EE80C04558BE7109F2EC05DE6B474830DCE056E99AF3F6C9522
                                Malicious:false
                                Reputation:low
                                URL:http://sender-004.cafe24.com/image/error/line01.gif
                                Preview:GIF89a..=................!.......,......=.....fxpq._...q#....;

                                Chrome Cache Entry: 75

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:HTML document, ISO-8859 text, with CRLF line terminators
                                Category:downloaded
                                Size (bytes):278
                                Entropy (8bit):5.290499731096402
                                Encrypted:false
                                SSDEEP:6:q43tGN/ZYqrRmtXEPGvyuTRNVpr+W5/Mch4wIgT2cXnSCvy0Gb:T8N/5cX+uT3Vpr+W5/MC3vT15vrGb
                                MD5:95A1CEE0D89D490F4EFF01753F1B161F
                                SHA1:3C3AB2EB5AC2848104FB5510AA3E06A43822E72C
                                SHA-256:0D4355252E4481C66FB5188979EC22CA3D34E908B035D37F3A3BFB2405DE5E41
                                SHA-512:1A2EF09AFE6200D43EF212A7251ED12BA45F8C68FED665D3220F7D1FB3CC5D767D0DB098FE173552D6565B4718532D74D0001D05035708391B0CE3AE5B9E1E86
                                Malicious:false
                                Reputation:low
                                URL:http://sender-004.cafe24.com/index.html
                                Preview:<html>..<head>..<title>ThunderMail4.5</title>..<script language="JavaScript">.. ...// ........ ... .... submit();...function go()...{....location.replace("/login/login.jsp");...}..//-->..</script>..</head>......<body onLoad="javascript:go();">..</body>....</form>....</html>

                                Chrome Cache Entry: 76

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 500 x 20
                                Category:downloaded
                                Size (bytes):1338
                                Entropy (8bit):7.782410116682554
                                Encrypted:false
                                SSDEEP:24:FQqE3xNdGTEOjRU8KjQMSC7yH3NAd8+QC0WVX5F+lLDKvyC16u7sgGpaOq+Fq8VL:KqeVyOh72AdeC0KF+wcaj2n0hC
                                MD5:8FFFB3039CDDA13FD5CF1B62F26429F7
                                SHA1:AFF6CFD2E42AE242C66FBAD4ACF47D6857908C3A
                                SHA-256:44B87D550D76250C26085F4C923AF783819345C41151A21CBA52958628645782
                                SHA-512:9E4EF5FDB2B0E99FBDAF60FFEC06E607DFABF1F356E88D4F3A3EC09E73D6CCB0C8E830E8BF589D5E95F554FBD1CEFF99293138E4FC91407B365B299252F5BEF2
                                Malicious:false
                                Reputation:low
                                URL:http://sender-004.cafe24.com/image/error/copyright02.gif
                                Preview:GIF89a..........................L.v......v....6...Fc.600......)T.YSS{ut..KFF=\.........x..1X.............N....g_^.}|v..kddRLL...[n..................................qjk.......L....Tj..."..............hx.p.....nii.......................%N...p.O..L.^XX........"m~............Zf.upr..\.......^.....n..|...]s........................................\..Q..\..R...Oh...._n....D>>......}}}...!.......,.......................C..........................g..j...................h.X.2?..,v..............wn.l0W..L..........j..i.?.N+.(...........Y..a..B92,0...AK..J.H..EP.-...!..?9VPiq....."^\..K...A.....5....S...K=^..J...........=Ky..c.......a.......PPH..J..4......U.s.....N 1Q!E..#..........4.P...%EF.0.G..K^pP....0....Mh..A.O.Q.z.i._.>...k.a...[. ....-.xl.s'z..yi.S+.-.9....^z;u.p.7C:...&n..Q..=...a.....]l..ED..5. ..%DA..[H@..5D!A.#...l.U..w..&Zw..B....p..'"p&z...Ph.m+j...U8.8..a.0..c-..U..{. ...T0A...M`B..la..$p!.I.....w9...N&QB.w.p..ID...*.y!s.b..w..X]...f...H.u/.xHr

                                Static File Info

                                No static file info

                                Network Behavior

                                Network Port Distribution

                                TCP Packets

                                TimestampSource PortDest PortSource IPDest IP
                                Apr 24, 2024 12:15:03.270402908 CEST49675443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:03.270405054 CEST49674443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:03.364170074 CEST49673443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:12.297604084 CEST49710443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:15:12.297652960 CEST44349710142.250.101.103192.168.2.5
                                Apr 24, 2024 12:15:12.297739029 CEST49710443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:15:12.297997952 CEST49710443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:15:12.298007965 CEST44349710142.250.101.103192.168.2.5
                                Apr 24, 2024 12:15:12.435190916 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:12.435640097 CEST4971280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:12.664067984 CEST4971480192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:12.664226055 CEST44349710142.250.101.103192.168.2.5
                                Apr 24, 2024 12:15:12.665357113 CEST49710443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:15:12.665380001 CEST44349710142.250.101.103192.168.2.5
                                Apr 24, 2024 12:15:12.666590929 CEST44349710142.250.101.103192.168.2.5
                                Apr 24, 2024 12:15:12.666657925 CEST49710443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:15:12.667834997 CEST49710443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:15:12.667901993 CEST44349710142.250.101.103192.168.2.5
                                Apr 24, 2024 12:15:12.712208986 CEST49710443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:15:12.712233067 CEST44349710142.250.101.103192.168.2.5
                                Apr 24, 2024 12:15:12.745960951 CEST8049712218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:12.746216059 CEST4971280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:12.746454000 CEST4971280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:12.746990919 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:12.747054100 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:12.753720045 CEST49710443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:15:12.879288912 CEST49674443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:12.879287958 CEST49675443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:12.969492912 CEST49673443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:12.974549055 CEST8049714218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:12.974700928 CEST4971480192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.060646057 CEST8049712218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.060678959 CEST8049712218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.060877085 CEST4971280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.080132008 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.080476999 CEST4971480192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.090831041 CEST4971680192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.371457100 CEST8049712218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.371480942 CEST8049712218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.371576071 CEST4971280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.377074957 CEST4971280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.391532898 CEST8049714218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.391555071 CEST8049714218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.391612053 CEST4971480192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.392617941 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.392635107 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.392688990 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.400141954 CEST4971780192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.401112080 CEST4971880192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.403064966 CEST8049716218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.403141022 CEST4971680192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.408010006 CEST4971680192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.417218924 CEST4971480192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.593852043 CEST4971980192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.687937975 CEST8049712218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.693619013 CEST4972080192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.700239897 CEST4971280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.704737902 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.704775095 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.704874039 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.704885960 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.704968929 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.705015898 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.710956097 CEST4972180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.712040901 CEST8049717218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.712124109 CEST4971780192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.712852955 CEST8049718218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.712908983 CEST4971880192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.720549107 CEST8049716218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.720561981 CEST8049716218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.720663071 CEST4971680192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.728178024 CEST8049714218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.737164974 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.774059057 CEST4971480192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.818027020 CEST4972280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.844991922 CEST4972380192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.905687094 CEST8049719218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:13.905786037 CEST4971980192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:13.914397955 CEST4971980192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.005996943 CEST8049720218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.006081104 CEST4972080192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.007045031 CEST4972080192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.011257887 CEST8049712218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.011277914 CEST8049712218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.011353016 CEST4971280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.024605036 CEST8049721218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.024688959 CEST4972180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.025242090 CEST4972180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.029809952 CEST4972480192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.049288988 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.073468924 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.131412029 CEST8049722218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.131494999 CEST4972280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.132026911 CEST4972280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.156692028 CEST8049723218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.156769991 CEST4972380192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.157305956 CEST4972380192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.268484116 CEST8049719218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.268502951 CEST8049719218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.268578053 CEST4971980192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.301824093 CEST4971980192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.318957090 CEST8049720218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.343089104 CEST8049724218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.343193054 CEST4972480192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.344793081 CEST4434970323.1.237.91192.168.2.5
                                Apr 24, 2024 12:15:14.344888926 CEST49703443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:14.362273932 CEST4972080192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.368053913 CEST8049721218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.387265921 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.387288094 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.387345076 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.387361050 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.387375116 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.387413025 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.423118114 CEST4972180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.445671082 CEST8049722218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.445710897 CEST8049722218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.445761919 CEST4972280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.469535112 CEST8049723218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.469640970 CEST8049723218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.469693899 CEST4972380192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:14.613837957 CEST8049719218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:14.659220934 CEST4971980192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:15.015748024 CEST49726443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:15.015810013 CEST4434972623.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:15.015943050 CEST49726443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:15.018452883 CEST49726443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:15.018476009 CEST4434972623.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:15.357268095 CEST4434972623.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:15.357392073 CEST49726443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:15.372962952 CEST49726443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:15.373012066 CEST4434972623.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:15.373903036 CEST4434972623.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:15.423777103 CEST49726443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:15.594897985 CEST49726443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:15.636135101 CEST4434972623.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:15.756354094 CEST4434972623.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:15.756515026 CEST4434972623.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:15.756599903 CEST49726443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:15.793963909 CEST49726443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:15.794007063 CEST4434972623.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:16.022244930 CEST49727443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:16.022305012 CEST4434972723.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:16.022561073 CEST49727443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:16.023159027 CEST49727443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:16.023173094 CEST4434972723.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:16.353774071 CEST4434972723.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:16.353976011 CEST49727443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:16.355226040 CEST49727443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:16.355257034 CEST4434972723.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:16.356126070 CEST4434972723.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:16.357326031 CEST49727443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:16.404124975 CEST4434972723.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:16.671127081 CEST4434972723.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:16.671303988 CEST4434972723.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:16.672439098 CEST49727443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:16.773534060 CEST49727443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:16.773603916 CEST4434972723.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:16.773669004 CEST49727443192.168.2.523.3.84.131
                                Apr 24, 2024 12:15:16.773689032 CEST4434972723.3.84.131192.168.2.5
                                Apr 24, 2024 12:15:22.672173023 CEST44349710142.250.101.103192.168.2.5
                                Apr 24, 2024 12:15:22.672355890 CEST44349710142.250.101.103192.168.2.5
                                Apr 24, 2024 12:15:22.672612906 CEST49710443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:15:24.503771067 CEST49710443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:15:24.503834963 CEST44349710142.250.101.103192.168.2.5
                                Apr 24, 2024 12:15:24.566226006 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:24.880024910 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:24.914530993 CEST49703443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:24.914987087 CEST49703443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:24.915005922 CEST49730443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:24.915129900 CEST4434973023.1.237.91192.168.2.5
                                Apr 24, 2024 12:15:24.915285110 CEST49730443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:24.915569067 CEST49730443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:24.915606022 CEST4434973023.1.237.91192.168.2.5
                                Apr 24, 2024 12:15:24.928040028 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:25.074321032 CEST4434970323.1.237.91192.168.2.5
                                Apr 24, 2024 12:15:25.075069904 CEST4434970323.1.237.91192.168.2.5
                                Apr 24, 2024 12:15:25.255758047 CEST4434973023.1.237.91192.168.2.5
                                Apr 24, 2024 12:15:25.255933046 CEST49730443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:25.429625034 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:25.744421005 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:25.786381960 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:26.602360964 CEST49730443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:26.602416039 CEST4434973023.1.237.91192.168.2.5
                                Apr 24, 2024 12:15:26.602953911 CEST4434973023.1.237.91192.168.2.5
                                Apr 24, 2024 12:15:26.603032112 CEST49730443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:26.604543924 CEST49730443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:26.604583979 CEST4434973023.1.237.91192.168.2.5
                                Apr 24, 2024 12:15:26.606189013 CEST49730443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:26.606198072 CEST4434973023.1.237.91192.168.2.5
                                Apr 24, 2024 12:15:27.004504919 CEST4434973023.1.237.91192.168.2.5
                                Apr 24, 2024 12:15:27.004641056 CEST49730443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:27.004791975 CEST49730443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:27.004834890 CEST4434973023.1.237.91192.168.2.5
                                Apr 24, 2024 12:15:27.004910946 CEST4434973023.1.237.91192.168.2.5
                                Apr 24, 2024 12:15:27.004941940 CEST49730443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:27.004976988 CEST49730443192.168.2.523.1.237.91
                                Apr 24, 2024 12:15:58.719559908 CEST4971880192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:58.719598055 CEST4971780192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:58.735052109 CEST4971480192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:58.735208035 CEST4971680192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:59.016319990 CEST4971280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:59.031405926 CEST8049718218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:59.031474113 CEST8049717218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:59.045336008 CEST8049714218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:59.046822071 CEST8049716218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:59.326664925 CEST8049712218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:59.328897953 CEST4972080192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:59.344480038 CEST4972480192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:59.375693083 CEST4972180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:59.453809023 CEST4972280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:59.485081911 CEST4972380192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:59.625686884 CEST4971980192.168.2.5218.236.58.151
                                Apr 24, 2024 12:15:59.640748024 CEST8049720218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:59.658881903 CEST8049724218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:59.689102888 CEST8049721218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:59.767380953 CEST8049722218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:59.796886921 CEST8049723218.236.58.151192.168.2.5
                                Apr 24, 2024 12:15:59.937537909 CEST8049719218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:10.752950907 CEST4971180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:11.064888954 CEST8049711218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:12.189201117 CEST49736443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:16:12.189285994 CEST44349736142.250.101.103192.168.2.5
                                Apr 24, 2024 12:16:12.189371109 CEST49736443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:16:12.190068960 CEST49736443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:16:12.190105915 CEST44349736142.250.101.103192.168.2.5
                                Apr 24, 2024 12:16:12.553219080 CEST44349736142.250.101.103192.168.2.5
                                Apr 24, 2024 12:16:12.553683996 CEST49736443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:16:12.553724051 CEST44349736142.250.101.103192.168.2.5
                                Apr 24, 2024 12:16:12.554883957 CEST44349736142.250.101.103192.168.2.5
                                Apr 24, 2024 12:16:12.555437088 CEST49736443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:16:12.555618048 CEST44349736142.250.101.103192.168.2.5
                                Apr 24, 2024 12:16:12.595324039 CEST49736443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:16:14.495584965 CEST4972480192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:14.495827913 CEST4971880192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:14.495913982 CEST4971780192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:14.807867050 CEST8049718218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:14.807897091 CEST8049717218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:14.807912111 CEST8049717218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:14.807954073 CEST8049718218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:14.807975054 CEST4971780192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:14.808001995 CEST4971880192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:14.809037924 CEST8049724218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:14.809154034 CEST8049724218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:14.809251070 CEST4972480192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:18.722373962 CEST8049716218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:18.722456932 CEST4971680192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:18.729639053 CEST8049714218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:18.729718924 CEST4971480192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:19.012840033 CEST8049712218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:19.012907028 CEST4971280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:19.320820093 CEST8049720218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:19.320920944 CEST4972080192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:19.369268894 CEST8049721218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:19.371228933 CEST4972180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:19.447345018 CEST8049722218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:19.447547913 CEST4972280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:19.471184015 CEST8049723218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:19.471277952 CEST4972380192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:19.615156889 CEST8049719218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:19.615247011 CEST4971980192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:20.621582985 CEST4972080192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:20.621654034 CEST4972180192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:20.621675968 CEST4972280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:20.621706963 CEST4972380192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:20.621772051 CEST4971980192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:20.621786118 CEST4971480192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:20.621814966 CEST4971680192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:20.621834040 CEST4971280192.168.2.5218.236.58.151
                                Apr 24, 2024 12:16:20.932847977 CEST8049714218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:20.932900906 CEST8049712218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:20.933659077 CEST8049720218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:20.934212923 CEST8049723218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:20.934252024 CEST8049719218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:20.934429884 CEST8049716218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:20.935477018 CEST8049722218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:20.935678005 CEST8049721218.236.58.151192.168.2.5
                                Apr 24, 2024 12:16:22.591130972 CEST44349736142.250.101.103192.168.2.5
                                Apr 24, 2024 12:16:22.591314077 CEST44349736142.250.101.103192.168.2.5
                                Apr 24, 2024 12:16:22.591367960 CEST49736443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:16:24.490454912 CEST49736443192.168.2.5142.250.101.103
                                Apr 24, 2024 12:16:24.490525961 CEST44349736142.250.101.103192.168.2.5

                                UDP Packets

                                TimestampSource PortDest PortSource IPDest IP
                                Apr 24, 2024 12:15:10.386308908 CEST53562331.1.1.1192.168.2.5
                                Apr 24, 2024 12:15:11.356703043 CEST53559971.1.1.1192.168.2.5
                                Apr 24, 2024 12:15:12.135333061 CEST5527153192.168.2.51.1.1.1
                                Apr 24, 2024 12:15:12.135634899 CEST5912753192.168.2.51.1.1.1
                                Apr 24, 2024 12:15:12.139305115 CEST6407353192.168.2.51.1.1.1
                                Apr 24, 2024 12:15:12.139442921 CEST5680553192.168.2.51.1.1.1
                                Apr 24, 2024 12:15:12.292681932 CEST53568051.1.1.1192.168.2.5
                                Apr 24, 2024 12:15:12.292702913 CEST53640731.1.1.1192.168.2.5
                                Apr 24, 2024 12:15:12.433546066 CEST53591271.1.1.1192.168.2.5
                                Apr 24, 2024 12:15:12.434031010 CEST53552711.1.1.1192.168.2.5
                                Apr 24, 2024 12:15:13.435781956 CEST4984553192.168.2.51.1.1.1
                                Apr 24, 2024 12:15:13.436311960 CEST4937053192.168.2.51.1.1.1
                                Apr 24, 2024 12:15:13.590306997 CEST53498451.1.1.1192.168.2.5
                                Apr 24, 2024 12:15:13.590328932 CEST53493701.1.1.1192.168.2.5
                                Apr 24, 2024 12:15:29.000804901 CEST53543561.1.1.1192.168.2.5
                                Apr 24, 2024 12:15:48.122143984 CEST53513411.1.1.1192.168.2.5
                                Apr 24, 2024 12:16:09.751789093 CEST53595021.1.1.1192.168.2.5
                                Apr 24, 2024 12:16:10.643883944 CEST53583531.1.1.1192.168.2.5

                                DNS Queries

                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                Apr 24, 2024 12:15:12.135333061 CEST192.168.2.51.1.1.10x2d6cStandard query (0)sender-004.cafe24.comA (IP address)IN (0x0001)false
                                Apr 24, 2024 12:15:12.135634899 CEST192.168.2.51.1.1.10x59d1Standard query (0)sender-004.cafe24.com65IN (0x0001)false
                                Apr 24, 2024 12:15:12.139305115 CEST192.168.2.51.1.1.10xa20dStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                Apr 24, 2024 12:15:12.139442921 CEST192.168.2.51.1.1.10x4c33Standard query (0)www.google.com65IN (0x0001)false
                                Apr 24, 2024 12:15:13.435781956 CEST192.168.2.51.1.1.10x1860Standard query (0)sender-004.cafe24.comA (IP address)IN (0x0001)false
                                Apr 24, 2024 12:15:13.436311960 CEST192.168.2.51.1.1.10xa89Standard query (0)sender-004.cafe24.com65IN (0x0001)false

                                DNS Answers

                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                Apr 24, 2024 12:15:12.292681932 CEST1.1.1.1192.168.2.50x4c33No error (0)www.google.com65IN (0x0001)false
                                Apr 24, 2024 12:15:12.292702913 CEST1.1.1.1192.168.2.50xa20dNo error (0)www.google.com142.250.101.103A (IP address)IN (0x0001)false
                                Apr 24, 2024 12:15:12.292702913 CEST1.1.1.1192.168.2.50xa20dNo error (0)www.google.com142.250.101.105A (IP address)IN (0x0001)false
                                Apr 24, 2024 12:15:12.292702913 CEST1.1.1.1192.168.2.50xa20dNo error (0)www.google.com142.250.101.147A (IP address)IN (0x0001)false
                                Apr 24, 2024 12:15:12.292702913 CEST1.1.1.1192.168.2.50xa20dNo error (0)www.google.com142.250.101.99A (IP address)IN (0x0001)false
                                Apr 24, 2024 12:15:12.292702913 CEST1.1.1.1192.168.2.50xa20dNo error (0)www.google.com142.250.101.106A (IP address)IN (0x0001)false
                                Apr 24, 2024 12:15:12.292702913 CEST1.1.1.1192.168.2.50xa20dNo error (0)www.google.com142.250.101.104A (IP address)IN (0x0001)false
                                Apr 24, 2024 12:15:12.434031010 CEST1.1.1.1192.168.2.50x2d6cNo error (0)sender-004.cafe24.com218.236.58.151A (IP address)IN (0x0001)false
                                Apr 24, 2024 12:15:13.590306997 CEST1.1.1.1192.168.2.50x1860No error (0)sender-004.cafe24.com218.236.58.151A (IP address)IN (0x0001)false
                                Apr 24, 2024 12:15:24.495425940 CEST1.1.1.1192.168.2.50xa260No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                Apr 24, 2024 12:15:24.495425940 CEST1.1.1.1192.168.2.50xa260No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                                Apr 24, 2024 12:16:03.218933105 CEST1.1.1.1192.168.2.50xc131No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                Apr 24, 2024 12:16:03.218933105 CEST1.1.1.1192.168.2.50xc131No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                Apr 24, 2024 12:16:22.756535053 CEST1.1.1.1192.168.2.50x4b0No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                Apr 24, 2024 12:16:22.756535053 CEST1.1.1.1192.168.2.50x4b0No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false

                                HTTP Request Dependency Graph

                                • fs.microsoft.com
                                • https:
                                  • www.bing.com
                                • sender-004.cafe24.com

                                HTTP Packets

                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                0192.168.2.549712218.236.58.151806508C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                Apr 24, 2024 12:15:12.746454000 CEST443OUTGET /filter/ HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                Upgrade-Insecure-Requests: 1
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:13.060646057 CEST1289INHTTP/1.1 404 Not Found
                                Server: Resin/2.1.16
                                Cache-Control: no-cache
                                Expires: Thu, 01 Dec 1994 16:00:00 GMT
                                Content-Type: text/html;charset=euc-kr
                                Content-Length: 3709
                                Date: Wed, 24 Apr 2024 10:15:07 GMT
                                Data Raw: 0d 0a 3c 48 54 4d 4c 3e 0d 0a 3c 48 45 41 44 3e 0d 0a 0d 0a 3c 74 69 74 6c 65 3e 54 68 75 6e 64 65 72 4d 61 69 6c 34 2e 35 3c 2f 74 69 74 6c 65 3e 0d 0a 0d 0a 3c 4d 45 54 41 20 68 74 74 70 2d 65 71 75 69 76 3d 43 6f 6e 74 65 6e 74 2d 54 79 70 65 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 6b 73 5f 63 5f 35 36 30 31 2d 31 39 38 37 22 3e 0d 0a 3c 4c 49 4e 4b 20 68 72 65 66 3d 22 2f 63 73 73 2f 62 6f 64 79 2e 63 73 73 22 20 74 79 70 65 3d 74 65 78 74 2f 63 73 73 20 72 65 6c 3d 73 74 79 6c 65 73 68 65 65 74 3e 0d 0a 0d 0a 3c 4d 45 54 41 20 63 6f 6e 74 65 6e 74 3d 22 4d 53 48 54 4d 4c 20 36 2e 30 30 2e 32 38 30 30 2e 31 31 30 36 22 20 6e 61 6d 65 3d 47 45 4e 45 52 41 54 4f 52 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 20 74 65 78 74 3d 23 30 30 30 30 30 30 20 6c 65 66 74 4d 61 72 67 69 6e 3d 30 20 74 6f 70 4d 61 72 67 69 6e 3d 30 20 73 63 72 6f 6c 6c 62 61 72 73 3d 22 6e 6f 22 20 6d 61 72 67 69 6e 68 65 69 67 68 74 3d 22 30 22 20 0d 0a 6d 61 72 67 69 6e 77 69 64 74 68 3d 22 30 22 3e 0d 0a 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 22 31 30 30 25 22 20 62 6f 72 64 65 72 3d 30 3e 0d 0a 20 20 3c 54 42 4f 44 59 3e 0d 0a 20 20 3c 54 52 3e 0d 0a 20 20 20 20 3c 54 44 20 68 65 69 67 68 74 3d 31 30 30 3e 26 6e 62 73 70 3b 3c 2f 54 44 3e 3c 2f 54 52 3e 0d 0a 20 20 3c 54 52 3e 0d 0a 20 20 20 20 3c 54 44 20 61 6c 69 67 6e 3d 6d 69 64 64 6c 65 20 62 61 63 6b 67 72 6f 75 6e 64 3d 2f 69 6d 61 67 65 2f 65 72 72 6f 72 2f 62 67 30 31 2e 67 69 66 20 0d 0a 20 20 68 65 69 67 68 74 3d 35 34 3e 26 6e 62 73 70 3b 3c 2f 54 44 3e 3c 2f 54 52 3e 3c 2f 54 42 4f 44 59 3e 3c 2f 54 41 42 4c 45 3e 0d 0a 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 22 31 30 30 25 22 20 62 6f 72 64 65 72 3d 30 3e 0d 0a 20 20 3c 54 42 4f 44 59 3e 0d 0a 20 20 3c 54 52 3e 0d 0a 20 20 20 20 3c 54 44 20 76 41 6c 69 67 6e 3d 74 6f 70 20 61 6c 69 67 6e 3d 6d 69 64 64 6c 65 20 62 67 43 6f 6c 6f 72 3d 23 66 61 66 61 66 61 3e 0d 0a 20 20 20 20 20 20 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 35 35 30 20 62 6f 72 64 65 72 3d 30 3e 0d 0a 20 20 20 20 20 20 20 20 3c 54 42 4f 44 59 3e 0d 0a 20 20 20 20 20 20 20 20 3c 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 54 44 20 77 69 64 74 68 3d 36 30 30 20 68 65 69 67 68 74 3d 31 30 3e 3c 2f 54 44 3e 3c 2f 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 54 44 20 61 6c 69 67 6e 3d 6d 69 64 64 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 33 36 38 20 62 6f 72 64 65 72 3d 30 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 42 4f 44 59 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 44 20 63 6c 61 73 73 3d 50 44 31 70 78 20 61 6c 69 67 6e 3d 6d 69 64 64 6c 65 20 77 69 64 74 68 3d 35 30 32 20 62 67 43 6f 6c 6f 72 3d 23 65 35 65 34 65 34 3e 3c 21 2d 2d 20 65 72 72 6f 72 20 53
                                Data Ascii: <HTML><HEAD><title>ThunderMail4.5</title><META http-equiv=Content-Type content="text/html; charset=ks_c_5601-1987"><LINK href="/css/body.css" type=text/css rel=stylesheet><META content="MSHTML 6.00.2800.1106" name=GENERATOR></HEAD><BODY text=#000000 leftMargin=0 topMargin=0 scrollbars="no" marginheight="0" marginwidth="0"><TABLE cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <TD height=100>&nbsp;</TD></TR> <TR> <TD align=middle background=/image/error/bg01.gif height=54>&nbsp;</TD></TR></TBODY></TABLE><TABLE cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <TD vAlign=top align=middle bgColor=#fafafa> <TABLE cellSpacing=0 cellPadding=0 width=550 border=0> <TBODY> <TR> <TD width=600 height=10></TD></TR> <TR> <TD align=middle> <TABLE cellSpacing=0 cellPadding=0 width=368 border=0> <TBODY> <TR> <TD class=PD1px align=middle width=502 bgColor=#e5e4e4>... error S
                                Apr 24, 2024 12:15:13.060678959 CEST1289INData Raw: 74 61 72 74 20 2d 2d 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 35 30 30 20 62 67 43 6f 6c 6f 72 3d 23
                                Data Ascii: tart --> <TABLE cellSpacing=0 cellPadding=0 width=500 bgColor=#ffffff border=0> <TBODY> <TR> <TD align=middle height=35>
                                Apr 24, 2024 12:15:13.371457100 CEST1289INData Raw: 3e 26 6e 62 73 70 3b 3c 2f 54 44 3e 3c 2f 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 44
                                Data Ascii: >&nbsp;</TD></TR> <TR> <TD><IMG height=58 src="/image/error/error_adress.gif" width=420 useMap=#Map border=0></TD></TR>
                                Apr 24, 2024 12:15:13.371480942 CEST54INData Raw: 3d 22 6d 61 69 6c 74 6f 3a 74 68 75 6e 64 65 72 6d 61 69 6c 40 62 69 78 6f 6e 2e 63 6f 6d 22 3e 3c 2f 4d 41 50 3e 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                Data Ascii: ="mailto:thundermail@bixon.com"></MAP></BODY></HTML>
                                Apr 24, 2024 12:15:13.377074957 CEST404OUTGET /image/error/line01.gif HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://sender-004.cafe24.com/filter/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:13.687937975 CEST292INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                ETag: "AAAARgqx9xA"
                                Last-Modified: Mon, 18 Feb 2008 04:23:04 GMT
                                Expires: Wed, 24 Apr 2024 10:15:13 GMT
                                Content-Type: image/gif
                                Content-Length: 62
                                Date: Wed, 24 Apr 2024 10:15:07 GMT
                                Data Raw: 47 49 46 38 39 61 01 00 3d 00 91 00 00 9c 9b 9b 9d 9c 9c 9b 9b 9b ff ff ff 21 f9 04 00 00 00 00 00 2c 00 00 00 00 01 00 3d 00 00 02 0f d4 66 78 70 71 09 5f 93 aa ba 71 23 a6 b0 00 00 3b
                                Data Ascii: GIF89a=!,=fxpq_q#;
                                Apr 24, 2024 12:15:13.700239897 CEST409OUTGET /image/error/copyright02.gif HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://sender-004.cafe24.com/filter/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:14.011257887 CEST1289INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                ETag: "AAAARgqx9xA"
                                Last-Modified: Mon, 18 Feb 2008 04:23:04 GMT
                                Expires: Wed, 24 Apr 2024 10:15:13 GMT
                                Content-Type: image/gif
                                Content-Length: 1338
                                Date: Wed, 24 Apr 2024 10:15:07 GMT
                                Data Raw: 47 49 46 38 39 61 f4 01 14 00 e6 00 00 c4 c7 d8 de dc dc fd bb 16 ed eb eb cb bb 8a ea eb f2 fb c6 4c d4 bb 76 a6 ad c7 e6 e5 e4 76 83 ab ff c3 36 ff f1 d9 46 63 93 36 30 30 ac a7 a7 f2 f2 f4 29 54 8a 59 53 53 7b 75 74 ff e8 b8 4b 46 46 3d 5c 92 b6 b4 9f f4 eb d6 ff d3 78 ff db 93 31 58 8c cc ca cb d5 d7 e5 d5 d2 d2 aa ab 96 17 4e 83 8d 97 b6 67 5f 5e 83 7d 7c 76 86 97 6b 64 64 52 4c 4c 89 84 84 5b 6e 9d 97 93 95 a1 9b 9b ff d8 87 9e a5 c2 ff c1 18 be b3 8b b5 b0 b0 ff e1 a8 b1 ad ad ff fb f4 e4 e4 ec f8 f8 fb 71 6a 6b bc b7 b5 c4 c1 c1 13 4c 89 ff fd fa 54 6a 9b ff c2 22 d9 d6 d6 e5 e4 e3 f6 f6 f9 ff f9 ed c2 be be 68 78 a2 70 c1 8b e5 e4 e4 6e 69 69 d1 ce ce e7 e6 e5 e0 de de 87 81 81 8e 88 88 f8 f7 f7 94 8e 8e 9a a2 c0 25 4e 8d ff ce 70 19 4f 84 1a 4c 8b 5e 58 58 ff ec c9 e3 e2 df fc bb 22 6d 7e 8a 89 95 98 ff df a3 e7 e8 ef cd d0 df 5a 66 84 75 70 72 e9 c0 5c dd d7 c4 e7 da b6 ff ca 5e e3 e1 e1 ea c4 6e e9 c7 7c 82 8c af 5d 73 90 9c 9a a0 90 98 bc b4 b8 ce ad b3 cb be c2 d5 ef ee f0 f1 f0 ed ff f5 e6 ff f6 e8 d0 d3 e0 9e a2 93 84 8f 8b 9c 9f 8d f0 c3 5c fd c5 51 fd c7 5c ff c8 52 dd de e8 4f 68 95 be b9 b9 5f 6e 93 fb fb fc 44 3e 3e fb fc fe 8d 8c 91 7d 7d 7d ff ff ff 21 f9 04 00 00 00 00 00 2c 00 00 00 00 f4 01 14 00 00 07 ff 80 09 7f 83 84 85 86 87 88 89 8a 8b 43 8b 8e 8f 90 91 92 93 94 95 96 97 98 99 9a 9b 9c 9d 9e 9f a0 a1 99 09 8d 93 10 67 05 92 6a a9 94 82 a2 af b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 84 09 ae 93 68 0a 58 8b 32 3f 0c 18 2c 76 95 bd ba cb cc cd ce cf d0 d1 d2 93 a4 96 0a 77 6e 89 6c 30 57 14 1f 4c 96 ca d3 e3 e4 e5 e6 e7 e8 e3 bc 96 6a 0d 16 69 87 3f 1a 4e 2b 2e 28 ac ad e9 fa fb fc fd fe ff 89 d6 59 02 10 61 03 82 42 39 32 2c 30 e0 c2 c2 41 4b a5 00 4a 9c 48 b1 a2 45 50 02 2d 85 00 11 21 84 9e 3f 39 56 50 69 71 a0 01 0a 1a 97 22 5e 5c c9 b2 a5 4b 8a d5 2e 41 08 02 02 84 82 35 1a 04 08 90 53 05 0a bc 4b 3d 5e 0a 1d 4a b4 a8 b3 98 84 02 1c f9 d3 83 c7 00 3d 4b 79 04 f8 63 e4 cf 80 01 7f 10 80 c0 61 81 c0 0e 01 06 e0 e0 50 50 48 cd a1 01 4a 14 a9 34 ca b6 ad db b7 c9 ff c4 55 d8 73 82 c8 04 09 12 4e 20 31 51 21 45 85 11 23 96 f8 d0 c1 d1 c5 02 01 0b e2 34 89 50 e6 08 0f 25 45 46 a8 30 c2 a1 47 00 0f 4b 5e 70 50 13 e0 86 11 30 bb 0c f9 19 4d 68 b4 9f 41 a6 4f ff 51 bd 7a b5 69 d4 a8 5f b3 3e 9d 9a b5 6b d2 ad 61 17 12 c2 5b c8 20 df be 7f ff e6 2d bc 78 6c dc b5 73 27 7a ad bc 79 69 e6 aa 53 2b a7 2d fd 39 f2 ea d2 93 df 8e 5e 7a 3b 75 dc 70 c3 37 43 3a c8 81 03 09 26 6e 98 b7 51 e1 c5 88 3d e6 1d f4 61 f1 a4 c9 1b 03 88 5d 6c c0 a1 45 44 09 13 35 9c 20 82 09 25 44 41 c4 16 5b 48 40 04 11 35 44 21 41 14 23 10 a2 d2 6c d3 55 d8 1a 77 b0 d1 26 5a 77 ba 15 42 e1 85 87 04 f7 07 70 c2 05 27 22 70 26 7a c8 a1 85 88 50 68 9b 6d 2b 6a 08 e3 87 ce 55 38 e3 86 38 82 98 61 8e 30 8a e7 63 2d 09 04 55 c8 1e 7b 98 20 c1 04 15 54 30 41 ff 09 e8 4d 60 42 12 0e 6c 61 01 14 24 70 21 00 49 0d e0 d0 00 00 77 39 88 c4 16 4e 26 51 42 09 77 89 70 97 03 49 44 a1 82 84 2a b6 79 21 73 1d 62 f7 e6 77 e0 f5 58 5d 87 bb f5 66 dc 89 84 90 48 a2 75 2f ae 78 48 72 81 0e 0a dd 9c de 09 7a 5c 74 70 42 d7 e8 a1 19 42 5a e3 8f 94 c2 42 de 1f 0f 3c 50 c4 0d 31 70 10 c0 0b 01 a8 10 03 04 78 40 c0 41 1e 38 90 10 86 4e 07 dc 81 c3 13 2c fc
                                Data Ascii: GIF89aLvv6Fc600)TYSS{utKFF=\x1XNg_^}|vkddRLL[nqjkLTj"hxpnii%NpOL^XX"m~Zfupr\^n|]s\Q\ROh_nD>>}}}!,CgjhX2?,vwnl0WLji?N+.(YaB92,0AKJHEP-!?9VPiq"^\K.A5SK=^J=KycaPPHJ4UsN 1Q!E#4P%EF0GK^pP0MhAOQzi_>ka[ -xls'zyiS+-9^z;up7C:&nQ=a]lED5 %DA[H@5D!A#lUw&ZwBp'"p&zPhm+jU88a0c-U{ T0AM`Bla$p!Iw9N&QBwpID*y!sbwX]fHu/xHrz\tpBBZB<P1px@A8N,
                                Apr 24, 2024 12:15:14.011277914 CEST281INData Raw: 61 c3 0b 9d 3e f0 82 07 40 f0 c0 c3 ac 1e 14 f1 c0 12 7b 18 88 d5 20 ca b8 d8 5d 8f 2c ca 78 6c 8c 83 32 1b 62 9f 23 96 b8 67 b4 23 8a 98 ac a2 6e 6a 88 ad 8d dc c6 d9 ec 8e cb d5 f8 a1 b6 37 e2 59 e9 b9 a2 5c 1a 49 16 11 90 21 46 0b 02 64 d0 85
                                Data Ascii: a>@{ ],xl2b#g#nj7Y\I!Fd51/<D!BZ4+9io)Ymmfga'i. o$|WtG(p&,42r$lpA!3t>lH#X_8s!>a(IgV\R$Dl$n
                                Apr 24, 2024 12:15:59.016319990 CEST6OUTData Raw: 00
                                Data Ascii:


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                1192.168.2.549711218.236.58.151806508C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                Apr 24, 2024 12:15:13.080132008 CEST348OUTGET /css/body.css HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: text/css,*/*;q=0.1
                                Referer: http://sender-004.cafe24.com/filter/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:13.392617941 CEST1289INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                ETag: "AAAARgqxYKw"
                                Last-Modified: Mon, 18 Feb 2008 04:20:30 GMT
                                Expires: Wed, 24 Apr 2024 10:15:13 GMT
                                Content-Type: text/css
                                Content-Length: 7438
                                Date: Wed, 24 Apr 2024 10:15:08 GMT
                                Data Raw: 62 6f 64 79 0d 0a 7b 0d 0a 09 46 4f 4e 54 2d 46 41 4d 49 4c 59 3a 20 22 56 65 72 64 61 6e 61 22 2c 20 22 b5 b8 bf f2 22 3b 0d 0a 20 20 20 20 46 4f 4e 54 2d 53 49 5a 45 3a 20 39 70 74 3b 0d 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 25 3b 0d 0a 09 63 6f 6c 6f 72 3a 23 36 36 36 36 36 36 3b 0d 0a 09 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 20 3a 20 74 6f 70 3b 0d 0a 09 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 20 3a 20 30 70 78 3b 0d 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 20 3a 20 30 70 78 3b 0d 0a 09 70 61 64 64 69 6e 67 2d 72 69 67 68 74 20 3a 30 70 78 3b 0d 0a 09 70 61 64 64 69 6e 67 2d 74 6f 70 20 3a 20 30 70 78 3b 0d 0a 09 73 63 72 6f 6c 6c 62 61 72 2d 66 61 63 65 2d 63 6f 6c 6f 72 3a 20 23 46 35 46 35 46 35 3b 0d 0a 20 20 20 20 73 63 72 6f 6c 6c 62 61 72 2d 68 69 67 68 6c 69 67 68 74 2d 63 6f 6c 6f 72 3a 20 23 39 39 39 39 39 39 3b 0d 0a 20 20 20 20 73 63 72 6f 6c 6c 62 61 72 2d 33 64 6c 69 67 68 74 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0d 0a 20 20 20 20 73 63 72 6f 6c 6c 62 61 72 2d 73 68 61 64 6f 77 2d 63 6f 6c 6f 72 3a 20 23 39 39 39 39 39 39 3b 0d 0a 20 20 20 20 73 63 72 6f 6c 6c 62 61 72 2d 64 61 72 6b 73 68 61 64 6f 77 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0d 0a 20 20 20 20 73 63 72 6f 6c 6c 62 61 72 2d 74 72 61 63 6b 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0d 0a 20 20 20 20 73 63 72 6f 6c 6c 62 61 72 2d 61 72 72 6f 77 2d 63 6f 6c 6f 72 3a 20 23 39 39 39 39 39 39 0d 0a 7d 0d 0a 0d 0a 0d 0a 74 61 62 6c 65 2e 69 64 30 31 7b 0d 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 39 70 74 3b 0d 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 32 30 25 3b 0d 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 56 65 72 64 61 6e 61 22 2c 20 22 b5 b8 bf f2 22 3b 0d 0a 09 77 69 64 74 68 20 3a 20 31 30 30 25 3b 0d 0a 09 68 65 69 67 68 74 20 3a 20 31 30 30 25 3b 0d 0a 7d 0d 0a 0d 0a 0d 0a 0d 0a 74 64 7b 0d 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 39 70 74 3b 0d 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 30 25 3b 0d 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 56 65 72 64 61 6e 61 22 2c 20 22 b5 b8 bf f2 22 3b 0d 0a 09 63 6f 6c 6f 72 3a 23 36 36 36 36 36 36 0d 0a 09 7d 0d 0a 0d 0a 2e 74 69 74 6c 65 0d 0a 7b 0d 0a 09 62 6f 72 64 65 72 20 3a 20 30 70 78 3b 0d 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 20 3a 20 23 36 39 36 39 36 39 3b 0d 0a 09 46 4f 4e 54 2d 46 41 4d 49 4c 59 3a 20 22 56 65 72 64 61 6e 61 22 2c 20 22 b5 b8 bf f2 22 3b 0d 0a 09 46 4f 4e 54 2d 53 49 5a 45 3a 20 31 30 70 74 3b 0d 0a 09 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 20 3a 20 6d 69 64 64 6c 65 3b 0d 0a 09 74 65 78 74 2d 61 6c 69 67 6e 20 3a 20 72 69 67 68 74 3b 0d 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 20 3a 20 62 6f 6c 64 3b 0d 0a 09 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 20 3a 20 30 70 78 3b 0d 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 20 3a 20 30 70 78 3b 0d 0a 09 70 61 64 64 69 6e 67 2d 72 69 67 68 74 20 3a 20 30 70 78 3b 0d 0a 09 70 61 64 64 69 6e 67 2d 74 6f 70 20 3a 20 30 70 78 3b 0d 0a 7d 0d 0a 0d 0a 0d 0a 2e 63 61 70 74 69 6f 6e 0d 0a 7b 0d 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 39 70 74 3b 0d 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 34 30 25 3b 0d 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a
                                Data Ascii: body{FONT-FAMILY: "Verdana", ""; FONT-SIZE: 9pt;line-height:150%;color:#666666;vertical-align : top;padding-bottom : 0px;padding-left : 0px;padding-right :0px;padding-top : 0px;scrollbar-face-color: #F5F5F5; scrollbar-highlight-color: #999999; scrollbar-3dlight-color: #FFFFFF; scrollbar-shadow-color: #999999; scrollbar-darkshadow-color: #FFFFFF; scrollbar-track-color: #FFFFFF; scrollbar-arrow-color: #999999}table.id01{font-size: 9pt;line-height: 120%;font-family: "Verdana", "";width : 100%;height : 100%;}td{font-size: 9pt;line-height: 180%;font-family: "Verdana", "";color:#666666}.title{border : 0px;background-color : #696969;FONT-FAMILY: "Verdana", "";FONT-SIZE: 10pt;vertical-align : middle;text-align : right;font-weight : bold;padding-bottom : 0px;padding-left : 0px;padding-right : 0px;padding-top : 0px;}.caption{font-size: 9pt;line-height: 140%;font-family:
                                Apr 24, 2024 12:15:13.392635107 CEST1289INData Raw: 20 22 56 65 72 64 61 6e 61 22 2c 20 22 b5 b8 bf f2 22 3b 0d 0a 09 74 65 78 74 2d 61 6c 69 67 6e 20 3a 20 63 65 6e 74 65 72 3b 0d 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 20 3a 20 62 6f 6c 64 3b 0d 0a 09 63 6f 6c 6f 72 3a 23 33 30 35 35 41 33 3b 0d
                                Data Ascii: "Verdana", "";text-align : center;font-weight : bold;color:#3055A3;}.guide{font-size: 10pt;line-height: 140%;font-family: "Verdana", "";color:#006600;}font{font-size: 9pt;line-height: 160%;
                                Apr 24, 2024 12:15:13.704737902 CEST1289INData Raw: 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 61 66 61 66 61 3b 0d 0a 09 62 6f 72 64 65 72 2d 74 6f 70 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 63 63 63 3b 0d 0a 09 62 6f 72 64 65 72 2d 72 69 67 68 74 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63
                                Data Ascii: und-color:#fafafa;border-top: 1px solid #cccccc;border-right: 1px solid #cccccc;border-bottom: 1px solid #cccccc;border-left: 1px solid #cccccc;FONT-FAMILY: "Verdana", "";}.smsbox{ word-break:break-all;BORDER
                                Apr 24, 2024 12:15:13.704775095 CEST1289INData Raw: 65 6e 75 0d 0a 7b 0d 0a 09 42 4f 52 44 45 52 2d 42 4f 54 54 4f 4d 3a 20 67 72 61 79 20 31 70 78 20 73 6f 6c 69 64 3b 0d 0a 09 42 4f 52 44 45 52 2d 4c 45 46 54 3a 20 67 72 61 79 20 31 70 78 20 73 6f 6c 69 64 3b 0d 0a 09 42 4f 52 44 45 52 2d 52 49
                                Data Ascii: enu{BORDER-BOTTOM: gray 1px solid;BORDER-LEFT: gray 1px solid;BORDER-RIGHT: gray 1px solid; BORDER-TOP: gray 1px solid;COLOR: black;FONT-SIZE: 9pt;PADDING-BOTTOM: 2px;PADDING-LEFT: 2px;PADDING-RIGHT: 2px;PADDI
                                Apr 24, 2024 12:15:13.704885960 CEST1289INData Raw: cf b4 c2 20 63 6c 61 73 73 2e 2e 0d 0a 42 4f 44 59 2c 54 44 2c 53 45 4c 45 43 54 2c 69 6e 70 75 74 2c 44 49 56 2c 66 6f 72 6d 2c 54 45 58 54 41 52 45 41 2c 63 65 6e 74 65 72 2c 6f 70 78 69 6f 6e 2c 70 72 65 2c 62 6c 6f 63 6b 71 75 6f 74 65 0d 0a
                                Data Ascii: class..BODY,TD,SELECT,input,DIV,form,TEXTAREA,center,opxion,pre,blockquote{font-size:12px; font-family:; color:#686868;}/* .txt_top{padding-top:3px;}.height18{height:18px;}.bold{
                                Apr 24, 2024 12:15:13.704968929 CEST1224INData Raw: 2e 6c 5f 68 65 69 67 68 74 32 36 09 09 09 09 09 09 09 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 36 70 78 3b 7d 0d 0a 2e 6c 5f 68 65 69 67 68 74 32 37 09 09 09 09 09 09 09 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 37 70 78 3b 7d 0d 0a 2e 6c 5f 68
                                Data Ascii: .l_height26{line-height:26px;}.l_height27{line-height:27px;}.l_height28{line-height:28px;}/*A:link,A:visited,A:active,A:hover{color:#996666; text-decoration:underline;}/*
                                Apr 24, 2024 12:15:13.737164974 CEST402OUTGET /image/error/bg01.gif HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://sender-004.cafe24.com/filter/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:14.049288988 CEST414INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                ETag: "AAAARgqx9xA"
                                Last-Modified: Mon, 18 Feb 2008 04:23:04 GMT
                                Expires: Wed, 24 Apr 2024 10:15:13 GMT
                                Content-Type: image/gif
                                Content-Length: 183
                                Date: Wed, 24 Apr 2024 10:15:08 GMT
                                Data Raw: 47 49 46 38 39 61 55 00 36 00 91 00 00 f2 f1 f1 b2 db c0 ff ff ff fa fa fa 21 f9 04 00 00 00 00 00 2c 00 00 00 00 55 00 36 00 00 02 88 94 8f a9 cb ed 0f a3 9c b4 da 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a6 ea ca b6 ee 0b c7 f2 4c d7 f6 8d e7 fa ce f7 fe 0f 0c 0a 87 c4 58 e0 88 4c 2a 97 cc a6 f3 09 8d 4a a7 d4 aa d5 0a c8 6a b7 dc ae f7 0b 0e 8b c7 de 81 f9 8c 4e ab d7 ec b6 fb 0d 8f cb e7 f4 ba fd 8e cf eb f7 fc be ff 0f 18 28 38 48 58 68 78 88 98 a8 b8 c8 d8 e8 f8 08 19 29 39 49 59 69 79 89 99 a9 b9 c9 d9 e9 f9 09 1a 2a 3a 4a 5a 5a 5a 00 00 3b
                                Data Ascii: GIF89aU6!,U6HLXL*JjN(8HXhx)9IYiy*:JZZZ;
                                Apr 24, 2024 12:15:14.073468924 CEST393OUTGET /favicon.ico HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://sender-004.cafe24.com/filter/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:14.387265921 CEST1289INHTTP/1.1 404 Not Found
                                Server: Resin/2.1.16
                                Cache-Control: no-cache
                                Expires: Thu, 01 Dec 1994 16:00:00 GMT
                                Content-Type: text/html;charset=euc-kr
                                Content-Length: 3709
                                Date: Wed, 24 Apr 2024 10:15:08 GMT
                                Data Raw: 0d 0a 3c 48 54 4d 4c 3e 0d 0a 3c 48 45 41 44 3e 0d 0a 0d 0a 3c 74 69 74 6c 65 3e 54 68 75 6e 64 65 72 4d 61 69 6c 34 2e 35 3c 2f 74 69 74 6c 65 3e 0d 0a 0d 0a 3c 4d 45 54 41 20 68 74 74 70 2d 65 71 75 69 76 3d 43 6f 6e 74 65 6e 74 2d 54 79 70 65 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 6b 73 5f 63 5f 35 36 30 31 2d 31 39 38 37 22 3e 0d 0a 3c 4c 49 4e 4b 20 68 72 65 66 3d 22 2f 63 73 73 2f 62 6f 64 79 2e 63 73 73 22 20 74 79 70 65 3d 74 65 78 74 2f 63 73 73 20 72 65 6c 3d 73 74 79 6c 65 73 68 65 65 74 3e 0d 0a 0d 0a 3c 4d 45 54 41 20 63 6f 6e 74 65 6e 74 3d 22 4d 53 48 54 4d 4c 20 36 2e 30 30 2e 32 38 30 30 2e 31 31 30 36 22 20 6e 61 6d 65 3d 47 45 4e 45 52 41 54 4f 52 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 20 74 65 78 74 3d 23 30 30 30 30 30 30 20 6c 65 66 74 4d 61 72 67 69 6e 3d 30 20 74 6f 70 4d 61 72 67 69 6e 3d 30 20 73 63 72 6f 6c 6c 62 61 72 73 3d 22 6e 6f 22 20 6d 61 72 67 69 6e 68 65 69 67 68 74 3d 22 30 22 20 0d 0a 6d 61 72 67 69 6e 77 69 64 74 68 3d 22 30 22 3e 0d 0a 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 22 31 30 30 25 22 20 62 6f 72 64 65 72 3d 30 3e 0d 0a 20 20 3c 54 42 4f 44 59 3e 0d 0a 20 20 3c 54 52 3e 0d 0a 20 20 20 20 3c 54 44 20 68 65 69 67 68 74 3d 31 30 30 3e 26 6e 62 73 70 3b 3c 2f 54 44 3e 3c 2f 54 52 3e 0d 0a 20 20 3c 54 52 3e 0d 0a 20 20 20 20 3c 54 44 20 61 6c 69 67 6e 3d 6d 69 64 64 6c 65 20 62 61 63 6b 67 72 6f 75 6e 64 3d 2f 69 6d 61 67 65 2f 65 72 72 6f 72 2f 62 67 30 31 2e 67 69 66 20 0d 0a 20 20 68 65 69 67 68 74 3d 35 34 3e 26 6e 62 73 70 3b 3c 2f 54 44 3e 3c 2f 54 52 3e 3c 2f 54 42 4f 44 59 3e 3c 2f 54 41 42 4c 45 3e 0d 0a 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 22 31 30 30 25 22 20 62 6f 72 64 65 72 3d 30 3e 0d 0a 20 20 3c 54 42 4f 44 59 3e 0d 0a 20 20 3c 54 52 3e 0d 0a 20 20 20 20 3c 54 44 20 76 41 6c 69 67 6e 3d 74 6f 70 20 61 6c 69 67 6e 3d 6d 69 64 64 6c 65 20 62 67 43 6f 6c 6f 72 3d 23 66 61 66 61 66 61 3e 0d 0a 20 20 20 20 20 20 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 35 35 30 20 62 6f 72 64 65 72 3d 30 3e 0d 0a 20 20 20 20 20 20 20 20 3c 54 42 4f 44 59 3e 0d 0a 20 20 20 20 20 20 20 20 3c 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 54 44 20 77 69 64 74 68 3d 36 30 30 20 68 65 69 67 68 74 3d 31 30 3e 3c 2f 54 44 3e 3c 2f 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 54 44 20 61 6c 69 67 6e 3d 6d 69 64 64 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 33 36 38 20 62 6f 72 64 65 72 3d 30 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 42 4f 44 59 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 44 20 63 6c 61 73 73 3d 50 44 31 70 78 20 61 6c 69 67 6e 3d 6d 69 64 64 6c 65 20 77 69 64 74 68 3d 35 30 32 20 62 67 43 6f 6c 6f 72 3d 23 65 35 65 34 65 34 3e 3c 21 2d 2d 20 65 72 72 6f 72 20 53
                                Data Ascii: <HTML><HEAD><title>ThunderMail4.5</title><META http-equiv=Content-Type content="text/html; charset=ks_c_5601-1987"><LINK href="/css/body.css" type=text/css rel=stylesheet><META content="MSHTML 6.00.2800.1106" name=GENERATOR></HEAD><BODY text=#000000 leftMargin=0 topMargin=0 scrollbars="no" marginheight="0" marginwidth="0"><TABLE cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <TD height=100>&nbsp;</TD></TR> <TR> <TD align=middle background=/image/error/bg01.gif height=54>&nbsp;</TD></TR></TBODY></TABLE><TABLE cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <TD vAlign=top align=middle bgColor=#fafafa> <TABLE cellSpacing=0 cellPadding=0 width=550 border=0> <TBODY> <TR> <TD width=600 height=10></TD></TR> <TR> <TD align=middle> <TABLE cellSpacing=0 cellPadding=0 width=368 border=0> <TBODY> <TR> <TD class=PD1px align=middle width=502 bgColor=#e5e4e4>... error S
                                Apr 24, 2024 12:15:14.387288094 CEST1289INData Raw: 74 61 72 74 20 2d 2d 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 41 42 4c 45 20 63 65 6c 6c 53 70 61 63 69 6e 67 3d 30 20 63 65 6c 6c 50 61 64 64 69 6e 67 3d 30 20 77 69 64 74 68 3d 35 30 30 20 62 67 43 6f 6c 6f 72 3d 23
                                Data Ascii: tart --> <TABLE cellSpacing=0 cellPadding=0 width=500 bgColor=#ffffff border=0> <TBODY> <TR> <TD align=middle height=35>
                                Apr 24, 2024 12:15:14.387361050 CEST1289INData Raw: 3e 26 6e 62 73 70 3b 3c 2f 54 44 3e 3c 2f 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 54 44
                                Data Ascii: >&nbsp;</TD></TR> <TR> <TD><IMG height=58 src="/image/error/error_adress.gif" width=420 useMap=#Map border=0></TD></TR>
                                Apr 24, 2024 12:15:14.387375116 CEST54INData Raw: 3d 22 6d 61 69 6c 74 6f 3a 74 68 75 6e 64 65 72 6d 61 69 6c 40 62 69 78 6f 6e 2e 63 6f 6d 22 3e 3c 2f 4d 41 50 3e 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                Data Ascii: ="mailto:thundermail@bixon.com"></MAP></BODY></HTML>
                                Apr 24, 2024 12:15:24.566226006 CEST446OUTGET /index.html HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                Upgrade-Insecure-Requests: 1
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:24.880024910 CEST509INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                ETag: "AAAARgqzRwA"
                                Last-Modified: Mon, 18 Feb 2008 04:28:48 GMT
                                Expires: Wed, 24 Apr 2024 10:15:24 GMT
                                Content-Type: text/html
                                Content-Length: 278
                                Date: Wed, 24 Apr 2024 10:15:19 GMT
                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 54 68 75 6e 64 65 72 4d 61 69 6c 34 2e 35 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 4a 61 76 61 53 63 72 69 70 74 22 3e 0d 0a 3c 21 2d 2d 0d 0a 09 2f 2f 20 c6 e4 c0 cc c1 f6 b8 a6 20 bf c5 b1 e6 20 b6 a7 c0 c7 20 73 75 62 6d 69 74 28 29 3b 0d 0a 09 66 75 6e 63 74 69 6f 6e 20 67 6f 28 29 0d 0a 09 7b 0d 0a 09 09 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 22 2f 6c 6f 67 69 6e 2f 6c 6f 67 69 6e 2e 6a 73 70 22 29 3b 0d 0a 09 7d 0d 0a 2f 2f 2d 2d 3e 0d 0a 3c 2f 73 63 72 69 70 74 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 0d 0a 0d 0a 3c 62 6f 64 79 20 6f 6e 4c 6f 61 64 3d 22 6a 61 76 61 73 63 72 69 70 74 3a 67 6f 28 29 3b 22 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 0d 0a 3c 2f 66 6f 72 6d 3e 0d 0a 0d 0a 3c 2f 68 74 6d 6c 3e
                                Data Ascii: <html><head><title>ThunderMail4.5</title><script language="JavaScript">...// submit();function go(){location.replace("/login/login.jsp");}//--></script></head><body onLoad="javascript:go();"></body></form></html>
                                Apr 24, 2024 12:15:25.429625034 CEST501OUTGET /login/login.jsp HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                Upgrade-Insecure-Requests: 1
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                Referer: http://sender-004.cafe24.com/index.html
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:25.744421005 CEST238INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                Cache-Control: private
                                Set-Cookie: JSESSIONID=aI5DkrQz7nXg; path=/
                                Content-Type: text/html;charset=euc-kr
                                Content-Length: 31
                                Date: Wed, 24 Apr 2024 10:15:19 GMT
                                Data Raw: 0d 0a 0d 0a c7 e3 bf eb b5 c8 20 be c6 c0 cc c7 c7 b0 a1 20 be c6 b4 d5 b4 cf b4 d9 2e 0d 0a
                                Data Ascii: .
                                Apr 24, 2024 12:16:10.752950907 CEST6OUTData Raw: 00
                                Data Ascii:


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                2192.168.2.549714218.236.58.151806508C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                Apr 24, 2024 12:15:13.080476999 CEST403OUTGET /image/error/error.gif HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://sender-004.cafe24.com/filter/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:13.391532898 CEST1289INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                ETag: "AAAARgqx9xA"
                                Last-Modified: Mon, 18 Feb 2008 04:23:04 GMT
                                Expires: Wed, 24 Apr 2024 10:15:13 GMT
                                Content-Type: image/gif
                                Content-Length: 1856
                                Date: Wed, 24 Apr 2024 10:15:08 GMT
                                Data Raw: 47 49 46 38 39 61 34 00 35 00 f7 00 00 f8 f7 f6 f7 f5 f5 f1 ee ec e7 e2 e0 ed 33 2a ea e6 e4 ff fd fd ef eb ea ec 67 4b ee 25 26 ed 1e 25 fd fd fc fb fb fa fe e8 de ec e8 e6 f3 6d 4f f3 f0 ef ee 34 2a f4 f1 f0 eb 96 7c e8 e3 e2 e8 d1 c8 eb e7 e5 ec 57 3e ee ea e9 e6 e0 de ed 40 30 ec 4e 38 f2 ef ee eb 81 65 eb 9c 83 fe e4 d8 ea bd ac f5 89 6b fb be a8 f2 63 47 fa b5 9c f0 52 3a ec 37 2b fd d9 c9 ef 39 2c f6 96 79 ec 5f 44 eb 89 6e fc d3 c2 f8 a1 85 f5 f3 f2 fa f9 f8 fc d2 c0 e9 be ad ea a1 89 f4 7f 61 eb a6 8f f9 a9 8e ff f7 f4 ee 2f 28 e7 de da ed 2d 28 fc d0 be fc cf bd fc cc b9 f6 93 76 f5 85 67 f8 a7 8b eb 74 57 e9 bf af eb 82 66 e9 c4 b6 ea bc ab f9 af 96 ea 9a 80 f0 54 3b f5 8b 6d f0 ed eb f4 7b 5d eb 7d 61 ec 50 39 f7 9b 7e eb 8c 71 eb 78 5c ec 5b 41 ec 6f 53 e9 b9 a8 eb 90 75 ea ae 99 f5 86 68 ee 5d 42 f8 c8 b5 fd d6 c5 e9 c1 b2 e9 ce c3 f1 60 44 f0 9b 80 f3 76 57 ed 7f 63 ec 49 34 fa ed e7 fe ec e4 ee 52 3a ed 20 25 ed 44 31 ec 38 2c ef 42 30 f1 5b 40 eb 7e 62 ea a7 90 ec 79 5c f9 cd bb fb f7 f5 fa cf bd ee 53 3b ec 8d 71 ee 72 56 f6 af 96 ec 96 7c ed 4b 35 f1 82 64 ee 85 69 f0 b9 a5 ec 5e 43 fd db cc ed 95 7a fd e3 d6 f7 ba a4 ea b3 9f fb f5 f2 ff f1 ea fe e7 dd f2 c2 b0 f3 95 79 fb d4 c4 ed 2f 28 ed 34 2a f0 c0 af fa ef eb ed 22 25 f3 a2 88 ed e8 e6 f1 6c 4f ec 26 26 f1 89 6c ed 8d 71 fb f8 f6 ec 7f 62 e8 d5 cd ed 4a 35 ed d7 ce f1 cd bf ef a4 8c f3 b7 a2 ee 5a 40 f2 7a 5c f4 d2 c4 ee 60 45 f7 e4 db ed e9 e8 f5 d8 cb f4 d7 ca ff fb f8 ee 9c 82 ef a9 91 ee 3d 2e f5 a4 8a f4 d0 c2 e9 ba a9 ed 86 6a ec 42 30 ed 8e 72 fd de d0 f6 e2 d9 e9 e4 e3 f0 4c 36 f6 a7 8d f0 7a 5d ed 75 59 eb 65 4a f5 dc d0 ef 73 56 f9 c3 ae ec 71 54 f3 cc bd ff f6 f1 ec 44 32 ee 41 30 f2 c5 b4 ef d6 cb fb f3 ee f3 9e 83 ef 6b 4f f3 89 6c f8 ea e4 f1 cb bc f5 ac 93 f6 ab 92 ee 27 26 f2 91 74 ec 46 33 f7 df d4 f1 be ab ec 74 58 f2 83 66 ed 2c 28 f8 e8 e0 f4 98 7c ec 3d 2e f6 e0 d6 ef b1 9b f3 cd be ed 3b 2d ef 81 64 ee 64 48 ec 6e 51 f7 b3 9b f2 8d 70 ee e9 e8 ec 78 5c e6 e1 df ed 1c 24 ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21 f9 04 00 00 00 00 00 2c 00 00 00 00 34 00 35 00 00 08 ff 00 b5 09 1c 48 b0 a0 40 03 3a 6a 84 78 50 02 45 82 04 28 4a 3c 08 51 43 87 01 83 18 33 6a 24 c8 23 c5 88 6c 20 43 8a 14 39 22 05 8f 8d 28 35 8a 98 11 61 a4 cb 97 11 66 88 48 49 53 db 0e 1f 37 5e ea 7c 79 c3 c7 8e 9a 19 0d fc 38 b2 b3 e8 cb 23 3f 2e 02 1d f8 01 89 4e 02 08 56 d0 88 51 01 07 8e 0a 31 68 ac 40 40 40 27 92 0f 4b b5 9d 50 a2 d3 16 29 6c 68 d3 aa 45 1b 64 0a 94 97 4a 4e 00 3d d1 a5 68 9a b5 78 d3 56 98 70 c1 65 17 b9 29 3f 90 15 a9 a0 8c 48 53 90 06 38 10 20 01 00 83 05 0b 18 00 90 20 c0 c1 00 6c 59 d0 28 18 79 09 ec 46 03 4e 45 6a 98 c0 67 64 a3 00 29 01 08 b0 80 6d 82 86 91 bd 94 66 fc 31 f2 8b 0c b4 51 44 8e e1 54 93 01 87 02 32 be 8c 14 a5 71 07 d1 90 1a 6e a3 1d 72 48 e4 31 47 40 01 1c 90 f1 3a a4 98 35 19 7d 10 9e 90 96 02 87 6a 23 01 85 ff
                                Data Ascii: GIF89a453*gK%&%mO4*|W>@0N8ekcGR:7+9,y_Dna/(-(vgtWfT;m{]}aP9~qx\[AoSuh]B`DvWcI4R: %D18,B0[@~by\S;qrV|K5di^Czy/(4*"%lO&&lqbJ5Z@z\`E=.jB0rL6z]uYeJsVqTD2A0kOl'&tF3tXf,(|=.;-ddHnQpx\$!,45H@:jxPE(J<QC3j$#l C9"(5afHIS7^|y8#?.NVQ1h@@@'KP)lhEdJN=hxVpe)?HS8 lY(yFNEjgd)mf1QDT2qnrH1G@:5}j#
                                Apr 24, 2024 12:15:13.391555071 CEST799INData Raw: e5 20 67 73 c8 68 18 45 e4 0c 89 26 ad 2a 09 da c2 90 11 79 01 4c 58 09 8f 44 e6 a8 64 70 06 fd 2c 68 51 00 9f 40 c1 8c 44 49 58 da 3c d3 57 48 6a a0 36 10 0f 2d 85 c4 1d 5a 1c 14 64 85 48 65 a4 82 20 17 22 11 50 08 41 29 88 04 45 05 68 1d 60 d0
                                Data Ascii: gshE&*yLXDdp,hQ@DIX<WHj6-ZdHe "PA)Eh`#@X\.QHSU2&.#CAP*4MaUH VHe2*"hH+F~!HX"8nDHEPH1`M4H3K&6 ga^XS"6DH
                                Apr 24, 2024 12:15:13.417218924 CEST409OUTGET /image/error/botton_home.gif HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://sender-004.cafe24.com/filter/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:13.728178024 CEST608INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                ETag: "AAAARgqx9xA"
                                Last-Modified: Mon, 18 Feb 2008 04:23:04 GMT
                                Expires: Wed, 24 Apr 2024 10:15:13 GMT
                                Content-Type: image/gif
                                Content-Length: 377
                                Date: Wed, 24 Apr 2024 10:15:08 GMT
                                Data Raw: 47 49 46 38 39 61 2f 00 15 00 c4 00 00 4b 4b 4b 55 55 55 3d 3d 3d 80 80 80 60 60 60 8a 8a 8a e0 e0 e0 ea ea ea b5 b5 b5 d5 d5 d5 aa aa aa 00 00 00 6a 6a 6a a3 a3 a3 c0 c0 c0 95 95 95 a0 a0 a0 75 75 75 ca ca ca da da da ff ff ff f5 f5 f5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21 f9 04 00 00 00 00 00 2c 00 00 00 00 2f 00 15 00 00 05 f6 e0 24 8e 64 69 9e 68 3a 51 2b e5 be 70 2c cf f4 bc ae 55 ae ef 7c ef ff be 49 05 07 2c 1a 8f 42 e2 71 c9 cc 25 29 40 03 42 27 99 36 8d 4f a0 24 a2 83 70 af c5 ec 6f db fd 56 24 0a 03 55 02 91 18 14 92 1d 02 71 d8 89 2b 0d 81 a0 91 23 e7 bc 39 11 04 05 01 0a 39 00 01 03 01 83 01 0e 15 06 04 03 84 8e 4e 43 50 39 02 0b 0b 02 7d 00 9e 9e 5c 09 01 39 09 04 87 71 0c 10 15 0f aa 0a 05 7f 0c 3a 77 99 9b 7d 66 80 10 af 39 01 09 15 00 81 71 10 aa 03 04 11 11 0c bf 95 4a 79 7b b6 65 15 08 03 39 07 00 6a c9 11 c1 aa 05 03 12 dd 71 ca 97 3e 7e 15 80 d4 c1 b1 be c0 e4 aa 0e 04 6a 92 b2 96 5a b7 5f 08 04 01 11 bd e9 15 d8 eb 7f 01 89 ea 80 03 a3 43 0d 93 03 02 e3 29 21 c8 50 61 b8 86 0d ef 40 64 28 71 22 98 24 2a 32 6a d4 58 c1 85 c5 89 21 00 00 3b
                                Data Ascii: GIF89a/KKKUUU===```jjjuuu!,/$dih:Q+p,U|I,Bq%)@B'6O$poV$Uq+#99NCP9}\9q:w}f9qJy{e9jq>~jZ_C)!Pa@d(q"$*2jX!;
                                Apr 24, 2024 12:15:58.735052109 CEST6OUTData Raw: 00
                                Data Ascii:


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                3192.168.2.549716218.236.58.151806508C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                Apr 24, 2024 12:15:13.408010006 CEST410OUTGET /image/error/error_adress.gif HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://sender-004.cafe24.com/filter/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:13.720549107 CEST1289INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                ETag: "AAAATRZ2vFA"
                                Last-Modified: Tue, 20 Dec 2011 05:04:08 GMT
                                Expires: Wed, 24 Apr 2024 10:15:13 GMT
                                Content-Type: image/gif
                                Content-Length: 1680
                                Date: Wed, 24 Apr 2024 10:15:08 GMT
                                Data Raw: 47 49 46 38 39 61 a4 01 32 00 c4 00 00 00 00 00 ff ff ff b4 b2 b2 b3 b1 b1 f5 f5 f5 eb eb eb e0 e0 e0 d6 d6 d6 cc cc cc c2 c2 c2 b8 b8 b8 ad ad ad a3 a3 a3 99 99 99 8f 8f 8f 85 85 85 7a 7a 7a 70 70 70 66 66 66 ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21 f9 04 01 00 00 13 00 2c 00 00 00 00 a4 01 32 00 00 05 ff 60 20 8e 64 69 9e 68 aa ae 6c eb be 70 2c cf 74 6d df 78 ae ef 7c ef ff c0 a0 70 48 2c 1a 8f c8 a4 72 c9 6c 3a 9f d0 a8 74 4a ad 5a af d8 ac 76 cb ed 7a bf e0 b0 78 4c 2e 9b cf e8 b4 7a cd 6e bb df f0 b8 7c 4e af db ef f8 bc 7e cf ef fb ff 80 56 02 53 04 07 04 2c 05 07 53 89 81 8d 8e 24 83 38 0b 0e 94 0e 32 0a 12 06 07 12 8a 2b 98 44 07 0c 94 0c 9d 27 9f 8f a8 80 03 39 0e 0f 07 af 32 06 0a 85 9c 2c a7 41 0c 12 a4 07 0b 11 0c 28 b7 4c a2 a9 c4 4c 91 37 94 24 89 85 06 01 89 05 23 9a 9d 85 b4 a5 22 06 d0 24 b7 9a d9 cb 07 cd cf 24 af dd 86 b0 22 0a 11 d8 0a eb 08 11 0a 23 89 8a 98 85 d6 dc e2 07 d9 d4 b0 cc 25 06 d8 df f7 0e 19 78 e0 ea 50 b1 83 45 56 e1 48 36 02 53 84 07 12 1c 48 80 20 01 41 80 06 11 25 3c 08 b0 e9 55 2d 12 11 4b 9c 92 08 71 41 00 87 10 25 ff 52 b4 78 20 02 84 92 27 25 44 90 68 29 80 bb 02 11 1a 40 e4 05 41 04 46 07 11 0e 38 24 29 82 a4 04 93 2d 5f 1e e5 28 13 e2 03 97 4b 47 00 7d 28 e1 5d 01 08 50 11 f4 9a d9 0c a1 d7 20 c7 6c 00 a5 64 12 53 82 00 12 cf 42 68 10 20 01 b4 04 9c 3a 76 ec 97 ad a1 84 98 cd 30 15 30 8b 56 82 5a b6 33 0f 61 12 5a 15 af 01 09 05 18 6c dc a4 e9 2e df 73 85 31 c9 ca 14 13 a7 03 c1 71 75 c5 fc c5 20 02 09 89 cd 80 5e 84 70 c8 41 4f 86 5f 53 fb 50 88 cc 15 c0 53 23 2d 1d d0 29 21 b3 47 6b c0 ee 8e 6d c5 09 f6 5d b4 0e 36 59 0c 40 a0 ea 29 b9 ba df 21 b8 bb 1c ed 46 bb 22 3a ee de 59 51 44 71 05 73 e7 06 63 f8 69 22 25 8a c0 55 8b e7 11 b6 06 ea 98 90 8b 3a 28 20 a1 c1 81 e5 b7 e7 7a d2 0d e1 d5 2b 02 be d5 0b b7 6e fc 37 f2 02 0e fc 82 11 01 0d b0 d5 8a 36 fe 71 62 9a ff 7d ef 55 47 5c 55 d9 d5 b2 5d 4d dd b9 67 5f 78 e3 65 78 03 6b 62 d5 94 1e 7a c0 ed 87 51 7c 1f 45 53 57 7a 0b 50 46 c0 59 f9 01 47 40 60 78 1d 57 8b 3b cb 11 34 51 3a 78 41 c7 14 2f 2a 26 f0 e2 65 78 45 28 cf 5d 05 84 46 e1 5d 0f 90 16 80 26 ce 69 e8 24 0d e5 d1 b0 9b 03 93 7d 48 09 01 4f 3d 65 9b 7c 23 84 84 20 71 29 e5 04 62 6c 6d b9 04 d1 3b 32 0e 99 80 26 04 2c 63 5d 98 84 45 c7 09 96 11 89 99 80 99 85 09 89 9e 44 18 7e 62 40 04 33 45 36 11 6e 4f 46 51 48 01 67 01 c3 82 5b 24 30 ea 4c a2 24 d0 c3 e0 89 25 1c 00 69 11 d2 dc c7 88 33 9d f8 13 5d 39 04 50 43 0d 5d 25 6c ba 24 40 9c 8a b0 a9 a7 c4 dd a7 ea 34 86 40 f6 c0 3a e7 9d 0a 0e ac 06 69 d2 55 ab b1 b6 7a c8 a8 8c 14 b9 64 57 a6 8e 33 82 39 85 42 a1 80 03 ef 48 77 ce 3a 0a 24 fa 5b 3f 26 15 a5 48 ff 3c b3 da e7 e1 b1 33 55 02 c1 3b d1 35 e0 c0 02 82 6d eb e4 5e eb 38 9a ac 57 0a b8 92 ad 82 cf 2a 30 4c 00 d3 8a e3 61 70 6d 55 52 c9 01 e6 72 b4 ed 3a aa 42 a8 d3 49 fd ae 6b b0 57 0e 58 84 40 70 f0 da 2b 42 bd 23 2c 2c 55 27 08 50 a4 4b 21 05 89 e3 da 2b 0c 80 2b 6f 97 b2 14 7c f0 c8 a9 d4 72 00 04 b9 f0 1b af 28 8d 9d 90 a2 41 cc 2a e2 8e 33 df b6 44 25 09 06 e8 4b 49 a2 cb f2 17 32 c9 40 1f 14 14 47 be 34 ac 4b ba 93 40 4c 9c 4b e0 b6 62 c9 5a 96 46 90 80 ca 38 33 68 f5
                                Data Ascii: GIF89a2zzzpppfff!,2` dihlp,tmx|pH,rl:tJZvzxL.zn|N~VS,S$82+D'92,A(LL7$#"$$"#%xPEVH6SH A%<U-KqA%Rx '%Dh)@AF8$)-_(KG}(]P ldSBh :v00VZ3aZl.s1qu ^pAO_SPS#-)!Gkm]6Y@)!F":YQDqsci"%U:( z+n76qb}UG\U]Mg_xexkbzQ|ESWzPFYG@`xW;4Q:xA/*&exE(]F]&i$}HO=e|# q)blm;2&,c]ED~b@3E6nOFQHg[$0L$%i3]9PC]%l$@4@:iUzdW39BHw:$[?&H<3U;5m^8W*0LapmURr:BIkWX@p+B#,,U'PK!++o|r(A*3D%KI2@G4K@LKbZF83h
                                Apr 24, 2024 12:15:13.720561981 CEST623INData Raw: d2 cc a2 4c 70 d0 5c a3 e2 c0 59 09 30 4c 75 89 0f 9b 50 e0 61 16 e1 eb 8c 28 5f fb 5b c2 24 94 3c a5 af 75 e9 9e 23 72 d7 78 e7 d1 0e 3a 08 38 4b 6f 29 cd 40 dc 40 04 87 c0 b5 70 29 08 40 54 5b c2 26 18 80 d4 dd 0d 41 9e f7 e4 74 08 c5 92 d1 b5
                                Data Ascii: Lp\Y0LuPa(_[$<u#rx:8Ko)@@p)@T[&Atdj4q@R~7T}Ozn%^3A`>[/o>$GzsD9dPk0),pD;4+/"9D
                                Apr 24, 2024 12:15:58.735208035 CEST6OUTData Raw: 00
                                Data Ascii:


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                4192.168.2.549719218.236.58.151806508C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                Apr 24, 2024 12:15:13.914397955 CEST295OUTGET /image/error/error.gif HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: */*
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:14.268484116 CEST1289INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                ETag: "AAAARgqx9xA"
                                Last-Modified: Mon, 18 Feb 2008 04:23:04 GMT
                                Expires: Wed, 24 Apr 2024 10:15:14 GMT
                                Content-Type: image/gif
                                Content-Length: 1856
                                Date: Wed, 24 Apr 2024 10:15:09 GMT
                                Data Raw: 47 49 46 38 39 61 34 00 35 00 f7 00 00 f8 f7 f6 f7 f5 f5 f1 ee ec e7 e2 e0 ed 33 2a ea e6 e4 ff fd fd ef eb ea ec 67 4b ee 25 26 ed 1e 25 fd fd fc fb fb fa fe e8 de ec e8 e6 f3 6d 4f f3 f0 ef ee 34 2a f4 f1 f0 eb 96 7c e8 e3 e2 e8 d1 c8 eb e7 e5 ec 57 3e ee ea e9 e6 e0 de ed 40 30 ec 4e 38 f2 ef ee eb 81 65 eb 9c 83 fe e4 d8 ea bd ac f5 89 6b fb be a8 f2 63 47 fa b5 9c f0 52 3a ec 37 2b fd d9 c9 ef 39 2c f6 96 79 ec 5f 44 eb 89 6e fc d3 c2 f8 a1 85 f5 f3 f2 fa f9 f8 fc d2 c0 e9 be ad ea a1 89 f4 7f 61 eb a6 8f f9 a9 8e ff f7 f4 ee 2f 28 e7 de da ed 2d 28 fc d0 be fc cf bd fc cc b9 f6 93 76 f5 85 67 f8 a7 8b eb 74 57 e9 bf af eb 82 66 e9 c4 b6 ea bc ab f9 af 96 ea 9a 80 f0 54 3b f5 8b 6d f0 ed eb f4 7b 5d eb 7d 61 ec 50 39 f7 9b 7e eb 8c 71 eb 78 5c ec 5b 41 ec 6f 53 e9 b9 a8 eb 90 75 ea ae 99 f5 86 68 ee 5d 42 f8 c8 b5 fd d6 c5 e9 c1 b2 e9 ce c3 f1 60 44 f0 9b 80 f3 76 57 ed 7f 63 ec 49 34 fa ed e7 fe ec e4 ee 52 3a ed 20 25 ed 44 31 ec 38 2c ef 42 30 f1 5b 40 eb 7e 62 ea a7 90 ec 79 5c f9 cd bb fb f7 f5 fa cf bd ee 53 3b ec 8d 71 ee 72 56 f6 af 96 ec 96 7c ed 4b 35 f1 82 64 ee 85 69 f0 b9 a5 ec 5e 43 fd db cc ed 95 7a fd e3 d6 f7 ba a4 ea b3 9f fb f5 f2 ff f1 ea fe e7 dd f2 c2 b0 f3 95 79 fb d4 c4 ed 2f 28 ed 34 2a f0 c0 af fa ef eb ed 22 25 f3 a2 88 ed e8 e6 f1 6c 4f ec 26 26 f1 89 6c ed 8d 71 fb f8 f6 ec 7f 62 e8 d5 cd ed 4a 35 ed d7 ce f1 cd bf ef a4 8c f3 b7 a2 ee 5a 40 f2 7a 5c f4 d2 c4 ee 60 45 f7 e4 db ed e9 e8 f5 d8 cb f4 d7 ca ff fb f8 ee 9c 82 ef a9 91 ee 3d 2e f5 a4 8a f4 d0 c2 e9 ba a9 ed 86 6a ec 42 30 ed 8e 72 fd de d0 f6 e2 d9 e9 e4 e3 f0 4c 36 f6 a7 8d f0 7a 5d ed 75 59 eb 65 4a f5 dc d0 ef 73 56 f9 c3 ae ec 71 54 f3 cc bd ff f6 f1 ec 44 32 ee 41 30 f2 c5 b4 ef d6 cb fb f3 ee f3 9e 83 ef 6b 4f f3 89 6c f8 ea e4 f1 cb bc f5 ac 93 f6 ab 92 ee 27 26 f2 91 74 ec 46 33 f7 df d4 f1 be ab ec 74 58 f2 83 66 ed 2c 28 f8 e8 e0 f4 98 7c ec 3d 2e f6 e0 d6 ef b1 9b f3 cd be ed 3b 2d ef 81 64 ee 64 48 ec 6e 51 f7 b3 9b f2 8d 70 ee e9 e8 ec 78 5c e6 e1 df ed 1c 24 ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21 f9 04 00 00 00 00 00 2c 00 00 00 00 34 00 35 00 00 08 ff 00 b5 09 1c 48 b0 a0 40 03 3a 6a 84 78 50 02 45 82 04 28 4a 3c 08 51 43 87 01 83 18 33 6a 24 c8 23 c5 88 6c 20 43 8a 14 39 22 05 8f 8d 28 35 8a 98 11 61 a4 cb 97 11 66 88 48 49 53 db 0e 1f 37 5e ea 7c 79 c3 c7 8e 9a 19 0d fc 38 b2 b3 e8 cb 23 3f 2e 02 1d f8 01 89 4e 02 08 56 d0 88 51 01 07 8e 0a 31 68 ac 40 40 40 27 92 0f 4b b5 9d 50 a2 d3 16 29 6c 68 d3 aa 45 1b 64 0a 94 97 4a 4e 00 3d d1 a5 68 9a b5 78 d3 56 98 70 c1 65 17 b9 29 3f 90 15 a9 a0 8c 48 53 90 06 38 10 20 01 00 83 05 0b 18 00 90 20 c0 c1 00 6c 59 d0 28 18 79 09 ec 46 03 4e 45 6a 98 c0 67 64 a3 00 29 01 08 b0 80 6d 82 86 91 bd 94 66 fc 31 f2 8b 0c b4 51 44 8e e1 54 93 01 87 02 32 be 8c 14 a5 71 07 d1 90 1a 6e a3 1d 72 48 e4 31 47 40 01 1c 90 f1 3a a4 98 35 19 7d 10 9e 90 96 02 87 6a 23 01 85 ff
                                Data Ascii: GIF89a453*gK%&%mO4*|W>@0N8ekcGR:7+9,y_Dna/(-(vgtWfT;m{]}aP9~qx\[AoSuh]B`DvWcI4R: %D18,B0[@~by\S;qrV|K5di^Czy/(4*"%lO&&lqbJ5Z@z\`E=.jB0rL6z]uYeJsVqTD2A0kOl'&tF3tXf,(|=.;-ddHnQpx\$!,45H@:jxPE(J<QC3j$#l C9"(5afHIS7^|y8#?.NVQ1h@@@'KP)lhEdJN=hxVpe)?HS8 lY(yFNEjgd)mf1QDT2qnrH1G@:5}j#
                                Apr 24, 2024 12:15:14.268502951 CEST799INData Raw: e5 20 67 73 c8 68 18 45 e4 0c 89 26 ad 2a 09 da c2 90 11 79 01 4c 58 09 8f 44 e6 a8 64 70 06 fd 2c 68 51 00 9f 40 c1 8c 44 49 58 da 3c d3 57 48 6a a0 36 10 0f 2d 85 c4 1d 5a 1c 14 64 85 48 65 a4 82 20 17 22 11 50 08 41 29 88 04 45 05 68 1d 60 d0
                                Data Ascii: gshE&*yLXDdp,hQ@DIX<WHj6-ZdHe "PA)Eh`#@X\.QHSU2&.#CAP*4MaUH VHe2*"hH+F~!HX"8nDHEPH1`M4H3K&6 ga^XS"6DH
                                Apr 24, 2024 12:15:14.301824093 CEST294OUTGET /image/error/bg01.gif HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: */*
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:14.613837957 CEST414INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                ETag: "AAAARgqx9xA"
                                Last-Modified: Mon, 18 Feb 2008 04:23:04 GMT
                                Expires: Wed, 24 Apr 2024 10:15:14 GMT
                                Content-Type: image/gif
                                Content-Length: 183
                                Date: Wed, 24 Apr 2024 10:15:09 GMT
                                Data Raw: 47 49 46 38 39 61 55 00 36 00 91 00 00 f2 f1 f1 b2 db c0 ff ff ff fa fa fa 21 f9 04 00 00 00 00 00 2c 00 00 00 00 55 00 36 00 00 02 88 94 8f a9 cb ed 0f a3 9c b4 da 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a6 ea ca b6 ee 0b c7 f2 4c d7 f6 8d e7 fa ce f7 fe 0f 0c 0a 87 c4 58 e0 88 4c 2a 97 cc a6 f3 09 8d 4a a7 d4 aa d5 0a c8 6a b7 dc ae f7 0b 0e 8b c7 de 81 f9 8c 4e ab d7 ec b6 fb 0d 8f cb e7 f4 ba fd 8e cf eb f7 fc be ff 0f 18 28 38 48 58 68 78 88 98 a8 b8 c8 d8 e8 f8 08 19 29 39 49 59 69 79 89 99 a9 b9 c9 d9 e9 f9 09 1a 2a 3a 4a 5a 5a 5a 00 00 3b
                                Data Ascii: GIF89aU6!,U6HLXL*JjN(8HXhx)9IYiy*:JZZZ;
                                Apr 24, 2024 12:15:59.625686884 CEST6OUTData Raw: 00
                                Data Ascii:


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                5192.168.2.549720218.236.58.151806508C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                Apr 24, 2024 12:15:14.007045031 CEST296OUTGET /image/error/line01.gif HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: */*
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:14.318957090 CEST292INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                ETag: "AAAARgqx9xA"
                                Last-Modified: Mon, 18 Feb 2008 04:23:04 GMT
                                Expires: Wed, 24 Apr 2024 10:15:14 GMT
                                Content-Type: image/gif
                                Content-Length: 62
                                Date: Wed, 24 Apr 2024 10:15:09 GMT
                                Data Raw: 47 49 46 38 39 61 01 00 3d 00 91 00 00 9c 9b 9b 9d 9c 9c 9b 9b 9b ff ff ff 21 f9 04 00 00 00 00 00 2c 00 00 00 00 01 00 3d 00 00 02 0f d4 66 78 70 71 09 5f 93 aa ba 71 23 a6 b0 00 00 3b
                                Data Ascii: GIF89a=!,=fxpq_q#;
                                Apr 24, 2024 12:15:59.328897953 CEST6OUTData Raw: 00
                                Data Ascii:


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                6192.168.2.549721218.236.58.151806508C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                Apr 24, 2024 12:15:14.025242090 CEST301OUTGET /image/error/botton_home.gif HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: */*
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:14.368053913 CEST608INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                ETag: "AAAARgqx9xA"
                                Last-Modified: Mon, 18 Feb 2008 04:23:04 GMT
                                Expires: Wed, 24 Apr 2024 10:15:14 GMT
                                Content-Type: image/gif
                                Content-Length: 377
                                Date: Wed, 24 Apr 2024 10:15:09 GMT
                                Data Raw: 47 49 46 38 39 61 2f 00 15 00 c4 00 00 4b 4b 4b 55 55 55 3d 3d 3d 80 80 80 60 60 60 8a 8a 8a e0 e0 e0 ea ea ea b5 b5 b5 d5 d5 d5 aa aa aa 00 00 00 6a 6a 6a a3 a3 a3 c0 c0 c0 95 95 95 a0 a0 a0 75 75 75 ca ca ca da da da ff ff ff f5 f5 f5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21 f9 04 00 00 00 00 00 2c 00 00 00 00 2f 00 15 00 00 05 f6 e0 24 8e 64 69 9e 68 3a 51 2b e5 be 70 2c cf f4 bc ae 55 ae ef 7c ef ff be 49 05 07 2c 1a 8f 42 e2 71 c9 cc 25 29 40 03 42 27 99 36 8d 4f a0 24 a2 83 70 af c5 ec 6f db fd 56 24 0a 03 55 02 91 18 14 92 1d 02 71 d8 89 2b 0d 81 a0 91 23 e7 bc 39 11 04 05 01 0a 39 00 01 03 01 83 01 0e 15 06 04 03 84 8e 4e 43 50 39 02 0b 0b 02 7d 00 9e 9e 5c 09 01 39 09 04 87 71 0c 10 15 0f aa 0a 05 7f 0c 3a 77 99 9b 7d 66 80 10 af 39 01 09 15 00 81 71 10 aa 03 04 11 11 0c bf 95 4a 79 7b b6 65 15 08 03 39 07 00 6a c9 11 c1 aa 05 03 12 dd 71 ca 97 3e 7e 15 80 d4 c1 b1 be c0 e4 aa 0e 04 6a 92 b2 96 5a b7 5f 08 04 01 11 bd e9 15 d8 eb 7f 01 89 ea 80 03 a3 43 0d 93 03 02 e3 29 21 c8 50 61 b8 86 0d ef 40 64 28 71 22 98 24 2a 32 6a d4 58 c1 85 c5 89 21 00 00 3b
                                Data Ascii: GIF89a/KKKUUU===```jjjuuu!,/$dih:Q+p,U|I,Bq%)@B'6O$poV$Uq+#99NCP9}\9q:w}f9qJy{e9jq>~jZ_C)!Pa@d(q"$*2jX!;
                                Apr 24, 2024 12:15:59.375693083 CEST6OUTData Raw: 00
                                Data Ascii:


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                7192.168.2.549722218.236.58.151806508C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                Apr 24, 2024 12:15:14.132026911 CEST302OUTGET /image/error/error_adress.gif HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: */*
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:14.445671082 CEST1289INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                ETag: "AAAATRZ2vFA"
                                Last-Modified: Tue, 20 Dec 2011 05:04:08 GMT
                                Expires: Wed, 24 Apr 2024 10:15:14 GMT
                                Content-Type: image/gif
                                Content-Length: 1680
                                Date: Wed, 24 Apr 2024 10:15:09 GMT
                                Data Raw: 47 49 46 38 39 61 a4 01 32 00 c4 00 00 00 00 00 ff ff ff b4 b2 b2 b3 b1 b1 f5 f5 f5 eb eb eb e0 e0 e0 d6 d6 d6 cc cc cc c2 c2 c2 b8 b8 b8 ad ad ad a3 a3 a3 99 99 99 8f 8f 8f 85 85 85 7a 7a 7a 70 70 70 66 66 66 ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21 f9 04 01 00 00 13 00 2c 00 00 00 00 a4 01 32 00 00 05 ff 60 20 8e 64 69 9e 68 aa ae 6c eb be 70 2c cf 74 6d df 78 ae ef 7c ef ff c0 a0 70 48 2c 1a 8f c8 a4 72 c9 6c 3a 9f d0 a8 74 4a ad 5a af d8 ac 76 cb ed 7a bf e0 b0 78 4c 2e 9b cf e8 b4 7a cd 6e bb df f0 b8 7c 4e af db ef f8 bc 7e cf ef fb ff 80 56 02 53 04 07 04 2c 05 07 53 89 81 8d 8e 24 83 38 0b 0e 94 0e 32 0a 12 06 07 12 8a 2b 98 44 07 0c 94 0c 9d 27 9f 8f a8 80 03 39 0e 0f 07 af 32 06 0a 85 9c 2c a7 41 0c 12 a4 07 0b 11 0c 28 b7 4c a2 a9 c4 4c 91 37 94 24 89 85 06 01 89 05 23 9a 9d 85 b4 a5 22 06 d0 24 b7 9a d9 cb 07 cd cf 24 af dd 86 b0 22 0a 11 d8 0a eb 08 11 0a 23 89 8a 98 85 d6 dc e2 07 d9 d4 b0 cc 25 06 d8 df f7 0e 19 78 e0 ea 50 b1 83 45 56 e1 48 36 02 53 84 07 12 1c 48 80 20 01 41 80 06 11 25 3c 08 b0 e9 55 2d 12 11 4b 9c 92 08 71 41 00 87 10 25 ff 52 b4 78 20 02 84 92 27 25 44 90 68 29 80 bb 02 11 1a 40 e4 05 41 04 46 07 11 0e 38 24 29 82 a4 04 93 2d 5f 1e e5 28 13 e2 03 97 4b 47 00 7d 28 e1 5d 01 08 50 11 f4 9a d9 0c a1 d7 20 c7 6c 00 a5 64 12 53 82 00 12 cf 42 68 10 20 01 b4 04 9c 3a 76 ec 97 ad a1 84 98 cd 30 15 30 8b 56 82 5a b6 33 0f 61 12 5a 15 af 01 09 05 18 6c dc a4 e9 2e df 73 85 31 c9 ca 14 13 a7 03 c1 71 75 c5 fc c5 20 02 09 89 cd 80 5e 84 70 c8 41 4f 86 5f 53 fb 50 88 cc 15 c0 53 23 2d 1d d0 29 21 b3 47 6b c0 ee 8e 6d c5 09 f6 5d b4 0e 36 59 0c 40 a0 ea 29 b9 ba df 21 b8 bb 1c ed 46 bb 22 3a ee de 59 51 44 71 05 73 e7 06 63 f8 69 22 25 8a c0 55 8b e7 11 b6 06 ea 98 90 8b 3a 28 20 a1 c1 81 e5 b7 e7 7a d2 0d e1 d5 2b 02 be d5 0b b7 6e fc 37 f2 02 0e fc 82 11 01 0d b0 d5 8a 36 fe 71 62 9a ff 7d ef 55 47 5c 55 d9 d5 b2 5d 4d dd b9 67 5f 78 e3 65 78 03 6b 62 d5 94 1e 7a c0 ed 87 51 7c 1f 45 53 57 7a 0b 50 46 c0 59 f9 01 47 40 60 78 1d 57 8b 3b cb 11 34 51 3a 78 41 c7 14 2f 2a 26 f0 e2 65 78 45 28 cf 5d 05 84 46 e1 5d 0f 90 16 80 26 ce 69 e8 24 0d e5 d1 b0 9b 03 93 7d 48 09 01 4f 3d 65 9b 7c 23 84 84 20 71 29 e5 04 62 6c 6d b9 04 d1 3b 32 0e 99 80 26 04 2c 63 5d 98 84 45 c7 09 96 11 89 99 80 99 85 09 89 9e 44 18 7e 62 40 04 33 45 36 11 6e 4f 46 51 48 01 67 01 c3 82 5b 24 30 ea 4c a2 24 d0 c3 e0 89 25 1c 00 69 11 d2 dc c7 88 33 9d f8 13 5d 39 04 50 43 0d 5d 25 6c ba 24 40 9c 8a b0 a9 a7 c4 dd a7 ea 34 86 40 f6 c0 3a e7 9d 0a 0e ac 06 69 d2 55 ab b1 b6 7a c8 a8 8c 14 b9 64 57 a6 8e 33 82 39 85 42 a1 80 03 ef 48 77 ce 3a 0a 24 fa 5b 3f 26 15 a5 48 ff 3c b3 da e7 e1 b1 33 55 02 c1 3b d1 35 e0 c0 02 82 6d eb e4 5e eb 38 9a ac 57 0a b8 92 ad 82 cf 2a 30 4c 00 d3 8a e3 61 70 6d 55 52 c9 01 e6 72 b4 ed 3a aa 42 a8 d3 49 fd ae 6b b0 57 0e 58 84 40 70 f0 da 2b 42 bd 23 2c 2c 55 27 08 50 a4 4b 21 05 89 e3 da 2b 0c 80 2b 6f 97 b2 14 7c f0 c8 a9 d4 72 00 04 b9 f0 1b af 28 8d 9d 90 a2 41 cc 2a e2 8e 33 df b6 44 25 09 06 e8 4b 49 a2 cb f2 17 32 c9 40 1f 14 14 47 be 34 ac 4b ba 93 40 4c 9c 4b e0 b6 62 c9 5a 96 46 90 80 ca 38 33 68 f5
                                Data Ascii: GIF89a2zzzpppfff!,2` dihlp,tmx|pH,rl:tJZvzxL.zn|N~VS,S$82+D'92,A(LL7$#"$$"#%xPEVH6SH A%<U-KqA%Rx '%Dh)@AF8$)-_(KG}(]P ldSBh :v00VZ3aZl.s1qu ^pAO_SPS#-)!Gkm]6Y@)!F":YQDqsci"%U:( z+n76qb}UG\U]Mg_xexkbzQ|ESWzPFYG@`xW;4Q:xA/*&exE(]F]&i$}HO=e|# q)blm;2&,c]ED~b@3E6nOFQHg[$0L$%i3]9PC]%l$@4@:iUzdW39BHw:$[?&H<3U;5m^8W*0LapmURr:BIkWX@p+B#,,U'PK!++o|r(A*3D%KI2@G4K@LKbZF83h
                                Apr 24, 2024 12:15:14.445710897 CEST623INData Raw: d2 cc a2 4c 70 d0 5c a3 e2 c0 59 09 30 4c 75 89 0f 9b 50 e0 61 16 e1 eb 8c 28 5f fb 5b c2 24 94 3c a5 af 75 e9 9e 23 72 d7 78 e7 d1 0e 3a 08 38 4b 6f 29 cd 40 dc 40 04 87 c0 b5 70 29 08 40 54 5b c2 26 18 80 d4 dd 0d 41 9e f7 e4 74 08 c5 92 d1 b5
                                Data Ascii: Lp\Y0LuPa(_[$<u#rx:8Ko)@@p)@T[&Atdj4q@R~7T}Ozn%^3A`>[/o>$GzsD9dPk0),pD;4+/"9D
                                Apr 24, 2024 12:15:59.453809023 CEST6OUTData Raw: 00
                                Data Ascii:


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                8192.168.2.549723218.236.58.151806508C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                Apr 24, 2024 12:15:14.157305956 CEST301OUTGET /image/error/copyright02.gif HTTP/1.1
                                Host: sender-004.cafe24.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: */*
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Apr 24, 2024 12:15:14.469535112 CEST1289INHTTP/1.1 200 OK
                                Server: Resin/2.1.16
                                ETag: "AAAARgqx9xA"
                                Last-Modified: Mon, 18 Feb 2008 04:23:04 GMT
                                Expires: Wed, 24 Apr 2024 10:15:14 GMT
                                Content-Type: image/gif
                                Content-Length: 1338
                                Date: Wed, 24 Apr 2024 10:15:09 GMT
                                Data Raw: 47 49 46 38 39 61 f4 01 14 00 e6 00 00 c4 c7 d8 de dc dc fd bb 16 ed eb eb cb bb 8a ea eb f2 fb c6 4c d4 bb 76 a6 ad c7 e6 e5 e4 76 83 ab ff c3 36 ff f1 d9 46 63 93 36 30 30 ac a7 a7 f2 f2 f4 29 54 8a 59 53 53 7b 75 74 ff e8 b8 4b 46 46 3d 5c 92 b6 b4 9f f4 eb d6 ff d3 78 ff db 93 31 58 8c cc ca cb d5 d7 e5 d5 d2 d2 aa ab 96 17 4e 83 8d 97 b6 67 5f 5e 83 7d 7c 76 86 97 6b 64 64 52 4c 4c 89 84 84 5b 6e 9d 97 93 95 a1 9b 9b ff d8 87 9e a5 c2 ff c1 18 be b3 8b b5 b0 b0 ff e1 a8 b1 ad ad ff fb f4 e4 e4 ec f8 f8 fb 71 6a 6b bc b7 b5 c4 c1 c1 13 4c 89 ff fd fa 54 6a 9b ff c2 22 d9 d6 d6 e5 e4 e3 f6 f6 f9 ff f9 ed c2 be be 68 78 a2 70 c1 8b e5 e4 e4 6e 69 69 d1 ce ce e7 e6 e5 e0 de de 87 81 81 8e 88 88 f8 f7 f7 94 8e 8e 9a a2 c0 25 4e 8d ff ce 70 19 4f 84 1a 4c 8b 5e 58 58 ff ec c9 e3 e2 df fc bb 22 6d 7e 8a 89 95 98 ff df a3 e7 e8 ef cd d0 df 5a 66 84 75 70 72 e9 c0 5c dd d7 c4 e7 da b6 ff ca 5e e3 e1 e1 ea c4 6e e9 c7 7c 82 8c af 5d 73 90 9c 9a a0 90 98 bc b4 b8 ce ad b3 cb be c2 d5 ef ee f0 f1 f0 ed ff f5 e6 ff f6 e8 d0 d3 e0 9e a2 93 84 8f 8b 9c 9f 8d f0 c3 5c fd c5 51 fd c7 5c ff c8 52 dd de e8 4f 68 95 be b9 b9 5f 6e 93 fb fb fc 44 3e 3e fb fc fe 8d 8c 91 7d 7d 7d ff ff ff 21 f9 04 00 00 00 00 00 2c 00 00 00 00 f4 01 14 00 00 07 ff 80 09 7f 83 84 85 86 87 88 89 8a 8b 43 8b 8e 8f 90 91 92 93 94 95 96 97 98 99 9a 9b 9c 9d 9e 9f a0 a1 99 09 8d 93 10 67 05 92 6a a9 94 82 a2 af b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 84 09 ae 93 68 0a 58 8b 32 3f 0c 18 2c 76 95 bd ba cb cc cd ce cf d0 d1 d2 93 a4 96 0a 77 6e 89 6c 30 57 14 1f 4c 96 ca d3 e3 e4 e5 e6 e7 e8 e3 bc 96 6a 0d 16 69 87 3f 1a 4e 2b 2e 28 ac ad e9 fa fb fc fd fe ff 89 d6 59 02 10 61 03 82 42 39 32 2c 30 e0 c2 c2 41 4b a5 00 4a 9c 48 b1 a2 45 50 02 2d 85 00 11 21 84 9e 3f 39 56 50 69 71 a0 01 0a 1a 97 22 5e 5c c9 b2 a5 4b 8a d5 2e 41 08 02 02 84 82 35 1a 04 08 90 53 05 0a bc 4b 3d 5e 0a 1d 4a b4 a8 b3 98 84 02 1c f9 d3 83 c7 00 3d 4b 79 04 f8 63 e4 cf 80 01 7f 10 80 c0 61 81 c0 0e 01 06 e0 e0 50 50 48 cd a1 01 4a 14 a9 34 ca b6 ad db b7 c9 ff c4 55 d8 73 82 c8 04 09 12 4e 20 31 51 21 45 85 11 23 96 f8 d0 c1 d1 c5 02 01 0b e2 34 89 50 e6 08 0f 25 45 46 a8 30 c2 a1 47 00 0f 4b 5e 70 50 13 e0 86 11 30 bb 0c f9 19 4d 68 b4 9f 41 a6 4f ff 51 bd 7a b5 69 d4 a8 5f b3 3e 9d 9a b5 6b d2 ad 61 17 12 c2 5b c8 20 df be 7f ff e6 2d bc 78 6c dc b5 73 27 7a ad bc 79 69 e6 aa 53 2b a7 2d fd 39 f2 ea d2 93 df 8e 5e 7a 3b 75 dc 70 c3 37 43 3a c8 81 03 09 26 6e 98 b7 51 e1 c5 88 3d e6 1d f4 61 f1 a4 c9 1b 03 88 5d 6c c0 a1 45 44 09 13 35 9c 20 82 09 25 44 41 c4 16 5b 48 40 04 11 35 44 21 41 14 23 10 a2 d2 6c d3 55 d8 1a 77 b0 d1 26 5a 77 ba 15 42 e1 85 87 04 f7 07 70 c2 05 27 22 70 26 7a c8 a1 85 88 50 68 9b 6d 2b 6a 08 e3 87 ce 55 38 e3 86 38 82 98 61 8e 30 8a e7 63 2d 09 04 55 c8 1e 7b 98 20 c1 04 15 54 30 41 ff 09 e8 4d 60 42 12 0e 6c 61 01 14 24 70 21 00 49 0d e0 d0 00 00 77 39 88 c4 16 4e 26 51 42 09 77 89 70 97 03 49 44 a1 82 84 2a b6 79 21 73 1d 62 f7 e6 77 e0 f5 58 5d 87 bb f5 66 dc 89 84 90 48 a2 75 2f ae 78 48 72 81 0e 0a dd 9c de 09 7a 5c 74 70 42 d7 e8 a1 19 42 5a e3 8f 94 c2 42 de 1f 0f 3c 50 c4 0d 31 70 10 c0 0b 01 a8 10 03 04 78 40 c0 41 1e 38 90 10 86 4e 07 dc 81 c3 13 2c fc
                                Data Ascii: GIF89aLvv6Fc600)TYSS{utKFF=\x1XNg_^}|vkddRLL[nqjkLTj"hxpnii%NpOL^XX"m~Zfupr\^n|]s\Q\ROh_nD>>}}}!,CgjhX2?,vwnl0WLji?N+.(YaB92,0AKJHEP-!?9VPiq"^\K.A5SK=^J=KycaPPHJ4UsN 1Q!E#4P%EF0GK^pP0MhAOQzi_>ka[ -xls'zyiS+-9^z;up7C:&nQ=a]lED5 %DA[H@5D!A#lUw&ZwBp'"p&zPhm+jU88a0c-U{ T0AM`Bla$p!Iw9N&QBwpID*y!sbwX]fHu/xHrz\tpBBZB<P1px@A8N,
                                Apr 24, 2024 12:15:14.469640970 CEST281INData Raw: 61 c3 0b 9d 3e f0 82 07 40 f0 c0 c3 ac 1e 14 f1 c0 12 7b 18 88 d5 20 ca b8 d8 5d 8f 2c ca 78 6c 8c 83 32 1b 62 9f 23 96 b8 67 b4 23 8a 98 ac a2 6e 6a 88 ad 8d dc c6 d9 ec 8e cb d5 f8 a1 b6 37 e2 59 e9 b9 a2 5c 1a 49 16 11 90 21 46 0b 02 64 d0 85
                                Data Ascii: a>@{ ],xl2b#g#nj7Y\I!Fd51/<D!BZ4+9io)Ymmfga'i. o$|WtG(p&,42r$lpA!3t>lH#X_8s!>a(IgV\R$Dl$n
                                Apr 24, 2024 12:15:59.485081911 CEST6OUTData Raw: 00
                                Data Ascii:


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                9192.168.2.549718218.236.58.151806508C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                Apr 24, 2024 12:15:58.719559908 CEST6OUTData Raw: 00
                                Data Ascii:


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                10192.168.2.549717218.236.58.151806508C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                Apr 24, 2024 12:15:58.719598055 CEST6OUTData Raw: 00
                                Data Ascii:


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                11192.168.2.549724218.236.58.151806508C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                Apr 24, 2024 12:15:59.344480038 CEST6OUTData Raw: 00
                                Data Ascii:


                                HTTPS Proxied Packets

                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                0192.168.2.54972623.3.84.131443
                                TimestampBytes transferredDirectionData
                                2024-04-24 10:15:15 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                Connection: Keep-Alive
                                Accept: */*
                                Accept-Encoding: identity
                                User-Agent: Microsoft BITS/7.8
                                Host: fs.microsoft.com
                                2024-04-24 10:15:15 UTC467INHTTP/1.1 200 OK
                                Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                Content-Type: application/octet-stream
                                ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                Server: ECAcc (sac/2518)
                                X-CID: 11
                                X-Ms-ApiVersion: Distribute 1.2
                                X-Ms-Region: prod-eus-z1
                                Cache-Control: public, max-age=247670
                                Date: Wed, 24 Apr 2024 10:15:15 GMT
                                Connection: close
                                X-CID: 2


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                1192.168.2.54972723.3.84.131443
                                TimestampBytes transferredDirectionData
                                2024-04-24 10:15:16 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                Connection: Keep-Alive
                                Accept: */*
                                Accept-Encoding: identity
                                If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                Range: bytes=0-2147483646
                                User-Agent: Microsoft BITS/7.8
                                Host: fs.microsoft.com
                                2024-04-24 10:15:16 UTC531INHTTP/1.1 200 OK
                                Content-Type: application/octet-stream
                                Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                ApiVersion: Distribute 1.1
                                Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                X-Azure-Ref: 0Fz4RYwAAAACZW8dCTzveR7lI76J6Z2l5U0pDRURHRTA1MTgAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
                                Cache-Control: public, max-age=247656
                                Date: Wed, 24 Apr 2024 10:15:16 GMT
                                Content-Length: 55
                                Connection: close
                                X-CID: 2
                                2024-04-24 10:15:16 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                Session IDSource IPSource PortDestination IPDestination Port
                                2192.168.2.54973023.1.237.91443
                                TimestampBytes transferredDirectionData
                                2024-04-24 10:15:26 UTC2148OUTPOST /threshold/xls.aspx HTTP/1.1
                                Origin: https://www.bing.com
                                Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                Accept: */*
                                Accept-Language: en-CH
                                Content-type: text/xml
                                X-Agent-DeviceId: 01000A410900D492
                                X-BM-CBT: 1696428841
                                X-BM-DateFormat: dd/MM/yyyy
                                X-BM-DeviceDimensions: 784x984
                                X-BM-DeviceDimensionsLogical: 784x984
                                X-BM-DeviceScale: 100
                                X-BM-DTZ: 120
                                X-BM-Market: CH
                                X-BM-Theme: 000000;0078d7
                                X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E
                                X-Device-ClientSession: DB0AFB19004F47BC80E5208C7478FF22
                                X-Device-isOptin: false
                                X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                X-Device-OSSKU: 48
                                X-Device-Touch: false
                                X-DeviceID: 01000A410900D492
                                X-MSEdge-ExternalExp: d-thshld39,d-thshld42,d-thshld77,d-thshld78,staticsh
                                X-MSEdge-ExternalExpType: JointCoord
                                X-PositionerType: Desktop
                                X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                X-Search-CortanaAvailableCapabilities: None
                                X-Search-SafeSearch: Moderate
                                X-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard Time
                                X-UserAgeClass: Unknown
                                Accept-Encoding: gzip, deflate, br
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                Host: www.bing.com
                                Content-Length: 2484
                                Connection: Keep-Alive
                                Cache-Control: no-cache
                                Cookie: MUID=2F4E96DB8B7049E59AD4484C3C00F7CF; _SS=SID=1A6DEABB468B65843EB5F91B47916435&CPID=1713953692707&AC=1&CPH=d1a4eb75; _EDGE_S=SID=1A6DEABB468B65843EB5F91B47916435; SRCHUID=V=2&GUID=3D32B8AC657C4AD781A584E283227995&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20231004; SRCHHPGUSR=SRCHLANG=en&IPMH=986d886c&IPMID=1696428841029&HV=1696428756; CortanaAppUID=5A290E2CC4B523E2D8B5E2E3E4CB7CB7; MUIDB=2F4E96DB8B7049E59AD4484C3C00F7CF
                                2024-04-24 10:15:26 UTC1OUTData Raw: 3c
                                Data Ascii: <
                                2024-04-24 10:15:26 UTC2483OUTData Raw: 43 6c 69 65 6e 74 49 6e 73 74 52 65 71 75 65 73 74 3e 3c 43 49 44 3e 33 36 34 34 46 44 37 34 44 46 31 36 36 31 38 46 30 38 46 37 45 43 30 33 44 45 35 35 36 30 30 31 3c 2f 43 49 44 3e 3c 45 76 65 6e 74 73 3e 3c 45 3e 3c 54 3e 45 76 65 6e 74 2e 43 6c 69 65 6e 74 49 6e 73 74 3c 2f 54 3e 3c 49 47 3e 37 35 32 32 38 31 35 36 37 30 33 41 34 30 44 35 42 39 37 45 35 41 36 38 33 36 46 32 41 31 43 45 3c 2f 49 47 3e 3c 44 3e 3c 21 5b 43 44 41 54 41 5b 7b 22 43 75 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 22 2c 22 50 69 76 6f 74 22 3a 22 51 46 22 2c 22 54 22 3a 22 43 49 2e 42 6f 78 4d 6f 64 65 6c 22 2c 22 46 49 44 22 3a 22 43 49
                                Data Ascii: ClientInstRequest><CID>3644FD74DF16618F08F7EC03DE556001</CID><Events><E><T>Event.ClientInst</T><IG>75228156703A40D5B97E5A6836F2A1CE</IG><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init","Pivot":"QF","T":"CI.BoxModel","FID":"CI
                                2024-04-24 10:15:27 UTC479INHTTP/1.1 204 No Content
                                Access-Control-Allow-Origin: *
                                Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                X-MSEdge-Ref: Ref A: B8F754B650204A38B82EA21AA305701B Ref B: LAX311000111029 Ref C: 2024-04-24T10:15:26Z
                                Date: Wed, 24 Apr 2024 10:15:26 GMT
                                Connection: close
                                Alt-Svc: h3=":443"; ma=93600
                                X-CDN-TraceID: 0.57ed0117.1713953726.3674564


                                Statistics

                                CPU Usage

                                Click to jump to process

                                Memory Usage

                                Click to jump to process

                                Behavior

                                Click to jump to process

                                System Behavior

                                General

                                Target ID:0
                                Start time:12:15:02
                                Start date:24/04/2024
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                Imagebase:0x7ff715980000
                                File size:3'242'272 bytes
                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:false

                                General

                                Target ID:2
                                Start time:12:15:05
                                Start date:24/04/2024
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 --field-trial-handle=2228,i,3603984539344197173,3474500485459397694,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                Imagebase:0x7ff715980000
                                File size:3'242'272 bytes
                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:false

                                General

                                Target ID:3
                                Start time:12:15:10
                                Start date:24/04/2024
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://sender-004.cafe24.com/filter/"
                                Imagebase:0x7ff715980000
                                File size:3'242'272 bytes
                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:true

                                Disassembly

                                No disassembly