Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
2025_Simplified_Tips_to_Stay_on_Track.pdf

Overview

General Information

Sample name:2025_Simplified_Tips_to_Stay_on_Track.pdf
Analysis ID:1615228
MD5:91f7afdf1ff72bcc5c18d14761afdd01
SHA1:5d5904d4a9ec9f1c2540601a40c50f524ff6dde5
SHA256:95fda84ebe3db00570c5ff7226da6fdf7ceb540a705688c10d7ad4895ebfbade
Infos:

Detection

HTMLPhisher
Score:72
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
Antivirus detection for URL or domain
Yara detected HtmlPhish54
AI detected landing page (webpage, office document or email)
AI detected suspicious URL
Detected suspicious crossdomain redirect
HTML body contains low number of good links
HTML page contains hidden javascript code
HTML page contains obfuscated script src
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • Acrobat.exe (PID: 5420 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\2025_Simplified_Tips_to_Stay_on_Track.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 6272 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 7068 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1612 --field-trial-handle=1568,i,11125145143613516569,14354641556309738220,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
  • chrome.exe (PID: 4752 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://vibesventure.com/ MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
    • chrome.exe (PID: 2188 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1880,i,2137172682586034600,11970674895380760306,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • cleanup

Yara Signatures

HTML

SourceRuleDescriptionAuthorStrings
0.8.id.script.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
    0.4.id.script.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
      2.4.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
        3.7.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
          3.5.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security

            Sigma Signatures

            No Sigma rule has matched

            Suricata Signatures

            No Suricata rule has matched

            Joe Sandbox Signatures

            Click to jump to signature section

            Show All Signature Results

            AV Detection

            barindex
            Antivirus detection for URL or domain
            Source: https://vibesventure.com/Avira URL Cloud: Label: malware

            Phishing

            barindex
            AI detected phishing page
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueJoe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The provided URL 'anglianswater.co.uk' does not match the legitimate domain for Microsoft., The URL 'anglianswater.co.uk' appears to be related to a different entity, likely 'Anglian Water', which is unrelated to Microsoft., The presence of input fields for 'Email, phone, or Skype' is typical for Microsoft services, but the domain mismatch is a strong indicator of phishing. DOM: 3.7.pages.csv
            Yara detected HtmlPhish54
            Source: Yara matchFile source: 0.8.id.script.csv, type: HTML
            Source: Yara matchFile source: 0.4.id.script.csv, type: HTML
            Source: Yara matchFile source: 2.4.pages.csv, type: HTML
            Source: Yara matchFile source: 3.7.pages.csv, type: HTML
            Source: Yara matchFile source: 3.5.pages.csv, type: HTML
            AI detected landing page (webpage, office document or email)
            Source: PDF documentJoe Sandbox AI: PDF document contains QR code
            AI detected suspicious URL
            Source: https://anglianswater.co.ukJoe Sandbox AI: The URL 'https://anglianswater.co.uk' closely resembles the legitimate URL 'https://anglianwater.co.uk', which is associated with Anglian Water, a known utility company in the UK. The primary difference is the addition of an 's' in 'anglianswater', which could easily be overlooked by users, leading to potential confusion. This character addition is a common typosquatting technique. The domain extension '.co.uk' is appropriate for a UK-based company, which adds to the legitimacy of the appearance. However, the structural similarity and the likelihood of user confusion due to the subtle character addition suggest a moderate risk of typosquatting.
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueHTTP Parser: Number of links: 1
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=HTTP Parser: Base64 decoded: function c(){if(!document.querySelector(".b") || !document.querySelector(".g")){document.head.appendChild(Object.assign(document.createElement("div"),{classList:["b"]}));document.documentElement.style.filter="hue-rotate(4deg)";document.head.appendChild(Ob...
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJHTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJHTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJHTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueHTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueHTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueHTTP Parser: <input type="password" .../> found
            Source: https://mahna-tst.com/?jkxoxedj=3168095c40b4e0b4a2d05c4d76c419d8c7f354707eaa36e83c333cbe62b13aa44871e7a5153853788ecfb8b99c52f618dc50b2dd96e4ac5b26a93562e3b0a0c5HTTP Parser: No favicon
            Source: https://mahna-tst.com/?jkxoxedj=3168095c40b4e0b4a2d05c4d76c419d8c7f354707eaa36e83c333cbe62b13aa44871e7a5153853788ecfb8b99c52f618dc50b2dd96e4ac5b26a93562e3b0a0c5HTTP Parser: No favicon
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=HTTP Parser: No favicon
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueHTTP Parser: No favicon
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueHTTP Parser: No favicon
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueHTTP Parser: No favicon
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueHTTP Parser: No <meta name="author".. found
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueHTTP Parser: No <meta name="author".. found
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
            Source: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
            Source: chrome.exeMemory has grown: Private usage: 13MB later: 30MB
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: vibesventure.com to https://mahna-tst.com/?jkxoxedj
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: mahna-tst.com to https://anglianswater.co.uk/?dataxx0=eyjhbgcioijiuzi1niisinr5cci6ikpxvcj9.eyj1cmwioijodhrwczovl2fuz2xpyw5zd2f0zxiuy28udwsviiwizg9tywluijoiyw5nbglhbnn3yxrlci5jby51ayisimtlesi6inbkd2rkvdncq3ltwiisinfyyyi6bnvsbcwiawf0ijoxnzm5ntq5ntuwlcjlehaioje3mzk1ndk2nzb9.qovrxe4bntewecq2gfhohivdftux9pzkfgozwprrixi
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
            Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
            Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
            Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
            Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: vibesventure.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /?jkxoxedj HTTP/1.1Host: mahna-tst.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /?jkxoxedj=3168095c40b4e0b4a2d05c4d76c419d8c7f354707eaa36e83c333cbe62b13aa44871e7a5153853788ecfb8b99c52f618dc50b2dd96e4ac5b26a93562e3b0a0c5 HTTP/1.1Host: mahna-tst.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE
            Source: global trafficHTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://mahna-tst.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /turnstile/v0/b/324d0dcf743c/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://mahna-tst.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x3peo/0x4AAAAAAA7ayVAMgoAj5cIz/auto/fbE/new/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://mahna-tst.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /turnstile/v0/b/324d0dcf743c/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=911e5674efb1424b&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x3peo/0x4AAAAAAA7ayVAMgoAj5cIz/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x3peo/0x4AAAAAAA7ayVAMgoAj5cIz/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=911e5674efb1424b&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: mahna-tst.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mahna-tst.com/?jkxoxedj=3168095c40b4e0b4a2d05c4d76c419d8c7f354707eaa36e83c333cbe62b13aa44871e7a5153853788ecfb8b99c52f618dc50b2dd96e4ac5b26a93562e3b0a0c5Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/94809140:1739546973:po6K5t6csrS3D1VXRlmvBf1Wu4OEdwfuQp6VT474iz4/911e5674efb1424b/7BOfOISofnPOipSKSK056GRtCUFyBiHpE5TXUxwaKrs-1739549525-1.1.1.1-QLk1oUQLaDsZn.Fb2MZ.QXjmNmXYKt1y2zidAU6p_HRbFZNYwobNp9lPcpkQ0GUC HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/911e5674efb1424b/1739549527017/ouh4eqi1GwTa99Y HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x3peo/0x4AAAAAAA7ayVAMgoAj5cIz/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/911e5674efb1424b/1739549527017/ouh4eqi1GwTa99Y HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/911e5674efb1424b/1739549527022/2cf544b3c07062179c81b65ce1b60b3b1b64391e26a470737bb11656d0ce1733/SjVz9kPQtFoxR18 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x3peo/0x4AAAAAAA7ayVAMgoAj5cIz/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/94809140:1739546973:po6K5t6csrS3D1VXRlmvBf1Wu4OEdwfuQp6VT474iz4/911e5674efb1424b/7BOfOISofnPOipSKSK056GRtCUFyBiHpE5TXUxwaKrs-1739549525-1.1.1.1-QLk1oUQLaDsZn.Fb2MZ.QXjmNmXYKt1y2zidAU6p_HRbFZNYwobNp9lPcpkQ0GUC HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Microsoft-CryptoAPI/10.0Host: x1.i.lencr.org
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/94809140:1739546973:po6K5t6csrS3D1VXRlmvBf1Wu4OEdwfuQp6VT474iz4/911e5674efb1424b/7BOfOISofnPOipSKSK056GRtCUFyBiHpE5TXUxwaKrs-1739549525-1.1.1.1-QLk1oUQLaDsZn.Fb2MZ.QXjmNmXYKt1y2zidAU6p_HRbFZNYwobNp9lPcpkQ0GUC HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2FuZ2xpYW5zd2F0ZXIuY28udWsvIiwiZG9tYWluIjoiYW5nbGlhbnN3YXRlci5jby51ayIsImtleSI6InBkd2RkVDNCQ3lTWiIsInFyYyI6bnVsbCwiaWF0IjoxNzM5NTQ5NTUwLCJleHAiOjE3Mzk1NDk2NzB9.QOvrxe4bntEwEcQ2GfHOHIvDFtuX9pZKFgozwpRRixI HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://mahna-tst.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://mahna-tst.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE
            Source: global trafficHTTP traffic detected: GET /owa/ HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://mahna-tst.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE
            Source: global trafficHTTP traffic detected: GET /?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18= HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://mahna-tst.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/BssoInterrupt_Core_eaF-Fe71oZcWvr096r6xEw2.js HTTP/1.1Host: anglianswater.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; fpc=Av87nWiHgIJHoCbdZKGZPUg; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQE9oqLLNHIs1Q60hl2JEQ4K7gvM1gM6wPpGWbIJKFnkubLKkKJRpHTqp0LDdfJDPdPObCMvnN9HtaP1vIOju07WtbMtHjYSFAjAAA_WcsKNVHuOlRbG_BMiKrTvxM23Qt3M1VamuIV76IibLQ1BzJniPxbwXSTPd76LQq9oLTSjKcgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
            Source: global trafficHTTP traffic detected: GET /?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=true HTTP/1.1Host: anglianswater.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; fpc=Av87nWiHgIJHoCbdZKGZPUg; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQE9oqLLNHIs1Q60hl2JEQ4K7gvM1gM6wPpGWbIJKFnkubLKkKJRpHTqp0LDdfJDPdPObCMvnN9HtaP1vIOj
            Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: anglianswater.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; fpc=Av87nWiHgIJHoCbdZKGZPUg; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQE9oqLLNHIs1Q60hl2JEQ4K7gvM1gM6wPpGWbIJKFnkubLKkKJRpHTqp0LDdfJDPdPObCMvnN9HtaP1vIOju07WtbMtHjYSFAjAAA_WcsKNVHuOlRbG_BMiKrTvxM23Qt3M1VamuIV76IibLQ1BzJniPxbwXSTPd76LQq9oLTSjKcgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/BssoInterrupt_Core_eaF-Fe71oZcWvr096r6xEw2.js HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; fpc=Av87nWiHgIJHoCbdZKGZPUg; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQE9oqLLNHIs1Q60hl2JEQ4K7gvM1gM6wPpGWbIJKFnkubLKkKJRpHTqp0LDdfJDPdPObCMvnN9HtaP1vIOju07WtbMtHjYSFAjAAA_WcsKNVHuOlRbG_BMiKrTvxM23Qt3M1VamuIV76IibLQ1BzJniPxbwXSTPd76LQq9oLTSjKcgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css HTTP/1.1Host: anglianswater.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_-8cgqRzfEOPEpYl9MSuPRw2.js HTTP/1.1Host: anglianswater.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_b6qmkv34zrtzwovprnovhw2.js HTTP/1.1Host: anglianswater.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_b6qmkv34zrtzwovprnovhw2.js HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js HTTP/1.1Host: anglianswater.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_-8cgqRzfEOPEpYl9MSuPRw2.js HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: anglianswater.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1Host: anglianswater.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js HTTP/1.1Host: anglianswater.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg HTTP/1.1Host: anglianswater.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg HTTP/1.1Host: anglianswater.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png HTTP/1.1Host: anglianswater.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA; brcap=0
            Source: global trafficHTTP traffic detected: GET /owa/prefetch.aspx HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://anglianswater.co.uk/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: anglianswater.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://anglianswater.co.uk/?adwaxn819=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OGYyNGQyZDItMzdkNC1kNmIzLTU0YjAtYWMyMDE2OGQwMGE3JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODc1MTQ2MzUyODU0MTg1Mi5kNWQ4OWM2Yy1hODc1LTQ0NTMtYTc2NC03MjdkNmFkZDZjMzEmc3RhdGU9RFl1NUVZQXdETUFjT01ZeElmR2JjWHh4VDhuNnVKQWFuUm9Bbk1WUnRLY0VwdVFtZzVWa3V2QndtWGRLLXRxNk1Tb2hzeENHS2FOTlM0MU0zVFJhdlZkX3YtZ18=&sso_reload=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA; brcap=0
            Source: global trafficHTTP traffic detected: GET /owa/prem/15.20.8466.9/scripts/boot.worldwide.0.mouse.js HTTP/1.1Host: r4.res.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://outlook.office365.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: anglianswater.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=pdwddT3BCySZ; qPdM.sig=cI8H-8pAzh4vMM-j9DlbYMVFsqE; ClientId=305E6D5E7A1F4263A44B97D69BE40173; OIDC=1; OpenIdConnect.nonce.v3.YC52sMli66jo4ws37DUlYWTLzvlx0Begz2EcYBZwocU=638751463528541852.d5d89c6c-a875-4453-a764-727d6add6c31; X-OWA-RedirectHistory=ArLym14BDpFjYxJN3Qg; esctx-eVmFxdnDV4o=AQABCQEAAABVrSpeuWamRam2jAF1XRQEQdrDtkIhCLUGMcMb0ne7g-SX3PNf2aP69T1pmDQVsmdCtf3izoV63vVSMK0GbAawO_7nJRkHqvKpcjFnKWX4-gEY3ZmvGwtoXunCi4BuaRGz08bT7dyUpsDgzN91WqdGZE04unhL4lCa1YyPhUW7RCAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.ASUAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAAlAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEXPVu7mEKktfw5uK_PhKvAz38HY-HlP1fn5rvjCtF7Yz8ZmrSZ_51jcOO3LjvrZ9gDP7PE33NEPHmBmhQp4ZiaSFU9mfM82WzW-SYjc1-onUgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEFo8BkSsR96ldi3BhFiPypYCnqnCGLdxZE1Ai69ombG63Z-gsRB08kd5bhb7_kr3S-FehCz9pAsqjbTTHLGuDObXU3sDhtEIrNBpQ5AxPEeEDveUARqiXWnV1us4W3R8yfKplGEWdxHBtOP4aH5NcgyuDLE_Pv6SSjy80xA-Y-uYgAA; esctx-c0oaKgTGWOk=AQABCQEAAABVrSpeuWamRam2jAF1XRQE1IuML9x3lTwZfL4CbdN1sJXFhbH7LckDn0rmvOdPq2doR3awzNCiz-xirxhRcs3yfE4prNYbQ9SYSg5YjQhds8Mie2jdcLnuFbYe8dLEJ_f1Ug78UlASAzzM4SdHG1XqKbaBEJ7TDO8ZIMS9cq9t6iAA; fpc=Av87nWiHgIJHoCbdZKGZPUierOTJAQAAAHNiQd8OAAAA; brcap=0
            Source: global trafficHTTP traffic detected: GET /owa/prem/15.20.8466.9/scripts/boot.worldwide.1.mouse.js HTTP/1.1Host: r4.res.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://outlook.office365.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /owa/prem/15.20.8466.9/scripts/boot.worldwide.2.mouse.js HTTP/1.1Host: r4.res.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://outlook.office365.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /owa/prem/15.20.8466.9/scripts/boot.worldwide.3.mouse.js HTTP/1.1Host: r4.res.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://outlook.office365.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /owa/prem/15.20.8466.9/resources/images/0/sprite1.mouse.png HTTP/1.1Host: r4.res.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://outlook.office365.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /owa/prem/15.20.8466.9/resources/images/0/sprite1.mouse.css HTTP/1.1Host: r4.res.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://outlook.office365.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /owa/prem/15.20.8466.9/resources/styles/0/boot.worldwide.mouse.css HTTP/1.1Host: r4.res.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://outlook.office365.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficDNS traffic detected: DNS query: vibesventure.com
            Source: global trafficDNS traffic detected: DNS query: mahna-tst.com
            Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
            Source: global trafficDNS traffic detected: DNS query: challenges.cloudflare.com
            Source: global trafficDNS traffic detected: DNS query: www.google.com
            Source: global trafficDNS traffic detected: DNS query: x1.i.lencr.org
            Source: global trafficDNS traffic detected: DNS query: anglianswater.co.uk
            Source: global trafficDNS traffic detected: DNS query: aadcdn.msftauth.net
            Source: global trafficDNS traffic detected: DNS query: outlook.office365.com
            Source: global trafficDNS traffic detected: DNS query: r4.res.office365.com
            Source: unknownHTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateSet-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponlyStrict-Transport-Security: max-age=31536000; includeSubDomainsP3P: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: b86b188b-7f7f-46b0-a201-39300d487b00x-ms-ests-server: 2.1.20003.9 - WUS3 ProdSlicesnel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.PReferrer-Policy: strict-origin-when-cross-originContent-Security-Policy-Report-Only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-6uFEHlWCIJA21jZpqvsUQw' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-AllDate: Fri, 14 Feb 2025 16:12:35 GMTConnection: closeContent-Length: 0Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
            Source: unknownNetwork traffic detected: HTTP traffic on port 49970 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
            Source: unknownNetwork traffic detected: HTTP traffic on port 50007 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
            Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50060
            Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
            Source: unknownNetwork traffic detected: HTTP traffic on port 50060 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50056 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49981 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
            Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
            Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
            Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
            Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
            Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50007
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
            Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49969 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
            Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
            Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50019
            Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49939
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49938
            Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49937
            Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49925 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
            Source: unknownNetwork traffic detected: HTTP traffic on port 49971 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49927
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49926
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49925
            Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
            Source: unknownNetwork traffic detected: HTTP traffic on port 50019 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50047 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49937 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50041
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
            Source: unknownNetwork traffic detected: HTTP traffic on port 49948 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
            Source: unknownNetwork traffic detected: HTTP traffic on port 50041 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50047
            Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49909
            Source: unknownNetwork traffic detected: HTTP traffic on port 50030 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49993 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49902
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
            Source: classification engineClassification label: mal72.phis.winPDF@37/74@26/242
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2025-02-14 11-11-59-188.log
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA
            Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\2025_Simplified_Tips_to_Stay_on_Track.pdf"
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1612 --field-trial-handle=1568,i,11125145143613516569,14354641556309738220,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://vibesventure.com/
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1880,i,2137172682586034600,11970674895380760306,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Source: unknownProcess created: C:\Windows\System32\msiexec.exe C:\Windows\system32\msiexec.exe /V
            Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\System32\msiexec.exe C:\Windows\System32\MsiExec.exe -Embedding D807F5FCDA1483EF770A2B89A65E9B63
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknown
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1612 --field-trial-handle=1568,i,11125145143613516569,14354641556309738220,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1880,i,2137172682586034600,11970674895380760306,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: 2025_Simplified_Tips_to_Stay_on_Track.pdfInitial sample: PDF keyword /JS count = 0
            Source: 2025_Simplified_Tips_to_Stay_on_Track.pdfInitial sample: PDF keyword /JavaScript count = 0
            Source: 2025_Simplified_Tips_to_Stay_on_Track.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
            Source: 2025_Simplified_Tips_to_Stay_on_Track.pdfInitial sample: PDF keyword obj count = 50
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information queried: ProcessInformation

            Mitre Att&ck Matrix

            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity InformationAcquire Infrastructure1
            Drive-by Compromise            		Windows Management Instrumentation2
            Browser Extensions            		1
            Process Injection            		1
            Masquerading            		OS Credential Dumping1
            Process Discovery            		Remote ServicesData from Local System1
            Encrypted Channel            		Exfiltration Over Other Network MediumAbuse Accessibility Features
            CredentialsDomainsDefault AccountsScheduled Task/Job1
            Registry Run Keys / Startup Folder            		1
            Registry Run Keys / Startup Folder            		1
            Process Injection            		LSASS Memory1
            System Information Discovery            		Remote Desktop ProtocolData from Removable Media4
            Non-Application Layer Protocol            		Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
            Extra Window Memory Injection            		1
            Extra Window Memory Injection            		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
            Application Layer Protocol            		Automated ExfiltrationData Encrypted for Impact
            Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
            Ingress Tool Transfer            		Traffic DuplicationData Destruction

            Screenshots

            Thumbnails

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


            windows-stand

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            2025_Simplified_Tips_to_Stay_on_Track.pdf0%VirustotalBrowse

            Dropped Files

            No Antivirus matches

            Unpacked PE Files

            No Antivirus matches

            Domains

            No Antivirus matches

            URLs

            SourceDetectionScannerLabelLink
            https://vibesventure.com/100%Avira URL Cloudmalware
            https://mahna-tst.com/?jkxoxedj0%Avira URL Cloudsafe
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/94809140:1739546973:po6K5t6csrS3D1VXRlmvBf1Wu4OEdwfuQp6VT474iz4/911e5674efb1424b/7BOfOISofnPOipSKSK056GRtCUFyBiHpE5TXUxwaKrs-1739549525-1.1.1.1-QLk1oUQLaDsZn.Fb2MZ.QXjmNmXYKt1y2zidAU6p_HRbFZNYwobNp9lPcpkQ0GUC0%Avira URL Cloudsafe
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/911e5674efb1424b/1739549527022/2cf544b3c07062179c81b65ce1b60b3b1b64391e26a470737bb11656d0ce1733/SjVz9kPQtFoxR180%Avira URL Cloudsafe
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/911e5674efb1424b/1739549527017/ouh4eqi1GwTa99Y0%Avira URL Cloudsafe
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x3peo/0x4AAAAAAA7ayVAMgoAj5cIz/auto/fbE/new/normal/auto/0%Avira URL Cloudsafe
            https://mahna-tst.com/favicon.ico0%Avira URL Cloudsafe
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=911e5674efb1424b&lang=auto0%Avira URL Cloudsafe
            https://anglianswater.co.uk/0%Avira URL Cloudsafe
            https://anglianswater.co.uk/owa/0%Avira URL Cloudsafe
            https://anglianswater.co.uk/favicon.ico0%Avira URL Cloudsafe
            https://r4.res.office365.com/owa/prem/15.20.8466.9/scripts/boot.worldwide.3.mouse.js0%Avira URL Cloudsafe
            https://r4.res.office365.com/owa/prem/15.20.8466.9/resources/images/0/sprite1.mouse.css0%Avira URL Cloudsafe
            https://r4.res.office365.com/owa/prem/15.20.8466.9/resources/images/0/sprite1.mouse.png0%Avira URL Cloudsafe
            https://r4.res.office365.com/owa/prem/15.20.8466.9/scripts/boot.worldwide.2.mouse.js0%Avira URL Cloudsafe
            https://r4.res.office365.com/owa/prem/15.20.8466.9/scripts/boot.worldwide.0.mouse.js0%Avira URL Cloudsafe
            https://r4.res.office365.com/owa/prem/15.20.8466.9/scripts/boot.worldwide.1.mouse.js0%Avira URL Cloudsafe
            https://r4.res.office365.com/owa/prem/15.20.8466.9/resources/styles/0/boot.worldwide.mouse.css0%Avira URL Cloudsafe

            Domains and IPs

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            chrome.cloudflare-dns.com
            		172.64.41.3
            		truefalse
              		high
              e40491.dscg.akamaiedge.net
              		2.19.120.89
              		truefalse
                		high
                e329293.dscd.akamaiedge.net
                		92.123.12.181
                		truefalse
                  		high
                  e8652.dscx.akamaiedge.net
                  		23.209.209.135
                  		truefalse
                    		high
                    s-part-0017.t-0009.fb-t-msedge.net
                    		13.107.253.45
                    		truefalse
                      		high
                      s-part-0017.t-0009.t-msedge.net
                      		13.107.246.45
                      		truefalse
                        		high
                        bg.microsoft.map.fastly.net
                        		199.232.210.172
                        		truefalse
                          		high
                          ooc-g2.tm-4.office.com
                          		52.98.18.34
                          		truefalse
                            		high
                            vibesventure.com
                            		66.63.187.37
                            		truefalse
                              		unknown
                              challenges.cloudflare.com
                              		104.18.95.41
                              		truefalse
                                		high
                                www.google.com
                                		142.250.74.196
                                		truefalse
                                  		high
                                  anglianswater.co.uk
                                  		89.185.80.11
                                  		truetrue
                                    		unknown
                                    mahna-tst.com
                                    		89.185.80.11
                                    		truefalse
                                      		unknown
                                      x1.i.lencr.org
                                      		unknown
                                      		unknownfalse
                                        		high
                                        r4.res.office365.com
                                        		unknown
                                        		unknownfalse
                                          		high
                                          aadcdn.msftauth.net
                                          		unknown
                                          		unknownfalse
                                            		high
                                            outlook.office365.com
                                            		unknown
                                            		unknownfalse
                                              		high

                                              Contacted URLs

                                              NameMaliciousAntivirus DetectionReputation
                                              https://mahna-tst.com/?jkxoxedjfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              https://r4.res.office365.com/owa/prem/15.20.8466.9/scripts/boot.worldwide.3.mouse.jsfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1false
                                                		high
                                                https://r4.res.office365.com/owa/prem/15.20.8466.9/scripts/boot.worldwide.0.mouse.jsfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://chrome.cloudflare-dns.com/dns-queryfalse
                                                  		high
                                                  https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/911e5674efb1424b/1739549527022/2cf544b3c07062179c81b65ce1b60b3b1b64391e26a470737bb11656d0ce1733/SjVz9kPQtFoxR18false
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://r4.res.office365.com/owa/prem/15.20.8466.9/resources/styles/0/boot.worldwide.mouse.cssfalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://outlook.office365.com/owa/prefetch.aspxfalse
                                                    		high
                                                    https://mahna-tst.com/?jkxoxedj=3168095c40b4e0b4a2d05c4d76c419d8c7f354707eaa36e83c333cbe62b13aa44871e7a5153853788ecfb8b99c52f618dc50b2dd96e4ac5b26a93562e3b0a0c5false
                                                      		unknown
                                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/911e5674efb1424b/1739549527017/ouh4eqi1GwTa99Yfalse
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://anglianswater.co.uk/true
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://anglianswater.co.uk/owa/true
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://r4.res.office365.com/owa/prem/15.20.8466.9/resources/images/0/sprite1.mouse.pngfalse
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/94809140:1739546973:po6K5t6csrS3D1VXRlmvBf1Wu4OEdwfuQp6VT474iz4/911e5674efb1424b/7BOfOISofnPOipSKSK056GRtCUFyBiHpE5TXUxwaKrs-1739549525-1.1.1.1-QLk1oUQLaDsZn.Fb2MZ.QXjmNmXYKt1y2zidAU6p_HRbFZNYwobNp9lPcpkQ0GUCfalse
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://anglianswater.co.uk/favicon.icotrue
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://r4.res.office365.com/owa/prem/15.20.8466.9/scripts/boot.worldwide.2.mouse.jsfalse
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://r4.res.office365.com/owa/prem/15.20.8466.9/resources/images/0/sprite1.mouse.cssfalse
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallbackfalse
                                                        		high
                                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/x3peo/0x4AAAAAAA7ayVAMgoAj5cIz/auto/fbE/new/normal/auto/false
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=911e5674efb1424b&lang=autofalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://r4.res.office365.com/owa/prem/15.20.8466.9/scripts/boot.worldwide.1.mouse.jsfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://challenges.cloudflare.com/turnstile/v0/b/324d0dcf743c/api.jsfalse
                                                          		high
                                                          https://mahna-tst.com/favicon.icofalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://vibesventure.com/true
                                                          • Avira URL Cloud: malware
                                                          		unknown

                                                          World Map of Contacted IPs

                                                          • No. of IPs < 25%
                                                          • 25% < No. of IPs < 50%
                                                          • 50% < No. of IPs < 75%
                                                          • 75% < No. of IPs

                                                          Public IPs

                                                          IPDomainCountryFlagASNASN NameMalicious
                                                          2.18.96.131
                                                          		unknownEuropean Union
                                                          		20940AKAMAI-ASN1EUfalse
                                                          89.185.80.11
                                                          		anglianswater.co.ukRussian Federation
                                                          		41757OLIMP-SVYAZ-ASRUtrue
                                                          2.19.120.89
                                                          		e40491.dscg.akamaiedge.netEuropean Union
                                                          		16625AKAMAI-ASUSfalse
                                                          13.107.246.45
                                                          		s-part-0017.t-0009.t-msedge.netUnited States
                                                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                          172.217.18.14
                                                          		unknownUnited States
                                                          		15169GOOGLEUSfalse
                                                          104.18.94.41
                                                          		unknownUnited States
                                                          		13335CLOUDFLARENETUSfalse
                                                          216.58.206.78
                                                          		unknownUnited States
                                                          		15169GOOGLEUSfalse
                                                          52.182.143.214
                                                          		unknownUnited States
                                                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                          20.190.159.64
                                                          		unknownUnited States
                                                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                          23.56.162.204
                                                          		unknownUnited States
                                                          		16625AKAMAI-ASUSfalse
                                                          52.22.41.97
                                                          		unknownUnited States
                                                          		14618AMAZON-AESUSfalse
                                                          23.209.209.135
                                                          		e8652.dscx.akamaiedge.netUnited States
                                                          		23693TELKOMSEL-ASN-IDPTTelekomunikasiSelularIDfalse
                                                          66.63.187.37
                                                          		vibesventure.comUnited States
                                                          		8100ASN-QUADRANET-GLOBALUSfalse
                                                          199.232.210.172
                                                          		bg.microsoft.map.fastly.netUnited States
                                                          		54113FASTLYUSfalse
                                                          172.64.41.3
                                                          		chrome.cloudflare-dns.comUnited States
                                                          		13335CLOUDFLARENETUSfalse
                                                          142.250.74.196
                                                          		www.google.comUnited States
                                                          		15169GOOGLEUSfalse
                                                          52.98.18.34
                                                          		ooc-g2.tm-4.office.comUnited States
                                                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                          1.1.1.1
                                                          		unknownAustralia
                                                          		13335CLOUDFLARENETUSfalse
                                                          13.107.253.45
                                                          		s-part-0017.t-0009.fb-t-msedge.netUnited States
                                                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                          172.217.18.3
                                                          		unknownUnited States
                                                          		15169GOOGLEUSfalse
                                                          104.18.95.41
                                                          		challenges.cloudflare.comUnited States
                                                          		13335CLOUDFLARENETUSfalse
                                                          216.58.206.42
                                                          		unknownUnited States
                                                          		15169GOOGLEUSfalse
                                                          20.189.173.27
                                                          		unknownUnited States
                                                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                          64.233.167.84
                                                          		unknownUnited States
                                                          		15169GOOGLEUSfalse
                                                          239.255.255.250
                                                          		unknownReserved
                                                          		unknownunknownfalse
                                                          142.250.186.164
                                                          		unknownUnited States
                                                          		15169GOOGLEUSfalse
                                                          23.55.235.241
                                                          		unknownUnited States
                                                          		20940AKAMAI-ASN1EUfalse
                                                          172.217.16.195
                                                          		unknownUnited States
                                                          		15169GOOGLEUSfalse

                                                          Private

                                                          IP
                                                          192.168.2.18

                                                          General Information

                                                          Joe Sandbox version:42.0.0 Malachite
                                                          Analysis ID:1615228
                                                          Start date and time:2025-02-14 17:11:13 +01:00
                                                          Joe Sandbox product:CloudBasic
                                                          Overall analysis duration:
                                                          Hypervisor based Inspection enabled:false
                                                          Report type:full
                                                          Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                          Number of analysed new started processes analysed:19
                                                          Number of new started drivers analysed:0
                                                          Number of existing processes analysed:0
                                                          Number of existing drivers analysed:0
                                                          Number of injected processes analysed:0
                                                          Technologies:
                                                          • EGA enabled
                                                          Analysis Mode:stream
                                                          Analysis stop reason:Timeout
                                                          Sample name:2025_Simplified_Tips_to_Stay_on_Track.pdf
                                                          Detection:MAL
                                                          Classification:mal72.phis.winPDF@37/74@26/242
                                                          Cookbook Comments:
                                                          • Found application associated with file extension: .pdf

                                                          Warnings

                                                          • Exclude process from analysis (whitelisted): dllhost.exe
                                                          • Excluded IPs from analysis (whitelisted): 2.18.96.131, 172.217.16.195, 172.217.18.14, 64.233.167.84, 172.217.23.110, 2.22.242.11, 2.22.242.123, 142.250.184.238, 52.22.41.97, 3.219.243.226, 3.233.129.217, 52.6.155.20, 2.22.242.128, 2.22.242.88, 142.250.80.35, 142.250.80.99, 2.19.106.160, 52.149.20.212
                                                          • Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, acroipm2.adobe.com.edgesuite.net, clientservices.googleapis.com, p13n.adobe.io, acroipm2.adobe.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, redirector.gvt1.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, clients.l.google.com, www.gstatic.com, geo2.adobe.com
                                                          • Not all processes where analyzed, report is missing behavior information
                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                          • VT rate limit hit for: mahna-tst.com
                                                          • VT rate limit hit for: vibesventure.com

                                                          Created / dropped Files

                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:ASCII text
                                                          Category:dropped
                                                          Size (bytes):289
                                                          Entropy (8bit):5.175431707466017
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:A829BCE8F1A1729DB005C750A9C8DD26
                                                          SHA1:25BE0F035E93C00E32FCD65ECE1681AD1C800676
                                                          SHA-256:9A2508E90B59393B1A208703887B41EB687E0D19B2867C7D660D90AFD74F9805
                                                          SHA-512:65BC98248582447EE74615D92B92F7936DCDDDCD5C944374DB8DDD179D06B0C9A49E1EACD9111F98B5178A396D7FE3F8BFB04E59FBA3389BFE99085B9C0C48DF
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:2025/02/14-11:11:57.025 ed4 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2025/02/14-11:11:57.028 ed4 Recovering log #3.2025/02/14-11:11:57.028 ed4 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:ASCII text
                                                          Category:dropped
                                                          Size (bytes):333
                                                          Entropy (8bit):5.227753368603075
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:B4DB1A9B254DF96EEC0F79D317705514
                                                          SHA1:5CB10664DA20F1C6F7CEC9808F121F5141709158
                                                          SHA-256:4C5114775988B699A8CF98D8F8DFD1D815B6E35E2B104BD51707F5F6C82F0F13
                                                          SHA-512:CF566792F40F5FEE6A25425996D22BEDEF5161A88D51C82424E4F7956012C84A9268AE94F31202DBAF50FDF4B13E35F354DA53BF3085599E5FC469D7DABB6447
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:2025/02/14-11:11:56.752 89c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2025/02/14-11:11:56.757 89c Recovering log #3.2025/02/14-11:11:56.758 89c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\06d75a6f-0706-401f-8115-7a9bbe4c3b5d.tmp

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):476
                                                          Entropy (8bit):4.972387324326547
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:BF3BA9AE73C3BC393A0F591901CCB9CA
                                                          SHA1:25F4748D59EE94004BE02E43F36E7380872A4C91
                                                          SHA-256:416A10364EF19B40C1FB99E0FE7070CE1615ADDD1EE608483C2036FED262077E
                                                          SHA-512:BC969D464C6DBA655A34F5138CC7FF2D623137A245C3F344B090CF193D88378560F3F3D24E5DB1442F0D9C7B374E8A9FA9224EB4AC0CAD7FEF4F1C145BFD1DC3
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13384109528907413","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":128550},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.18","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):0
                                                          Entropy (8bit):0.0
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:BF3BA9AE73C3BC393A0F591901CCB9CA
                                                          SHA1:25F4748D59EE94004BE02E43F36E7380872A4C91
                                                          SHA-256:416A10364EF19B40C1FB99E0FE7070CE1615ADDD1EE608483C2036FED262077E
                                                          SHA-512:BC969D464C6DBA655A34F5138CC7FF2D623137A245C3F344B090CF193D88378560F3F3D24E5DB1442F0D9C7B374E8A9FA9224EB4AC0CAD7FEF4F1C145BFD1DC3
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13384109528907413","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":128550},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.18","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:data
                                                          Category:dropped
                                                          Size (bytes):7400
                                                          Entropy (8bit):5.2438682047847935
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:64504DADD49A5E6C87CCB745D739BBD8
                                                          SHA1:84AD6C0BD4C3B3592D79087CE1C77AF5AC019870
                                                          SHA-256:BB340A5182EEBA271E7C599609FB134F7AE95F556469E7F2DB1C8666525AAF7D
                                                          SHA-512:46A66E4FD0797B50B4390C8927B9DCFF666156EB62E50A8A1074916ED1E6B75290E1051C149A2B952877622B79DC369DEB75842D8EB547931B7271667FE2D5AF
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:*...#................version.1..namespace-...o................next-map-id.1.Pnamespace-5767294d_7b9a_47c6_b1e0_955ef27d1acf-https://rna-resource.acrobat.com/.0=..Nr................next-map-id.2.Snamespace-0be79751_1d4a_40c3_9b57_40751dcd8802-https://rna-v2-resource.acrobat.com/.1....r................next-map-id.3.Snamespace-90f7539d_81d9_41c2_b2e3_1ee7ed96c7c7-https://rna-v2-resource.acrobat.com/.2S.<.o................next-map-id.4.Pnamespace-1700ec5e_d769_43b7_97b8_3e6ca674d396-https://rna-resource.acrobat.com/.3...^...............Pnamespace-5767294d_7b9a_47c6_b1e0_955ef27d1acf-https://rna-resource.acrobat.com/D..#^...............Pnamespace-1700ec5e_d769_43b7_97b8_3e6ca674d396-https://rna-resource.acrobat.com/....a...............Snamespace-0be79751_1d4a_40c3_9b57_40751dcd8802-https://rna-v2-resource.acrobat.com/B[_.a...............Snamespace-90f7539d_81d9_41c2_b2e3_1ee7ed96c7c7-https://rna-v2-resource.acrobat.com/.^..r................next-map-id.5.Snamespace-cc1e5959_9927_4cd0_b606_

                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:ASCII text
                                                          Category:dropped
                                                          Size (bytes):321
                                                          Entropy (8bit):5.196481466933477
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:C1692D39A1C48D89525C97601A1CBA9B
                                                          SHA1:EFB9CFB553F2844D9BFBBE1F85FCC1740D6EC46A
                                                          SHA-256:6D0DE68C40C3E37C3D4B34430DCD239517D01C741C0B4A476AA0C2B18E0F902F
                                                          SHA-512:4B839594BC888636F46166BBF8904A8C9589A0784A7CA23788A02F50BABF420C55E91BC436F4E09B2FE81BABE588A84A880582836A43DF35C97F5387EEAE7F17
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:2025/02/14-11:11:57.115 89c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2025/02/14-11:11:57.116 89c Recovering log #3.2025/02/14-11:11:57.119 89c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                                                          C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-250214161200Z-178.bmp

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
                                                          Category:dropped
                                                          Size (bytes):71190
                                                          Entropy (8bit):0.9659150074599945
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:5DD45652EC5BB3F284DF9B768ADC5DF8
                                                          SHA1:9112C00A224A7956232643EF5A3D40CF9FEE221C
                                                          SHA-256:A84039109A4F32E4A81B6C997C6D8BD43AEAFB11E9D8A0C87509E19048C0761A
                                                          SHA-512:175D7D6873EE1C537ACB1BFFD5E6DB0DF69220908E6474F38B370E91CA14FA6DD0860BF72ADC4616D935B70E944A721015F5B092858DCDE4C9CF98A0B782BD3D
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:BM........6...(...u...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                          C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 17, database pages 21, cookie 0x5, schema 4, UTF-8, version-valid-for 17
                                                          Category:dropped
                                                          Size (bytes):86016
                                                          Entropy (8bit):4.444952238375166
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:4A8A70C043C0A6CF6E0420C0BF313998
                                                          SHA1:126CCE2A240B8318C35195F0C3A7023E5F9202A2
                                                          SHA-256:3DDC89C0C60A667035152BD1DA93FFC9BC455B8C42F35AD76898B1D8D4A5779C
                                                          SHA-512:A148A60E836B236F16E4C4F1856038B8EDA273B9C863ED606C23D89FA916E6FC4F9B40E93A7D8207919F1793648E9E931F99422D4C87D3053213CF5C2B0E94C7
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:SQLite format 3......@ ..........................................................................c.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                          C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:SQLite Rollback Journal
                                                          Category:dropped
                                                          Size (bytes):8720
                                                          Entropy (8bit):2.2138103875687634
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:6BD90C13479D7636115DAE9859B375AC
                                                          SHA1:9B3D24D425B054ADFBAD7565AF167435626F3B52
                                                          SHA-256:8894264F510085E3F444DA77B2A2CC030F1072DE8C89080B3B3E63610DBD04F8
                                                          SHA-512:E9598E08243434B69AEEED0DB702624CF5B7191FC3F7403E5F294F1C0C1F20F8621B30A943E57A56546671E0EBF44FBF81642968FBB278ACE4C17500C2F648F3
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:.... .c.....~.u........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                          C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:Certificate, Version=3
                                                          Category:dropped
                                                          Size (bytes):1391
                                                          Entropy (8bit):7.705940075877404
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:0CD2F9E0DA1773E9ED864DA5E370E74E
                                                          SHA1:CABD2A79A1076A31F21D253635CB039D4329A5E8
                                                          SHA-256:96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6
                                                          SHA-512:3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:0..k0..S............@.YDc.c...0...*.H........0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10...150604110438Z..350604110438Z0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10.."0...*.H.............0..........$s..7.+W(.....8..n<.W.x.u...jn..O(..h.lD...c...k....1.!~.3<.H..y.....!.K...qiJffl.~<p..)"......K...~....G.|.H#S.8.O.o...IW..t../.8.{.p!.u.0<.....c...O..K~.....w...{J.L.%.p..)..S$........J.?..aQ.....cq...o[...\4ylv.;.by.../&.....................6....7..6u...r......I.....*.A..v........5/(.l....dwnG7..Y^h..r...A)>Y>.&.$...Z.L@.F....:Qn.;.}r...xY.>Qx....../..>{J.Ks......P.|C.t..t.....0.[q6....00\H..;..}`...).........A.......|.;F.H*..v.v..j.=...8.d..+..(.....B.".'].y...p..N..:..'Qn..d.3CO......B0@0...U...........0...U.......0....0...U......y.Y.{....s.....X..n0...*.H.............U.X....P.....i ')..au\.n...i/..VK..s.Y.!.~.Lq...`.9....!V..P.Y...Y.............b.E.f..|o..;.....'...}~.."......

                                                          C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
                                                          Category:dropped
                                                          Size (bytes):71954
                                                          Entropy (8bit):7.996617769952133
                                                          Encrypted:true
                                                          SSDEEP:
                                                          MD5:49AEBF8CBD62D92AC215B2923FB1B9F5
                                                          SHA1:1723BE06719828DDA65AD804298D0431F6AFF976
                                                          SHA-256:B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F
                                                          SHA-512:BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:MSCF............,...................I..................XaK .authroot.stl.[.i..6..CK..<Tk......4.cl!Kg..E..*Y.f_..".$mR"$.J.E.KB."..rKv.."{.g....3.W.....c..9.s...=....y6#..x..........D......\(.#.s.!.A.......cd.c........+^.ov...n.....3BL..0.......BPUR&.X..02.q...R...J.....w.....b.vy>....-.&..(..oe."."...J9...0U.6J..|U..S.....M.F8g...=.......p...........l.?3.J.x.G.Ep..$g..tj......)v]9(:.)W.8.Op.1Q..:.nPd........7.7..M].V F..g.....12..!7(...B.......h.RZ.......l.<.....6..Z^.`p?... .p.Gp.#.'.X..........|!.8.....".m.49r?.I...g...8.v.....a``.g.R4.i...J8q....NFW,E.6Y....!.o5%.Y.....R..<..S9....r....WO...(.....F..Q=*....-..7d..O(....-..+k.........K..........{Q....Z..j._.E...QZ.~.\.^......N.9.k..O.}dD.b1r...[}/....T..E..G..c.|.c.&>?..^t. ..;..X.d.E.0G....[Q.*,*......#.Dp..L.o|#syc.J............}G-.ou6.=52..XWi=...m.....^u......c..fc?&pR7S5....I...j.G........j.j..Tc.El.....B.pQ.,Bp....j...9g.. >..s..m#.Nb.o_u.M.V...........\#...v..Mo\sF..s....Y...

                                                          C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:data
                                                          Category:dropped
                                                          Size (bytes):192
                                                          Entropy (8bit):2.7569015731729736
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:282413821680590B019698B7FF43F564
                                                          SHA1:623044A11AC77934D404863BB6ECDE60B8BEB4E7
                                                          SHA-256:1C4C660B621CB350B40B47B0112CA3B61787DC854BBAE222A029EEFBA540BDC5
                                                          SHA-512:7AEA1B4CA4C96C9534A575EE3D698484B173314D63BCBB316373312D5AE79CD036F41AF71044878B275936984752229A6512FC58151EA513525BD2A346A248E3
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:p...... .........9.2.~..(....................................................... ..........W....{...............o...h.t.t.p.:././.x.1...i...l.e.n.c.r...o.r.g./...".6.4.c.d.6.6.5.4.-.5.6.f."...

                                                          C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:data
                                                          Category:modified
                                                          Size (bytes):328
                                                          Entropy (8bit):3.2262411506448765
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:E65DFA0EE95AEED16744C7D10085691D
                                                          SHA1:0221AB403F8515351228766B166A369536CC12D5
                                                          SHA-256:4AA6201710DE9D0AE6478E07F4D4D6AB2A7E8571E5B91F223B27B0345A85ED28
                                                          SHA-512:4DB947F9317D1993C07E92A3D906A42073450DD6B3310D0C670A8C3429740E2A5E2235EBD5F2904EB43446712F1014E4FA1E1F568453CCC986213C5EB10BDCE9
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:p...... ......... .E.~..(....................................................... ........G..@.......&......X........h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".a.7.2.8.2.e.b.4.0.b.1.d.a.1.:.0."...

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):295
                                                          Entropy (8bit):5.361198341146328
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:2BDB1B046F83D5D955C80DB5D2E24792
                                                          SHA1:FF3E47567A4AC284B1E12739733444583620EBE5
                                                          SHA-256:9B83ED5CA5B26EDD890E37B75C1A4F7CED39AC9C3C0C1F3AC3787F5FDDEF58D6
                                                          SHA-512:8F6DCD184E24C81A12C00C121320AA5EB992776D2BC186DD20631ADCB779F71C67DDE7EAFBFE1FB4E4B0A6986400D50C6E5247A79DB83EC173C6CD4102569780
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"ACROBAT_READER_MASTER_SURFACEID","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):294
                                                          Entropy (8bit):5.308685608208669
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:A4E7DC48181AF0C20D6085E54303B157
                                                          SHA1:2DC9F5A5871AB36CC55E3AC61B98E627B030733E
                                                          SHA-256:1D4895C9658472B8FD1E4609C0397A846AAFCA7BF9140E589C50CB48F877446D
                                                          SHA-512:B0AD1A74B53696C98D0C6186DC5F05CF9254D3876C71F58FDC4E1739BB2B027EB47A00ACCF4EE44DE655315AD2D51B69292ACF4C45035202CF34862A12F93BF6
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"DC_FirstMile_Home_View_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):294
                                                          Entropy (8bit):5.287233924734674
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:3AFF93E144E336EE8B28AE8A3875DABB
                                                          SHA1:1C89B841F69D874648475AC0C031C21647227335
                                                          SHA-256:1D88DCEEE530DDB83277595BCB24EE6332EA39B199BE48D67950E32F77944627
                                                          SHA-512:3E960896F4630C3B60177B6542225142316C4EA45EF9C20FFF8EB7A1FD81608E3BEFD1721CDDA2CFEE5BE2E455039D3CB93FBCD0423CBE923AFCFA2D66915007
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"DC_FirstMile_Right_Sec_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):285
                                                          Entropy (8bit):5.351512032567019
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:84874E6FD7AAD1D4AFA4AB3B36EB6172
                                                          SHA1:5513E110FCB21576D41B29BF7270D8254A6162FD
                                                          SHA-256:5A52FD44A4C69FC9C08AA9C73421D1DD6DE5BB04E561135E094C8823CB96F992
                                                          SHA-512:EACADC47041905885825ACB66077EFA3CBBCDC8E5F985B781B34618A1050B8781774EA5E7571EC708A60C2080233D44A46313390E3A194EB03FF7724D531BF53
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"DC_READER_LAUNCH_CARD","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):2135
                                                          Entropy (8bit):5.849022343350656
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:FB5615707AC34E8F91EF02A70A71D30E
                                                          SHA1:323CCAB0F4D3E2D7A0A8D6C64243B7EB6B4FE3C9
                                                          SHA-256:3D1C3627AA77BB477A574D989A8982D39455C992DBB9FD8AB994D56CE03AE76D
                                                          SHA-512:2C0AF0BFA3C54FC2575535D641140C78576765A60B93CDCD8D0841E0E54606B858A167522755DCA109D2B55C2E5104B309CBE5572DFAFCD71F5F0F7F0F4A8132
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"DC_Reader_Convert_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Convert_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"98856_305507ActionBlock_1","campaignId":98856,"containerId":"1","controlGroupId":"","treatmentId":"c5f7d329-61e3-4065-87ed-fed4efd54ddb","variationId":"305507"},"containerId":1,"containerLabel":"JSON for DC_Reader_Convert_LHP_Banner","content":{"data":"eyJkYXRhIjp7ImxocFYyQnlQYXRoIjp7Iml0ZW0iOnsiX3BhdGgiOiIvY29udGVudC9kYW0vYWNyb2JhdGRlc2t0b3AvZ3Jvd3RoL3JlYWRlci9lbi11cy9saHAtYmFubmVyL3YyL2NvbnZlcnQiLCJfdmFyaWF0aW9uIjoicmdzMDM2MS0wIiwidGl0bGUiOm51bGwsImRlc2NyaXB0aW9uIjoiRXhwb3J0IFBERnMgdG8gTWljcm9zb2Z0IFdvcmQgYW5kIEV4Y2VsLiIsImN0YUxhYmVsIjpudWxsLCJjdGFCZWhhdmlvciI6bnVsbCwiY3RhVXJsIjpudWxsLCJjdGFVcmxUeXBlIjpudWxsLCJ0

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):289
                                                          Entropy (8bit):5.300051194402713
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:3BBAB1A4F3C7B19CA4B5174F7B50AA9E
                                                          SHA1:FD96A3F7902CDDB9AF5A8AA8FE9CB4DD13DA7E84
                                                          SHA-256:C9500B6189D7E2E190DB733E1CD4BE8FDA211C85D1786C10DEAEC8DB8A6253F7
                                                          SHA-512:0F04FF0D64B585F67956D44E151FCA4FBE82AF527A14FFFC14F34D039002B5169149CBC62484307EFD539044A185294C21BD62B023DBE74C7E59D34E4A255383
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):292
                                                          Entropy (8bit):5.302702920575651
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:588EF0BAC5711CFBE06D7CF60FF4B3E2
                                                          SHA1:71027FFC61C79B87141FDE6F53F5C2F720038827
                                                          SHA-256:16A0FE23EA054445728FD3C61C273231E728EED4ADB2A921C52F97453E47C2E7
                                                          SHA-512:395A5B970A95C46F379A28332DABE3F767F4E1C613820144E254979746105593C7047436AAEBF5CED2EF4E7B3E50AAB68D4571D1113E768432018BF4A7FE9D77
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):2082
                                                          Entropy (8bit):5.844749740557992
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:B7B08F9B0F257B962FF5FCAB19DA8908
                                                          SHA1:7B332DB86410BB5631428E837CC55DAFCB904C00
                                                          SHA-256:176323DE4735A7EFA184389152E13C259183AEC2FDD8F14CD0D55EF77CD0495E
                                                          SHA-512:E73B910D21E0063DCE8E7ACF20302C5C9C61A13BA856DCE1873C93BEE89B6F93A1992D16BAC665253A1BB6D2F778104FE175B1B2754128CBCDF7B49F6205C47D
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"DC_Reader_Edit_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Edit_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"98856_305507ActionBlock_2","campaignId":98856,"containerId":"1","controlGroupId":"","treatmentId":"14c0f2e3-1443-4ebd-acdc-c9f63dcb7699","variationId":"305507"},"containerId":1,"containerLabel":"JSON for DC_Reader_Edit_LHP_Banner","content":{"data":"eyJkYXRhIjp7ImxocFYyQnlQYXRoIjp7Iml0ZW0iOnsiX3BhdGgiOiIvY29udGVudC9kYW0vYWNyb2JhdGRlc2t0b3AvZ3Jvd3RoL3JlYWRlci9lbi11cy9saHAtYmFubmVyL3YyL2VkaXQiLCJfdmFyaWF0aW9uIjoicmdzMDM2MS0wIiwidGl0bGUiOm51bGwsImRlc2NyaXB0aW9uIjpudWxsLCJjdGFMYWJlbCI6bnVsbCwiY3RhQmVoYXZpb3IiOm51bGwsImN0YVVybCI6bnVsbCwiY3RhVXJsVHlwZSI6bnVsbCwidHJhY2tpbmdJZCI6IlJHUzAzNjEtRU5VLUNvbnRyb2wiLCJfbWV0YWRhdGEiOnsic

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):295
                                                          Entropy (8bit):5.326726720030998
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:094264637C40BA85CDAABEEB9A41B961
                                                          SHA1:69BB60EC338A076560A9286D3462FCD8098E15F7
                                                          SHA-256:68AEAE2B08488FBE7CB68F3963897F32C17696AD9147E904DE2ECC38BD0715B4
                                                          SHA-512:8EEABC3DDC262DE0A891ACCB628558BD26F40B74C4DFAC1DD221FD4753D88C3FF99F6464FC7D448388BC3385C2130445236CC1A6451D649BD4F6782A8637F663
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"DC_Reader_Home_LHP_Trial_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):289
                                                          Entropy (8bit):5.307523329914285
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:75ED7992D391883AAB8EB8959C888CD8
                                                          SHA1:EF8AACDD9DE6B397D3CD8CF5D43EC6F29DF78470
                                                          SHA-256:2B5F7B085FF4B8E949D1D6F802615802DE210FC88EE84267EF1367559B5FA650
                                                          SHA-512:B6D5A329B4CEA4C28AD3D76840190D8F3B4B31B8236CA06E10AFA3E366821A7D9E5DA4555C82BE618D95E2551C1CB3E721ED4E21FC10864F3D6FDC5631E0B36E
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"DC_Reader_More_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):284
                                                          Entropy (8bit):5.294005146656249
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:45AA02DC0898A2768E84587707AE5F46
                                                          SHA1:9AF6A7CB288CF350452FD3C45E12DF0452CB76E7
                                                          SHA-256:F58D8676949137B1C90E231FEF25492D35029986CAC7E0881A7C1040005599F0
                                                          SHA-512:1DCF606488D340DAC6D4B12FD560D1F1F59050B0BF92E35231C2B548DBF960A5F783EABDB7E142531B4D5F044607260BA513BD71EBF8073606C820FA495CFECE
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"DC_Reader_RHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):291
                                                          Entropy (8bit):5.2910187208533435
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:5B15C4A74EA596F5CDB55865EDD18423
                                                          SHA1:9051F70FADE926FD8B6DBD541D2F8CCE662F2353
                                                          SHA-256:BB6E124D9E207B99CDB4F37D400B8D9059123740BF1D1EFB7C28C85067A85D55
                                                          SHA-512:B6B77676C0718BCA78F12E460791B7DF22845248CDECE0B7A078D1140FD652932246E50F982FAEFDF39F48415148B64F9E56556F414D02DE6CE6109C9CC19210
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"DC_Reader_RHP_Intent_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):287
                                                          Entropy (8bit):5.294504175287887
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:5F423BA925A6358EAED845B4E59428F0
                                                          SHA1:7EEB0E14BF0CD99BB0F077B02BA1BD5C59F47794
                                                          SHA-256:21A0863C791B5DB23ED84309805602593CEB9FB4594198E47EEE7743D977036C
                                                          SHA-512:40712EF08F1B989D6214B577B9ED9F615FF0D0956AE201B19A1B2A9CBB5F616C464BBE12CF71E6E1C78F0F982EED5BFCD33087531B75814A81CFADC38AE6E8A5
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"DC_Reader_RHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):2034
                                                          Entropy (8bit):5.847920039377407
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:BF7FA1A114C07F0B4164CBC8F2F1C578
                                                          SHA1:6B5E5C882A3B230D7870E4FA55D21539B11CCC43
                                                          SHA-256:C5A7831CFE5B5AB1E8FAE39C54AAB24C601EA277D5B037800D94EBC30FE87E9C
                                                          SHA-512:6F7442876D37913B36413F38C36A4D851A0589A12E4512BBCE6D7C1DF9E396750ACB5DA8C3237F6DBB2114D61CE6F7D679A295027DF097240B4C7CF303E4FA0D
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"DC_Reader_Sign_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Sign_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"98856_305507ActionBlock_0","campaignId":98856,"containerId":"1","controlGroupId":"","treatmentId":"e62f3b57-7a94-481f-9907-c3665f96acef","variationId":"305507"},"containerId":1,"containerLabel":"JSON for DC_Reader_Sign_LHP_Banner","content":{"data":"eyJkYXRhIjp7ImxocFYyQnlQYXRoIjp7Iml0ZW0iOnsiX3BhdGgiOiIvY29udGVudC9kYW0vYWNyb2JhdGRlc2t0b3AvZ3Jvd3RoL3JlYWRlci9lbi11cy9saHAtYmFubmVyL3YyL3NpZ24iLCJfdmFyaWF0aW9uIjoicmdzMDM2MS0wIiwidGl0bGUiOm51bGwsImRlc2NyaXB0aW9uIjoiRWFzaWx5IGZpbGwgYW5kIHNpZ24gUERGcy4iLCJjdGFMYWJlbCI6bnVsbCwiY3RhQmVoYXZpb3IiOm51bGwsImN0YVVybCI6bnVsbCwiY3RhVXJsVHlwZSI6bnVsbCwidHJhY2tpbmdJZCI6IlJHUzAzNjEtRU5VL

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):286
                                                          Entropy (8bit):5.272457855733558
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:E7314A601E46716D81DA593BA751C1DD
                                                          SHA1:75C8A80738ADCB2128D995FF32996C8B52762AA9
                                                          SHA-256:72DD0E2F8D4592C6E2988E7DCA2D50BE5C9BD1F49A46C9F57A3A57246D837124
                                                          SHA-512:C75D178B5169BECD569CA6863238238C4877F2E66DC8FDE2E7F8F0EDA999B1F80046117DB81B5D2B5E5514CC9AD8604EF90A00F3C9E57A18D3067AFFAEAB3303
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"DC_Reader_Upsell_Cards","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):282
                                                          Entropy (8bit):5.2823575698267415
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:07B31277C75F9BE8831689BC8ED081BE
                                                          SHA1:F1B0E25B8AC93802234CD36B99525BFEE4621781
                                                          SHA-256:5E4BFF149B26321658C7FCDC1DB2A88F824894783B9CA1E7F54054F32ACA5BC8
                                                          SHA-512:75F9509ACF4F73183E21437E5CC2A99DCB9F4C9706161A0073125F77F7FFFA26FFBCF2602ADDBDD10A8EAFF8EE4A725DBCB22F9AC3AAE9EFD763507A01BF4093
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"analyticsData":{"responseGUID":"c2e8f709-76cf-4221-8a4e-596370481a50","sophiaUUID":"6E6CF47D-878E-41D8-BE92-CB1D7BE5FFE6"},"encodingScheme":true,"expirationDTS":1739728248955,"statusCode":200,"surfaceID":"Edit_InApp_Aug2020","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:data
                                                          Category:dropped
                                                          Size (bytes):4
                                                          Entropy (8bit):0.8112781244591328
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                                                          SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                                                          SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                                                          SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:....

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):2815
                                                          Entropy (8bit):5.129297874273858
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:56E55F729DF0D62F0D98E2DC2D901EAC
                                                          SHA1:AFAB2C48A9F73531EB067C8B4E3331B5BEF0BC3F
                                                          SHA-256:838EFF1DE01459EC0C2CF2A388C0A72F65A9DBCBCDF241DB073EFB964DEA4CAB
                                                          SHA-512:99C557F9BA065537965A5C58BB82A4D6EBE4164426B715A3008AB0F5B42A52D6BA083F7A9CC79A61AE3AEB8666233FA54EFCD3B9BE347AA4316FEB7B6CB649B1
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"all":[{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"116f11e385cbeb6e074416862186e3dd","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":289,"ts":1739549523000},{"id":"DC_Reader_Sign_LHP_Banner","info":{"dg":"19731e04f75aae6c7761e51e0da4f0cf","sid":"DC_Reader_Sign_LHP_Banner"},"mimeType":"file","size":2034,"ts":1739549523000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"5a929f9f08147bfd1e25f5f23ca72e27","sid":"DC_Reader_Convert_LHP_Banner"},"mimeType":"file","size":2135,"ts":1739549523000},{"id":"DC_Reader_Edit_LHP_Banner","info":{"dg":"b3962cdb80eefdc3e3d4f98c8cdd1b83","sid":"DC_Reader_Edit_LHP_Banner"},"mimeType":"file","size":2082,"ts":1739549523000},{"id":"DC_Reader_More_LHP_Banner","info":{"dg":"1c27c836e08dd0a4f06352b2e099e338","sid":"DC_Reader_More_LHP_Banner"},"mimeType":"file","size":289,"ts":1739549523000},{"id":"DC_Reader_Disc_LHP_Retention","info":{"dg":"9665b91da7e3c0496bc6ea9e90263dd5","sid":"DC_Reader_Disc_LHP_Retention"},"mimeType":"file","size":292,"

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 28, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 28
                                                          Category:dropped
                                                          Size (bytes):12288
                                                          Entropy (8bit):1.458984735072491
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:C5324D7FC5264836FD31F3807FEECB65
                                                          SHA1:306BD74B3BCC48FB17B80A8151C873D1CB770A0D
                                                          SHA-256:D0FF899A18B47A6D70CE2D360B46E9B2E1BBC9CCB630A0685281A5ACBFB2D2CD
                                                          SHA-512:DF47A83BDC130B36563AC400E27A6B4E5674CCAD7560343EB6B1C3B7E7252DBD00A74654519127AA755F2BDEDCAF7D092109A456E8B930D4BEE911F2317CD233
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:SQLite Rollback Journal
                                                          Category:dropped
                                                          Size (bytes):8720
                                                          Entropy (8bit):1.9614444116819694
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:8D96FE6DC95B7ABF2AC8B7308D7F45A6
                                                          SHA1:07377665170CA17BA1F79F3DC4AC85116F213B04
                                                          SHA-256:FC5EB10FACC19D7A1EFED23931C2A9BEF0CC3632A9AFF47E515A56EB608EF74B
                                                          SHA-512:E543FB60A6C4C3500974321070BD7604A9A0940EDFD10796B37386EEE25DB44638B1EDB9E6571D9DB06E86755A60E7A4BCDAAFC7131A10D78C50B27E76C36145
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:.... .c.....`.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................^..^.^.^.^.^.^.^..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache64.bin

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:data
                                                          Category:dropped
                                                          Size (bytes):66726
                                                          Entropy (8bit):5.392739213842091
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:E1BDEA22B677E2259D1261BE6F55EF12
                                                          SHA1:DB2721302F54BE0D3CDF4EA25DC2186CBDD010A4
                                                          SHA-256:06C664283D8134A6AE7BB35C33E15A93049E495E8EE7738717428D132060CA84
                                                          SHA-512:FFD709B295FD3AD16B0398AADA8428493517962931D6D936A3A569F4C0BED8DD35C258DA5837E95BA867509C1188201DC0E85CB49C05299B887521A742E75D47
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:4.397.90.FID.2:o:..........:F:AgencyFB-Reg.P:Agency FB.L:$.........................."F:Agency FB.#.96.FID.2:o:..........:F:AgencyFB-Bold.P:Agency FB Bold.L:%.........................."F:Agency FB.#.84.FID.2:o:..........:F:Algerian.P:Algerian.L:$..........................RF:Algerian.#.95.FID.2:o:..........:F:ArialNarrow.P:Arial Narrow.L:$.........................."F:Arial Narrow.#.109.FID.2:o:..........:F:ArialNarrow-Italic.P:Arial Narrow Italic.L:$.........................."F:Arial Narrow.#.105.FID.2:o:..........:F:ArialNarrow-Bold.P:Arial Narrow Bold.L:%.........................."F:Arial Narrow.#.118.FID.2:o:..........:F:ArialNarrow-BoldItalic.P:Arial Narrow Bold Italic.L:%.........................."F:Arial Narrow.#.77.FID.2:o:..........:F:ArialMT.P:Arial.L:$.........................."F:Arial.#.91.FID.2:o:..........:F:Arial-ItalicMT.P:Arial Italic.L:$.........................."F:Arial.#.87.FID.2:o:..........:F:Arial-BoldMT.P:Arial Bold.L:$.........................."F:Arial.#.100.FID.2

                                                          C:\Users\user\AppData\Local\Temp\MSI631ed.LOG

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                          Category:dropped
                                                          Size (bytes):246
                                                          Entropy (8bit):3.493870954423123
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:6FBCEA59C535A5022B8FABC1D20CC828
                                                          SHA1:28876DFEBF8651B60725B24F49ED538A08B26947
                                                          SHA-256:40FF5F60DBD276B934666797FC3B060E9149601F788475C92ADF1DC7E5C435D7
                                                          SHA-512:C9D7A8703DFB882AC7C348C491418E3EF174FAE2FAFBB40C92DAA2897EBA1F6AF6D9947874C5C6D5CFDB1FF8A2D8A145AA40542B3CE1D71EFFEADC243CCEBCD9
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:..E.r.r.o.r. .2.7.1.1...T.h.e. .s.p.e.c.i.f.i.e.d. .F.e.a.t.u.r.e. .n.a.m.e. .(.'.A.R.M.'.). .n.o.t. .f.o.u.n.d. .i.n. .F.e.a.t.u.r.e. .t.a.b.l.e.......=.=.=. .L.o.g.g.i.n.g. .s.t.o.p.p.e.d.:. .1.4./.0.2./.2.0.2.5. . .1.1.:.1.2.:.0.4. .=.=.=.....

                                                          C:\Users\user\AppData\Local\Temp\acrobat_sbx\A9mwdia9_1j0wxtg_4zw.tmp

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:Zip data (MIME type "application/vnd.adobe.air-ucf-package+zip"?)
                                                          Category:dropped
                                                          Size (bytes):170300
                                                          Entropy (8bit):7.9936036350312785
                                                          Encrypted:true
                                                          SSDEEP:
                                                          MD5:B3A6F65E663964D5207E1A4A979975C2
                                                          SHA1:2D303BB5476BA55C970B9FC617A725B20E4F79E2
                                                          SHA-256:251E961564C8F9F8935917401193F803EF2A2D59703D424B1D5A6E68DCCF14EA
                                                          SHA-512:AA2699CB14844A4B9A6A581CA39F6F0C40917E9733C1956687ECB506FCD75E34FCCC58C05110014FA3CF350114546104CC4E534747CFBC162494675B443632D9
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:PK.........1KZ...>)...).......mimetypeapplication/vnd.adobe.air-ucf-package+zipPK.........0KZ.[i.G...?.......message.xml.kS.J..?........nU.}..e.r..0...$gj.NQ.-@.!.$9..:.}.m.l............{....!v..Y...v.{...0.E..v>_..z;.>....<..w.(/.....n.aP.}v..$...m~>.`...8<`.{./...{......|x./g.{.EAR.;N......E..;=..sv.d.[..B~.....;.|.F.....e...8,.`........X.8.....>......\..........c.O...Q......0M..88....w...r.).q.......<<?~...-.4.........k..G.....<,..w,..."..N.0./.d..#.U...G.g...q.!x..pg.....Cy.0.p...3(*z.|...}u.GA...D..b..8....!......q.=M.zr........Y.fQ.t ..~..V....H./.Gp....._...y.....q.0...{.7.-^.E..`.Va..s..e:+8.?.w/......5.<N..qx<....q<;.7.n.._.).U.....].9...^.._aJ.thsL.k..|.....E..2Q.F.\..w%N.g)7A.>{..........^%TK.Z..R.......8......6...d".=I..Q.OF...<..[..:.J..GV..k,Y.....SSd..!..J..v.b8.:..C..p.H..R.:0.R.V..6c.9p.7.3Dv....g].q.|..S..Vl.UD..*J./.[......I..q.{ ?.4...H%.WN. ....<...a..3..$..X.O..{\.3)Y.J..Ap..T..;x.<i.8..t...^Zsg.]4..p.m...Fi.....c .i

                                                          C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2025-02-14 11-11-59-188.log

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:ASCII text, with very long lines (393)
                                                          Category:dropped
                                                          Size (bytes):16525
                                                          Entropy (8bit):5.352085917943317
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:E89CDF7025B70E5A72FFC801BADFB345
                                                          SHA1:2C55C26FD5231BEBD6531BDB7962D12BE288A1BB
                                                          SHA-256:2A90DFB97133E5C0219784D1C4A94C0DC45AE4787C40CFE6894A59D94C4FB88C
                                                          SHA-512:22621DFF9C688C4B0BB3237350959B4357C65D1796834FC23E6636B4975BE942A969F7DB05E8FC10102DEBF93ED662BE28FC649B2456EB4B659EC84BF8E93621
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:SessionID=47371133-08fd-4d2c-bf7b-052dd86a3818.1696588820356 Timestamp=2023-10-06T12:40:20:356+0200 ThreadID=1312 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=47371133-08fd-4d2c-bf7b-052dd86a3818.1696588820356 Timestamp=2023-10-06T12:40:20:356+0200 ThreadID=1312 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=47371133-08fd-4d2c-bf7b-052dd86a3818.1696588820356 Timestamp=2023-10-06T12:40:20:356+0200 ThreadID=1312 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=47371133-08fd-4d2c-bf7b-052dd86a3818.1696588820356 Timestamp=2023-10-06T12:40:20:356+0200 ThreadID=1312 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=47371133-08fd-4d2c-bf7b-052dd86a3818.1696588820356 Timestamp=2023-10-06T12:40:20:356+0200 ThreadID=1312 Component=ngl-lib_NglAppLib Description="SetConfig:

                                                          C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:ASCII text, with CRLF line terminators
                                                          Category:dropped
                                                          Size (bytes):35721
                                                          Entropy (8bit):5.411919904855626
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:41DF7AC47FF434C772AB1D7C6697FF17
                                                          SHA1:7837EF0D88F5A843C8C376C51764C99E255DD441
                                                          SHA-256:8C795EBFE90FF88EA9680BA275755E7AE308CE15E6EF8FC5A6CEC506D6A650B7
                                                          SHA-512:E3E3C2EA55B90025CDEC08B23E291E7F5B340BBD42B2BBB7BC2B04550E52D0B58E96F59DFEA3983F31E3FDA56F605BF6AF107AED3ECFBC6E4E56604E7216C471
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:06-10-2023 12:14:34:.---2---..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : Starting NGL..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..06-10-2023 12:14:34:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..06-10-2023 12:14:34:.Closing File..06-10-

                                                          C:\Users\user\AppData\Local\Temp\acrocef_low\3c30f481-cafe-45de-b3f7-76b73f6e5f29.tmp

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
                                                          Category:dropped
                                                          Size (bytes):758601
                                                          Entropy (8bit):7.98639316555857
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:3A49135134665364308390AC398006F1
                                                          SHA1:28EF4CE5690BF8A9E048AF7D30688120DAC6F126
                                                          SHA-256:D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B
                                                          SHA-512:BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....

                                                          C:\Users\user\AppData\Local\Temp\acrocef_low\4b0d2d11-34c1-4f76-8405-cd373c280b57.tmp

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
                                                          Category:dropped
                                                          Size (bytes):1419751
                                                          Entropy (8bit):7.976496077007677
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:95F182500FC92778102336D2D5AADCC8
                                                          SHA1:BEC510B6B3D595833AF46B04C5843B95D2A0A6C9
                                                          SHA-256:9F9C041D7EE1DA404E53022D475B9E6D5924A17C08D5FDEC58C0A1DCDCC4D4C9
                                                          SHA-512:D7C022459486D124CC6CDACEAD8D46E16EDC472F4780A27C29D98B35AD01A9BA95F62155433264CC12C32BFF384C7ECAFCE0AC45853326CBC622AE65EE0D90BA
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                                                          C:\Users\user\AppData\Local\Temp\acrocef_low\7ad75e9d-6599-4354-9e28-183707f9eb80.tmp

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
                                                          Category:dropped
                                                          Size (bytes):386528
                                                          Entropy (8bit):7.9736851559892425
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:5C48B0AD2FEF800949466AE872E1F1E2
                                                          SHA1:337D617AE142815EDDACB48484628C1F16692A2F
                                                          SHA-256:F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
                                                          SHA-512:44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:...........]s[G. Z...{....;...J$%K&..%.[..k...S....$,.`. )Z..m........a.......o..7.VfV...S..HY}Ba.<.NUVVV~W.].;qG4..b,N..#1.=1.#1..o.Fb.........IC.....Z...g_~.OO.l..g.uO...bY.,[..o.s.D<..W....w....?$4..+..%.[.?..h.w<.T.9.vM.!..h0......}..H..$[...lq,....>..K.)=..s.{.g.O...S9".....Q...#...+..)>=.....|6......<4W.'.U.j$....+..=9...l.....S..<.\.k.'....{.1<.?..<..uk.v;.7n.!...g....."P..4.U........c.KC..w._G..u..g./.g....{'^.-|..h#.g.\.PO.|...]x..Kf4..s..............+.Y.....@.K....zI..X......6e?[..u.g"{..h.vKbM<.?i6{%.q)i...v..<P8P3.......CW.fwd...{:@h...;........5..@.C.j.....a.. U.5...].$.L..wW....z...v.......".M.?c.......o..}.a.9..A..%V..o.d....'..|m.WC.....|.....e.[W.p.8...rm....^..x'......5!...|......z..#......X_..Gl..c..R..`...*.s-1f..]x......f...g...k........g....... ).3.B..{"4...!r....v+As...Zn.]K{.8[..M.r.Y..........+%...]...J}f]~}_..K....;.Z.[..V.&..g...>...{F..{I..@~.^.|P..G.R>....U..../HY...(.z.<.~.9OW.Sxo.Y

                                                          C:\Users\user\AppData\Local\Temp\acrocef_low\b815c28d-7403-48ff-adeb-f82db4d29fa5.tmp

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
                                                          Category:dropped
                                                          Size (bytes):1407294
                                                          Entropy (8bit):7.97605879016224
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:A0CFC77914D9BFBDD8BC1B1154A7B364
                                                          SHA1:54962BFDF3797C95DC2A4C8B29E873743811AD30
                                                          SHA-256:81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685
                                                          SHA-512:74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                                                          C:\Users\user\AppData\Local\Temp\acrocef_low\bc4792d6-ebad-418a-9414-4690c7115620.tmp

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 160932
                                                          Category:dropped
                                                          Size (bytes):543911
                                                          Entropy (8bit):7.977303608379539
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:5B21A6981E55EF9576D169BBED44BCDB
                                                          SHA1:B3A14100B7E7C2C01D61B010A54937952D111E20
                                                          SHA-256:9555E661370D1DC26605DAE88BDBC1ABA68038C769BF6E354A256B1A1C4C110E
                                                          SHA-512:FCA72A5131D8780A17DF65BBFF37FBA88DBEA3B7AE991C3D893B21B9E6C1EED44DC12945C8DA39DE471FAC5013BE71D43E5BBB892994742BC33EF5934469B1B1
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....

                                                          C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\CRLCache\915DEAC5D1E15E49646B8A94E04E470958C9BB89.crl

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:data
                                                          Category:dropped
                                                          Size (bytes):118107
                                                          Entropy (8bit):6.450287599056291
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:B8BBF56F4D27E7288F6D85FECB14CF3B
                                                          SHA1:C317BDE7B97CCB9B300226BCA73AAB478D156F59
                                                          SHA-256:BDEAC7756DE21621BBE4E488BA3391680BE3F6CA7AFB0DDB7D569B4C81B9B27B
                                                          SHA-512:6C6FFBABE585E1651A09A1402CA026767EF24EA34DD71D8AB35BCFFE074CAB0DD05307FFB06D8A0FAA9EE5655FE438ACD38750635D354E3A21687D9D80DA9430
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:0...V0...=...0...*.H........0i1.0...U....US1.0...U....DigiCert, Inc.1A0?..U...8DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1..250210231234Z..250217231234Z0...k0!.......0.E....[0...210531000001Z0!...7g...(..^`.x.l...210531000001Z0!...\./M.8..>.f.....210531000001Z0!...*B.Sh...f...s.0..210531000001Z0!..../n...h..7....>..210601000001Z0!....0..>5..aN.u{D..210601000001Z0!...-...qpWa.!n.....210601000001Z0!..."f...\..N.....X..210601000001Z0!...in.H...[u...]....210602000001Z0!......`......._.]...210602000001Z0!...{..e..i......=..210602000001Z0!......S....fNj'.wy..210602000001Z0!......C.lm..B.*.....210602000001Z0!... .}...|.,dk...+..210603000001Z0!...U.K....o.".Rj..210603000001Z0!.....A...K.ZpK..'h..210603000001Z0!.....&}{ ......l..210603000001Z0!...:.m...I.p.;..v..210604000001Z0!...1"uw3..Gou.qg.q..210607000001Z0!...1.o}...c/...-R}..210608000001Z0!................210608000001Z0!...[.N.d............210609000001Z0!......x..i........210610000001Z0!...(... (..#.^.f...210

                                                          C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\CRLCache\DF22CF8B8C3B46C10D3D5C407561EABEB57F8181.crl

                                                          Download File
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:data
                                                          Category:dropped
                                                          Size (bytes):737
                                                          Entropy (8bit):7.551110888360892
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:DE553C064CD2CF220D94D86247D4B974
                                                          SHA1:14806295E2039053AB34D5E941993E814DB648EF
                                                          SHA-256:693C04B858423934594CBD58B3BAD6C978C309746478B70496AD7D619003F54F
                                                          SHA-512:8E7F4184501C7494E485BFF2E884829A732F329363755A76E24EECC48D9C0D9C68D52C07691AF505C2E49A65D162B43964FCB00AA7D3CB26DA67215CAB451473
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:0...0.....0...*.H........0b1.0...U....US1.0...U....DigiCert Inc1.0...U....www.digicert.com1!0...U....DigiCert Trusted Root G4..250204210859Z..250225210859Z.00.0...U.#..0.......q]dL..g?....O0...U........0...*.H..............R..Rm.s...a.D.V...'....y..|.I.=1>...L.7"Byb.>.+xY....\SK")".....O......v....n...sp4....4.x.Ix..Th.....:[..i.....J&...>....O~KFe.....&..W.XD..!.2.......$.MKc8..6nn..N...c.........(O.K....w...h.@......q.3...\74....+.. .....&#[fzB.~pv..P...~sz7M..D@_.o....Xd...S. W.Q.Z.......7......kF.q..o...A...l........]..h.)XFS3...XW.~...Se.].......v.t........dY.1.^.=`.9.....,n7^..w.go..mB.YU.<..Y....f.ub.{...h.1.&'P.=.\.UPuJ....9pkEp.*d...../.?.Fu..QU....@._.Kchm.....o....1...E.0nC..j........<.-..X..#Y=

                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Feb 14 15:12:01 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                          Category:dropped
                                                          Size (bytes):2675
                                                          Entropy (8bit):3.9820544990863214
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:99DDC645B610D9A3727941BF7E522C88
                                                          SHA1:BDC1FAA1B1B5070DDCC101D38FA6E12AE9ACA88A
                                                          SHA-256:D9C1ECCADA13C3974D9A7516BB6F9C2974D1A540F94146A26EEC848EB743116B
                                                          SHA-512:E9051D9D1894B8CC9CC5DB5ACC2743B6B9ECAE4C9B421C8748A9E26F77A5C5F13EC400B22B08D2CC1625C0A78AD4021FDE2D1E842734B9868511A2F46BAE888F
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:L..................F.@.. ...$+.,.....x#..~......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.INZn.....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZ}.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.VNZ}.....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.VNZ}............................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VNZ.......#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........}.z......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Feb 14 15:12:01 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                          Category:dropped
                                                          Size (bytes):2677
                                                          Entropy (8bit):3.9975931818506414
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:5DB21ECA1470A853EA438FB8CEEBBB85
                                                          SHA1:AF67D2C938C873773E65E66147918129D936330B
                                                          SHA-256:C156D26C1484826030BC531928C819866F7B9FCB1876CBAF604E4A8CED3141A0
                                                          SHA-512:A4418E8AE55C5B8DA524CEE167B3C36B3529599D233BF36BB4207CAF2ECA8E0B78623DF5DE26CACE53A5F5B3AAE3A80C43BF93BC06FBC8E93AEBDEB224E673D0
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:L..................F.@.. ...$+.,.....j...~......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.INZn.....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZ}.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.VNZ}.....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.VNZ}............................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VNZ.......#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........}.z......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 09:23:19 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                          Category:dropped
                                                          Size (bytes):2691
                                                          Entropy (8bit):4.009812191507079
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:6FECD4418453A727F59AC3914CC00DF4
                                                          SHA1:7AC23D47F5747F3D2BE26B275582154797E1EA56
                                                          SHA-256:96EF48CB135097A7E1E598F597B09239A08E8AD2AE4F65980A162ADCF2584A21
                                                          SHA-512:8F5940672B9650CFE7E6AECECF5FEA9C3E1186CB4DC4CE4944274D801AF62A6C13E6E10488920B7FC2DE99C47BD89BAF97255990C46226122E6710577950FEC6
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:L..................F.@.. ...$+.,....?.4 ?.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.INZn.....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZ}.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.VNZ}.....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.VNZ}............................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.R.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........}.z......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Feb 14 15:12:01 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                          Category:dropped
                                                          Size (bytes):2679
                                                          Entropy (8bit):3.995846654422285
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:12C0885C1CE378600D6E88E3B904CBDB
                                                          SHA1:27E230830B24F19D8C88D31154EC957C053A45A0
                                                          SHA-256:7D60322ADB8F4578B2E65BBEA9CB1658853469B89BB371ADAAB7F98A90FDA2C6
                                                          SHA-512:7218BCFEC96A1B0DF96382395C55C1D8AF5E559D85B78193CEABCE18EF50C50D7DC0508D50D0C48271480C06B5CAB6F4693C9151072AB170777D6BE2375818CD
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:L..................F.@.. ...$+.,.....>...~......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.INZn.....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZ}.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.VNZ}.....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.VNZ}............................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VNZ.......#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........}.z......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Feb 14 15:12:01 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                          Category:dropped
                                                          Size (bytes):2679
                                                          Entropy (8bit):3.9837430129656606
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:949BEE8F5850E992C5ED4832C2176BC2
                                                          SHA1:27ED50E0603115937E1DC1487FEFCB9886A1D83B
                                                          SHA-256:E1ED0A26A20E6E948B457F25E8132E71954084095DE64CC6E7D49C7514D10FD7
                                                          SHA-512:D791CC26BD2FA021713DB556A17BEE289C24F279CABA647FD7DFFE807D783CB7F4978A1BA82CCECA6CDD20A5871D68D24BFA13B505B60E2BE4063D4288F275D4
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:L..................F.@.. ...$+.,....c....~......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.INZn.....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZ}.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.VNZ}.....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.VNZ}............................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VNZ.......#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........}.z......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Feb 14 15:12:01 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                          Category:dropped
                                                          Size (bytes):2681
                                                          Entropy (8bit):3.9977103238457925
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:6FB8A3C9131F56E9C69A6397FEDBD92A
                                                          SHA1:E846096A70B6A874A11602FE72CE520BE567BEEF
                                                          SHA-256:E50978D5D79B65731CF2CC718FF47F4658593D710DEBB5F0988E4B0A10F64CE1
                                                          SHA-512:EC5737C98A6A73769546D9C956E9F2A0504866B21516CD0402F406358977EFD1B7174BF0E9582E375F29208788F10F1DCA58E6ADF5635A96CFEDB2985EC90E02
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:L..................F.@.. ...$+.,.....z...~......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.INZn.....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZ}.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.VNZ}.....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.VNZ}............................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VNZ.......#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........}.z......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                          Chrome Cache Entry: 193

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:PNG image data, 600 x 1, 8-bit/color RGBA, non-interlaced
                                                          Category:downloaded
                                                          Size (bytes):132
                                                          Entropy (8bit):4.945787382366693
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:3EDA15637AFEAC6078F56C9DCC9BBDB8
                                                          SHA1:97B900884183CB8CF99BA069EEDC280C599C1B74
                                                          SHA-256:68C66D144855BA2BC8B8BEE88BB266047367708C1E281A21B9D729B1FBD23429
                                                          SHA-512:06B21827589FCAF63B085DB2D662737B24A39A697FF9138BDF188408647C3E90784B355F2B8390160CA487992C033CE735599271EE35873E1941812AB6C34B52
                                                          Malicious:false
                                                          Reputation:unknown
                                                          URL:https://r4.res.office365.com/owa/prem/15.20.8466.9/resources/images/0/sprite1.mouse.png
                                                          Preview:.PNG........IHDR...X..........x......sRGB.........gAMA......a.....pHYs..........o.d....IDATHK..1......Om.O ...j.a...\BW....IEND.B`.

                                                          Chrome Cache Entry: 194

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
                                                          Category:downloaded
                                                          Size (bytes):662286
                                                          Entropy (8bit):5.315860951951661
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:12204899D75FC019689A92ED57559B94
                                                          SHA1:CCF6271C6565495B18C1CED2F7273D5875DBFB1F
                                                          SHA-256:39DAFD5ACA286717D9515F24CF9BE0C594DFD1DDF746E6973B1CE5DE8B2DD21B
                                                          SHA-512:AA397E6ABD4C54538E42CCEDA8E3AA64ACE76E50B231499C20E88CF09270AECD704565BC9BD3B27D90429965A0233F99F27697F66829734FF02511BD096CF030
                                                          Malicious:false
                                                          Reputation:unknown
                                                          URL:https://r4.res.office365.com/owa/prem/15.20.8466.9/scripts/boot.worldwide.2.mouse.js
                                                          Preview:.window.scriptsLoaded = window.scriptsLoaded || {}; window.scriptProcessStart = window.scriptProcessStart || {}; window.scriptProcessStart['boot.worldwide.2.mouse.js'] = (new Date()).getTime();.._y.lC=function(){};_y.lC.registerInterface("_y.lC");_y.jw=function(){};_y.jw.registerInterface("_y.jw");_y.lA=function(){};_y.lA.registerInterface("_y.lA");var IDelayedSendEvent=function(){};IDelayedSendEvent.registerInterface("IDelayedSendEvent");var IIsShowingComposeInReadingPaneEvent=function(){};IIsShowingComposeInReadingPaneEvent.registerInterface("IIsShowingComposeInReadingPaneEvent");var ISendFailedO365Event=function(){};ISendFailedO365Event.registerInterface("ISendFailedO365Event");var ISendFailureRemoveO365Event=function(){};ISendFailureRemoveO365Event.registerInterface("ISendFailureRemoveO365Event");_y.gw=function(){};_y.gw.registerInterface("_y.gw");_y.iB=function(){};_y.iB.registerInterface("_y.iB");_y.ih=function(){};_y.ih.registerInterface("_y.ih");_y.jy=function(){};_y.jy.regis

                                                          Chrome Cache Entry: 196

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
                                                          Category:downloaded
                                                          Size (bytes):621
                                                          Entropy (8bit):7.673946009263606
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:4761405717E938D7E7400BB15715DB1E
                                                          SHA1:76FED7C229D353A27DB3257F5927C1EAF0AB8DE9
                                                          SHA-256:F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
                                                          SHA-512:E8DAC6F81EB4EBA2722E9F34DAF9B99548E5C40CCA93791FBEDA3DEBD8D6E401975FC1A75986C0E7262AFA1B9D1475E1008A89B92C8A7BEC84D8A917F221B4A2
                                                          Malicious:false
                                                          Reputation:unknown
                                                          URL:https://anglianswater.co.uk/aadcdn.msauth.net/~/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
                                                          Preview:..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x*...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E.."....*...x.@..?u......../....8...

                                                          Chrome Cache Entry: 197

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113424
                                                          Category:downloaded
                                                          Size (bytes):20410
                                                          Entropy (8bit):7.980582012022051
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:3BA4D76A17ADD0A6C34EE696F28C8541
                                                          SHA1:5E8A4B8334539A7EAB798A7799F6E232016CB263
                                                          SHA-256:17D6FF63DD857A72F37292B5906B40DC087EA27D7B1DEFCFA6DD1BA82AEA0B59
                                                          SHA-512:8DA16A9759BB68A6B408F9F274B882ABB3EE7BA19F888448E495B721094BDB2CE5664E9A26BAE306A00491235EB94C143E53F618CCD6D50307C3C7F2EF1B4455
                                                          Malicious:false
                                                          Reputation:unknown
                                                          URL:https://anglianswater.co.uk/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css
                                                          Preview:...........}k..6..w...R..J.H=GSI..x.9...}T*.....)Q..f<...~.F.h..x..{+.-.....h..n....</v.ev......W.,.bU..rW.I...0x...C..2...6]..W_......../x.........~.z.}.|.#x......Ag*O.|XgU...4 .^'U...mP.A.].Z.U.!..Y.......:.ve.?.!..d.N...xJ...mR......0.@p...lKr/...E.-. .....|l.4.o.i.......L.iF..T{.n....2....VEY.y=..=..T+V./.b....\....7.sH.w{.h.....!.."F.k.!.......d...mS.rh.&G.../..h&..RE"!.A/.......A....L...8.q.M...t[...R...>.6;R..^.Vu..9.[F........>A.:HT}w]......2........p......'T.^]}.^..yJ>.<..pq..h.|..j....j.x..-...c...f...=".)..U.X'.M..l.]ZVtl\.I..}.0.~B0Y'.N...E.4.Xd..e...a.........."..9+d.&..l.$E..R.u.g.Q..w&...~I. .y..D.4;..'.."-.....b...)k.n.M...,3J.z_..&2f.h;.&.R.y..P..X.....\P....*.r...B.$........<....H5.M.."'#.6mQl..mQ5.=.\...O.....^..jM..u*.F..Oh.lNI..j..T..u...I..._........{.\...{..._|..={O..z..>......x..5Q.D7?{...^...^.......o.=.z......v......z.C...Gtw...0!..M@....^...^.x..G....W...{...)..y.<c3...^>{......7._..'d__...;R.

                                                          Chrome Cache Entry: 198

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (59783), with CRLF line terminators
                                                          Category:downloaded
                                                          Size (bytes):663451
                                                          Entropy (8bit):5.3635307555313165
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:761CE9E68C8D14F49B8BF1A0257B69D6
                                                          SHA1:8CF5D714D35EFFA54F3686065CB62CCE028E2C77
                                                          SHA-256:BEAA65AD34340E61E9E701458E2CCFF8F9073FDEBBC3593A2C7EC8AFEACB69C1
                                                          SHA-512:CEC948666FBA0F56D3DA27A931033C3A581C9C00FEC4D3DDCF41324525B5B5321AE3AB89581ECC7F497DE85EF684AB277C8A2DB393D526416CEB76C91A1B9263
                                                          Malicious:false
                                                          Reputation:unknown
                                                          URL:https://r4.res.office365.com/owa/prem/15.20.8466.9/scripts/boot.worldwide.0.mouse.js
                                                          Preview:.window.scriptsLoaded = window.scriptsLoaded || {}; window.scriptProcessStart = window.scriptProcessStart || {}; window.scriptProcessStart['boot.worldwide.0.mouse.js'] = (new Date()).getTime();../* Empty file */;Function.__typeName="Function";Function.__class=!0;Function.createCallback=function(n,t){return function(){var r=arguments.length;if(r>0){for(var u=[],i=0;i<r;i++)u[i]=arguments[i];u[r]=t;return n.apply(this,u)}return n.call(this,t)}};Function.prototype.bind=Function.prototype.bind||function(n){if(typeof this!="function")throw new TypeError("bind(): we can only bind to functions");var u=Array.prototype.slice.call(arguments,1),r=this,t=function(){},i=function(){return r.apply(this instanceof t?this:n,u.concat(Array.prototype.slice.call(arguments)))};this.prototype&&(t.prototype=this.prototype);i.prototype=new t;return i};Function.createDelegate=function(n,t){return function(){return t.apply(n,arguments)}};Function.emptyFunction=Function.emptyMethod=function(){};Error.__typeNam

                                                          Chrome Cache Entry: 202

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:ASCII text, with no line terminators
                                                          Category:downloaded
                                                          Size (bytes):28
                                                          Entropy (8bit):4.307354922057605
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:9F9FA94F28FE0DE82BC8FD039A7BDB24
                                                          SHA1:6FE91F82974BD5B101782941064BCB2AFDEB17D8
                                                          SHA-256:9A37FDC0DBA8B23EB7D3AA9473D59A45B3547CF060D68B4D52253EE0DA1AF92E
                                                          SHA-512:34946EF12CE635F3445ED7B945CF2C272EF7DD9482DA6B1A49C9D09A6C9E111B19B130A3EEBE5AC0CCD394C523B54DD7EB9BF052168979A9E37E7DB174433F64
                                                          Malicious:false
                                                          Reputation:unknown
                                                          URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSFwn7pfaBLdzR7hIFDdFbUVISBQ1Xevf9?alt=proto
                                                          Preview:ChIKBw3RW1FSGgAKBw1Xevf9GgA=

                                                          Chrome Cache Entry: 203

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                          Category:downloaded
                                                          Size (bytes):232394
                                                          Entropy (8bit):5.54543362321178
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:AF8D946B64D139A380CF3A1C27BDBEB0
                                                          SHA1:C76845B6FFEAF14450795C550260EB618ABD60AB
                                                          SHA-256:37619B16288166CC76403F0B7DF6586349B2D5628DE00D5850C815D019B17904
                                                          SHA-512:C5CFB514F993310676E834C8A5477576BD57C82A8665387F9909BA0D4C3C2DE693E738ACAA74E7B4CA20894EA2FEEA5CF9A2428767D03FE1DE9C84538FDC3EE9
                                                          Malicious:false
                                                          Reputation:unknown
                                                          URL:https://r4.res.office365.com/owa/prem/15.20.8466.9/resources/styles/0/boot.worldwide.mouse.css
                                                          Preview:.feedbackList{-webkit-animation-duration:.17s;-moz-animation-duration:.17s;animation-duration:.17s;-webkit-animation-name:feedbackListFrames;-moz-animation-name:feedbackListFrames;animation-name:feedbackListFrames;-webkit-animation-fill-mode:both;-moz-animation-fill-mode:both;animation-fill-mode:both}@-webkit-keyframes feedbackListFrames{from{-webkit-transform:scale(1,1);transform:scale(1,1);-webkit-animation-timing-function:cubic-bezier(.33,0,.67,1);animation-timing-function:cubic-bezier(.33,0,.67,1)}to{-webkit-transform:scale(1.03,1.03);transform:scale(1.03,1.03)}}@-moz-keyframes feedbackListFrames{from{-moz-transform:scale(1,1);transform:scale(1,1);-moz-animation-timing-function:cubic-bezier(.33,0,.67,1);animation-timing-function:cubic-bezier(.33,0,.67,1)}to{-moz-transform:scale(1.03,1.03);transform:scale(1.03,1.03)}}@keyframes feedbackListFrames{from{-webkit-transform:scale(1,1);-moz-transform:scale(1,1);transform:scale(1,1);-webkit-animation-timing-function:cubic-bezier(.33,0,.67,

                                                          Chrome Cache Entry: 204

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:ASCII text, with no line terminators
                                                          Category:downloaded
                                                          Size (bytes):22
                                                          Entropy (8bit):3.6978458230844122
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:6AAB5444A217195068E4B25509BC0C50
                                                          SHA1:7B22EAF7EAA9B7E1F664A0632D3894D406FE7933
                                                          SHA-256:FC5525D427BFA27792D3A87411BE241C047D07F07C18E2FC36BF00B1C2E33D07
                                                          SHA-512:AA5F66638B142B5E6D1D008F2934530C7AAD2F7F19128CA24609825D0DACFFD25A77591BFD7FB1D225BE2FA77CABCE837E0741326C1AC622C244D51E6FAFB303
                                                          Malicious:false
                                                          Reputation:unknown
                                                          URL:https://mahna-tst.com/favicon.ico
                                                          Preview:<h1>Access Denied</h1>

                                                          Chrome Cache Entry: 206

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
                                                          Category:downloaded
                                                          Size (bytes):659798
                                                          Entropy (8bit):5.352921769071548
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:9786D38346567E5E93C7D03B06E3EA2D
                                                          SHA1:23EF8C59C5C9AA5290865933B29C9C56AB62E3B0
                                                          SHA-256:263307E3FE285C85CB77CF5BA69092531CE07B7641BF316EF496DCB5733AF76C
                                                          SHA-512:4962CDF483281AB39D339A7DA105A88ADDB9C210C9E36EA5E36611D7135D19FEC8B3C9DBA3E97ABB36D580F194F1860813071FD6CBEDE85D3E88952D099D6805
                                                          Malicious:false
                                                          Reputation:unknown
                                                          URL:https://r4.res.office365.com/owa/prem/15.20.8466.9/scripts/boot.worldwide.1.mouse.js
                                                          Preview:.window.scriptsLoaded = window.scriptsLoaded || {}; window.scriptProcessStart = window.scriptProcessStart || {}; window.scriptProcessStart['boot.worldwide.1.mouse.js'] = (new Date()).getTime();..;_a.d.G=function(n,t){this.b=n;this.a=t};_a.d.G.prototype={b:0,a:0};_a.fo=function(n){this.s=n};_a.fo.prototype={s:null,t:null,i:function(){return this.s.currentTarget},e:function(){return this.t?this.t.x:this.s.pageX},f:function(){return this.t?this.t.y:this.s.pageY},o:function(){return this.s.relatedTarget},b:function(){return this.s.target},n:function(){return this.s.timeStamp||+new Date},a:function(){var n=this.s.which;!n&&_a.o.a().K&&this.s.type==="keypress"&&(n=this.u());return n},u:function(){return this.s.keyCode},m:function(){return this.s.originalEvent},j:function(){return this.s.type},k:function(){return this.s.originalEvent.touches},q:function(){return this.s.isDefaultPrevented()},g:function(){return this.s.shiftKey},h:function(){return _j.G.a().P?this.s.metaKey:this.s.ctrlKey},l:

                                                          Chrome Cache Entry: 207

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:ASCII text, with very long lines (994), with no line terminators
                                                          Category:downloaded
                                                          Size (bytes):994
                                                          Entropy (8bit):4.934955158256183
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:E2110B813F02736A4726197271108119
                                                          SHA1:D7AC10CC425A7B67BF16DDA0AAEF1FEB00A79857
                                                          SHA-256:6D1BE7ED96DD494447F348986317FAF64728CCF788BE551F2A621B31DDC929AC
                                                          SHA-512:E79CF6DB777D62690DB9C975B5494085C82E771936DB614AF9C75DB7CE4B6CA0A224B7DFB858437EF1E33C6026D772BE9DBBB064828DB382A4703CB34ECEF1CF
                                                          Malicious:false
                                                          Reputation:unknown
                                                          URL:https://r4.res.office365.com/owa/prem/15.20.8466.9/resources/images/0/sprite1.mouse.css
                                                          Preview:.image-loading_blackbg-gif{background:url('loading_blackbg.gif');width:16px;height:16px}.image-loading_whitebg-gif{background:url('loading_whitebg.gif');width:16px;height:16px}.image-thinking16_blue-gif{background:url('thinking16_blue.gif');width:16px;height:16px}.image-thinking16_grey-gif{background:url('thinking16_grey.gif');width:16px;height:16px}.image-thinking16_white-gif{background:url('thinking16_white.gif');width:16px;height:16px}.image-thinking24-gif{background:url('thinking24.gif');width:24px;height:24px}.image-thinking32_blue-gif{background:url('thinking32_blue.gif');width:32px;height:32px}.image-thinking32_grey-gif{background:url('thinking32_grey.gif');width:32px;height:32px}.image-thinking32_white-gif{background:url('thinking32_white.gif');width:32px;height:32px}.image-clear1x1-gif{width:1px;height:1px;background:url('sprite1.mouse.png') -0 -0}.csimg{padding:0;border:none;background-repeat:no-repeat;-webkit-touch-callout:none}span.csimg{-ms-high-contrast-adjust:none}

                                                          Chrome Cache Entry: 208

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:ASCII text
                                                          Category:dropped
                                                          Size (bytes):689017
                                                          Entropy (8bit):4.210697599646938
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:3E89AE909C6A8D8C56396830471F3373
                                                          SHA1:2632F95A5BE7E4C589402BF76E800A8151CD036B
                                                          SHA-256:6665CA6A09F770C6679556EB86CF4234C8BDB0271049620E03199B34B4A16099
                                                          SHA-512:E7DBE4E95D58F48A0C8E3ED1F489DCF8FBF39C3DB27889813B43EE95454DECA2816AC1E195E61A844CC9351E04F97AFA271B37CAB3FC522809CE2BE85CC1B8F0
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:.!(function (e) {. function n(n) {. for (var t, i, o = n[0], r = n[1], s = 0, c = []; s < o.length; s++). (i = o[s]),. Object.prototype.hasOwnProperty.call(a, i) && a[i] && c.push(a[i][0]),. (a[i] = 0);. for (t in r) Object.prototype.hasOwnProperty.call(r, t) && (e[t] = r[t]);. for (d && d(n); c.length; ) c.shift()();. }. var t,. i = {},. a = { 22: 0 };. function o(n) {. if (i[n]) return i[n].exports;. var t = (i[n] = { i: n, l: !1, exports: {} });. return e[n].call(t.exports, t, t.exports, o), (t.l = !0), t.exports;. }. Function.prototype.bind ||. ((t = Array.prototype.slice),. (Function.prototype.bind = function (e) {. if ("function" != typeof this). throw new TypeError(. "Function.prototype.bind - what is trying to be bound is not callable". );. var n = t.call(arguments, 1),. i = n.length,. a = this,. o = function () {},. r = function () {. return (.

                                                          Chrome Cache Entry: 209

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:PNG image data, 76 x 75, 8-bit/color RGB, non-interlaced
                                                          Category:dropped
                                                          Size (bytes):61
                                                          Entropy (8bit):4.068159130770307
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:13C5DFD9FD2BC7C5649C95151F1BD1DF
                                                          SHA1:3DA7675FD1B3359BDA9E201BF26374A3733B767F
                                                          SHA-256:2DFD43C57DD2C2872150657DE72DE960F8E3799F23323E55DD1A628F81F89B7E
                                                          SHA-512:D03A9E11776A3248701B7B5BD3B37FA78A65868E949EE33534DFF0B0E769462FC79B00A5CC2B96275BE2F1BEF0A567201FF59CAED4895F064443D1F65087FD88
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:.PNG........IHDR...L...K.....U.......IDAT.....$.....IEND.B`.

                                                          Chrome Cache Entry: 210

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:HTML document, ASCII text, with very long lines (3445), with CRLF line terminators
                                                          Category:downloaded
                                                          Size (bytes):3447
                                                          Entropy (8bit):5.1147634913081745
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:ACDEC8DAD3164FBA20E86D50F1B979F1
                                                          SHA1:0C5FD1CCA5BECDB0080D20E6A90CCD91BC0D5894
                                                          SHA-256:1D2CDE2E778A731CBD158758F735E1BCC2508A8252720D261D94068AFF45AACC
                                                          SHA-512:A9D25D79EDF7BD8D668D5833263461B72B077AD3885A05DE749C7F0326BFC7C8D5D2D967E11FF40E52755211774DEC0E913532BC86AEEEC37B243A213CECEEC1
                                                          Malicious:false
                                                          Reputation:unknown
                                                          URL:https://login.live.com/Me.htm?v=3
                                                          Preview:<script type="text/javascript">!function(t,e){for(var s in e)t[s]=e[s]}(this,function(t){function e(n){if(s[n])return s[n].exports;var i=s[n]={exports:{},id:n,loaded:!1};return t[n].call(i.exports,i,i.exports,e),i.loaded=!0,i.exports}var s={};return e.m=t,e.c=s,e.p="",e(0)}([function(t,e){function s(t){for(var e=f[S],s=0,n=e.length;s<n;++s)if(e[s]===t)return!0;return!1}function n(t){if(!t)return null;for(var e=t+"=",s=document.cookie.split(";"),n=0,i=s.length;n<i;n++){var a=s[n].replace(/^\s*(\w+)\s*=\s*/,"$1=").replace(/(\s+$)/,"");if(0===a.indexOf(e))return a.substring(e.length)}return null}function i(t,e,s){if(t)for(var n=t.split(":"),i=null,a=0,r=n.length;a<r;++a){var c=null,S=n[a].split("$");if(0===a&&(i=parseInt(S.shift()),!i))return;var l=S.length;if(l>=1){var p=o(i,S[0]);if(!p||s[p])continue;c={signInName:p,idp:"msa",isSignedIn:!0}}if(l>=3&&(c.firstName=o(i,S[1]),c.lastName=o(i,S[2])),l>=4){var f=S[3],d=f.split("|");c.otherHashedAliases=d}if(l>=5){var h=parseInt(S[4],16);h&&(c.

                                                          Chrome Cache Entry: 211

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):72
                                                          Entropy (8bit):4.241202481433726
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:9E576E34B18E986347909C29AE6A82C6
                                                          SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                          SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                          SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                          Chrome Cache Entry: 212

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
                                                          Category:dropped
                                                          Size (bytes):1435
                                                          Entropy (8bit):7.8613342322590265
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:9F368BC4580FED907775F31C6B26D6CF
                                                          SHA1:E393A40B3E337F43057EEE3DE189F197AB056451
                                                          SHA-256:7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
                                                          SHA-512:0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.|..~.|{~...b{8...zv.....8|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g*.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dg*N.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f*;.....Zhrr.,.U....6.Y....+Zd.*R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.

                                                          Chrome Cache Entry: 213

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
                                                          Category:dropped
                                                          Size (bytes):61
                                                          Entropy (8bit):3.990210155325004
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:9246CCA8FC3C00F50035F28E9F6B7F7D
                                                          SHA1:3AA538440F70873B574F40CD793060F53EC17A5D
                                                          SHA-256:C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
                                                          SHA-512:A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:.PNG........IHDR...............s....IDAT.....$.....IEND.B`.

                                                          Chrome Cache Entry: 214

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
                                                          Category:downloaded
                                                          Size (bytes):660449
                                                          Entropy (8bit):5.4121922690110535
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:D9E3D2CE0228D2A5079478AAE5759698
                                                          SHA1:412F45951C6AEDA5F3DF2C52533171FC7BDD5961
                                                          SHA-256:7041D585609800051E4F451792AEC2B8BD06A4F2D29ED6F5AD8841AAE5107502
                                                          SHA-512:06700C65BEF4002EBFBFF9D856C12E8D71F408BACA2D2103DDE1C28319B6BD3859FA9D289D8AEB6DD484E802040F6EE537F31F97B4B60A6B120A6882C992207A
                                                          Malicious:false
                                                          Reputation:unknown
                                                          URL:https://r4.res.office365.com/owa/prem/15.20.8466.9/scripts/boot.worldwide.3.mouse.js
                                                          Preview:.window.scriptsLoaded = window.scriptsLoaded || {}; window.scriptProcessStart = window.scriptProcessStart || {}; window.scriptProcessStart['boot.worldwide.3.mouse.js'] = (new Date()).getTime();..;_n.a.jR=function(n){return n.dS()};_n.a.jZ=function(n){return n.eh()};_n.a.jP=function(n){return n.cC()};_n.a.jQ=function(n){return n.ca()};_n.a.hZ=function(n){return n.dO};_n.a.jU=function(n){return n.ed()};_n.a.jT=function(n){return n.ea()};_n.a.kb=function(n){return n.ej()};_n.a.hM=function(n){return 300};_n.a.fh=function(n){return n.V};_n.a.jV=function(n){return n.bI()};_n.a.ie=function(n){return n.mh()};_n.a.km=function(n){return n.bl()};_n.a.ka=function(n){return n.ei()};_n.a.ko=function(n){return n.cV()};_n.a.eX=function(n){return _y.E.isInstanceOfType(n)?n.y:null};_n.a.jN=function(n){return n.c()};_n.a.gm=function(n){return n.b()};_n.a.jM=function(n){return n.b()};_n.a.ib=function(n){return n.jM()};_n.a.iq=function(n){return n.bG};_n.a.iX=function(n){return _n.V.isInstanceOfType(n)?n

                                                          Chrome Cache Entry: 216

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:PNG image data, 342 x 72, 8-bit/color RGBA, non-interlaced
                                                          Category:downloaded
                                                          Size (bytes):5139
                                                          Entropy (8bit):7.865234009830226
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:8B36337037CFF88C3DF203BB73D58E41
                                                          SHA1:1ADA36FA207B8B96B2A5F55078BFE2A97ACEAD0E
                                                          SHA-256:E4E1E65871749D18AEA150643C07E0AAB2057DA057C6C57EC1C3C43580E1C898
                                                          SHA-512:97D8CC97C4577631D8D58C0D9276EE55E4B80128080220F77E01E45385C20FE55D208122A8DFA5DADCB87543B1BC291B98DBBA44E8A2BA90D17C638C15D48793
                                                          Malicious:false
                                                          Reputation:unknown
                                                          URL:https://anglianswater.co.uk/aadcdn.msauth.net/~/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
                                                          Preview:.PNG........IHDR...V...H.............tEXtSoftware.Adobe ImageReadyq.e<...%iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Macintosh)" xmpMM:InstanceID="xmp.iid:DB120779422011EA9888910153D3A5E6" xmpMM:DocumentID="xmp.did:DB12077A422011EA9888910153D3A5E6"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DB120777422011EA9888910153D3A5E6" stRef:documentID="xmp.did:DB120778422011EA9888910153D3A5E6"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>P.WI....IDATx..]]l.......(.5.K0P..0...E.qT..J X)F.(5X....J.}(m.R5.Q...RUEUPU~.....qp@.b......L...k.m"0......"c.3

                                                          Chrome Cache Entry: 217

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.9], baseline, precision 8, 50x28, components 3
                                                          Category:dropped
                                                          Size (bytes):987
                                                          Entropy (8bit):6.922003634904799
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:E58AAFC980614A9CD7796BEA7B5EA8F0
                                                          SHA1:D4CAC92DCDE0CAF7C571E6D791101DA94FDBD2CA
                                                          SHA-256:8B34A475187302935336BF43A2BF2A4E0ADB9A1E87953EA51F6FCF0EF52A4A1D
                                                          SHA-512:2DAC06596A11263DF1CFAB03EDA26D0A67B9A4C3BAA6FB6129CDBF0A157C648F5B0F5859B5CA689EFDF80F946BF4D854BA2B2C66877C5CE3897D72148741FCC9
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:......JFIF.....H.H.....fExif..MM.*.................>...........F.(...........1.........N.......H.......H....paint.net 4.2.9....C....................................................................C.........................................................................2..!............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?......[.4..lz.....K.S..p.>.9.r9j..'.\.qrW..mo...X9ZV<./x...EX...m.Prj..A.EtG...K..mr....Lc.T.*8...nlY.V.{6...*R...]..(.y...)^.5V.IVO.W.B.19.R\...f.U.....'..S:..k.6..*).f.n._3*....}.y.8.EusH..y.`.mA...W.}...bL..:..b.<f..(lH#R....v._...........9N~S..

                                                          Chrome Cache Entry: 219

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
                                                          Category:dropped
                                                          Size (bytes):17174
                                                          Entropy (8bit):2.9129715116732746
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:12E3DAC858061D088023B2BD48E2FA96
                                                          SHA1:E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
                                                          SHA-256:90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
                                                          SHA-512:C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

                                                          Chrome Cache Entry: 220

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:JPEG image data, baseline, precision 8, 1920x1080, components 3
                                                          Category:downloaded
                                                          Size (bytes):17453
                                                          Entropy (8bit):3.890509953257612
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:7916A894EBDE7D29C2CC29B267F1299F
                                                          SHA1:78345CA08F9E2C3C2CC9B318950791B349211296
                                                          SHA-256:D8F5AB3E00202FD3B45BE1ACD95D677B137064001E171BC79B06826D98F1E1D3
                                                          SHA-512:2180ABE47FBF76E2E0608AB3A4659C1B7AB027004298D81960DC575CC2E912ECCA8C131C6413EBBF46D2AAA90E392EB00E37AED7A79CDC0AC71BA78D828A84C7
                                                          Malicious:false
                                                          Reputation:unknown
                                                          URL:https://anglianswater.co.uk/aadcdn.msauth.net/~/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
                                                          Preview:.....Phttp://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about=""/> </rdf:RDF> </x:xmpmeta>

                                                          Chrome Cache Entry: 221

                                                          Download File
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:ASCII text, with very long lines (48138)
                                                          Category:dropped
                                                          Size (bytes):48139
                                                          Entropy (8bit):5.399746609631708
                                                          Encrypted:false
                                                          SSDEEP:
                                                          MD5:59306E15EB43DE76A56231E5E426EC80
                                                          SHA1:7606B8E4AEACE12B393AD6DCEBDF6D64BC7240E9
                                                          SHA-256:69865FE9BE4F6CDCED3CA8C047A486DB063F1179846F5EDFF395C39A7494FA34
                                                          SHA-512:99C5EE7567FECB0FD92C4622EE949975972FC46E165AA8E9FF719B3A64472F15E6A79EC83CA533C7305B70B35984B7980AC0552CE1169DBD1DC2C3C1F2D83F4B
                                                          Malicious:false
                                                          Reputation:unknown
                                                          Preview:"use strict";(function(){function Ht(e,t,a,o,c,l,g){try{var h=e[l](g),s=h.value}catch(p){a(p);return}h.done?t(s):Promise.resolve(s).then(o,c)}function jt(e){return function(){var t=this,a=arguments;return new Promise(function(o,c){var l=e.apply(t,a);function g(s){Ht(l,o,c,g,h,"next",s)}function h(s){Ht(l,o,c,g,h,"throw",s)}g(void 0)})}}function D(e,t){return t!=null&&typeof Symbol!="undefined"&&t[Symbol.hasInstance]?!!t[Symbol.hasInstance](e):D(e,t)}function Ue(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function De(e){for(var t=1;t<arguments.length;t++){var a=arguments[t]!=null?arguments[t]:{},o=Object.keys(a);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(a).filter(function(c){return Object.getOwnPropertyDescriptor(a,c).enumerable}))),o.forEach(function(c){Ue(e,c,a[c])})}return e}function Sr(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertyS

                                                          Static File Info

                                                          General

                                                          File type:PDF document, version 1.4, 1 pages
                                                          Entropy (8bit):7.8996547581565455
                                                          TrID:
                                                          • Adobe Portable Document Format (5005/1) 100.00%
                                                          File name:2025_Simplified_Tips_to_Stay_on_Track.pdf
                                                          File size:62'076 bytes
                                                          MD5:91f7afdf1ff72bcc5c18d14761afdd01
                                                          SHA1:5d5904d4a9ec9f1c2540601a40c50f524ff6dde5
                                                          SHA256:95fda84ebe3db00570c5ff7226da6fdf7ceb540a705688c10d7ad4895ebfbade
                                                          SHA512:27ab346d611dfcec287a155fd2716cb111226fb0565de0e919bbe0d53b57a43a7b4fec0864bb94af596dda9d798b0dbcfae662230c325e991767611b6c8021a7
                                                          SSDEEP:1536:3xA7g6muqsgul4ulEOiCxxwMK5B5Nhdh1MgxW+dj:hO3pl4mEOvxmB5H/xW+dj
                                                          TLSH:1953D0B8E68B8C6DFC41C616C67A344E8D1DF92795DC5041032E8A6AD908BD3BFA71C7
                                                          File Content Preview:%PDF-1.4.%.....1 0 obj.<</Title (Responsive Email)./Creator (Chromium)./Producer (Skia/PDF m127)./CreationDate (D:20250212144124+00'00')./ModDate (D:20250212144124+00'00')>>.endobj.3 0 obj.<</ca 1./BM /Normal>>.endobj.8 0 obj.<</N 3./Filter /FlateDecode./

                                                          File Icon

                                                          Icon Hash:62cc8caeb29e8ae0

                                                          Static PDF Info

                                                          General

                                                          Header:%PDF-1.4
                                                          Total Entropy:7.899655
                                                          Total Bytes:62076
                                                          Stream Entropy:7.992782
                                                          Stream Bytes:53399
                                                          Entropy outside Streams:5.162627
                                                          Bytes outside Streams:8677
                                                          Number of EOF found:1
                                                          Bytes after EOF:

                                                          Keywords Statistics

                                                          NameCount
                                                          obj50
                                                          endobj50
                                                          stream9
                                                          endstream9
                                                          xref1
                                                          trailer1
                                                          startxref1
                                                          /Page1
                                                          /Encrypt0
                                                          /ObjStm0
                                                          /URI0
                                                          /JS0
                                                          /JavaScript0
                                                          /AA0
                                                          /OpenAction0
                                                          /AcroForm0
                                                          /JBIG2Decode0
                                                          /RichMedia0
                                                          /Launch0
                                                          /EmbeddedFile0

                                                          Image Streams

                                                          IDDHASHMD5Preview
                                                          7000000000000000021085cd7dfdac67e4844d4200dc94e47