Analysis Report Survey - Joe Sandbox
111
ID: 272398 Sample Name: Survey--Debt Accumulation and Business Reorganization.pdf Cookbook: defaultwindowspdfcookbook.jbs Time: 21:52:36 Date: 20/08/2020 Version: 29.0.0 Ocean Jasper
-
Upload
khangminh22 -
Category
Documents
-
view
1 -
download
0
Transcript of Analysis Report Survey - Joe Sandbox
ID: 272398Sample Name: Survey--DebtAccumulation and BusinessReorganization.pdfCookbook:defaultwindowspdfcookbook.jbsTime: 21:52:36Date: 20/08/2020Version: 29.0.0 Ocean Jasper
2
4444444455556677888888999
1012131313151515434343444444
444445464848495097999999
100100
Table of Contents
Table of ContentsAnalysis Report Survey--Debt Accumulation and BusinessReorganization.pdf
OverviewGeneral InformationDetectionSignaturesClassificationAnalysis Advice
StartupMalware ConfigurationYara OverviewSigma OverviewSignature OverviewMitre Att&ck MatrixBehavior GraphScreenshots
ThumbnailsAntivirus, Machine Learning and Genetic Malware Detection
Initial SampleDropped FilesUnpacked PE FilesDomainsURLs
Domains and IPsContacted DomainsContacted URLsURLs from Memory and BinariesContacted IPsPublicPrivate
General InformationSimulations
Behavior and APIsCreated / dropped FilesStatic File Info
GeneralFile IconStatic PDF Info
GeneralKeywords Statistics
Network BehaviorNetwork Port DistributionTCP PacketsUDP PacketsDNS QueriesDNS AnswersHTTP Request Dependency GraphHTTP PacketsHTTPS Packets
Code ManipulationsStatistics
BehaviorSystem Behavior
Analysis Process: AcroRd32.exe PID: 6728 Parent PID: 5552Copyright null 2020 Page 2 of 111
100100100
102102102
103103103104
104104104104
108108109
109109109
109109109
110110110
110110110110
111111111
111111
GeneralFile Activities
File Created
Registry ActivitiesKey CreatedKey Value Created
Analysis Process: AcroRd32.exe PID: 6788 Parent PID: 6728GeneralFile ActivitiesRegistry Activities
Analysis Process: RdrCEF.exe PID: 6964 Parent PID: 6728GeneralFile Activities
File Read
Analysis Process: RdrCEF.exe PID: 7132 Parent PID: 6964GeneralFile Activities
Analysis Process: RdrCEF.exe PID: 5364 Parent PID: 6964GeneralFile Activities
Analysis Process: RdrCEF.exe PID: 412 Parent PID: 6964GeneralFile Activities
Analysis Process: RdrCEF.exe PID: 5820 Parent PID: 6964GeneralFile Activities
Analysis Process: iexplore.exe PID: 3160 Parent PID: 6728GeneralFile ActivitiesRegistry Activities
Analysis Process: iexplore.exe PID: 5620 Parent PID: 3160GeneralFile Activities
DisassemblyCode Analysis
Copyright null 2020 Page 3 of 111
Analysis Report Survey--Debt Accumulation and Business Reorganization.pdf…
Overview
General Information
Sample Name:
Survey--Debt Accumulation and Business Reorganization.pdf
Analysis ID: 272398
MD5: 97dbeafa60f839e…
SHA1: 27a5c7e5624092…
SHA256: 29d4690a9de0ffb…
Most interesting Screenshot:
Detection
Score: 0
Range: 0 - 100
Whitelisted: false
Confidence: 60%
Signatures
Contains functionality to access load
Contains functionality to access load
Contains functionality to access load
Contains functionality to access load
Contains functionality to access load
Contains functionality to access load
Contains functionality to access loadContains functionality to access load……
Classification
Analysis Advice
No malicious behavior found, analyze the document also on other version of Office / Acrobat
Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted data' cookbook for further analysis
Startup
Copyright null 2020 Page 4 of 111
Malware Configuration
Yara Overview
Sigma Overview
No Sigma rule has matched
Signature Overview
• Networking
• System Summary
• Hooking and other Techniques for Hiding and Protection
• Malware Analysis System Evasion
• Anti Debugging
• HIPS / PFW / Operating System Protection Evasion
System is w10x64
AcroRd32.exe (PID: 6728 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' 'C:\Users\user\Desktop\Survey--Debt Accumulation and Business
Reorganization.pdf' MD5: B969CF0C7B2C443A99034881E8C8740A)AcroRd32.exe (PID: 6788 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\Survey--Debt
Accumulation and Business Reorganization.pdf' MD5: B969CF0C7B2C443A99034881E8C8740A)RdrCEF.exe (PID: 6964 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043 MD5:
9AEBA3BACD721484391D15478A4080C7)RdrCEF.exe (PID: 7132 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adob
e\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1692,3667437398516176857,6754206857185316677,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=16727687707754831113 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16727687707754831113 --renderer-client-id=2 --mojo-platform-channel-handle=1700 --allow-no-sandbox-job /prefetch:1 MD5: 9AEBA3BACD721484391D15478A4080C7)
RdrCEF.exe (PID: 5364 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1692,
3667437398516176857,6754206857185316677,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=17724554824988114311 --mojo-platform-channel-handle=1688 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2 MD5: 9AEBA3BACD721484391D15478A4080C7)
RdrCEF.exe (PID: 412 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adob
e\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1692,3667437398516176857,6754206857185316677,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=9859498215506974923 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9859498215506974923 --renderer-client-id=4 --mojo-platform-channel-handle=1836 --allow-no-sandbox-job /prefetch:1 MD5: 9AEBA3BACD721484391D15478A4080C7)
RdrCEF.exe (PID: 5820 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adob
e\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1692,3667437398516176857,6754206857185316677,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=6776044376724744051 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6776044376724744051 --renderer-client-id=5 --mojo-platform-channel-handle=2128 --allow-no-sandbox-job /prefetch:1 MD5: 9AEBA3BACD721484391D15478A4080C7)iexplore.exe (PID: 3160 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' https://www.coface.com/News-Publications/News/Are-corporate-balance-sheets-in-Spain-and-
Italy-ready- MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)iexplore.exe (PID: 5620 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3160 CREDAT:17410 /prefetch:2 MD5:
071277CC2E3DF41EEEA8013E2AB58D5A)cleanup
No configs have been found
No yara matches
Copyright null 2020 Page 5 of 111
Click to jump to signature section
There are no malicious signatures, There are no malicious signatures, click here to show all signaturesclick here to show all signatures ..
Mitre Att&ck Matrix
Initial Access Execution PersistencePrivilegeEscalation
DefenseEvasion
CredentialAccess Discovery
LateralMovement Collection Exfiltration
CommandandControl
NetworkEffects
RemoteServiceEffects
SpearphishingLink 1
WindowsManagementInstrumentation
PathInterception
ProcessInjection 2
Masquerading 1 OSCredentialDumping
SecuritySoftwareDiscovery 1
RemoteServices
Data fromLocalSystem
ExfiltrationOver OtherNetworkMedium
EncryptedChannel 2
Eavesdrop onInsecureNetworkCommunication
RemotelyTrack DeviceWithoutAuthorization
DefaultAccounts
ScheduledTask/Job
Boot orLogonInitializationScripts
Boot orLogonInitializationScripts
ProcessInjection 2
LSASSMemory
ProcessDiscovery 1
RemoteDesktopProtocol
Data fromRemovableMedia
ExfiltrationOverBluetooth
Non-ApplicationLayerProtocol 3
Exploit SS7 toRedirect PhoneCalls/SMS
RemotelyWipe DataWithoutAuthorization
DomainAccounts
At (Linux) Logon Script(Windows)
LogonScript(Windows)
Obfuscated Filesor Information
SecurityAccountManager
File andDirectoryDiscovery 1
SMB/WindowsAdmin Shares
Data fromNetworkSharedDrive
AutomatedExfiltration
ApplicationLayerProtocol 4
Exploit SS7 toTrack DeviceLocation
ObtainDeviceCloudBackups
LocalAccounts
At (Windows) Logon Script(Mac)
LogonScript(Mac)
Binary Padding NTDS SystemNetworkConfigurationDiscovery
DistributedComponentObject Model
InputCapture
ScheduledTransfer
IngressToolTransfer 2
SIM CardSwap
Behavior Graph
Copyright null 2020 Page 6 of 111
Behavior GraphID: 272398
Sample: Survey--Debt Accumulation a...
Startdate: 20/08/2020
Architecture: WINDOWS
Score: 0
www.coface.com
AcroRd32.exe
17 43
started
RdrCEF.exe
56
started
iexplore.exe
14 88
started
AcroRd32.exe
9 7
started
192.168.2.1
unknown
unknown
RdrCEF.exe
started
RdrCEF.exe
started
RdrCEF.exe
started
RdrCEF.exe
started www.coface.com
iexplore.exe
221
started coface.com
80.0.0.0
NTLGB
United Kingdom
www.google.ch
172.217.168.67, 443, 49772, 49773
GOOGLEUS
United States
stats.l.doubleclick.net
172.217.218.156, 443, 49764, 49765
GOOGLEUS
United States
17 other IPs or domains
Legend:
Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet
Hide Legend
ThumbnailsThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
No bigger version No bigger version No bigger version No bigger version No bigger version No bigger version No bigger version
No bigger version No bigger version No bigger version No bigger version No bigger version No bigger version No bigger version
Screenshots
Copyright null 2020 Page 7 of 111
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
Source Detection Scanner Label Link
www.osmf.org/drm/default 0% URL Reputation safe
www.osmf.org/drm/default 0% URL Reputation safe
www.osmf.org/elementId%http://www.osmf.org/temporal/embedded$http://www.osmf.org/temporal/dyn0% URL Reputation safe
Antivirus, Machine Learning and Genetic Malware Detection
Initial Sample
Dropped Files
Unpacked PE Files
Domains
URLs
Copyright null 2020 Page 8 of 111
www.osmf.org/elementId%http://www.osmf.org/temporal/embedded$http://www.osmf.org/temporal/dyn0% URL Reputation safe
ns.useplus.org/ldf/xmp/1.0/ 0% URL Reputation safe
ns.useplus.org/ldf/xmp/1.0/ 0% URL Reputation safe
iptc.org/std/Iptc4xmpCore/1.0/xmlns/ 0% URL Reputation safe
iptc.org/std/Iptc4xmpCore/1.0/xmlns/ 0% URL Reputation safe
www.osmf.org/region/target#http://www.osmf.org/layout/renderer#http://www.osmf.org/layout/abs 0% URL Reputation safe
www.osmf.org/region/target#http://www.osmf.org/layout/renderer#http://www.osmf.org/layout/abs 0% URL Reputation safe
cipa.jp/exif/1.0/ 0% URL Reputation safe
cipa.jp/exif/1.0/ 0% URL Reputation safe
www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default 0% URL Reputation safe
www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default 0% URL Reputation safe
www.npes.org/pdfx/ns/id/ 0% URL Reputation safe
www.npes.org/pdfx/ns/id/ 0% URL Reputation safe
Source Detection Scanner Label Link
Name IP Active Malicious Antivirus Detection Reputation
coface.com 193.56.140.134 true false high
prod1.solutions.webfg.ch 185.226.224.134 true false unknown
stats.l.doubleclick.net 172.217.218.156 true false high
www.coface.com 193.56.140.134 true false high
www.google.ch 172.217.168.67 true false high
cs41.wac.edgecastcdn.net 93.184.220.66 true false high
m.addthis.com unknown unknown false high
v1.addthisedge.com unknown unknown false unknown
s7.addthis.com unknown unknown false high
q.addthis.com unknown unknown false high
z.moatads.com unknown unknown false unknown
stats.g.doubleclick.net unknown unknown false high
www.coface.ma unknown unknown false unknown
platform.twitter.com unknown unknown false high
www.coface.dz unknown unknown false unknown
Name Malicious Antivirus Detection Reputation
www.coface.ma/var/cofaweb/storage/images/ara-ma/home/home-slide-block/secure-my-sales/422805-10-fre-FR/Securiser-mes-ventes_slider_small.png
false unknown
www.coface.ma/var/cofaweb/storage/images/ara-ma/home/home-slide-block/cover-my-risks/422829-6-fre-FR/Controler-mes-risques_slider_small.png
false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/icons/search_button.png false unknown
www.coface.ma/var/cofaweb/storage/images/ara-ma/home/home-slide-block/finance-my-development/422821-7-fre-FR/Faciliter-mon-acces-au-financement_slider_large.png
false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/icons/slider_buttons_big-07.png
false unknown
www.coface.ma/var/cofaweb/storage/images/ara-ma/home/home-slide-block/cover-my-risks/422833-6-fre-FR/Controler-mes-risques_slider_large.png
false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/quickmenu/plus_minus_green.pngfalse unknown
www.coface.ma/var/cofaweb/storage/images/ara-ma/home/home-slide-block/secure-my-sales/422809-10-fre-FR/Securiser-mes-ventes_slider_large.png
false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/icons/more_green_generic.pngfalse unknown
www.coface.ma/extension/cofaweb/design/cofaweb/stylesheets/Print.css false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/bg/menu_level_2_bg.jpg false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/icons/country_select.png false unknown
www.coface.ma/var/cofaweb/storage/images/media/images/cfcim-mod/2789762-1-fre-FR/CFCIM-MOD_small.png
false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/bg/border_countries.png false unknown
www.coface.ma/var/cofaweb/storage/images/ara-ma/about-coface/394523-56-fre-FR/A-propos-de-Coface_menu_portrait.png
false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/bg/triangle_mask_gen.png false unknown
Domains and IPs
Contacted Domains
Contacted URLs
Copyright null 2020 Page 9 of 111
www.coface.ma/extension/cofaweb/design/cofaweb/images/quickmenu/sprites.png false unknown
www.coface.ma/var/cofaweb/storage/images/ara-ma/home/pop-in/node_215608/2897748-36-fre-FR/image_image703x142.png
false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/logo_coface_2_1_1.png false unknown
platform.twitter.com/widgets.js false high
www.coface.ma/var/cofaweb/storage/images/ara-ma/home/home-slide-block/assess-market-opportunities/422853-6-fre-FR/Evaluer-un-marche_slider_small.png
false unknown
www.coface.ma/favicon.ico false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/icons/more_yellow_generic.pngfalse unknown
www.coface.ma/var/cofaweb/storage/images/ara-ma/home/home-slide-block/coface-for-trade-ensamble-developpons-le-commerce-mondial/422841-18-fre-FR/Coface-for-Trade_slider_small.png
false unknown
www.coface.ma/var/cofaweb/storage/images/media/images/cgem3/2789759-1-fre-FR/CGEM_small.png
false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/javascript/tac/tarteaucitron.js false unknown
www.coface.ma/var/cofaweb/storage/images/media/images/coface-linkedin/856235-1-fre-FR/Coface-LinkedIn_small.jpg
false unknown
www.coface.ma/var/cofaweb/storage/images/ara-ma/news-publications/422745-82-fre-FR/Actualites-Publications_menu_portrait.png
false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/icons/white_popin_cross.pngfalse unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/bg/content_texture.png false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/bg/band_blue_bg.png false unknown
www.coface.ma/var/cofaweb/storage/images/ara-ma/home/home-slide-block/finance-my-development/422817-7-fre-FR/Faciliter-mon-acces-au-financement_slider_small.png
false unknown
www.coface.ma/cofaweb/language.js false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/bg/triangle_mask_dp_grey.pngfalse unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/icons/arrow_close.png false unknown
www.coface.ma/var/cofaweb/storage/images/ara-ma/home/home-slide-block/coface-for-trade-ensamble-developpons-le-commerce-mondial/422845-16-fre-FR/Coface-for-Trade_slider_large.png
false unknown
www.coface.dz/ false unknown
www.coface.ma/extension/cofaweb/design/cofaweb/images/bg/menu_slider_right.png false unknown
Name Malicious Antivirus Detection Reputation
Name Source Malicious Antivirus Detection Reputation
https://www.coface.at/u/Are-corporate-balance-shee {7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false unknown
https://www.coface.com/ {7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false high
www.extensis.com/meta/FontSense/ AcroRd32.exe, 00000001.00000002.484468744.000000000CD6E000.00000004.00000001.sdmp
false high
https://www.coface.be/ {7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false unknown
https://www.coface.com/News-Publications/Publications/Focus-Corporate-insolvencies-in-Europe-tempora
AcroRd32.exe, 00000001.00000003.443327787.000000000CDD4000.00000004.00000001.sdmp
false high
www.coface.com/Economic-Studies AcroRd32.exe, 00000001.00000002.484468744.000000000CD6E000.00000004.00000001.sdmp
false high
https://www.coface.com.au/ {7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false unknown
https://www.coface.at/ {7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false unknown
https://www.coface.ca/r/Are-corporate-balance-shee {7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false unknown
https://www.coface.com.ar/V ~DF3DFA0131F67293E8.TMP.26.dr false unknown
https://www.coface.com/Home/General-informations/Legal-NoticevN
AcroRd32.exe, 00000001.00000002.446334038.00000000050FA000.00000004.00000020.sdmp
false high
www.aiim.org/pdfa/ns/type# AcroRd32.exe, 00000001.00000002.484468744.000000000CD6E000.00000004.00000001.sdmp
false high
www.e.com/go/ipmrhpr AcroRd32.exe, 00000001.00000002.484832147.000000000CEAE000.00000004.00000001.sdmp
false unknown
https://www.coface.be/u/Are-corporate-balance-shee {7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false unknown
URLs from Memory and Binaries
Copyright null 2020 Page 10 of 111
https://api.echosign.com AcroRd32.exe, 00000001.00000002.484832147.000000000CEAE000.00000004.00000001.sdmp
false high
www.osmf.org/drm/default AcroRd32.exe, 00000001.00000002.448934430.0000000007B10000.00000002.00000001.sdmp
false URL Reputation: safeURL Reputation: safe
unknown
https://api.echosign.comTu_ AcroRd32.exe, 00000001.00000002.484832147.000000000CEAE000.00000004.00000001.sdmp
false low
www.osmf.org/elementId%http://www.osmf.org/temporal/embedded$http://www.osmf.org/temporal/dyn
AcroRd32.exe, 00000001.00000002.448934430.0000000007B10000.00000002.00000001.sdmp
false URL Reputation: safeURL Reputation: safe
unknown
https://www.coface.com/fr {7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false high
https://www.coface.com.au/1SPS ~DF3DFA0131F67293E8.TMP.26.dr false unknown
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.5836620665717637&iit=159798573
{7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false high
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
{7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false high
https://prod1.solutions.webfg.ch/coface/details/ticker/ {7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false unknown
ns.useplus.org/ldf/xmp/1.0/ AcroRd32.exe, 00000001.00000002.484468744.000000000CD6E000.00000004.00000001.sdmp
false URL Reputation: safeURL Reputation: safe
unknown
www.aiim.org/pdfa/ns/property#tw AcroRd32.exe, 00000001.00000002.484468744.000000000CD6E000.00000004.00000001.sdmp
false high
www.typography.com/FSType AcroRd32.exe, 00000001.00000002.478228450.000000000B17E000.00000004.00000001.sdmp, AcroRd32.exe, 00000001.00000002.481436914.000000000B731000.00000004.00000001.sdmp
false high
https://api.echosign.comn AcroRd32.exe, 00000001.00000002.484832147.000000000CEAE000.00000004.00000001.sdmp
false unknown
https://www.coface.ca/u/Log ~DF3DFA0131F67293E8.TMP.26.dr false unknown
https://www.coface.at/u/ ~DF3DFA0131F67293E8.TMP.26.dr false unknown
iptc.org/std/Iptc4xmpCore/1.0/xmlns/ AcroRd32.exe, 00000001.00000002.484468744.000000000CD6E000.00000004.00000001.sdmp
false URL Reputation: safeURL Reputation: safe
unknown
iptc.org/std/Iptc4xmpExt/2008-02-29/0v AcroRd32.exe, 00000001.00000002.484468744.000000000CD6E000.00000004.00000001.sdmp
false unknown
www.aiim.org/pdfa/ns/field#)v AcroRd32.exe, 00000001.00000002.484468744.000000000CD6E000.00000004.00000001.sdmp
false high
https://www.coface.be/u/ ~DF3DFA0131F67293E8.TMP.26.dr false unknown
iptc.org/std/Iptc4xmpExt/2008-02-29/Iw AcroRd32.exe, 00000001.00000002.484468744.000000000CD6E000.00000004.00000001.sdmp
false unknown
https://www.coface.com.ar/L ~DF3DFA0131F67293E8.TMP.26.dr false unknown
https://www.coface.com/News-Publications/News/Are-corporate-balance-sheets-in-Spain-and-Italy-ready-
{7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false high
www.aiim.org/pdfa/ns/property#mw AcroRd32.exe, 00000001.00000002.484468744.000000000CD6E000.00000004.00000001.sdmp
false high
https://www.coface.ca/r/L ~DF3DFA0131F67293E8.TMP.26.dr false unknown
www.coface.bg/.br/ ~DF3DFA0131F67293E8.TMP.26.dr false unknown
https://ims-na1.adobelogin.com AcroRd32.exe, 00000001.00000002.468614848.00000000091FD000.00000004.00000001.sdmp
false high
www.coface.bg/ {7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false unknown
https://www.coface.com.ar/Are-corporate-balance-shee {7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false unknown
www.coface.com/Economic-StudiesK AcroRd32.exe, 00000001.00000003.443085640.000000000CB9F000.00000004.00000001.sdmp
false high
https://www.bis.org/publ/qtrpdf/r_qt1809g.pdf AcroRd32.exe, 00000001.00000002.485605893.000000000D1B2000.00000004.00000001.sdmp
false high
www.typography.com AcroRd32.exe, 00000001.00000002.479280143.000000000B37A000.00000004.00000001.sdmp
false high
Name Source Malicious Antivirus Detection Reputation
Copyright null 2020 Page 11 of 111
www.aiim.org/pdfa/ns/schema# AcroRd32.exe, 00000001.00000002.484468744.000000000CD6E000.00000004.00000001.sdmp
false high
www.osmf.org/region/target#http://www.osmf.org/layout/renderer#http://www.osmf.org/layout/abs
AcroRd32.exe, 00000001.00000002.448934430.0000000007B10000.00000002.00000001.sdmp
false URL Reputation: safeURL Reputation: safe
unknown
www.typography.comFSType AcroRd32.exe, 00000001.00000002.479280143.000000000B37A000.00000004.00000001.sdmp, AcroRd32.exe, 00000001.00000002.478279634.000000000B1DA000.00000004.00000001.sdmp
false unknown
cipa.jp/exif/1.0//1.0/L AcroRd32.exe, 00000001.00000003.443327787.000000000CDD4000.00000004.00000001.sdmp
false unknown
cipa.jp/exif/1.0/ AcroRd32.exe, 00000001.00000003.443327787.000000000CDD4000.00000004.00000001.sdmp
false URL Reputation: safeURL Reputation: safe
unknown
www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default
AcroRd32.exe, 00000001.00000002.448934430.0000000007B10000.00000002.00000001.sdmp
false URL Reputation: safeURL Reputation: safe
unknown
www.twitter.com/ msapplication.xml6.26.dr false high
www.coface.ma//rs/Are-corporate-balance-shee {7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false unknown
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/7y
AcroRd32.exe, 00000001.00000002.482189608.000000000C7A8000.00000004.00000001.sdmp
false low
https://www.coface.com/frs/Are-corporate-balance-sheets-in-Spain-and-Italy-ready-
{7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false high
www.coface.ma//r ~DF3DFA0131F67293E8.TMP.26.dr false unknown
https://www.coface.com.br/ {7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false unknown
https://www.coface.com.br/Are-corporate-balance-shee {7713639D-E36A-11EA-90E5-ECF4BBEA1588}.dat.26.dr
false unknown
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/
AcroRd32.exe, 00000001.00000002.482189608.000000000C7A8000.00000004.00000001.sdmp
false low
www.aiim.org/pdfa/ns/schema#sw AcroRd32.exe, 00000001.00000002.484468744.000000000CD6E000.00000004.00000001.sdmp
false high
www.npes.org/pdfx/ns/id/ AcroRd32.exe, 00000001.00000003.443327787.000000000CDD4000.00000004.00000001.sdmp
false URL Reputation: safeURL Reputation: safe
unknown
www.extensis.com/meta/FontSense/51 AcroRd32.exe, 00000001.00000002.484832147.000000000CEAE000.00000004.00000001.sdmp
false high
Name Source Malicious Antivirus Detection Reputation
Contacted IPs
Copyright null 2020 Page 12 of 111
General Information
Joe Sandbox Version: 29.0.0 Ocean Jasper
Analysis ID: 272398
Start date: 20.08.2020
Start time: 21:52:36
Joe Sandbox Product: CloudBasic
Overall analysis duration: 0h 9m 54s
Hypervisor based Inspection enabled: false
Report type: light
Sample file name: Survey--Debt Accumulation and Business Reorganization.pdf
Cookbook file name: defaultwindowspdfcookbook.jbs
Analysis system description: w10x64 Windows 10 64 bit v1803 with Office Professional Plus 2016, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed: 31
Number of new started drivers analysed: 0
Number of existing processes analysed: 0
No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs
IP Country Flag ASN ASN Name Malicious
93.184.220.66 European Union 15133 EDGECASTUS false
172.217.218.156 United States 15169 GOOGLEUS false
172.217.168.67 United States 15169 GOOGLEUS false
185.226.224.134 Spain 15404 COLTTechnologyServicesGroupSE
false
193.56.140.134 France 15846 COFACERESEAULACOFACEFR false
80.0.0.0 United Kingdom 5089 NTLGB false
IP
192.168.2.1
Public
Private
Copyright null 2020 Page 13 of 111
Number of existing drivers analysed: 0
Number of injected processes analysed: 0
Technologies: HCA enabledEGA enabledHDC enabledAMSI enabled
Analysis Mode: default
Analysis stop reason: Timeout
Detection: CLEAN
Classification: clean0.winPDF@17/244@15/7
EGA Information: Successful, ratio: 100%
HDC Information: Failed
HCA Information: Successful, ratio: 100%Number of executed functions: 0Number of non-executed functions: 0
Cookbook Comments: Adjust boot timeEnable AMSIFound application associated with file extension: .pdfFound PDF documentFind and activate linksSecurity Warning foundClose ViewerBrowsing link: https://www.coface.com/switchlanguage/to/corporate/CorporateBrowsing link: https://www.coface.com/switchlanguage/to/corporate_fr/CorporateBrowsing link: http://www.coface.dz/Browsing link: https://www.coface.com.ar/Browsing link: https://www.coface.com.au/Browsing link: https://www.coface.at/Browsing link: https://www.coface.be/Browsing link: http://www.coface.ma/Browsing link: https://www.coface.com.br/Browsing link: http://www.coface.bg/Browsing link: https://www.coface.ca/
Copyright null 2020 Page 14 of 111
Warnings:Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, BackgroundTransferHost.exe, WMIADAP.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, WmiPrvSE.exe, svchost.exe, wuapihost.exeHTTP Packets have been reducedTCP Packets have been reduced to 100Created / dropped Files have been reduced to 100Excluded IPs from analysis (whitelisted): 23.54.113.182, 23.0.174.242, 23.0.174.233, 51.104.139.180, 23.54.113.104, 23.10.249.43, 23.10.249.26, 23.0.174.185, 23.0.174.184, 52.155.217.156, 52.164.221.179, 104.83.120.32, 152.199.19.161, 172.217.168.14, 23.54.112.20, 172.217.168.72, 23.54.112.182, 172.217.168.4Excluded domains from analysis (whitelisted): au.download.windowsupdate.com.edgesuite.net, arc.msn.com.nsatc.net, e4578.dscb.akamaiedge.net, wildcard.moatads.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, acroipm2.adobe.com, arc.msn.com, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, go.microsoft.com, a122.dscd.akamai.net, audownload.windowsupdate.nsatc.net, ssl-google-analytics.l.google.com, www.google.com, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, v1.addthisedge.com.edgekey.net, www.google-analytics.com, displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, e3615.a.akamaiedge.net, ds-s7.addthis.com.edgekey.net, fs.microsoft.com, www-google-analytics.l.google.com, acroipm2.adobe.com.edgesuite.net, ie9comview.vo.msecnd.net, displaycatalog.md.mp.microsoft.com.akadns.net, ris-prod.trafficmanager.net, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, a767.dscg3.akamai.net, ris.api.iris.microsoft.com, ssl.google-analytics.com, ssl.adobe.com.edgekey.net, armmf.adobe.com, go.microsoft.com.edgekey.net, e13136.g.akamaiedge.net, ds-m.addthisedge.com.edgekey.net, wac.apr-8315.edgecastdns.net, cs9.wpc.v0cdn.net, ds-q.addthis.com.edgekey.netReport size exceeded maximum capacity and may have missing behavior information.Report size getting too big, too many NtDeviceIoControlFile calls found.Report size getting too big, too many NtSetInformationFile calls found.
Time Type Description
21:53:35 API Interceptor 18x Sleep call for process: RdrCEF.exe modified
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 410
Entropy (8bit): 5.627992431749138
Encrypted: false
Show All
Simulations
Behavior and APIs
Created / dropped Files
Copyright null 2020 Page 15 of 111
MD5: 331AAF97768DA6DE8242C8DDEA241AD0
SHA1: C80D20A792AEC4B9AA203D7A8F0B0377943D67AF
SHA-256: 3F11BDF41FB30BB6549CC50909D1FA3CDAEBAEC1B2065FD79076C5F5CA6BC921
SHA-512: 6D7CBADE9332D17F9F0850DA77636453DB5F426C322D20543CAD8E39E68C9E29B38A6B480C9D479F7AFC6313535C3128FC5AAB32E595A1F2D880EF1DBDF72518
Malicious: false
Reputation: low
Preview:0\r..m......M..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/plugin.js ... N../....."#.D.u.....A....d.{v.^.G...d.W.:...P..k%..A..Eo...................A..Eo.......G:.........0\r..m......M..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/plugin.js ../EN../....."#.D.y+....A....d.{v.^.G...d.W.:...P..k%..A..Eo...................A..Eo.................
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 522
Entropy (8bit): 5.657104213939415
Encrypted: false
MD5: 51611456E7777590EB42CBFCD5087C7A
SHA1: 168D991C94D1F6D6C81A00A44A749244FA8C3B89
SHA-256: 45DE6441C01BE988FA3DBA1040DEC112544B361D2FFB8828F5EC7E90659F08ED
SHA-512: D8DDDE28EB7CA315E536E681148AD29B657BDB00BEAD04827928C9E461B9A41A94693F038CE4FA81E1D746B6A57E045C9459739E85EC6A6674DD1886A4290B04
Malicious: false
Reputation: low
Preview:0\r..m............,....._keyhttps://rna-resource.acrobat.com/init.js ....M../....."#.D..c....A.1.x.'.vI..*|Z..o...+.4....0..A..Eo...................A..Eo.......'j.........0\r..m............,....._keyhttps://rna-resource.acrobat.com/init.js ....N../....."#.D9&I....A.1.x.'.vI..*|Z..o...+.4....0..A..Eo...................A..Eo................0\r..m............,....._keyhttps://rna-resource.acrobat.com/init.js ..,5N../....."#.D.......A.1.x.'.vI..*|Z..o...+.4....0..A..Eo...................A..Eo.......g..........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 492
Entropy (8bit): 5.600039208763019
Encrypted: false
MD5: 11AF5D99FB9BE8A7E50E091E3919715D
SHA1: 9804F9A8F96941503222253924CFC559941C5FAF
SHA-256: 4839F7193FAC0646C933ADAE714E5AD921FEF9B860C519BB252F71EA9333708C
SHA-512: 7657D5E807276BA52BF4ACA84C762202471FC259841FBA9964A91938337CB1E7E4DFEC2D281D936464770802646CD45527579E338F54D4B5D6C6208C32AC05BB
Malicious: false
Reputation: low
Preview:0\r..m......v...n......._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/selector.js .F..N../....."#.D. [email protected].*...... ....A..Eo...................A..Eo......>...........0\r..m......v...n......._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/selector.js .K.CN../....."#.D).'[email protected].*...... ....A..Eo...................A..Eo........td........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0ace9ee3d914a5c0_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 232
Entropy (8bit): 5.681248251680066
Encrypted: false
MD5: B92A5908739262BC2B96EBC83009B8D9
SHA1: D7D7E86FFB92A9DF52EA837FFB83AF7C69B810DF
SHA-256: C73AF8CCCD77129ADBD4EDA2F674E30186B92A847CF8BEB9BF2580C7490FB978
SHA-512: B370FD0B7EB0990521B7CC73EBBC5BFAFE86848ED2C6FA97DD2CBF3DC84779E6DF0028B3BD9690AC836A9731BC560E323A35C817C016D3E1AE82CF9A0CE0CD36
Malicious: false
Reputation: low
Preview:0\r..m......h.....'....._keyhttps://rna-resource.acrobat.com/static/js/plugins/aicuc/js/plugins/rhp/exportpdf-rna-tool-view.js ...#N../....."#.D.......A..8 [email protected]{..A..Eo...................A..Eo..................
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 210
Entropy (8bit): 5.556963647799054
Copyright null 2020 Page 16 of 111
Encrypted: false
MD5: 6C129E791425DA8336754C58E4CE04A5
SHA1: 679358D2AA7690A44BB4738242D661D3313D0534
SHA-256: EF8C02977B47721BE50D872C7274D0CFBF55945598A0E5A61B0E85C6DFF00FA7
SHA-512: 7470F2AC227C263FB2375E8491D266CC2AA95F5B860E82686B24323FB2923F67E36DCD26F96A33E0B268E327ADC7D1A01EF90BDCE368F96B9CEE132F233FE029
Malicious: false
Reputation: low
Preview:0\r..m......R...kP]g...._keyhttps://rna-resource.acrobat.com/static/js/plugins/app-center/js/selector.js ...DN../....."#.D.R)....Ak.Q.....-_..y.....O...>..1....A..Eo...................A..Eo.........D........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 216
Entropy (8bit): 5.5976655855551405
Encrypted: false
MD5: D4CF66B6F62F3926FA051B709D3EEE9D
SHA1: A6231423DA1486B0903B6F64571FDA1257F19225
SHA-256: 16374B6ED744AAB4CEC08002C1AA2FCDEE0CC3152CE3569C17549F45421F644A
SHA-512: F0BE42321B1AC141C7BED07D5767F9E8408935D36874D099920C1910C29821C150A7D3B0490B1023B0A9DF61CDA2C386B5CFC139D2BEF825F7725FB9726D6D0B
Malicious: false
Reputation: low
Preview:0\r..m......X.....V....._keyhttps://rna-resource.acrobat.com/static/js/plugins/sign-services-auth/js/plugin.js ...@N../....."#.D.L.....A.].>....uUf..N...k......c..l.A..Eo...................A..Eo.......z./........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 209
Entropy (8bit): 5.491450282625221
Encrypted: false
MD5: 69119A6AE266A7CBF39E35C87A12C0CA
SHA1: 97055BA3B09957DFB37F311E504EEE34997032A6
SHA-256: F1B2E829E53D3D22548B6E845C3A700D2E8A2A62120F860E2498303E18C0C720
SHA-512: 21E1B003322C566F3F8E7F26803CAA23CE17E388E805A99E0A13F4FBB7D27A12FA6FEFFA751BE9A885F7ABC66EFF51996BEDD409772700F24CFBB34F3E6D6D07
Malicious: false
Reputation: low
Preview:0\r..m......Q..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-computer/js/plugin.js ..)EN../....."#.D..)....A..c..y/L....|y.n..C/I.....X7-ne.A..Eo...................A..Eo.......Q..........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 537
Entropy (8bit): 5.629033719822213
Encrypted: false
MD5: DD1C1ABDE183AF0C5AB9B32D8B0FA644
SHA1: ADF79BF5545924CF8A0A4BD9B1E36CD2B092E48D
SHA-256: 04FA7848D8D6C5A327C7F1751874EFAF9BA62C86E9482C27CD3586907387B248
SHA-512: 080E11FEBBC3D80FF6D5BA601F4E71834E9555BFDA3AF184F2153AF3245BF5B9C1DD159ACA8B9A341840F7517CCAC3231A336B23752484F544153B959FB66958
Malicious: false
Reputation: low
Preview:0\r..m......3....<lb...._keyhttps://rna-resource.acrobat.com/base_uris.js .p..M../....."#.D=_c....A.y...L<?W.Xi..A\Q3...J.}...d..~G.A..Eo...................A..Eo......B~8.........0\r..m......3....<lb...._keyhttps://rna-resource.acrobat.com/base_uris.js ....N../....."#.D8HI....A.y...L<?W.Xi..A\Q3...J.}...d..~G.A..Eo...................A..Eo......Df..........0\r..m......3....<lb...._keyhttps://rna-resource.acrobat.com/base_uris.js ..L5N../....."#.Dr......A.y...L<?W.Xi..A\Q3...J.}...d..~G.A..Eo...................A..Eo......w-.........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 214
Entropy (8bit): 5.552369378096665
Encrypted: false
Copyright null 2020 Page 17 of 111
MD5: BF756949C05A2A632FA1FDDE88CC2FE8
SHA1: F93E2106603360FEEC9F3B0997A49A5DC738C87A
SHA-256: AE0EFF39871C8F2351C4640ADD6B54F105ECE1C132CA31423FF267035172710F
SHA-512: 805A47E1F074417C459704C6AD36D0A129DF98928F489EBC467C0C328617FAD8069DA04EBC676ECCA63305106A23F0C1F4A7159CEF64947CE03097127B327966
Malicious: false
Reputation: low
Preview:0\r..m......V..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/search-summary/js/selector.js ...EN../....."#.D..)....AQ..E.=....=h`t..t..3%A.F$..w..A..Eo...................A..Eo.................
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 531
Entropy (8bit): 5.591759019579422
Encrypted: false
MD5: 5C3EBAEF0E21BD241F035F81DDB61079
SHA1: C71D0AC2A5CF0167A90824CD35E13E9488EFC951
SHA-256: DF60108B872A0962BCCECCB8272F1D8A3A78A6300844F3BD4150B73DEFBBBBC7
SHA-512: B0CA8B6D504DD4819B874A64A3FBAB5745F0C7E7A32D597EB41D10A66F5F03396FD01111724C770FB8BEE87224CED1BAD6DCE1D589ED57FB0759352BF395BF8F
Malicious: false
Reputation: low
Preview:0\r..m......1......5...._keyhttps://rna-resource.acrobat.com/plugins.js ....M../....."#.D[(c....A.PU ....t^.....a.k..u.7.M.BW6#}..A..Eo...................A..Eo......I...........0\r..m......1......5...._keyhttps://rna-resource.acrobat.com/plugins.js ....N../....."#.D.<I....A.PU ....t^.....a.k..u.7.M.BW6#}..A..Eo...................A..Eo.......~$.........0\r..m......1......5...._keyhttps://rna-resource.acrobat.com/plugins.js ..I5N../....."#.Dk......A.PU ....t^.....a.k..u.7.M.BW6#}..A..Eo...................A..Eo......$y..........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 561
Entropy (8bit): 5.618951490847112
Encrypted: false
MD5: 0A4471ACBF46D9BD004AE8512A95A666
SHA1: 0AAD3BDF43787C92057D0E2C2E760CE5C55B4456
SHA-256: C270B5EA93AC6D2B566D56CBEE1C8031C534DCCD0BC407808DBE9C96C1278CB9
SHA-512: 02858636DBA23EF50355443DBEC47047F60006F3D4DE489E63A6F71C466EB5A9B54C1F94E39FC32748A5FD91B36A2B551D943175ECF1FDEC77B5CC0BC9EF4D36
Malicious: false
Reputation: low
Preview:0\r..m......;...I......._keyhttps://rna-resource.acrobat.com/static/js/desktop.js .Y..M../....."#.D.......A..q.O...j....._y..L^[email protected].......&.y........0\r..m......;...I......._keyhttps://rna-resource.acrobat.com/static/js/desktop.js .Z..N../....."#.D!.w....A..q.O...j....._y..L^[email protected]\r..m......;...I......._keyhttps://rna-resource.acrobat.com/static/js/desktop.js ...>N../....."#.D.......A..q.O...j....._y..L^[email protected]......%"m.........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 488
Entropy (8bit): 5.6543517217560675
Encrypted: false
MD5: 4C920EABA0BDBDBB691D8021A526DE0C
SHA1: E132C0C88DFD89EC45FA235B62504930A3C920EA
SHA-256: 04D54A1850377B956BC4916C37519A46B8619F5180B103D333575D8CF6CE4EF3
SHA-512: A293A6CA0D9A5A552ACA6DAB901A14AD046D99B4133CAD088C4D80EE345ED24BB45796ECF8F0713666F61685CBD58AACB00C042419F156BCAA2607D6D3F5214A
Malicious: false
Reputation: low
Preview:0\r..m......t...R.1<...._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/plugin.js ..: N../....."#.D.....A......H...{...2../.k`..r4.C. .A..Eo...................A..Eo......h.x.........0\r..m......t...R.1<...._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/plugin.js .(.DN../....."#.Dq!1....A......H...{...2../.k`..r4.C. .A..Eo...................A..Eo......x.9~........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 211
Copyright null 2020 Page 18 of 111
Entropy (8bit): 5.514846024405026
Encrypted: false
MD5: 1DC98690BB54B3AF429B4A5631594524
SHA1: E24D9C6F941953656926AFDC9FE394F03A2E9868
SHA-256: A5219C0A6A03889DEA7BCC59D588D636EFB5B1742E48C7936EF9437F1784520E
SHA-512: 5191052A7AF29B36784F03B55CB21C106F1BF7DB9B53EAD828A74DBA80594ADB1D5CC1A6C51C8C78F2A041DB77735FAA2164B128C571D4B4AAC24E7213101566
Malicious: false
Reputation: low
Preview:0\r..m......S...]......._keyhttps://rna-resource.acrobat.com/static/js/plugins/add-account/js/selector.js .X.DN../....."#.D..(....A.A.o]@r..Q.....<w.....].n\....A..Eo...................A..Eo.......J1.........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 202
Entropy (8bit): 5.651598293456172
Encrypted: false
MD5: 93FA506843DE111C2CF20B0718786D2F
SHA1: C8477E89A5AB03B26DC2E5D2EE17E44649FA8D7E
SHA-256: 16D93A41695B9A3B07A1B954C3DAB56F758E454123FB07A12A2A3FCCFE34F569
SHA-512: 1059BFC2E9878B1A124C69F2998B6061134998311C88FD3046B3763C1701801BBA59AE875039EEF7B08BB10B72D1DC8DE8024999853F9583253CC7F6A508E5EC
Malicious: false
Reputation: low
Preview:0\r..m......J......{...._keyhttps://rna-resource.acrobat.com/static/js/plugins/home/js/plugin.js .Q.@N../....."#.D.......A..4T].....Tw.....(..b...EO....9.A..Eo...................A..Eo.................
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 211
Entropy (8bit): 5.601298986112071
Encrypted: false
MD5: D411048406BFD3326777B97700B90AB3
SHA1: 8F8A79A3102CB8D0C08D509C2AFA165F896DE8DE
SHA-256: A35FE78A6C2688933F6F4D89A0DA29FF574D49438C424145D231F86CF34E38B3
SHA-512: 6ADF7D0C4997C5F88A8E3873C2770CBC35EB938DD868760532419D4D94B70DB0E4BFFD428C8B654F41810FD21EF56CD1880457CC223E400F340D21426F091A51
Malicious: false
Reputation: low
Preview:0\r..m......S...W.%z...._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-computer/js/selector.js .|.CN../....."#.D..(....A@..{o]...9o|..qY....T....{..u.b..A..Eo...................A..Eo......g.4.........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 412
Entropy (8bit): 5.632600567608445
Encrypted: false
MD5: A32B40E3FA253AC6C70C10F4B8D8631C
SHA1: A5D4576F5CD49F9809DCA8B60E587AF6032A795C
SHA-256: 2133ECD12580A26879FD003640E6C9C2D2D71046FF1EAB019BB0EC26100788EF
SHA-512: 525C262B373DB8C2EA3106D971917DEE60F4214130A350B35A4EFD0CBFF635C5401D98F4FD2061E2FB6E2F9975969FFE0E1326C0BBE4418B4416AB503663AD94
Malicious: false
Reputation: low
Preview:0\r..m......N..../......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/plugin.js .Wq.N../....."#[email protected]\a......x5.'[email protected]\-F........0\r..m......N..../......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/plugin.js ..F?N../....."#.DM......A.t\a......x5.'[email protected]!........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 218
Entropy (8bit): 5.562661894487257
Copyright null 2020 Page 19 of 111
Encrypted: false
MD5: 64AD1487DD5DA72D69A25AF2BF774FB9
SHA1: B82792596691820136C9ED95B1D0AB9F63BC70D6
SHA-256: 03647DCC9E52F9663C10FF864B412AFE1E621CCF4364DD7C13DAB7D42EEA443F
SHA-512: 506519EA07D277CBE529DDAB3D63B78359CC6A9DE0B9AE74DCD168A11137D91ECB532B56810BE6ACE7DC63DE5941C98A7F67770862F3C28A7BE235C590619FE6
Malicious: false
Reputation: low
Preview:0\r..m......Z.........._keyhttps://rna-resource.acrobat.com/static/js/plugins/sign-services-auth/js/selector.js ...@N../....."#.D.......A.......7...o..a=.98I......(3.$G.A..Eo...................A..Eo......>3c4........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 460
Entropy (8bit): 5.610182044447529
Encrypted: false
MD5: 197198C3D28A3BC91299AE3DFBC3E284
SHA1: 8E901CCE7A19D3510E3EB95E57E69F1BC1CD61BF
SHA-256: 5051DAEAD0B0C2EC1365B777426B3D93570F72D6562D8688FA7887F4A9E02984
SHA-512: 0A10B0E60A563546DC33BF8182B80C2769BC9A38D7EFBE452F7AF2888BF27AB152EEC8A678EB38844A68CE5F828CEB9B94386053ACD26A2C95C965604024EA67
Malicious: false
Reputation: low
Preview:0\r..m......f...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/selector.js ..n.N../....."#.D.......A..~..rw.+[....!.)?..f.U..(=.=.A..Eo...................A..Eo......Wr.f........0\r..m......f...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/selector.js ..C?N../....."#.D.......A..~..rw.+[....!.)?..f.U..(=.=.A..Eo...................A..Eo......4_M.........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 558
Entropy (8bit): 5.675042707734604
Encrypted: false
MD5: 5BF7F1B65783CE4160C85F6D06F61092
SHA1: E584A24FC4F295835883DDE45F3E2AF671314570
SHA-256: 3F2678CB9CFD65B3A156014348115267E9B1ABBFF1E72400BF283CDF0F9AD504
SHA-512: 026AAAE7C90DFBE275E0D90CFCCEF320CCD7F06D9FA3256926824FBDE70FEF31E7C4268AC24EDDEDD0CF108F21A50626FBDBEB49D04DC6D1A1D1CCB106B6C0DE
Malicious: false
Reputation: low
Preview:0\r..m......:....f......_keyhttps://rna-resource.acrobat.com/static/js/config.js ....M../....."#.D.*.....A..~]...%s..<...n.f..<.....1#..U..A..Eo...................A..Eo......F...........0\r..m......:....f......_keyhttps://rna-resource.acrobat.com/static/js/config.js ....N../....."#.D)Zw....A..~]...%s..<...n.f..<.....1#..U..A..Eo...................A..Eo......W...........0\r..m......:....f......_keyhttps://rna-resource.acrobat.com/static/js/config.js ..x>N../....."#.D.......A..~]...%s..<...n.f..<.....1#..U..A..Eo...................A..Eo......x..........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 414
Entropy (8bit): 5.668261699179484
Encrypted: false
MD5: D8103D96A3D043360421A6580EAD8BF7
SHA1: 9AEC3DFC51EB321A5977A7BC447E799DB107579C
SHA-256: 38D996EA351AF60FD4EA32CFFAF8A41BA623BF0704E58C9D20610BEB40EB8923
SHA-512: C863F8EF24FDEE5EC8F44493172611074591D1ECF4027D19B7D48A3D02FFB46CFF4DC98C661DE050E808D26F953AD05164E283CD6C465EA44BE209664FE555AC
Malicious: false
Reputation: low
Preview:0\r..m......O...a.Y....._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/selector.js ...N../....."#.D*.....A..z._a...'.v.......4p3..1.']...A..Eo...................A..Eo......7...........0\r..m......O...a.Y....._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/selector.js .*.DN../....."#.D..)....A..z._a...'.v.......4p3..1.']...A..Eo...................A..Eo.......S.E........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Copyright null 2020 Page 20 of 111
Size (bytes): 420
Entropy (8bit): 5.586833807142885
Encrypted: false
MD5: 267A707508C6687147A62097488734A0
SHA1: DF19BE69E78DC3F4DC85A5B0090A4D2DAE47D36B
SHA-256: 35EE5B7062E67A902F5B1496AAAD3BFF46FCD11533FF52E1005E80424A1FE718
SHA-512: C8E442548ABBF97C1DF0CF904139B9B1E54AFF23D91D26BCD893CD5BA2AF5830F43A24413598C30F5FC3DA9E0870507F8E409665F2946631A4C0B7F307E9BD54
Malicious: false
Reputation: low
Preview:0\r..m......R....|....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/selector.js .~..N../....."#.D.......Ac}.H7M=M..-.....Ix..R.l...}Rl.$q.A..Eo...................A..Eo......44."........0\r..m......R....|....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/selector.js .?.DN../....."#.D.5)....Ac}.H7M=M..-.....Ix..R.l...}Rl.$q.A..Eo...................A..Eo......$.j.........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 446
Entropy (8bit): 5.633278719048157
Encrypted: false
MD5: B850B53E7CD3D4518D993B4D07CA6EBA
SHA1: 4002B582EC5AFF4E78A40AC23BC388B651E2A956
SHA-256: CA4428B8B5949BD3CAF9A15E36C35B594AD1C6A2FC0AFCC672543D5210A69725
SHA-512: ED0D1C5AB55426E41494B32F068764A33258B5880A9F1DE521AC424DB44E7A5C2B8D3CC47578111D92F4C667CD8BDF088B48C602810D6929B2FFC5329EC7F5DE
Malicious: false
Reputation: low
Preview:0\r..m......_...h......_keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/selector.js .I(.N../....."#.D.......A..%.k.SZ..~W.....:)'B..ad......A..Eo...................A..Eo......bI[Q........0\r..m......_...h......_keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/selector.js ...?N../....."#.D.......A..%.k.SZ..~W.....:)'B..ad......A..Eo...................A..Eo........e.........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 426
Entropy (8bit): 5.652262437993176
Encrypted: false
MD5: E4CA8C0AB936A28D35647EA59F4F944A
SHA1: 6EBAF67AA903E13CA82A07692079CE7853CA7686
SHA-256: B1119A3DE83450A0B313D60E7F379ED6F9C5152787C6E4BE5B6AFDEF47A64CE6
SHA-512: 156ABD8150996847A23572987DFF33565FC8CAE1DFCA21D30347B5BA4D11C0A47DAE9B8A5A47C17BC718664A8505231B0186A91BE8C2AC3F6F0C5A2657B1D09F
Malicious: false
Reputation: low
Preview:0\r..m......U..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files-select/js/plugin.js ..u.N../....."#.D.?.....A.;"./N_.,.:C..2....9L.H...3:...A..Eo...................A..Eo.......Q..........0\r..m......U..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files-select/js/plugin.js ..H?N../....."#.Dt'.....A.;"./N_.,.:C..2....9L.H...3:...A..Eo...................A..Eo......N...........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 416
Entropy (8bit): 5.619526837885055
Encrypted: false
MD5: B0F4F0F446E63DE2B5666CFD10D3F57C
SHA1: 7244A3F15A4AA7B8B090203B9EEBBA9C3A6B8338
SHA-256: 10BF0820C58BDFE6F5D086AA853767EE0F21B729E82CC098CCCCB16336362100
SHA-512: 6ADFC71165B67F6573CD397EA1893A0A0AE66C92CB4CB8C8254DCEC61D5A504C75B74DA8ABB2A90DE663DAD492075DBAB9E3C11417AE875235D9D302E7AA27EA
Malicious: false
Reputation: low
Preview:0\r..m......P....r......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/selector.js ..$.N../....."#.D.......AZ.Z}Q..4.o....0+..[|..n:*..U.W.A..Eo...................A..Eo.................0\r..m......P....r......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/selector.js ...?N../....."#.D.......AZ.Z}Q..4.o....0+..[|..n:*..U.W.A..Eo...................A..Eo.......[..........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Copyright null 2020 Page 21 of 111
File Type: data
Size (bytes): 564
Entropy (8bit): 5.651902005525044
Encrypted: false
MD5: 649F36CB49C49953C9BA7ADD21BB219C
SHA1: 926ECD38D9AD16D9F85F6DF7DAD4922F17C37C21
SHA-256: 8CB026F31AC60A96C6BFCD063845B5570B65732F88F35D8E4B964D64424D3F07
SHA-512: C90E10C77AD936B79849ABBEE6648F7C7E5D308F0C23F2DAB1112CA3C92E6A231F3F68DD649FBF2C944402A8AD76CB8CDB692DF2E42E57C017875E15EF491D4E
Malicious: false
Reputation: low
Preview:0\r..m......<...)6......_keyhttps://rna-resource.acrobat.com/static/js/rna-main.js .`..M../....."#.D..s....Az?...SwC...^..y.....V..7R-O.....A..Eo...................A..Eo......y~}.........0\r..m......<...)6......_keyhttps://rna-resource.acrobat.com/static/js/rna-main.js ....N../....."#.D.BZ....Az?...SwC...^..y.....V..7R-O.....A..Eo...................A..Eo......m..7........0\r..m......<...)6......_keyhttps://rna-resource.acrobat.com/static/js/rna-main.js ..A7N../....."#.D.Z.....Az?...SwC...^..y.....V..7R-O.....A..Eo...................A..Eo.........!........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 214
Entropy (8bit): 5.6385979496905225
Encrypted: false
MD5: 5306DF9002F92D6B05C469964BEA56BB
SHA1: F6CEC49B84C84A808A07EF2975903E80FE81EE2A
SHA-256: 61B33DB230F9A91309DCE9876E6C84B407906E7B758DDB12D34EE568491673A1
SHA-512: 4AE94ABA4C529C372F85BFB5BEE457077A7CAB07E049FFA8E38D8684905A39394290CBEA962F9263921AB06947C18D76D1828520B25B71F9760F6BF310525910
Malicious: false
Reputation: low
Preview:0\r..m......V.....h....._keyhttps://rna-resource.acrobat.com/static/js/plugins/activity-badge/js/selector.js .`.DN../....."#.DA.(....A....t.q..W.EZ....1...[.zC.7mD..A..Eo...................A..Eo......Hb.........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 633
Entropy (8bit): 5.6592607763673675
Encrypted: false
MD5: 8A96C8B8A3D88356534F01A09FA8253E
SHA1: 41CC60979E1C1015F5C2592C6094AB0C6C67EAF1
SHA-256: 7C079885DBCD83D5DED455B2356F50864EAE354FA0D6FEFA9FB5EBC0F2F9D3F8
SHA-512: 637B4AEF796BA590B9E04754ADEF9355DBDBBA740374A595B7E5EDD8DF4BF67FD24811F0086CFA2C55CC65EFE11D890C4E8B7970A10C7F867D7BC44B742A9FAA
Malicious: false
Reputation: low
Preview:0\r..m......S...{.j....._keyhttps://rna-resource.acrobat.com/static/js/libs/require/2.1.15/require.min.js ....M../....."#.Dg.c....A...L...Im.@.........E.nW...IP..A..Eo...................A..Eo.................0\r..m......S...{.j....._keyhttps://rna-resource.acrobat.com/static/js/libs/require/2.1.15/require.min.js ....N../....."#.D.|I....A...L...Im.@.........E.nW...IP..A..Eo...................A..Eo.......!(l........0\r..m......S...{.j....._keyhttps://rna-resource.acrobat.com/static/js/libs/require/2.1.15/require.min.js ..N5N../....."#.DB......A...L...Im.@.........E.nW...IP..A..Eo...................A..Eo......5.".........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf0ac66ae1eb4a7f_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 208
Entropy (8bit): 5.583191621085567
Encrypted: false
MD5: A5600EB0F3DA7467236C272B6F6176D8
SHA1: 66C832333603AC10BD5DB8439653EC65545B5ECC
SHA-256: 3E1706289AE7B4455B0E86157B4F29145FFA07DE097D2934C45E665CE1B2933B
SHA-512: 330F184CB531B2E3B5D182D54962A5F1F7D8A2E36EAC2E0476365FAD670D392C19CEA0A5DE3438776B9928D57D91F29A8A9BE585833173B9F87BB21C154F8356
Malicious: false
Reputation: low
Preview:0\r..m......P...Yft....._keyhttps://rna-resource.acrobat.com/static/js/plugins/uss-search/js/plugin.js ...@N../....."#.D.......A...M....m+lS..e.....<7.U.P8*.0K.A..Eo...................A..Eo......M...........
Copyright null 2020 Page 22 of 111
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 208
Entropy (8bit): 5.6297039866658904
Encrypted: false
MD5: CF9EB9DD6274D0159D77CE59D688A37D
SHA1: C4C8708ABC9BBB6A5D5EEFE8D90AD8BDD346AF3F
SHA-256: D90C354347419D7FA7144454AFC1180900E8A5016678A4D113B08DA53C2DE7C3
SHA-512: 02ABC4234DB48191BA80489829EA07DDEA7D1B9ADE1CEFD8B2247FAC143C25918FC713D4D22B2C051F84B2D3CD0346F96AB814012EBF9E2FEFC7FD682A87266D
Malicious: false
Reputation: low
Preview:0\r..m......P...W3......_keyhttps://rna-resource.acrobat.com/static/js/plugins/scan-files/js/plugin.js ...DN../....."#.D../....APJm...0x.x..RD...BB!@5..<..]....A..Eo...................A..Eo.......+q.........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 231
Entropy (8bit): 5.615316993503818
Encrypted: false
MD5: 78384666A6032E98EA628315255D1DEE
SHA1: 32885C149684A6FA3D51B6FBB0D0E70B5AEC0575
SHA-256: CF84FEA9F43B37C6D03923E9E4D37B026B0A8383C615E9642C4E72C565CDF38C
SHA-512: 44134BB041DC4B02297818EE9DB5AC218A1EDFC2F9C2BA9A2C10CEDCC08C24A1C7A78D365DA9763F83D5027F779433CAFA115394A1D7DBF05FFA9C9AFEB5E0B6
Malicious: false
Reputation: low
Preview:0\r..m......g...~.I?...._keyhttps://rna-resource.acrobat.com/static/js/plugins/aicuc/js/plugins/rhp/exportpdf-rna-selector.js ....N../....."#.D......A.P...#4..l....5...5..).w.. .h.~..A..Eo...................A..Eo.......t..........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d88192ac53852604_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 215
Entropy (8bit): 5.512353063284751
Encrypted: false
MD5: 6E8AB843D388955C80C3F0DADECC20D9
SHA1: A3F475BA062A43D10F897C56208D7EC6B75302E9
SHA-256: D130C88082D275A94248705B81F8525806936C95F1E913CC166DA6E05C744919
SHA-512: B46CC8D6921D63472E980A99490D78AF39C11266CCB891D0186A99B573438CB294C773CF2B2C73C38BA32E0DC276599FA3C249DD7D53B47BAF67C0B232303D39
Malicious: false
Reputation: low
Preview:0\r..m......W....w.m...._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-recent-files/js/selector.js .6.EN../....."#.D..*....A...a.f.m.i.o.p..3U5.....^...I.A..Eo...................A..Eo..................
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\de789e80edd740d6_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 208
Entropy (8bit): 5.565379424474753
Encrypted: false
MD5: 1C969EBBDFC546FFB25FDCCBE4BD3DC8
SHA1: 3E8BBBAFE4282883675E4695A7A501B126550FDC
SHA-256: C3D9DFE79473C1F60558381069118EE77C88049594CF73BD37D77E9BD5E01F8D
SHA-512: 4C75ECA0B61CA242485FA46CC51BA69B846828080D9433BAF8CBE129727B271CB5E81D82D893F1A44AD30710C7D1F66ADDF6D7ADE607493D17558CA7CA97153D
Malicious: false
Reputation: low
Preview:0\r..m......P...y.p....._keyhttps://rna-resource.acrobat.com/static/js/plugins/app-center/js/plugin.js .~.EN../....."#.D.)....A..y.$..$.v5j...T...z.]..._S....A..Eo...................A..Eo......Vw.[........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Copyright null 2020 Page 23 of 111
File Type: data
Size (bytes): 416
Entropy (8bit): 5.627260961378629
Encrypted: false
MD5: D350C8A0956D65595319537860CACDAC
SHA1: 216945B1CD9E961470823CC42E4CDE3E0E1A2F5A
SHA-256: DDD8A46E00D31F1C76DDAACFC53927B3B1BD3B39E72C0130CE0BC7EFFB1B36E1
SHA-512: A14ABD52AB59E0C98C36404361E088AB01D6BED4BABB93D97987868E5E1C0995A73F230716E4CED15F9144DA19DCB63280BC2EAA1FC99207611898BD4DA95EC0
Malicious: false
Reputation: low
Preview:0\r..m......P...gT....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/plugin.js ... N../....."#.D......A#[email protected](v.8g..5.~_....]Pj.*..6.A..Eo...................A..Eo......Y..........0\r..m......P...gT....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/plugin.js .YrEN../....."#.D..0....A#[email protected](v.8g..5.~_....]Pj.*..6.A..Eo...................A..Eo......w@1.........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f4a0d4ca2f3b95da_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 210
Entropy (8bit): 5.549428198836326
Encrypted: false
MD5: CB6D5CECAEFC896560D3B2A5527862CD
SHA1: 3DEB8B1F8B78381A5BDC0711E8176518569AC22B
SHA-256: 7729F2F86E66D21FE10C00B07208E0052D65E3CEBF2260CAFCE705C81B79FCF4
SHA-512: 13EFAA8E18BF015E91EAFC819940CC27CDBBEB13459AFBAEF25287A524577B68BBC05959771292DBA5B2EC8025C2B8B111713778CCC5BA21BC2F52AD74A3E869
Malicious: false
Reputation: low
Preview:0\r..m......R..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/uss-search/js/selector.js ...@N../....."#.D.......A8.../...;.\\o....1..........+..A..Eo...................A..Eo..................
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 442
Entropy (8bit): 5.658278478388673
Encrypted: false
MD5: AE14FC121BC3A8AC3CAC4CDB35F49606
SHA1: A0AD678F10E0A80709BD7C0D2529AF8C58369F67
SHA-256: 0C972309485A63552DDC5570AFF6B44B160153C3A18ED94EC8BFE52077B88752
SHA-512: 68042ED345622964AA9141A238E7F8E8E91062DFD3CB601C5233B0D8970EFF7B19BAA92F22732BB2726C5A6F99DE9C7A7E940C81C97CFE606D673C0B090A6661
Malicious: false
Reputation: low
Preview:0\r..m......]......,...._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/plugin.js .Lw.N../....."#.D.Q.....A ./.ev......N~..6.b.....$.j;:C...A..Eo...................A..Eo......Z.."........0\r..m......]......,...._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/plugin.js ..L?N../....."#.D36.....A ./.ev......N~..6.b.....$.j;:C...A..Eo...................A..Eo......W^..........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 210
Entropy (8bit): 5.597206313985681
Encrypted: false
MD5: 2A0C6FDD86FE685A69152BD9AC98DB46
SHA1: 7F58AECB787AB2D5FB0A347464EB47E3082EE8EE
SHA-256: AF9D98F48BAE6F4C86BD8C627BC906CEB155ABAA75175D29297E155B60EB2227
SHA-512: 2D006A8B5CB7017DDC062F29ABB0AEE826006BFA393AE5CD39E7D1CBAA3D2F9205E56CC97D80EEC01BF60D7BED6AC1A9DAD5C6D22AC46E5B46B5CA2E1D7605D4
Malicious: false
Reputation: low
Preview:0\r..m......R...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/scan-files/js/selector.js .3.CN../....."#.D..'....A...U...I.>P...X...x..0U.~;m.x.k.A..Eo...................A..Eo.......@}.........
Copyright null 2020 Page 24 of 111
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 204
Entropy (8bit): 5.565924245092688
Encrypted: false
MD5: 78B2822F920056AC500DCC9036CBFD3C
SHA1: 066038A6B328A091A9D95D2907947015E7C1A8F3
SHA-256: 707DC97FA5F99C4B248633114B02C175A1DB1830A8541537026EFD9D5DA3E0FD
SHA-512: 06E34DB36EC1532FCC66CE58189C802B86C47B87D8E13C58C30A89CCA5B09A388F9CA629BA0B6CD167C332210A0E8A74F30E3AF35CAD9009893CF4B22433B0E0
Malicious: false
Reputation: low
Preview:0\r..m......L....Ey....._keyhttps://rna-resource.acrobat.com/static/js/plugins/home/js/selector.js ...@N../....."#.D.......A.....k....F..D..O.n;[.1m.....=..A..Eo...................A..Eo.......b..........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fdd733564de6fbcb_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 212
Entropy (8bit): 5.653359899835823
Encrypted: false
MD5: 5F9825C1B75B6B69E733543D7A68FF5C
SHA1: 3E48F751B957304FCED15433692B6EF3F3492080
SHA-256: 9E91AEB6321B66618CB5F8260F32CE94076C8F431DE32532D0C9184CC6BC7E47
SHA-512: E7305AAABEC5B64FDE2D726A808410569416AB3EC1B4849D885C89ECBB375003B4ADC2BFB2730FBA0DADD54230A2D8566B60B40398EE04C2A4E64756C7477391
Malicious: false
Reputation: low
Preview:0\r..m......T......z...._keyhttps://rna-resource.acrobat.com/static/js/plugins/activity-badge/js/plugin.js ..,EN../....."#.D6.)....A...k..`..N3.... ..d..$[.....{.A..Eo...................A..Eo......]...........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0Process: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 456
Entropy (8bit): 5.636048623645465
Encrypted: false
MD5: 865603709B8D62363DB6F1F63C3641FB
SHA1: 82B0E11AC728797049CDD5B3D11066E52904B082
SHA-256: 84C385C3C65A8CF6B322970BA796ED953CAC046723DC84FA0977DBAA93696995
SHA-512: 68D9B980B41E21E39149C3400F7D5C86BAEAC45805F8A67A0C2A9C09139170AB5BA9D81894E85A1701F64B77A833D49D8A8DD3A3D529AD04A593C13C0B1F4D5D
Malicious: false
Reputation: low
Preview:0\r..m......d...<.s....._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/plugin.js .J..N../....."#.D......A.....9Q].8O.z....=..:.N.{....N{.A..Eo...................A..Eo.......HV.........0\r..m......d...<.s....._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/plugin.js .:d?N../....."#.D}w.....A.....9Q].8O.z....=..:.N.{....N{.A..Eo...................A..Eo........J.........
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-indexProcess: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: Maple help database
Size (bytes): 1032
Entropy (8bit): 4.964861359150251
Encrypted: false
MD5: EC1AAE3AE1AC8339BB7FD225E139D9DC
SHA1: F89C2CB7638EECDBE3DCBF1FC0E50F5B96C104CB
SHA-256: 43DFE1EFC27669D6E83808D77DBF90AEB1CC172EB8D40E47BAE784769D9DFA0B
SHA-512: 9096B75AA7282688F243198E054900488C5BF778F7AD166E2D5515B959E2D9168FFA8E53E93FADDD509C989757F2E189195ED68C1EED46EAC9546C2F84D5500F
Malicious: false
Reputation: low
Preview:......E.oy retne....)........T............3.....<N../..........v...q....-N../..........C..M.....k...............#...(...k.............][email protected]../.................J.N../...........6<|.....-N../.........<...W..J..-N../..............oB*..-N../...........a......-N../...........;.y~A...<N../...........P....V..<N../.........F..=z;...<N../.............o...<N../...........*....<N../...........2q......<N../.........Gy.'.h...<N../.............k7A...<N../.........:..N.A....<N../..........;/.....<N../..................<N../............P[. q..<N../.........,+..._.#..<N../..........J..j.....<N../.........A?.2:....<N../..............q...<N../..........u\]..q..<N../.........!...0.o..<N../...........*......<N../..........o..k....<N../.........^.~..z...<N../..........[.i..%...<N../..........+.{..'..<N../[email protected]...<N../.........*)....J:..<N../............MV3....<N../..........&.S......<N../.............D.4...<N../..........~.,.4>...<N../.........=....m....<N../.........
Copyright null 2020 Page 25 of 111
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOGProcess: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: ASCII text
Size (bytes): 289
Entropy (8bit): 5.211185952149754
Encrypted: false
MD5: 687F0D628B93E14E3E39FBD6C7385C06
SHA1: E86C09FC80E6923D887369DE463D22299780B181
SHA-256: CBDBF1C8E0B5D0C63A6C734F77ED8536A3D2B891126FBA2F5CC35405A22D6907
SHA-512: F903D8DB37B8487DA17E624481F0DA7A7D799FB00C50BA3B3E8DD9443686348DE6BA1A3F0A36D6716949BCD4BBDC1F1458A045BA9F0B5D7B1F4466122F6800B2
Malicious: false
Reputation: low
Preview:2020/08/20-21:53:42.572 6c4 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2020/08/20-21:53:42.581 6c4 Recovering log #3.2020/08/20-21:53:42.581 6c4 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited LinksProcess: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type: data
Size (bytes): 1048576
Entropy (8bit): 0.007735809786710276
Encrypted: false
MD5: AFA42C39FFDF19EE6CF94F60AAE869EE
SHA1: C08964FD992D8F115D09E74D0B21299AC452A10B
SHA-256: F25E329F22633D9286B9C28F051F1D049D7F77DD9946F0F444AC6DDF796B031A
SHA-512: 9E792EF756E5EE840C3A05A75599F4A0697700090A03D6BBFA773A293E0DC9D7267AC8D0FF6605BB6F519E931405549D330BDCD11613EE68CEDC18012414A149
Malicious: false
Reputation: low
Preview:VLnk.....?......).0k....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-200821045335Z-329.bmpProcess: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type: PC bitmap, Windows 3.x format, 107 x -152 x 32
Size (bytes): 65110
Entropy (8bit): 3.719849399199464
Encrypted: false
MD5: 5FB1B6C55A225E08D97AB1D5CE392873
SHA1: C2EFA8FB76EE480908F5DC0C11CDE28EE4773977
SHA-256: 9F9BEBE9ABB17BE9656F2293B968F6E46FACB64FE5A5A9A73BE5EE0AA8555A77
SHA-512: 0163FCEDA8B53F1E3E7E5B7336F5F889C75E58C8BA3F27F80C761E0F7A77B2EC112A850B99EF44C7540C4921474B8496F1779B190D3490D40783B0B8A61CB809
Malicious: false
Reputation: low
Preview:BMV.......6...(...k...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessagesProcess: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type: SQLite 3.x database, last written using SQLite version 3024000
Size (bytes): 32768
Entropy (8bit): 3.447377570996373
Encrypted: false
MD5: 6326BDDAD6A4990F8EA8D345A161DDBA
SHA1: 7DD91549F6BFF9C924B9AD71BDFABA28929CEBD4
SHA-256: 288CAD2D8F9F7AB71AB956B5D2010F8E176FCE4FB4D6EB3D93EA3CC7D5850861
SHA-512: FACD7CC4BDB38DEC28DFB56BF2C4CC2C11FE6828DECCE0E84C32CADB5CF77E28A55E10F4EEC3F3F5ED9866E07D71AD549C749DD2B97190448ADE786F7AF0D27F
Malicious: false
Reputation: low
Copyright null 2020 Page 26 of 111
Preview:SQLite format 3......@ ..........................................................................$.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journalProcess: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type: data
Size (bytes): 34928
Entropy (8bit): 3.3131086336230635
Encrypted: false
MD5: D7AB63B4A9CDFE8EFEF4CB14C9B01502
SHA1: 545031F0F28E3387DBA356C06D4ABC61173BB2C6
SHA-256: C2ED996A618EC1298E48E4FAA59D158FB50E555231A5248655772ACD18D6B8FC
SHA-512: 81FD66F29D9B9ABF7402D38AFE0ABD8609BF8FA7B5AF3D377D5362277E8EB96D765801452E6C5A93694A879B56C3C57F252941E86125F8A3C86D9AE8446B88A7
Malicious: false
Reputation: low
Preview:............zipW..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................W....X.W.L...y.......~........................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache.binProcess: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type: data
Size (bytes): 63598
Entropy (8bit): 5.433041226997456
Encrypted: false
MD5: 1829916146F11B18E8210676C1B8E6E8
SHA1: E613A2B9AC4CFD6E186CFF42D52D0301120AE5C2
SHA-256: 2CF4B5C850CC8187B2E3264EC09D7D396C40E4053FED33EA21B5B80224774C07
SHA-512: 022762A302A323C094D59F2B46FBA37CA9CD56F9696AACB8FE95EAEE09BF020BAD13F77163B2C886D2C9B3AC28E9A434F4D1BDC6FFE7E8AC6E8B7AC1B6188C3B
Malicious: false
Reputation: low
Preview:4.382.88.FID.2:o:........:F:AgencyFB-Reg.P:Agency FB.L:$.........................."F:Agency FB.#.94.FID.2:o:........:F:AgencyFB-Bold.P:Agency FB Bold.L:%.........................."F:Agency FB.#.82.FID.2:o:........:F:Algerian.P:Algerian.L:$..........................RF:Algerian.#.93.FID.2:o:........:F:ArialNarrow.P:Arial Narrow.L:$.........................."F:Arial Narrow.#.107.FID.2:o:........:F:ArialNarrow-Italic.P:Arial Narrow Italic.L:$.........................."F:Arial Narrow.#.103.FID.2:o:........:F:ArialNarrow-Bold.P:Arial Narrow Bold.L:%.........................."F:Arial Narrow.#.116.FID.2:o:........:F:ArialNarrow-BoldItalic.P:Arial Narrow Bold Italic.L:%.........................."F:Arial Narrow.#.75.FID.2:o:........:F:ArialMT.P:Arial.L:$.........................."F:Arial.#.89.FID.2:o:........:F:Arial-ItalicMT.P:Arial Italic.L:$.........................."F:Arial.#.85.FID.2:o:........:F:Arial-BoldMT.P:Arial Bold.L:$.........................."F:Arial.#.98.FID.2:o:........:F:Arial-B
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\WJRSGUS9\www.coface[1].xmlProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines, with no line terminators
Size (bytes): 6806
Entropy (8bit): 4.728460630538297
Encrypted: false
MD5: 0E542978197067745754C5AF33D6A477
SHA1: B7F4302702C5D35F6A9AABCF89A2EB28420A9CB7
SHA-256: A1520B375F2AA1C3D402CFFC7259405ADED587D65B968E6CF0EF090836E13741
SHA-512: 33B5AD52F5BFA376975BA4AF5FF67BCE90D90D4D37AAD0E07B6140DF0C4757835BD7096D3B361AEC051CFB13C780B563243916A1B1DA8CDDBFC983F0DC95605A
Malicious: false
Reputation: low
Preview:<root></root><root></root><root><item name="at-rand" value="0.5836620665717637" ltime="1315138112" htime="30832503" /></root><root><item name="at-rand" value="0.5836620665717637" ltime="1315138112" htime="30832503" /><item name="_at.cww" value="{"value":true,"expires":1597987535583}" ltime="1317148112" htime="30832503" /></root><root><item name="at-rand" value="0.5836620665717637" ltime="1315138112" htime="30832503" /><item name="_at.cww" value="{"value":true,"expires":1597987535583}" ltime="1317148112" htime="30832503" /><item name="at-lojson-cache-coface" value="{"pc":"rpfo,shfs,flwi","subscription":{"active":true,"edition":"BASIC","tier":"basic","reducedBranding":false,"insightsEnabled":false},"customMessageTemplates":[],"config":{"_default":{"widgets":{"rpfo":{"widgetId":"fk1k&quo
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7713639B-E36A-11EA-90E5-ECF4BBEA1588}.datProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: Microsoft Word Document
Size (bytes): 32856
Copyright null 2020 Page 27 of 111
Entropy (8bit): 1.8406634729834437
Encrypted: false
MD5: 2B41570220DFB4029859007639CB63FD
SHA1: 1A7EF975E1B4716FC87F1271005A05570939F306
SHA-256: 88B71CC6D66E853D2BF3D320940556864AA22A172DF403F74D89A23C3D372F66
SHA-512: F513813C52FB75434DAD4B4B65E649B5C9E3B7D703004DF8B9D6F981211942BA47DD16A2D9A1F8EA4823410ABD9BA07200131AB9E72CB061A4639A951F707C8D
Malicious: false
Reputation: low
Preview:................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7713639B-E36A-11EA-90E5-ECF4BBEA1588}.dat
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7713639D-E36A-11EA-90E5-ECF4BBEA1588}.datProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: Microsoft Word Document
Size (bytes): 231974
Entropy (8bit): 2.531804534212969
Encrypted: false
MD5: D87B1F9CE8FD4AB0D2F0E07D5EB5553C
SHA1: F201CF8D65BCC8C2413B1B2DC3DD6413605A48FA
SHA-256: 298252AA3ED1A12138E103093B47B50ED07F12530A0A398B661181DF6C920A09
SHA-512: C498B23B028BDE0F5A928A59725F9DF72E838E5CB058358A5F577957CCD1311097AB9C697D4BAD045225D3907646B39781C27156C5A76FE7D6D511DDF046526F
Malicious: false
Reputation: low
Preview:................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{84A804B2-E36A-11EA-90E5-ECF4BBEA1588}.datProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: Microsoft Word Document
Size (bytes): 16984
Entropy (8bit): 1.5641104281537188
Encrypted: false
MD5: 8EC549A1AE550A62F9A4A7DAAD9FF270
SHA1: D3B04695AFFB93FE73B0A5817326C1C4157E07D9
SHA-256: 133E98DAB701ECE51D87C5345A2D90F35EE5E9CE3056503D7E56910DA4F25C3F
SHA-512: 422481C6B3022533ACEC979A602E2F2BAA4BE7B367A3D25B6794A37969C5C4540805C7B69091CEF8308A9DD52A1D65B145C256EA94B244DA82B100E7E8BF517E
Malicious: false
Reputation: low
Preview:................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xmlProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes): 656
Entropy (8bit): 5.061563705274351
Encrypted: false
MD5: 6BAE990DB654C8BAD85068C8FA21F757
SHA1: 2FB893F8E280CA48B6EECD5FA7EB4D6FDA49328F
SHA-256: 562B55CDE9F0AECCF1178F6F021EB79D6A564A44E81DC968F10A045F28C01CAB
SHA-512: 6BDF569F217FE0EB9895D403A5016358CED6222DC7E6BE546225D51974DE13FAF0992E6A463CC05C9F6ABED7B425B25859B91EE2DD67DFFF000D8E3FBE6CAE5A
Malicious: false
Reputation: low
Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0x4defc71b,0x01d67777</date><accdate>0x4defc71b,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0x4defc71b,0x01d67777</date><accdate>0x4defc71b,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Twitter.url"/></tile></msapplication></browserconfig>..
Copyright null 2020 Page 28 of 111
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xmlProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes): 653
Entropy (8bit): 5.100605042853807
Encrypted: false
MD5: E3FCEB307CFCC7A43C5A0111EE5F9326
SHA1: 543ED4998A33CE213C24D46B3F376A82D145D838
SHA-256: 6563F2630A88464D7045D549580F288CAC86A5B67B40C0FD57C32CCC3C698A3E
SHA-512: D7C3FEE44E582BE317A0686F03F368182FCC5E9B13B2288A3C3638636A2EF3A5A389E719F2AA996DA1C2CA52BD3CBE32FBA9B8B05D115C1BE4814C4169B52F12
Malicious: false
Reputation: low
Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.amazon.com/"/><date>0x4de178e8,0x01d67777</date><accdate>0x4de178e8,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.amazon.com/"/><date>0x4de178e8,0x01d67777</date><accdate>0x4de3db3a,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Amazon.url"/></tile></msapplication></browserconfig>..
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xmlProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes): 662
Entropy (8bit): 5.142491797494315
Encrypted: false
MD5: 8B1D19F3D1823B52CB2EEC7BDC0DFA41
SHA1: 8F3FB917B3A0E079E074B61B9913A28F7FE94688
SHA-256: 7DDDDF502CC620CD55DA82506492414339065895D7FCE3F48D4E9B1F2D75B274
SHA-512: 19FC39A382C4C7A8FADC46A065FBF2E485710F7C8393D5DB48C47FE8810F9A0B623790B77E6C626BC450F4B659BF49F4A0018D550FF17120013DD7CB6B56DC06
Malicious: false
Reputation: low
Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.wikipedia.com/"/><date>0x4df2296d,0x01d67777</date><accdate>0x4df2296d,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.wikipedia.com/"/><date>0x4df2296d,0x01d67777</date><accdate>0x4df2296d,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Wikipedia.url"/></tile></msapplication></browserconfig>..
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xmlProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes): 410
Entropy (8bit): 5.164183329867849
Encrypted: false
MD5: 4DBDB623679234712DF021B8F819E0C9
SHA1: 9701B6547306C54455205568AEDFE4591E699210
SHA-256: F69292C5BE8B031D6B07835114E0130028410C6B0674D61ED889C3E1EC6998A1
SHA-512: B5720DD182D6CF4E46E4A800DF490F1702EC9F02917B9156639F654FBD89C69C9E0270615322968E97A5F6BC359473E175A44BB28AC5C8B1D27019B47FCCE35B
Malicious: false
Reputation: low
Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://go.microsoft.com/fwlink/p/?LinkId=255142"/><date>0x259f0d0f,0x01d52d14</date><accdate>0x4de63da3,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Bing.url"/><selection>\lowres.png</selection></tile></msapplication></browserconfig>..
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xmlProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes): 647
Entropy (8bit): 5.095486432813328
Encrypted: false
MD5: 7E82FDFC45BA12EEC853EABE8502B613
SHA1: 0860336BA24508D7CAA1987818F96DC0B326D373
SHA-256: EE06FB158D6EF2264B49C2858D964307AA42FC54EFD2D68308F090D734270F6F
SHA-512: 25E49B82DE08FD878EEB0603721420C1BDC839A84B46C538BF45A8B3A419D2B3807ACCD5FFD5FAC2FB8F49067B4BEB2EF26B3466AD25580C4A6B2B50A68D30A5
Malicious: false
Reputation: low
Copyright null 2020 Page 29 of 111
Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.live.com/"/><date>0x4de8a016,0x01d67777</date><accdate>0x4de8a016,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.live.com/"/><date>0x4de8a016,0x01d67777</date><accdate>0x4deb0276,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Live.url"/></tile></msapplication></browserconfig>..
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xmlProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes): 656
Entropy (8bit): 5.147157150463542
Encrypted: false
MD5: 7A1D1C31FF6574B1686F7A9192309240
SHA1: 640F05BA0588EB52D7547F01819EA67CE22EBF36
SHA-256: ED17902A8ED7D947854A7A22866023F7BF04BC5C8A679D471552BEA995B2A771
SHA-512: 565A7C8A5922C0E4266F4BCD4A2DB3942A061589410244EDAA631943F2948933522EABD401595D9BC7F2C61105894C310132D23D6EB8F88FF816DAD462C1712B
Malicious: false
Reputation: low
Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0x4df48bd2,0x01d67777</date><accdate>0x4df48bd2,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0x4df48bd2,0x01d67777</date><accdate>0x4df48bd2,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Youtube.url"/></tile></msapplication></browserconfig>..
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xmlProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes): 653
Entropy (8bit): 5.083391147331393
Encrypted: false
MD5: A1893966F12667EA685542BFEFB04D05
SHA1: C3CEE53222155531EE833921868FECE351CA640E
SHA-256: 8803B92B497C91F33B13102EDF0193046DA03969AD1127EE4005C75CF05A8BF5
SHA-512: 95CB192D6EAAFB6211B864F66E75BBC9B2CFB70DABB9B62ECADF18FBA392B7455CA1C586E0A4934988FA6C0ABAFD2DD49F8F33F5AC07577B5FB7ACC850A82A7A
Malicious: false
Reputation: low
Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.reddit.com/"/><date>0x4ded64bf,0x01d67777</date><accdate>0x4ded64bf,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.reddit.com/"/><date>0x4ded64bf,0x01d67777</date><accdate>0x4ded64bf,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Reddit.url"/></tile></msapplication></browserconfig>..
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xmlProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes): 656
Entropy (8bit): 5.129412597579683
Encrypted: false
MD5: 0E9A8B5CA3D6E1A9DD6A6D83A0D109A8
SHA1: 30C3F23BE8FDE66D128027865B9F8D018F241EC0
SHA-256: 00C98B6BDCB9409F3A00E7E76A7D968F4925A36630444F82BA34B46796BD455E
SHA-512: 645DC89FE0915F44FAC1997352F270B5B47764A9FD4BA81B164FB21447F9FE1EAA272E692FB2DCC2EB5FE32DD7E3BE0E1D310284E1B55C352524A5A362C042C8
Malicious: false
Reputation: low
Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.nytimes.com/"/><date>0x4deb0276,0x01d67777</date><accdate>0x4deb0276,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.nytimes.com/"/><date>0x4deb0276,0x01d67777</date><accdate>0x4deb0276,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\NYTimes.url"/></tile></msapplication></browserconfig>..
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xmlProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes): 659
Entropy (8bit): 5.089218802372871
Copyright null 2020 Page 30 of 111
Encrypted: false
MD5: 4EA8E8D48D8DC190ECB613505DD5FB8B
SHA1: 46A3479CDDAF137B90A1283CE5AA1678A88DB05A
SHA-256: B34445CEB3698A7056A78E6233422D59BA7FC486F668899A8C0AA618DE21073B
SHA-512: 448DDF04A8F95EB5B5A9E83FC547ED97069D5556D9222C84205E657527BF5102E32C11C571B619D6CD783534AF67B2DF9C3B2BF07757D002A393C21DA0E24E4E
Malicious: false
Reputation: low
Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0x4de63da3,0x01d67777</date><accdate>0x4de63da3,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0x4de63da3,0x01d67777</date><accdate>0x4de63da3,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Facebook.url"/></tile></msapplication></browserconfig>..
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xmlProcess: C:\Program Files\internet explorer\iexplore.exe
File Type: XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Size (bytes): 653
Entropy (8bit): 5.071175733173303
Encrypted: false
MD5: BA8124C637A61CB9DCE633EE32D43A9F
SHA1: 807CCDF8E3826892ADBA1E2F43DCDB9DE2B3E394
SHA-256: 3DE914527889D7ACE70A450B36D356E807ADBE9D5AFFCB41BA4BE7650BF720E9
SHA-512: 2CA1244FE35EC3D18289D7012908A73C518643278638088E013F07E8441DC6981F43F37CEEA946D9C2C82A4D20AB71B36A125E8C44BBBD56F13B339527B96E96
Malicious: false
Reputation: low
Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.google.com/"/><date>0x4de8a016,0x01d67777</date><accdate>0x4de8a016,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.google.com/"/><date>0x4de8a016,0x01d67777</date><accdate>0x4de8a016,0x01d67777</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Google.url"/></tile></msapplication></browserconfig>..
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.datProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: data
Size (bytes): 8780
Entropy (8bit): 2.970242517880038
Encrypted: false
MD5: D43CFDCBA973AE6EF990942CAFD2DA3C
SHA1: E3B110CA09FFDB21E9750563279A02D4840C6A5E
SHA-256: CEC0E041F40E02844B1421101F4FED3E425B2127411FBCE29F98682FBBE605C4
SHA-512: 4C46654602BB644564ABE9AAF28066C2426F2BE0435447C8843ACB14B5B20D8ADEA5029F0337184B0FEEB7A6ABC9098D21A207013AAC0A90CFCDE6C179E0279A
Malicious: false
Reputation: low
Preview:".h.t.t.p.s.:././.w.w.w...c.o.f.a.c.e...c.o.m./.f.a.v.i.c.o.n...i.c.o........... .... .........(... ...@..... .........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\0Z0CSRTG.htmProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Size (bytes): 86403
Entropy (8bit): 4.767484562837467
Encrypted: false
MD5: E36D3FC0A9229E53B1D91D35E3B1C8A6
SHA1: 63A8DBF82CEE3261F16E70FA7AE4474744D45701
SHA-256: 603F9FD3F319756844AD6809AED0EDB0C7CFAD422B1F2287A89C831B80E0A803
SHA-512: 68C820A1B9848CA2E260446E60B41897D40839E146CA63F5F152985B443878B3E49131B0197BD7FF202902FC8DFF78DE37AF9529F35773FAE51B5779123017CB
Malicious: false
Reputation: low
Copyright null 2020 Page 31 of 111
Preview:.<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "//www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns="//www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">.<head>. Cofaweb version : 2.3.16 build February 24, 2020 --> ..<link href="/favicon.ico" rel="shortcut icon" type="image/x-icon"> ..... .. Defect 487 -->.<title>COFACE : Credit insurance, Debt Collection, Factoring, Business Information, Bonds, Economic studies.</title>.<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />.<meta name="description" content="Coface, for safer trade : we help companies forestall and assess trade risks while protecting them against overdue items" />.<meta name="MSSmartTagsPreventParsing" content="TRUE" /> <meta name="robots" content="index,follow,noodp"> <meta name="google-site-verification" content="9vexjRl_mP0todsHCMMax1zHQXBePIGqBQjyGmLse1g"/>. . <link rel="alternate" media="only
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\0Z0CSRTG.htm
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\1[1].txtProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with no line terminators
Size (bytes): 89
Entropy (8bit): 5.370074689461816
Encrypted: false
MD5: 515525BDF00AE2FE95D0BEED7E2B1070
SHA1: 9080795A202226CCDBB4C7894EFCE98E16F110C7
SHA-256: 7E04300396FA5235B8CE6D126B6F07DA705ACE8ADCB024F20BB424EABEC677C3
SHA-512: DF2CA906FB0E9ADE5CDF00BD6BDD8750A3F571B120BD7EEA30F8718E40151A1A34BE1B50A0E452A910AD7E93895A82D5FD78689D0E93D0E1536133EA29E728A5
Malicious: false
Reputation: low
Preview:addthis.cbs.jsonp__71673850139796960({"loc":"MDAwMDBFVUNIVkQyMjY1MTg2NjAwMDAwMDBDSA=="});
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\ASMEX-MOD_small[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 100 x 65, 8-bit/color RGBA, non-interlaced
Size (bytes): 7367
Entropy (8bit): 7.960669128483786
Encrypted: false
MD5: 3BBDB762FDA4BC5E5CC3524F7735A7B8
SHA1: 3FA453DF36B1AA7A4C529CA0431F063BE1D68A3E
SHA-256: E13C1839E81F9DBC5BF2307CDCDDE9033970EC473B187306887B105A4999EFFD
SHA-512: E5598834EFC3C40D0131ABFC3E97C442DEA47CFB244D41FB5A88CE55A04B08872EF265E9E9ADE990A83F7DECECF65C6FB62B057BBD0799D33687160AA5B96B08
Malicious: false
Reputation: low
IE Cache URL: www.coface.ma/var/cofaweb/storage/images/media/images/asmex-mod/2789765-1-fre-FR/ASMEX-MOD_small.png
Preview:.PNG........IHDR...d...A.....'.......IDATx..y.\.u..o.W{...l.".")...di.....$..Lf.....'.Af.g....G..8.12.........dj..M.4..TwWu....;..bK.)..d..y.F5...{.{...w.....v..A...v....:...\[email protected]...?..._..7...5......."..C.6!.B.d..._.;@D. l..8.N...A.;..B..o.%.........9.l.IU>.).'S?....."*...,.......K.D..Q..p\... [email protected]...,. .r...a......z3.a|.k{M..=!.Bv..J.gg.f....CRT.d.9.E..Pr..l.9.DJ.H......yD...R.....W...8.h.Q6.'./~.....r:.A...; Q.MX*..K....z.$....:6.2:.._]tIS.].n..D....i....y.e..~....H}..1..D....("......ssD...r>..s{.@.!...I..2...#HI.`.H0=...K$.{..4......}.DX6a.J0;OX. .:....I.|.).....H..~.!K....&.*W.Z.[oF.}...i.j..z.b..A.l.,,... .Q..h.[Q.9P..x\?..\..g.4.6."S.$....L..&...._.YR*..f.ISQ.........C.V.`...t..i..[.X.iW......?w..o,!....$.C.r.......\.h.]..LrY..r1!....R*[email protected]./ oZ.&....D.$IHH.-....z.....746...&u....|...$.l.I.4[..sMF.R.....a.py...)..o.|._.......N#g3WdC....8.K(....T..]....q.|u.~IBK.BSetM!.+...LZC.$._.h9.8SEQ$............ \...<....^.1.....
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Actualites-Publications_menu_portrait[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 231 x 193, 8-bit/color RGBA, non-interlaced
Size (bytes): 49530
Entropy (8bit): 7.987740507252601
Encrypted: false
MD5: 7257B7E256C812953AB180AB51CBC926
SHA1: 1022761F193EC3E2F1A8920CE133D634AC7BD6E4
SHA-256: 0E43A920FF1B8958738E3EA8216426C849EE1E21CA9BEA81E7B8D118900A60DE
SHA-512: 2D3F17757607E98A8D18FC8A9BF16CCBDDC8E0F9DF82EC8D6507DF9ECB81FC9858F62767490534E0762CA0550EB56534211AB1C689391C130F977DAF4F6B2143
Malicious: false
Reputation: low
IE Cache URL: www.coface.ma/var/cofaweb/storage/images/ara-ma/news-publications/422745-82-fre-FR/Actualites-Publications_menu_portrait.png
Preview:.PNG........IHDR.............4.......IDATx...w..Wv.~N._N7......f..Z-+gY.A....y....,...{k.3.r.%Y..BK.n.....$... r.9._.Uu...........$....X....~U.T.>{.........?S.{..$..-.BF....3<.w.Mh...n....=../.......Z.F*&.S.{..&..R..tE.i.........a.=.'?p"Q..A{.....#.PJ....3>...o=..a.{...B)E....Nb...VJ..!>.~..S.r.*.HL%.(gCa..=.|k...!R.$.v'.....![NKI.PGG.hS.Ze.q-NAX.(,\..{.......A#H<.... ..-...4...9O.R.#...`.....C....I..;.4qU.E#.....T.nYb..c*..gA./..e......W..l...!..k..{..w.YL...p...Ss............A..n9...\.u...V)....bI....$L,\.e..0q.w<p...K...BG.........>..P......]...._..Oc...."4.<f.._O4...5...XQ........R..0....V4..%.FH..RR.`^.Y.B.h.........].hb.}..oF.n..+.8..H.D,....!_+..........".s.<yd7...J.CGJ.r.H.R#..H.#.F.ju.t..+..h.h8..].R#.+"..5.%..V.$<EWje^wU9............Y-.!g.#.<...&...3Z....J.EU.....Lh1.B.gA...dEc.R.r......Q..1M.J...C...bN.....>.(.'...7..~......z.4.R.....&...?..S.G..Ll.a..>~.'>IO..k=..%~.+/./...,P.....|..C.......o"[email protected]....#.W.x....O..u...Gh..CP...~w.g
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Asia-Pacific-Corporate-Payment-Survey-2020-COVID-19-will-overturn-last-year-s-incipient-recovery_publication_home[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 120 x 79, 8-bit/color RGB, non-interlaced
Copyright null 2020 Page 32 of 111
Size (bytes): 18334
Entropy (8bit): 7.975847195726374
Encrypted: false
MD5: C5B04ABEC876C8361B4D203B44218D1D
SHA1: 9642AB0ADC3C55AFBBDCD979C215CC8B696E9169
SHA-256: F99D607DFF5846A118E5C2880B4FECD8F4ECEFCB92EB72EFA77FC75A8B4E0EEC
SHA-512: 36C36186F97019494211C8BD23DEA29D83A085E1C333403D52F6771A46654DAD12CD09D42EDB0AA1CEE301BEDA70EE9E68A98B04F178BB048E2C71B5DCE25505
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/var/cofaweb/storage/images/common/publication-database/asia-pacific-corporate-payment-survey-2020-covid-19-will-overturn-last-year-s-incipient-recovery/3022956-1-eng-US/Asia-Pacific-Corporate-Payment-Survey-2020-COVID-19-will-overturn-last-year-s-incipient-recovery_publication_home.png
Preview:.PNG........IHDR...x...O......y....GeIDATx..g.eYr..e.s..W....w.t..u.~. ..Ar.0..H.H....#...!RA1(....eH.....,@..b...p...oz.}wy..5.L.xU../.b...z.n.....................c..DQ...@D..!u...@A....@......{......D........W>.<../.0...sw.8.V.<.i.....k.)=|U:... 2D`{.`..}#..V.*J.(.D.L...b/j.t.r...*..x...Z...4..\.h8..*9(eX.:I..9k..TQU..3FuR.]%g.c.Y..J......E...x..;.n....Y..%X.......Pw...J...d.....Q.Y.H.....x.V..E...&T...Y..>g?..f..J..k........vn...V. .*f.|.....8.L.D1*.cWc.L.._.c5=K....1.&..Kh.zL$..I.!&.u*......[..;.n...y.6..D....H...Vu..pA.^.\...G{n.i+..$,X*......E...i0..N.Z...UO2.2..Q...%.Q...%.."|..Y..$3..>.Qt.0.E..4|zM..'[email protected].<.fy).....v...k{.%....?x....o..u..C..Qc*..6..hJ....3F%[email protected].@.].L.;.....W~..v..R.....J.5:!..DS./......;....d.x..Ltc*.[X..q;{[email protected]'W.......d..B.$..8.J....0PFr...9.}..!.?..{+...;=.....+U9}....'o..t....>[email protected]}.-C.9..[8..sV+...Z..E$..i.(..#..W...u.r.^.k31.......J.(....`...MK!I.B...^H.j/y..v.....f0.f.f+.7...
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Asia-Pacific-Corporate-Payment-Survey-2020-COVID-19-will-overturn-last-year-s-incipient-recovery_publication_home[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\COFACE-FOR-TRADE-Building-business-together_slider_large[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 1755 x 325, 8-bit colormap, non-interlaced
Size (bytes): 170867
Entropy (8bit): 7.9841003607370045
Encrypted: false
MD5: 3C552967E47BC55BFA79E099D301CE92
SHA1: 60208123211DC8DAAD85EAE1950838A76BCE93B2
SHA-256: F0CA94167870D516D8D614273B11E6BCCA5AB3B49413CF651441A08D4D449ED7
SHA-512: E5A1F50AA12BBFDCC16871DF5831587C9E4D5BC5205246EDC1B73D3BA8D307366854D1A09115CA4CDBD024C7DCCF8B307A7EC44C180DB2571FB1DF3C5A4A3DDC
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/var/cofaweb/storage/images/corporate/home/home-slide-block/coface-for-trade-building-business-together/2664206-66-eng-US/COFACE-FOR-TRADE-Building-business-together_slider_large.png
Preview:.PNG........IHDR.......E...........PLTE...W................|kD&..3%................................................................................A....?&....,...................................Q...........b.....g....\..{..`..Y.........t....J..G..m...#....k........X..L..u..<..i.....s.............{.../#.........................l...y14.......; ....m...;...A....c'.^.}I!.p+............e.k2M6%.u,..D...Qp?.A(.....58+.D/ Y..'+).1..^#l...{..-..8.l+.........t,.V".t...m-.]'.[D(.~h.a$.3../.|5/4/.JB.d&_8..O.P0..R..W!.#!vX3..qK#...wX...8...iM/=;/KE/...U91.a9.....1C...?..}%^{.x.VM:.T>..T......\*>[email protected]@.l(CJ..P.zEo`G.Ik.S..3.2L.A...0Ub~xb.M"[email protected]..]i..Q`[email protected]]..o{r2..T..B....v.3.a..H.@"............tRNS.....'.\...*nv.....IDATx..[..c..M9\8&r(.....W.m..+Z[6%.3.p...XJ6i5Z../.d...Q...j...;.`F3h......q.......<.......~........~..[.g..N22H.?.34..`..e%.....!..i...%...:..X..P.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\CREDIT-INSURANCE-SOLUTIONS_slider_large[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 1755 x 325, 8-bit colormap, non-interlaced
Size (bytes): 273683
Entropy (8bit): 7.9435921854238485
Encrypted: false
MD5: C5FE861D395859A5F02595236BD1519D
SHA1: A6E2E1B2490424215FD0F42F2C01E06001E439CE
SHA-256: 15EA52F635BF2B835ED5EDC72C8955E8E570DC5C80BFC3DC3A43B77A8FBEFF9A
SHA-512: 7110EE51BE43DB1D5C171AD82CA9F80D0A0CC4DDB3602E1F9AA03A86B2F163F45D25B1A7801A6FFB4B012CF40A1F402B254955062E66FFBE93ED301F0DF95171
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/var/cofaweb/storage/images/corporate/home/home-slide-block/credit-insurance-solutions/2664218-4-eng-US/CREDIT-INSURANCE-SOLUTIONS_slider_large.png
Preview:.PNG........IHDR.......E...........PLTE......j]N..u......YYZ__`......". jjm...cdcuxxPOQorsegi"..LKK748mon3/2;8<COY,%+...&."UTT!/A)!'...FCD...x}.#.%.....LT\...AIR@>@}..HVd......R\d~~z).....................:DOXbi0+/.......................4$#...,.92++....3?......82328D......$3 *:...2?M......ny~<(%........=.,...%",((3......h!).}Qvvq...:>GlicMGE........F4/...oD9R2+.V>e>4...{K;t#+G,'\80C.!TLGO:3.....7.....O.%&6J...>75yE4?Pb.Q?[ '....]B8HZ.'/ZQK......J^r..kXB8.xE<9.l....M5as|ym[...c^W.gDaI<..tvYE....a`WPVht...o>0.tIueT...ldZ...wbamqnO?...)2.jS...`I.....z..xqe...eI.....p,8MD;..W..o..b.qQ]-+.......o...i3*ay....y_......q]..^[email protected].?I....weTE.........nI.......r...[=z8.y..........{o.-5..............NX.`{..s.ad....x...\.Je..........M.xv.}>.S.F9:.M.i.n....tRNS....4K.[..).IDATx..{lS...."v..[..H..f.b..\\...H.t.....(.@..%P..5..B..46...(.....&...BF`.. &.....n%..F.._h..<.....K...;.|.b....<..~....d6....b.......^.P..+..J16...J%JkIkkk.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\CREDIT-INSURANCE-SOLUTIONS_slider_small[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 386 x 325, 8-bit colormap, non-interlaced
Size (bytes): 56706
Entropy (8bit): 7.95625201609587
Encrypted: false
Copyright null 2020 Page 33 of 111
MD5: 2BA364DE6C920EA84113D7A8D9CD7D40
SHA1: 90738A29BA4E8B72BA627A479FC140CDE6A5D674
SHA-256: 727EB88A697269353FE53026C82AE8E9ABC8B1EA7151C1B2E6B5A9A9BC270CE7
SHA-512: 29C5F4F46A8AD4DAC4A94F989B16274E8CC3D4AD4DC175C11D1DFA12D1057ED33CDF65F02E52BB8E36A7F883FA0A634B06E40149E9ED830C267F7DB4B868B850
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/var/cofaweb/storage/images/corporate/home/home-slide-block/credit-insurance-solutions/2664216-5-eng-US/CREDIT-INSURANCE-SOLUTIONS_slider_small.png
Preview:.PNG........IHDR.......E.............PLTE......zdR.l[...aJ7R2;phaqjc...kcc.............................................{..x.............y..o..~..h..a..Y.w].p[.}d....................pe.ue.rY.^O..u.........w`R.iV.X<}S<wSI....aLtM9kD6^C5Z7.U2+c:/j:.J.*=,*H:1.......................|=96%',!$([email protected]...|p.h[[email protected]*yA3ZXO....v..j........xp.....e..i...I7mh]WOH....wmg......_=.........n............e?...........iC.......................mF......kR_`T.................jQ.tL.................iXL......................................................a....................|Q......................gcW...................hu~.......r.}_........z..EVr......1>X(/?...j...........`{...............^~.a..c..g..Sq.s..l..Wx.......rTEe.[..$....tRNS........S..."[email protected][.\ZEE.F.Q.(.....1ja.*m.b.....Y$...X.!..J..8x....3v.t..y..%. ...=..h.{...>.Y~^O...$...%.O?./........./<..p..x..>>....i
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\CREDIT-INSURANCE-SOLUTIONS_slider_small[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Coface-for-Trade_slider_small[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 386 x 324, 8-bit colormap, non-interlaced
Size (bytes): 54817
Entropy (8bit): 7.972300846747498
Encrypted: false
MD5: B7B19FEAB6E9AA7BC57EFF7C7BD91CAC
SHA1: 7F93DA8F62E562F63EB3FBD9CA9A8739C68FAA3D
SHA-256: C4413D9963C571F518FD21B0E28DFE91033EC0F5BEE2B76CF89D0C4989FCFB2B
SHA-512: 7DCA47060EEDE74981B0FFCF8308E78CBA389BCD957874E1E6F256DA8017757A453C707B5EEA019CCBA5B0F7FF0E53E2491E9BC2D9004B1804B27F8C8AD79E97
Malicious: false
Reputation: low
IE Cache URL: www.coface.ma/var/cofaweb/storage/images/ara-ma/home/home-slide-block/coface-for-trade-ensamble-developpons-le-commerce-mondial/422841-18-fre-FR/Coface-for-Trade_slider_small.png
Preview:.PNG........IHDR.......D.............PLTE..............~....qJYk'8S.yr...~?EX..u.pn*>Y!2M............z|..In.Cs.9h.2d..\.(T.*N.&GK`...........=m 4U...IP`.4[.-U.:b.#=.2T...g{.8Pu#B`1E_...qn.ekw_q..1V.3NN^o.3V./Piv|PSm....6];Ge...FUz-Dh.Dq..I...=c.4\[email protected].!Bi.;g.<\Zbp@Sh :Z5AU}u.ibs6Jnl......5V.BsSV{_Wl"0F...,;P*@Y.Am.,A.7b2<`..'....&8/6X&.?.'=)Jp.2A. 2BMstjt...I<[*5I... Jw.....ABN57Kt}.....RXc|lj.rq.vqwxu....{{opnj_f_abhii..}..#)9NLT<6V.$-[R\...,-:SDe()6..><D...fZ\..|KFH...uedYMN......q_Z...65A...eUS....8/7..... -............y. %2..........}o..{UYT..yi.ody]H.h[......|H7;......jYCC.y....u\...q..............o.kPG.....~b.~.....r.x....}L^......hI....q.b};..p#...]66.K.z?4.zP.i.X/%@(+m:E.X...*..d..X..p._..t..jI...^..a{~Tm....tRNS.I..)a..D]..|[email protected].=..7..}-....d.5..A...LP(..(b....Lb...I.TR.......C1.D.D.`...A....}...]]......?..Yk.......d"y>...k...."l...w.Y.x.;K....[....~...._-Z..B[
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Coface-realise-un-resultat-net-positif-de-11-3-M-au-deuxieme-trimestre-2020-et-poursuit-l-execution-de-son-plan-strategique_news_home[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 326 x 207, 8-bit/color RGB, non-interlaced
Size (bytes): 119646
Entropy (8bit): 7.98195209170541
Encrypted: false
MD5: D2848701BF73A7A6B2CEB4F67B52E2FD
SHA1: B74906DF1A09D2E8C9EDE9EA1C326BF9892DA52D
SHA-256: B8EE49DA9FFDBF6C6A9DED13B95AE7DEBBA178D5219EB00983166F2BF6BE9736
SHA-512: A06A13D75D38A39B1099F7469DFB114E1E1B92B7BEF9159E6178FE9707EF45E0BEC5D4C1A48CD6C50E4EBC41EFB020B9440D075C8C9B678006A6978FD74F56FF
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/var/cofaweb/storage/images/corporate/news-publications/news/coface-reports-a-positive-net-income-of-11.3m-for-the-second-quarter-2020-and-continues-to-implement-its-strategic-plan/3036263-16-fre-FR/Coface-realise-un-resultat-net-positif-de-11-3-M-au-deuxieme-trimestre-2020-et-poursuit-l-execution-de-son-plan-strategique_news_home.png
Preview:.PNG........IHDR...F..........}......IDATx.....m.q..V.....N>.....J-Y8.6........g.w...p...=\....`..6.....18.l+.d.. ......o.q...z...U....'.C?v..9...oU}.S...?...g........?.W.'........D.E.E.D..Ad.....@.....@. [email protected]@..Da..$.A..@"...@$.(,. ....@.. ...........(...~../[email protected][email protected]@[email protected]@P.A...H..E.Q.[.../... ........!...... ".......'...U...?d.S}. .... .".Bv.hO.....AP.S@?S/.......#....... . .lO...........@@....Y}.. "..LL........Q.w....D.=u...AA {.."~N....A!.e...w (..Y.#...(.}...,.$..,v.... ..%==...~.(...9.1GAFT..b@.@..$.$...(....#..}y.w!@f1..,.....B........` }...H...Q........!......6....d."...F..'B...A.H....ME.G@P..\.@ .1..tf...g..! ..?,j."b.P.1....... .... .d.,............-..}........}.9(3t P..../...!...cDtW.(...[0.....8D...`.$..."..K...j.8A.`.Lm.A.P...v.$F.....D..$..d..7?....L.H......E.......A.d.B....B..<^........$;$Hh'.Q....A us.. .a.P='. ......."}.b..Q.:... ...<)..C... ......c.....A.......R..`}:...j6.w....s.......Y.. ........& ...."..G3.@;..|m
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Coface-reports-a-positive-net-income-of-11.3m-for-the-second-quarter-2020-and-continues-to-implement-its-strategic-plan_news_home[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 326 x 207, 8-bit/color RGB, non-interlaced
Size (bytes): 119646
Entropy (8bit): 7.98195209170541
Encrypted: false
MD5: D2848701BF73A7A6B2CEB4F67B52E2FD
Copyright null 2020 Page 34 of 111
SHA1: B74906DF1A09D2E8C9EDE9EA1C326BF9892DA52D
SHA-256: B8EE49DA9FFDBF6C6A9DED13B95AE7DEBBA178D5219EB00983166F2BF6BE9736
SHA-512: A06A13D75D38A39B1099F7469DFB114E1E1B92B7BEF9159E6178FE9707EF45E0BEC5D4C1A48CD6C50E4EBC41EFB020B9440D075C8C9B678006A6978FD74F56FF
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/var/cofaweb/storage/images/corporate/news-publications/news/coface-reports-a-positive-net-income-of-11.3m-for-the-second-quarter-2020-and-continues-to-implement-its-strategic-plan/3036245-15-eng-US/Coface-reports-a-positive-net-income-of-11.3m-for-the-second-quarter-2020-and-continues-to-implement-its-strategic-plan_news_home.png
Preview:.PNG........IHDR...F..........}......IDATx.....m.q..V.....N>.....J-Y8.6........g.w...p...=\....`..6.....18.l+.d.. ......o.q...z...U....'.C?v..9...oU}.S...?...g........?.W.'........D.E.E.D..Ad.....@.....@. [email protected]@..Da..$.A..@"...@$.(,. ....@.. ...........(...~../[email protected][email protected]@[email protected]@P.A...H..E.Q.[.../... ........!...... ".......'...U...?d.S}. .... .".Bv.hO.....AP.S@?S/.......#....... . .lO...........@@....Y}.. "..LL........Q.w....D.=u...AA {.."~N....A!.e...w (..Y.#...(.}...,.$..,v.... ..%==...~.(...9.1GAFT..b@.@..$.$...(....#..}y.w!@f1..,.....B........` }...H...Q........!......6....d."...F..'B...A.H....ME.G@P..\.@ .1..tf...g..! ..?,j."b.P.1....... .... .d.,............-..}........}.9(3t P..../...!...cDtW.(...[0.....8D...`.$..."..K...j.8A.`.Lm.A.P...v.$F.....D..$..d..7?....L.H......E.......A.d.B....B..<^........$;$Hh'.Q....A us.. .a.P='. ......."}.b..Q.:... ...<)..C... ......c.....A.......R..`}:...j6.w....s.......Y.. ........& ...."..G3.@;..|m
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Coface-reports-a-positive-net-income-of-11.3m-for-the-second-quarter-2020-and-continues-to-implement-its-strategic-plan_news_home[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Delocalisation-de-la-production-post-pandemique-une-opportunite-pour-les-PECO_news_home[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 326 x 207, 8-bit/color RGBA, non-interlaced
Size (bytes): 66596
Entropy (8bit): 7.9892920721280305
Encrypted: false
MD5: 12FC887EF3722281693F0F7158F15462
SHA1: 328D38B480B1DAE762A6C7F47AD0FDD4290A9EF1
SHA-256: 3FD9443F2E0235A4EE4D44ACD242C1BF3851E79C6F686818DE12C6AB682425A0
SHA-512: ADE12ECDA7A2AF7C6CB41C59B054440C302B2340E6ECD4987EC695134005A6F1B4A1D847C11D6B59883ADB668E12699A983401992B7B87D1C7599B7D7F6193EC
Malicious: false
Reputation: low
Preview:.PNG........IHDR...F...........xT....IDATx..w.mgU..}.,..r..'=.....EjP..DE,p...Q.X..AQ.QAT,.W.^..HI.....N.....,o.....>!.P...>.;..N...5...9.3.....?...w................W..H).B". ......(XZ9H..cvv...!.S!...4.#..AI.|k1W4.....L..Arhi?.j.S..E.d..'/.....f.sO..=.D6.Y<p.G.^....8|l...s..*..+.Ktfz.8c..w&.\[email protected]_.{.]..B..k~o.Z.1.....F.r_...:...g......$I..{y.[~.g<[email protected]..._.}][email protected].....#.k.s.......:..t...LR!.i..F.....q.._.D.W@ e.w?..o-..*..2..Q..K..k...([email protected](......t...9~...m.MU.S...:.b..X9r.&..uG...#..T.!.B.. .xqC.;.b...q..!.sr-6}IBl..w........l.Y|L@ h%m.r.....h...-..M.I*..F.Un.....k..#\w.~......9.i;w...>.......:.}....{..}.%<......lv.<.Y$.^.... ....W..-(.&....y}...`~.vd..z......w.....&.@+..u`-.....n.f......6m...v.Cl...!.b.C......U.u1.,...P....K..!..X[Q...e... !I{h.F0O.....$I....j..[. k.\...\..,!x..d.E>;..m...VcL.3?w.[....Q&eaa..[w2...$0J!A.{........!...%.?a....k.i....w.o. .y.....4(!....|.3.{8.{.x.R....f....q.....
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Delocalisation-de-la-production-post-pandemique-une-opportunite-pour-les-pays-d-Europe-Centrale-et-Orientale_publication_home[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 120 x 79, 8-bit/color RGB, non-interlaced
Size (bytes): 21636
Entropy (8bit): 7.974026233031314
Encrypted: false
MD5: 468D5D42CD63E7FE9035609AAFDE1300
SHA1: 6B5828ECEF6FC04559BDB590BCBF64D4D2B3F844
SHA-256: ABE1071B125FCD3DCF36DF502E83A1AE406CA4BE40C3272578CEA51EC3F6C841
SHA-512: AA02F4883589272C94AB0BC7A19386437850893522DED4BC80205549AF64326593BB058EE6DC4912B8DEADDDB827A940367D066562D3F63FA4FAC7D3D569AACC
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/var/cofaweb/storage/images/common/publication-database/post-pandemic-production-relocation-an-opportunity-for-cee-countries/3033005-2-fre-FR/Delocalisation-de-la-production-post-pandemique-une-opportunite-pour-les-pays-d-Europe-Centrale-et-Orientale_publication_home.png
Preview:.PNG........IHDR...x...O......y....TKIDATx..e.e.u...6.>.....%..,K&.d.t.(v..$...N|..8ff.Q.-..f$.4.=.3.p.7.~?z..M.....__..g...}.Z..[..Z.......o..7......L.v.a...J.1mJ.....5T.%.N8...)B..;.BXk....w........'+.4....c[6.f...o.Z..]>..}.~..0t...o."F...z..<QJ...de.....#{...8....H(...Zi....4..L.....Z!LA...h.M..b.....m..g.F....R..\#..)...M)..;r~.4...4...$..... .HK.....W.*B.Y..`.1...^*...;.Ki..]IP..P.PJ.+...!B.jj...h.g*.'S.TJi..~.2...A...?.._H$..6lz.-/Z.......e......".H.8.T.......92..L..).!.....a.......0..0.H....vm).;Jr...2`...1J.k.D6.....9...P .czq........Ex.%.DP&..ZK%1.w.......~...V:..5..=...?.....7..%.a...+.._....~gS..Ya<.U...F.g.Z.....C!..a..y.c...H%...XJ*..q..N....b..a..oR...:B!.[.Mw.,.I%.d&...ZZ^.Y=..S0-W...._.h.Zq......R+...b.Z........J....G..~.w..}..vn..<..w~...z.....7....q.R..(.'.....w=....1?h*..VZk...E.......b...j.......=..=...f.w$.58.f.p.30.7...".U.Z.~.@z`h.m.k..V.F:....#.cE@.@[email protected]...\... ..<...}.m........A...........7..9.......m....
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Enquete-sur-les-paiements-des-entreprises-en-Asie-en-2020-une-reprise-naissante-coupee-dans-son-elan-par-le-COVID-19_news_home[1].png
Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 326 x 207, 8-bit/color RGB, non-interlaced
Size (bytes): 98876
Entropy (8bit): 7.994275046716991
Encrypted: true
MD5: 3AB4F15280423D9D31EE8230D5B77498
SHA1: 730D3D822B5DBEEFAC750EBBCB1A652126F2CC47
SHA-256: C9213D155844817D9AA169B0D621793D3A44ED0817604C1EF1B917E131180BAB
SHA-512: EFA9FD4B474A96F8DD55E6D7B1EAB9CD6D2C75B0F23F0BF254B004A0B9E6833CE9DDE4932CC8900D87E03C85D289445EE7092D24995E2C75DB2F8DB3E8336BCF
Copyright null 2020 Page 35 of 111
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/var/cofaweb/storage/images/corporate/news-publications/news/asia-corporate-payment-survey-2020-covid-19-will-overturn-last-year-s-incipient-recovery/3023288-10-fre-FR/Enquete-sur-les-paiements-des-entreprises-en-Asie-en-2020-une-reprise-naissante-coupee-dans-son-elan-par-le-COVID-19_news_home.png
Preview:.PNG........IHDR...F..........}......IDATx...Y.m.v......*vq.[....cM.......R....#.G`'H.8...|....@.$?F...q..#.d!.A`..Rl..(.0I.b!J||.#..[.{..g...s..[>.k.}.}...h..o...Z{.9G.Zo.u..............|E....G.$I.... 8........|..w<>....H.....%.o.&...[?..?.....c8?A.....8 ....".....^..Ql.wk..u....O~X/......k#rN.~.y..}.}s.w;}q..7.b......@.\...D.."..#.. %.gW.x....w.G|....7..4.....9..r._z..~..M..?.....6...a:[email protected]!...]....([email protected]{J...-..a....`@[email protected] .i.....A$2...X.@...,.5..!.M.5.~mu....vU.m...-$.0.LC.xQ.f4..]..>c7...1...M...~.........b.%!..`.!..JA..O....O..r..D....~(.*[email protected]?"!}.7.fc.cS........k..tL'.:.....e.K..*~f2.,8...-.O...Z..uM..5U. .a..;.....u..e..V..!......t.....Dpz.'g..|.o...._4#.O.J{>Zr..v~3..#J.T.G?........."...hd.,..R.J.....tN..b..N.!D`al.|..}Ar.,.z.CR..5.....b.q..3[D.k<....FwH..@....+.rI..1;.f[)..<...$.4..a..I..T...@T.&....;A......I.'..f..\..k[6.nl.C..`...?...u3.e.w.....R......&...np
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Enquete-sur-les-paiements-des-entreprises-en-Asie-en-2020-une-reprise-naissante-coupee-dans-son-elan-par-le-COVID-19_news_home[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Etats-Unis-des-faillites-d-entreprises-a-deux-vitesses_news_home[1].png
Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 326 x 207, 8-bit/color RGBA, non-interlaced
Size (bytes): 124312
Entropy (8bit): 7.993492313885534
Encrypted: true
MD5: FD088D6DA2DA5756B30545D6C86D6998
SHA1: B6EF4ACE53CF1EAEC155D539171F4BB83F49B7E5
SHA-256: 09560F52DA0F24B1A5313C3ADB4BFDC72F0ED64DBD237C3ECEB1FBD0605C699F
SHA-512: 2EB515E490E6D464ADE5A61182B7BF7DE563E5222E0666AF90DF874223D3B7D22305CF7D4DEE6A5B7E25FF3FD2B54F8F05D2D02A56D868C7B88D16E8AB9A8C70
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/var/cofaweb/storage/images/corporate/news-publications/news/united-states-two-speed-business-bankruptcies/3027641-9-fre-FR/Etats-Unis-des-faillites-d-entreprises-a-deux-vitesses_news_home.png
Preview:.PNG........IHDR...F...........xT....IDATx.....e.].......t.f.\..`M.%[..ll.1..!.'.4I..t....N?.^...'I.{%[email protected]...........!w...U*.{.>{....{........o_...}.....5.....N....0.8.T.)@K.....<.x.....z.?r...K...Yc..3.J...9.-.0..Q[..OQ..G#..&o.ig-.4E*...c,.1dY..., ....+....^. .".........:..nS..[[.l.lc.E'.C.Wy..._"HA.%.;=..v.H.....e.`[email protected]..$Z#....T..d...y.....;\.~.n.9.....%x.>@.$R...%QR"........H.B..R...<..B.|@..@..{O.0.N8......=..Tk.V...! ...P...."......".........?.!.. 5......6.p.1...m.|....y.z.ktZ]...~..........V..%Rj.w..#.r.v'.O<.L...{.o.t.aQ2.K...`{k.x2...8....c..j......2.....C.y..9.<..~.5^.z..~..........9....$G.....g.JR.Go....q..y.aLM.,Zi.T.....W0U.A`l..+<...YY^A.....8o......n.^.....d2agc.[..yg..`qn...ef...B+E.4..s8...$.V.4Iq.Q...;...G...........65:Q.=x.........tz.$.9..`L......X.....:......JH..,......L........v:d:ao8.....vI..".|.X.....Y..h4.?....3....h....i.2..TuA..... @]..Yr>..R(.QR`.AJA.$t.......vJ7SH..{......./..,/.7.....|.Q..S...
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\L-offre-Coface_menu_portrait[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 231 x 394, 8-bit/color RGB, non-interlaced
Size (bytes): 77724
Entropy (8bit): 7.981309147341207
Encrypted: false
MD5: 966A9501ED23F7DE23738BC24479625B
SHA1: CD9BA55C21FBEC2602C577465F9D788A68B81244
SHA-256: D910123951B6D7F52C843B129DEDE2EC652CE32DB48701D0473985E2DBEC9E4A
SHA-512: 619BF0130B7A36285102CB5EF66134B7982E7FA6E6CCA296E03CA9E95600AA2692B825E9BF68613F06725D7EF075A026B5E5BC27CAF8857CA7E04DB8CC1615FD
Malicious: false
Reputation: low
IE Cache URL: www.coface.ma/var/cofaweb/storage/images/ara-ma/our-offer/422689-24-fre-FR/L-offre-Coface_menu_portrait.png
Preview:.PNG........IHDR.............x..G....IDATx...w.l.u......'U.....r....H.. A.. ..(Q.h..72.`..o>..flY#.#}..X.IS.. . ..t@.^..o.....?.9Uu_7H.........v.S.N...k..[..623..w..j........wQ{w...]...o.q..w..o.E.....wQ{w...]...o.q..w..o.E.....wQ{w...]...o.q..w..o.E.....wQ{w...]...o.q..w..o...'..t.x)^..8....~...?......n../...p.F........w...X.^../n...w|.v.;......$....Jpdi.Y-....q......N.4..=0........^..>j...o.\z...v..?............^.tss.%D.2....>..'.\.k..-.Q............~.}....|......;...Z..v...W......y83.F.........x.....?..+....=..?...G....;[...r.a............?.{.,..........2j.[....9...;VD..#....}.kO.p.g..{.....mT.)Rm.u..g^.....J....X......S..=rdiN.Q.........6.......O.Z%...4.....s.s..<x...l...d.w?...|....N.._~......*......y...3..77........../>../}.sO<xj}.......5..[......}...\.......~...u.....G...c...........ka...7?...?......c.;....T....[.m.GN....@.......=0..O...~.|k..?..W^x...........'.w.?...VK.C...x.F.Z>uh.......Y.g.,..y....`...z..0.?..K.._.\...a.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\NewErrorPageTemplate[1]Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size (bytes): 1612
Entropy (8bit): 4.869554560514657
Encrypted: false
MD5: DFEABDE84792228093A5A270352395B6
SHA1: E41258C9576721025926326F76063C2305586F76
SHA-256: 77B138AB5D0A90FF04648C26ADDD5E414CC178165E3B54A4CB3739DA0F58E075
SHA-512: E256F603E67335151BB709294749794E2E3085F4063C623461A0B3DECBCCA8E620807B707EC9BCBE36DCD7D639C55753DA0495BE85B4AE5FB6BFC52AB4B284FD
Malicious: false
Reputation: low
Copyright null 2020 Page 36 of 111
Preview:.body..{.. background-repeat: repeat-x;.. background-color: white;.. font-family: "Segoe UI", "verdana", "arial";.. margin: 0em;.. color: #1f1f1f;..}.....mainContent..{.. margin-top:80px;.. width: 700px;.. margin-left: 120px;.. margin-right: 120px;..}.....title..{.. color: #54b0f7;.. font-size: 36px;.. font-weight: 300;.. line-height: 40px;.. margin-bottom: 24px;.. font-family: "Segoe UI", "verdana";.. position: relative;..}.....errorExplanation..{.. color: #000000;.. font-size: 12pt;.. font-family: "Segoe UI", "verdana", "arial";.. text-decoration: none;..}.....taskSection..{.. margin-top: 20px;.. margin-bottom: 28px;.. position: relative; ..}.....tasks..{.. color: #000000;.. font-family: "Segoe UI", "verdana";.. font-weight:200;.. font-size: 12pt;..}....li..{.. margin-top: 8px;..}.....diagnoseButton..{.. outline: none;.. font-size: 9pt;..}.....launchInternetOptionsButton..{.. outline: none;
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\NewErrorPageTemplate[1]
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Post-pandemic-production-relocation-an-opportunity-for-CEE-countries_news_home[1].png
Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 326 x 207, 8-bit/color RGBA, non-interlaced
Size (bytes): 145291
Entropy (8bit): 7.990603795561081
Encrypted: true
MD5: 22D438448129F4CDB3C673AB424EC0D5
SHA1: 883E1662E64BCB0D24BE04EB3B58DE360CECFB3C
SHA-256: CA382DA19C92C9C63C3E0E2F2714167AB304B30967755584C6A326F1BBFE6AB8
SHA-512: 8857F8944273B33F43B48DD2976AFC631D380B30212AA64AE7980F92915D7A5ABDBAC522BB2069D5200DF93AFBA72E15A474AAE13B696863B260BFC957E80E65
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/var/cofaweb/storage/images/common/news-database/post-pandemic-production-relocation-an-opportunity-for-cee-countries3/3031982-1-eng-US/Post-pandemic-production-relocation-an-opportunity-for-CEE-countries_news_home.png
Preview:.PNG........IHDR...F...........xT....IDATx..w.mgU..}.,..r..'=.....EjP..DE,p...Q.X..AQ.QAT,.W.^..HI.....N.....,o.....>!.P...>.;..N...5...9.3.....?...w................W..H).B". ......(XZ9H..cvv...!.S!...4.#..AI.|k1W4.....L..Arhi?.j.S..E.d..'/.....f.sO..=.D6.Y<p.G.^....8|l...s..*..+.Ktfz.8c..w&.\[email protected]_.{.]..B..k~o.Z.1.....F.r_...:...g......$I..{y.[~.g<[email protected]..._.}][email protected].....#.k.s.......:..t...LR!.i..F.....q.._.D.W@ e.w?..o-..*..2..Q..K..k...([email protected](......t...9~...m.MU.S...:.b..X9r.&..uG...#..T.!.B.. .xqC.;.b...q..!.sr-6}IBl..w........l.Y|L@ h%m.r.....h...-..M.I*..F.Un.....k..#\w.~......9.i;w...>.......:.}....{..}.%<......lv.<.Y$.^.... ....W..-(.&....y}...`~.vd..z......w.....&.@+..u`-.....n.f......6m...v.Cl...!.b.C......U.u1.,...P....K..!..X[Q...e... !I{h.F0O.....$I....j..[. k.\...\..,!x..d.E>;..m...VcL.3?w.[....Q&eaa..[w2...$0J!A.{........!...%.?a....k.i....w.o. .y.....4(!....|.3.{8.{.x.R....f....q.....
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\TRANSPORT-MONDIAL-QUE-RESERVE-L-AVENIR-AU-DELA-DU-COVID-19_news_home[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 326 x 207, 8-bit/color RGBA, non-interlaced
Size (bytes): 84318
Entropy (8bit): 7.98947964057561
Encrypted: false
MD5: 25F462BB9AEF46E38499525FF6846277
SHA1: 2E8D640D919CAF02E515841FC2DBD6CF8EA4784C
SHA-256: 265CB5874AEE08B3B36A64B7E63A58BE026A5D8E4E22A967FF2BCF60BE6637FF
SHA-512: CC757691DB704BBBE9FD20397DE9ACA31BB56DD15B07A84019B6112ABF6CD33A3B6D1BA40E9B8962045DA8EFB88552DF0213EC615FD6CF111AC25A91BE1AEEE8
Malicious: false
Reputation: low
Preview:.PNG........IHDR...F...........xT....IDATx...y.-.u.....g..o.j.'...f.....D... .r3Z.w[n.-;..#:B.....n.eE.jIl.)..!p.H.....Q.j..W...w......k..<..7.?.d..{.9y2w..Z............?.......8..../n./}.....g.|n.A.R.[Yg.9.......x.}....5...'y..w..w.u....,c{2%...B........4..x4.F.'.B......G..b.s......>~[n...o.....k<.c.s.m7...G..^...>.|_.......W.;.O..G..]...........U..<..V.O@)y])..d....o=.w?.m....37g9ub....^).6..A).J.c......bPd.t.a....p...........U4!P{....4....`..N....._H...%.PA...<_........x..7...#,.X"x._B ./R.19/>.......U..8...w..U>.Ph...N%s.(.V..5...k....}....'.........L.k....:.....v.......3..m...W.."S.8.QJ....."[email protected];.A.6.P.4...1V...<7......-....7^{..:...i..]R.....D...X......!s......p....@il...#...W../.=.y.ox..Wx..9pl?o}.}.+.<..3<.......V.o0(2..:.l..|>`ia.bn.1.t.h.A.j....a..En...7.|.c7........u]..9..4%.=../=y.SX...{...Q.S8...L;..>......>......./.......r.}7..?.6.....U`X.(..`@..|...y.....>...3.d.".P..r.M..K.0...C@...,:.;.Rt..P
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\United-States-Two-speed-business-bankruptcies_publication_home[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 120 x 79, 8-bit/color RGBA, non-interlaced
Size (bytes): 21503
Entropy (8bit): 7.9727112660511565
Encrypted: false
MD5: F380544337397418156118C7CD1AC293
SHA1: FD2C16487F2B3D0B262B0F0E5DDB32FC4755BFBE
SHA-256: 02EF7849C079AEEBF441336E0700A06FBD0792A754B31B368253067975DDC794
SHA-512: 4331C58FDCACA2D5BE942B8C51AAC0028F9721B33188DC06F5C4723DF4E0CBEDF246A5A88CCC099219FD3BB9EBB1F8D62D44AFFA34FDC6BCADF19100ECC5CA3B
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/var/cofaweb/storage/images/corporate/news-publications/publications/united-states-two-speed-business-bankruptcies/3027446-1-eng-US/United-States-Two-speed-business-bankruptcies_publication_home.png
Preview:.PNG........IHDR...x...O..... .....S.IDATx..w.dWu..;..[.s..$.(...I..M2.dl.1...c....m...&.....c2&[email protected](.Q.<..9T...s....~..ju.tW.{.N.~.s.....z..H..8VV......g.....5..5~y`..k.JB.^.V.QX..U.N....{....Ff.Mq.l.....n........4g.....+.9|.^.Gs...I:..+.m.k].)h..TG[.@....*K.....V.CGf..x.^.c..^..Cpd..S.8.....y.;....5.?u.7.q......1..c.._=.]..;...^.9O......G_B#.|.._p.K.M=...o./xE.'.\X...zyA7O........&/..Tb..Fq^`.E.Inr..z..D....L.....4.cmA\.R.T.v{....)..R.. ...X.s..<J*.Rh.I...E.E.1.c.EQ..XQ..LO.a.$.3l.CQx..H+"-..<.)...()..#.@Hx..{...;.y.~...s...|...o.T.F.S.#.m..7..I..}n.{...5..f..-.]1.k.....Rb.E).."....j....G...S.{.1~r.].ZU..x..O....;...K\p.6.......o....v..O..t3...3ZI......g.V..G94..={.Qo5.q...>.{....=."..A..B..Rxcq.b.H....P8C.g8gH.5.0.zE.\......w.........@+.V..8.1....Z..H/..I=NhU*(....>\..XI..H....F.....E...!g.....g4..t...Q.....X.....L.2.(.G[d^...q.i'.uSn..N~.;8z.8BIv.....>.-....wX.t..b..5...3=)......x..Z...>......o.e.V%I"n?4....s..sg.....iM..}..c/9.......v..ub.
Copyright null 2020 Page 37 of 111
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\arrow_close[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size (bytes): 339
Entropy (8bit): 6.739780906108176
Encrypted: false
MD5: F34D286E8059DC5690E750F9F5909714
SHA1: F71ADD7F3067295F0AB5BE4AD0A574522DEE0FB7
SHA-256: 5DD3B0689EF71FD89318F96120A4FD4F64F01434C6AD56759A9110C98E38F880
SHA-512: 2B97F1498C0D7F32346B046D6D6A580E039EB2B604CFC41BB0B1C2E9D56E07B167D70B2D5B73BBF6826761550B17A619075325FB7889C41BA9F36D4796B6BF13
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/extension/cofaweb/design/cofaweb/images/icons/arrow_close.png
Preview:.PNG........IHDR................a....pHYs................ cHRM..z%..............u0...`..:....o._.F....IDATx..AJC1............ .P*..... ...P(..b.....3.K2...L......a...8...S........n.n..p.i......._.....*.Q$.......,yK...qU.]..*.f.+fi...K(c..b..M-1.t.<I.....tb`T.....j.8...U%1....%.,..8.g!.eI4.{%..F.&....<XN....f....IEND.B`.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\band_blue_bg[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 12 x 25, 8-bit/color RGB, non-interlaced
Size (bytes): 1262
Entropy (8bit): 6.363678660919172
Encrypted: false
MD5: C1928B0D154B783C8406CBC7D0F85D4F
SHA1: 91AF815A517DD413B859E5BEEFE8CFA6C6E2CCDC
SHA-256: AD337C8BD9E9224813427F743E77D82AFF3BB827214B7783A90618939E36557C
SHA-512: B751BE9D05D817249B10009EE9FDB519A0E41647E345D600A0D65D627452294CF8B7C9F584D766BA633BBA04C68B669655CC8178D8097D6CD3A9F5B366B44740
Malicious: false
Reputation: low
IE Cache URL: www.coface.ma/extension/cofaweb/design/cofaweb/images/bg/band_blue_bg.png
Preview:.PNG........IHDR...............X.....tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:C8D6E0B708206811B840FD8E990F909F" xmpMM:DocumentID="xmp.did:A07634C1114411E29521FD49640E01B8" xmpMM:InstanceID="xmp.iid:A07634C0114411E29521FD49640E01B8" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:058011740720681199F4EAB7AB17FD55" stRef:documentID="uuid:2BC9D25E6FEFE111A27EB01A4CC61282"/> </rdf:Description> </rdf:RDF> </x:xmpm
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\border_countries[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 2 x 16, 8-bit/color RGB, non-interlaced
Size (bytes): 1089
Entropy (8bit): 5.883659029327331
Encrypted: false
MD5: 14959C64D10667CB17303A21E0A97BB2
SHA1: 891A1696980A36DF36087765D9AFC06FD453C119
SHA-256: 3F42E9FFDCDF0F92459A7A92E4C1C16C252C3669770B580022D7C317BDFA6863
SHA-512: 73F2FACEA6641AA283D1049C254A4C25BB5D3B238C65B7CCEA1DF16F34DD90F3707FB035E359C95794B1668358333BC5AA9A3D28F668CB7F68FAC8A1F4C4E81B
Malicious: false
Reputation: low
IE Cache URL: www.coface.ma/extension/cofaweb/design/cofaweb/images/bg/border_countries.png
Preview:.PNG........IHDR...............9.....tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:C8D6E0B708206811B840FD8E990F909F" xmpMM:DocumentID="xmp.did:6B41C559116011E29B32DE6709D2CF02" xmpMM:InstanceID="xmp.iid:6B41C558116011E29B32DE6709D2CF02" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:058011740720681199F4EAB7AB17FD55" stRef:documentID="uuid:2BC9D25E6FEFE111A27EB01A4CC61282"/> </rdf:Description> </rdf:RDF> </x:xmpm
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\co_medium[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 120 x 70, 8-bit/color RGBA, non-interlaced
Size (bytes): 3039
Entropy (8bit): 7.863014993304458
Encrypted: false
MD5: 5C768A5E8B799FDFA0EA50FC30B17F57
SHA1: 66704D38257D24E7F9BC3780C5533DCB4A8D9DD2
Copyright null 2020 Page 38 of 111
SHA-256: 26E6519B807D87DA6E253AB19E7D42D3EB5A3E63CC8BB0A6E7D623408CA7F07F
SHA-512: 8CB28796A0D9A67A13660AD6A9707658247D615B8E06570E44495AF2B62CB4EA73390D5669337EC809DDAF454C32E69327A816F76F50C949CC9DBCBFF23BA7B4
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/var/cofaweb/storage/images/media/images/co_medium2/1278917-1-fre-FR/co_medium.png
Preview:.PNG........IHDR...x...F.......P.....bKGD.......C......pHYs...H...H.F.k>....vpAg...x...F.T..&....IDATx..y.TG...3;.........,An....BP1D*...x.Wi..).1...DB%`L4.&&[email protected].)@B..#.Y.+K.cwgv.?.7.....7o...UMm.~...{.........8L.P.....C.Z..V.../.....9..8.....G.....Y}[email protected]}Z..{.........j........6.%U".C...L.n.....<......-.f.E..n&..j.z.VI|.3.D..{.x....y..A)0.(.{.t..|...Q.?...Gz.p.H........U2.PUOM D[.2E.M..M...|.8.l...68.6.._K.{.2..p`)..X...l....n..F....v7U..1....X..e.....4..........;1..Z%..p)..i..F.sI.2z<....7.r(...g"/M...x.x..M\AU.S...nDQ.k..i...d..c*...\1#y..\.......Q...|;.....q....p.Q.Z..d..A....=(...|...x..&....Q.(.B.=y...L.G.8..g..o.yy.0...2.[.F=+......f......0..q.-]...Q..)>.$`.p3)z..%."dn...*@._..#....J}..KnD..F=..(q*K."....g....h....Tw+p>.g..c........G`9".L(B.].........hio...+...H,...Jd... 0..<p'....y....}.b.<.Y..@F@SR......!....2.....7.w..A..a....$.p.....9.0..4. 2.>.y..........x.p.f>..Egm6*.....y.U9.<....p.]..S..>.t....L)..[...i.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\co_medium[1].png
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\content_texture[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size (bytes): 1075
Entropy (8bit): 5.785672529111039
Encrypted: false
MD5: 5EC24D594B5BC6706E3BF4F4D6713341
SHA1: 56C8B4E60A4B138640A90BF10BD2543712FD4E74
SHA-256: 747528C6D11B84E28E33E8E8C1EB70DA6BCF5A253EF9E85222792762BFF33BCB
SHA-512: 7F936937D6B5C7AD490E724AD70D965EE07152F8BFBAE85D1E9C7B42A0EA27F8C3EB3A482E5FF8B7DABDCEBBC83834714C47171C08322149557BF50294FE052F
Malicious: false
Reputation: low
IE Cache URL: www.coface.ma/extension/cofaweb/design/cofaweb/images/bg/content_texture.png
Preview:.PNG........IHDR...............s....tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:C8D6E0B708206811B840FD8E990F909F" xmpMM:DocumentID="xmp.did:A180F4D3114411E29521FD49640E01B8" xmpMM:InstanceID="xmp.iid:A180F4D2114411E29521FD49640E01B8" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:058011740720681199F4EAB7AB17FD55" stRef:documentID="uuid:2BC9D25E6FEFE111A27EB01A4CC61282"/> </rdf:Description> </rdf:RDF> </x:xmpm
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\country_select[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 13 x 12, 8-bit/color RGB, non-interlaced
Size (bytes): 1198
Entropy (8bit): 6.185484884761211
Encrypted: false
MD5: 747060F0E8B4BC6B6373DD58DCA5B0CF
SHA1: 48ED8734C863580AD2C6860EAB5A2BED1DE13DE7
SHA-256: FACBA703DF99C3963B5D61704B2A7C9A7365371EC563F849213F0B9A75294AB9
SHA-512: 87BE2F21CCB1A9F93A216CBA0869AA827F8FDC1109426B90BA7342A5C35E31227B44C0CAA9C61712352297B88EC511ED9F22B8B35E86EF8DC703E98095755E59
Malicious: false
Reputation: low
IE Cache URL: www.coface.ma/extension/cofaweb/design/cofaweb/images/icons/country_select.png
Preview:.PNG........IHDR.............6......tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:C8D6E0B708206811B840FD8E990F909F" xmpMM:DocumentID="xmp.did:A0C679A8114411E29521FD49640E01B8" xmpMM:InstanceID="xmp.iid:A0C679A7114411E29521FD49640E01B8" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:058011740720681199F4EAB7AB17FD55" stRef:documentID="uuid:2BC9D25E6FEFE111A27EB01A4CC61282"/> </rdf:Description> </rdf:RDF> </x:xmpm
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\dnserror[1]Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size (bytes): 2997
Entropy (8bit): 4.4885437940628465
Encrypted: false
MD5: 2DC61EB461DA1436F5D22BCE51425660
SHA1: E1B79BCAB0F073868079D807FAEC669596DC46C1
SHA-256: ACDEB4966289B6CE46ECC879531F85E9C6F94B718AAB521D38E2E00F7F7F7993
SHA-512: A88BECB4FBDDC5AFC55E4DC0135AF714A3EEC4A63810AE5A989F2CECB824A686165D3CEDB8CBD8F35C7E5B9F4136C29DEA32736AABB451FE8088B978B493AC6D
Malicious: false
Reputation: low
Copyright null 2020 Page 39 of 111
Preview:.<!DOCTYPE HTML>..<html>.. <head>.. <link rel="stylesheet" type="text/css" href="NewErrorPageTemplate.css" >.. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.. <title>Can’t reach this page</title>.. <script src="errorPageStrings.js" language="javascript" type="text/javascript">.. </script>.. <script src="httpErrorPagesScripts.js" language="javascript" type="text/javascript">.. </script>.. </head>.... <body onLoad="getInfo(); initMoreInfo('infoBlockID');">.. <div id="contentContainer" class="mainContent">.. <div id="mainTitle" class="title">Can’t reach this page</div>.. <div class="taskSection" id="taskSection">.. <ul id="cantDisplayTasks" class="tasks">.. <li id="task1-1">Make sure the web address <span id="webpage" class="webpageURL"></span>is correct</li>.. <li id="task1-2">Search for this site on Bing</li>..
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\dnserror[1]
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\down[1]Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 15 x 15, 8-bit colormap, non-interlaced
Size (bytes): 1496
Entropy (8bit): 7.249606135668305
Encrypted: false
MD5: D86D65C9C03C6696B6FAE4916E60D34C
SHA1: 40C0C486CCEA1A0E5E09D66BCE1A89FF257119BF
SHA-256: 6BA4914CFDA51106B82FA239C69920E64C53422AE8EE30B469045395110564A6
SHA-512: 0A76905CCE651D50C0E81B62F2B7E3F56831D6F63847F16AF89835A70E956796D59780C77E066FECB701FCAC6B3A493CAAFBDE1F00022D76F8B635B3E0E3B80F
Malicious: false
Reputation: low
IE Cache URL: res://ieframe.dll/down.png
Preview:.PNG........IHDR...............ex....PLTE....W..W..W..W..W..W..W..W..W..W..W..W..W.U..............W..W.!Y.#Z.$\.'].<r.=s.P..Q..Q..U..o..p..r..x..z..~.............................................b.............................................................................................................................................................................................................$..s...7tRNS.a.o(,.s....e......q*...................................F.Z....IDATx^%[email protected].?|;.y..S....F.t...,.......D.>..LpX=f.M...H4........=...=..xy.[h..7....7.....<.q.kH....#+....I..z.....'.ksC...X<.+..J>....%3BmqaV...h..Z._.:<.Y_jG...vN^.<>[email protected]....?...1D.m~)s8..&....IEND.B`..PNG........IHDR...............ex....PLTE....W..W..W..W..W..W..W..W..W..W..W..W..W.U..............W..W.!Y.#Z.$\.'].<r.=s.P..Q..Q..U..o..p..r..x..z..~.............................................b.....................................
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\errorPageStrings[1]Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size (bytes): 4720
Entropy (8bit): 5.164796203267696
Encrypted: false
MD5: D65EC06F21C379C87040B83CC1ABAC6B
SHA1: 208D0A0BB775661758394BE7E4AFB18357E46C8B
SHA-256: A1270E90CEA31B46432EC44731BF4400D22B38EB2855326BF934FE8F1B169A4F
SHA-512: 8A166D26B49A5D95AEA49BC649E5EA58786A2191F4D2ADAC6F5FBB7523940CE4482D6A2502AA870A931224F215CB2010A8C9B99A2C1820150E4D365CAB28299E
Malicious: false
Reputation: low
Preview:.//Split out for localization...var L_GOBACK_TEXT = "Go back to the previous page.";..var L_REFRESH_TEXT = "Refresh the page.";..var L_MOREINFO_TEXT = "More information";..var L_OFFLINE_USERS_TEXT = "For offline users";..var L_RELOAD_TEXT = "Retype the address.";..var L_HIDE_HOTKEYS_TEXT = "Hide tab shortcuts";..var L_SHOW_HOTKEYS_TEXT = "Show more tab shortcuts";..var L_CONNECTION_OFF_TEXT = "You are not connected to the Internet. Check your Internet connection.";..var L_CONNECTION_ON_TEXT = "It appears you are connected to the Internet, but you might want to try to reconnect to the Internet.";....//used by invalidcert.js and hstscerterror.js..var L_CertUnknownCA_TEXT = "Your PC doesn\u2019t trust this website\u2019s security certificate.";..var L_CertExpired_TEXT = "The website\u2019s security certificate is not yet valid or has expired.";..var L_CertCNMismatch_TEXT = "The hostname in the website\u2019s security certificate differs from the website you are trying to visit.";..var L
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\f6228d16738b99e3fb9bbbd73c0e169a_all[1].cssProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text, with very long lines
Size (bytes): 266508
Entropy (8bit): 5.247297660873313
Encrypted: false
MD5: EF553557CCC30809469B2EA57C9F37DA
SHA1: FBA20CB395CEADE375B1A0C52E8667A709CF2901
SHA-256: BD9E375F6A53545C4A372B403188B3FBFADD4EF5F988A8C6D7F09CC6F34BC3AE
SHA-512: CF3FDEAF6187A96CF464CF49B5FA9DC1F68AA8F819FB04D29FF3DD1AFA66103D9C84D53864247C53AA116337B4733E6406BF9E0415F9A528959BCA13D0743D89
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/var/cofaweb/cache/public/stylesheets/f6228d16738b99e3fb9bbbd73c0e169a_all.css
Preview:.@media screen and (max-width:1024px) {#main_wrapper{width:1024px}#main_wrapper #slider-head{margin:0 0 0 -288px;width:1024px;float:right}#main_wrapper #slider-head div.slide_wrapper{width:1024px}}@media screen and (min-width:1024px) {#main_wrapper{width:1024px;margin:0 auto}#main_wrapper #slider-head{margin:0 0 0 -288px;width:1600px}#main_wrapper #slider-head div.slide_wrapper{width:1024px}}@media screen and (min-width:1600px) {#main_wrapper{width:1600px;margin:0 auto}#main_wrapper #slider-head{margin:0;width:1600px}#main_wrapper #slider-head div.slide_wrapper{width:1600px}}body,div,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,form,fieldset,input,textarea,p,blockquote,th,td {margin:0;padding:0}body {background:#FFF;font-size:12px;font-family:Arial,Verdana,sans-serif}table {border-collapse:collapse;border-spacing:0}fieldset,img {border:0}#main_wrapper address,#main_wrapper caption,#main_wrapper cite,#main_wrapper code,#main_wrapper dfn,#main_wrapper em,#main_wrapper strong,#main_wrapper th,
Copyright null 2020 Page 40 of 111
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\group_bg[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced
Size (bytes): 154
Entropy (8bit): 4.888945336603169
Encrypted: false
MD5: 33E9AA368580FF37A95A4B692B63F6A3
SHA1: 8C693E5076E77DA959F03C56DA3C4A93BAC98713
SHA-256: 46F5E79694A93B87AEB6E5702CFB54A9183E6829099D85B79D948EDA88A82AF6
SHA-512: 4DC5906C59E9E7CBFAF66DF740B69524CB8BF606F1CF045F58E2CD3A428E42DD4403D791758FACC3939D15DBB1DA77AE8C8C90098E050989662F30B2A1081C50
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/extension/cofaweb/design/cofaweb/images/bg/group_bg.png
Preview:.PNG........IHDR.............r..$....pHYs................ cHRM..z%..............u0...`..:....o._.F... IDATx.bd``..l....l.................3.sd.....IEND.B`.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\httpErrorPagesScripts[1]Process: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size (bytes): 12105
Entropy (8bit): 5.451485481468043
Encrypted: false
MD5: 9234071287E637F85D721463C488704C
SHA1: CCA09B1E0FBA38BA29D3972ED8DCECEFDEF8C152
SHA-256: 65CC039890C7CEB927CE40F6F199D74E49B8058C3F8A6E22E8F916AD90EA8649
SHA-512: 87D691987E7A2F69AD8605F35F94241AB7E68AD4F55AD384F1F0D40DC59FFD1432C758123661EE39443D624C881B01DCD228A67AFB8700FE5E66FC794A6C0384
Malicious: false
Reputation: low
Preview:...function isExternalUrlSafeForNavigation(urlStr)..{..var regEx = new RegExp("^(http(s?)|ftp|file)://", "i");..return regEx.exec(urlStr);..}..function clickRefresh()..{..var location = window.location.href;..var poundIndex = location.indexOf('#');..if (poundIndex != -1 && poundIndex+1 < location.length && isExternalUrlSafeForNavigation(location.substring(poundIndex+1)))..{..window.location.replace(location.substring(poundIndex+1));..}..}..function navCancelInit()..{..var location = window.location.href;..var poundIndex = location.indexOf('#');..if (poundIndex != -1 && poundIndex+1 < location.length && isExternalUrlSafeForNavigation(location.substring(poundIndex+1)))..{..var bElement = document.createElement("A");..bElement.innerText = L_REFRESH_TEXT;..bElement.href = 'javascript:clickRefresh()';..navCancelContainer.appendChild(bElement);..}..else..{..var textNode = document.createTextNode(L_RELOAD_TEXT);..navCancelContainer.appendChild(textNode);..}..}..function getDisplayValue(elem
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\language[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: ASCII text
Size (bytes): 496
Entropy (8bit): 4.994190664604383
Encrypted: false
MD5: 7FB157E7BBB5A3252047F99CF87FAAAC
SHA1: 0659D62713C97944BA06906817A2D726B7B4A2E3
SHA-256: 1618EFE49BC6285761D4FA0FA17519D174BAE1EC902940AD446736CD525A7732
SHA-512: E6448CC58AC72642933B8E8EFE9080FAC0464B57C7EA77D9C2D895E7D1D5B76B684D6F266EE0D1D51531965618F1B773269F1854B6EBD842374A0A1761349011
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/cofaweb/language.js
Preview:.var cofaceMapLang = {.iframe_map_url : "/cofaweb/map",..map_title : "Coface Country Risk Assessment Map",..box : {..risk_country : "Country risk assessment",...business_environment : "Business Climate",...surveillance_since : "Under watch list since",...fast_country_profile : "Access the country data"..}};.var COUNTRY_COMPARE_URL = "/cofaweb/comparer";.var lang = {...'add' : "Add",....'add_country' : "Add a country",....'country_singular' : "Country",....'country_plurial' : "Countries"...};
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\layers.33f5b85045a5f2308467[1].jsProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: UTF-8 Unicode text, with very long lines, with no line terminators
Size (bytes): 269215
Entropy (8bit): 5.429169163548002
Encrypted: false
MD5: A50C94D82834B058CD5DE7AD18BC2B01
SHA1: 019C02590BC48D71DCA84FAB2A36E2AA662019AE
SHA-256: 137E41C449677DEB7C8DA3AFDE63FC781B095BB028F78B789BE44192E8E3F4BE
SHA-512: 7A4A977E0D5E1DE1BCD52EF26271DFF045926747C5072BD220A454DF3D4107454441BFA267AFEB7A0568E94873C7A3A219E066F9F6B9256A4CF433FF70FF029E
Malicious: false
Reputation: low
IE Cache URL: https://s7.addthis.com/static/layers.33f5b85045a5f2308467.js
Copyright null 2020 Page 41 of 111
Preview:atwpjp([216,210],{347:function(e,t){"use strict";e.exports=function(e,t){var a=t.replace(/\//g,"\\/").replace(/\./g,"\\.").replace(/\+/g,"\\+").replace(/\?/g,"\\?").replace(/\]/g,"\\]").replace(/\[/g,"\\[").replace(/\^/g,"\\^").replace(/\$/g,"\\$").replace(/\*+/g,".*?"),n="^"+a+"$";return new RegExp(n).test(e)||e===t}},359:function(e,t){"use strict";e.exports=function(e){return e.replace(/\s+/g,"").split("//").pop().split("#").shift().replace(/\/$/,"")}},360:function(e,t,a){"use strict";var n=a(5);e.exports=function(e){if(window.addthis_config&&window.addthis_config._forceClientMobile)return!1;var t=n("mob",e),a=t&&window.screen,i=a&&window.screen.availWidth?window.screen.availWidth:0,o=a&&window.screen.availHeight?window.screen.availHeight:0,r=!!t&&(i>o?o:i);return!!r&&r>767}},361:function(e,t,a){"use strict";var n=a(360),i=a(5);e.exports=function(e){return i("mob",e)&&!n(e)}},362:function(e,t){"use strict";e.exports=function(e,t,a){var n,i;if(e.some)return e.some(t,a);for(var o=0,r=e
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\layers.33f5b85045a5f2308467[1].js
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\logo_coface_2_1_1[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 170 x 62, 8-bit colormap, non-interlaced
Size (bytes): 4199
Entropy (8bit): 7.638698897725632
Encrypted: false
MD5: 3A0573D7EE5D6E79B56501FEDDC7621F
SHA1: 60DE12302FC2DFA51D709EFA61144459FD9C6106
SHA-256: 62E7A81B1192E8AEBD88487DD08DA1006C3573B113D731C4C77A1EE2989C1227
SHA-512: 9EAD84DCBF539224F6F4EB4955EAB139DCD43520CA59A33504644FC31400DD43A8B2D2C1AD4529865789DC665F6AB08497A150B10F2A28D43DCB55B9CD0E4C8E
Malicious: false
Reputation: low
IE Cache URL: www.coface.ma/extension/cofaweb/design/cofaweb/images/logo_coface_2_1_1.png
Preview:.PNG........IHDR.......>......_p.....tEXtSoftware.Adobe ImageReadyq.e<...&iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c111 79.158325, 2015/09/10-01:10:20 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2015 (Windows)" xmpMM:InstanceID="xmp.iid:F7FEE71CFAA511E7B463A54F1CC8A67B" xmpMM:DocumentID="xmp.did:F7FEE71DFAA511E7B463A54F1CC8A67B"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:F7FEE71AFAA511E7B463A54F1CC8A67B" stRef:documentID="xmp.did:F7FEE71BFAA511E7B463A54F1CC8A67B"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.C0.....PLTE\..........DY|...AVz...Qe..........;Qv)Aj........u.........Ma.\n.......................n~........
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\menu_bg[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 21 x 39, 8-bit colormap, non-interlaced
Size (bytes): 245
Entropy (8bit): 6.746009637168286
Encrypted: false
MD5: B89526734B8F1F112F30991912C24855
SHA1: B97938505D4128B3DA0C271E5F2DF65D3D979C21
SHA-256: DDD9A9E0EB2A4BB940E03B4854DAF1BE1D54C3EC986612451A4CE65B6CC37E9A
SHA-512: 25D6C0770E8360D20656E12DBFFB9D8D470D1CDE3CCD6EF706ADA4885E53D74ABC90EA1DFD52725EF40710D0D4B126CB7A878A3E7D9E5D7685A3D424052FEC1F
Malicious: false
Reputation: low
IE Cache URL: www.coface.ma/extension/cofaweb/design/cofaweb/images/bg/menu_bg.png
Preview:.PNG........IHDR.......'......{.....NPLTE...............................................................a.|&[email protected]....~.k...D;p.}s..pO...K..v..n....v.F{pO..m.}D.k.h7m...F;s.=......|.M+f.......IEND.B`.
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\more_green_generic[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
Size (bytes): 1186
Entropy (8bit): 6.166180318750447
Encrypted: false
MD5: 16275FB98972771056E1E7BB48F3C804
SHA1: 21C0A1FCE48A8B34B7FF9BD8CFB9C305362E172D
SHA-256: 05136AC7BD7B31D460EFA4891E60F9806C86DDEE53889E2C914623E3A704E5BF
SHA-512: 13F2BECACC9D8236FF80F30BC28FA8750B04927D3F713342A437344F488928EEE793712ADA32EBBB3FD966D09A41CD18F48CBD8AD7D82C9A60B67D99368DF69B
Malicious: false
Reputation: low
IE Cache URL: www.coface.ma/extension/cofaweb/design/cofaweb/images/icons/more_green_generic.png
Preview:.PNG........IHDR.............;.J....tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:C8D6E0B708206811B840FD8E990F909F" xmpMM:DocumentID="xmp.did:39FA2BD4121811E2AB74FEBDFB3FB6F3" xmpMM:InstanceID="xmp.iid:39FA2BD3121811E2AB74FEBDFB3FB6F3" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:058011740720681199F4EAB7AB17FD55" stRef:documentID="uuid:2BC9D25E6FEFE111A27EB01A4CC61282"/> </rdf:Description> </rdf:RDF> </x:xmpm
Copyright null 2020 Page 42 of 111
Static File Info
GeneralFile type: PDF document, version 1.7
Entropy (8bit): 7.516979213722378
TrID: Adobe Portable Document Format (5005/1) 100.00%
File name: Survey--Debt Accumulation and Business Reorganization.pdf
File size: 1483159
MD5: 97dbeafa60f839eca9135953d9cbf149
SHA1: 27a5c7e5624092d8179f66241397266708aee84f
SHA256: 29d4690a9de0ffbeef6f1242f512b6e8c602f09f39cddfb96f2fe1fc91a24f3f
SHA512: a5451f4101eb1efc3b35a8577d05acfe6caa86c3b3e7efda0733b81111887becd0dd2eb5366549785eabe7bfec67a0467928eb4beac4249eb5fdd5617f5ba9c3
SSDEEP: 24576:pUe03kpXtiPStrNzz8O6dhnALriRmmtRqxyyg7OPk8DYY:qSDJheqvkBtRnRWzEY
File Content Preview: %PDF-1.7.%......73 0 obj.<</Linearized 1/L 1483159/O 75/E 1009669/N 4/T 1481584/H [ 1196 580]>>.endobj. .xref..73 45..0000000016 00000 n..0000001776 00000 n..0000001960 00000 n..0000002523 00000 n..0000002978 00000 n..0000003626 00000 n..000000
File Icon
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\more_yellow_generic[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 15 x 14, 8-bit/color RGBA, non-interlaced
Size (bytes): 1228
Entropy (8bit): 6.305877372153416
Encrypted: false
MD5: 3E3C43DC93DA7CA4870189E310F54B94
SHA1: 131439712C271AA7E2FA58DC5010E225D8425F80
SHA-256: 72028AFB46149AFBA0C9A64B34EA066C7B5625B1FD92FA4FEFF018EB7F5829DF
SHA-512: BAE8360C0344148181CBFB753C7DFB54388AA1DC2B3727C7C362D4D283F1EDFEF270A07EBEC189EB9BCFF0E3EABC98F4D8C16B8D945DCBD7FFEB6AC460A6F7D5
Malicious: false
Reputation: low
IE Cache URL: www.coface.ma/extension/cofaweb/design/cofaweb/images/icons/more_yellow_generic.png
Preview:.PNG........IHDR...............F.....tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:C8D6E0B708206811B840FD8E990F909F" xmpMM:DocumentID="xmp.did:A0857767114411E29521FD49640E01B8" xmpMM:InstanceID="xmp.iid:A0857766114411E29521FD49640E01B8" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:058011740720681199F4EAB7AB17FD55" stRef:documentID="uuid:2BC9D25E6FEFE111A27EB01A4CC61282"/> </rdf:Description> </rdf:RDF> </x:xmpm
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\popin_bg[1].pngProcess: C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type: PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Size (bytes): 141
Entropy (8bit): 4.653297233031738
Encrypted: false
MD5: 34DD3F1CE491F18A8237EF81B95A9593
SHA1: 82EC710967E67A9CA3DE26633628AFF0D37B256A
SHA-256: 006CA455409AC5CB3CF23BBE70DCA45E049991067B29EDA09559655048458E22
SHA-512: 1C3041387206A9EA140B8AA5D13B52413572666B157D1183A6DD1E50DBC1C5653C13BDDBEDC500E512CA5A5D5C41ACA31AC4AA8BBF84B015A2702FF9BA1691D4
Malicious: false
Reputation: low
IE Cache URL: https://www.coface.com/extension/cofaweb/design/cofaweb/images/bg/popin_bg.png
Preview:.PNG........IHDR....................pHYs................ cHRM..z%..............u0...`..:....o._.F....IDATx.b```[email protected]`.
Copyright null 2020 Page 43 of 111
Icon Hash: 74ecccdcd4ccccf0
Network Port Distribution
Total Packets: 96
• 53 (DNS)
• 443 (HTTPS)
GeneralHeader: %PDF-1.7
Total Entropy: 7.516979
Total Bytes: 1483159
Stream Entropy: 7.527277
Stream Bytes: 1459845
Entropy outside Streams: 5.209729
Bytes outside Streams: 23314
Number of EOF found: 2
Bytes after EOF:
Name Count
obj 117
endobj 117
stream 52
endstream 52
xref 2
trailer 2
startxref 2
/Page 4
/Encrypt 0
/ObjStm 0
/URI 2
/JS 0
/JavaScript 0
/AA 0
/OpenAction 0
/AcroForm 0
/JBIG2Decode 0
/RichMedia 0
/Launch 0
/EmbeddedFile 0
Network Behavior
Static PDF Info
Keywords Statistics
Copyright null 2020 Page 44 of 111
Timestamp Source Port Dest Port Source IP Dest IP
Aug 20, 2020 21:55:02.194845915 CEST 49738 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.197905064 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.229418993 CEST 443 49738 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.229693890 CEST 49738 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.231920958 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.232157946 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.237207890 CEST 49738 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.237346888 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.270977974 CEST 443 49738 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.271214008 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.271847963 CEST 443 49738 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.271884918 CEST 443 49738 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.271898985 CEST 443 49738 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.272326946 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.272342920 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.272352934 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.272567987 CEST 49738 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.272572994 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.325088024 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.326186895 CEST 49738 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.335304976 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.359388113 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.359642029 CEST 443 49738 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.359868050 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.359891891 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.359996080 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.360615969 CEST 443 49738 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.360641003 CEST 443 49738 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.360753059 CEST 49738 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.360800028 CEST 49738 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.370179892 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.408502102 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.408694029 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.421725988 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.455950975 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.553060055 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.553143024 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.553179026 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.553240061 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.553277969 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.553308010 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.553333998 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.553366899 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.553864002 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.591438055 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.591645002 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.591681957 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.591703892 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.591725111 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.591748953 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.591770887 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.591790915 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.591808081 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.591821909 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.593518972 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.627696991 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.627747059 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.627763987 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.627778053 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.627881050 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.627944946 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.709700108 CEST 49738 443 192.168.2.4 193.56.140.134
TCP Packets
Copyright null 2020 Page 45 of 111
Aug 20, 2020 21:55:02.710078955 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.711183071 CEST 49740 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.713695049 CEST 49741 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.717890024 CEST 49742 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.720067024 CEST 49743 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.744636059 CEST 443 49740 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.744663954 CEST 443 49738 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.744867086 CEST 49740 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.745748043 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.750986099 CEST 443 49741 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.751019001 CEST 443 49742 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.751225948 CEST 49741 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.751470089 CEST 49742 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.751688957 CEST 443 49743 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.751852989 CEST 49743 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.755781889 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.755816936 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.755893946 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.755918980 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.755929947 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.755945921 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.755968094 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.755976915 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.755990982 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.756010056 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.756011963 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.756031990 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.756046057 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.756053925 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.756074905 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.756094933 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.756109953 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.756118059 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.756135941 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.756145000 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.756156921 CEST 443 49739 193.56.140.134 192.168.2.4
Aug 20, 2020 21:55:02.756169081 CEST 49739 443 192.168.2.4 193.56.140.134
Aug 20, 2020 21:55:02.756212950 CEST 49739 443 192.168.2.4 193.56.140.134
Timestamp Source Port Dest Port Source IP Dest IP
Timestamp Source Port Dest Port Source IP Dest IP
Aug 20, 2020 21:53:42.729975939 CEST 53048 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:53:42.761607885 CEST 53 53048 8.8.8.8 192.168.2.4
Aug 20, 2020 21:53:42.772927046 CEST 61237 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:53:42.803683996 CEST 53 61237 8.8.8.8 192.168.2.4
Aug 20, 2020 21:53:43.053170919 CEST 60674 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:53:43.066924095 CEST 53 60674 8.8.8.8 192.168.2.4
Aug 20, 2020 21:53:43.731050014 CEST 53048 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:53:43.763024092 CEST 53 53048 8.8.8.8 192.168.2.4
Aug 20, 2020 21:53:43.777857065 CEST 61237 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:53:43.793122053 CEST 53 61237 8.8.8.8 192.168.2.4
Aug 20, 2020 21:53:44.762366056 CEST 53048 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:53:44.776352882 CEST 53 53048 8.8.8.8 192.168.2.4
Aug 20, 2020 21:53:44.809334993 CEST 61237 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:53:44.840656996 CEST 53 61237 8.8.8.8 192.168.2.4
Aug 20, 2020 21:53:46.810874939 CEST 53048 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:53:46.841748953 CEST 53 53048 8.8.8.8 192.168.2.4
Aug 20, 2020 21:53:46.858865023 CEST 61237 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:53:46.873862982 CEST 53 61237 8.8.8.8 192.168.2.4
Aug 20, 2020 21:53:48.183883905 CEST 54414 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:53:48.215908051 CEST 53 54414 8.8.8.8 192.168.2.4
Aug 20, 2020 21:53:50.642249107 CEST 62217 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:53:50.674041986 CEST 53 62217 8.8.8.8 192.168.2.4
UDP Packets
Copyright null 2020 Page 46 of 111
Aug 20, 2020 21:53:50.824193001 CEST 53048 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:53:50.838383913 CEST 53 53048 8.8.8.8 192.168.2.4
Aug 20, 2020 21:53:50.886672020 CEST 61237 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:53:50.901190996 CEST 53 61237 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:06.793040991 CEST 62645 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:06.824950933 CEST 53 62645 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:24.041599035 CEST 61821 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:24.055213928 CEST 53 61821 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:40.882162094 CEST 58618 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:40.896063089 CEST 53 58618 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:41.587001085 CEST 60967 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:41.600835085 CEST 53 60967 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:42.023730993 CEST 50987 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:42.037545919 CEST 53 50987 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:42.403321028 CEST 52517 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:42.418191910 CEST 53 52517 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:42.822074890 CEST 54004 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:42.836919069 CEST 53 54004 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:43.238702059 CEST 53431 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:43.253346920 CEST 53 53431 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:43.654630899 CEST 59215 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:43.668329000 CEST 53 59215 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:44.118992090 CEST 58452 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:44.132973909 CEST 53 58452 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:44.505721092 CEST 55996 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:44.519488096 CEST 53 55996 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:45.085649967 CEST 50544 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:45.099762917 CEST 53 50544 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:45.928246021 CEST 57859 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:45.944730997 CEST 53 57859 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:49.800641060 CEST 50658 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:49.913863897 CEST 53 50658 8.8.8.8 192.168.2.4
Aug 20, 2020 21:54:58.373107910 CEST 57735 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:54:58.387749910 CEST 53 57735 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:00.843291998 CEST 54801 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:00.859241962 CEST 53 54801 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:00.921819925 CEST 51361 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:00.935599089 CEST 53 51361 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:02.125520945 CEST 62847 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:02.139712095 CEST 53 62847 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:03.559801102 CEST 49257 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:03.592248917 CEST 53 49257 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:28.323151112 CEST 59180 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:28.337609053 CEST 53 59180 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:30.843760014 CEST 59372 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:30.857388973 CEST 53 59372 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:31.714381933 CEST 63764 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:31.728048086 CEST 53 63764 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:31.863509893 CEST 59372 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:31.878711939 CEST 53 59372 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:32.724962950 CEST 63764 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:32.738930941 CEST 53 63764 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:32.852006912 CEST 59372 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:32.866704941 CEST 53 59372 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:33.730880976 CEST 63764 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:33.750755072 CEST 53 63764 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:34.925580025 CEST 59372 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:34.948935032 CEST 53 59372 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:35.530790091 CEST 49545 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:35.545463085 CEST 53 49545 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:35.572041988 CEST 64449 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:35.603193045 CEST 53 64449 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:35.724956036 CEST 53529 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:35.734616995 CEST 63764 53 192.168.2.4 8.8.8.8
Timestamp Source Port Dest Port Source IP Dest IP
Copyright null 2020 Page 47 of 111
Aug 20, 2020 21:55:35.748348951 CEST 53 63764 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:35.766068935 CEST 53 53529 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:35.861150026 CEST 52850 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:35.872426987 CEST 50308 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:35.883426905 CEST 53 52850 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:35.901073933 CEST 53 50308 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:35.910024881 CEST 53255 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:35.941380978 CEST 53 53255 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:35.954092979 CEST 53703 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:35.985625982 CEST 53 53703 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:36.058507919 CEST 54941 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:36.073164940 CEST 53 54941 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:36.193407059 CEST 56277 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:36.224216938 CEST 53 56277 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:36.599280119 CEST 59829 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:36.630361080 CEST 53 59829 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:36.684231043 CEST 56174 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:36.827042103 CEST 53 56174 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:36.954895973 CEST 51471 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:37.053354979 CEST 53 51471 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:38.825653076 CEST 59122 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:38.873872995 CEST 53 59122 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:38.983632088 CEST 59372 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:38.997284889 CEST 53 59372 8.8.8.8 192.168.2.4
Aug 20, 2020 21:55:39.801500082 CEST 63764 53 192.168.2.4 8.8.8.8
Aug 20, 2020 21:55:39.815291882 CEST 53 63764 8.8.8.8 192.168.2.4
Timestamp Source Port Dest Port Source IP Dest IP
Timestamp Source IP Dest IP Trans ID OP Code Name Type Class
Aug 20, 2020 21:54:49.800641060 CEST 192.168.2.4 8.8.8.8 0x8eea Standard query (0)
coface.com A (IP address) IN (0x0001)
Aug 20, 2020 21:55:00.921819925 CEST 192.168.2.4 8.8.8.8 0xad2a Standard query (0)
www.coface.com A (IP address) IN (0x0001)
Aug 20, 2020 21:55:02.125520945 CEST 192.168.2.4 8.8.8.8 0x16da Standard query (0)
www.coface.com A (IP address) IN (0x0001)
Aug 20, 2020 21:55:03.559801102 CEST 192.168.2.4 8.8.8.8 0xbe2c Standard query (0)
prod1.solutions.webfg.ch
A (IP address) IN (0x0001)
Aug 20, 2020 21:55:28.323151112 CEST 192.168.2.4 8.8.8.8 0x3008 Standard query (0)
www.coface.com A (IP address) IN (0x0001)
Aug 20, 2020 21:55:35.572041988 CEST 192.168.2.4 8.8.8.8 0xc343 Standard query (0)
s7.addthis.com A (IP address) IN (0x0001)
Aug 20, 2020 21:55:35.861150026 CEST 192.168.2.4 8.8.8.8 0xf9b0 Standard query (0)
z.moatads.com A (IP address) IN (0x0001)
Aug 20, 2020 21:55:35.872426987 CEST 192.168.2.4 8.8.8.8 0x19a Standard query (0)
stats.g.doubleclick.net
A (IP address) IN (0x0001)
Aug 20, 2020 21:55:35.910024881 CEST 192.168.2.4 8.8.8.8 0x6505 Standard query (0)
v1.addthisedge.com
A (IP address) IN (0x0001)
Aug 20, 2020 21:55:35.954092979 CEST 192.168.2.4 8.8.8.8 0xf630 Standard query (0)
m.addthis.com A (IP address) IN (0x0001)
Aug 20, 2020 21:55:36.193407059 CEST 192.168.2.4 8.8.8.8 0x4dd9 Standard query (0)
www.google.ch A (IP address) IN (0x0001)
Aug 20, 2020 21:55:36.599280119 CEST 192.168.2.4 8.8.8.8 0x2ffc Standard query (0)
q.addthis.com A (IP address) IN (0x0001)
Aug 20, 2020 21:55:36.684231043 CEST 192.168.2.4 8.8.8.8 0xcf3e Standard query (0)
www.coface.dz A (IP address) IN (0x0001)
Aug 20, 2020 21:55:36.954895973 CEST 192.168.2.4 8.8.8.8 0xf7b5 Standard query (0)
www.coface.ma A (IP address) IN (0x0001)
Aug 20, 2020 21:55:38.825653076 CEST 192.168.2.4 8.8.8.8 0x8f2b Standard query (0)
platform.twitter.com
A (IP address) IN (0x0001)
Timestamp Source IP Dest IP Trans ID Reply Code Name CName Address Type Class
Aug 20, 2020 21:54:49.913863897 CEST
8.8.8.8 192.168.2.4 0x8eea No error (0) coface.com 193.56.140.134 A (IP address) IN (0x0001)
Aug 20, 2020 21:55:00.935599089 CEST
8.8.8.8 192.168.2.4 0xad2a No error (0) www.coface.com
193.56.140.134 A (IP address) IN (0x0001)
DNS Queries
DNS Answers
Copyright null 2020 Page 48 of 111
Aug 20, 2020 21:55:02.139712095 CEST
8.8.8.8 192.168.2.4 0x16da No error (0) www.coface.com
193.56.140.134 A (IP address) IN (0x0001)
Aug 20, 2020 21:55:03.592248917 CEST
8.8.8.8 192.168.2.4 0xbe2c No error (0) prod1.solutions.webfg.ch
185.226.224.134 A (IP address) IN (0x0001)
Aug 20, 2020 21:55:28.337609053 CEST
8.8.8.8 192.168.2.4 0x3008 No error (0) www.coface.com
193.56.140.134 A (IP address) IN (0x0001)
Aug 20, 2020 21:55:35.603193045 CEST
8.8.8.8 192.168.2.4 0xc343 No error (0) s7.addthis.com s8.addthis.com CNAME (Canonical name)
IN (0x0001)
Aug 20, 2020 21:55:35.603193045 CEST
8.8.8.8 192.168.2.4 0xc343 No error (0) s8.addthis.com ds-s7.addthis.com.edgekey.net
CNAME (Canonical name)
IN (0x0001)
Aug 20, 2020 21:55:35.883426905 CEST
8.8.8.8 192.168.2.4 0xf9b0 No error (0) z.moatads.com wildcard.moatads.com.edgekey.net
CNAME (Canonical name)
IN (0x0001)
Aug 20, 2020 21:55:35.901073933 CEST
8.8.8.8 192.168.2.4 0x19a No error (0) stats.g.doubleclick.net
stats.l.doubleclick.net CNAME (Canonical name)
IN (0x0001)
Aug 20, 2020 21:55:35.901073933 CEST
8.8.8.8 192.168.2.4 0x19a No error (0) stats.l.doubleclick.net
172.217.218.156 A (IP address) IN (0x0001)
Aug 20, 2020 21:55:35.901073933 CEST
8.8.8.8 192.168.2.4 0x19a No error (0) stats.l.doubleclick.net
172.217.218.154 A (IP address) IN (0x0001)
Aug 20, 2020 21:55:35.901073933 CEST
8.8.8.8 192.168.2.4 0x19a No error (0) stats.l.doubleclick.net
172.217.218.157 A (IP address) IN (0x0001)
Aug 20, 2020 21:55:35.901073933 CEST
8.8.8.8 192.168.2.4 0x19a No error (0) stats.l.doubleclick.net
172.217.218.155 A (IP address) IN (0x0001)
Aug 20, 2020 21:55:35.941380978 CEST
8.8.8.8 192.168.2.4 0x6505 No error (0) v1.addthisedge.com
v1.addthisedge.com.edgekey.net
CNAME (Canonical name)
IN (0x0001)
Aug 20, 2020 21:55:35.985625982 CEST
8.8.8.8 192.168.2.4 0xf630 No error (0) m.addthis.com m.addthisedge.com CNAME (Canonical name)
IN (0x0001)
Aug 20, 2020 21:55:35.985625982 CEST
8.8.8.8 192.168.2.4 0xf630 No error (0) m.addthisedge.com
ds-m.addthisedge.com.edgekey.net
CNAME (Canonical name)
IN (0x0001)
Aug 20, 2020 21:55:36.224216938 CEST
8.8.8.8 192.168.2.4 0x4dd9 No error (0) www.google.ch 172.217.168.67 A (IP address) IN (0x0001)
Aug 20, 2020 21:55:36.630361080 CEST
8.8.8.8 192.168.2.4 0x2ffc No error (0) q.addthis.com ds-q.addthis.com.edgekey.net
CNAME (Canonical name)
IN (0x0001)
Aug 20, 2020 21:55:36.827042103 CEST
8.8.8.8 192.168.2.4 0xcf3e No error (0) www.coface.dz www.coface.com CNAME (Canonical name)
IN (0x0001)
Aug 20, 2020 21:55:36.827042103 CEST
8.8.8.8 192.168.2.4 0xcf3e No error (0) www.coface.com
193.56.140.134 A (IP address) IN (0x0001)
Aug 20, 2020 21:55:37.053354979 CEST
8.8.8.8 192.168.2.4 0xf7b5 No error (0) www.coface.ma www.coface.com CNAME (Canonical name)
IN (0x0001)
Aug 20, 2020 21:55:37.053354979 CEST
8.8.8.8 192.168.2.4 0xf7b5 No error (0) www.coface.com
193.56.140.134 A (IP address) IN (0x0001)
Aug 20, 2020 21:55:38.873872995 CEST
8.8.8.8 192.168.2.4 0x8f2b No error (0) platform.twitter.com
cs472.wac.edgecastcdn.net
CNAME (Canonical name)
IN (0x0001)
Aug 20, 2020 21:55:38.873872995 CEST
8.8.8.8 192.168.2.4 0x8f2b No error (0) cs472.wac.edgecastcdn.net
cs1-apr-8315.wac.edgecastcdn.net
CNAME (Canonical name)
IN (0x0001)
Aug 20, 2020 21:55:38.873872995 CEST
8.8.8.8 192.168.2.4 0x8f2b No error (0) cs1-apr-8315.wac.edgecastcdn.net
wac.apr-8315.edgecastdns.net
CNAME (Canonical name)
IN (0x0001)
Aug 20, 2020 21:55:38.873872995 CEST
8.8.8.8 192.168.2.4 0x8f2b No error (0) cs1-lb-eu.8315.ecdns.net
cs41.wac.edgecastcdn.net
CNAME (Canonical name)
IN (0x0001)
Aug 20, 2020 21:55:38.873872995 CEST
8.8.8.8 192.168.2.4 0x8f2b No error (0) cs41.wac.edgecastcdn.net
93.184.220.66 A (IP address) IN (0x0001)
Timestamp Source IP Dest IP Trans ID Reply Code Name CName Address Type Class
HTTP Request Dependency Graph
Copyright null 2020 Page 49 of 111
www.coface.dzwww.coface.ma
platform.twitter.com
Session ID Source IP Source Port Destination IP Destination Port Process
0 192.168.2.4 49777 193.56.140.134 80 C:\Program Files (x86)\Internet Explorer\iexplore.exe
TimestampkBytestransferred Direction Data
Aug 20, 2020 21:55:36.896188021 CEST
9237 OUT GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.dzConnection: Keep-Alive
Aug 20, 2020 21:55:36.932008028 CEST
9238 IN HTTP/1.1 301 Moved PermanentlyDate: Thu, 20 Aug 2020 19:55:36 GMTServer: ApacheLocation: http://www.coface.ma/Vary: Accept-EncodingContent-Length: 229Keep-Alive: timeout=5, max=500Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Set-Cookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!lMjXn2Br5GWQlQbYVTfOmOFDLEsPBiFtthiJiIyvQKrf2A7T+l1elLpD8SuXlkdubSmtj3HU1mcokzh2gyDAzuoSefWyj+FSx2ovGZ2ehw==; path=/; HttponlyData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 66 61 63 65 2e 6d 61 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.coface.ma/">here</a>.</p></body></html>
Session ID Source IP Source Port Destination IP Destination Port Process
1 192.168.2.4 49778 193.56.140.134 80 C:\Program Files (x86)\Internet Explorer\iexplore.exe
TimestampkBytestransferred Direction Data
Aug 20, 2020 21:55:37.091430902 CEST
9239 OUT GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateConnection: Keep-AliveHost: www.coface.ma
HTTP Packets
Copyright null 2020 Page 50 of 111
Aug 20, 2020 21:55:37.211231947 CEST
9240 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:37 GMTServer: ApacheExpires: Thu, 20 Aug 2020 17:55:37 GMTLast-Modified: Thu, 20 Aug 2020 19:55:37 GMTCache-Control: public,max-age=14000Pragma: cacheServed-by: www.coface.maContent-language: fr-FRX-UA-Compatible: IE=edgeVary: Accept-EncodingKeep-Alive: timeout=5, max=500Connection: Keep-AliveContent-Type: text/html; charset=utf-8Set-Cookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; path=/; HttponlyContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 38 38 35 0d 0a 1f 8b 08 00 00 00 00 00 04 03 e2 e4 b4 51 74 f1 77 0e 89 0c 70 55 c8 28 c9 cd 51 08 08 75 f2 f1 74 56 50 d2 d5 d7 0f 37 76 d6 d7 77 09 71 51 88 f0 08 f1 f5 51 30 d4 33 50 08 2e 29 ca 4c 2e d1 d7 77 f5 53 52 50 d2 d7 2f 2f 2f d7 2b 37 d6 cb 2f 4a d7 0f 09 d2 af 00 19 60 08 d2 01 65 ea 16 83 95 eb a5 94 a4 28 d9 71 71 d9 80 04 15 2a 72 73 f2 8a 6d 51 35 1b 5a 5a 5a 42 f4 28 81 e4 ad 72 12 f3 d2 6d 95 d2 8a 74 dd 82 94 14 90 39 76 40 43 52 13 53 80 94 a2 ae ae 82 73 7e 5a 62 79 6a 92 42 59 6a 51 71 66 7e 9e 82 95 82 91 9e b1 9e a1 99 42 52 69 66 4e 8a 82 5b 6a 52 51 69 62 51 a5 82 91 89 8e 82 91 81 91 81 82 ae ae 9d 02 1a 00 3a 2b 27 33 2f 5b 21 a3 28 35 0d e8 aa b4 c4 b2 cc e4 fc 3c 3d 20 a1 a4 50 94 9a 63 ab 54 9c 91 5f 54 92 5c 5a a2 00 14 ca 53 52 28 a9 2c 48 b5 55 ca cc 4d 4c 4f d5 af d0 05 8b 81 cd e4 04 01 10 83 0b e2 36 97 d4 b4 d4 e4 12 05 13 0b 73 90 ad 5c 36 25 99 25 39 a9 76 20 17 27 a7 5a 29 a4 e5 17 29 94 14 25 a6 a4 da e8 43 24 b8 6c 72 53 4b 12 81 51 50 52 a0 9b 5a 58 9a 59 66 ab e4 9c 9f 57 92 9a 57 a2 1b 02 b4 51 49 21 19 c2 b3 55 2a 49 ad 28 d1 07 05 95 b5 42 72 46 62 51 71 6a 89 6d 68 88 9b ae 85 92 82 3e cc 94 bc c4 5c a0 1b 53 52 8b 93 8b 32 0b 4a 80 21 83 a4 3d a0 28 bf 04 e8 30 a0 60 b1 42 71 69 91 42 6e 2a 90 4c 05 cb 03 a9 9c d4 62 85 cc dc 82 c4 ca c3 2b 8b 15 0a f2 81 f2 65 f9 20 f1 54 90 6c 41 51 66 71 aa 8e 42 0a 50 59 a2 42 80 af ab c2 e1 05 20 56 6e 69 4e 49 66 5e 22 c8 c8 c4 9c 54 3d 85 e0 fc 9c 52 10 a7 58 21 e5 51 c3 cc c4 62 a0 f9 89 79 c9 a9 ba c9 45 87 57 a6 64 96 80 0d 48 03 6a 00 8a e5 02 cd 55 48 2d 01 89 14 a5 26 e7 97 96 15 41 84 12 cb 52 93 15 20 61 a5 87 ee 2f 25 df e0 e0 dc c4 a2 92 90 c4 f4 e2 80 a2 d4 32 a0 fa 80 44 60 fc e7 a5 23 f9 32 24 28 d4 15 a4 11 14 21 c8 7a 8b f2 93 f2 4b 8a 91 1466 e6 a5 a4 56 e8 a4 e5 e7 e4 e4 97 eb e4 e5 e7 a7 14 28 d9 71 72 29 40 01 24 69 80 93 41 62 4e 49 6a 11 d0 97 c0 a8 c8 4d 4d c9 4c b4 55 ca cf cb a9 54 00 06 71 6a 6a 9e 42 62 5e 8a 82 46 6e 62 85 6e 79 66 4a 49 86 95 82 99 89 41 41 85 a6 12 2c 55 e9 e7 ea 25 43 7c 93 9b 08 72 16 d8 02 bc 86 67 Data Ascii: 4885QtwpU(QutVP7vwqQQ03P.)L.wSRP///+7/J`e(qq*rsmQ5ZZZB(rmt9v@CRSs~ZbyjBYjQqf~BRifN[jRQibQ:+'3/[!(5<= PcT_T\ZSR(,HUMLO6s\6%%9v 'Z))%C$lrSKQPRZXYfWWQI!U*I(BrFbQqjmh>\SR2J!=(0`BqiBn*Lb+e TlAQfqBPYB VniNIf^"T=RX!QbyEWdHjUH-&AR a/%2D`#2$(!zKfV(qr)@$iAbNIjMMLUTqjjBb^FnbnyfJIAA,U%C|rg
Aug 20, 2020 21:55:38.322757959 CEST
9560 OUT GET /extension/cofaweb/design/cofaweb/images/bg/band_blue_bg.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 51 of 111
Aug 20, 2020 21:55:38.358474016 CEST
9564 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:32 GMTETag: "49a2b5-4ee-595692c5dc200"Accept-Ranges: bytesContent-Length: 1262Vary: Accept-EncodingKeep-Alive: timeout=5, max=499Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 0c 00 00 00 19 08 02 00 00 00 8a 0c 58 98 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 b2 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 30 2d 63 30 36 30 20 36 31 2e 31 33 34 37 37 37 2c 20 32 30 31 30 2f 30 32 2f 31 32 2d 31 37 3a 33 32 3a 30 30 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 52 69 67 68 74 73 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 72 69 67 68 74 73 2f 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 6d 6d 2f 22 20 78 6d 6c 6e 73 3a 73 74 52 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 52 65 66 23 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 70 52 69 67 68 74 73 3a 4d 61 72 6b 65 64 3d 22 46 61 6c 73 65 22 20 78 6d 70 4d 4d 3a 4f 72 69 67 69 6e 61 6c 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 43 38 44 36 45 30 42 37 30 38 32 30 36 38 31 31 42 38 34 30 46 44 38 45 39 39 30 46 39 30 39 46 22 20 78 6d 70 4d 4d 3a 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 41 30 37 36 33 34 43 31 31 31 34 34 31 31 45 32 39 35 32 31 46 44 34 39 36 34 30 45 30 31 42 38 22 20 78 6d 70 4d 4d 3a 49 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 41 30 37 36 33 34 43 30 31 31 34 34 31 31 45 32 39 35 32 31 46 44 34 39 36 34 30 45 30 31 42 38 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 53 35 20 4d 61 63 69 6e 74 6f 73 68 22 3e 20 3c 78 6d 70 4d 4d 3a 44 65 72 69 76 65 64 46 72 6f 6d 20 73 74 52 65 66 3a 69 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 30 35 38 30 31 31 37 34 30 37 32 30 36 38 31 31 39 39 46 34 45 41 42 37 41 42 31 37 46 44 35 35 22 20 73 74 52 65 66 3a 64 6f 63 75 6d 65 6e 74 49 44 3d 22 75 75 69 64 3a 32 42 43 39 44 32 35 45 36 46 45 46 45 31 31 31 41 32 37 45 42 30 31 41 34 43 43 36 31 32 38 32 22 2f 3e 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 20 3c 2f 72 64 66 3a 52 44 46 3e 20 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 20 3c 3f 78 70 61 63 6b 65 74 20 65 6e 64 3d 22 72 22 3f 3e 50 0b 98 e0 00 00 00 d2 49 44 41 54 78 da Data Ascii: PNGIHDRXtEXtSoftwareAdobe ImageReadyqe<iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:C8D6E0B708206811B840FD8E990F909F" xmpMM:DocumentID="xmp.did:A07634C1114411E29521FD49640E01B8" xmpMM:InstanceID="xmp.iid:A07634C0114411E29521FD49640E01B8" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:058011740720681199F4EAB7AB17FD55" stRef:documentID="uuid:2BC9D25E6FEFE111A27EB01A4CC61282"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>PIDATx
Aug 20, 2020 21:55:38.378022909 CEST
9575 OUT GET /var/cofaweb/storage/images/ara-ma/about-coface/394523-56-fre-FR/A-propos-de-Coface_menu_portrait.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 52 of 111
Aug 20, 2020 21:55:38.411602974 CEST
9581 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Tue, 10 Mar 2020 10:56:45 GMTETag: "4525cd-a058-5a07df9bfb540"Accept-Ranges: bytesContent-Length: 41048Vary: Accept-EncodingKeep-Alive: timeout=5, max=498Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 e7 00 00 01 87 08 03 00 00 00 7c a9 b5 fc 00 00 03 00 50 4c 54 45 2d 80 ad 21 78 ae 35 7a a6 24 7d b2 2e 70 a5 1c 71 a6 1a 75 ab 18 79 a9 12 74 aa 12 71 a6 14 6c a2 09 6d a3 01 6c a4 0c 6d a6 0b 71 a7 00 71 a6 0a 79 ae 00 72 aa 18 64 98 16 58 8a 1a 47 77 07 75 ae 1c 35 61 1f 3d 68 1a 30 54 23 54 8b 11 79 b0 1b 79 af 18 7c b4 26 66 9f 04 79 af 0b 79 b3 2e 7c b3 1b 82 b9 22 82 b6 2a 82 b6 0e 7d be a7 72 3d b3 6a 2a b1 6c 34 ba 6f 2b 79 6f 62 6e 76 73 a9 67 32 96 70 52 5a 70 83 33 6d 91 e3 69 00 eb 69 00 d5 6b 0d f4 67 00 48 7b 9b c4 6e 20 30 82 b6 58 81 97 23 83 bb 3b 83 aa 38 86 ba e5 72 00 32 86 ba 16 83 c3 2b 86 b9 6c 73 87 3c 85 b1 47 8a b2 75 7d 79 28 8a c6 34 8a b6 bb 71 36 1e 8a d1 39 8c be 33 8a bd 42 8e bf 2c 8a bb 3c 92 be 49 92 c3 3a 8e c4 3b 8a b3 4f 91 bf 42 92 c3 3c 92 c4 4f 92 c7 4d 96 c3 32 5f 7f 2c 4e 6c 28 42 58 1f 3b 53 43 9a c6 41 96 c8 48 92 c7 47 96 c7 4a 9a cb 44 9b cc 51 96 c6 47 96 c3 49 96 cb 4d 96 c7 53 9a c7 59 9a c7 5a 9e cb 4d 9a c7 42 61 7a 48 58 67 73 88 96 5033 23 36 28 21 4c 29 13 31 20 17 61 9e cb b4 65 1a 8e 48 0e a7 62 2a a7 50 01 6a 32 0b 56 68 7c 9e 61 34 c3 5d 00 63 a4 c7 77 41 19 1d 18 14 22 1c 1a 27 31 3a 1a 20 26 64 a3 cb 6b 94 af 13 10 0c 39 2f 29 69 a1 c3 aa 7f 72 f6 7a 00 3f 18 13 35 35 36 ca 75 4c 2a 09 05 62 3a 21 24 2a 2f 54 9e cb 49 07 05 4c 4d 4f 96 57 27 13 18 1c 0b 10 13 02 01 01 10 0c 0d 11 10 12 12 06 05 18 14 18 19 1c 20 47 3a 41 6e 05 08 6a a6 ce 0a 0a 0c 18 14 12 5d a2 cb 13 14 17 73 a4 c6 0c 0c 08 71 a6 cf 24 23 23 94 12 06 9c 4b 42 8e 40 3d 6d aa cf 72 aa cf 9d 3f 23 69 7a 9f 69 46 31 73 17 2d 83 7c 8b 61 5c 62 6a 42 26 7d 2e 4e 78 ae cf 7a ae d3 62 a8 d3 7c b2 cf 36 2a 2f 68 ad d4 84 b2 d3 84 b2 ce 6f b0 d6 7c b2 d4 79 a2 c9 6d 53 4b 96 89 90 75 ae cb 88 b6 d3 8c b2 c8 79 a1 b8 8b 98 a3 8f b6 d3 83 bb db 8e a5 b4 87 ac c5 8e ba d4 84 ba d6 93 ba d5 7d a6c1 8c be d9 95 be d7 7e ab c2 96 af c9 9a be d5 8b b6 ce 90 ba cf ce 26 04 a0 a6 b4 d8 45 2a 95 5b 31 9e c3 d7 9b bd cf a6 96 96 88 56 32 19 18 1a a3 c3 d5 a3 b5 be 92 c5 de a0 5c 26 5a 3f 2f 1d 1e 1d 7e 4e 2b a5 c7 d7 a3 bd ce ae b0 ae 7a 52 37 77 47 24 76 4b 2f 84 4c 23 8b 52 27 aa c7 d7 a3 cb dd 14 18 14 aa c3 ce ae cb d7 ad c7 d3 b4 ca d4 a6 cb d7 ab cb db b6 cb cf b2 a2 9d bb cb ce b4 c7 cd ba d7 e7 b5 c4 c5 ba c7 ca be cb c7 bd c5 c4 c8 cb c9 bc c2 bd bb bc b8 c4 c2 bb b9 ac a4 a7 a7 a5 bb b3 ac c2 b8 af f8 f8 f8 28 14 90 b9 00 00 80 00 49 44 41 54 78 da c5 fd 09 80 53 65 9e 2e 0e 07 50 16 6d 71 63 07 91 a5 b1 84 c2 6d 10 90 a1 71 6b 2e 20 d0 42 23 78 7b f9 e4 0f e2 92 c5 a1 c4 6a 2a 21 98 b2 2f 74 a5 84 4a 2a 1b 92 90 8e 71 2e f6 54 4b 06 85 11 bd 02 2e 6d ab dd 74 0b d3 13 b1 62 df aa 94 4a 2a e9 29 d4 f9 ec 76 b0 dd 5a db ef 79 7e ef 7b 4e 4e 6a 41 e7 fe e7 ce f7 9e 93 73 4e 4e 52 a9 f3 9c e7 b7 be db b1 d9 fa f5 c7 c2 ad 1c f4 ef 37 e0 0c 1e a3 9c 51 5e cf e0 fb 33 e5 dc 40 96 41 67 f2 2d b7 67 f4 3b 93 27 64 33 70 e0 60 cb 46 2f 7a 37 04 0b de 0c e1 91 bc b1 2e dd cf 0d 1e dc ed b4 da 71 55 1b 75 3c b8 cf 1f 19 6c fc 88 b9 b5 9d d9 4b 39 6b c8 99 67 9d 75 e6 59 38 e0 72 16 7e Data Ascii: PNGIHDR|PLTE-!x5z$}.pquytqlmlmqqyrdXGwu5a=h0T#Tyy|&fyy.|"*}r=j*l4o+yobnvsg2pRZp3miikgH{n 0X#;8r2+ls<Gu}y(4q693B,<I:;OB<OM2_,Nl(BX;SCAHGJDQGIMSYZMBazHXgsP3#6(!L)1 aeHb*Pj2Vh|a4]cwA"'1: &dk9/)irz?556uL*b:!$*/TILMOW' G:Anj]sq$##KB@=mr?#iziF1s-|a\bjB&}.Nxzb|6*/ho|ymSKuy}~&E*[1V2\&Z?/~N+zR7wG$vK/L#R'(IDATxSe.Pmqcmqk. B#x{j*!/tJ*q.TK.mtbJ*)vZy~{NNjAsNNR7Q^3@Ag-g;'d3p`F/z7.qUu<lK9kguY8r~
Aug 20, 2020 21:55:38.724075079 CEST
10384 OUT GET /extension/cofaweb/design/cofaweb/images/quickmenu/sprites.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 53 of 111
Aug 20, 2020 21:55:38.758430004 CEST
10432 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:34 GMTETag: "49a2e8-10b9-595692c7c4680"Accept-Ranges: bytesContent-Length: 4281Vary: Accept-EncodingKeep-Alive: timeout=5, max=497Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 72 00 00 00 25 08 06 00 00 00 5f d8 62 f2 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 22 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 30 2d 63 30 36 31 20 36 34 2e 31 34 30 39 34 39 2c 20 32 30 31 30 2f 31 32 2f 30 37 2d 31 30 3a 35 37 3a 30 31 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 6d 6d 2f 22 20 78 6d 6c 6e 73 3a 73 74 52 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 52 65 66 23 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 53 35 2e 31 20 57 69 6e 64 6f 77 73 22 20 78 6d 70 4d 4d 3a 49 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 46 43 43 34 37 38 34 39 39 44 33 36 31 31 45 32 38 44 30 42 41 33 45 38 36 30 30 43 34 31 43 37 22 20 78 6d 70 4d 4d 3a 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 46 43 43 34 37 38 34 41 39 44 33 36 31 31 45 32 38 44 30 42 41 33 45 38 36 30 30 43 34 31 43 37 22 3e 20 3c 78 6d 70 4d 4d 3a 44 65 72 69 76 65 64 46 72 6f 6d 20 73 74 52 65 66 3a 69 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 46 43 43 34 37 38 34 37 39 44 33 36 31 31 45 32 38 44 30 42 41 33 45 38 36 30 30 43 34 31 43 37 22 20 73 74 52 65 66 3a 64 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 46 43 43 34 37 38 34 38 39 44 33 36 31 31 45 32 38 44 30 42 41 33 45 38 36 30 30 43 34 31 43 37 22 2f 3e 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 20 3c 2f 72 64 66 3a 52 44 46 3e 20 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 20 3c 3f 78 70 61 63 6b 65 74 20 65 6e 64 3d 22 72 22 3f 3e 25 2c 3b d9 00 00 0d 2d 49 44 41 54 78 da ec 5d 0d 8c 54 d5 19 bd 3b d9 6e 09 5a 6a e8 86 5a 62 91 5a 8a 0d b1 ba 5d 2d 48 8b 8a 8a b6 d2 16 a5 45 b4 ad 96 df b8 60 6a 2d 08 71 95 22 41 8a d0 20 b5 88 86 4a 5a 76 c0 42 05 97 82 d8 5d d6 aa fc 95 56 a0 51 09 22 55 24 84 10 62 28 6c b6 64 25 76 b3 a1 bb fd 8e 73 1e 73 f7 ed ec cc fb b9 6f e6 cd e4 9e e4 e4 cd ce 7b f3 de f7 ee bb f7 dc ef 7e f7 bb 6f cb 3a 3b 3b 95 85 85 85 85 45 f1 a2 6c 4a c3 23 41 7e f7 0b 61 52 78 Data Ascii: PNGIHDRr%_btEXtSoftwareAdobe ImageReadyqe<"iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c061 64.140949, 2010/12/07-10:57:01 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5.1 Windows" xmpMM:InstanceID="xmp.iid:FCC478499D3611E28D0BA3E8600C41C7" xmpMM:DocumentID="xmp.did:FCC4784A9D3611E28D0BA3E8600C41C7"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:FCC478479D3611E28D0BA3E8600C41C7" stRef:documentID="xmp.did:FCC478489D3611E28D0BA3E8600C41C7"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>%,;-IDATx]T;nZjZbZ]-HE`j-q"A JZvB]VQ"U$b(ld%vsso{~o:;;ElJ#A~aRx
Aug 20, 2020 21:55:38.829878092 CEST
10507 OUT GET /var/cofaweb/storage/images/media/images/cgem3/2789759-1-fre-FR/CGEM_small.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 54 of 111
Aug 20, 2020 21:55:38.864554882 CEST
10629 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Wed, 22 Jan 2020 22:14:19 GMTETag: "4f6087-145d-59cc1d88884c0"Accept-Ranges: bytesContent-Length: 5213Vary: Accept-EncodingKeep-Alive: timeout=5, max=496Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 64 00 00 00 3e 08 06 00 00 00 dd f7 be c5 00 00 14 24 49 44 41 54 78 da ed 9c 79 90 1c d7 7d df 3f ef bd ee 9e 63 67 ef fb c0 b5 38 04 10 17 41 80 14 49 40 12 49 89 09 29 4a a4 a2 48 36 a3 92 14 aa 94 72 12 cb e5 aa 94 2d ab 52 71 ca 76 29 89 2b 71 1c d9 49 95 4b 96 2b 72 25 15 2b 8a 64 33 94 64 86 37 4d 40 24 28 88 04 49 9c 0b 10 58 9c 0b 60 81 bd 66 77 66 77 66 ba df 7b bf fc d1 b3 00 49 c9 b2 25 40 dc 25 85 5f 6d ef d6 d6 ce 74 ef bc 4f bf df f1 7d bf d7 4a 44 84 9f d1 ae e2 ad 8b d6 94 52 78 ef b1 e2 a9 8c 5f 62 ea 7b 4f 30 fd f0 63 d8 d7 0e e1 66 66 30 a2 71 ed 8d b4 fe e7 df a1 f5 23 77 13 89 22 93 cd 61 24 c0 68 85 d2 ea ea ae ff 8e 04 22 8200 4a a5 03 08 f3 83 20 f3 5f 57 71 6a c1 8b 50 99 9e 62 e4 f7 bf 42 e9 7f 7e 13 5d aa a0 50 88 52 88 86 67 76 b4 b1 e7 53 db 90 7c c4 ba c2 00 bf 71 fb bf a4 35 df 8a d6 1a 75 75 3c 08 16 66 44 7f 8a 01 42 c0 2b 44 09 5a a7 43 9f 38 47 cd 7a aa b1 10 5b c1 0b 80 27 0a 35 f9 c8 90 09 0d 46 6b 50 02 5e de 02 ed 27 9b 17 c1 26 31 13 7f f1 6d 4a 7f fe 2d 28 57 41 67 50 78 3c 09 2f af ca f0 e7 b7 6a 4e 4c fe 90 68 c2 b0 69 f3 43 e4 a2 1c 4a a9 bf e7 15 7e b2 2d 7e 20 de a1 bc e0 f1 4c cd 3a 46 a6 62 4e 4d 56 18 2f 3b a6 e7 1c b5 38 c1 39 87 77 9e 50 2b 1a 42 e8 6c 0c 59 de 99 67 79 67 9e f6 e6 2c 51 a0 eb 1f f5 ef 1e 32 11 cf e4 a3 8f 31 f1 95 af 41 a9 82 d2 06 2f 1e af 1c 27 fb 22 be 7e 77 23 23 2d 9a 8c 04 7c 72 cd 3d 7c 61 eb a7 c9 47 b9 f4 cd d7 80 c8 a2 75 59 22 82 52 60 9d 67 ac 54 63 68 74 8e e1 b1 2a 93 e5 98 9a 17 04 85 88 c6 39 8f 73 0e e7 3d 89 75 c4 71 8c 38 21 12 a1 25 ab 59 b7 a4 c0 b6 d5 6d 2c ed 6a 26 d4 86 ba b3 fb d1 eb d5 8f f1 a7 ff 86 73 5f fc 1d fc 91 53 f8 ba ff 09 c4 71 b2 d7 f0 c7 0f 34 f1 d2 60 08 d6 71 4f ff ad fc a7 0f fe 6b 06 db 96 a3 2f bb ce 77 2d 10 41 bc a5 94 58 0e 9d 2b 73 f0 5c 8d c9 b9 18 94 a9 fb f2 d4 b5 78 97 fa 7b e7 1c ce 79 62 9b 1e 92 58 ac f5 d8 c4 a3 92 98 b6 bc e1 b6 1b da d9 b1 be 9b e6 86 90 74 b6 68 e6 a3 8d 08 58 84 e9 17 9e e7 dc 6f fe 3b dc 81 a3 04 28 62 e5 31 a2 18 e9 10 fe e4 a3 05 76 bd 27 42 c4 71 67 cf 56 fe e3 07 7e 8b 0d 5d eb 40 5f 71 55 d7 02 ca a2 04 22 c0 58 a9 c2 9e 93 33 1c b9 14 e3 50 84 ca 13 e8 34 16 08 1a 27 e0 9d 47 bc c7 3a 87 75 8e 9a 4d 63 8a 4b 2c d6 5a ac 75 f8 d8 61 63 0b e2 b9 71 69 86 8f de b6 82 25 5d cd f5 01 d4 a0 14 5e 3c 93 bb bf cf b9 2f 7d 19 f7 ca eb 68 34 1e d0 e2 38 dd a3 f8 ea 7d 8d 3c bf 26 c4 7b cb 6d 5d 37 f2 07 ef ff 2d 36 f7 6d 40 2b f5 23 10 ae 16 ca a2 02 22 22 08 8e 0b 33 09 3b 8f 4e 71 7e da 12 28 c1 44 01 46 69 f4 fc 1d 8d c6 0b 75 57 e5 70 d6 93 38 4f d5 0a 71 7d 66 58 6b 49 12 8b 4d 2c 3e 4e 8f 5a 2d 66 4d 77 c4 83 77 af 66 45 7f 13 48 06 85 a3 f8 dc 4e ce fe 9b 7f 8f 7b ed 18 9a 00 af 05 c4 f3 7a bf e1 4f 3f 9c e7 a5 95 11 4e 1c db db 37 f0 1f ee f8 22 37 f7 6d ae 67 78 fa 47 07 f4 dd 04 c4 e3 18 9f a9 f2 e4 d1 49 ce 4d 39 32 46 13 04 0a 63 0c a1 31 28 35 0f 44 e1 bd 5c 9e 19 ce aa 7a e6 e5 a8 25 9e 24 11 6c e2 48 ac c5 c6 16 17 27 48 e2 49 92 84 5a ad ca aa ae 1c 0f 7d 64 2d fd 6d 4d 14 1f fd 7f 8c fe de 1f 12 1f 3f 83 16 85 27 cd e6 0e ae 0c f8 ea 3f 28 Data Ascii: PNGIHDRd>$IDATxy}?cg8AI@I)JH6r-Rqv)+qIK+r%+d3d7M@$(IX`fwfwf{I%@%_mtO}JDRx_b{O0cff0q#w"a$h"J _WqjPbB~]PRgvS|q5uu<fDB+DZC8Gz['5FkP^'&1mJ-(WAgPx</jNLhiCJ~-~ L:FbNMV/;89wP+BlYgyg,Q21A/'"~w##-|r=|aGuY"R`gTcht*9s=uq8!%Ym,j&s_Sq4`qOk/w-AX+s\x{ybXthXo;(b1v'BqgV~]@_qU"X3P4'G:uMcK,Zuacqi%]^</}h48}<&{m]7-6m@+#""3;Nq~(DFiuWp8Oq}fXkIM,>NZ-fMwwfEHN{zO?N7"7mgxGIM92Fc1(5D\z%$lH'HIZ}d-mM?'?(
Aug 20, 2020 21:55:39.065587044 CEST
11373 OUT GET /extension/cofaweb/design/cofaweb/images/icons/more_green_generic.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 55 of 111
Aug 20, 2020 21:55:39.098916054 CEST
11456 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:32 GMTETag: "49a393-4a2-595692c5dc200"Accept-Ranges: bytesContent-Length: 1186Vary: Accept-EncodingKeep-Alive: timeout=5, max=495Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 0f 00 00 00 0f 08 06 00 00 00 3b d6 95 4a 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 b2 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 30 2d 63 30 36 30 20 36 31 2e 31 33 34 37 37 37 2c 20 32 30 31 30 2f 30 32 2f 31 32 2d 31 37 3a 33 32 3a 30 30 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 52 69 67 68 74 73 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 72 69 67 68 74 73 2f 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 6d 6d 2f 22 20 78 6d 6c 6e 73 3a 73 74 52 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 52 65 66 23 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 70 52 69 67 68 74 73 3a 4d 61 72 6b 65 64 3d 22 46 61 6c 73 65 22 20 78 6d 70 4d 4d 3a 4f 72 69 67 69 6e 61 6c 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 43 38 44 36 45 30 42 37 30 38 32 30 36 38 31 31 42 38 34 30 46 44 38 45 39 39 30 46 39 30 39 46 22 20 78 6d 70 4d 4d 3a 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 33 39 46 41 32 42 44 34 31 32 31 38 31 31 45 32 41 42 37 34 46 45 42 44 46 42 33 46 42 36 46 33 22 20 78 6d 70 4d 4d 3a 49 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 33 39 46 41 32 42 44 33 31 32 31 38 31 31 45 32 41 42 37 34 46 45 42 44 46 42 33 46 42 36 46 33 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 53 35 20 4d 61 63 69 6e 74 6f 73 68 22 3e 20 3c 78 6d 70 4d 4d 3a 44 65 72 69 76 65 64 46 72 6f 6d 20 73 74 52 65 66 3a 69 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 30 35 38 30 31 31 37 34 30 37 32 30 36 38 31 31 39 39 46 34 45 41 42 37 41 42 31 37 46 44 35 35 22 20 73 74 52 65 66 3a 64 6f 63 75 6d 65 6e 74 49 44 3d 22 75 75 69 64 3a 32 42 43 39 44 32 35 45 36 46 45 46 45 31 31 31 41 32 37 45 42 30 31 41 34 43 43 36 31 32 38 32 22 2f 3e 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 20 3c 2f 72 64 66 3a 52 44 46 3e 20 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 20 3c 3f 78 70 61 63 6b 65 74 20 65 6e 64 3d 22 72 22 3f 3e 00 3e a1 cf 00 00 00 86 49 44 41 54 78 da Data Ascii: PNGIHDR;JtEXtSoftwareAdobe ImageReadyqe<iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:C8D6E0B708206811B840FD8E990F909F" xmpMM:DocumentID="xmp.did:39FA2BD4121811E2AB74FEBDFB3FB6F3" xmpMM:InstanceID="xmp.iid:39FA2BD3121811E2AB74FEBDFB3FB6F3" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:058011740720681199F4EAB7AB17FD55" stRef:documentID="uuid:2BC9D25E6FEFE111A27EB01A4CC61282"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>>IDATx
Aug 20, 2020 21:55:39.120351076 CEST
11518 OUT GET /extension/cofaweb/design/cofaweb/images/bg/triangle_mask_dp_white.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 56 of 111
Aug 20, 2020 21:55:39.153553009 CEST
11551 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:37 GMTETag: "49a2c8-cd7-595692caa0d40"Accept-Ranges: bytesContent-Length: 3287Vary: Accept-EncodingKeep-Alive: timeout=5, max=494Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 d2 00 00 01 d2 08 06 00 00 00 99 ee 95 f6 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 00 20 63 48 52 4d 00 00 7a 25 00 00 80 83 00 00 f9 ff 00 00 80 e9 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 6f 92 5f c5 46 00 00 0c 5d 49 44 41 54 78 da ec dd 7f 87 64 67 1a c7 e1 3b 5b 6b 68 9a 26 34 43 18 96 21 34 43 13 42 13 9a 65 69 9a b0 34 4d 68 9a 50 0c 45 d1 34 f3 32 f6 55 85 10 86 61 58 c2 b2 e4 7d 64 ff 38 15 d9 c9 ce cc d6 9c ef 53 55 e7 c7 75 91 3f 36 c9 cc 74 9f ec ed 73 ba aa ce fd 7c f6 eb af bf 16 d0 db b3 aa fa c7 9f 5c 07 88 3c 56 d5 8b cf 14 09 7a 3b a9 aa 5f aa ea e8 cf ae 05 f4 b6 ac aa e3 aa 2a 45 82 7e 16 55 f5 af cd cf 48 e5 67 24 e8 e7 bb df 86 48 91 a0 bf d7 55 75 fe db ff 50 24 f8 74 97 ff 3d 44 06 09 fa 79 f8 e3 df 70 6b 07 9f e6 ac aa de 54 f7 62 83 22 41 4f eb 3f 0e 91 22 c1 a7 39 ad aa 7f 57 d5 d1 1f ff 81 22 c1 f6 96 ef 1b 22 45 82 ed 3d d9 d4 e8 e9 fb fe a1 22 c1 76 ee 3f 34 44 8a 04 db 7b 5b dd 2b 76 a5 48 d0 cf d5 c7 86 c8 20 c1 76 d6 ff ef 5f 70 6b 07 1f 77 5e dd e7 ea 4a 91 a0 bf 87 6d fe 25 45 82 0f 7b 5a dd 4b de 4f 14 09 fa 5b 6d 33 44 8a 04 1f 76 5c dd 13 b0 a7 db fc cb 8a 04 ef 77 bf ed 10 29 12 bc df a2 aa fe 59 55 cf b7 fd 05 8a 04 ff eb fa 53 86 c8 20 c1 fb 3d 7c ea 2f 70 6b 07 ef ba a8 aa 1f 3e f5 17 29 12 bc 6b dd e7 17 29 12 fc ee 59 75 2f 79 2f 14 09 fa 5b f5 19 22 45 82 df 9d 54 f7 71 a0 93 3e bf 58 91 a0 b3 ec 3b 44 8a 04 9d 77 16 e2 2b 12 f4 73 93 0c 91 22 41 e7 c7 aa fa 3a f9 0d 14 89 b9 bb 4c 87 c8 20 41 8f 8f 03 b9 b5 83 77 3d afee 53 de 8b f4 37 52 24 e6 6c dd 62 88 14 89 39 3b ad ee 25 ef e3 16 bf 99 22 31 57 cb 56 43 a4 48 cc d5 47 17 e2 2b 12 6c e7 b6 e5 10 29 12 73 f5 a6 aa 5e b4 fc 0d 15 89 b9 b9 6a 3d 44 06 89 39 5a ef e2 37 75 6b c7 9c 9c 55 77 ce 51 73 8a 84 1a 29 12 6c 6d eb 85 f8 8a 04 1f b6 da d5 10 29 12 73 71 b4 a9 d1 e9 ae fe 00 45 62 0e ee 76 39 44 8a c4 1c 2c aa 7b a5 ee cb 5d fe 21 8a c4 d4 5d ef 7a 88 0c 12 73 f0 b0 8f 3f c4 ad 1d 53 76 5e 5b 9c 48 ae 48 f0 71 8f fb fa 83 14 89 a9 ea bd 10 5f 91 e0 77 ab 7d 0d 91 22 31 55 c7 55 f5 4b 05 bb bc 15 09 ba 13 c9 4f f6 f9 07 2a 12 53 13 2f c4 57 24 68 b0 10 df 20 c1 0e 9f 39 32 48 cc c5 c5 e6 2f 83 04 81 c7 43 fd c1 5e 6c 60 2a 9a 2d c4 57 24 e6 fe b3 d1 e2 50 7f b8 22 31 05 27 d5bd 01 7b 7c a8 2f 40 91 98 82 e5 21 87 48 91 98 82 e6 0b f1 15 89 39 ba 3d f4 10 29 12 53 f0 ba ba 07 f8 0e 4a 91 18 b3 cb 21 0c 91 41 62 ec 5e 0d e5 0b 71 6b c7 58 ed 6c 21 be 22 31 27 eb 21 7d 31 8a c4 18 9d 56 f7 92 f7 91 22 41 7f 2f 87 34 44 8a c4 18 ed 7c 21 be 22 31 07 77 43 1b 22 45 62 8c de 56 f7 8a dd a0 28 12 63 72 35 c4 21 32 48 8c cd ab a1 7e 61 6e ed 18 8b f3 da d3 42 7c 45 62 ca 1e 86 fc c5 29 12 63 b0 d3 13 c9 15 89 b9 58 0f 79 88 14 89 31 d8 fb 42 7c 45 62 8a ee 87 3e 44 8a c4 d0 2d aa db 55 f7 7c e8 5f a8 22 31 64 df 8e 61 88 0c 12 43 f7 38 96 2f d4 20 31 54 07 5b 88 6f 90 98 92 f5 98 be 58 2f 36 30 44 7b 3d 91 5c 91 98 aa 87 31 0d 91 22 31 44 07 5f 88 af 48 4c c1 72 6c 43 a4 48 0c cd 41 4e 24 57 24 a6 e6 76 8c 43 a4 48 0c cd 20 16 e2 2b 12 63 76 39 d6 21 32 48 0c c9 c3 98 bf 78 Data Ascii: PNGIHDRpHYs cHRMz%u0`:o_F]IDATxdg;[kh&4C!4CBei4MhPE42UaX}d8SUu?6ts|\<Vz;_*E~UHg$HUuP$t=DypkTb"AO?"9W""E="v?4D{[+vH v_pkw^Jm%E{ZKO[m3Dv\w)YUS =|/pk>)k)Yu/y/["ETq>X;Dw+s"A:L Aw=S7R$lb9;%"1WVCHG+l)s^j=D9Z7ukUwQs)lm)sqEbv9D,{]!]zs?Sv^[HHq_w}"1UUKO*S/W$h 92H/C^l`*-W$P"1'{|/@!H9=)SJ!Ab^qkXl!"1'!}1V"A/4D|!"1wC"EbV(cr5!2H~anB|Eb)cXy1B|Eb>D-U|_"1daC8/ 1T[oX/60D{=\1"1D_HLrlCHAN$W$vCH +cv9!2Hx
Aug 20, 2020 21:55:39.189379930 CEST
11573 OUT GET /var/cofaweb/storage/images/media/images/blu_en_savoir-plus/2789780-1-fre-FR/Blu_en_savoir-plus_tiny.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
Aug 20, 2020 21:55:39.224735975 CEST
11635 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Wed, 22 Jan 2020 22:14:19 GMTETag: "45a292-53-59cc1d88884c0"Accept-Ranges: bytesContent-Length: 83Vary: Accept-EncodingKeep-Alive: timeout=5, max=493Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 1e 00 00 00 05 01 03 00 00 00 68 ef ce b9 00 00 00 03 50 4c 54 45 03 36 5f d7 f4 5e 93 00 00 00 0b 49 44 41 54 08 d7 63 60 c0 01 00 00 19 00 01 bd 93 b2 aa 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDRhPLTE6_^IDATc`IENDB`
Aug 20, 2020 21:55:39.262717009 CEST
11733 OUT GET /var/cofaweb/storage/images/ara-ma/home/home-slide-block/coface-for-trade-ensamble-developpons-le-commerce-mondial/422845-16-fre-FR/Coface-for-Trade_slider_large.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 57 of 111
Aug 20, 2020 21:55:39.301018000 CEST
11749 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Thu, 17 May 2018 07:15:03 GMTETag: "5e22b-314bd-56c619819abc0"Accept-Ranges: bytesContent-Length: 201917Vary: Accept-EncodingKeep-Alive: timeout=5, max=492Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 06 d2 00 00 01 45 08 03 00 00 00 46 e6 89 7c 00 00 03 00 50 4c 54 45 00 00 00 11 38 62 4b 63 82 e0 db dd e7 e6 e8 9b a0 b0 fd fd f8 fd fc f4 fe fe fc fe fb ef fc f7 eb 09 1a 31 29 46 6f 86 99 ad 0b 16 27 fe f6 e3 2e 4f 7d fb f8 f0 0e 21 3a 1a 39 60 1e 3d 66 f8 f8 f5 2b 4b 75 e9 dd d9 81 94 a8 23 42 6c 0d 27 46 fe 2a 32 f9 f3 e8 88 98 a4 3b 59 84 f3 ef ea f7 f4 ef 5d 80 a7 f7 ee e4 ff 32 38 fe 20 2a ef eb e6 ea d7 d3 87 3b 53 f5 ea df 72 7c 90 ef e6 e0 fe 3a 3f 65 1e 35 52 81 ac e2 cb ca 12 2d 4e 6e 1e 37 17 34 58 38 54 7e 7d 23 3d ff 5e 5e ee e1 db 40 60 89 a6 b6 ca 75 1f 3a 5c 1e 33 87 2b 46 e9 e2 df 44 6e 9c 78 84 96 fe fb e7 62 88 ae e9 ee ed 3f 68 97 7a 90 a4 ff 57 58 e9 d1 cd ff 42 46 e4 da d7 74 95 b3 85 25 40 e7 c6 be f4 e4 d9 f0 dc d5 50 70 94 e1 d3 d1 ff 50 52 82 8d 9d 7a 9a b8 58 79 a1 fc ef dd ff 4a 4c 4d 7b a7 f0 f3 f2 fc 14 21 36 4f 75 06 0e 1c 34 38 44 75 8a 9f 87 34 4c 4c 61 86 46 69 90 37 49 6c 52 1d 32 dd c3 c4 31 56 83 9a b3 ca 6b 76 8b 49 74 a2 67 8f b4 4f 68 8d 58 86 b2 58 74 97 fa e2 ce ed cf c3 6b 83 9c fc e9 d5 fa d6 be b7 c5 cc d8 ce cd 3b 62 91 ad bd c5 be cb da a0 af c0 87 8a 91 d9 e2 e1 2c 42 63 ff 66 65 1f 34 4f 51 54 62 62 7c 95 46 40 4d 27 3c 58 f1 0c 1a f2 d9 ca 46 5b 7b f8 ca b8 46 1c 32 e1 e9 e7 ae bd d0 d3 07 0f 87 81 80 d7 bb bd e9 b6 ad 70 89 ab f8 c0 ac eb c2 b3 f7 b5 9f e2 08 14 87 43 5a 59 69 8b 8e ae c5 e6 ac a1 d1 da d8 d7 ad 9d 10 04 04 af a6 9b da b5 ab 31 30 34 b2 b1 a7 45 49 5a 23 23 2e a6 b6 bd d2 cb c4 c6 d0 ce fb df c5 c0 08 0b 9b ad b4 e0 9e 93 58 5c 6e 35 49 5e f2 25 27 dc 91 82 1b 2b 42 3b 42 48 85 9d b7 22 0d 08 8f 4c 33 63 6b 7d 52 64 7c a1 9c 95 53 48 46 92 a1 af 5e 51 53 97 5c 40 c8 d3 db c0 5e 44 dc c4 b3 82 a5 c1 9d 91 81 f8 d2 ad 38 1d 31 da 81 5c 86 3f 27 60 5f 5d b9 bb b4 cc a5 8e 42 56 6d c2 c5 be e3 a1 7d 7b 34 1c 75 66 69 9b a5 bc ab 09 07 2a 20 1e e2 93 69 65 67 69 59 75 8a a3 69 4f 98 83 71 d1 86 75 fe 71 6f ca b8 af eb 89 4f f8 bd 8b 78 6e 78 c3 ac a1 8a 64 57 76 77 83 e6 b2 90 cb 95 98 70 5a 5c f9 c9 9d 82 74 6b f2 ac 7e 49 3b 36 b2 9d 89 8d a4 bd eb bf 9f de 6e 36 b0 51 37 f2 a4 91 80 5c 47 95 73 60 61 40 2c 4d 2d 1c cf 70 52 3b 15 08 c2 86 89 f1 9f 65 e3 20 1f b1 8b 74 c3 85 68 c5 98 7e 93 07 04 aa 7c 60 b2 6e 73 8a 98 92 7f 90 b0 7b 49 33 6d 51 40 f7 b5 76 fe 7f 7e 69 28 13 77 07 03 fc f8 cb cb 1f 1c ac 88 8a bd 72 59 9f 40 22 72 2e 3c 57 13 07 fe f1 a4 fe dd 60 c1 17 b7 5f 00 00 00 06 74 52 4e 53 00 55 a6 4f 9c 92 4e 66 fc 70 00 03 11 66 49 44 41 54 78 da ec 9d 7b 6c 53 e7 19 c6 2b 6d f2 71 bc ad ec 6c f3 bc 4d ee 6c 2c 39 f2 2c 2d d3 26 79 fd c3 6b c9 a6 28 91 ed 45 a3 51 11 63 da 10 e3 b2 d5 21 97 01 0d 2a 0c 99 28 28 81 24 d2 20 c1 49 80 24 82 22 0a b4 38 40 6b 9c 65 49 48 c6 44 00 a3 24 24 63 e4 46 d2 5c db 28 a0 2c 23 a8 9a 00 ad db f3 be e7 b3 bf 24 86 b1 fe 33 fe e1 39 c7 e7 ea 1b 25 cd af cf fb 3e df d7 17 9e eb 19 ab e0 bb 9a 7e 8b 87 38 f8 2d b4 09 0f 21 ba 23 f5 fa eb 0b cf e4 6d ec 5e 17 87 38 c2 1a d3 c6 8d 1b 7f 44 fa 31 e9 77 ac 1f ff ee d7 5f fe fa 37 bf f6 d5 ef 7f ff 7b a4 b7 76 7d 71 f5 0f 7e 75 3b ef fd 82 Data Ascii: PNGIHDREF|PLTE8bKc1)Fo'.O}!:9`=f+Ku#Bl'F*2;Y]28 *;Sr|:?e5R-Nn74X8T~}#=^^@`u:\3+FDnxb?hzWXBFt%@PpPRzXyJLM{!6Ou48Du4LLaFi7IlR21VkvItgOhXXtk;b,Bcfe4OQTbb|F@M'<XF[{F2pCZYi104EIZ##.X\n5I^%'+B;BH"L3ck}Rd|SHF^QS\@^D81\?'`_]BVm}{4ufi* iegiYuiOquqoOxnxdWvwpZ\tk~I;6n6Q7\Gs`a@,M-pR;e th~|`ns{I3mQ@v~i(wrY@"r.<W`_tRNSUONfpfIDATx{lS+mqlMl,9,-&yk(EQc!*(($ I$"8@keIHD$$cF\(,#$39%>~8-!#m^8D1w_7{v}q~u;
Aug 20, 2020 21:55:42.538461924 CEST
12162 OUT GET /favicon.ico HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 58 of 111
Aug 20, 2020 21:55:42.571336985 CEST
12163 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:42 GMTServer: ApacheLast-Modified: Wed, 20 Mar 2013 13:00:05 GMTETag: "860c8-10be-4d85acd029f40"Accept-Ranges: bytesContent-Length: 4286Vary: Accept-EncodingKeep-Alive: timeout=5, max=491Connection: Keep-AliveContent-Type: image/vnd.microsoft.iconData Raw: 00 00 01 00 01 00 20 20 00 00 01 00 20 00 a8 10 00 00 16 00 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 13 0b 00 00 13 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8c 72 5e 1f 87 69 50 60 74 50 30 82 6f 4a 29 92 6d 48 26 94 70 4b 29 88 97 7f 6b 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: ( @ r^iP`tP0oJ)mH&pK)kT
Aug 20, 2020 21:55:44.426623106 CEST
12168 OUT GET /extension/cofaweb/design/cofaweb/javascript/tac/css/tarteaucitron.css?v=20181023 HTTP/1.1Accept: text/css, */*Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 59 of 111
Aug 20, 2020 21:55:44.460854053 CEST
12170 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:44 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 14:47:49 GMTETag: "49a3b6-4d8d-5956cc47baf40"Accept-Ranges: bytesContent-Length: 5631Vary: Accept-EncodingKeep-Alive: timeout=5, max=490Connection: Keep-AliveContent-Type: text/cssContent-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 04 03 d2 cb cd 4f 49 cc d1 cd 2f 48 cd 53 a8 e6 52 00 82 fc b2 d4 a2 b4 9c fc 72 2b 85 8c cc 94 94 d4 3c 6b b0 68 46 6a 66 7a 46 89 95 82 a1 81 81 aa 35 57 2d 17 97 72 72 7e 5e 49 6a 5e 49 78 51 62 41 41 6a 11 54 73 4a 66 71 41 4e 62 a5 95 42 69 5e 71 6a 09 58 a1 be 96 96 16 97 96 42 50 2a 50 40 c1 39 38 98 4b 4b 9f 4b b9 24 b1 a8 24 35 b1 34 39 b3 a4 28 3f 2f 28 3f bf 04 a8 b3 4c 47 01 8b 78 71 41 62 1e 56 09 a0 b5 39 a9 25 58 a5 f2 93 b2 52 93 b1 4b 65 a6 15 25 e6 a6 62 95 ca 30 c4 2e 6c 84 5d d8 18 bb b0 09 76 61 53 ec c2 66 58 85 0b b0 8a 26 e5 e4 27 67 17 96 e6 97 a0 3b 1f 22 5d 50 84 5d 3c 11 bb 68 52 52 11 76 89 64 20 ab 32 17 bb 5c 4a 4a 51 6a 71 31 56 b9 a4 cc 74 ac e2 40 26 ba bb a0 12 f9 29 d8 25 52 52 73 b0 8b a7 a1 27 04 88 78 2a ba 63 21 c2 99 b9 e8 0e 82 8a e7 a1 7b 00 22 9e 9d 94 82 55 bc 10 ab 28 ba 19 50 d1 c4 5c f4 b8 83 4a e4 26 e6 a0 fb 0a 2a 53 52 94 99 8d 1e 10 70 a9 fc 3c 74 4f 40 a5 4a 93 70 88 a3 db 0f 11 2f 41 cf 0d 10 e1 b2 44 f4 44 00 11 47 37 1c 22 5a 8a 55 34 13 ab 68 32 b0 68 48 45 37 1c 22 95 82 1e 10 50 61 74 27 42 85 d1 63 05 22 9c 8f 6e 08 44 b8 14 bb 70 0e ba 23 21 c2 69 99 a9 39 29 c5 e8 85 08 4c 32 bf 08 3d 61 41 24 72 12 93 d0 53 28 4c 26 35 3d 35 0f dd bd 10 a9 92 c4 a4 1c f4 58 86 c8 24 27 16 94 64 e6 a3 27 6d 88 5c 49 52 7e 4a 25 76 99 34 20 89 5d 26 23 35 11 dd 0d 50 19 f4 f8 80 0a 67 60 17 46 37 04 22 0c 14 c8 4c 46 f7 0a 4c ae 38 13 3d 4f 43 65 92 13 f3 ca 12 d1 f3 0c 44 2a 25 b5 24 31 33 07 bb 5c 6a 6e 52 2a ba 33 20 32 69 99 e9 a5 e8 05 1e 42 0a 3d 4c 51 a4 81 04 7a ca 84 4a 81 42 0e 97 54 7a 51 3e 7a de 82 4a e5 a6 e6 a1 e7 0c 88 44 5e 22 7a 95 06 11 cf 2f 2d 29 28 45 8f 3c 88 54 51 69 12 7a 7c 43 24 8a 81 15 1a ba 8f e0 72 a5 b9 b9 89 45 e8 fa 20 72 25 99 e8 b5 1d 54 02 a8 23 1b ab 44 62 69 4a 66 3e 56 99 32 60 ec e6 43 2b 7a a0 f6 f4 cc 3c 2b 05 03 48 f3 a0 00 58 35 64 e6 a5 c3 f9 49 f9 45 c0 90 84 73 d3 80 6d 05 dd e2 cc aa 54 58 03 02 26 68 05 2c 8e 33 52 8b 32 4b 20 42 c0 a6 07 30 75 01 db 23 89 39 99 e9 40 d3 93 12 8b 53 73 32 f3 52 21 b2 fa 5a 49 89 c9 d9 a0 88 c8 4b 01 69 cc 2c c9 4c cc b1 06 36 27 40 92 25 a9 15 25 30 6d 30 29 84 44 71 46 62 4a 7e 39 92 0c b8 61 a2 e0 11 e2 eb 63 aa 00 6d b4 e8 16 e5 e7 a4 2a 14 81 db 29 c0 cc 0f 2c 62 80 5e 50 48 2a ca 2f 2f 4e 2d 2a 56 d0 42 6f b6 80 c3 24 11 e4 60 f4 ec 00 93 43 cf 0e 70 99 14 f4 34 8f 24 87 9e 7c d1 a5 d1 13 3e 92 54 3e 7a ca 86 4b a1 a7 6c 64 29 50 80 a2 a7 6c 88 14 7a ca 86 4b a0 a7 6c 98 38 34 95 42 d3 08 34 5c ad 20 2d 17 70 98 63 d1 83 5e 92 43 85 4b 73 a0 a6 e4 64 16 03 e3 af a4 32 07 98 78 f2 f2 41 69 01 dd 1c 88 06 b0 25 e8 cd 23 84 74 21 d4 38 b0 8a 62 74 a3 50 d5 22 8c b2 4a 4a 05 26 05 74 13 d1 55 59 25 a6 a1 07 3c 4c 51 21 ba 09 a8 92 60 8d 50 97 41 1b d4 56 0a ea ea d6 a8 02 e8 6e 45 36 03 5c b1 40 4d 80 e4 3a dd e4 fc 9c 9c c4 82 62 60 78 c1 58 d6 c8 d2 c0 16 75 32 2c af 62 37 33 d1 2a 2d 3f b9 14 3d 79 42 e4 92 4a 4b 4a f2 f3 20 0a a0 d6 ea 6b 01 4b 34 50 36 b5 52 30 2a a8 50 28 ce cf c9 4c 51 50 4e 4e 32 06 02 50 f6 ac 05 e5 35 60 27 40 Data Ascii: OI/HSRr+<khFjfzF5W-rr~^Ij^IxQbAAjTsJfqANbBi^qjXBP*P@98KKK$$549(?/(?LGxqAbV9%XRKe%b0.l]vaSfX&'g;"]P]<hRRvd 2\JJQjq1Vt@&)%RRs'x*c!{"U(P\J&*SRp<tO@Jp/ADDG7"ZU4h2hHE7"Pat'Bc"nDp#!i9)L2=aA$rS(L&5=5X$'d'm\IR~J%v4 ]Pg`F7"LFL8=OCeD*%$13\jnR*3 2iB=LQzJBTzQ>zJD^"z/-)(E<TQiz|C$rE r%T#DbiJf>V2`C+z<+HX5dIEsmTX&h,3R2K B0u#9@Ss2R!ZIKi,L6'@%%0m0)DqFbJ~9acm*),b^PH*//N-*VBo$`Cp4$|>T>zKld)PlzKl84B4\ -pc^CKsd2xAi%#t!8btP"JJ&tUY%<LQ!`PAVnE6\@M:b`xXu2,b73*-?=yBJKJ kK4P6R0*P(LQPNN2P5`'@
TimestampkBytestransferred Direction Data
Session ID Source IP Source Port Destination IP Destination Port Process
2 192.168.2.4 49779 193.56.140.134 80 C:\Program Files (x86)\Internet Explorer\iexplore.exe
TimestampkBytestransferred Direction Data
Aug 20, 2020 21:55:37.218899965 CEST
9245 OUT GET /var/cofaweb/cache/public/stylesheets/f93613c9db577eef98bf758bb52145be_all.css HTTP/1.1Accept: text/css, */*Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
Copyright null 2020 Page 60 of 111
Aug 20, 2020 21:55:37.258028984 CEST
9256 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:37 GMTServer: ApacheLast-Modified: Sun, 16 Aug 2020 00:00:05 GMTETag: "23c0cf29-337d9-5acf3561f60f9"Accept-Ranges: bytesVary: Accept-EncodingKeep-Alive: timeout=5, max=500Connection: Keep-AliveContent-Type: text/cssContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 33 38 31 0d 0a 1f 8b 08 00 00 00 00 00 04 03 e2 72 c8 4d 4d c9 4c 54 28 4e 2e 4a 4d cd 53 48 cc 4b 51 d0 c8 4d ac d0 2d cf 4c 29 c9 b0 32 34 30 32 29 a8 d0 54 a8 56 ce 4d cc cc 8b 2f 2f 4a 2c 28 48 2d aa 46 96 ac 45 91 52 50 2e ce c9 4c 49 2d d2 cd 48 4d 4c a9 ce 4d 2c 4a cf cc b3 32 50 00 41 5d 23 0b 8b 82 0a 6b 64 bd d6 69 39 f9 89 25 56 45 99 e9 19 25 78 cc 51 48 c9 2c d3 03 f3 61 d2 a8 2e a8 c5 e6 87 cc 3c 74 3f a0 58 80 62 82 35 dc a1 89 a5 25 f9 e8 2e 01 db 0c 71 09 3e 1f 99 19 18 14 a0 87 06 b2 5e 74 5f a0 b9 81 90 2f c0 c6 a3 fb a2 1a 59 12 dd 17 c8 0a 51 5c 02 f7 05 ba d3 71 69 40 77 3a 9a c5 b5 b5 49 f9 29 95 3a 40 45 3a 29 39 3a 29 25 3a 29 29 3a a5 39 3a f9 39 3a 39 99 3a 19 86 3a 19 46 3a 19 c6 3a 19 26 3a 19 a6 3a 19 66 3a 05 45 a9 3a 69 f9 45 b9 3a 69 99 a9 39 29 c5 a9 25 3a 99 79 05 a5 25 3a 25 a9 15 25 89 45 a9 89 3a 05 3a 49 39 f9 c9 d9 85 a5 f9 25 a9 3a 25 19 3a 25 29 0a 08 27 17 24 a6 a4 64 e6 a5 5b 19 80 2d 55 a8 4e 4a 4c ce 4e 2f ca 2f cd 4b b1 52 76 73 73 b3 4e cb cf 2b d1 2d ce ac 4a b5 32 34 02 86 09 98 9b 96 98 9b 99 53 69 e5 58 94 99 98 a3 13 96 5a 94 92 98 97 a8 53 9c 98 57 ac 5b 9c 5a 94 99 56 5b 92 98 94 93 0a 34 2a bf 08 e4 e3 e4 fc 9c 9c c4 82 e2 54 2b 18 c3 1a 2a 51 5c 90 98 0c b1 1a e1 f2 dc 74 98 3e a0 30 6a 08 02 1d 5a 94 5a 5c ac 83 2a 9a 9c 58 50 92 99 9f 87 2e 9a 09 f4 2a 9a 50 7e 0a ba 50 4a 1a ba be d4 5c 34 81 e2 92 a2 fc bc 74 34 41 60 18 a2 0a 94 25 16 29 54 83 83 a6 b8 a4 32 27 d5 2a 0f 18 1d 89 39 90 c0 2a 4f 05 65 47 a8 50 2d 30 12 4b 73 14 aa 73 32 8b 11 6a f3 52 6b 61 be 28 c9 50 a8 06 c5 9b 6e 62 4e 66 7a 9e 55 4e 6a 5a 49 2d 7a 8c 9b c1 ac 02 47 8a 81 81 2a 36 7b 0a ad 92 52 81 89 22 55 a7 d0 2a 31 ad 04 e8 c4 ea 64 a0 a2 d4 bc 12 2b 75 f5 da c4 a4 a4 22 9d c4 64 a0 cf 2a 73 91 82 3b 11 92 70 14 aa f3 4b 4b 72 32 f3 20 4e b3 06 3b 27 25 35 39 bf 28 11 e4 44 b0 60 6d 22 c8 bc 9c fc 22 2b e5 34 f3 c4 64 03 03 ac aa ac 93 4b 8b 8a 81 6a 0a f2 33 81 56 17 d5 26 5a 65 e4 97 81 9c 82 4d 71 2d 30 ea 75 12 15 32 91 13 80 35 7a 2a 05 3a 12 14 7a 29 99 c5 05 39 89 95 56 e0 64 6d 8d 1e 96 60 4f e8 14 a7 e6 a4 26 97 c0 9d 69 6e 00 82 b5 7a 50 ad f1 60 ad 68 26 21 64 33 f3 40 fe 47 48 43 f8 08 79 90 3d 08 59 10 af 56 2f 39 27 15 94 0a c0 94 55 52 7e 49 86 35 a4 34 06 c9 5a c3 94 82 ed 81 15 13 a0 a8 03 99 0b 2c 13 c0 51 67 08 cc 5f 50 26 7a da af 46 d2 52 90 5f 9c 09 0e b6 a2 d4 1c 60 f8 95 a5 5a 83 42 15 68 59 b9 55 46 66 4a 4a 6a 5e ad 5e 69 49 66 4e 7c 55 3e c8 91 70 8d c0 82 05 1e 9e e0 12 0d dd a0 b2 d4 5a 60 91 a3 07 76 a2 42 a2 1e d0 0b 25 f9 b9 7a e9 e0 d2 13 a9 58 d0 85 86 a8 99 a1 93 a9 b9 33 b2 5f 20 12 e5 19 c0 bc a7 a0 98 99 5b 90 5f 54 92 98 57 02 8f 3b 60 d9 ae 00 4d 28 89 e0 d4 9d 9c 0a 4a 16 10 11 b4 d4 00 49 d2 90 14 0e d4 07 51 53 52 04 2c 62 80 89 3a d7 aa 14 14 28 c9 89 c5 68 01 5b 9b 61 04 8c 86 c4 e2 e2 cc 64 85 44 50 f9 a9 9c 01 0c 4d a0 5d 19 25 e0 22 b7 08 ce 4a 4a 07 53 e0 20 42 68 d2 41 30 d1 7d 0c f4 98 b2 81 b1 b1 99 a9 1b d4 9b ca 6e 6e 6e a8 b6 a3 bb 19 39 6a 8d 8c 81 02 b0 80 30 2f 80 7a Data Ascii: 4381rMMLT(N.JMSHKQM-L)2402)TVM//J,(H-FERP.LI-HMLM,J2PA]#kdi9%VE%xQH,a.<t?Xb5%.q>^t_/YQ\qi@w:I):@E:)9:)%:)):9:9:9::F::&::f:E:iE:i9)%:y%:%%E::I9%:%:%)'$d[-UNJLN//KRvssN+-J24SiXZSW[ZV[4*T+*Q\t>0jZZ\*XP.*P~PJ\4t4A`%)T2'*9*OeGP-0Kss2jRka(PnbNfzUNjZI-zG*6{R"U*1d+u"d*s;pKKr2 N;'%59(D`m""+4dKj3V&ZeMq-0u25z*:z)9Vdm`O&inzP`h&!d3@GHCy=YV/9'UR~I54Z,Qg_P&zFR_`ZBhYUFfJJj^^iIfN|U>pZ`vB%zX3_ [_TW;`M(JIQSR,b:(h[adDPM]%"JJS BhA0}nnn9j0/z
Aug 20, 2020 21:55:38.340110064 CEST
9562 OUT GET /extension/cofaweb/design/cofaweb/images/icons/more_yellow_generic.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 61 of 111
Aug 20, 2020 21:55:38.377033949 CEST
9574 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:29 GMTETag: "49a362-4cc-595692c2ffb40"Accept-Ranges: bytesContent-Length: 1228Vary: Accept-EncodingKeep-Alive: timeout=5, max=499Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 0f 00 00 00 0e 08 06 00 00 00 f0 8a 46 ef 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 b2 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 30 2d 63 30 36 30 20 36 31 2e 31 33 34 37 37 37 2c 20 32 30 31 30 2f 30 32 2f 31 32 2d 31 37 3a 33 32 3a 30 30 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 52 69 67 68 74 73 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 72 69 67 68 74 73 2f 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 6d 6d 2f 22 20 78 6d 6c 6e 73 3a 73 74 52 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 52 65 66 23 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 70 52 69 67 68 74 73 3a 4d 61 72 6b 65 64 3d 22 46 61 6c 73 65 22 20 78 6d 70 4d 4d 3a 4f 72 69 67 69 6e 61 6c 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 43 38 44 36 45 30 42 37 30 38 32 30 36 38 31 31 42 38 34 30 46 44 38 45 39 39 30 46 39 30 39 46 22 20 78 6d 70 4d 4d 3a 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 41 30 38 35 37 37 36 37 31 31 34 34 31 31 45 32 39 35 32 31 46 44 34 39 36 34 30 45 30 31 42 38 22 20 78 6d 70 4d 4d 3a 49 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 41 30 38 35 37 37 36 36 31 31 34 34 31 31 45 32 39 35 32 31 46 44 34 39 36 34 30 45 30 31 42 38 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 53 35 20 4d 61 63 69 6e 74 6f 73 68 22 3e 20 3c 78 6d 70 4d 4d 3a 44 65 72 69 76 65 64 46 72 6f 6d 20 73 74 52 65 66 3a 69 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 30 35 38 30 31 31 37 34 30 37 32 30 36 38 31 31 39 39 46 34 45 41 42 37 41 42 31 37 46 44 35 35 22 20 73 74 52 65 66 3a 64 6f 63 75 6d 65 6e 74 49 44 3d 22 75 75 69 64 3a 32 42 43 39 44 32 35 45 36 46 45 46 45 31 31 31 41 32 37 45 42 30 31 41 34 43 43 36 31 32 38 32 22 2f 3e 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 20 3c 2f 72 64 66 3a 52 44 46 3e 20 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 20 3c 3f 78 70 61 63 6b 65 74 20 65 6e 64 3d 22 72 22 3f 3e 8c f8 71 8f 00 00 00 b0 49 44 41 54 78 da Data Ascii: PNGIHDRFtEXtSoftwareAdobe ImageReadyqe<iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:C8D6E0B708206811B840FD8E990F909F" xmpMM:DocumentID="xmp.did:A0857767114411E29521FD49640E01B8" xmpMM:InstanceID="xmp.iid:A0857766114411E29521FD49640E01B8" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:058011740720681199F4EAB7AB17FD55" stRef:documentID="uuid:2BC9D25E6FEFE111A27EB01A4CC61282"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>qIDATx
Aug 20, 2020 21:55:38.392644882 CEST
9578 OUT GET /var/cofaweb/storage/images/ara-ma/home/home-slide-block/secure-my-sales/422809-10-fre-FR/Securiser-mes-ventes_slider_large.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 62 of 111
Aug 20, 2020 21:55:38.427957058 CEST
9649 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2013 16:22:24 GMTETag: "13a424-39229-4e942b06eb000"Accept-Ranges: bytesContent-Length: 234025Vary: Accept-EncodingKeep-Alive: timeout=5, max=498Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 06 d2 00 00 01 45 08 03 00 00 00 46 e6 89 7c 00 00 03 00 50 4c 54 45 af a7 9e b9 ab a1 00 00 00 ef 98 2c dd 8b 1a ea 87 01 b6 66 08 d2 77 05 f5 96 0a d8 a9 2d 1e 17 10 c0 90 16 c3 9e 2a d8 a7 15 c9 88 49 d0 b1 5d 6d 43 03 bc 99 89 eb e3 dd 39 14 02 56 44 39 e6 d5 ca 17 0b 04 fa f2 d0 c9 76 25 34 22 16 a9 54 21 eb a9 76 1f 0e 04 43 2f 21 c9 97 02 cb c9 ce d0 af 4b 26 13 06 d3 db e7 e2 c7 b9 6a 58 4d eb b9 19 fe e4 9b dc 8a 69 b2 88 6e 86 54 02 b4 92 7c c5 cd dc 9c 48 12 8b 3f 0a e2 94 76 98 6b 5d 39 1d 07 f8 c9 08 df e6 f0 e9 be 30 ef ba 4a c6 a8 9a d4 8e 54 f7 b4 3c d3 82 60 2e 17 08 f6 c9 1f c4 8c 71 d4 93 63 7f 6d 61 ad 7f 62 58 2f 14 af 73 56 f0 cb 7a db 99 67 bf 7f 61 9a 63 02 e7 a0 87 e0 ba a5 5a 2a 04 67 30 09 77 37 0c cf 79 55 b4 60 3c e2 a0 6a e9 ba 5c fc eb b0 4c 26 0a 93 7d 72 a9 9a 8f eb b0 96 c9 7d 38 fd df 89 d9 9f 74 84 41 1e 8f 5e 49 7f 4c 30 ec c1 6b f9 e6 d1 fd b9 30 f9 d7 6a a8 74 01 d6 81 34 44 20 05 fa da 7c 96 98 aa f8 d0 5a a2 a4 b3 c4 73 50 64 36 1d ac ae bb e8 ee f6 a8 69 4a fa aa 6d e1 b5 00 f5 cb 36 be b3 aa da aa 01 e2 a4 76 b3 6a 3f f2 bf 02 f3 ca b4 9e 61 42 fb ef bd bd 6c 47 d6 86 40 73 3c 1f 9d 91 88 b3 a5 9a 9a 52 2b bf c3 cf d2 af 93 f2 a6 6e 99 8a 80 f7 ca 49 8b 56 3a f7 dd c7 b9 7d 01 c3 99 80 97 58 38 eb b6 00 7b 45 28 ee c1 a7 f8 cb a7 8d 8d 9e df 8b 43 dc a6 7e f8 f1 e7 b4 b7 c2 e9 98 58 f5 ab 74 f4 ae 7a ed ba 98 bb bd c8 e6 9451 fa b5 7e ad 9f 94 e2 90 4a f6 b0 80 ed 9c 5d ff e2 c7 d9 a3 00 c4 8a 00 f7 bd 8e f9 b0 78 dd af 01 f3 a4 68 ce 98 70 dc b6 9a a7 5f 32 f8 c1 95 f0 a0 64 f8 d9 c2 c8 8e 00 e0 b1 00 e2 a9 7f a8 63 3a fa b7 84 ff df bf d5 9d 00 dc aa 85 f9 c7 9e f0 c0 a2 f1 c4 a6 cd 92 00 ff d7 b3 ef be 9e d2 9a 00 ff e1 c3 c0 84 00 ad 7d 00 e6 b3 8e 8a 4c 29 f2 c6 ab fd be 8d ff dc bc c2 b7 af c6 a0 8a fa c4 99 f9 ce ad d0 97 00 f9 d7 be a1 5b 32 d6 a0 00 ff da b9 ba 8f 00 fb bb 89 91 52 2f 89 51 31 b4 87 00 f9 d0 b2 fe e2 ca fb ca a3 b8 94 00 f8 d4 bb b0 82 00 fe d3 b8 f8 d2 b6 e4 ad 85 fa df ca bd 82 00 fe cb a2 c5 ba b2 ff d8 b6 ce 9e 78 fe d5 b3 fe c6 9a fe c9 9e cf a5 85 fc cd a8 e5 b0 8a fd c0 92 d0 ac 8f fe c3 96 df ae 87 f7 f6 f3 e2 b5 93 cf a2 7f fa e1 ce a1 96 8d d0 a9 8a fc ed df ff db c3 fe cd a5 fc eb da b8 8a 00 fe d3 b1 e0 b1 8d fe d6 bd fc db c5 ff e3 cd fd e8 d6 ff cf a9 fe dd c6 fe d3 ae fe e3 d0 fe d9 c1 ca c1 b9 fe e6 d2 fe d1 ac fe de c9 fd e0 cc f6 f6 f6 f8 f8 f7 5a e0 c2 b9 00 00 00 0374 52 4e 53 8c fe 00 98 66 ea 09 00 03 8e d5 49 44 41 54 78 da b4 9d 5f 6c 5b e7 99 a7 33 ed 00 03 63 e1 bd 28 10 a4 80 01 77 81 20 b9 5f c4 70 80 22 37 f1 45 af 9c bd 98 c4 17 51 8c 20 c8 dd 4c 5a 61 8d 81 af 12 18 ea 4d 84 38 88 6d d8 f0 9f 54 a9 1b c8 4c 05 a7 91 94 28 0e 04 d9 03 b2 84 0d 03 43 09 84 28 d6 36 2c 8d a4 91 a2 12 5b ca 1b 91 94 28 b2 12 d5 ee f3 7b df f3 f1 1c 92 f1 66 ba ed be e7 fb 77 be 73 2c 51 34 7d 1e fd de f7 fd 3e 3f f1 c7 bf d6 7e f4 37 ba ef c4 b3 cf be b2 ff b7 d8 e7 9f 53 ba ec 93 cf 3f 91 fd e2 93 5f c8 be a2 06 63 86 62 b3 5f fd 1c fb 5d 97 7d 85 fd 8e 83 12 cf 79 b5 2b 7e dd 1b ef ba 8d 19 dd 2e fb f9 ef 7e 4e Data Ascii: PNGIHDREF|PLTE,fw-*I]mC9VD9v%4"T!vC/!K&jXMinT|H?vk]90JT<`.qcmabX/sVzgacZ*g0w7yU`<j\L&}r}8tA^IL0k0jt4D |ZsPd6iJm6vj?aBlG@s<R+nIV:}X8{E(C~XtzQ~J]xhp_2dc:}L)[2R/Q1xZtRNSfIDATx_l[3c(w _p"7EQ LZaM8mTL(C(6,[({fws,Q4}>?~7S?_cb_]}y+~.~N
Aug 20, 2020 21:55:38.827338934 CEST
10506 OUT GET /var/cofaweb/storage/images/ara-ma/home/home-slide-block/finance-my-development/422821-7-fre-FR/Faciliter-mon-acces-au-financement_slider_large.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 63 of 111
Aug 20, 2020 21:55:38.863020897 CEST
10583 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2013 14:56:27 GMTETag: "13a3a6-41bde-4e9417d0d1cc0"Accept-Ranges: bytesContent-Length: 269278Vary: Accept-EncodingKeep-Alive: timeout=5, max=497Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 06 d2 00 00 01 45 08 03 00 00 00 46 e6 89 7c 00 00 03 00 50 4c 54 45 75 75 7b 88 86 8d 9b a1 a3 89 8a 93 85 82 87 8b 8e 98 86 85 8a 94 96 9d 94 95 9a 00 00 00 87 93 9c 6a 74 78 98 86 89 74 7e 7b 4f 94 cb 66 a8 d8 7c aa d3 65 97 c5 b2 bc d2 79 9b ba 8c 82 89 39 79 b2 66 8c af 8c 93 95 12 12 18 7a 7f 81 91 93 6c 88 8d 94 aa 8a 4a 87 b9 e0 51 87 b8 17 20 3b e0 bb 59 df e1 e0 9b 76 41 d9 e7 f0 d8 c4 8d 9a c4 e5 40 6e 9a 6f 53 3f 21 44 75 ee ee ed a4 79 64 27 53 86 cb bd 9b 92 8f 96 19 2b 53 24 2f 41 7d 7e 64 b5 93 76 ae d0 ea 58 77 a7 37 53 76 c4 b3 8b 86 78 7d df cf 9e 80 5b 40 32 49 68 4f 63 86 ba a4 81 32 62 90 80 6b 61 b5 7f 4f 2e 3b 4e be d8 eb 6e 71 5b 35 43 59 1f 37 61 cc df ed 8f 64 43 bf 8f 57 15 16 0f 0c 0c 0c 8f 82 7d d4 c5 a8 ab 87 6d e8 cc 6e e6 d8 ae 65 68 52 5a 5e 4a da b7 68 68 5d 59 a8 b4 cc 8b 69 57 58 49 46 95 71 5f c8 9c 5c 4b 5d 7b 48 41 3f dd cf af b8 bf a4 50 54 41 46 4b 39 aa a2 a4 60 4f 4a 40 3c 3b 5e 6e 9a d3 c9 bb 43 4d 5e c9 c1 bc a2 ae c9 73 7f 9d 5c 68 7d 3e 43 31 98 9a 87 50 46 44 5b 64 72 dc d2 c3 52 52 4e 3e 43 3f 7d 61 53 e9 de bc ba ba b2 a6 97 80 9b 83 70 4a 53 5d 18 1b 1f 27 24 1a 4b 58 70 e2 d6 ba 73 5a 50 96 9c af ac 9f 88 d1 aa 60 31 36 39 35 39 2a bd be b9 43 4b 56 d0 cc c9 54 59 5e 1c 1f 16 68 54 4e b4 a8 8e 61 6d 86 90 8d 85 8b 9d c0 a1 94 8e 2b 2f 22 8b 92 a7 b2 af a5 a2 8d 78 61 62 5e a1 a3 90 45 52 67 a6 9d 97 a0 67 48 40 47 4f b7 b0 99 9c a8 c5 70 66 61 3c 41 47 45 49 47 b1 b6 c3 53 5d 6b 69 7b ac 80 72 6d 37 3c 40 75 75 71ab aa 97 59 58 55 4c 58 67 1e 13 0d c9 ce c2 79 7f 8b c3 c8 bb cb cf d2 b9 be c9 a0 a5 b5 78 77 78 a8 ab a3 5b 6a 8e 5b 5d 5d 89 79 70 b5 b2 af 9e 8d 83 51 54 56 89 88 81 65 72 90 a9 ae bd 74 6e 69 ab 70 4a 92 9f bf 96 a4 c3 95 8a 7b 52 5f 74 34 33 34 68 77 a2 c6 c6 c7 39 39 37 d8 d9 d6 ce d3 c8 6f 72 7c 7e 8c b3 c3 c1 b0 69 77 98 4a 4e 4f 62 66 6c 71 83 b2 83 82 7b 6f 70 71 7d 7d 78 a2 a4 9e 68 6c 74 90 81 73 f0 ec e3 54 63 7d df d9 cf 5d 61 65 74 78 83 e6 db c4 6b 6c 6b 8a 98 bb f0 eb dd bf c1 c4 78 85 af 66 66 64 97 97 96 9b 9c 9e e8 df ce 9b 9e a6 71 7f aa ad ac ad 83 89 9b b9 bc c1 81 84 86 c6 ca d0 22 24 26 bd b4 a1 57 68 86 d1 d5 d4 26 28 2a 1e 20 23 a7 ab b5 d7 d4 ce 78 89 b7 8a 8e 9c b5 b8 bc 84 93 ba ad b0 b5 7e 8f b9 eb e2 c7 c0 c5 ce 81 85 90 ef e9 d8 a5 a8 ad 91 90 8e b0 b3 ba c0 ba ab ee e7 d4 a0 a3 aa 2e 30 31 93 97 a3 2a 2c 2e 89 8a 8c 90 94 9e eb e4 d1 d3 ab 0a 8f 00 00 00 0a 74 52 4e 53 e7 e7 f8 f8 f8 f8 ca c5 61 00 f0 21 19 c400 04 18 83 49 44 41 54 78 da 8c 9c 7f 4c 94 59 ba e7 fb af cd cc 78 cd de 64 cd 45 24 f7 4e 3a 99 bd d9 9e 85 69 dd 95 36 ae 31 9d ee 4e 46 a1 a3 c6 b4 de 91 56 74 8d 7f 58 c6 5f 60 34 74 13 61 11 09 c1 06 2a 24 84 a1 13 1b c8 b4 d3 36 15 28 24 cd 1f 15 22 4c 87 60 8a 2a b9 69 5b 72 09 55 5d 61 a8 86 b4 62 ac 54 94 29 8a 2e b0 e8 fd 3c cf 39 55 2f d8 ce 66 bf ef 79 cf fb f3 9c 7a eb 07 e7 f3 7e 9f 73 5e 5e db bb 77 ef 9e 3d b5 5d 81 68 5e 4e 38 92 42 5f 3c f9 8b e8 f3 cf 3f 27 7f 32 72 fa f4 d1 fd ef 6c ed 77 b9 3d 1f 8e fc 59 f5 f9 e7 4f 9e c8 61 56 cb ca ca 1a b7 1c ab ad ad a5 8a da 1b Data Ascii: PNGIHDREF|PLTEuu{jtxt~{Of|ey9yfzlJQ ;YvA@noS?!Duyd'S+S$/A}~dvXw7Svx}[@2IhOc2bkaO.;Nnq[5CY7adCW}mnehRZ^Jhh]YiWXIFq_\K]{HA?PTAFK9`OJ@<;^nCM^s\h}>C1PFD[drRRN>C?}aSpJS]'$KXpsZP`16959*CKVTY^hTNam+/"xab^ERggH@GOpfa<AGEIGS]ki{rm7<@uuqYXULXgyxwx[j[]]ypQTVertnipJ{R_t434hw997or|~iwJNObflq{opq}}xhltsTc}]aetxklkxffdq"$&Wh&(* #x~.01*,.tRNSa!IDATxLYxdE$N:i61NFVtX_`4ta*$6($"L`*i[rU]abT).<9U/fyz~s^^w=]h^N8B_<?'2rlw=YOaV
Aug 20, 2020 21:55:39.118472099 CEST
11517 OUT GET /extension/cofaweb/design/cofaweb/images/bg/popin_bg.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608
Aug 20, 2020 21:55:39.154119968 CEST
11554 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:33 GMTETag: "49a2da-8d-595692c6d0440"Accept-Ranges: bytesContent-Length: 141Vary: Accept-EncodingKeep-Alive: timeout=5, max=496Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 01 00 00 00 01 08 06 00 00 00 1f 15 c4 89 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 00 20 63 48 52 4d 00 00 7a 25 00 00 80 83 00 00 f9 ff 00 00 80 e9 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 6f 92 5f c5 46 00 00 00 13 49 44 41 54 78 da 62 60 60 60 d8 0c 00 00 00 ff ff 03 00 00 b8 00 b4 40 32 53 ca 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDRpHYs cHRMz%u0`:o_FIDATxb```@2SIENDB`
Aug 20, 2020 21:55:39.186063051 CEST
11573 OUT GET /var/cofaweb/storage/images/ara-ma/our-offer/422689-24-fre-FR/L-offre-Coface_menu_portrait.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 64 of 111
Aug 20, 2020 21:55:39.224009037 CEST
11594 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Wed, 22 Jan 2020 22:13:25 GMTETag: "40a6f2-12f9c-59cc1d5508b40"Accept-Ranges: bytesContent-Length: 77724Vary: Accept-EncodingKeep-Alive: timeout=5, max=495Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 e7 00 00 01 8a 08 02 00 00 00 78 8b c1 47 00 00 80 00 49 44 41 54 78 da ec fd 77 b8 6c d9 75 1f 06 ae b5 f6 de 27 55 ae ba f9 dd fb 72 ee d7 b9 d1 dd 48 0d 10 20 41 82 14 20 10 a2 28 51 a2 68 9a f4 37 32 ad 60 cb 9a e0 6f 3e db 9f e4 91 66 6c 59 23 cb 23 7d ca f4 58 a6 49 53 14 98 20 92 20 88 0c 74 40 e8 9c 5e bf 1c 6f 0e 95 eb a4 bd f7 9a 3f ce 39 55 75 5f 37 48 00 84 00 b6 e6 ed ef e1 e2 76 dd 53 a7 4e 9d f3 db 6b af f5 5b bf b5 36 32 33 dc 1d 77 c7 db 6a d0 f7 fb 02 ee 8e bb e3 db 1e 77 51 7b 77 bc fd c6 5d d4 de 1d 6f bf 71 17 b5 77 c7 db 6f dc 45 ed dd f1 f6 1b 77 51 7b 77 bc fd c6 5d d4 de 1d 6f bf 71 17 b5 77 c7 db 6f dc 45 ed dd f1 f6 1b 77 51 7b 77 bc fd c6 5d d4 de 1d 6f bf 71 17 b5 77 c7 db 6f dc 45 ed dd f1 f6 1b 77 51 7b 77 bc fd c6 5d d4 de 1d 6f bf 71 17 b5 77 c7 db 6f c8 7f 1f 27 e5 c4 74 bf 78 29 5e ed d5 9e 38 ea 1d 9b f9 7e 7f c7 bb e3 3f b4 f1 ef c5 d6 ea 6e b8 f1 2f 9e 19 be70 db 46 fa fb fd 05 ef 8e ff 00 c7 77 df d6 da 58 8f 5e df 0c 2f 6e cf fd a5 77 7c eb 86 76 b7 3b b8 bd b9 b7 db 1b 24 a9 11 84 f5 4a 70 64 69 b6 59 2d 13 e1 1f f1 71 cc ed de f0 f2 ad cd 4e 7f 34 d3 a8 1c 3d 30 db a8 94 be f7 f7 f1 ee f8 5e 8e ef 3e6a d3 ad c1 ee 6f bc 5c 7a e0 80 7f 76 9e bc 3f fa fc 0c b0 dd ee fd d6 17 9e fb dd a7 5e bc 74 73 73 14 25 44 b8 32 df fc 89 0f 3e fa d1 27 1e 5c 9e 6b 0a f1 87 2d 08 51 9c fe f6 97 9e ff 17 bf f1 85 9b 1b bb 1f 7e f7 7d bf f0 13 1f 7c e4 cc 91 ef e3 0d bd 3b be 07 e3 bb 8d 5a cb f1 8d 76 f7 f3 17 57 fe d6 87 9d 85 ea 1f 79 38 33 0f 46 f1 df fe 97 bf f5 a5 e7 de 78 e0 e4 c1 ff e6 3f f9 d3 2b f3 ad b5 ed f6 ef 3d f5 d2 3f fc 95 df 47 84 9f fa d0 3b 5b f5 f2 1f 72 86 61 18 ff d3 7f fb b9 83 8b ad bf fe e7 3f f4 8e 7b 8e 2c ce d4 bf 9f b7 f3 ee f8 9e 8c ef 32 6a e3 5b 9d ee 17 2e 39 8b b5 ca 3b 56 44 c9 f9 23 8f 1f 86 f1 af7d f6 6b 4f be 70 e1 67 ff d4 7b ff cc 07 1f 99 6d 54 1d 29 52 6d de 75 ff 89 67 5e be fc f0 99 c3 f5 4a f0 87 9f c1 58 bb db 1b bc f7 a1 53 8f 9c 3d 72 64 69 4e fc 51 1e c5 dd f1 1f c0 f8 2e a3 36 bc b8 dd fb e2 e5 d6 4f dc af 5a 25 f8 16 00 34 08 e3 df fe d2 73 cb 73 cd f7 3c 78 f2 c8 d2 6c f6 a2 a3 64 c9 77 3f fc ae fb 7c d7 c9 dc 83 9d 4e ff 93 5f 7e e1 8b cf 9d df d8 e9 d6 2a fe 8f be fb fe 1f 79 e7 fd 8b 33 b5 8b 37 37 fe f2 ff f3 ff bb b1 db fd cd 2f 3e f7 d5 97 2f 7d f0 b1 73 4f 3c 78 6a 7d b7 fb 07 cf bc b2 b9 d7 35 d6 1e 5b 9e ff 89 0f bc e3 7d 0f 9d f6 5c 95 9d fc 0f be f6 ea a7 9f 7e f9 fc f5 75 04 b8 f7 f8 f2 47 df f7 d0 63 e7 8e 09 a2 17 2e dc f8 e4 97 9f 7f f6 f5 6b 61 9c ae cc 37 3f f6 fe 87 3f fc ae fb 1c f5 ef 85 63 b9 3b fe 98 e3 bb f9 54 92 8d fe e0 b9 5b ac 6d fd 47 4e e3 b7 e0 d1 02 40 9c a4 e7 af af ff e4 07 1f 3d 30 db b8 e3 4f e5 c0 cb 7e b9 7c 6b f3 d7 3f ff ec 57 5e 78 e3 e0 c2 cc d9 a3 a5 d5 ad f6 bf fe 9d 27 d7 77 ba 3f fb 91 f7 56 4b fe 43 a7 0f bf 78 e1 46 ab 5a 3e 75 68 f1 f8 ca bc 10 b4 dd ee 59 b6 67 8e 2c a5 a9 79 f1 d2 cd ee 60 84 88 1f 7a fc dc 30 8c 3f f5 d4 4b ff e6 b3 5f 0b 5c e7 d4 a1 85 61 18 bf 7a e5 f6 da 4e e7 f8 ca fc ea 56 fb 1f fc f2 a7 3a 83 d1 ca 42 0b 01 d6 77 bb ff ec d7 3f 8f 08 3f f0 Data Ascii: PNGIHDRxGIDATxwlu'UrH A (Qh72`o>flY##}XIS t@^o?9Uu_7HvSNk[623wjwQ{w]oqwoEwQ{w]oqwoEwQ{w]oqwoEwQ{w]oqwo'tx)^8~?n/pFwX^/nw|v;$JpdiY-qN4=0^>jo\zv?^tss%D2>'\k-Q~}|;ZvWy83Fx?+=?G;[ra?{,2j[.9;VD#}kOpg{mT)Rmug^JXS=rdiNQ.6OZ%4ss<xldw?|N_~*y377/>/}sO<xj}5[}\~uGc.ka7??c;T[mGN@=0O~|k?W^x'w?VKCxFZ>uhYg,y`z0?K_\azNV:Bw??
TimestampkBytestransferred Direction Data
Session ID Source IP Source Port Destination IP Destination Port Process
3 192.168.2.4 49780 193.56.140.134 80 C:\Program Files (x86)\Internet Explorer\iexplore.exe
TimestampkBytestransferred Direction Data
Aug 20, 2020 21:55:37.264930964 CEST
9261 OUT GET /cofaweb/language.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
Copyright null 2020 Page 65 of 111
Aug 20, 2020 21:55:37.327446938 CEST
9295 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:37 GMTServer: ApacheExpires: Fri, 21 Aug 2020 19:55:37 GMTLast-Modified: Thu, 20 Aug 2020 19:55:37 GMTCache-Control: max-age=86400Pragma: cacheServed-by: www.coface.maContent-language: fr-FRVary: Accept-EncodingContent-Length: 533Keep-Alive: timeout=5, max=500Connection: Keep-AliveContent-Type: application/x-javascriptData Raw: 09 76 61 72 20 63 6f 66 61 63 65 4d 61 70 4c 61 6e 67 20 3d 20 7b 09 69 66 72 61 6d 65 5f 6d 61 70 5f 75 72 6c 20 3a 20 22 2f 63 6f 66 61 77 65 62 2f 6d 61 70 22 2c 0a 09 6d 61 70 5f 74 69 74 6c 65 20 3a 20 22 43 61 72 74 65 20 64 65 20 6c 27 c3 a9 76 61 6c 75 61 74 69 6f 6e 20 64 65 73 20 72 69 73 71 75 65 73 20 70 61 79 73 20 70 61 72 20 43 6f 66 61 63 65 22 2c 0a 09 62 6f 78 20 3a 20 7b 09 09 72 69 73 6b 5f 63 6f 75 6e 74 72 79 20 3a 20 22 45 76 61 6c 75 61 74 69 6f 6e 20 64 65 73 20 72 69 73 71 75 65 73 20 70 61 79 73 22 2c 0a 09 09 62 75 73 69 6e 65 73 73 5f 65 6e 76 69 72 6f 6e 6d 65 6e 74 20 3a 20 22 45 6e 76 69 72 6f 6e 6e 65 6d 65 6e 74 20 64 65 73 20 61 66 66 61 69 72 65 73 22 2c 0a 09 09 73 75 72 76 65 69 6c 6c 61 6e 63 65 5f 73 69 6e 63 65 20 3a 20 22 4d 69 73 65 20 73 6f 75 73 20 73 75 72 76 65 69 6c 6c 61 6e 63 65 20 64 65 70 75 69 73 22 2c 0a 09 09 66 61 73 74 5f 63 6f 75 6e 74 72 79 5f 70 72 6f 66 69 6c 65 20 3a 20 22 41 63 63 c3 a9 64 65 72 20 c3 a0 20 6c 61 20 66 69 63 68 65 20 70 61 79 73 22 0a 09 7d 7d 3b 0a 76 61 72 20 43 4f 55 4e 54 52 59 5f 43 4f 4d 50 41 52 45 5f 55 52 4c 20 3d 20 22 2f 63 6f 66 61 77 65 62 2f 63 6f 6d 70 61 72 65 72 22 3b 0a 76 61 72 20 6c 61 6e 67 20 3d 20 7b 09 09 09 27 61 64 64 27 20 3a 20 22 41 6a 6f 75 74 65 72 22 2c 0a 09 09 09 27 61 64 64 5f 63 6f 75 6e 74 72 79 27 20 3a 20 22 41 6a 6f 75 74 65 72 20 75 6e 20 70 61 79 73 22 2c 0a 09 09 09 27 63 6f 75 6e 74 72 79 5f 73 69 6e 67 75 6c 61 72 27 20 3a 20 22 50 61 79 73 22 2c 0a 09 09 09 27 63 6f 75 6e 74 72 79 5f 70 6c 75 72 69 61 6c 27 20 3a 20 22 50 61 79 73 22 0a 09 09 7d 3b Data Ascii: var cofaceMapLang = {iframe_map_url : "/cofaweb/map",map_title : "Carte de l'valuation des risques pays par Coface",box : {risk_country : "Evaluation des risques pays",business_environment : "Environnement des affaires",surveillance_since : "Mise sous surveillance depuis",fast_country_profile : "Accder la fiche pays"}};var COUNTRY_COMPARE_URL = "/cofaweb/comparer";var lang = {'add' : "Ajouter",'add_country' : "Ajouter un pays",'country_singular' : "Pays",'country_plurial' : "Pays"};
Aug 20, 2020 21:55:37.332495928 CEST
9305 OUT GET /extension/cofaweb/design/cofaweb/stylesheets/Print.css HTTP/1.1Accept: text/css, */*Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
Aug 20, 2020 21:55:37.365592003 CEST
9347 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:37 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 14:47:48 GMTETag: "49a1bd-9f8-5956cc46c6d00"Accept-Ranges: bytesContent-Length: 1008Vary: Accept-EncodingKeep-Alive: timeout=5, max=499Connection: Keep-AliveContent-Type: text/cssContent-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 04 03 e2 52 ce 48 4d 4c 49 2d 52 d0 cb c9 4f cf 57 a8 e6 52 00 82 f2 cc 94 92 0c 2b 05 43 73 83 82 0a 6b b0 48 6e 62 51 7a 66 9e 95 42 62 69 49 3e 44 a4 20 31 25 25 33 2f 1d a8 0a a8 48 c1 40 41 31 33 b7 20 bf a8 24 31 af c4 9a ab 96 4b 2f 37 33 2f 53 37 29 27 3f 39 5b af 24 bf 40 37 31 27 33 3d 0f 6a 3a cc 2c 03 34 83 0c 40 1a b9 94 d3 72 f2 13 4b 74 73 53 f3 4a 75 80 c6 20 a8 f8 f2 a2 c4 82 82 d4 22 20 b7 b0 34 33 39 1b 24 06 64 27 e5 94 a6 c6 27 25 e6 a5 e8 00 bd 92 99 9e 01 b4 28 a3 04 e8 9b d4 b4 12 a0 48 5a 62 76 6a 7c 4a 66 19 50 61 49 6a 05 50 3c b9 28 bf b8 38 15 a4 38 2d 3f bf 24 b5 08 61 aa 72 71 4e 26 30 20 74 41 e1 01 54 9e 9c 93 58 5c 9c 99 ac 5b 90 5f 90 99 07 e4 97 14 65 26 e6 a5 e7 a4 c6 e7 26 16 67 c7 a7 a7 02 c5 94 41 3e cb 4f d3 2d c9 48 d5 2d 48 4c 4f 05 aa 2a 4e 2d 48 2c 4a 2c c9 07 99 97 54 92 17 5f 5c 9e 59 92 9c 11 9f 9c 5f 9a 57 52 54 09 15 4c ce cf 05 aa 4a 8d 87 8a 72 81 82 25 25 b3 b8 20 27 b1 d2 4a 21 2f 3f 2f 15 2d 30 b9 80 1e 80 fb 44 af a0 28 33 af 24 3e 2f 1f e8 e9 e4 ec f4 22 a0 19 29 c0 80 e5 84 19 c0 09 0e 74 14 13 38 11 2a 21 e6 83 0d 55 ce 4d cc cc 43 78 5f 0f c4 d5 03 fa 2b b5 28 33 39 1e c4 41 17 03 71 14 f4 4a 4b 32 73 e2 ab 80 86 e8 a0 84 77 11 88 d2 01 b9 14 55 3d 50 00 49 19 90 07 51 09 66 25 a5 83 29 90 61 60 46 72 7e 5e 49 6a 1e 21 53 20 7a c1 a6 10 52 09 e2 41 54 82 59 49 e9 84 34 80 78 28 1a c0 14 c8 81 60 9d e8 0a e1 2c 42 0a e1 2c a8 13 94 a1 5e 8d cf 4f 4b 43 a4 41 88 0a 50 f4 41 93 6f 0a 11 2a c1 66 eb 70 25 e5 a7 00 93 17 72 ec 80 94 00 7d 1a 9f 92 5f 52 92 9a 12 9f 5e 94 5a a9 00 0e 62 a0 af 81 26 80 12 1d 22 a7 1b 18 a8 a2 24 99 5a 48 a2 43 f7 06 8c 85 e4 5f 30 23 25 b5 38 59 07 5d 47 26 ba 8e 4c 24 1d 99 39 39 a5 10 1d 49 40 f7 e5 e7 a2 fa 0c 22 04 f1 60 5e 6a 79 71 72 62 71 09 21 d5 05 99 c9 25 a5 45 10 8f c3 43 2d 23 3f 37 15 55 31 d8 4c f4 e0 c5 a9 10 ec 01 60 b8 e6 00 cb ac 54 5d 24 31 08 1b 98 07 c0 74 7c 5a 51 22 d0 f6 62 23 84 d6 62 05 08 ad 57 50 9a 44 48 19 90 d6 4b c9 4c 04 15 10 c8 05 27 8a 45 c8 12a0 72 07 b9 44 85 c6 22 a8 70 46 8f 45 90 45 e9 e8 e9 1d 3d 92 d2 41 7e 04 32 e1 a1 81 9e d8 a0 8e 45 0f 37 3c 2a 91 0c 45 b7 0d c6 22 94 24 50 4d 85 08 a1 47 32 d8 0d e8 71 07 75 02 ba 63 71 2a 04 3b 09 47 08 13 8a 3a 20 0d 8b 3a 42 0a a1 49 01 3d 2d a1 47 31 98 83 2c 01 8d 64 70 bd 88 54 7e 03 8d 47 0f 5a 38 0b 5b d0 42 8d 01 55 83 10 af 59 29 24 03 03 25 b5 08 6c 1a b2 dd 70 cf 2b 64 18 42 75 a1 d7 20 e8 c9 0c 64 09 58 33 d8 3a 84 b3 20 ba 61 35 3e 28 81 82 95 eb 25 26 27 e7 17 a5 64 e6 e7 e9 42 e3 06 1c 51 a8 29 15 a2 37 23 15 64 10 44 2f ba ad 7a b9 c9 a9 ce 10 fd 4e c0 f2 4f 41 af 24 31 a9 18 4c ea e6 64 16 97 28 e4 64 42 0d 81 66 10 23 53 55 90 3e 74 6d 20 0d c5 a8 2a 2d 21 2a b9 f4 b5 14 80 65 1b 28 28 20 09 50 41 4b 9f 0b 3d 79 c2 d2 26 c4 ff 10 63 20 3e d6 05 86 a4 95 82 05 a8 81 84 e6 72 65 68 dd 1f 0f 6a 6d a0 16 cb 9c 90 88 46 0f 65 2e ce 82 fc e2 cc 12 60 90 01 c3 22 a9 38 3f a7 b4 04 4d 1e 64 19 ba 55 9c a0 4c 60 65 6c 8c 2e 5e 0b 08 00 00 ff ff 05 ff 89 61 f8 09 00 00 Data Ascii: RHMLI-ROWR+CskHnbQzfBbiI>D 1%%3/H@A13 $1K/73/S7)'?9[$@71'3=j:,4@rKtsSJu " 439$d''%(HZbvj|JfPaIjP<(88-?$arqN&0 tATX\[_e&&gA>O-H-HLO*N-H,J,T_\Y_WRTLJr%% 'J!/?/-0D(3$>/")t8*!UMCx_+(39AqJK2swU=PIQf%)a`Fr~^Ij!S zRATYI4x(`,B,^OKCAPAo*fp%r}_R^Zb&"$ZHC_0#%8Y]G&L$99I@"`^jyqrbq!%EC-#?7U1L`T]$1t|ZQ"b#bWPDHKL'ErD"pFEE=A~2E7<*E"$PMG2qucq*;G: :BI=-G1,dpT~GZ8[BUY)$%lp+dBu dX3: a5>(%&'dBQ)7#dD/zNOA$1Ld(dBf#SU>tm *-!*e(( PAK=y&c >rehjmFe.`"8?MdUL`el.^a
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 66 of 111
Aug 20, 2020 21:55:38.342468977 CEST
9562 OUT GET /extension/cofaweb/design/cofaweb/images/logo_coface_2_1_1.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
Aug 20, 2020 21:55:38.376635075 CEST
9569 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:35 GMTETag: "49a2f0-1067-595692c8b88c0"Accept-Ranges: bytesContent-Length: 4199Vary: Accept-EncodingKeep-Alive: timeout=5, max=498Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 aa 00 00 00 3e 08 03 00 00 00 8c 5f 70 e5 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 26 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 31 31 20 37 39 2e 31 35 38 33 32 35 2c 20 32 30 31 35 2f 30 39 2f 31 30 2d 30 31 3a 31 30 3a 32 30 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 6d 6d 2f 22 20 78 6d 6c 6e 73 3a 73 74 52 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 52 65 66 23 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 43 20 32 30 31 35 20 28 57 69 6e 64 6f 77 73 29 22 20 78 6d 70 4d 4d 3a 49 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 46 37 46 45 45 37 31 43 46 41 41 35 31 31 45 37 42 34 36 33 41 35 34 46 31 43 43 38 41 36 37 42 22 20 78 6d 70 4d 4d 3a 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 46 37 46 45 45 37 31 44 46 41 41 35 31 31 45 37 42 34 36 33 41 35 34 46 31 43 43 38 41 36 37 42 22 3e 20 3c 78 6d 70 4d 4d 3a 44 65 72 69 76 65 64 46 72 6f 6d 20 73 74 52 65 66 3a 69 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 46 37 46 45 45 37 31 41 46 41 41 35 31 31 45 37 42 34 36 33 41 35 34 46 31 43 43 38 41 36 37 42 22 20 73 74 52 65 66 3a 64 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 46 37 46 45 45 37 31 42 46 41 41 35 31 31 45 37 42 34 36 33 41 35 34 46 31 43 43 38 41 36 37 42 22 2f 3e 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 20 3c 2f 72 64 66 3a 52 44 46 3e 20 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 20 3c 3f 78 70 61 63 6b 65 74 20 65 6e 64 3d 22 72 22 3f 3e ac 43 30 ae 00 00 03 00 50 4c 54 45 5c b7 80 c2 c9 d4 c9 cf d9 b9 c1 ce 44 59 7c fb fc fd 41 56 7a c6 e5 d1 51 65 86 f8 f9 fa f4 fa f7 df f1 e5 3b 51 76 29 41 6a bd e1 c9 a1 ac be 9a a5 b8 75 be 8c e7 ea ee 89 c8 9d c1 e2 cc 4d 61 83 5c 6e 8d ec ee f2 f3 f4 f6 b6 be cc fc fe fd 94 ce a9 91 cb a4 da ee e0 f5 f6 f8 6e 7e 9add e1 e7 c9 e7 d5 9e a9 bb 6d bf 8d 26 3e 67 e3 f2 e8 99 d2 b0 ec f7 f0 b4 bc ca d5 eb dc ea ec f0 62 ba 84 e2 f2 e9 5e b8 82 e6 f4 eb Data Ascii: PNGIHDR>_ptEXtSoftwareAdobe ImageReadyqe<&iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c111 79.158325, 2015/09/10-01:10:20 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2015 (Windows)" xmpMM:InstanceID="xmp.iid:F7FEE71CFAA511E7B463A54F1CC8A67B" xmpMM:DocumentID="xmp.did:F7FEE71DFAA511E7B463A54F1CC8A67B"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:F7FEE71AFAA511E7B463A54F1CC8A67B" stRef:documentID="xmp.did:F7FEE71BFAA511E7B463A54F1CC8A67B"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>C0PLTE\DY|AVzQe;Qv)AjuMa\nn~m&>gb^
Aug 20, 2020 21:55:38.391860008 CEST
9577 OUT GET /var/cofaweb/storage/images/ara-ma/home/home-slide-block/secure-my-sales/422805-10-fre-FR/Securiser-mes-ventes_slider_small.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 67 of 111
Aug 20, 2020 21:55:38.425616980 CEST
9636 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Wed, 22 Jan 2020 22:14:18 GMTETag: "13a423-26b2e-59cc1d8794280"Accept-Ranges: bytesContent-Length: 158510Vary: Accept-EncodingKeep-Alive: timeout=5, max=497Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 82 00 00 01 45 08 06 00 00 00 e1 17 ea 85 00 00 80 00 49 44 41 54 78 da cc fd c9 ba 6c c9 75 26 88 fd cb cc b6 9f 73 ef 8d 3e d0 93 04 7b 24 40 82 49 e5 40 35 95 1e 41 13 7d 55 4c b2 2a 6b 28 0d f5 08 98 6a 22 62 ac 09 f4 06 78 00 0d f0 e9 ab 01 b3 54 24 93 00 bb 04 29 32 32 09 12 40 20 9a db 9f e3 be cd d6 d2 60 b5 db 6f 10 24 32 99 24 3c be b8 e7 1c f7 ed 7b 5b b3 6c 35 ff ea e8 ff fb ff f9 7f 0b 43 00 01 88 04 8d 1a 88 08 44 04 5e 0b 2c 02 22 42 ef 0d 00 41 58 20 10 88 bd cf 22 80 08 00 00 22 10 22 10 08 00 43 04 20 02 00 02 ec fa d6 1a d0 08 c2 ac cf 04 41 84 21 04 34 6a 10 11 ac b5 00 12 8c 3e 20 00 c0 0c 50 83 d8 38 f5 1f 42 23 02 9a 3e 8f 5a 03 89 60 09 83 99 c1 2c 80 30 5a 6b f1 5c 22 40 84 40 04 50 23 88 90 de 8b 1a 48 f4 3b 02 a0 37 1b 33 44 1f 4d 02 a2 06 11 d6 f5 80 ad 91 8e 08 39 22 80 99 f5 0d 5d 02 7d bf d9 33 01 7d 86 ad 97 80 d0 1a d9 c5 76 17 d1 67 01 ba 5e a0 86 d6 74 0d e6 62 5d 37 6a 00 01 24 80 e8 4d f5 39 b6 6f 3a 51 e4 3d 6c 40 ad 35 80 04 c2 02 f6 ef f8 50 85 75 9d a8 43 20 60 16 db 3b c1 cf be fd 12 6f df fe 10 68 0c e1 27 f8 ab 7f ff ff c0 fd 93 f7 6d 00 ba a6 82 9c b6 40 3f f2 75 a9 7b 06 08 04 04 12 01 eb ee 03 42 3a 8f b8 56 af d2 bd d7 75 f2 ef 0b 8b ee 9b 91 9d 38 dd 89 5d 27 7a ff de 00 ea fa 19 6c df e1 7f 12 94 7e 9b 3d ff 30 72 a7 57 60 b1 d3 b8 ce 67 4e c1 f9 a2 7b a9 13 d4 ef b7 a6 bf 95 61 1e d7 e2 40 23 72 f8 20 ce 47 4c 9c fc b8 d8 d8 a8 7e 53 df 8f 4b 05 24 54 c6 82 20 0a 06 60 27 36 66 05 a2 ab b1 5c 8d ab ae 40 19 97 f8 58 6d 5d fc 79 7e 1e 83 c4 e2 8e c7 bd cc b7 8d 60 c9 68 a0 be 1d 34 a3 9f c5 cc e3 3d bf 1f f9 96 da 9e 4b ec 57 0c a6 d0 9e df 49 8cbf 29 a3 31 9a f1 f5 ae 6b 51 b7 a2 cc 41 8f 95 8e ed b5 77 5e c7 af fd 1f 7f 07 db 49 89 8c 5a 57 3a 61 c6 07 7f f9 4d f0 7ccf f6 50 62 6d 62 0f 7c 7f 6d 05 08 39 87 7a 3d 0b 41 96 fd ce 3a d7 31 c4 28 4e 99 4b 23 52 3e e7 47 5e ca 1a c5 d9 c9 9d be 7b d1 40 60 10 c1 68 16 58 0c 40 f0 78 38 c1 b5 d6 c0 b6 1b ca 88 94 81 41 2f c4 5a 02 80 f5 1a 61 65 62 24 68 44 10 22 34 02 78 c1 98 9c 7e ae 07 a6 81 00 f4 a6 83 6b 36 82 65 6b e2 02 c5 f9 17 c7 5e ea c2 2a 9f 26 f8 39 33 f6 a6 bf 37 32 06 2d c6 0c 44 57 0d 62 f7 d3 fb 36 bb b9 88 40 d9 4f 33 81 66 44 c6 4b 57 cd 48 82 8d 1a 08 ce ec 75 95 75 cd 1b 7a 6b c6 54 18 21 90 6c 23 e2 77 10 84 6c 5c cc 20 13 a4 ad 15 61 ca 4a 98 ad 01 ec d7 91 09 13 42 6e f9 32 26 60 84 4e c6 09 c4 85 a3 ad b5 54 ca 0d 1e 18 22 0a c2 d0 7d 12 31 01 af 9b 20 fe 59 b7 3d 13 dd 2f 00 b8 3d 31 de b8 79 ac cf a4 89 17 1f 7f 17 fb 8b 1f c5 1c 2b c7 93 38 34 aa 10 c0 0e 6a 23 13 ba 2e 77 e1 0a 43 21 da 57 78 87 ee 57 30 2f f1 c3 4c 45 c1 f0 79 e6 b8 9d 36 98 ed e0 34 80 39 4f 23 c5 30 ec 10 8a ad a7 f3 28 1b 15 43 9f b5 96 ae 19 00 8c 41 60 06 f6 e5 23 54 0e c1 7e 86 70 14 36 ae 44 85 c0 75 e1 1d 9c 56 85 9a 7f 26 36 a9 b8 c6 a9 cf 37 57 48 79 98 f3 63 50 30 27 88 9e ba 16 ab 9a f7 78 85 37 07 6f 90 57 3e 07 91 32 e4 03 63 95 58 5f 17 02 00 d0 5c 01 70 ce ec 6c dc d7 92 ca 59 fd 84 51 e5 5f 4e cf 94 eb 7a 25 44 5a 08 42 89 19 c6 d9 2c 17 3b 83 4d e6 5a d6 c3 87 c9 49 bb fe 6d 17 Data Ascii: PNGIHDREIDATxlu&s>{$@I@5A}UL*k(j"bxT$)22@ `o$2$<{[l5CD^,"BAX """C A!4j> P8B#>Z`,0Zk\"@@P#H;73DM9"]}3}vg^tb]7j$M9o:Q=l@5PuC `;oh'm@?u{B:Vu8]'zl~=0rW`gN{a@#r GL~SK$T `'6f\@Xm]y~`h4=KWI)1kQAw^IZW:aM|Pbmb|m9z=A:1(NK#R>G^{@`hX@x8A/Zaeb$hD"4x~k6ek^*&9372-DWb6@O3fDKWHuuzkT!l#wl\ aJBn2&`NT"}1 Y=/=1y+84j#.wC!WxW0/LEy649O#0(CA`#T~p6DuV&67WHycP0'x7oW>2cX_\plYQ_Nz%DZB,;MZIm
Aug 20, 2020 21:55:38.748590946 CEST
10431 OUT GET /var/cofaweb/storage/images/ara-ma/home/home-slide-block/cover-my-risks/422829-6-fre-FR/Controler-mes-risques_slider_small.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 68 of 111
Aug 20, 2020 21:55:38.782900095 CEST
10451 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Wed, 22 Jan 2020 22:14:18 GMTETag: "13a428-32837-59cc1d8794280"Accept-Ranges: bytesContent-Length: 206903Vary: Accept-EncodingKeep-Alive: timeout=5, max=496Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 82 00 00 01 45 08 06 00 00 00 e1 17 ea 85 00 00 80 00 49 44 41 54 78 da ac fd cb af 6d fb 92 e7 07 7d 22 7e bf 31 e6 5c 6b ef 7d ee 23 33 2b eb 41 c9 12 06 54 46 e6 51 25 db 58 2e c0 08 0b d1 31 1d 24 fe 00 68 d1 a4 0d 2d 0b 21 d1 40 88 12 1d 8b 56 42 93 56 75 e8 67 8f 26 b4 2c d1 40 a4 10 55 59 dc e7 3e 7b af 35 e7 1c bf df 2f 22 68 44 8c b9 ce 75 b9 ca 95 65 4e de 93 e7 de b3 d7 63 ce 31 c7 f8 45 c4 f7 15 f2 1f fe af ff 57 41 df 09 ed 78 7b c1 fa 2b b3 75 56 6b 08 41 78 e0 3e 71 3b 88 39 d1 79 27 6c 20 73 a1 04 17 33 7e 18 5f f9 7c ff 27 5c ef 7f 49 7f fc 9a 36 de b8 f6 c5 0f 2f 8d d7 97 86 5e 76 96 6c 0c ef 8c 50 7c 0e 8e b1 f8 76 87 df bc 35 6e 03 dc 60 6f 8d de 95 cb d6 79 d9 af bc 5e 5f f8 a3 1f 36 fe c6 1f 2b 3f fc e2 85 cb a7 2b eb f2 89 f7 f6 85 37 79 e5 c1 c6 02 2c 02 09 e7 c2 e0 97 f2 8d 2d 6e 8c 11 bc 8f 2b bf 1a 3f 63 d8 c6 17 26 5f ba 71 dd a0 ef 57 6c ff c4 da 5e f9 d6 7f c6 ad ff 0c 6b 2f 84 08 9b 0e 76 bf b1 ad 1f e9 f3 47 38 6e 8c 63 30 a7 71 d5 e0 33 83 6d 6b f8 f6 33 1e fd e7 1c f2 0b 8e fe 89 43 77 a6 34 86 28 ee 81 af 07 7a 7c 63 1f bf e1 7a ff 1d 3e 0f 6c 01 21 a8 6e b4 7e a1 5d 5e 89 eb cf f1 ed 33 47 bb 30 43 59 31 19 f3 20 e6 41 5b ef e8 78 c3 e7 41 b3 a0 87 d3 34 d8 45 51 dd 89 7e c1 fa 0b 43 2e 3c 50 a6 39 d3 16 73 3c 60 be a3 e3 3d bf d7 8d 86 20 da a0 75 44 37 e8 9d 90 0e a2 58 18 b6 16 e6 8b f0 85 af c5 32 70 84 a6 0d 55 45 08 36 81 40 70 84 03 c1 24 08 73 dc 27 b2 26 11 10 34 d0 46 8b 0e 2a 98 92 7f 85 d1 09 24 8c c0 f2 35 c9 04 e9 84 6c 48 7b 41 1a 68 53 2e 12 a8 2c 2e 62 28 8b ae 41 20 44 6c 84 34 bc 37 5a db e8 4d e9 4d d9 d5 d8 31 54 84 10 40 04 55 85 d6 51 6d 6c aa 6c e2 5c c4 10 09 68 f9 92 44 80 96 ef af a9 d0 44 e9 00 92 ff 4f eb 67 a1 1d a1 d1 14 f4 fc 73 01 70 02 08 69 88 28 2e 0a aa f9 c7 22 08 86 b8 a1 11 20 71 7e 13 e0 10 20 61 78 18 51 ff 1b 11 3c 1a 91 ff 03 0f 27 02 f0 20 24 08 14 a7 d5 3f 21 08 3c 4089 7c 2f a2 84 d6 67 50 3f 57 c8 d7 ac 01 a8 e7 f7 b9 d5 77 07 22 81 20 c4 f9 ca 22 f0 88 fc bd 04 04 98 07 8e e2 11 e0 42 48 d0 08 08 47 3c 70 01 0f c7 09 24 bf 85 70 b0 00 0b c7 1d 24 84 70 c7 c2 91 c8 73 05 0c 89 40 a2 a1 92 ef c8 c9 fb d2 5a 43 44 08 e9 f9 1a a5 11 22 d0 84 2e 0e e4 67 5d ef 22 7f be 28 84 13 e1 78 2c 08 21 22 d0 70 1c cd ab aa 3b 48 47 a4 81 76 42 77 44 f7 fc 5e 14 57 41 68 f9 fb 68 88 2a 84 d4 cd e2 b8 0f c4 2d 3f 7b 9f b0 26 e1 83 65 86 db 81 2f c3 c2 70 73 dc 9c e5 8e 99 e1 be 70 cb 6b 6b 91 d7 5f 10 42 37 a4 09 e8 8e 0a 78 eb b4 d6 d0 be 41 df f3 f6 d3 2d ff 6e 3b ad bf d0 fb 4e 6b 1b d1 1a 4d 14 11 10 04 11 05 15 9a 08 a2 82 22 a0 82 48 de cb 82 12 12 a8 e4 fb 12 14 44 10 d5 af 7d 1c df 69 eb 02 ed 82 b7 20 2c 88 ed 0a be b3 10 2c 16 5e 6f d8 ed 20 d6 44 8e 89 cc 83 6e 93 97 e3 2b af f3 57 7c 1a ff 88 7d fc 06 c6 0d 5b 07 73 2e 7e 7f 83 af ba b3 74 e7 90 0b 0f bf b2 24 f2 83 5a 8b 61 30 46 b0 5c 90 50 c6 08 0e 55 1e da 79 93 07 af d7 83 79 5c 20 36 54 0f 36 f9 4c 57 e5 2a ca d0 8e d1 40 5a 3e 40 28 2b 9c 47 ec 74 1e b4 e6 f4 16 74 85 6f be 11 d1 50 1f b4 30 d4 0f ba 09 34 e7 d5 37 86 bf 72 c8 4e 68 23 bc 23 6c 5c b4 d1 Data Ascii: PNGIHDREIDATxm}"~1\k}#3+ATFQ%X.1$h-!@VBVug&,@UY>{5/"hDueNc1EWAx{+uVkAx>q;9y'l s3~_|'\I6/^vlP|v5n`oy^_6+?+7y,-n+?c&_qWl^k/vG8nc0q3mk3Cw4(z|cz>l!n~]^3G0CY1 A[xA4EQ~C.<P9s<`= uD7X2pUE6@p$s'&4F*$5lH{AhS.,.b(A Dl47ZMM1T@UQmll\hDDOgspi(." q~ axQ<' $?!<@|/gP?Ww" "BHG<p$p$ps@ZCD".g]"(x,!"p;HGvBwD^WAhh*-?{&e/pspkk_B7xA-n;NkM"HD}i ,,^o Dn+W|}[s.~t$Za0F\PUyy\ 6T6LW*@Z>@(+GttoP047rNh##l\
Aug 20, 2020 21:55:39.060786009 CEST
11372 OUT GET /extension/cofaweb/design/cofaweb/images/icons/slider_buttons_big-07.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 69 of 111
Aug 20, 2020 21:55:39.094223976 CEST
11454 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:35 GMTETag: "49a389-68c-595692c8b88c0"Accept-Ranges: bytesContent-Length: 1676Vary: Accept-EncodingKeep-Alive: timeout=5, max=495Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 8f 00 00 00 2e 08 06 00 00 00 11 23 4a d8 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 20 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 30 2d 63 30 36 30 20 36 31 2e 31 33 34 37 37 37 2c 20 32 30 31 30 2f 30 32 2f 31 32 2d 31 37 3a 33 32 3a 30 30 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 6d 6d 2f 22 20 78 6d 6c 6e 73 3a 73 74 52 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 52 65 66 23 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 53 35 20 57 69 6e 64 6f 77 73 22 20 78 6d 70 4d 4d 3a 49 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 37 34 37 35 36 33 33 44 31 37 37 37 31 31 45 32 39 33 37 37 38 37 36 34 38 35 37 37 36 38 37 41 22 20 78 6d 70 4d 4d 3a 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 37 34 37 35 36 33 33 45 31 37 37 37 31 31 45 32 39 33 37 37 38 37 36 34 38 35 37 37 36 38 37 41 22 3e 20 3c 78 6d 70 4d 4d 3a 44 65 72 69 76 65 64 46 72 6f 6d 20 73 74 52 65 66 3a 69 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 37 34 37 35 36 33 33 42 31 37 37 37 31 31 45 32 39 33 37 37 38 37 36 34 38 35 37 37 36 38 37 41 22 20 73 74 52 65 66 3a 64 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 37 34 37 35 36 33 33 43 31 37 37 37 31 31 45 32 39 33 37 37 38 37 36 34 38 35 37 37 36 38 37 41 22 2f 3e 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 20 3c 2f 72 64 66 3a 52 44 46 3e 20 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 20 3c 3f 78 70 61 63 6b 65 74 20 65 6e 64 3d 22 72 22 3f 3e e6 a9 7f 10 00 00 03 02 49 44 41 54 78 da ec dc 5d 48 53 61 1c c7 f1 7f a7 63 6b b5 81 5a 2e 70 a2 d1 4d 96 59 e1 45 8b a0 35 ba 48 46 2f 74 13 d2 45 84 08 31 7b 99 16 14 04 51 19 41 04 11 b2 5e 94 42 a4 8b 2e ac 2e a2 17 cc 9b 30 25 6a 17 bd 69 2f 5e 44 60 38 c1 b7 94 1c 4d 71 44 e7 39 b1 31 a5 6e da 73 9e e7 9c d3 ef 7b b3 9d ab c3 f6 7c f6 9c 3d ec 3c 9b b7 e1 4e e8 21 59 b0 e8 9e a6 9d 64 83 7c 77 6b d9 83 25 c7 40 21 84 80 07 01 0f 02 1e 04 3c 08 01 0f b2 01 9e 1c 45 a5 Data Ascii: PNGIHDR.#JtEXtSoftwareAdobe ImageReadyqe< iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:7475633D177711E2937787648577687A" xmpMM:DocumentID="xmp.did:7475633E177711E2937787648577687A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7475633B177711E2937787648577687A" stRef:documentID="xmp.did:7475633C177711E2937787648577687A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>IDATx]HSackZ.pMYE5HF/tE1{QA^B..0%ji/^D`8MqD91ns{|=<N!Yd|wk%@!<E
Aug 20, 2020 21:55:39.116246939 CEST
11517 OUT GET /extension/cofaweb/design/cofaweb/images/icons/arrow_close.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608
Aug 20, 2020 21:55:39.149054050 CEST
11550 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:36 GMTETag: "49a374-153-595692c9acb00"Accept-Ranges: bytesContent-Length: 339Vary: Accept-EncodingKeep-Alive: timeout=5, max=494Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 10 00 00 00 10 08 06 00 00 00 1f f3 ff 61 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 00 20 63 48 52 4d 00 00 7a 25 00 00 80 83 00 00 f9 ff 00 00 80 e9 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 6f 92 5f c5 46 00 00 00 d9 49 44 41 54 78 da 94 d2 41 4a 43 31 10 80 e1 cf a1 0b 0b ae 84 de c0 1b 88 20 a2 50 2a 82 eb 1e c3 b3 89 20 14 dc 89 97 50 28 08 ca 93 62 a1 07 e8 b6 9b 04 c2 33 ed 8b b3 4b 32 ff 9f cc 4c 8e 2e 1e 1f de d1 61 8e ad b6 38 c1 0b c6 81 53 dc e3 09 e3 7f c0 d7 98 04 6e b1 6e 94 94 70 87 69 e0 03 d3 06 c9 1f 18 5f 91 0e 97 03 92 2a 0c 51 24 ed 93 f4 e1 9b 0c c3 a8 f7 cc 2c 79 4b 92 05 8e 71 55 c0 5d 09 8c 2a b5 66 c9 2b 66 69 ef a7 06 f7 4b 28 63 85 df 62 fd 8d 4d 2d 31 0e 74 fb 3c 49 d6 e9 f6 e7 da 74 62 60 54 97 a9 9c15 ee 6a 92 38 00 e7 9a 97 e9 b3 55 25 31 00 f7 1b 9b 25 8b 2c 89 06 38 c7 67 21 99 65 49 34 c2 7b 25 81 b3 46 b8 26 99 ec 06 00 3c 58 4e 8e ad f8 df 66 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDRapHYs cHRMz%u0`:o_FIDATxAJC1 P* P(b3K2L.a8Snnpi_*Q$,yKqU]*f+fiK(cbM-1t<Itb`Tj8U%1%,8g!eI4{%F&<XNfIENDB`
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 70 of 111
Aug 20, 2020 21:55:39.172569036 CEST
11557 OUT GET /extension/cofaweb/design/cofaweb/images/bg/menu_bg.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608
Aug 20, 2020 21:55:39.205959082 CEST
11584 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:35 GMTETag: "49a2b2-f5-595692c8b88c0"Accept-Ranges: bytesContent-Length: 245Vary: Accept-EncodingKeep-Alive: timeout=5, max=493Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 15 00 00 00 27 08 03 00 00 00 d7 7b f3 02 00 00 00 4e 50 4c 54 45 ac dc c1 82 ca a1 bf e4 cf 97 d3 b1 f3 fa f6 ea f6 ef 90 d0 ac ee f8 f3 ba e2 cc fa fd fb 8d cf aa cb e9 d8 dc f0e5 9c d5 b5 f1 f9 f4 bd e3 ce cd ea da e7 f5 ed f8 fc fa af dd c3 9e d6 b7 de f1 e6 7f c9 a0 fd fe fd ff ff ff 61 b5 7c 26 fd b6 bf 00 00 00 62 49 44 41 54 78 da 6d c8 d5 01 83 50 00 04 30 a4 45 6a 38 8f db 7f d1 0e 40 f2 99 ea ba 69 93 fb f6 d1 7e b5 6b b4 95 b6 44 3b 70 a3 7d 73 a3 fd 70 4f ed 12 ed 4b fb 8b 76 d7 ae d1 6e da 12 ed c4 8d 76 e6 46 7b 70 4f ed 12 6d a7 7d 44 bb 6b c7 68 37 6d 89 b6 e1 46 3b 73 a3 3d b8 b5 f6 19 f8 03 7c 1e 4d 2b 66 d6 14 88 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDR'{NPLTEa|&bIDATxmP0Ej8@i~kD;p}spOKvnvF{pOm}Dkh7mF;s=|M+fIENDB`
Aug 20, 2020 21:55:39.240525007 CEST
11665 OUT GET /var/cofaweb/storage/images/ara-ma/home/pop-in/node_215608/2897748-36-fre-FR/image_image703x142.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
Aug 20, 2020 21:55:39.273587942 CEST
11736 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Wed, 22 Jan 2020 22:14:19 GMTETag: "41c2c6-2ee1-59cc1d88884c0"Accept-Ranges: bytesContent-Length: 12001Vary: Accept-EncodingKeep-Alive: timeout=5, max=492Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 bf 00 00 00 8e 08 02 00 00 00 b7 c2 f7 98 00 00 2e a8 49 44 41 54 78 da ed dd 77 7c 14 75 fe 3f f0 cf ec 6e 76 b3 9b 4d ef 84 54 42 42 42 0a 24 80 20 d2 14 04 d4 13 cb 9d fe 2c e8 57 2c 9c e5 d0 13 bf 16 3c c1 de 4e 51 b1 23 8a 07 a2 5f f5 2c 78 16 90 22 82 14 29 02 81 40 08 21 09 21 09 e9 a4 6e df 99 df 1f b3 f9 ec ec 66 77 76 66 d3 80 7b 3d 1f f9 63 76 f7 33 9f f9 cc ec 66 e6 3d 9f 36 cc cd 3f 3d 49 00 00 00 00 24 53 0c 76 01 00 00 00 e0 1c 83 e8 01 00 00 00 e4 41 f4 00 00 00 00 f2 20 7a 00 00 00 00 79 10 3d 00 00 00 80 3c 88 1e 00 00 00 40 1e 44 0f 00 00 00 20 0f a2 07 00 00 00 90 07 d1 03 00 00 00 c8 83 e8 01 00 00 00 e4 41 f4 00 00 00 00 f2 20 7a 00 00 00 00 79 10 3d 00 00 00 80 3c 88 1e 00 00 00 40 1e 44 0f 00 00 00 20 0f a2 07 00 00 00 90 07 d1 03 00 00 00 c8 83 e8 01 00 00 00 e4 41 f4 00 00 00 00 f2 20 7a 00 00 00 00 79 10 3d 00 00 00 80 3c 88 1e 00 00 00 40 1e 44 0f 00 00 00 20 0f a2 07 00 00 00 90 07 d1 03 00 00 00 c8 83 e8 01 00 00 00 e4 41 f4 00 00 00 00 f2 20 7a 00 00 00 00 79 10 3d 00 00 00 80 3c 88 1e 00 00 00 40 1e 44 0f 00 00 00 20 0f a2 07 00 00 00 90 07 d1 03 00 00 00 c8 83 e8 01 00 00 00 e4 41 f4 00 00 00 00 f2 20 7a 00 00 00 00 79 10 3d 00 00 00 80 3c 88 1e 00 00 00 40 1e d5 60 17 00 00 e0 ec b2 6c d2 df c3 83 42 08 21 1c e1 0e 54 1c 59 7a ec df 83 5d 22 80 b3 0e ea 1e 00 00 5c 84 e9 82 f9 85 8a fa 53 08 1d 00 3c 42 f4 00 00 e0 f4 fc 98 3b 19 86 21 84 34 b6 b5 2c d9 bf 72 b0 8b 03 70 96 42 f4 00 00 e0 14 1b 16 4d 08 e9 34 76 3d b8 f3 cd c1 2e 0b c0 d9 0b d1 03 00 80 93 5a 15 60 b1 5a ef fe f5 95 c1 2e 08 c0 59 0d bd 26 01 00 9c e6 ae 7b 6a b0 8b 00 70 0e 40 f4 d0 f7 6e 1b 36 6b da f0 71 0c 61 08 21 1c e1 36 1e d9 b9 aa 6a 83 b7 c4 79 a6 f8 7b 67 cf d5 69 b4 84 10 8e e3 7e 39 b4 73 65 ad 4b e2 67 46 df 9e 12 3b 94 be ec 30 76 dd 23 7a 57 f4 6c e1 1d c9 d1 09 fc f2 81 ca 23 af 96 7c e9 df 5e 2c ca bd 39 31 32 5e a7 09 54 30 0a 42 88 9d b5 77 1a 0d 65 a7 2b 5f 2f fb da db 2a 0f a4 5d 5d 98 91 27 92 27 c7 71 66 ab c5 60 32 1e 3b 55 f6 ce a9 1f 7a 26 78 66 d4 bc 94 b8 44 7e b9 b2 be fa 89 fd 1f f6 4c 73 57 c2 ac 9c 94 cc 90 a0 60 a5 42 c9 e7 69 b4 98 6a 9b ea b7 1f de bd 91 3b ea 71 bb ab 67 2d 91 b5 ef f4 fa f1 f7 f4 6b 0b d2 73 24 ae 65 b3 db 3e db f6 9f 9f 4d 45 1e 3f 5d 98 75 dd a8 e4 2c 9a f2 cb dd eb 7e 6c db 27 92 db ca 19 8f ab 94 2a 42 88 cd 6e ff 72 fb 0f 3f 1a f6 f7 4c f3 58 f6 8d 49 d1 43 74 1a ad 42 21 f8 8e 6a 2b 5e 3f f1 8d b7 6c 9f 2d b8 3d 39 66 28 91 cc 6a b7 cd db f0 1c 21 e4 fd a9 0f eb 02 b5 22 29 ed ac dd 68 36 35 b6 36 ef 28 da b3 8e 3b dc cb 6f e1 8f f2 c3 af 95 7e e5 33 d9 f2 8b 1f d1 aa 03 7d 95 ca dc d4 da fc c4 c1 8f 3c 26 f8 68 fa e3 01 2a a9 a7 c1 c6 d6 e6 07 77 bd e5 5c 77 c6 e3 01 4a af eb 9a ad 16 8b d5 52 71 ba ea 9f c7 3d fc 0f d2 75 0d 66 e3 fc 5f 5e f6 96 c9 fb 17 3f a2 53 07 12 42 6c 76 db 6d 1b 9e e3 df 9c a9 cd ff 7f 17 5d a1 52 ca 38 7b f7 fc 6f 7a 60 d8 35 85 c3 73 e9 4b 8b cd 7a fb c6 e7 7b ae e8 76 fe f1 89 fe 60 84 2b 7a fb 5f a6 de 9a f4 a0 5e ab e3 ff a3 59 96 35 98 8d 55 0d 35 2f 1c fd 4c 64 15 e1 c1 df 57 5a f4 7a f9 37 e2 c9 84 07 Data Ascii: PNGIHDR.IDATxw|u?nvMTBBB$ ,W,<NQ#_,x")@!!nfwvf{=cv3f=6?=I$SvA zy=<@D A zy=<@D A zy=<@D A zy=<@D A zy=<@`lB!TYz]"\S<B;!4,rpBM4v=.Z`Z.Y&{jp@n6kqa!6jy{gi~9seKgF;0v#zWl#|^,912^T0Bwe+_/*]]''qf`2;Uz&xfD~LsW`Bij;qg-ks$e>ME?]u,~l'*Bnr?LXICtB!j+^?l-=9f(j!")h656(;o~3}<&h*w\wJRq=uf_^?SBlvm]R8{oz`5sKz{v`+z_^Y5U5/LdWZz7
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 71 of 111
Session ID Source IP Source Port Destination IP Destination Port Process
4 192.168.2.4 49782 193.56.140.134 80 C:\Program Files (x86)\Internet Explorer\iexplore.exe
TimestampkBytestransferred Direction Data
Aug 20, 2020 21:55:37.266225100 CEST
9261 OUT GET /extension/cofaweb/design/cofaweb/javascript/mediaelement-and-player.min.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
Aug 20, 2020 21:55:37.306123018 CEST
9279 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:37 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:31 GMTETag: "49a3bb-1fba2-595692c4e7fc0"Accept-Ranges: bytesVary: Accept-EncodingKeep-Alive: timeout=5, max=500Connection: Keep-AliveContent-Type: text/javascriptContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 36 32 33 33 0d 0a 1f 8b 08 00 00 00 00 00 04 03 4a 2b cd 4b 2e c9 cc cf 53 48 4f 2d f1 cc 2b 49 2d ca 4b 2d 71 ad 28 c8 c9 2f 4a 2d 0a 4b 2d 2a 06 4a 69 68 2a 54 f3 72 29 00 41 59 62 91 42 51 99 82 ad 82 ae a1 b5 82 be be 42 50 6a 49 69 51 1e 50 38 a7 34 55 21 b1 b8 b8 34 37 b5 58 21 2d 31 33 a7 b4 28 55 0f a2 25 33 4d 41 23 2f b1 2c 33 3d b1 24 bf 48 2f b1 a0 c0 2f 31 37 55 c1 d6 56 41 dd 37 33 b9 28 bf 38 3f ad 44 01 66 af 02 cc 62 75 b8 8d 20 0c b2 b5 34 11 68 2b c2 9c d2 e2 d4 22 c7 f4 d4 bc 12 6b 54 65 45 a9 20 65 a9 e5 40 97 a5 03 0d d3 50 f2 0d f6 74 55 d0 88 36 d0 b5 8c ad 36 d4 a9 8d 8e d1 03 33 0d 74 6a 35 95 34 91 34 83 9c 09 74 73 6a 45 6a b2 46 69 a2 a6 82 22 d0 98 d2 9c 1c 4d 84 0a 10 0d f6 7b 41 62 51 71 aa 5b 4e 7e 62 89 06 c4 16 3d 15 43 98 51 b5 10 aa 08 12 2e 45 65 40 61 a0 10 2f 97 8a 46 4a 7e 32 30 74 f2 4a 34 f5 8a 52 13 53 2a 35 d2 60 e1 0e 09 5d ce a4 d2 cc 9c 94 b0 cc 94 d4 fc 62 0d 90 69 b5 20 82 97 0b ae 0c 45 1e a4 03 64 8f 8a 86 7a 19 48 48 5d 53 2f 35 31 39 03 c9 d0 cc bc 94 d4 0a 1d 05 b0 2c 5c 39 08 ab 68 40 c4 f4 72 53 53 32 13 53 73 52 41 8e 2a c8 49 ac 4c 2d d2 40 52 06 a2 53 52 d3 12 4b 73 4a c0 96 86 67 a6 94 64 58 29 98 99 18 e8 e0 56 e4 91 9a 99 9e 51 62 a5 60 6c 86 ae 0a 6c 27 d4 0c 5d 43 6c 92 30 bd e8 b2 0a 89 a5 29 99 30 ad 26 06 e8 06 83 65 61 7a 8d d1 65 8b 4b 12 8b 4a c2 f2 73 80 21 6f a5 60 a0 67 81 26 9d 93 9f 5f 60 05 4c af 39 c5 a9 68 32 a9 79 89 49 39 a9 8e a5 25 f9 c5 99 55 40 bd 25 45 a5 e8 4a 12 a1 92 01 45 f9 e9 45 a9 c5 c5 e8 06 41 c8 b4 d4 44 60 52 48 05 ca 46 ab 83 42 b9 20 11 98 74 d5 75 14 d4 93 4b 8b 8a 80 21 0f 62 a6 94 16 25 82 62 0d c4 2e 80 9a 06 62 97 81 1d 0e 62 a5 01 93 62 71 72 51 6a 6a 9e 7a 2c 9a 05 89 39 e5 89 95 c5 c1 19 f9 e5 ce f9 79 25 45 f9 39 c5 e8 0e 81 90 99 01 89 29 a1 c5 a9 7e 40 9b ca 52 09 29 cd c8 cf 4b 25 a4 18 4a 38 e6 a5 14 e5 67 a2 1b 8d ae 1a 86 11 ae f5 c8 2f 2d 42 57 04 25 8a 81 d2 21 99 b9 a9 c9 f9 29 a9 6e 45 c0 e2 c2 39 bf 34 af 04 5d 2d 84 4c 03 c9 17 07 a4 16 05 03 95 e7 a5 58 29 18 99 a2 a9 80 44 a5 77 6a 65 52 7e 62 51 0a 7a 54 82 29 70 a4 f8 97 64 a4 16 05 e4 80 32 42 31 ba 2a 30 95 9d 5a e9 08 ce 5d 40 e9 e8 58 50 e6 84 c9 82 f3 2a 88 03 66 80 33 bc be 96 22 2f 97 96 82 2f 28 93 b9 42 32 99 5e 56 31 48 c8 23 c4 d7 c7 54 c1 06 9c e8 ed 14 12 f3 52 14 6c c0 89 d8 0e e8 ef cc 5c b0 40 01 d8 15 20 c5 19 25 25 05 56 fa fa c8 79 35 ab 58 2f 39 3f 57 1f 28 0b 44 0a ce c0 d2 a4 04 58 e8 26 2a 78 25 96 25 06 27 17 65 16 94 28 e4 27 65 a5 26 97 28 94 64 24 96 28 e4 66 e6 66 26 17 43 6d 45 76 8e 82 63 80 27 c8 84 b4 fc 22 85 a4 a2 fc 72 60 89 5a 0c d1 92 02 4c 8a 25 0a a5 c0 12 a4 08 98 81 80 ee 81 68 06 aa 4b 4e 04 c9 80 9c 07 54 99 aa 00 4c ac 20 6f a4 28 80 62 2a 19 64 98 73 62 1e 44 da 37 c0 44 41 c3 43 cf c8 cc 44 53 47 c1 3f 3d 5d 47 21 3c 35 c9 57 47 c1 cd 27 0c c8 f4 05 13 8e 3a 0a 8e ce ce 3a 60 2f fb 06 18 f3 42 7d 94 5f 50 59 04 ca cf 0a 46 06 86 06 ba 40 c2 48 47 c1 2b 3f 23 4f c1 05 18 28 0a 1a d0 20 c9 d2 cb c8 d3 04 a9 77 29 4d cc 51 c8 c9 4c Data Ascii: 6233J+K.SHO-+I-K-q(/J-K-*Jih*Tr)AYbBQBPjIiQP84U!47X!-13(U%3MA#/,3=$H//17UVA73(8?Dfbu 4h+"kTeE e@PtU663tj544tsjEjFi"M{AbQq[N~b=CQ.Ee@a/FJ~20tJ4RS*5`]bi EdzHH]S/519,\9h@rSS2SsRA*IL-@RSRKsJgdX)VQb`ll']Cl0)0&eazeKJs!o`g&_`L9h2yI9%U@%EJEEAD`RHFB tuK!b%b.bbbqrQjjz,9y%E9)~@R)K%J8g/-BW%!)nE94]-LX)DwjeR~bQzT)pd2B1*0Z]@XP*f3"//(B2^V1H#TRl\@ %%Vy5X/9?W(DX&*x%%'e('e&(d$(ff&CmEvc'"r`ZL%hKNTL o(b*dsbD7DACDSG?=]G!<5WG'::`/B}_PYF@HG+?#O( w)MQL
Aug 20, 2020 21:55:38.337373972 CEST
9561 OUT GET /extension/cofaweb/design/cofaweb/images/icons/country_select.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
Copyright null 2020 Page 72 of 111
Aug 20, 2020 21:55:38.372322083 CEST
9567 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:36 GMTETag: "49a357-4ae-595692c9acb00"Accept-Ranges: bytesContent-Length: 1198Vary: Accept-EncodingKeep-Alive: timeout=5, max=499Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 0d 00 00 00 0c 08 02 00 00 00 36 d5 a0 8e 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 b2 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 30 2d 63 30 36 30 20 36 31 2e 31 33 34 37 37 37 2c 20 32 30 31 30 2f 30 32 2f 31 32 2d 31 37 3a 33 32 3a 30 30 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 52 69 67 68 74 73 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 72 69 67 68 74 73 2f 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 6d 6d 2f 22 20 78 6d 6c 6e 73 3a 73 74 52 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 52 65 66 23 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 70 52 69 67 68 74 73 3a 4d 61 72 6b 65 64 3d 22 46 61 6c 73 65 22 20 78 6d 70 4d 4d 3a 4f 72 69 67 69 6e 61 6c 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 43 38 44 36 45 30 42 37 30 38 32 30 36 38 31 31 42 38 34 30 46 44 38 45 39 39 30 46 39 30 39 46 22 20 78 6d 70 4d 4d 3a 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 41 30 43 36 37 39 41 38 31 31 34 34 31 31 45 32 39 35 32 31 46 44 34 39 36 34 30 45 30 31 42 38 22 20 78 6d 70 4d 4d 3a 49 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 41 30 43 36 37 39 41 37 31 31 34 34 31 31 45 32 39 35 32 31 46 44 34 39 36 34 30 45 30 31 42 38 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 53 35 20 4d 61 63 69 6e 74 6f 73 68 22 3e 20 3c 78 6d 70 4d 4d 3a 44 65 72 69 76 65 64 46 72 6f 6d 20 73 74 52 65 66 3a 69 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 30 35 38 30 31 31 37 34 30 37 32 30 36 38 31 31 39 39 46 34 45 41 42 37 41 42 31 37 46 44 35 35 22 20 73 74 52 65 66 3a 64 6f 63 75 6d 65 6e 74 49 44 3d 22 75 75 69 64 3a 32 42 43 39 44 32 35 45 36 46 45 46 45 31 31 31 41 32 37 45 42 30 31 41 34 43 43 36 31 32 38 32 22 2f 3e 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 20 3c 2f 72 64 66 3a 52 44 46 3e 20 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 20 3c 3f 78 70 61 63 6b 65 74 20 65 6e 64 3d 22 72 22 3f 3e 92 d7 0d 7d 00 00 00 92 49 44 41 54 78 da Data Ascii: PNGIHDR6tEXtSoftwareAdobe ImageReadyqe<iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:C8D6E0B708206811B840FD8E990F909F" xmpMM:DocumentID="xmp.did:A0C679A8114411E29521FD49640E01B8" xmpMM:InstanceID="xmp.iid:A0C679A7114411E29521FD49640E01B8" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:058011740720681199F4EAB7AB17FD55" stRef:documentID="uuid:2BC9D25E6FEFE111A27EB01A4CC61282"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>}IDATx
Aug 20, 2020 21:55:38.382905960 CEST
9576 OUT GET /var/cofaweb/storage/images/ara-ma/home/home-slide-block/assess-market-opportunities/422857-6-fre-FR/Evaluer-un-marche_slider_large.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 73 of 111
Aug 20, 2020 21:55:38.416996956 CEST
9620 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2013 15:22:48 GMTETag: "13a3de-34e72-4e941db494200"Accept-Ranges: bytesContent-Length: 216690Vary: Accept-EncodingKeep-Alive: timeout=5, max=498Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 06 d2 00 00 01 45 08 03 00 00 00 46 e6 89 7c 00 00 03 00 50 4c 54 45 3f 39 41 7a 71 68 50 51 52 41 43 44 62 63 62 c1 c2 be c7 c8 c3 d1 d1 cb d7 d7 d1 00 00 00 51 4d 56 01 21 5a 05 43 82 06 7a c2 2f 8e cf ba 9a 92 52 99 cf 76 96 b4 02 5e a6 e9 bb af 36 65 91 8c 7f 85 23 31 43 b6 6d 44 c8 98 90 18 20 2e df b1 99 91 a9 a9 c1 bb b1 ca c4 bb 8c 4e 37 d9 c5 b6 c0 74 64 e2 9c 89 e2 dd d8 43 22 1a 7a 8d 86 d2 cf c9 aa c4 e0 75 40 2d bc 88 82 6c 78 6f bc d1 e5 74 4e 4c ea eb ea 52 2d 21 91 a2 b7 23 29 36 88 89 7d d4 d1 cb cb ae 9b 2e 3b 4b 76 8a a4 7a 5e 53 ca da e8 77 ac d3 5b 5c 6b a5 81 7a 88 96 a9 ce 82 70 88 67 3e 62 34 28 d0 ba a9 7d 5d 34 8f 72 50 53 73 95 d9 8d 79 cf d3 d2 82 8f 9c 4b 4b 56 31 43 5a 61 68 7b a0 5f 43 a8 ba c6 77 4a 3c 86 6a 58 be 98 7a b4 8f 70 7c 69 55 37 51 6c e9 d5 c8 4d 59 6c c6 a8 89 8f 5d 52 8e 94 8a aa 82 66 64 7f 9d a4 8c 71 65 6b 60 aa 9e 9b a6 71 63 66 61 6b 9a 67 58 9c 9c a1 bb 7e 6d aa 69 55 7b 81 75 60 71 89 bf bf bf 6f 77 8a 9b a0 97 b7 a0 85 51 63 7a 88 55 46 92 97 97 9b b0 c0 99 8b 76 86 75 61 a3 97 94 41 5d 7a 8a b5 d8 79 5f 4a 5e 5e 4f 6e 68 70 96 7d 75 62 3f 37 c2 c7 c8 52 51 5c 8b 86 8d 79 82 95 b2 76 5d 96 7b 5f 99 8e 91 45 50 62 65 60 53 73 6f 7a 96 88 84 ae 96 7e a1 92 7b 1a 11 10 4e 69 87 6d 5f 65 8c 7c 6b 79 76 69 3f 46 56 6d 5b 4b 5f 59 61 b9 b6 ac 7f 7c 86 a2 a7 a1 69 54 45 a1 97 84 da e1 e3 98 84 6b 3e 31 30 6d 65 57 7e 75 79 06 06 07 09 0b 10 91 73 6f 88 7b 7b a6 aa ab 4d 43 43 af a5 91 45 39 37 5b 52 5a 31 1f 19 75 6d 61 d8 d6 d0 61 4c 3f 8a 6f 6b 35 30 31 ae b1 b1 b7 ba bc 35 25 1d 3b 36 38 5e 56 49 22 16 13 c0 b7 a1 2f 27 28 b4 ac a4 29 22 24 3f 2c 25 4b 37 2d 23 22 29 52 3b 31 1d 19 1a b8 a9 8f b0 b8 b9 28 1b 17 56 49 3e 3a 2a 22 d5 db db aa 9d 88 4b 3c 35 38 2b 29 99 b9 da b0 a8 9d ca cf cf 58 4d 47 44 36 30 51 49 50 29 26 2c 44 32 2a 44 3d 41 1c 1c 22 51 41 39 22 1f 23 3d 3e 48 3e 30 29 bb af 96 bc b4 9c 2f 2f 36 47 43 4b 34 27 23 2f 23 20 79 68 6b 68 59 5c 6b 5c 60 2d 2a 30 73 62 62 21 1c 1e 83 6b 68 3a 39 41 e8 e5 de 33 33 3c eb df d5 1a 19 1e 28 1f 1f 17 16 19 64 54 55 65 56 58 72 62 65 75 65 68 69 59 59 76 63 65 14 13 16 84 6f 70 7a 66 67 ec ea e6 10 10 12 6d 5d 5d 61 52 52 6b 5b 5c 5c 4e 4f 7c 68 69 ed ea e5 71 60 62 7e 6a 6c 81 6c 6e eb e9 e5 ef ed e9 e8 e7 e0 e6 e8 ea 6f 5e 60 db cf c3 e7 ea eb e9 e7 e2 ed eb e7 0d 0d 0e ec e9 e5 ed ea e6 ef eb e7 eb e8 e3 d7 cc c0 ed ec e8 4b cd 27 0e 00 00 00 0a 74 52 4e 53 f0 de c5 e9 81 1f 3f d1 87 00 7c ca da 9f 00 03 4b 17 49 44 41 54 78 da cc 9d 7d 70 56 d5 b9 f6 fb cf 39 3d f5 9f 0c 7f d0 ea 10 4a 87 23 15 67 78 03 09 0f 33 49 ec e1 78 c6 a4 cf 4b 81 d3 89 25 31 06 a8 3c 3e 92 12 ec 3b 0a 63 78 44 88 61 00 23 04 d1 21 23 a0 83 a0 01 d1 40 a6 19 84 53 71 8e 9c 9a c2 21 a5 20 5f 86 c0 f0 21 88 24 15 5a 22 54 43 e3 24 47 cf 7b dd f7 b5 d6 be f7 66 87 97 e3 47 3b efb5 d6 5e eb 5e 6b 07 e4 61 a2 3f af 7b dd 7b e7 5b ed ed 7b db 8f 9e 08 69 ff 89 fd 61 1d e5 78 14 17 34 1a 0d 6a 3d da da da 7a 74 4b 2b a5 1b ba 8d 86 65 33 f6 5a 5a 30 70 46 6b d9 db 82 6b 6f 4b f3 de 16 b4 3d 7b f6 42 7b f6 ec 41 b8 Data Ascii: PNGIHDREF|PLTE?9AzqhPQRACDbcbQMV!ZCz/Rv^6e#1CmD .N7tdC"zu@-lxotNLR-!#)6}.;Kvz^Sw[\kzpg>b4(}]4rPSsyKKV1CZah{_CwJ<jXzp|iU7QlMYl]Rfdqek`qcfakgX~miU{u`qowQczUFvuaA]zy_J^^Onhp}ub?7RQ\yv]{_EPbe`Ssoz~{Nim_e|kyvi?FVm[K_Ya|iTEk>10meW~uyso{{MCCE97[RZ1umaaL?ok5015%;68^VI"/'()"$?,%K7-#")R;1(VI>:*"K<58+)XMGD60QIP)&,D2*D=A"QA9"#=>H>0)//6GCK4'#/# yhkhY\k\`-*0sbb!kh:9A33<(dTUeVXrbeuehiYYvceopzfgm]]aRRk[\\NO|hiq`b~jllno^`K'tRNS?|KIDATx}pV9=J#gx3IxK%1<>;cxDa#!#@Sq! _!$Z"TC$G{fG;^^ka?{{[{iax4j=ztK+e3ZZ0pFkkoK={B{A
Aug 20, 2020 21:55:38.825089931 CEST
10505 OUT GET /var/cofaweb/storage/images/ara-ma/home/home-slide-block/finance-my-development/422817-7-fre-FR/Faciliter-mon-acces-au-financement_slider_small.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 74 of 111
Aug 20, 2020 21:55:38.859359026 CEST
10552 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Wed, 22 Jan 2020 22:14:18 GMTETag: "13a426-338c2-59cc1d8794280"Accept-Ranges: bytesContent-Length: 211138Vary: Accept-EncodingKeep-Alive: timeout=5, max=497Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 82 00 00 01 45 08 06 00 00 00 e1 17 ea 85 00 00 80 00 49 44 41 54 78 da a4 fd 77 b0 6e 59 7a de 87 fd 56 d8 e1 4b 27 df 73 f3 ed ee db 3d 3d dd 3d 3d 19 03 80 03 90 18 80 20 40 01 20 44 d0 14 49 31 98 94 a5 52 59 a4 e5 b2 58 a5 f2 1f 2e cb a6 55 b6 ca 25 57 89 b0 5c cc 94 86 90 0c 51 a2 49 80 c8 18 12 c0 00 83 30 b1 27 74 ce b7 6f be 27 9f f3 a5 1d 56 f0 1f ef da fb 3b 0d 50 24 41 dd 2a 00 8d 0e e7 7c df de 6b bd e1 79 9f e7 79 d5 70 34 8c 56 83 d2 8a 2c d3 18 a3 c9 b2 82 ef fe 9e ef e3 e6 13 4f 52 8e 27 14 c5 80 a2 c8 c8 b3 01 b9 2d c8 6c 06 31 12 62 04 a5 f9 d8 f3 cf 91 0d 5a 7c 6c 50 44 1a ef 21 46 34 e0 62 40 85 00 4a a1 b5 41 6b 8d 55 1a 6d 34 87 47 77 f9 3f ff 67 ff 39 11 cb d6 e6 06 db 5b eb 8c 46 63 86 c3 01 eb 6b 1b 6c 6d ef 50 96 25 c3 51 c9 78 3c 21 b7 05 c6 66 28 ad 88 80 02 ac 31 44 c0 da 0c 6d 0d 83 ac 40 29 a8 db 96 18 03 44 08 21 d0 34 b5 7c 2e 05 a1 75 c4 18 09 0a 66 f3 19 ef bd fb 2d 3e f7 cb bf ca 8b df 78 9b 2c b3 a0 60 b9 a8 20 46 8c 35 d8 2c 63 6d 7d 83 d1 68 4c 51 94 64 79 8e73 1e 17 22 20 3f 3f 06 f9 77 3f f2 fc f3 fc e8 8f fc 18 de b5 fc dd cf fe 5d 1e 3e 78 08 4a 41 8c f2 99 95 22 12 20 c8 5f 87 18 70 ce a7 7f 25 60 32 c3 f6 ee 26 37 1e 7b 92 e7 9e fb 28 17 2f 5f 63 6d b2 9e be af 22 53 a0 94 21 2a 45 0c 8e e0 3d 07 67 27 6c 8c c6 68 63 e4 7f 94 46 a1 38 3c 39 e6 e4 e0 10 9b 65 64 c6 50 37 35 77 ee dd 67 31 9d f2 b1 8f 7f 8c 72 30 66 34 18 a0 22 18 ab 59 2e 67 3c dc 7b c8 e9 c9 31 d1 b5 0c 26 5b 5c da bd c4 78 30 e4 de bd fb ec 1d 1c f1 e4 63 d7 89 44 42 0c b4 ae a5 6e 5a ca 32 f2 c4 f5 cb 78 17 70 1e 5c eb f1 3e 42 84 2c cb 89 31 b2 58 cc 99 cf 17 ec ec ec 90 99 82 dc 5a 5c 70 44 e7 b1 99 45 29 d0 21 e2 eb 8a a3 bd 47 6c 5d b8 48 24 a2 42 20 cf 72 6c 9e a1 8d 21 38 8f d6 1a 6d 14 79 9e a3 00 17 1c 0a e4 44 c4 48 08 01 a5 14 5a 6b 00 3c 11 83 26 c6 88 d6 16 a5 22 5a 2b 42 74 c4 74 3e 94 fc 36 e6 8b 45 fa dc 9a 3c cf 89 41 de 4b 59 16 28 60 b6 a8 39 d8 3f a6 18 94 f8 b6 65 51 35 ec 3f 3c e4 f4 ec 8c 36 78 ae 5d b9 c6 ce e6 3a 97 ae 5e c0 5a cd bc 5a 52 14 25 e3 d1 1a d6 18 7c 08 e9 ee c8 67 24 02 44 62 84 48 94 43 1d 21 fa 20 ff 88 ee f8 a4 13 20 5f 31 fd 89 44 22 da 18 94 02 d2 cf 54 44 26 bb d7 f8 db 9f fd bb bc f4 e2 57 69 eb 9a a7 3f f0 1c 3b bb 57 b9 b0 b3 cb d1 f1 31 6b e3 35 ce 4e 67 5c dc bd c8 3b ef be 8e b5 19 77 ef de e7 7f f8 87 3f c9 62 31 47 29 30 5a 51 0e 07 fc b1 7f fb df e1 89 9b 4f f2 f1 0f 3f cf 8d 1b 57 c9 ac a5 69 6a 6e dd 7d 97 df f8 d2 17 69 16 9e a7 9f 7c 96 e7 9e 7e 96 41 59 90 65 96 d9 62 c1 df f8 3b ff 35 bf f0 b3 3f 4b 0c 72 0f 63 fa 9e 4a d1 7f 17 95 de 5c 24 a2 94 4e df 53 be af c9 06 6c 3d f6 29 62 f0 6c ef ee 72 7c f4 08 e7 6a 94 8a 94 18 6a ef e4 67 7a 4f 54 0a 1f 03 c6 58 32 6b a9 a7 53 88 91 a6 5a a2 4d 46 f4 0e 95 62 05 11 a2 f2 f8 c5 29 4d 7d 42 59 0e a9 aa 05 ff a2 3f e9 75 fc 9e 3f 79 9e b3 bd b3 43 5d d7 78 df b2 b9 bd c6 60 58 e2 9d 63 30 cc b9 7a 6d 9b ad cd 75 b4 8a ac 6f ae f3 f8 8d 27 38 3d 85 ff f7 8f ff d7 58 ab d1 da 00 11 63 35 59 96 61 ad 9c 4b 15 e4 6c d0 c5 8a ee 65 6b 85 8a f2 5c 62 08 38 1f 30 da 12 d3 39 9f 2f Data Ascii: PNGIHDREIDATxwnYzVK's==== @ DI1RYX.U%W\QI0'to'V;P$A*|kyyp4V,OR'-l1bZ|lPD!F4b@JAkUm4Gw?g9[FcklmP%Qx<!f(1Dm@)D!4|.uf->x,` F5,cm}hLQdys" ??w?]>xJA" _p%`2&7{(/_cm"S!*E=g'lhcF8<9edP75wg1r0f4"Y.g<{1&[\x0cDBnZ2xp\>B,1XZ\pDE)!Gl]H$B rl!8myDHZk<&"Z+Btt>6E<AKY(`9?eQ5?<6x]:^ZZR%|g$DbHC! _1D"TD&Wi?;W1k5Ng\;w?b1G)0ZQO?Wijn}i|~AYeb;5?KrcJ\$NSl=)blr|jjgzOTX2kSZMFb)M}BY?u?yC]x`Xc0zmuo'8=Xc5YaKlek\b809/
Aug 20, 2020 21:55:39.068973064 CEST
11373 OUT GET /extension/cofaweb/design/cofaweb/images/bg/content_texture.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 75 of 111
Aug 20, 2020 21:55:39.102346897 CEST
11458 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:29 GMTETag: "49a2c5-433-595692c2ffb40"Accept-Ranges: bytesContent-Length: 1075Vary: Accept-EncodingKeep-Alive: timeout=5, max=496Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 02 00 00 00 02 08 02 00 00 00 fd d4 9a 73 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 b2 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 30 2d 63 30 36 30 20 36 31 2e 31 33 34 37 37 37 2c 20 32 30 31 30 2f 30 32 2f 31 32 2d 31 37 3a 33 32 3a 30 30 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 52 69 67 68 74 73 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 72 69 67 68 74 73 2f 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 6d 6d 2f 22 20 78 6d 6c 6e 73 3a 73 74 52 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 52 65 66 23 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 70 52 69 67 68 74 73 3a 4d 61 72 6b 65 64 3d 22 46 61 6c 73 65 22 20 78 6d 70 4d 4d 3a 4f 72 69 67 69 6e 61 6c 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 43 38 44 36 45 30 42 37 30 38 32 30 36 38 31 31 42 38 34 30 46 44 38 45 39 39 30 46 39 30 39 46 22 20 78 6d 70 4d 4d 3a 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 41 31 38 30 46 34 44 33 31 31 34 34 31 31 45 32 39 35 32 31 46 44 34 39 36 34 30 45 30 31 42 38 22 20 78 6d 70 4d 4d 3a 49 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 41 31 38 30 46 34 44 32 31 31 34 34 31 31 45 32 39 35 32 31 46 44 34 39 36 34 30 45 30 31 42 38 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 53 35 20 4d 61 63 69 6e 74 6f 73 68 22 3e 20 3c 78 6d 70 4d 4d 3a 44 65 72 69 76 65 64 46 72 6f 6d 20 73 74 52 65 66 3a 69 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 30 35 38 30 31 31 37 34 30 37 32 30 36 38 31 31 39 39 46 34 45 41 42 37 41 42 31 37 46 44 35 35 22 20 73 74 52 65 66 3a 64 6f 63 75 6d 65 6e 74 49 44 3d 22 75 75 69 64 3a 32 42 43 39 44 32 35 45 36 46 45 46 45 31 31 31 41 32 37 45 42 30 31 41 34 43 43 36 31 32 38 32 22 2f 3e 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 20 3c 2f 72 64 66 3a 52 44 46 3e 20 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 20 3c 3f 78 70 61 63 6b 65 74 20 65 6e 64 3d 22 72 22 3f 3e 4b 31 45 db 00 00 00 17 49 44 41 54 78 da Data Ascii: PNGIHDRstEXtSoftwareAdobe ImageReadyqe<iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:C8D6E0B708206811B840FD8E990F909F" xmpMM:DocumentID="xmp.did:A180F4D3114411E29521FD49640E01B8" xmpMM:InstanceID="xmp.iid:A180F4D2114411E29521FD49640E01B8" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:058011740720681199F4EAB7AB17FD55" stRef:documentID="uuid:2BC9D25E6FEFE111A27EB01A4CC61282"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>K1EIDATx
Aug 20, 2020 21:55:39.121789932 CEST
11519 OUT GET /extension/cofaweb/design/cofaweb/images/bg/menu_level_2_bg.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 76 of 111
Aug 20, 2020 21:55:39.155308962 CEST
11555 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Sun, 07 Apr 2019 15:36:22 GMTETag: "49a2d2-52a-585f27b5fa980"Accept-Ranges: bytesContent-Length: 1322Vary: Accept-EncodingKeep-Alive: timeout=5, max=495Connection: Keep-AliveContent-Type: image/jpegData Raw: ff d8 ff e1 00 18 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 00 00 00 00 00 00 00 00 ff ec 00 11 44 75 63 6b 79 00 01 00 04 00 00 00 64 00 00 ff e1 03 29 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 30 2d 63 30 36 31 20 36 34 2e 31 34 30 39 34 39 2c 20 32 30 31 30 2f 31 32 2f 30 37 2d 31 30 3a 35 37 3a 30 31 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 6d 6d 2f 22 20 78 6d 6c 6e 73 3a 73 74 52 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 52 65 66 23 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 70 4d 4d 3a 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 39 46 45 39 44 35 41 33 41 32 38 39 31 31 45 32 38 43 32 34 44 35 37 41 36 44 44 34 46 30 33 38 22 20 78 6d 70 4d 4d 3a 49 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 39 46 45 39 44 35 41 32 41 32 38 39 31 31 45 32 38 43 32 34 44 35 37 41 36 44 44 34 46 30 33 38 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 53 35 20 57 69 6e 64 6f 77 73 22 3e 20 3c 78 6d 70 4d 4d 3a 44 65 72 69 76 65 64 46 72 6f 6d 20 73 74 52 65 66 3a 69 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 44 31 46 30 44 35 36 34 31 31 37 31 31 31 45 32 41 33 30 44 46 44 38 41 45 38 38 32 42 44 41 30 22 20 73 74 52 65 66 3a 64 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 44 31 46 30 44 35 36 35 31 31 37 31 31 31 45 32 41 33 30 44 46 44 38 41 45 38 38 32 42 44 41 30 22 2f 3e 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 20 3c 2f 72 64 66 3a 52 44 46 3e 20 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 20 3c 3f 78 70 61 63 6b 65 74 20 65 6e 64 3d 22 72 22 3f 3e ff ee 00 0e 41 64 6f 62 65 00 64 c0 00 00 00 01 ff db 00 84 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 02 02 02 02 02 02 02 02 02 02 02 03 03 03 03 03 03 03 03 03 03 01 01 01 01 01 01 01 02 01 01 02 02 02 01 02 02 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 03 ff c0 00 11 08 00 01 06 40 03 01 11 00 02 11 01 03 11 01 ff c4 00 60 00 01 01 01 00 00 Data Ascii: ExifII*Duckyd)http://ns.adobe.com/xap/1.0/<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c061 64.140949, 2010/12/07-10:57:01 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:9FE9D5A3A28911E28C24D57A6DD4F038" xmpMM:InstanceID="xmp.iid:9FE9D5A2A28911E28C24D57A6DD4F038" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:D1F0D564117111E2A30DFD8AE882BDA0" stRef:documentID="xmp.did:D1F0D565117111E2A30DFD8AE882BDA0"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>Adobed@`
Aug 20, 2020 21:55:39.180444002 CEST
11572 OUT GET /var/cofaweb/storage/images/media/images/asmex-mod/2789765-1-fre-FR/ASMEX-MOD_small.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 77 of 111
Aug 20, 2020 21:55:39.214952946 CEST
11586 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Wed, 22 Jan 2020 22:14:19 GMTETag: "4101d5-1cc7-59cc1d88884c0"Accept-Ranges: bytesContent-Length: 7367Vary: Accept-EncodingKeep-Alive: timeout=5, max=494Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 64 00 00 00 41 08 06 00 00 00 27 83 01 d1 00 00 1c 8e 49 44 41 54 78 da ed 9b 79 8c 5c d7 75 e6 7f 6f af 57 7b f5 be 90 6c ae 22 d9 22 29 c9 92 a8 dd 8a 64 69 ec b1 0c cb 8e c7 e3 24 08 12 4c 66 80 04 99 c0 03 27 98 41 66 85 67 01 c6 08 f2 47 c6 ce 38 98 31 32 c8 d8 0e 12 c8 1e d9 88 ad c5 ab 64 6a a3 c4 4d e2 be 34 9b bd 54 77 57 75 d7 be bc fd bd 3b 7f bc 62 4b 14 29 92 a2 64 8b 86 79 80 46 35 ba ab de ad 7b bf 7b cf f9 ce 77 ce 95 84 10 82 1b 76 dd 98 fc 41 7f 81 1b 76 a1 dd 00 e4 3a b3 1b 80 5c 67 76 03 90 eb cc 6e 00 72 9d d9 0d 40 2e 61 73 73 73 fc e0 07 3f c0 f7 fd 5f f8 d8 37 00 b9 84 35 1a 0d f6 ec d9 f3 81 00 22 dd c8 43 2e 36 21 04 42 08 64 f9 17 bf 5f af 3b 40 44 10 20 6c 17 e1 38 88 4e 97 a8 dd 41 b4 3b f1 ab ed 42 14 c5 6f 94 25 a4 a4 89 9c cf a3 0c 14 90 0b 39 a4 6c 16 49 55 3e e8 29 bc 27 53 3f d0 d1 83 90 b0 d9 22 2a af 10 2e 2c e1 17 97 08 17 96 08 4b cb 44 b5 06 51 b3 8d 70 5c 10 11 12 20 c2 08 84 40 38 2e 51 a7 8b b0 2c 10 20 17 72 a8 1b d6 61 ec be 8d c4 c3 f7 a3 df 7a 33 92 61 7c d0 6b 7b 4d f6 0b 3d 21 f1 42 76 08 17 4a f8 67 67 08 66 e6 89 96 ab 08 df 43 52 54 a4 64 02 39 97 45 ca e7 50 72 19 a4 6c 06 39 95 44 4a 9a 48 ba 0e 92 14 03 e2 79 44 ad 0e e1 52 19 ff e4 19 dc 57 0f e2 1d 38 82 68 b5 51 36 af 27 f3 2f 7e 8b f4 ef fd 16 72 3a f5 41 af ef bb b6 9f 3b 20 51 b3 4d 58 2a 13 16 4b 04 c5 05 a2 7a 03 24 19 b9 bf 80 3a 36 82 32 3a 8c dc 97 5f 5d 74 49 53 e1 5d f8 6e 11 04 44 8d 16 de ab 07 69 fd c5 ff c6 79 fe 65 e4 c1 7e fa be fc df 48 7d e6 13 31 88 bf 44 f6 fe bb ac 28 22 b2 1d c2 f9 05 fc 73 73 44 b5 06 00 72 3e 87 be 73 7b 0c 40 7f 21 de f1 ef 83 49 aa 8a 32 d0 87 f9 d8 23 48 49 93 60 b6 48 30 3d 8b f3 dc 4b 24 1f 7b 04 c9 34 7f 91 eb f9 9e ed 7d 03 44 58 36 61 a5 4a 30 3b 4f 58 ae 20 e9 3a ca f8 08 c6 ae 49 e4 7c 0e 29 95 bc ec e7 c3 48 e0 b8 01 7e 10 21 4b a0 a9 0a 9a 26 a3 2a 57 7f 5a f4 5b 6f 46 bf 7d 17 fe 99 69 a2 6a 03 e1 7a bf 62 80 08 41 d4 6c 11 2c 2c 11 ae d4 20 0c 51 fa 0b 68 93 5b 51 f2 39 50 ae cc 78 5c 3f e4 f4 5c 83 13 67 ab 34 1a 36 9a 22 53 c8 24 e8 cf 9b 0c 14 4c fa 0b 26 f9 ac 81 ae 5f f9 59 52 2a 89 ba 66 0c 49 53 51 06 0a bf94 81 fd da 00 09 43 a2 56 9b 60 a9 8c e8 74 91 d3 69 f4 ed 5b e2 58 a0 69 57 fd 98 85 9a c5 df 3f 77 86 fd 6f 2c 21 fb 11 a3 85 24 13 43 19 72 a6 81 88 04 8e 13 b0 5c b1 68 b6 5d 06 fb 4c 72 59 03 e9 72 31 21 08 89 ba 16 52 2a 85 7e e7 6d 48 89 5f 11 40 a2 76 87 b0 56 47 e9 2f 20 6f 5a ff 26 03 ba d2 e7 44 84 24 49 48 48 9c 2d b5 f9 af df 7a 9d 97 0e 16 19 37 34 36 0e a6 c9 26 75 f2 19 83 be 7c 82 a1 fe 24 b9 6c 02 49 12 34 5b 1e d3 73 4d 46 86 52 8c 0c a5 90 df 61 ac 70 79 05 ff d8 29 8c bb 6f c7 7c e4 81 5f ba 80 0e d7 08 88 9c 4e 23 67 33 57 64 43 02 81 1f 05 38 81 4b 28 02 0c c5 c0 54 0d ea 5d 9f ff f1 d4 71 9e 7c 75 96 7e 49 42 4b c5 b1 42 53 65 74 4d 21 a1 2b 98 09 95 4c 5a 43 92 24 02 5f d0 68 39 9c 38 53 45 51 24 86 07 2e a4 b3 96 1b 10 f8 01 d2 8f f6 20 5c 87 dc bf fb 3c ca d8 08 00 5e 10 31 bb d2 a1 eb f8 0c e5 4c 74 55 2697 d4 09 c2 88 4a c7 25 8a 04 83 59 93 a4 71 a1 4b 8c 22 c1 72 cb c1 f1 42 d2 a6 8a 2a 4b 34 2d Data Ascii: PNGIHDRdA'IDATxy\uoW{l"")di$Lf'AfgG812djM4TwWu;bK)dyF5{{wvAv:\[email protected]?_75"C.6!Bd_;@D l8NA;Bo%9lIU>)'S?"*.,KDQp\ @8.Q, raz3a|k{M=!BvJggfCRTd9EPrl9DJHyDRW8hQ6'/~r:A; QMX*Kz$:62:_]tIS]nDiye~H}1D("ssDr>s{@!I2#HI`H0=K${4}DX6aJ0;OX :I|)H~!K&*WZ[oF}ijzbAl,, Qh[Q9Px\?\g46"S$L&_YR*fISQCV`ti[XiW?wo,!$Cr\h]LrYr1!R*~mH_@vVG/ oZ&D$IHH-z746&u|$lI4[sMFRapy)o|_N#g3WdC8K(T]q|u~IBKBSetM!+LZC$_h98SEQ$. \<^1LtU&J%YqK"rB*K4-
Aug 20, 2020 21:55:39.268946886 CEST
11734 OUT GET /extension/cofaweb/design/cofaweb/images/icons/white_popin_cross.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
Aug 20, 2020 21:55:39.303288937 CEST
11768 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:29 GMTETag: "49a35a-107-595692c2ffb40"Accept-Ranges: bytesContent-Length: 263Vary: Accept-EncodingKeep-Alive: timeout=5, max=493Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 17 00 00 00 17 08 06 00 00 00 e0 2a d4 a0 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 00 20 63 48 52 4d 00 00 7a 25 00 00 80 83 00 00 f9 ff 00 00 80 e9 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 6f 92 5f c5 46 00 00 00 8d 49 44 41 54 78 da b4 55 49 0e 80 20 0c 1c 3e e5 89 17 71 f7 87 26 3e c5 57 98 f1 42 3c a8 98 b6 74 48 08 09 b4 d3 6d 68 0b c9 15 c0 0e 60 43 de aa 00 16 90 ac 24 8f 7e 22 61 df 78 af 8b 2c 60 92 18 3e cc 02 3f c1 67 0c 7c ea 99 05 bd c0 23 70 8f 81 5f b9 b0 a2 c5 81 68 c8 a6 c8 22 39 35 d7 c4 cb 86 e6 29 b6 87 6e 8d e4 d9 4f 64 82 cb 3c 97 e5 5c c6 16 19 cf 65 3f 54 d6 5b 64 5d 51 d6 cf 65 93 48 36 43 8b 72 fa 5f 03 00 06 60 e7 10 f0 a6 12 1f 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDR*pHYs cHRMz%u0`:o_FIDATxUI >q&>WB<tHmh`C$~"ax,`>?g|#p_h"95)nOd<\e?T[d]QeH6Cr_`IENDB`
TimestampkBytestransferred Direction Data
Session ID Source IP Source Port Destination IP Destination Port Process
5 192.168.2.4 49783 193.56.140.134 80 C:\Program Files (x86)\Internet Explorer\iexplore.exe
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 78 of 111
Aug 20, 2020 21:55:37.266864061 CEST
9262 OUT GET /extension/cofaweb/design/cofaweb/javascript/tac/tarteaucitron.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
Aug 20, 2020 21:55:37.306184053 CEST
9282 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:37 GMTServer: ApacheLast-Modified: Sun, 23 Feb 2020 13:03:11 GMTETag: "49a3b8-11e4e-59f3de072e1c0"Accept-Ranges: bytesVary: Accept-EncodingKeep-Alive: timeout=5, max=500Connection: Keep-AliveContent-Type: text/javascriptContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 33 66 32 0d 0a 1f 8b 08 00 00 00 00 00 04 03 d2 d7 ca 2a ce c9 cc 2b 51 48 2a ca 2f 2f 4e 2d b2 52 28 29 2a 4d d5 51 48 2d cb cc 81 b0 15 b4 f4 b9 b8 f4 f5 15 52 52 d3 32 f3 52 15 92 f3 8b 8a 52 93 4b 14 0a 12 4b 32 14 d2 f2 8b 14 d2 32 73 52 8b 15 32 f3 92 73 4a 8b 33 f3 f3 b8 ca 12 8b 14 8a 93 8b 32 0b 4a 8a 15 6c 15 52 f2 93 4b 73 53 f3 4a f4 d2 53 4b 5c 73 52 41 cc 62 a7 ca 90 c4 74 bf c4 dc 54 0d 75 88 42 75 4d 1d 2e 05 20 00 9b 69 0b d3 1d 0d a5 f5 72 52 f3 d2 81 12 ba 0a 86 b1 7a c5 45 c9 7a c5 05 39 99 25 1a ea f6 ea 9a d1 06 b1 10 9d 25 89 45 25 a9 89 a5 c9 99 25 45 f9 79 6e f9 45 c9 a9 ce 2e 7e 40 a3 34 70 48 d8 da 2a 94 e6 41 7c 94 a2 a9 60 af a0 ae ae 60 85 6e 08 44 2d c4 fc e4 94 3c 74 d3 e0 2a c0 a6 a9 ab 83 8c 01 79 00 e6 3c 7d 75 4d 3d 60 d0 26 a7 6a 18 e8 28 e8 1a 6a ea 65 e5 67 e6 81 85 15 b4 15 80 14 ba 85 30 e3 20 16 26 e6 14 a5 26 a6 54 fa 24 96 e6 25 83 c2 44 03 4d c0 16 cd 03 06 40 e3 50 94 40 8c 41 b7 21 39 d5 27 31 2f bd 34 31 3d 15 64 26 3e 59 74 0b d0 43 08 4d 03 ba 75 30 79 d7 8a 82 cc a2 54 74 cb 50 e5 08 59 85 a2 1c dd 22 a0 ac 73 69 71 49 7e 6e 48 6a 45 09 ba 3d 28 52 84 ac 41 56 0d b5 25 33 17 68 6b 66 01 c8 91 0a c6 86 a6 c6 66 06 60 00 95 45 d6 1a 50 94 ef 93 9f 98 12 9c 5a 54 06 8c f2 62 2c 2a fc f2 1d 53 9c 72 f2 93 b3 53 8b 80 a6 a5 25 e6 14 a7 5a 73 01 01 28 bf a0 28 04 ca 56 83 b5 2b 95 a5 16 81 b2 94 92 95 82 91 81 a1 85 a1 81 91 31 c4 5c 25 60 72 04 0a 02 49 28 bf 14 98 73 81 02 d5 b5 50 7e 0e 30 56 94 d0 3c 17 0f 12 84 ca 17 43 9d a9 84 a4 27 31 25 25 35 05 28 10 0d cd 52 4a 99 29 05 45 f9 40 45 c5 a8 c2 c5 25 89 25 a9 c8 02 39 e0 f4 86 2c 52 90 58 04 cc dd 25 40 d7 2b 21 59 90 59 ec 98 95 58 01 14 01 fb 1d 2a 58 94 9a 03 0c b6 90 8c d4 80 c4 f4 54 34 b9 d4 32 50 69 01 14 84 04 07 08 2b 65 e6 65 96 00 45 d2 80 56 96 00 83 46 41 43 13 6e 01 08 29 81 4c c3 21 0f a5 d0 8d 50 d0 00 3b b7 58 13 d9 1a 60 80 2a 14 97 14 65 26 97 28 59 c3 45 cb 80 31 95 5f 94 99 ee 5f 90 9a 07 8c 3a 98 30 4a 28 eb 81 0d 03 fb 1d 18 8f 60 4e 31 c2 84 cc 34 f4 8c 0c 4a 95 06 c8 56 83 68 34 25 0a 86 d6 28 d2 20 53 ca 33 f3 52 f2 cb f5 80 91 e6 0a 0a 25 9f cc e2 92 d4 bc d4 22 74 93 40 6c 1c 4a 35 20 61 a5 83 14 10 e8 ba 61 6c 54 1f 82 b4 69 68 5a a3 ab 04 73 51 55 02 23 33 27 29 31 39 5b 23 5a 1d 45 02 14 80 01 89 79 a9 39 ea b1 c8 d6 a7 02 eb 07 74 27 20 b3 41 f2 58 bc 91 0c 2c 64 b3 51 fc 01 4e 38 e8 26 a1 b3 51 5c a4 07 8c f0 22 cf 3c 60 b4 a5 25 26 a7 ea e5 c3 1c 88 ee 4f 74 36 d8 26 3d 60 01 01 a2 5d 52 d3 12 4b 73 4a d0 f5 20 33 6b 75 20 29 1c 5d 09 94 03 94 06 55 b9 e8 b2 0a 60 19 74 8d 30 1a 58 37 a3 47 31 3c 6c 80 55 68 7e 4e 0e 4a e0 a0 87 0b 88 0d 34 02 04 40 09 1c a2 23 20 1f 94 7c a1 c6 16 00 b3 66 a4 7f 5a 5a 71 6a 89 42 4d 0d a2 4a 87 31 a0 f5 ba 1e 44 6b 48 7e 81 0e 2e 0b 40 44 46 6a 66 7a 46 09 d0 82 4c 90 7b d0 bd 03 57 0a 4a e4 30 0b 90 1a 0f 4e 95 9e 29 1a a8 a9 c9 31 27 b5 a8 c4 29 33 1d 58 b1 2a 02 73 53 5e 69 4e 8e 82 9a 9a 82 22 8a 22 bd 0c a0 ad 01 45 99 65 89 c9 95 e8 21 00 62 43 6d 05 11 84 6c 46 18 8a Data Ascii: 43f2*+QH*//N-R()*MQH-RR2RRKK22sR2sJ32JlRKsSJSK\sRAbtTuBuM. irRzEz9%%E%%EynE.~@4pH*A|``nD-<t*y<}uM=`&j(jeg0 &&T$%DM@P@A!9'1/41=d&>YtCMu0yTtPY"siqI~nHjE=(RAV%3hkff`EPZTb,*SrS%Zs((V+1\%`rI(sP~0V<C'1%%5(RJ)E@E%%9,RX%@+!YYX*XT42Pi+eeEVFACn)L!P;X`*e&(YE1__:0J(`N14JVh4%( S3R%"t@lJ5 aalTihZsQU#3')19[#ZEy9t' AX,dQN8&Q\"<`%&Ot6&=`]RKsJ 3ku )]U`t0X7G1<lUh~NJ4@# |fZZqjBMJ1DkH~.@DFjfzFL{WJ0N)1')3X*sS^iN""Ee!bCmlF
Aug 20, 2020 21:55:38.372766018 CEST
9568 OUT GET /extension/cofaweb/design/cofaweb/images/icons/search_button.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 79 of 111
Aug 20, 2020 21:55:38.406089067 CEST
9579 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:29 GMTETag: "49a377-4e1-595692c2ffb40"Accept-Ranges: bytesContent-Length: 1249Vary: Accept-EncodingKeep-Alive: timeout=5, max=499Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 10 00 00 00 10 08 06 00 00 00 1f f3 ff 61 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 b2 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 30 2d 63 30 36 30 20 36 31 2e 31 33 34 37 37 37 2c 20 32 30 31 30 2f 30 32 2f 31 32 2d 31 37 3a 33 32 3a 30 30 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 52 69 67 68 74 73 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 72 69 67 68 74 73 2f 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 6d 6d 2f 22 20 78 6d 6c 6e 73 3a 73 74 52 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 52 65 66 23 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 70 52 69 67 68 74 73 3a 4d 61 72 6b 65 64 3d 22 46 61 6c 73 65 22 20 78 6d 70 4d 4d 3a 4f 72 69 67 69 6e 61 6c 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 43 38 44 36 45 30 42 37 30 38 32 30 36 38 31 31 42 38 34 30 46 44 38 45 39 39 30 46 39 30 39 46 22 20 78 6d 70 4d 4d 3a 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 41 30 37 43 45 42 41 45 31 31 34 34 31 31 45 32 39 35 32 31 46 44 34 39 36 34 30 45 30 31 42 38 22 20 78 6d 70 4d 4d 3a 49 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 41 30 37 43 45 42 41 44 31 31 34 34 31 31 45 32 39 35 32 31 46 44 34 39 36 34 30 45 30 31 42 38 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 53 35 20 4d 61 63 69 6e 74 6f 73 68 22 3e 20 3c 78 6d 70 4d 4d 3a 44 65 72 69 76 65 64 46 72 6f 6d 20 73 74 52 65 66 3a 69 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 30 35 38 30 31 31 37 34 30 37 32 30 36 38 31 31 39 39 46 34 45 41 42 37 41 42 31 37 46 44 35 35 22 20 73 74 52 65 66 3a 64 6f 63 75 6d 65 6e 74 49 44 3d 22 75 75 69 64 3a 32 42 43 39 44 32 35 45 36 46 45 46 45 31 31 31 41 32 37 45 42 30 31 41 34 43 43 36 31 32 38 32 22 2f 3e 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 20 3c 2f 72 64 66 3a 52 44 46 3e 20 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 20 3c 3f 78 70 61 63 6b 65 74 20 65 6e 64 3d 22 72 22 3f 3e c6 9f b2 66 00 00 00 c5 49 44 41 54 78 da Data Ascii: PNGIHDRatEXtSoftwareAdobe ImageReadyqe<iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:C8D6E0B708206811B840FD8E990F909F" xmpMM:DocumentID="xmp.did:A07CEBAE114411E29521FD49640E01B8" xmpMM:InstanceID="xmp.iid:A07CEBAD114411E29521FD49640E01B8" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:058011740720681199F4EAB7AB17FD55" stRef:documentID="uuid:2BC9D25E6FEFE111A27EB01A4CC61282"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>fIDATx
Aug 20, 2020 21:55:38.436109066 CEST
9666 OUT GET /extension/cofaweb/design/cofaweb/images/bg/search_input.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 80 of 111
Aug 20, 2020 21:55:38.469372988 CEST
9757 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:32 GMTETag: "49a2ad-46c-595692c5dc200"Accept-Ranges: bytesContent-Length: 1132Vary: Accept-EncodingKeep-Alive: timeout=5, max=498Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 96 00 00 00 0d 08 02 00 00 00 c4 c2 00 35 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 b2 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 30 2d 63 30 36 30 20 36 31 2e 31 33 34 37 37 37 2c 20 32 30 31 30 2f 30 32 2f 31 32 2d 31 37 3a 33 32 3a 30 30 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 52 69 67 68 74 73 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 72 69 67 68 74 73 2f 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 6d 6d 2f 22 20 78 6d 6c 6e 73 3a 73 74 52 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 52 65 66 23 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 70 52 69 67 68 74 73 3a 4d 61 72 6b 65 64 3d 22 46 61 6c 73 65 22 20 78 6d 70 4d 4d 3a 4f 72 69 67 69 6e 61 6c 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 43 38 44 36 45 30 42 37 30 38 32 30 36 38 31 31 42 38 34 30 46 44 38 45 39 39 30 46 39 30 39 46 22 20 78 6d 70 4d 4d 3a 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 41 30 42 31 31 43 35 42 31 31 34 34 31 31 45 32 39 35 32 31 46 44 34 39 36 34 30 45 30 31 42 38 22 20 78 6d 70 4d 4d 3a 49 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 41 30 38 44 31 38 42 39 31 31 34 34 31 31 45 32 39 35 32 31 46 44 34 39 36 34 30 45 30 31 42 38 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 53 35 20 4d 61 63 69 6e 74 6f 73 68 22 3e 20 3c 78 6d 70 4d 4d 3a 44 65 72 69 76 65 64 46 72 6f 6d 20 73 74 52 65 66 3a 69 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 30 35 38 30 31 31 37 34 30 37 32 30 36 38 31 31 39 39 46 34 45 41 42 37 41 42 31 37 46 44 35 35 22 20 73 74 52 65 66 3a 64 6f 63 75 6d 65 6e 74 49 44 3d 22 75 75 69 64 3a 32 42 43 39 44 32 35 45 36 46 45 46 45 31 31 31 41 32 37 45 42 30 31 41 34 43 43 36 31 32 38 32 22 2f 3e 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 20 3c 2f 72 64 66 3a 52 44 46 3e 20 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 20 3c 3f 78 70 61 63 6b 65 74 20 65 6e 64 3d 22 72 22 3f 3e 5e d8 18 ad 00 00 00 50 49 44 41 54 78 da Data Ascii: PNGIHDR5tEXtSoftwareAdobe ImageReadyqe<iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:C8D6E0B708206811B840FD8E990F909F" xmpMM:DocumentID="xmp.did:A0B11C5B114411E29521FD49640E01B8" xmpMM:InstanceID="xmp.iid:A08D18B9114411E29521FD49640E01B8" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:058011740720681199F4EAB7AB17FD55" stRef:documentID="uuid:2BC9D25E6FEFE111A27EB01A4CC61282"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>^PIDATx
Aug 20, 2020 21:55:38.817156076 CEST
10504 OUT GET /var/cofaweb/storage/images/ara-ma/home/home-slide-block/cover-my-risks/422833-6-fre-FR/Controler-mes-risques_slider_large.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 81 of 111
Aug 20, 2020 21:55:38.850887060 CEST
10537 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2013 15:17:22 GMTETag: "13a3cf-31002-4e941c7dae480"Accept-Ranges: bytesContent-Length: 200706Vary: Accept-EncodingKeep-Alive: timeout=5, max=497Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 06 d2 00 00 01 45 08 03 00 00 00 46 e6 89 7c 00 00 03 00 50 4c 54 45 c1 bc af 93 86 7d c6 c0 b4 af a7 9b b0 a8 9d 00 00 00 cd c1 bc ca b4 b3 9f a4 9b 92 76 6a 94 99 91 c1 b8 aa 52 73 b5 cd 5d 29 38 62 9b d7 a0 a1 92 7d 6d c8 bf b4 80 94 cd ef 82 0d b6 a9 9d ba b0 a6 78 91 ed 6c 82 d4 d4 89 6e af 62 49 93 8d 8b 6e 61 59 8b a1 ef 99 8f 8f 20 35 53 8c 3f 23 71 66 61 0d 08 07 b7 67 1c cc 7a 25 e0 7e 71 fa be 6c 04 05 05 9a 8d 83 ed ad 66 aa 6b 32 4f 69 89 69 5c 55 72 6b 68 3c 30 2b dd a8 72 ff b8 3f 18 15 15 a0 54 19 da a2 52 8b 6c 5b 69 86 a6 5c 7a 98 e5 b8 8b c5 92 56 05 05 06 b8 54 2d c4 9d 6a 12 0a 08 d5 8f 30 3b 50 6d 11 0e 0e 90 56 2d a8 b4 dc fa a1 2d a2 51 32 73 5c 4b 41 5c 80 cb 64 40 bd 7f 41 e7 c5 a5 fc b2 54 90 44 11 46 20 08 3a 1c 08 7a 39 18 9a a8 dc d2 af 8c cf 64 02 b2 86 5a d0 93 45 5a 28 0c 9b a8 ca 1d 13 0d 0c 0b 0a af cc dd 31 16 06 82 45 35 1e 1c 1c af 96 96 c1 cc e1 18 0e 0a 44 2b 1c c9 d7 e9 dc 73 5e df de e3 20 3f 62 32 24 1e d5 e1 ef cc 95 84 07 07 07 42 3b 39 ca b1 9b 09 08 08 c9 9e 7a 62 54 4d 55 3f 32 6e 30 08 2a 4a 74 bd ba b8 1f 10 08 b8 d7 e2 a6 8e 7a 5a 49 3f 2d 1e 15 52 32 20 d0 bc aa 23 18 10 b8 99 82 ed ec eb 81 38 05 c0 a4 8d 7d 6b 60 cf a6 83 67 47 36 d4 d3 da 2e 54 82 bd 5a 02 d8 d2 ce 5e 38 20 d4 c4 b6 b5 90 74 8b 73 66 ae 89 6a 50 51 50 83 96 b0 a2 95 8a d1 ca c4 a5 b5 c6 92 41 02 7a 86 98 e5 e0 dc 95 83 76 92 a5 b4 de da d7 af 78 57 82 90 a0 45 45 49 82 51 2d 8f 86 82 8f 9b ab 9d ae bb 25 14 09 9f 49 03 39 3c 45 b6 7d 63 8a 59 3b b7 84 6d ac 51 03 be c5 d8 2b 19 0c 7f 7d 7f 25 23 24 aa a1 9d bf 85 68 50 58 67 33 33 38 78 80 8b a8 a5 a7 63 63 65 a7 76 5f 95 75 5d 83 83 88 69 71 80 6d 53 42 6c 40 24 59 5c 5e 76 4e 33 2c 2b 2f aa 9e 91 9e 98 97 81 4a 22 46 4c 57 c6 c8 cb e0 e1 eb 81 5e 47 93 62 3d 7b 54 3b 88 7c 74 4d 52 5e a1 6f 58 90 64 49 af ba ce 79 63 55 74 78 7d ab 7e 65 89 65 51 9f 85 6e c3 8a 70 c6 90 79 d7 d8 e1 6f 71 74 d9 db e7 9f a2 ad a3 72 4d 9c 7d 65 b0 aa a4 f6 f7 f7 96 6b 53 88 89 90 74 47 29 c5 c2 c1 cc cd d2 57 5e 6b e4 e7 ee 93 95 9e 66 6a 72 99 69 46 62 6b 80 b0 a3 94 b8 c0 d1 82 77 6f 5e 64 70 e8 eb f1 ee ee f2 9c 9c a4 5d 66 7a f2 f2 f3 90 90 95 3d 46 54 7f 72 69 71 7a 8d b4 af ab 68 72 86 be bf cc b9 bb c7 af af b6 6d 76 89 c1 c2 d0 a8 aa b1 c4 c5 d3 b2 b3 bd c6 c8 d7 b5 b8 c3 d4 d7 e6 e9 e7 e4 cc cf de c8 ca da e7 e4 e1 b9 b5 b1 ea e8 e6 ca cd dc ce d1 e0 d2 d5 e3 d0 d3 e1 fc 12 85 7a 00 00 00 06 74 52 4e 53 e7 c8 c8 46 7d 00 e1 fd bf 91 00 03 0c ab 49 44 41 54 78 da ac 9d 7f 4c 95 57 ba ef 9b 7b 4f ad 53 a6 99 92 42 52 20 5e 89 cd 0d ce 88 ce b1 76 34 35 33 21 c5 cc 8c 26 c6 99 f9 e7 c6 69 72 52 6e 63 20 e0 39 24 25 43 38 83 68 da a0 a5 e0 d8 56 d9 17 4d 51 7b b3 8b fc d8 16 38 1c 60 b0 54 7e 54 6a b5 74 9f a1 12 a4 a0 14 5a 2c 02 d5 ed 70 f6 21 bd 67 e8 cd 3d f7 fb 3c eb c7 b3 d7 fb b2 a5 de b9 df b5 de f5 ae f7 c7 de f2 a3 7d 3f 7c 9f f5 ac b5 1f ca 48 5d 33 33 76 12 aa ae 1e 1e 6e 6e ae a9 f9 53 5f ca b3 eb d6 3d f6 14 6b dd ba ec ac ac ec ec ec 94 94 9f ff e6 e9 9d eb 37 6d da 53 56 56 b6 69 fd fa f5 9b f2 af e6 6f da b4 69 eb d6 Data Ascii: PNGIHDREF|PLTE}vjRs])8b}mxlnbInaY 5S?#qfagz%~qlfk2Oii\Urkh<0+r?TRl[i\zVT-j0;PmV--Q2s\KA\d@ATDF :z9dZEZ(1E5D+s^ ?b2$B;9zbTMU?2n0*JtzZI?-R2 #8}k`gG6.TZ^8 tsfjPQPAzvxWEEIQ-%I9<E}cY;mQ+}%#$hPXg338xccev_u]iqmSBl@$Y\^vN3,+/J"FLW^Gb={T;|tMR^oXdIycUtx}~eeQnpyoqtrM}ekStG)W^kfjriFbkwo^dp]fz=FTriqzhrmvztRNSF}IDATxLW{OSBR ^v453!&irRnc 9$%C8hVMQ{8`T~TjtZ,p!g=<}?|H]33vnnS_=k7mSVVioi
Aug 20, 2020 21:55:39.192116022 CEST
11574 OUT GET /var/cofaweb/storage/images/ara-ma/home/home-slide-block/coface-for-trade-ensamble-developpons-le-commerce-mondial/422841-18-fre-FR/Coface-for-Trade_slider_small.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 82 of 111
Aug 20, 2020 21:55:39.225857019 CEST
11637 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Wed, 22 Jan 2020 22:14:17 GMTETag: "620e8-d621-59cc1d86a0040"Accept-Ranges: bytesContent-Length: 54817Vary: Accept-EncodingKeep-Alive: timeout=5, max=496Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 82 00 00 01 44 08 03 00 00 00 1d 95 c9 12 00 00 02 fd 50 4c 54 45 00 00 00 bb ad af b5 b0 ba ba b1 b7 92 81 7e df b4 9c a9 85 71 4a 59 6b 27 38 53 89 79 72 ea b2 8e a8 8b 7e 3f 45 58 f2 b3 89 c4 95 75 81 70 6e 2a 3e 59 21 32 4d ab ad bf aa aa b8 a5 a5 b4 b1 ae be 7a 7c 92 1c 49 6e 04 43 73 06 39 68 00 32 64 01 2e 5c 01 28 54 01 2a 4e 02 26 47 4b 60 86 89 8e a4 9e 9c a8 b6 b0 bc 10 3d 6d 20 34 55 93 93 a0 49 50 60 0f 34 5b 01 2d 55 04 3a 62 03 23 3d 02 32 54 e1 cc cb 67 7b 88 38 50 75 23 42 60 31 45 5f 88 8a 95 71 6e 7f 65 6b 77 5f 71 84 10 31 56 1e 33 4e 4e 5e 6f 0a 33 56 0d 2f 50 69 76 7c 50 53 6d b1 ac b8 15 36 5d 3b 47 65 bb b0 ba 46 55 7a 2d 44 68 1e 44 71 18 2e 49 c4 b9 c1 19 3d 63 05 34 5c 56 68 79 11 2b 47 15 31 4f b0 a4 a2 86 7f 89 2d 50 77 40 4a 59 98 91 90 32 55 80 21 42 69 0f 3b 67 0c 3c 5c 5a 62 70 40 53 68 20 3a 5a 35 41 55 7d 75 80 69 62 73 36 4a 6e 6c 84 8f a2 99 98 17 35 56 13 42 73 53 56 7b 5f 57 6c 22 30 46 b1 a8 b1 2c 3b 50 2a 40 59 18 41 6d 1c 2c 41 0c 37 62 32 3c 60 16 1a 27 b8 ad b6 1a 26 38 2f 36 58 26 2e 3f 13 27 3d 29 4a 70 2e 32 41 13 20 32 42 4d 73 74 6a 74 bf b1 b8 49 3c 5b 2a 35 49 93 85 8b 20 4a 77 bf ae b1 c3 b2 b6 41 42 4e 35 37 4b 74 7d 80 c6 b2 b2 d1 bb b8 52 58 63 7c 6c 6a 81 72 71 8a 76 71 77 78 75 ac 9f 98 86 7b 7b 6f 70 6e 6a 5f 66 5f 61 62 68 69 69 cc b3 b0 7d 87 87 23 29 39 4e 4c 54 3c 36 56 2e 24 2d 5b 52 5c bf a7 a1 2c 2d 3a 53 44 65 28 29 36 c9 af ac 3e 3c 44 8b 8d 85 66 5a 5c 91 7f 7c 4b 46 48 bb a0 95 75 65 64 59 4d 4e a4 8f 8a e8 c0 b0 71 5f 5a af 94 8a 36 35 41 9e 89 83 65 55 53 d0 b2 ac db ba ac 38 2f 37 cf af a5 cb a6 93 1d 20 2d d6b0 a2 d5 b2 a8 fe cb a9 dc b1 a1 ff da b5 9e 84 79 e3 b6 a0 20 25 32 d6 ad 96 df b0 9a c7 a0 87 bd 9a 87 9b 7d 6f ad 8d 7b 55 59 54 f3 bc a0 94 79 69 88 6f 64 79 5d 48 80 68 5b e5 b4 9a f1 b9 9d fd c2 a1 ba 94 7c 48 37 3b e1 b0 94 db ab 8a f1 b8 98 af 8a 6a 59 43 43 c7 9b 79 d2 a4 83 ea b4 95 94 75 5c e7 b0 90 a6 85 71 ff ca 96 ff bc 96 ff c2 92 f7 ba 93 eb b1 8b e6 ad 83 ba 91 6f ec b4 90 6b 50 47 f3 b6 8e fe bb 8f a4 7e 62 dc a8 7e f8 b5 89 ef b2 8c d4 a2 72 f2 b7 78 ff c0 89 f1 b2 89 7d 4c 5e ff ce 83 fd b5 8c 8e 68 49 ff c0 7f e7 ac 71 cc 97 62 7d 3b 18 c4 70 23 fa 96 08 5d 36 36 a8 4b 1d 7a 3f 34 a6 7a 50 f9 69 06 58 2f 25 40 28 2b 6d 3a 45 d5 58 03 fe bc 2a f7 b1 64 ba 8c 58 ff ca 70 de a4 5f ff bf 74 ff bc 6a 49 86 80 ee a7 5e ff bb 61 7b 7e 54 6d 00 00 00 12 74 52 4e 53 00 49 83 bd 29 61 90 d2 44 5d 86 b8 7c b1 cc d0 a4 cf 9a 44 53 6e 00 00 80 00 49 44 41 54 78 da c4 fd 79 40 53 59 ba ef 0f 73 ce 3d bf f7 37 bc d3 7d 2d 15 11 a1 0b 64 14 35 88 12 41 05 c5 10 4c 50 28 a6 04 28 62 19 12 83 8a 4c 62 c7 01 94 49 11 54 52 02 8d 14 b3 0c 8a 82 43 31 08 44 b1 44 91 60 11 0a 94 41 0a 1c ea 14 7d aa ef bd dd 5d 5d a7 bb ab cf ef de 3f df e7 59 6b ed 9d 1d d4 1a ba ab ea ac 8c 64 22 79 3e eb fb 0c 6b af bd b6 cd 22 6c ef bc 03 e7 77 de 59 bc 78 f1 3b 4b 96 da 2e b3 5b be dc de de 7e c5 0a 07 c7 5f 2d 5a 84 0f 42 5b f4 ae 13 bc 6e 11 b9 bc 03 f7 df a1 cd f9 dd 95 f0 62 78 a5 a3 a3 8b d3 12 78 d9 12 57 b7 45 ee f6 f6 1e 9e 0e Data Ascii: PNGIHDRDPLTE~qJYk'8Syr~?EXupn*>Y!2Mz|InCs9h2d.\(T*N&GK`=m 4UIP`4[-U:b#=2Tg{8Pu#B`1E_qnekw_q1V3NN^o3V/Piv|PSm6];GeFUz-DhDq.I=c4\Vhy+G1O-Pw@JY2U!Bi;g<\Zbp@Sh :Z5AU}uibs6Jnl5VBsSV{_Wl"0F,;P*@YAm,A7b2<`'&8/6X&.?'=)Jp.2A 2BMstjtI<[*5I JwABN57Kt}RXc|ljrqvqwxu{{opnj_f_abhii}#)9NLT<6V.$-[R\,-:SDe()6><DfZ\|KFHuedYMNq_Z65AeUS8/7 -y %2}o{UYTyiody]Hh[|H7;jYCCyu\qokPG~b~rx}L^hIqb};p#]66Kz?4zPiX/%@(+m:EX*dXp_tjI^a{~TmtRNSI)aD]|DSnIDATxy@SYs=7}-d5ALP((bLbITRC1DD`A}]]?Ykd"y>k"lwYx;K.[~_-ZB[nbxxWE
Aug 20, 2020 21:55:39.295491934 CEST
11748 OUT GET /var/cofaweb/storage/images/media/images/coface-linkedin/856235-1-fre-FR/Coface-LinkedIn_small.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 83 of 111
Aug 20, 2020 21:55:39.329325914 CEST
11809 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Wed, 22 Jan 2020 22:09:19 GMTETag: "4a538-581-59cc1c6a6e1c0"Accept-Ranges: bytesContent-Length: 1409Vary: Accept-EncodingKeep-Alive: timeout=5, max=495Connection: Keep-AliveContent-Type: image/jpegData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d 38 32 3c 2e 33 34 32 ff db 00 43 01 09 09 09 0c 0b 0c 18 0d 0d 18 32 21 1c 21 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 ff c0 00 11 08 00 1c 00 64 03 01 22 00 02 11 01 03 11 01 ff c4 00 1a 00 00 02 03 01 01 00 00 00 00 00 00 00 00 00 00 00 00 07 04 05 08 06 02 ff c4 00 31 10 00 01 03 04 01 03 03 03 02 05 05 00 00 00 00 00 01 02 03 04 00 05 06 11 21 07 12 31 13 22 41 14 51 61 32 81 15 16 23 33 37 42 71 91 a1 b4 ff c4 00 1a 01 01 00 02 03 01 00 00 00 00 00 00 00 00 00 00 00 00 04 05 01 02 06 03 ff c4 00 22 11 00 03 00 00 05 05 01 01 00 00 00 00 00 00 00 00 00 01 02 03 04 11 21 41 05 12 14 31 a1 61 d1 ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 6d 58 73 bb 16 4b 7b 9f 68 b6 c8 75 c9 90 7b bd 74 a9 95 24 0d 2b b4 e8 9f 3c d4 8c a3 2f b2 e1 d0 5a 97 7a 94 58 69 d7 3d 36 fb 5b 52 d4 a3 ad 9e 00 f8 14 9e e8 c7 f9 6b 32 ff 00 77 bf f4 57 59 d7 2b d3 76 4c 5e de eb b6 7b 6d cd 2e 4c ec f4 e7 b6 a5 a5 24 21 47 b8 76 a8 10 78 d7 9f 04 d0 0c c8 b2 99 9d 0d 99 71 9c 0e 30 fb 69 71 b5 8f 0a 4a 86 c1 ff 00 83 5e dd 75 2c b2 b7 56 74 94 24 a8 9f c0 e6 92 72 ba b1 92 c4 cc 60 e3 56 8b 15 be 50 7a 14 75 30 c2 02 9b 57 7a d8 4a f5 be ee d0 84 93 f6 fd 23 cf cd 49 c7 3a 9b 91 ca cb a7 61 b9 75 ae 2c 59 ca 61 d2 da a3 6c 76 a8 36 57 a3 ee 50 20 a7 90 41 a0 18 98 9e 6d 64 cd 18 92 f5 95 f7 1d 44 65 25 0e 15 b4 51 a2 46 c7 9f 3e 2b a2 ac a5 d3 bc f7 f9 27 0a bd 26 12 12 fd e6 74 b6 5a 86 c9 1d da f6 9d ac 8f 90 36 06 be 49 1f 9a 62 5f fa 87 96 e2 56 ab 4d b2 e4 bb 73 99 3d dc 85 80 b4 86 d8 82 d9 3d a3 bc ef 95 6f 7b 24 e8 68 f9 d7 20 3a 68 a4 a5 9f a9 b7 db 3e 73 6f b1 64 37 5b 25 e6 15 c3 49 44 db 62 c1 0c ac 9d 00 75 f9 f2 08 f0 41 df c5 47 b6 75 0b a8 19 fe 41 70 386b 16 e8 f6 b8 2a 1a fa b4 ff 00 70 12 7b 42 95 e7 6a d1 3a 1a d7 df e6 80 66 d8 b3 bb 1e 49 78 b8 5a ad 92 1d 5c b8 1d de ba 54 ca 92 13 a5 76 9d 13 e7 9a 44 41 b6 5c f2 7b d3 8c 45 06 4c c7 4a dc 5a 9c 58 1c 03 c9 24 d5 c7 42 dc 90 f7 51 32 b7 65 b4 19 92 b6 96 a7 9b 07 84 2c bd ee 1f b1 d8 a3 a7 f0 57 71 cc 12 c2 26 ca 86 a0 d3 ab 0e c6 50 4a c6 be 39 04 6b f6 a9 f9 3a ed 9b a5 c1 59 d4 27 be f0 e5 f2 ff 00 87 35 3a 0c 8b 6c e7 a1 4b 6c b7 21 95 94 38 8d ef 46 a3 d3 46 26 03 6f bc 3f 92 48 9d 74 98 97 21 4c 71 b0 fb 8b 4a b6 02 02 bb d7 c7 3e 79 d6 bc 54 49 18 36 3f 71 c4 a5 5d b1 cb 9c 99 2e 43 4a 8b 81 e0 00 5f 68 da 86 b4 0a 4e b9 15 39 66 a3 d3 2b 6b 25 89 bb 5f bc ef b1 c5 41 bf dd ad ac 16 21 5c 24 30 d1 57 77 62 16 40 df df fe a8 aa ea 2b d9 e1 c3 dd a2 3a c5 b4 b4 4d 9d 0d a6 d1 d4 9c 3b 35 bf 5d ac 98 bf d4 89 cf ba 90 a900 14 94 17 4a 81 1a 58 3f 6a b0 cd 20 75 17 3c c2 5b 66 eb 8d 06 67 c7 b9 25 4d b3 19 3d bb 6b d2 50 2a 3b 59 ff 00 51 03 f7 ad 03 a1 f6 a3 43 ed 5c e1 d6 88 cb 46 19 91 47 eb 5d 9a f4 ed a9 e4 5b 98 84 cb 6e 48 25 3d a9 50 88 10 47 9d f0 Data Ascii: JFIFHHC $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222d"1!1"AQa2#37Bq"!A1a?mXsK{hu{t$+</ZzXi=6[Rk2wWY+vL^{m.L$!Gvxq0iqJ^u,Vt$r`VPzu0WzJ#I:au,Yalv6WP AmdDe%QF>+'&tZ6Ib_VMs==o{$h :h>sod7[%IDbuAGuAp8k*p{Bj:fIxZ\TvDA\{ELJZX$BQ2e,Wq&PJ9k:Y'5:lKl!8FF&o?Ht!LqJ>yTI6?q].CJ_hN9f+k%_A!\$0Wwb@+:M;5]JX?j u<[fg%M=kP*;YQC\FG][nH%=PG
TimestampkBytestransferred Direction Data
Session ID Source IP Source Port Destination IP Destination Port Process
6 192.168.2.4 49781 193.56.140.134 80 C:\Program Files (x86)\Internet Explorer\iexplore.exe
TimestampkBytestransferred Direction Data
Aug 20, 2020 21:55:37.271238089 CEST
9262 OUT GET /var/cofaweb/cache/public/javascript/46e71e606cfe330c0a3634fccabd47c4.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
Copyright null 2020 Page 84 of 111
Aug 20, 2020 21:55:37.308697939 CEST
9289 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:37 GMTServer: ApacheLast-Modified: Sun, 16 Aug 2020 00:00:05 GMTETag: "23c0cf2b-5c946-5acf356205ee1"Accept-Ranges: bytesVary: Accept-EncodingKeep-Alive: timeout=5, max=500Connection: Keep-AliveContent-Type: text/javascriptContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 37 61 31 30 0d 0a 1f 8b 08 00 00 00 00 00 04 03 e2 d2 48 2b cd 4b 2e c9 cc cf d3 48 d4 49 d2 ac 86 f1 14 92 2b 35 12 35 ab 8b 52 4b 4a 8b f2 14 d2 f4 32 8b c3 33 f3 52 f2 cb 81 82 f6 89 56 89 7a 79 f9 29 a9 21 95 05 a9 b6 b6 b6 96 f6 89 7a 29 a9 69 89 a5 39 25 61 99 a9 e5 35 35 89 7a 05 89 45 a9 79 25 10 1d 56 8a 86 b5 08 53 4b 81 06 54 67 a6 69 28 26 67 45 27 c6 6a 56 97 25 16 29 24 d9 26 eb 25 e5 a7 54 ea a4 d8 a6 69 28 d9 28 69 27 6a 2b d9 29 69 ea 25 16 14 a4 e6 a5 84 e4 6b 24 69 ea a4 da a6 e8 25 17 17 6b 28 a5 64 16 17 e4 24 56 2a 69 5a a7 e8 15 a5 e6 e6 97 a5 6a 68 5a 03 0d 04 b9 44 29 2f 3f 2f 55 a9 a6 06 cc 56 d2 ac 4e ce ae a9 d1 48 ce 06 1a 9f 5c 94 9a 58 92 ea 9a 93 9a 0b 74 97 86 52 66 5a 51 62 6e aa 92 a6 4e 72 b6 1e 98 e9 94 5f 94 92 5a 64 0b e4 96 67 a6 94 64 80 18 19 a9 99 e9 19 25 b6 06 9a 3a 49 50 97 38 67 64 e6 a4 00 cd 03 db a7 98 9c 53 53 a3 08 54 87 62 b4 66 72 8e ad 06 48 30 3f af 24 15 16 02 35 35 08 11 97 fc e4 52 b0 42 bd 14 28 4b 27 39 47 af bc 28 b3 24 55 43 23 4d af b8 b4 a0 20 bf a8 04 18 1c 15 be c0 10 ce b1 57 b2 51 04 2a 2c 01 86 b4 42 46 49 6e 8e 9d 92 15 d0 63 da 4a 36 60 8e 0d 28 d4 ec 40 de c8 d1 4b ce c9 2f 06 05 45 8a 2d 88 83 ec 26 60 88 83 14 80 d4 a2 78 24 05 14 aa 69 e0 50 4d d1 41 84 2b d0 bb 90 70 85 a8 02 7a b7 16 1c 57 b6 a9 b5 d0 d4 00 e6 22 c5 69 09 24 e9 80 a2 32 d9 b6 ba d6 3a 4d 2f 35 31 39 43 23 b9 00 e4 e9 e4 c4 12 90 ad 39 95 1a d1 b1 3a 40 a1 e2 9c cc e4 54 0d 03 a0 06 4d 1d 98 11 1a c0 a8 8a 2e c9 c8 2c 8e b5 4d ac d5 b4 86 59 83 64 45 31 48 49 a1 6d 12 92 50 11 50 a8 38 b5 24 24 33 37 35 bf b4 44 23 b9 58 c7 00 a1 b5 10 e8 b1 bc fc 72 0d 4d 24 0d 99 40 0d 25 45 95 b0 34 9d 97 5a ae 90 a8 e7 08 94 2c 4b 8d f0 4f ca 4a 05 fa 43 c9 37 33 b9 28 bf 38 3f ad 44 2f c2 d7 c7 23 24 24 40 09e8 fb c4 12 a0 6f 80 1e ac 45 32 2c 03 9b 61 20 3d 25 25 05 41 a9 85 a5 a9 c5 25 d8 35 26 01 03 2b 59 b3 1a 98 65 12 4b 12 dd 32 73 4a 52 8b d4 d4 34 92 6d 91 05 34 92 75 20 5c 50 0e d3 d4 b4 06 85 6c 8a 2d 42 a8 18 18 71 d5 b5 3a e9 3a 19 3a 99 c0 7c 91 93 9a 97 5e 92 a1 93 a5 93 6d 9b 12 6d 10 ab 93 a3 93 ab 93 a7 93 af 53 60 9d 96 5f a4 91 6e 6b 68 9d 6e 93 69 9d ae ad 0d ce 79 e9 c0 cc 61 a8 09 92 c9 50 c8 cc 03 ba 1a 18 49 65 a9 45 40 6b 8b 35 41 e9 2c 3f 4d 21 03 98 7d 8a 4b 8a 32 f3 d2 95 80 6e 4b 8d ce d0 2b c9 f7 c9 2f 4f 2d 72 4e 04 a5 31 60 2c 21 69 8a ce 88 d5 b4 ce b1 cd 06 db 9e 1e 0b ca 1b d9 40 2b 94 b4 94 34 b3 6d 73 ac 53 73 8a 53 15 80 62 39 8a 60 31 35 35 10 23 5b b3 3a d7 36 47 5b 49 41 49 3b 5b 27 cf 36 35 3a 37 16 98 6b a3 95 b4 40 02 60 23 14 f3 34 ab 0b 6c 93 c0 3e c8 07 b9 33 55 b3 3a cb 36 5f 0f 98 48 33 81 f1 a4 a0 04 ce 84 59 40 ef 02 ed 02 e6 44 28 0b 68 03 48 5f 6a 74 56 b4 61 2c c4 7c b0 71 05 9a d5 f9 40 d1 fc 58 9d 7c a0 2a 45 03 fb 3c db 02 ab 02 30 13 e8 c3 3c db 7c 4d eb 24 60 9e c9 ae 05 02 c5 3c 35 35 c5 02 35 35 60 32 2e 2a 02 5a af e4 97 af 00 f1 6e 31 28 06 d3 8a f2 73 81 e6 e6 ea 15 a5 02 33 0c 30 2d 03 6d d1 51 52 28 c9 07 ba 49 53 27 4f 11 6a 66 b2 6d 9e 7d 9e Data Ascii: 7a10H+K.HI+55RKJ23RVzy)!z)i9%a55zEy%VSKTgi(&gE'jV%)$&%Ti((i'j+)i%k$i%k(d$V*iZjhZD)/?/UVNH\XtRfZQbnNr_Zdgd%:IP8gdSSTbfrH0?$55RB(K'9G($UC#M WQ*,BFIncJ6`(@K/E-&`x$iPMA+pzW"i$2:M/519C#9:@TM.,MYdE1HImPP8$$375D#XrM$@%E4Z,KOJC73(8?D/#$$@oE2,a =%%A%5&+YeK2sJR4m4u \Pl-Bq:::|^mmS`_nkhniyaPIeE@k5A,?M!}K2nK+/O-rN1`,!i@+4msSsSb9`155#[:6G[IAI;['65:7k@`#4l>3U:6_H3Y@D(hH_jtVa,|q@X|*E<0<|M$`<5555`2.*Zn1(s30-mQR(IS'Ojfm}
Aug 20, 2020 21:55:38.334749937 CEST
9561 OUT GET /extension/cofaweb/design/cofaweb/images/bg/border_countries.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 85 of 111
Aug 20, 2020 21:55:38.368833065 CEST
9566 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:32 GMTETag: "49a2a8-441-595692c5dc200"Accept-Ranges: bytesContent-Length: 1089Vary: Accept-EncodingKeep-Alive: timeout=5, max=499Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 02 00 00 00 10 08 02 00 00 00 b3 ca 39 e3 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 b2 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 30 2d 63 30 36 30 20 36 31 2e 31 33 34 37 37 37 2c 20 32 30 31 30 2f 30 32 2f 31 32 2d 31 37 3a 33 32 3a 30 30 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 52 69 67 68 74 73 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 72 69 67 68 74 73 2f 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 6d 6d 2f 22 20 78 6d 6c 6e 73 3a 73 74 52 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 52 65 66 23 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 70 52 69 67 68 74 73 3a 4d 61 72 6b 65 64 3d 22 46 61 6c 73 65 22 20 78 6d 70 4d 4d 3a 4f 72 69 67 69 6e 61 6c 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 43 38 44 36 45 30 42 37 30 38 32 30 36 38 31 31 42 38 34 30 46 44 38 45 39 39 30 46 39 30 39 46 22 20 78 6d 70 4d 4d 3a 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 36 42 34 31 43 35 35 39 31 31 36 30 31 31 45 32 39 42 33 32 44 45 36 37 30 39 44 32 43 46 30 32 22 20 78 6d 70 4d 4d 3a 49 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 36 42 34 31 43 35 35 38 31 31 36 30 31 31 45 32 39 42 33 32 44 45 36 37 30 39 44 32 43 46 30 32 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 53 35 20 4d 61 63 69 6e 74 6f 73 68 22 3e 20 3c 78 6d 70 4d 4d 3a 44 65 72 69 76 65 64 46 72 6f 6d 20 73 74 52 65 66 3a 69 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 30 35 38 30 31 31 37 34 30 37 32 30 36 38 31 31 39 39 46 34 45 41 42 37 41 42 31 37 46 44 35 35 22 20 73 74 52 65 66 3a 64 6f 63 75 6d 65 6e 74 49 44 3d 22 75 75 69 64 3a 32 42 43 39 44 32 35 45 36 46 45 46 45 31 31 31 41 32 37 45 42 30 31 41 34 43 43 36 31 32 38 32 22 2f 3e 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 20 3c 2f 72 64 66 3a 52 44 46 3e 20 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 20 3c 3f 78 70 61 63 6b 65 74 20 65 6e 64 3d 22 72 22 3f 3e 96 d6 2e 9a 00 00 00 25 49 44 41 54 78 da Data Ascii: PNGIHDR9tEXtSoftwareAdobe ImageReadyqe<iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:C8D6E0B708206811B840FD8E990F909F" xmpMM:DocumentID="xmp.did:6B41C559116011E29B32DE6709D2CF02" xmpMM:InstanceID="xmp.iid:6B41C558116011E29B32DE6709D2CF02" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:058011740720681199F4EAB7AB17FD55" stRef:documentID="uuid:2BC9D25E6FEFE111A27EB01A4CC61282"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.%IDATx
Aug 20, 2020 21:55:38.380700111 CEST
9576 OUT GET /var/cofaweb/storage/images/ara-ma/home/home-slide-block/assess-market-opportunities/422853-6-fre-FR/Evaluer-un-marche_slider_small.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 86 of 111
Aug 20, 2020 21:55:38.415085077 CEST
9594 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Wed, 22 Jan 2020 22:14:17 GMTETag: "13a429-28be3-59cc1d86a0040"Accept-Ranges: bytesContent-Length: 166883Vary: Accept-EncodingKeep-Alive: timeout=5, max=498Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 82 00 00 01 45 08 06 00 00 00 e1 17 ea 85 00 00 80 00 49 44 41 54 78 da c4 fd 4d cf 6e 5b 96 25 06 8d 39 d7 da cf 7b ce bd 37 3e 32 ab b0 c1 c8 96 11 0d 04 34 40 a2 01 1d 5a 74 e8 d2 f4 cf a0 41 bf b2 45 37 53 42 98 06 96 c3 65 cb 18 01 22 05 06 64 04 54 40 ab c0 42 d0 40 74 4a 42 01 34 90 10 b8 a2 32 2b e3 9e 77 af 35 e7 a4 31 c6 5c fb 89 32 f5 91 55 91 99 21 55 45 e4 bd e7 bc ef f3 ec bd d6 fc 18 73 8c 31 ed 3f f9 2f fc cb 95 56 30 77 c0 80 9f 7e ff 33 7c 7c f9 0e 98 13 9f 48 64 15 86 4d 64 15 0c 85 aa 04 60 fc 7f 06 54 16 60 09 b3 82 45 c1 0c c8 02 2a f9 e7 cc 00 54 a1 aa 50 06 98 39 bc 0a 91 00 cc 50 b5 f9 73 30 f8 b3 6d c0 2b 81 4c 18 0a ee 86 2a 43 59 a2 60 fa 59 86 cd ff 0b 30 87 57 a2 2a 61 06 14 f8 bb a0 3f eb 95 40 15 a6 39 12 81 5d 05 98 03 fc 74 d0 df 80 c1 61 ee 28 38 ac 80 ca c0 30 87 17 00 14 ff 9c 1b 76 16 cc 1c c8 80 db 40 a1 00 04 cc 0d 11 0b 85 0b 89 e0 cf 80 21 33 30 7c c2 0d 70 03 a2 0a 70 47 26 10 99 40 01 af e1 d8 b9 61 6e c8 1d 80 01 59 05 37 be 13 33 43 e8 9f 03 c0 e5 8e b5 03 66 8e cc 80 fb c0 8e 40 15 80 32 b8 39 ca 81 b2 04 ca 50 95 08 0c b8 15 5e 6e c8 2c 04 f8 2e cc 0c 19 1b c3 07 22 36 1c ce ef 5a 85 40 61 fa 40 c6 c6 1c 93 df b4 7e 84 d9 80 61 22 b3 50 e0 7b 76 73 00 c6 ff bb 0c 81 82 c1 60 48 c0 0d 15 d6 ff 16 3e 0d 15 85 b4 c1 df 3f 06 b2 80 6b 38 ff 8e 0d b8 19 dc 0c 61 09 37 87 bb c1 31 80 31 01 4b bc c6 77 7c 2b 96 c8 d7 40 38 f0 d5 2f 0c 38 6a 4c 0c 33 24 1c 3e 27 7f 16 78 26 ca 80 00 30 7c 02 30 dc 28 8c e1 18 66 b8 fc c5 bf 63 06 37 a0 90 700c 7c 8b 85 d8 81 a9 e7 65 66 40 1a 32 6e 98 03 a3 0a 39 06 d6 0e b8 39 cc f9 4c 66 39 76 26 7f 56 15 e0 80 0d 47 ae 00 2a 74 fa 00 4b 43 1a 00 24 0a 80 1b cf 4d 65 a2 50 98 70 dc 48 78 f2 e7 f0 78 1b 50 c9 e7 97 85 e1 8e 2a c0 c6 e0 dd 72 7e a7 8f 31 70 65 c2 6b e1 37 df fe 14 7f f2 f9 a7 b8 ef 4f bc 30 f0 f1 fa 82 d7 c7 85 eb e3 2b 7e ff 87 9f e2 9f fb bd df c7 5f fb e1 07 fc de 5f fb e7 f1 f3 bf fe 33 fc fc 87 ef f1 d3 1f be 62 8c 09 9f 03 06 e0 4f ef 6f b8 3f 3f f1 a7 9f bf 41 ec c0 ba 6f ec b5 cf 67 1f 36 b0 57 00 66 70 07 2a 81 c8 42 c4 8d b5 16 7e 73 7f 22 76 20 b2 80 58 a8 2a 64 19 cc 0a 91 85 51 8c 03 bc ef 03 3e 1c 86 c2 f4 a9 fb ad 3b 1b 89 cf d8 d8 c9 98 34 0a 40 25 4a f7 21 8b f7 a1 f6 8d da 09 4b e0 ef af 4f ec d8 f8 bc 7f c4 5e 1b eb db c2 7d 7f c3 9f 7c fe 88 75 df c8 b8 b1 33 19 c0 50 f8 32 79 46 f6 be b1 32 81 31 10 5f 5e f8 8f 7e ff 33 fc fc cb 57 fc f5 1f 7e 86 9f fe f0 33 7c fd 70 c0 0c 66 8e 28 e0 32 43 44 60 0c de 89 d4 7b 2c f0 ce 4f 73 84 62 a2 43 ef d4 0c c30d 56 40 2a 96 0d 9f 28 24 cc 26 22 36 e0 fc 59 6e 06 98 c3 dc 50 59 98 ee 40 19 12 1b 55 05 2b c6 8d 8d c2 18 03 0e 63 3c a9 02 00 f8 18 88 bd 61 59 88 4a a4 e1 d7 13 c6 e0 e6 0e 7c 8c 0b c3 5c c1 3c 61 c5 c7 ce 83 6c fa 50 c6 5f 5a 05 14 13 48 15 0f 65 56 f2 85 21 61 63 c2 33 f5 40 06 12 a9 a3 c2 00 01 53 d2 30 c7 b4 81 b5 37 7c 0c 24 80 15 89 0f 77 0c 37 64 c5 09 d6 05 e7 e3 34 c0 cd 11 e0 8b 47 a4 62 fb 00 10 70 77 3e 30 85 7b 77 47 24 5f 44 15 c3 95 61 02 15 08 24 e6 18 c8 e4 4b 30 cb f3 b0 ab 12 69 06 77 43 64 31 08 38 e0 70 26 Data Ascii: PNGIHDREIDATxMn[%9{7>24@ZtAE7SBe"dT@B@tJB42+w51\2U!UEs1?/V0w~3||HdMd`T`E*TP9Ps0m+L*CY`Y0W*a?@9]ta(80v@!30|ppG&@anY73Cf@29P^n,."6Z@a@~a"P{vs`H>?k8a711Kw|+@8/8jL3$>'x&0|0(fc7p|ef@2n99Lf9v&VG*tKC$MePpHxxP*r~1pek7O0+~__3bOo??Aog6Wfp*B~s"v X*dQ>;4@%J!KO^}|u3P2yF21_^~3W~3|pf(2CD`{,OsbCV@*($&"6YnPY@U+c<aYJ|\<alP_ZHeV!ac3@S07|$w7d4Gbpw>0{wG$_Da$K0iwCd18p&
Aug 20, 2020 21:55:38.743489027 CEST
10430 OUT GET /extension/cofaweb/design/cofaweb/images/quickmenu/plus_minus_green.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 87 of 111
Aug 20, 2020 21:55:38.776794910 CEST
10449 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:29 GMTETag: "49a2eb-7d1-595692c2ffb40"Accept-Ranges: bytesContent-Length: 2001Vary: Accept-EncodingKeep-Alive: timeout=5, max=497Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 15 00 00 00 2a 08 06 00 00 00 5c 3b 10 ee 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 22 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 30 2d 63 30 36 31 20 36 34 2e 31 34 30 39 34 39 2c 20 32 30 31 30 2f 31 32 2f 30 37 2d 31 30 3a 35 37 3a 30 31 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 20 78 6d 6c 6e 73 3a 78 6d 70 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 22 20 78 6d 6c 6e 73 3a 78 6d 70 4d 4d 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 6d 6d 2f 22 20 78 6d 6c 6e 73 3a 73 74 52 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 78 61 70 2f 31 2e 30 2f 73 54 79 70 65 2f 52 65 73 6f 75 72 63 65 52 65 66 23 22 20 78 6d 70 3a 43 72 65 61 74 6f 72 54 6f 6f 6c 3d 22 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 53 35 2e 31 20 57 69 6e 64 6f 77 73 22 20 78 6d 70 4d 4d 3a 49 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 37 35 30 36 38 32 37 32 39 44 33 38 31 31 45 32 41 34 38 38 43 45 34 30 43 37 34 43 45 34 41 41 22 20 78 6d 70 4d 4d 3a 44 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 37 35 30 36 38 32 37 33 39 44 33 38 31 31 45 32 41 34 38 38 43 45 34 30 43 37 34 43 45 34 41 41 22 3e 20 3c 78 6d 70 4d 4d 3a 44 65 72 69 76 65 64 46 72 6f 6d 20 73 74 52 65 66 3a 69 6e 73 74 61 6e 63 65 49 44 3d 22 78 6d 70 2e 69 69 64 3a 37 35 30 36 38 32 37 30 39 44 33 38 31 31 45 32 41 34 38 38 43 45 34 30 43 37 34 43 45 34 41 41 22 20 73 74 52 65 66 3a 64 6f 63 75 6d 65 6e 74 49 44 3d 22 78 6d 70 2e 64 69 64 3a 37 35 30 36 38 32 37 31 39 44 33 38 31 31 45 32 41 34 38 38 43 45 34 30 43 37 34 43 45 34 41 41 22 2f 3e 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 20 3c 2f 72 64 66 3a 52 44 46 3e 20 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 20 3c 3f 78 70 61 63 6b 65 74 20 65 6e 64 3d 22 72 22 3f 3e 90 5c 02 dd 00 00 04 45 49 44 41 54 78 da ec 56 4d 6c 1b 55 10 de b7 bb f6 ae bd f1 5f ec 92 44 49 9a a4 0e 4d 93 9a 54 95 90 00 09 89 03 07 7a e0 86 54 a9 a2 6a 54 24 44 db 43 83 a0 5c 2a 21 e5 00 a8 07 a8 a0 42 48 14 0e a8 3d 22 90 a0 57 24 a0 52 9b 1c 8a 50 43 1c 27 6d 6d e7 07 3b 26 89 13 ff ee ae 77 fd f6 f1 c6 e9 6e dd ad 9d 98 08 41 0f 1d 69 f5 7e 66 e6 f3 bc f7 66 e6 33 3a fd cb 87 4c 2b 12 69 3f 78 60 66 23 3a d7 8a 2d db 4c 31 e8 7bfa 8c c8 f9 66 05 56 c0 74 Data Ascii: PNGIHDR*\;tEXtSoftwareAdobe ImageReadyqe<"iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c061 64.140949, 2010/12/07-10:57:01 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5.1 Windows" xmpMM:InstanceID="xmp.iid:750682729D3811E2A488CE40C74CE4AA" xmpMM:DocumentID="xmp.did:750682739D3811E2A488CE40C74CE4AA"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:750682709D3811E2A488CE40C74CE4AA" stRef:documentID="xmp.did:750682719D3811E2A488CE40C74CE4AA"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>\EIDATxVMlU_DIMTzTjT$DC\*!BH="W$RPC'mm;&wnAi~ff3:L+i?x`f#:-L1{fVt
Aug 20, 2020 21:55:38.828500032 CEST
10507 OUT GET /var/cofaweb/storage/images/ara-ma/news-publications/news/coface-realise-un-resultat-net-positif-de-11-3-m-au-deuxieme-trimestre-2020-et-poursuit-l-execution-de-son-plan-strategique/3037909-3-fre-FR/Coface-realise-un-resultat-net-positif-de-11-3-M-au-deuxieme-trimestre-2020-et-poursuit-l-execution-de-son-plan-strategique_news_small_headline.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 88 of 111
Aug 20, 2020 21:55:38.864114046 CEST
10614 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Thu, 06 Aug 2020 15:58:36 GMTETag: "47e312-c203-5ac378f9a8300"Accept-Ranges: bytesContent-Length: 49667Vary: Accept-EncodingKeep-Alive: timeout=5, max=496Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 18 00 00 00 5b 08 02 00 00 00 27 57 0d ad 00 00 80 00 49 44 41 54 78 da ec fd 77 dc 65 d7 55 1e 8e af b5 f6 3e f5 f6 b7 bf 53 35 a3 d1 8c 7a b1 64 35 cb 5d 36 16 ee 98 8e4d 20 40 48 be 01 82 09 2d 85 40 08 21 26 84 12 f8 12 e0 1b d3 4c 4b 6c 08 c4 36 b8 c9 72 c3 92 6c c9 96 d5 a5 51 9b fa f6 f7 d6 d3 77 59 bf 3f f6 39 77 94 bf 7f ff 66 3e b6 a4 99 b9 ef bd e7 9e b3 f7 5e 6b 3d cf b3 9e 85 df ff 77 ff 16 fe ef af ff fb eb ff fe fa ff ef 97 04 80 e7 fe ea b5 10 68 40 46 0b 00 00 88 c0 0c 08 0c 80 c0 06 01 01 c0 82 45 10 00 c0 80 88 cc cc 08 c0 40 80 8c cc 8c 80 80 6c dd df 03 00 30 00 32 03 03 20 31 32 41 fd 22 66 00 00 04 64 74 7f 0b c0 c0 cc 04 68 19 01 2c d6 57 86 08 6c eb 17 32 80 e0 e6 af 18 10 00 11 2c 03 20 03 03 01 58 44 06 46 00 64 b0 00 e8 3e 04 19 18 11 c0 d6 7f 69 00 10 01 18 91 01 c9 5d 09 80 75 9f c0 c8 04 c0 16 98 10 98 eb cf 42 44 46 60 0d 24 b8 fe 56 00 04 60 19 98 81 10 00 c1 5a 00 44 66 26 00 04 30 88 cc 8c 08 84 0c 96 00 c0 02 23 20 62 fd 0e ee 07 91 c1 10 a0 45 77 4b 01 80 2c 30 32 10 20 00 d4 df 03 eb cf b4 4c 47 5b e3 85 ae 57 69 fa db 3f f8 69 5f 98 e3 27 5f 51 a4 79 52 ea 57 dd f3 de 77 dc 79 99 14 16 05 06 41 f0 ef 7f ed 43 0f 3f fa f5 93 cb f0 1b bf fe 3b 3b 7b c3 9f fc 97 3f b2 b7 b7 f5 ad ef f9 d6 5f f8 a5 df f8 c5 9f ff d7 7f f5 e1 0fad ae ae ff e1 9f fc e5 99 33 e7 7f fc c7 7e 68 36 4b 7f fd d7 7e fd 95 77 dc f5 be ef fd 81 33 67 37 be e9 ee bb 6e b8 fe ba 5f ff ed df 5f 5b 59 5d 5e 1a dc f2 ca 9b fe ee 13 f7 6e bc f4 f4 cf ff c2 cf dd f5 9a 6f 7a f7 3b df 62 aa e4 c3 7f fd b1 a7 9e 7e e9 67 7e ea 9f de 70 d3 cd bf f9 9b bf fb ff fd d9 47 ff f2 0f 7e e3 df fe 9b 9f ba e5 b6 d7 bf eb 9d 6f 3d 75 f9 81 df fe 9d 3ffa ed df f9 dd 8f fd ed 9f fd c2 bf ff e5 37 7f d3 3b 37 2e 5e 14 9e 04 40 cb 46 29 65 99 3f 78 5f be 97 ca 76 58 3f 26 70 4f 96 01 dc 4a 03 70 4b 87 b0 59 1f ee d1 80 15 ec 1e 88 7b 3a 08 ec 1e 11 00 a0 45 26 4b ee 8f 81 01 b1 59 1c 00 00 84 00 c0 16 10 19 11 a1 5e 95 6e 09 02 23 93 41 46 40 42 eb 9e 17 0b 26 0b cc c4 c2 bd 04 00 dd a6 00 46 02 6b 01 81 dc 26 41 00 9d 07 27 bf fd 3e 02 00 46 22 44 60 04 02 20 b2 08 4c c8 08 08 80 4c 08 44 40 12 48 00 31 92 bb 46 02 22 26 c0 7a 6b 20 00 02 00 12 00 ba c5 05 04 08 88 48 80 68 09 2c 30 21 59 04 f7 0e 80 6e d5 03 20 33 01 13 08 20 44 02 12 08 84 88 00 08 2c 08 11 88 01 48 b2 00 10 04 24 98 08 d1 12 b8 4f 73 ff b6 88 80 80 d8 6c 31 44 74 ab 1d 11 10 01 09 d1 5d 95 00 22 77 5b d1 dd 04 c4 fa 04 00 62 72 2f 95 48 08 88 88 84 48 88 68 11 2d a2 40 04 62 26 04 44 20 eb be 1a 12 30 31 bb 8f 03 89 80 04 2c 90 10 24 02 21 20 10 10 20 82 c0 7a 8d 20 20 01 12 11 00 22 a1 04 02 44 12 48 08 04 c8 02 80 08 01 81 09 80 dc 25 01 10 5b 04 49 c6 47 23 82 30 4f 67 59 32 96 32 00 d6 80 60 ac d1 ba 52 56 03 b9 6d 0f 41 10 79 a2 5d 94 65 9a 25 51 ab 25 84 30 ca 4c 66 53 49 18 04 a1 65 aa 94 ca f3 62 30 58 ec 76 7a c0 6a 3a 9b 0c 06 4b 6c 72 a8 c6 a3 f1 88 a4 8c e3 8e 01 ae aa 32 f4 7c 2f 88 c0 ef 4d a7 79 af db 6e f7 16 f3 52 ef ed ed f6 06 6d 00 48 67 13 a3 55 3b 0c c0 a6 7b 3b 5b 83 c1 a0 d3 8e d3 34 51 aa 18 0c 06 00 90 24 53 21 Data Ascii: PNGIHDR['WIDATxweU>S5zd5]6M @H-@!&LKl6rlQwY?9wf>^k=wh@FE@l02 12A"fdth,Wl2, XDFd>i]uBDF`$V`ZDf&0# bEwK,02 LG[Wi?i_'_QyRWwyAC?;;{?_3~h6K~w3g7n__[Y]^noz;b~g~pG~o=u?7;7.^@F)e?x_vX?&pOJpKY{:E&KY^n#AF@B&Fk&A'>F"D` LLD@H1F"&zk Hh,0!Yn 3 D,H$Osl1Dt]"w[br/HHh-@b&D 01,$! z "DH%[IG#0OgY22`RVmAy]e%Q%0LfSIeb0Xvzj:Klr2|/MynRmHgU;{;[4Q$S!
Aug 20, 2020 21:55:38.912134886 CEST
10791 OUT GET /var/cofaweb/storage/images/media/images/cfcim-mod/2789762-1-fre-FR/CFCIM-MOD_small.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 89 of 111
Aug 20, 2020 21:55:38.946805954 CEST
10959 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:38 GMTServer: ApacheLast-Modified: Wed, 22 Jan 2020 22:14:19 GMTETag: "17a40c-22cd-59cc1d88884c0"Accept-Ranges: bytesContent-Length: 8909Vary: Accept-EncodingKeep-Alive: timeout=5, max=495Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 64 00 00 00 42 08 06 00 00 00 a1 17 73 7f 00 00 22 94 49 44 41 54 78 da ed 9d 79 90 65 57 7d df 3f 67 b9 f7 be bd f7 bd 7b b6 9e 7d 1f 49 a3 5d 02 a4 18 0c d8 b8 1c 1c 16 9b 72 30 e5 d8 84 24 8e 53 4e 95 ed 38 81 b8 6c c0 71 42 25 b1 63 c7 76 70 a5 20 56 12 64 20 62 11 18 81 22 21 8d 10 d2 8c 66 9f 9e ad 67 7a 7a 7a 99 de 97 b7 de ed 9c 93 3f 5e cf 48 4a fc 07 25 48 f5 50 70 aa ba ba de bb ef f5 3d f7 7c cf f9 fd be bf b5 85 73 ce f1 e3 71 db 0c bd de 13 78 23 23 c5 81 15 28 c0 0a 90 58 1c 90 0a 87 44 20 11 58 6b 11 42 82 10 38 e7 d0 42 ac f7 b4 bf a7 a1 7f 18 0f 88 c1 22 9d c0 19 81 93 0e a7 0c 61 62 50 ca 43 38 03 48 04 20 24 38 9a cf f7 c3 f2 9c 3f 94 27 44 1a 83 49 22 3c e5 e1 52 4b aa 3d 90 02 9d 38 04 0a a1 24 52 40 1a 27 80 43 79 1e c8 f5 9e f5 f7 f8 6c eb 3d 81 37 32 84 01 a1 25 4e 5a 94 1f 30 b6 50 26 0e 53 44 9a 90 4a 08 a5 a5 26 12 5c a0 d0 5a 23 8c 59 ef 29 7f cf e3 87 12 10 10 d4 75 86 99 58 f3 c4 d3 23 7c ec 4f fe 3b 0b d7 26 59 fa ce 8b d8 b9 39 3c 67 b0 2e a5 91 34 b0 d2 82 fe e1 79 cc 1f 3a 91 25 04 58 07 c7 c6 a7 f8 8b cf 7c 9d ef 3c 7d 1d d3 e3 13 3f b0 c4 f8 7f fc 34 b2 d0 c5 d6 5f f8 19 32 f7 ef 47 b6 14 40 48 52 e7 50 fc 90 28 f5 f5 9e 00 00 76 4d a4 08 81 10 02 07 58 e7 10 c2 e0 84 02 2b 91 38 84 14 d4 22 c3 63 5f 3c c2 1f 7c fe cb 4c ae c4 88 b8 9d 0e bf 03 8d a6 6d 7a 81 70 72 82 91 f3 63 94 de 7a 2f 9b 3f f2 7e dc a6 0d b8 34 45 6b f0 84 00 27 31 48 90 02 e9 0c 02 09 08 8c 05 29 9a 80 e3 6c 93 11 ac c3 b8 2d ce b2 58 fb b1 c6 10 c5 11 0e 87 71 16 67 62 c2 38 25 76 02 37 37 c7 e4 53 df 62 f9 fc 15 be 75 fc 0a d7 a6 03 ac 2a a0 bd 1a 3a 8d 89 85 20 09 04 ae e0 93 9d af 50 7f fe 24 95 f9 45 fe ec 89 af 31 72 69 0e 6b 1c a9 4d 21 4e 69 18 c7 6a 9a 62 53 83 4d 62 70 37 99 18 d8 24 01 97 ae db 5a dc 16 80 84 56 52 4b 1d 4e 7b 38 a9 30 0e a4 94 94 b5 42 37 2c e1 0b a7 99 f8 f8 9f 31 f6 cf 7e 1f 4e 1e 65 cf ee 1e b2 39 81 31 06 2b 25 c6 26 d8 c8 e0 9c 22 4c 13 62 3f a1 78 68 07 e7 42 cb 7f f8 cc 57 f8 fb 1f ff 2c bf ff d9 23 9c 99 aa 13 6a 1f 61 2c 79 a3 50 91 8f 14 12 9c 43 ae ad 84 50 1a eb d4 ba ad c5 6d 21 b2 b4 06 e5 24 d6 24 f8 5a 02 0e 70 c8 e9 39 96 fe e2 cb 5c 7f e2 6f 08 2a 55 06 57 12 ea 2f 9e e5 de f7 fd 1c 1d 79 41 bd 02 a9 74 e0 3b 4c 14 e3 22 f0 2d 84 19 4b e9 c0 6e 1e bb 30 cd ac ed 62 72 b2 ce 9f 7e e1 6f d8 34 10 30 7c 2d 4f d0 df 4a b2 75 0b 4a 1a 94 94 48 29 49 53 8b 75 0e df d7 58 b3 7e fa e6 36 38 21 0e 6d ea 78 24 38 93 92 18 b8 3a b9 c4 f1 91 09 6a 67 c6 58 f9 fc 93 f4 2f 2c b2 aa 63 6e 64 02 ec f1 19 0e 39 c5 ce be 56 a4 53 38 04 ca 03 61 2c 22 76 64 50 b8 96 16 ea 9b b6 f0 f2 e9 49 a2 b9 98 8c 2f 78 cf 03 07 78 74 b1 c6 c4 47 7e 87 1b bf f5 6f 59 fd c2 57 b1 8b f3 a4 4e 90 5a 50 4a e2 69 85 35 76 bd d4 c7 ed 02 88 c0 3a 49 92 42 dd 05 7c ed bb 97 f9 17 ff e9 0b fc c3 4f 3c c6 f9 42 07 de 5b 1f 22 96 92 fe 86 87 d6 8a b9 f9 2b 84 d7 4e f3 e6 3d 3b f1 ad 46 0a 49 92 86 68 21 31 d6 92 68 47 eb 9e 5d bc 62 1c 47 ce 8f 53 d4 9a 3d 3b 4b fc e2 be 01 82 bf fc 6b a2 ea 32 f1 b7 cf 11 7f e2 73 2c 5f 1e 63 ae 1a 11 59 08 c3 18 89 c3 a5 09 c2 d8 1f 65 40 c0 a8 0c 46 Data Ascii: PNGIHDRdBs"IDATxyeW}?g{}I]r0$SN8lqB%cvp Vd b"!fgzzz?^HJ%HPp=|sqx##(XD XkB8B"abPC8H $8?'DI"<RK=8$R@'Cyl=72%NZ0P&SDJ&\Z#Y)uX#|O;&Y9<g.4y:%X|<}?4_2G@HRP(vMX+8"c_<|Lmzprcz/?~4Ek'1H)l-Xqgb8%v77Sbu*: P$E1rikM!NijbSMbp7$ZVRKN{80B7,1~Ne91+%&"Lb?xhBW,#ja,yPCPm!$$Zp9\o*UW/yAt;L"-Kn0br~o40|-OJuJH)ISuX~68!mx$8:jgX/,cnd9VS8a,"vdPI/xxtG~oYWNZPJi5v:IB|O<B["+N=;FIh!1hG]bGS=;Kk2s,_cYe@F
Aug 20, 2020 21:55:39.022041082 CEST
11213 OUT GET /var/cofaweb/storage/images/ara-ma/news-publications/422745-82-fre-FR/Actualites-Publications_menu_portrait.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 90 of 111
Aug 20, 2020 21:55:39.056446075 CEST
11336 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Wed, 22 Jan 2020 22:13:25 GMTETag: "418451-c17a-59cc1d5508b40"Accept-Ranges: bytesContent-Length: 49530Vary: Accept-EncodingKeep-Alive: timeout=5, max=494Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 e7 00 00 00 c1 08 06 00 00 00 34 01 a7 0b 00 00 80 00 49 44 41 54 78 da ec fd 77 b4 1f 57 76 df 89 7e 4e a5 5f 4e 37 e7 80 9c 03 01 e6 d4 ec 66 b3 b3 5a 2d 2b 67 59 c1 41 96 fd e6 f9 79 de f2 cc f2 2c cf d8 b3 de 7b 6b c6 33 f6 72 96 25 59 92 d5 b2 42 4b ad 6e aa 13 9b a1 d9 24 c1 08 80 20 72ba 39 87 5f ce 55 75 ce fb a3 ea f7 bb f7 02 17 c0 bd 24 00 b2 d5 d8 58 17 04 7f b7 7e 55 e7 54 d5 3e 7b 9f bd bf fb bb c5 df fb d6 3f 53 dc 93 7b f2 03 24 02 81 2d 1d 42 46 80 bf b5 fb 33 3c d6 77 04 4d 68 1f f6 b0 6e bb fc cd 9b d1 3d f9 1b 2f 0a cf 9e b4 84 92 b4 87 5a fe 46 2a 26 dc 53 ce 7b f2 03 26 02 81 52 0a 01 74 45 db 69 0f a7 ee d8 b5 14 a0 94 f7 f3 61 c83d e5 bc 27 3f 70 22 51 18 9a 41 7b a8 85 90 11 bc 23 d7 50 4a c1 87 bc e1 33 3e dc cb af 15 6f 3d 04 f1 61 df 95 7b f2 9115 85 42 29 45 d8 0a d1 1a 4e 62 ea b7 ff 15 56 4a 01 02 21 3e dc b9 7e a8 96 53 01 72 95 2a ea 48 4c 25 d7 28 67 43 61 ef c9 3d 01 7c 6b a6 88 98 21 52 c1 24 86 76 27 ec cb 87 af 98 f0 21 5b 4e 4b 49 10 50 47 47 a1 68 53 15 5a 65 85 71 2d 4e 41 58 e8 28 2c 5c 1c b4 7b b6 f4 9e 00 0d cb 09 41 23 48 3c 10 bd ed c1 20 e5 ff 2d 15 9c be 34 c1 f7 df 39 4f a1 52 a5 23 15 e7 93 8f 1c 60 b0 bb ed ae cd f5 43 b1 9c ca ff 49 aa 1a 3b dd 34 71 55 c3 45 23 a8 1c 92 aa d6 54 c5 6e 59 62 c8 cd 63 2a 89 bc 67 41 ef 89 2f 0a 85 65 98 84 8c c0 fa bf 57 d7 ff 6c e2 e4 08 21 f8 ce 6b a7 f8 7b ff e2 77 98 59 4c d3 1a 8f 70 f6 d2 04 53 73 cb d7 9d ff 06 a7 b8 e9 f5 9b bf e7 e6 41 a7 bb 6e 39 bd 01 09 5c 04 75 a1 d1 e2 56 29 0b 93 b4 16 62 49 84 90 9a a0 24 4c 2c 5c 06 65 9e b2 30 71 84 77 3c 70 cf 86 fe 90 4b e3 e9 1b 42 47 17 fa da df f9 2e af f8 00 3e a9 10 50 ae d6 f9 8f 7f f6 5d 0e ed 1a e2 5f fc d6 4f 63 e8 1a 8e e3 22 34 d1 3c 66 e5 9a d7 5f 4f 34 ff ba c1 35 ae fd bd 58 51 d0 d5 a7 ba eb ca 19 c0 c5 52 92 b2 30 c8 89 00 e7 f4 56 34 a1 e8 92 25 e2 aa 46 48 d9 18 52 52 c1 60 5e 84 59 d4 42 d8 68 04 90 18 b8 d8 e8 f7 d4 f3 87 5d 04 68 62 bd 7d e1 fa 6f 46 ad 6e b3 9c 2b e2 38 2e f1 48 88 44 2c 8c 10 1e 90 21 5f 2b a2 09 8d a8 15 c6 f4 f7 af cb b9 22 d3 73 cb 3c 79 64 37 0a 85 eb 4a 0c 43 47 4a c5 72 ae 48 b9 52 23 14 b4 48 c5 23 e8 9a b6 46 a9 6a 75 9b 74 ae 88 2b 15 89 68 88 68 38 d4 fc 5d a9 52 23 9d 2b 22 84 a0 35 19 25 14 b0 56 a6 24 3c 45 57 6a 65 5e 77 55 39 15 82 a8 aa b3 cd cd 91 17 16 97 f5 14 59 2d c0 21 67 81 23 ce 3c ad b2 82 26 14 2e 1a 33 5a 94 b7 8c 2e 4a c2 a4 45 55 19 94 05 8a 98 4c 68 31 ea 42 bf 67 41 ef c9 0d 64 45 63 95 52 bc 72 fc 02 7f f8 b5 ef 51 ad d6 31 4d 83 4a a5 c6 81 dd 43 fc ca 97 9e 62 4e ce f3 fa f4 bb 3e da 28 c8 27 86 1e a4 37 dc c5 9f 7e fb 18 d3 e9 1c df 7a e3 34 d9 52 85 9f fd cc a3 b4 26 a2 fc 97 3f 7f 9e 53 e7 47 09 04 4c 6c db 61 d7 d6 3e 7e e3 27 3e 49 4f 87 97 6b 3d f6 ee 25 7e ef 2b 2f 90 2f 96 09 06 2c 50 92 9f fa fc e3 7c fa d1 43 fc f5 cb c7 f9 da f3 6f 22 84 40 4a 85 ae 6b fc e2 97 9e e2 f1 23 bb 57 8d 78 ed 82 a3 df ff f3 4f fe f3 bb 75 db 14 02 47 68 04 94 43 50 b9 d4 84 ce 7e 77 89 67 ea e3 0c cb 3c 31 ea 44 95 4d 5c d9 74 ca 32 09 55 27 23 42 04 94 4b 8b ac b2 a4 85 c8 69 01 04 dc db 81 fe Data Ascii: PNGIHDR4IDATxwWv~N_N7fZ-+gYAy,{k3r%YBKn$ r9_Uu$X~UT>{?S{$-BF3<wMhn=/ZF*&S{&RtEia='?p"QA{#PJ3>o=a{B)ENbVJ!>~Sr*HL%(gCa=|k!R$v'![NKIPGGhSZeq-NAX(,\{A#H< -49OR#`CI;4qUE#TnYbc*gA/eWl!k{wYLpSsAn9\uV)bI$L,\e0qw<pKBG.>P]_Oc"4<f_O45XQR0V4%FHRR`^YBh]hb}oFn+8.HD,!_+"s<yd7JCGJrHR#H#Fjut+hh8]R#+"5%V$<EWje^wU9Y-!g#<&.3Z.JEULh1BgAdEcRrQ1MJCbN>('7~z4R&?SGLla>~'>IOk=%~+//,P|Co"@Jk#WxOuGhCP~wg<1DM\t2U'#BKi
Aug 20, 2020 21:55:39.113658905 CEST
11516 OUT GET /extension/cofaweb/design/cofaweb/images/bg/triangle_mask_dp_grey.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 91 of 111
Aug 20, 2020 21:55:39.147209883 CEST
11545 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:32 GMTETag: "49a2c2-102a-595692c5dc200"Accept-Ranges: bytesContent-Length: 4138Vary: Accept-EncodingKeep-Alive: timeout=5, max=493Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 d2 00 00 01 d2 08 06 00 00 00 99 ee 95 f6 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 00 20 63 48 52 4d 00 00 7a 25 00 00 80 83 00 00 f9 ff 00 00 80 e9 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 6f 92 5f c5 46 00 00 0f b0 49 44 41 54 78 da ec dd cd 8b 5e e7 7d 06 e0 d1 9c a3 f7 1c d7 52 71 54 37 32 21 32 c1 2d 45 a2 68 02 2d 26 72 28 0d d8 14 25 05 83 08 14 6d ba e9 c2 9b 2c bc e9 a2 9b c1 84 d0 8a d8 11 a2 13 b9 52 dd b4 fd 0f fa 47 95 50 4c 70 b1 89 63 2b f6 9c e7 a3 8b 9c a4 b6 2c c9 33 e7 77 66 de af eb da d9 89 ac d1 f3 fa d6 2d 9f c3 dc cf 99 f7 df 7f 7f 07 98 a6 ef fb 6b 29 a5 ff da 75 14 30 5d ce f9 9d 52 ca 1f 0a 12 4c 6f a3 4b 29 a5 ab a5 94 b3 82 04 13 95 52 ee d7 5a cf ec ec ec ec 08 12 4c 6b a3 45 4a e9 fa 6f ff 5a 90 60 82 5a eb 4f 4b 29 ed 6f ff fa 8c a7 76 70 7c 4d d3 3c c8 39 3f a5 91 60 a2 ae eb 5e ff 6c 88 34 12 4c d0 b6 ed bb 29 a5 e7 3e fb f7 34 12 1c 43 df f7 af 3e 1c 22 41 82 63 ca 39 bf f9 a8 bf 2f 48 70 f4 36 ba 9c 52 ba 22 48 10 50 4a b9 5b 6b dd 11 24 98 de 46 e7 86 61 78 f9 71 ff bb 20 c1 d1 da e8 7e ad f5 b1 79 f1 f8 1b 8e 60 77 77 f7 93 52 4a a7 91 60 a2 ae eb f6 9f 14 22 8d 04 47 d0 b6 ed 7b 29 a5 67 9f d8 58 8e 09 1e af ef fb 9b 5f 16 22 41 82 2f 91 73 be 75 a4 ff 86 72 54 f0 d8 36 da 1b 86 e1 05 41 82 80 52 ca bd a3 fe 7f 05 09 1e dd 46 17 87 61 78 49 90 20 d6 46 77 9f f4 02 56 90 e0 cb db 68 91 52 ba 71 9c 1f 23 48 f0 90 5a eb 1b a5 94 b3 c7 f9 31 5e c8 c2 43 9a a6 f9 20 e7 fc 8c 46 82 89 ba ae 7b ed b8 21 12 24 78 48 ce 79 7f ca 8f 13 24 18 8d 83 f8 cf 0b 12 c4 da e8 60 ea 8f 15 24 d8 f9 dd 20 fe 8b 82 04 01 9f 1d c4 17 24 98 d6 46 9f 1b c4 17 24 98 a0 d6 fa d6 67 07 f1 a7 f0 42 96 ad d7 34 cd 47 39 e7 a7 35 12 4c 34 0e e2 3f 1d fd e7 68 24 b6 da a3 06 f1 35 12 1c 43 df f7 af cc 11 22 41 62 ab e5 9c ef cc f5 cf 12 24 b6 b5 8d 2e a7 94 ae 0a 12 04 8c df 01 7b 46 90 60 7a 1b 3d 71 10 5f 90 e0 08 6a ad b7 8f b3 c7 70 14 1e 7f b3 75 9a a6 f9 75 ce b9 d7 48 30 51 d7 75 fb 73 87 48 23 b1 75 8e 32 88 af 91 e0 09 c6 1b c9 9f 3d 89 7f b6 20 b1 35 1e 77 23 b9 20 c1 d1 db 68 6f 18 86 2b 82 04 01 c7 19 c4 17 24 78 74 1b 5d 38 ce 20 be 20 c1 a3 db e8 60 ee 17 b0 0f f3 f8 9b 4d 6f a3 c5 e1 e1 e1 af 4a 29 0b 8d 04 13 8d 83 f8 8b 93 fe 79 34 12 1b 6d ca 20 be 46 82 cf ff b1 ee e6 69 84 48 90 d8 68 29 a5 1f 9f d6 cf 25 48 6c 6a 1b 5d 4b 29 7d 43 90 20 20 32 88 2f 48 f0 9b 36 ba 18 19 c4 17 24 d8 99 7f 8f e1 28 3c fe 66 d3 da 68 71 78 78 f8 71 74 cb 5b 23 b1 d5 e6 18 c4 d7 48 6c bd a6 69 3e cc 39 9f 3f ed 9f 57 23 b1 31 c6 1b c9 cf 2f e3 e7 d6 48 6c 8c b6 6d ff 27 a5 f4 b5 65 fc dc 1a 89 8d 30 0e e2 7f 6d 59 3f bf 20 b1 11 e6 1c c4 17 24 b6 b5 8d 2e cd 39 88 2f 48 6c a5 e8 8d e4 82 84 36 fa cd 20 fe f7 96 fd 75 08 12 6b ed 24 06 f1 a7f0 f8 9b b5 d6 34 cd 83 9c f3 53 1a 09 26 1a 6f 24 7f 6a 15 be 16 8d c4 da 3a a9 41 7c 8d c4 d6 38 c9 41 7c 41 62 6b 9c e4 20 be 20 b1 2d 6d 74 39 a5 74 45 90 20 a0 94 72 af d6 ba 23 48 30 bd 8d 2e 0c c3 f0 9d 55 fb ba 04 89 75 6b a3 83 55 78 01 fb 30 8f bf 59 2b bb bb bb 9f 94 52 3a 8d 04 13 75 5d b7 bf 8a 21 d2 48 ac 95 d3 Data Ascii: PNGIHDRpHYs cHRMz%u0`:o_FIDATx^}RqT72!2-Eh-&r(%m,RGPLpc+,3wf-k)u0]RLoK)RZLkEJoZ`ZOK)ovp|M<9?`^l4L)>4C>"Ac9/Hp6R"HPJ[k$Faxq ~y`wwRJ`"G{)gX_"A/surT6ARFaxI FwVhRq#HZ1^C F{!$xHy$`$ $F$gB4G95L4?h$5C"Ab$.{F`z=q_jpuuH0QusH#u2= 5w# ho+$xt]8 `MoJ)y4m FiHh)%Hlj]K)}C 2/H6$(<fhqxxqt[#Hli>9?W#1/Hlm'e0mY? $.9/Hl6 uk$4S&o$j:A|8A|Abk -mt9tE r#H0.UukUx0Y+R:u]!H
Aug 20, 2020 21:55:39.172338963 CEST
11556 OUT GET /extension/cofaweb/design/cofaweb/images/bg/triangle_mask_gen.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 92 of 111
Aug 20, 2020 21:55:39.205807924 CEST
11575 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:31 GMTETag: "49a2ac-23bc-595692c4e7fc0"Accept-Ranges: bytesContent-Length: 9148Vary: Accept-EncodingKeep-Alive: timeout=5, max=492Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 da 00 00 04 23 08 06 00 00 00 c7 41 ef d9 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 00 20 63 48 52 4d 00 00 7a 25 00 00 80 83 00 00 f9 ff 00 00 80 e9 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 6f 92 5f c5 46 00 00 23 42 49 44 41 54 78 da ec dd 5d 6b ac d9 79 e7 e1 bf e7 78 e6 cc 36 c1 11 ec 44 83 83 8c a0 41 60 68 e8 2f 91 6f 30 5f 63 c0 24 93 e0 03 d3 20 2c 28 28 e8 a1 98 06 81 98 0e 1a 04 81 10 81 b0 99 80 c0 20 68 30 23 68 10 6e 46 60 53 d0 50 a4 86 98 22 15 8a 14 a9 ec 39 58 95 f8 ad dd fb 6d dd 52 bd 5c 17 e8 20 e9 ee fd 72 cb 70 f3 7b f4 ac 55 5f 7b f9 f2 e5 cb 00 00 15 fe cb d7 2c 5a 00 28 31 49 f2 e2 3f 98 03 00 94 18 26 59 2a 5a 00 e8 6f 9e e4 20 c9 4c d1 02 40 7f e7 49 66 49 a2 68 01 a0 af 55 92 a3 24 8f 49 a2 68 01 a0 af eb 7f 5b b2 16 2d 00 f4 77 f6 eb ff 87 47 c7 00 d0 cf a7 49 de ff f5 ff 87 a2 05 80 a2 9a 55 b4 00 d0 cf 38 c9 61 da cb 50 8a 16 00 3a 1b fe f6 92 55 b4 00 d0 c7 bf 5f 50 f1 db ff 40 d1 02 c0 bb 1b 7d d9 92 55 b4 00 f0 ee 56 69 3f 9b 1d 7f d9 3f 54 b4 00 f0 6e ae 7e df 92 b5 68 01 e0 dd 0d be ea 1f 5a b4 00 f0 f6 ee d6 5f 16 2d 00 14 38 7d d5 bf e0 65 28 00 78 3b 8f 69 9f d2 b3 52 b4 00 d0 df e0 55 4b 56 d1 02 c0 db 99 a5 5d 50 31 7f d5 bf a8 68 01 e0 cd 8d 5e 67 c9 2a 5a 00 78 73 cb b4 0b 2a be 78 9d 7f 59 d1 02 c0 9b b9 7c dd 25 ab 68 01 e0 cd 9d 24 b9 7f dd 7f 59 d1 02 c0 eb bb 7d 93 25 6b d1 02 c0 9b 39 7b d3 ff c0 a3 63 00 78 3d 9f 27 39 ce 6b 9c 9d 55 b4 00 f0 76 35 bb 7a d3 ff 48 d1 02 c0 ab 4d 93 bc 48 b2 78 d3 ff 50 d1 02 c0 ab 8d de 66 c9 2a 5a 00 78 b5 e5 ba 66 27 6f f3 1f 2b 5a 00 f8 6a 9f bc ed 92 55 b4 00 f0 6a c7 49 1e de f6 3f 56 b4 00 f0 fb dd bc cb 92 b5 68 01 e0 ab 0d de f5 17 f0 e8 18 00 be dc 43 da 63 e3 77 a2 68 01 e0 cb 9d f5 f8 45 14 2d 00 fc ae 49 da 91 9e a5 a2 05 80 fe 86 3d 96 ac a2 05 80 df b5 58 d7 ec b4 c7 2f a6 68 01 e0 37 5d f4 5a b2 8a 16 00 7e d3 2a c9 7b 79 c7 b3 b3 8a 16 00 be dc 75 cf 25 6b d1 02 c0 6f 3a eb fd 0b 7a 74 0c 00 cd 7d 92 93 de bf a8 a2 05 80 a2 9a 55 b4 00 d0 74 bb a0 42 d1 02 c0 97 d7 ec b2 e2 17 56 b4 00 ec bb 79 92 83 24 b3 8a 5f 5c d1 02 b0 ef ce ab 96 ac a2 05 60 df ad 92 1c 25 79 ac fa 0d 14 2d 00 fb ec ba 72 c9 2a 5a 00 f6 dd 07 49 ee 2a 7f 03 45 0b c0 be ba ab 5e b2 16 2d 00 fb 6c f014 bf 89 47 c7 00 ec a3 71 92 c3 b4 97 a1 14 2d 00 74 36 7c 8a 25 ab 68 01 d8 47 b3 b4 0b 2a e6 4f f1 9b 29 5a 00 f6 cd e8 a9 96 ac a2 05 60 df ac d2 7e 36 3b 7e aa df 50 d1 02 b0 4f ae 9e 72 c9 5a b4 00 ec 9b c1 53 ff 86 16 2d 00 fb e2 36 4f 70 41 85 45 0b c0 be 3a 7b 8e df d4 cb 50 00 ec 83 c7 b4 4f e9 59 3d f5 6f ac 68 01 d8 07 83 e7 58 b2 8a 16 80 7d f0 a4 17 54 28 5a 00 f6 cd 47 cf b5 64 15 2d 00 bb 6e 99 e4 45 92 c9 73 fd 01 14 2d 00 bb ec f2 39 97 ac a2 05 60 d7 9d 24 b9 7f ce 3f 80 a2 05 60 57 dd 3e f7 92 b5 68 01 d8 65 a7 9b f0 87 f0 e8 18 80 5d f4 90 e4 78 13 fe 20 8a 16 80 5d 34 d8 94 3f 88 a2 05 60 d7 4c d3 8e f4 2c 14 2d 00 f4 37 da 94 25 ab 68 01 d8 35 8b 24 87 79 e6 b3 b3 8a 16 80 5d 75 b1 49 4b 56 d1 02 b0 6b 8e d3 de 38 de 18 8a 16 80 5d 71 b3 69 4b d6 a2 05 60 97 0c 36 f1 0f e5 d1 31 00 Data Ascii: PNGIHDR#ApHYs cHRMz%u0`:o_F#BIDATx]kyx6DA`h/o0_c$ ,(( h0#hnF`SP"9XmR\ rp{U_{,Z(1I?&Y*Zo L@IfIhU$Ih[-wGIU8aP:U_P@}UVi??Tn~hZ_-8}e(x;iRUKV]P1h^g*Zxs*xY|%h$Y}%k9{cx='9kUv5zHMHxPf*Zxf'o+ZjUjI?VhCcwhE-I=X/h7]Z~*{yu%ko:zt}UtBVy$_\`%y-r*ZI*E^-lGq-t6|%hG*O)Z`~6;~POrZS-6OpAE:{POY=ohX}T(ZGd-nEs-9`$?`W>he]x ]4?`L,-7%h5$y]uIKVk8]qiK`61
Aug 20, 2020 21:55:39.271461010 CEST
11734 OUT GET /var/cofaweb/storage/images/media/images/image0102/2897859-1-fre-FR/image010_image576x342.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 93 of 111
Aug 20, 2020 21:55:39.305399895 CEST
11769 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:39 GMTServer: ApacheLast-Modified: Wed, 22 Jan 2020 22:14:19 GMTETag: "41c240-2ef3a-59cc1d88884c0"Accept-Ranges: bytesContent-Length: 192314Vary: Accept-EncodingKeep-Alive: timeout=5, max=491Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 40 00 00 01 35 08 06 00 00 00 0f 9d 5f d9 00 00 80 00 49 44 41 54 78 da ec fd 79 98 2d c7 79 de 09 fe 22 22 33 cf 56 7b dd 7d c7 05 70 b1 ef 04 49 70 df c4 4d 12 45 53 b6 36 6b b1 25 f5 a8 65 4b 63 cb ed e9 9e f6 78 9e b6 db d3 ea f6 a3 f1 e3 ee e9 e7 71 cb 92 2d cb b2 64 59 96 28 8a 22 45 8a 22 45 10 04 41 80 20 f6 1d b8 fb 7e 6f d5 ad bd ce 9a 99 11 f3 47 44 e4 72 ea d4 82 95 82 70 3e a0 6e 9d 3a 27 4f 66 64 64 2c 6f bc df fb 7d 21 7e fe e7 7f de 8c 8f 8f 33 3a 3a 4a ad 56 23 0c 43 94 52 48 29 19 da d0 86 36 b4 a1 0d 6d 68 43 7b b3 9a 31 06 ad 35 49 92 d0 ed 76 69 36 9b 2c 2d 2d b1 bc bc 4c b0 6d db 36 a6 a7 a7 99 98 98 a0 d1 68 10 45 11 41 10 20 84 40 08 f1 bd 2e fb d0 86 36 b4 a1 0d 6d 68 43 1b da 2b 32 ad 35 5a 6b e2 38 a6 d3 e9 b0 b2 b2 42 a5 52 21 0c 43 0b 80 b6 6f df ce f4 f4 34 23 23 23 54 ab 55 82 20 c8 18 a0 21 08 1a da d0 86 36 b4 a1 0d 6d 68 6f 36 33 c6 60 8c 21 4d 53 e2 38 a6 d5 6a b1 b8 b8 88 94 12 21 04 c1 d8 d8 18 13 13 13 4c 4d 4d 31 36 36 56 02 40 43 f0 33 b4 a1 0d 6d 68 43 1b da d0 de ac a6 b5 ce 00 50 b3 d9 44 4a 49 af d7 a3 db ed 12 d4 6a 35 1a 8d 06 23 23 23 8c 8c 8c 50 ab d5 06 02 20 ef 16 1b da 5b c7 8c 31 24 49 f2 bd 2e c6 d0 86 36 b4 a1 0d 6d 68 af c8 3c 00 ea f5 7a 08 21 e8 f5 7a d4 eb 75 8b 75 c2 30 24 8a 22 2a 95 4a f6 13 86 61 09 00 09 21 4a 6e b1 a1 bd 35 cc 0b c7 8c 31 df eb a2 0c 6d 68 43 1b da d0 86 f6 b2 cd 03 20 29 25 49 92 10 45 11 61 18 5a 0d 90 52 0a ff 13 04 81 7d 33 08 50 4a 95 18 9f 21 fb f3 d6 33 0f 7c 87 36 b4 a1 0d 6d 68 43 7b b3 99 8f 00 13 42 90 a6 69 86 73 32 cc e3 99 1e 21 04 c5 d7 fd 51 60 6f 1d 00 64 b2 7f 45 fe 0f 18 f7 89 10 bc 55 6a e2 ad f3 cc 87 36 b4 a1 0d 6d 68 7f dd cc cf 61 c6 18 a4 94 19 c6 c9 44 d0 fe a0 a2 bb 6b 10 00 7a ab 98 77 f6 08 93 ff 2d 00 e3 fe f1 78 e8 ad 62 6f c5 36 30 b4 a1 0d 6d 68 43 7b f3 9b 31 66 0d a6 29 69 9b 8b 07 bf 95 27 bb ac a2 3c ba c9 7e 89 fc 4f 01 c6 bc a5 f0 cf d0 86 36 b4 a1 0d 6d 68 6f 4a 13 42 6c a8 61 1d 0a 3c 9c 09 21 58 6e b6 39 3f b3 c0 d9 99 39 96 57 56 91 52 32 31 3a c2 ae e9 71 b6 4d 8c 32 35 31 4a 30 14 82 0f 6d 68 43 1b da d0 86 f6 a6 b7 b7 1e 00 32 06 84 a0 e0 ec 62 a5 d9 e6 4b f7 3f ca 1f fe c5 83 3c f5 e2 19 66 17 56 e8 f6 62 84 10 54 2b 11 93 a3 75 f6 ee de c6 7b 6f bf 96 ff f6 47 3e c6 be 5d db be d7 77 31 b4 a1 0d 6d 68 43 1b da d0 5e 85 bd e5 00 90 11 20 d0 18 24 02 c3 a5 2b 8b fc af bf f1 47 fc ce 9f 3d c0 e2 4a 8b 5a 35 e2 ea 3d db d9 b1 6d 9a 54 a7 cc 5c 99 e3 cc e5 25 8e 9f be cc fc dc 22 3f fd 43 1f f8 5e df c2 d0 86 36 b4 a1 0d 6d 68 43 7b 95 f6 96 03 40 60 30 8e fd 69 b6 7b fc cb df fa 13 fe ed 67 bf 4e 57 c3 cd 47 0e f2 df fd e4 27 78 cf 5d 37 30 39 d6 40 1b 98 5f 5e e1 c9 e7 4f f0 7b 9f bf 8f 77 dc 7e 1d 87 f7 ef fe 5e df c0 d0 86 36 b4 a1 0d 6d 68 43 7b 95 f6 16 04 40 b9 b0 f9 1b df 7d 96 df fd c2 37 e9 1a c9 81 1d 63 fc ab 7f fc 93 7c f4 9d b7 96 8e dd 3e 31 ca 75 07 f6 f0 91 77 de 86 14 02 f5 16 16 8a 0f 6d 68 43 1b da d0 86 f6 d7 c5 de 72 00 c8 83 9f 6e 9c f0 85 6f 7c 97 b9 95 36 42 2a 7e e0 7d 77 f0 c1 b7 dd 48 ae 0d b2 47 1b 0c 02 98 1a 1f 85 be 4f 87 36 b4 a1 0d 6d Data Ascii: PNGIHDR@5_IDATxy-y""3V{}pIpMES6k%eKcxq-dY("E"EA ~oGDrp>n:'Ofdd,o}!~3::JV#CRH)6mhC{15Ivi6,--Lm6hEA @.6mhC+25Zk8BR!Co4###TU !6mho63`!MS8j!LMM166V@C3mhCPDJIj5###P [1$I.6mh<z!zuu0$"*Ja!Jn51mhC )%IEaZR}3PJ!3|6mhC{Bis2!Q`odEUj6mhaDkzw-xbo60mhC{1f)i'<~O6mhoJBla<!Xn9?9WVR21:qM251J0mhC2bK?<fVbT+u{oG>]w1mhC^ $+G=JZ5=mT\%"?C^6mhC{@`0i{gNWG'x]709@_^O{w~^6mhC{@}7c|>1uwmhCrno|6B*~}wHGO6m
TimestampkBytestransferred Direction Data
Session ID Source IP Source Port Destination IP Destination Port Process
7 192.168.2.4 49785 93.184.220.66 80 C:\Program Files (x86)\Internet Explorer\iexplore.exe
TimestampkBytestransferred Direction Data
Aug 20, 2020 21:55:38.909662962 CEST
10782 OUT GET /widgets.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: platform.twitter.comConnection: Keep-Alive
Copyright null 2020 Page 94 of 111
Aug 20, 2020 21:55:38.932369947 CEST
10862 IN HTTP/1.1 200 OKContent-Encoding: gzipAccess-Control-Allow-Methods: GETAccess-Control-Allow-Origin: *Age: 543Cache-Control: public, max-age=1800Content-Type: application/javascript; charset=utf-8Date: Thu, 20 Aug 2020 19:55:38 GMTEtag: "1dc37899f984d453c1d3d8179829f041+gzip"Last-Modified: Thu, 30 Jul 2020 22:04:50 GMTP3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"Server: ECS (mil/6CE0)Vary: Accept-EncodingX-Cache: HITContent-Length: 28825Data Raw: 1f 8b 08 00 02 44 23 5f 00 03 dc bd fb 7e db 46 92 30 fa ff f7 14 14 66 56 01 42 08 bc e8 62 19 0c c2 75 6c 65 a2 5d df d6 92 67 7e b3 b2 c2 1f 44 34 45 c4 20 c0 c1 45 b2 22 71 1f e2 3c d4 79 ae 53 55 dd 0d 74 e3 42 c9 99 cc cc b7 67 36 6b 11 40 df bb ba ba ee f5 63 11 cf f3 30 89 77 77 7f 14 bf 9c 75 9a e4 49 7e b7 66 6d ef 9c ab 30 0e 76 77 cd 81 f9 e6 ec f4 a4 67 5e 1c 3d 3b 7e 7e f9 30 1a 3e 8c 46 96 f5 70 9e 86 01 8b f3 81 93 b3 2c 37 63 ff 26 bc f6 f3 24 75 8a 8c a5 2f ae e1 8b f5 f0 60 de 42 13 c9 ad 33 9b e5 b7 79 9e ee ee ea cf ce 6d 18 5c b3 3c eb 7a ef 44 89 1f b0 a0 fc dc fc b8 e5 93 69 d9 7f 67 ef 61 1c e6 0f 0f 0b b1 30 66 6e dd cb df 3d 66 32 78 4a 52 f3 c6 4f 7b b1 1d da 89 c7 2e 86 97 76 06 7f 46 97 b6 ef 0d ed b9 77 71 39 f1 bf 4b 9c 88 c5 d7 f9 72 e2 f7 fb 56 e8 25 17 fe a5 9d 5e 84 97 bb bb 73 67 5d 64 4b 13 1f a0 aa 45 6f bd e1 04 5b 8d 7b 61 dc cb ac 77 57 bf b0 79 ae ec c8 d2 cf de dd c6 ef d3 64 cd d2 fc ce 99 fb 51 64 66 76 6c c1 2e e5 17 f1 a5 97 c1 3f 16 b5 50 ec ee 16 30 c6 c9 5c 76 6f cd 9d 6c 19 2e 72 d3 32 ad 0d 8d da bb df d8 a9 77 3f 72 87 9b 49 39 b1 10 27 16 2e cc f8 82 5d 5a 29 cb 8b 34 ee e1 6f 87 7d 59 27 69 9e 4d b0 6a ea e1 2b ef 3e 74 99 1d b9 3b 23 5b 7c 74 ef 37 9b 89 a8 94 63 25 1a 60 2a eb da a9 5d fd 0e 61 c2 4e e4 ed 0c ab 77 9b d0 61 9e ba dc d8 17 83 65 b4 63 2f bd c8 2f 27 30 ae e1 8e e7 c5 16 0e d0 62 7c fd e2 8b 31 cc 99 45 19 a3 f2 89 17 b3 db 1e 2c d1 2a cc 98 59 b6 c6 a0 c3 7b de 8c 77 01 0f 97 1b a8 53 35 e0 25 16 cd 2c 83 ad 0b 92 79 b1 02 f8 75 00 08 4e 22 86 3f b3 1f ee ce fd eb b7 fe 8a 99 c6 92 f9 81 61 e1 66 17 55 d1 79 ca fc 9c 89 d2 a6 91 cd d3 70 9d 1b d6 a4 70 e6 4b 3f cd 58 ee 19 45 be d8 3b 36 ec c2 c9 c3 15 4b 8a dc 1b 8d 87 76 e8 c4 73 d8 29 07 4a bc 00 d0 0b af 8a 1c ba 88 93 78 ce 0c fa 68 41 85 2c 9d 6b cb 22 56 38 74 d6 7d e3 97 6c 60 f4 cd fb a1 6b ac 12 ec fb 7f b0 f5 28 8c d9 ff e4 b7 8c e5 86 3d 76 8d 60 35 83 76 f3 24 36 ec 7d d7 90 3f 0f 64 15 c3 3e 74 0d 00 a8 30 9b 03 5c cd 92 78 e6 87 a9 61 1f b9 86 6c cb b0 9f b9 c6 32 49 c3 5f e1 a3 68 f7 18 3e d3 af 0d 2c e9 c3 43 6e f5 0d c7 e8 e3 40 86 c3 23 76 c4 46 87 43 b6 ef 3f 3f 3a bc 1a 8f d8 c1 62 fe 7c 74 e0 1f 3e 1f 06 fb 43 1a d3 d1 38 60 cf 9f 2f 0e f7 c7 c1 b3 e1 55 30 7a 16 cc 0f af 46 6c ff f0 79 70 04 ff bb a2 a1 1e 1d ef 07 8b e3 f9 d5 d1 c1 d5 f1 33 ff 98 1d 3c 3b 7c 7e 35 5a f8 a3 67 a3 83 67 7e 30 a2 49 1c 8e 0f 9f ed b3 f9 f8 ea d9 78 b1 3f 1a 3f df 1f 0d a1 c4 78 fe 2c 08 0e 7d 36 f4 Data Ascii: D#_~F0fVBbule]g~D4E E"q<ySUtBg6k@c0wwuI~fm0vwg^=;~~0>Fp,7c&$u/`B3ym\<zDiga0fn=f2xJRO{.vFwq9KrV%^sg]dKEo[{awWydQdfvl.?P0\vol.r2w?rI9'.]Z)4o}Y'iMj+>t;#[|t7c%`*]aNwaec//'0b|1E,*Y{wS5%,yuN"?afUyppK?XE;6Kvs)JxhA,k"V8t}l`k(=v`5v$6}?d>t0\xal2I_h>,Cn@#vFC??:b|t>C8`/U0zFlyp3<;|~5Zgg~0Ix??x,}6
Aug 20, 2020 21:55:54.294441938 CEST
12232 OUT GET /widgets.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: platform.twitter.comIf-Modified-Since: Thu, 30 Jul 2020 22:04:50 GMTIf-None-Match: "1dc37899f984d453c1d3d8179829f041+gzip"Connection: Keep-Alive
Aug 20, 2020 21:55:54.331507921 CEST
12232 IN HTTP/1.1 304 Not ModifiedAccess-Control-Allow-Methods: GETAccess-Control-Allow-Origin: *Age: 559Cache-Control: public, max-age=1800Date: Thu, 20 Aug 2020 19:55:54 GMTEtag: "1dc37899f984d453c1d3d8179829f041+gzip"Last-Modified: Thu, 30 Jul 2020 22:04:50 GMTP3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"Server: ECS (mil/6CE0)Vary: Accept-EncodingX-Cache: HIT
TimestampkBytestransferred Direction Data
Session ID Source IP Source Port Destination IP Destination Port Process
8 192.168.2.4 49786 193.56.140.134 80 C:\Program Files (x86)\Internet Explorer\iexplore.exe
TimestampkBytestransferred Direction Data
Aug 20, 2020 21:55:44.541884899 CEST
12175 OUT GET /extension/cofaweb/design/cofaweb/javascript/tac/tarteaucitron.services.js?v=20181023 HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608
Copyright null 2020 Page 95 of 111
Aug 20, 2020 21:55:44.584368944 CEST
12177 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:44 GMTServer: ApacheLast-Modified: Sun, 23 Feb 2020 13:40:02 GMTETag: "49a3b7-1967c-59f3e643c1080"Accept-Ranges: bytesVary: Accept-EncodingKeep-Alive: timeout=5, max=500Connection: Keep-AliveContent-Type: text/javascriptContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 36 36 39 0d 0a 1f 8b 08 00 00 00 00 00 04 03 d2 d7 4a cf c9 4f 4a cc 51 28 49 2c 2a 49 4d 2c 4d ce 2c 29 ca cf d3 51 48 4f d4 51 08 ce 48 2c 4a 4d cc c8 cf c9 4c d6 51 28 2e f1 c9 4c cf 28 d1 51 48 06 72 b3 2b 75 14 4a f2 0b 80 ca f2 f3 d3 73 52 75 14 42 2a 0b 52 b3 33 81 b2 6e 4e 3a 0a 69 a9 45 89 79 d9 41 a9 89 29 40 65 9e 7e 20 bd 4e a5 25 25 f9 79 c5 40 5d e5 25 25 45 3a 0a 01 ce e1 99 29 e9 a9 25 5a fa 5c fa 5a 59 c5 39 99 79 25 0a 45 a9 e9 a9 15 05 56 0a 25 45 a5 40 13 f3 f2 73 53 f3 20 1c a0 22 2e 7d 7d 85 f4 d4 bc d4 a2 cc 64 85 cc b4 a2 c4 dc 54 2e 14 07 eb 15 a7 16 95 65 26 a7 16 eb 41 64 15 6c 15 aa b9 14 80 40 29 3b b5 52 c9 4a 41 09 22 ac a4 03 11 2c 01 3a 17 24 9a 5f 92 91 5a 04 13 cc 03 29 00 0a 86 a7 26 29 24 e7 e7 95 a4 e6 95 c0 a4 4a 8b 32 41 32 30 6e 5e 6a 6a 8a 33 d0 3b 20 15 10 27 42 25 92 f3 f3 b3 33 53 8b 81 82 d1 b1 50 a1 2c 10 2f ad 34 2f b9 24 33 3f 4f 41 43 13 ea 2e 10 56 2a 2d 4e 05 86 0d d0 4f 25 4a d6 70 51 54 7f a5 25 e6 e4 24 25 26 67 6b 44 ab 97 24 26 c7 43 bc a1 1e ab 83 64 64 05 b2 99 20 ba 2c b1 48 a1 3c 33 a5 24 03 18 0a 15 7a c0 50 76 04 86 79 66 52 69 49 aa 86 12 58 5c 49 53 07 45 03 88 9d 91 0a 8a 5e 2c 3a 20 12 e8 5a 40 ec d2 a2 1c 2c ea 53 12 4b 12 75 81 52 4a 9a d6 5c 28 5a 8a 52 4b 4a 8b f2 14 d4 6d 20 9e 50 28 2e 4a b6 55 52 57 d0 06 9b a3 ad a0 ae 04 71 34 44 0c cc 54 00 8b 42 1c 00 11 86 b0 15 c0 e2 60 53 92 f2 8b 52 52 8b 6c 95 0c 94 14 8a 93 8b f2 73 80 29 29 dd 56 29 2f 5f 49 01 18 70 f9 e5 25 c0 94 58 5c 00 4c c6 79 c9 95 10 91 b4 d2 9c 1c a0 ca d4 d4 3c 3b 1b 7d 88 4b ec d4 11 a1 5f ab 09 61 d7 42 bc ab 04 0b 7f f4 48 04 cb 82 30 7a 24 42 20 28 0a 32 53 80 a1 a3 0e b1 02 c9 06 f4 f8 85 98 8f 1e bf 48 b6 a5 e6 a4 e6 22 db 08 a2 41 62 7a c5 25 95 39 a9 7a 90 90 b2 85 08 a1 44 85 3a 58 4a 5d 13 14 5c 05 15 48 4e 00 d1 60 e5 10 13 a0 81 8a d5 08 88 1c ba 19 50 02 1a a3 a8 3e 4a cd 4b 4f 4c 4f d5 c8 4c d1 44 28 86 87 2a 57 ad 35 38 2f 27 a6 00 5d 96 59 8c 2b 13 43 a5 15 d0 73 31 54 1c 96 0f 61 d9 b8 38 3f 39 33 31 07 26 0a cb c7 8e 29 29 21 48 8a a1 79 38 a3 a4 a4 a0 d8 4a 5f bf bc bc 1c 66 8d 5e 72 7e ae 7e 41 51 66 59 62 72 25 8c d6 2d c8 07 96 73 95 ca 05 a5 49 39 99 c5 c0 52 42 b7 2c b3 38 b3 24 bf 08 6e 5e 1e 11 85 80 7a 7c 7c 62 49 69 59 b2 ba 8e 02 94 59 ac 8e 5e 30 40 63 19 39 86 d1 d3 14 04 66 a6 29 68 a0 86 17 50 59 11 cc 13 01 a5 49 9e c0 04 67 6b ab 50 9a 97 92 9a 96 99 97 9a 82 6c 24 88 86 44 17 c2 c0 5a 38 0b dd e8 3c bd cc 62 c7 ac c4 0a b0 79 20 af a1 1b 55 9e 99 97 92 0f 0f 40 60 3c e5 01 b3 95 35 36 25 f1 89 29 45 e8 f2 60 0a 2e 5f 92 8c 2e 0f a6 10 f2 29 e8 f2 60 0a 21 9f 8a 2e 0f a6 10 f2 e8 f6 43 48 84 7c 39 ba 3c 52 c8 a0 86 0a 52 6e 85 7a 3d be 18 58 49 02 cb 9c f8 92 fc fc 9c a4 fc 0a 60 f4 2a a8 ab 6b 5a e3 30 00 a8 2b 38 b9 28 b3 a0 44 43 5d 5f bf d8 1c c4 07 99 02 4e 81 59 c5 fa c6 06 06 fa 50 a1 f8 72 70 05 a9 97 55 0c 4a 83 99 29 b6 a0 e2 0f d5 30 f4 e8 87 e5 38 f4 b2 0b 3d 9d 81 65 41 18 3d 9d 41 20 a2 ec 82 9a 8d 94 eb 51 1d 00 b3 00 7f 70 a0 ea 41 14 0f 30 d7 22 97 Data Ascii: 4669JOJQ(I,*IM,M,)QHOQH,JMLQ(.L(QHr+uJsRuB*R3nN:iEyA)@e~ N%%y@]%%E:)%Z\ZY9y%EV%E@sS ".}}dT.e&Adl@);RJA",:$_Z)&)$J2A20n^jj3; 'B%3SP,/4/$3?OAC.V*-NO%JpQT%$%&gkD$&Cdd ,H<3$zPvyfRiIX\ISE^,: Z@,SKuRJ\(ZRKJm P(.JURWq4DTB`SRRls))V)/_Ip%X\Ly<;}K_aBH0z$B (2SH"Abz%9zD:XJ]\HN`P>JKOLOLD(*W58/']Y+Cs1Ta8?931&))!Hy8J_f^r~~AQfYbr%-sI9RB,8$n^z||bIiYY^0@c9f)hPYIgkPl$DZ8<by U@`<56%)E`._.)`!.CH|9<RRnz=XI`*kZ0+8(DC]_NYPrpUJ)08=eA=A QpA0"
Aug 20, 2020 21:55:45.081268072 CEST
12208 OUT GET /extension/cofaweb/design/cofaweb/images/bg/menu_slider_right.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://www.coface.ma/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608; tarteaucitron=!gajs=wait!addthis=wait
Aug 20, 2020 21:55:45.116893053 CEST
12209 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:45 GMTServer: ApacheLast-Modified: Mon, 21 Oct 2019 10:30:32 GMTETag: "49a2bc-230-595692c5dc200"Accept-Ranges: bytesContent-Length: 560Vary: Accept-EncodingKeep-Alive: timeout=5, max=499Connection: Keep-AliveContent-Type: image/pngData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 9e 00 00 00 3a 08 06 00 00 00 41 08 e0 83 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 00 20 63 48 52 4d 00 00 7a 25 00 00 80 83 00 00 f9 ff 00 00 80 e9 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 6f 92 5f c5 46 00 00 01 b6 49 44 41 54 78 da ec dd c1 46 84 61 00 85 e1 53 43 c4 d0 6a 68 d5 aa 55 44 44 44 cc 36 da 46 b4 6a 35 ab 88 88 2e af 6d 44 c4 d0 2a a2 fb 98 16 7f dd c2 f9 36 cf 7b 03 c3 71 bc df cc f7 ff ce 6c 6d 36 9b 94 78 49 b2 0c 90 64 ab 54 bc 93 24 ef e2 c6 3f db a5 cf 79 16 35 da c6 3b 48 f2 95 64 26 6e 34 8d 77 af 74 68 1b 6f 9e e4 27 c9 9e a8 d1 34 de 4a e9 d0 36 de ec ef bb dd 81 98 d1 34 de b5 d2 61 44 f1 1e c4 8b 76 f1 2e 92 9c 8b 17 ed e2 3d 89 16 ed 1f 17 87 49 3e e3 ee 0e 65 e3 3d 28 1d da c6 5b 64 ba 42 99 8b 16 4d e3 ad 94 0e 6d e3 ed 24 f9 4e b2 2f 56 34 8d 77 a3 74 18 61 bc 8f 24 c7 22 45 d3 78 97 4a 87 11 c5 f3 78 0c f5 a3 f6 28 c9 5a 94 68 1b cf e3 31 d4 8d b7 9f e9 0a 65 47 94 68 1a ef 5e e9 d0 36 de ee 9f ed 16 62 44 d3 78 77 4a 87 b6 f1 66 99 5e 7d 3a 14 21 9a c6 bb 52 3a 8c 28 de a3 e8 d0 3e 6a 4f 93 bc 89 0e 6d e3 b9 30 46 dd 78 06 78 30 c4 78 06 78 50 37 de 5e a6 0b 63 5b 28 a8 1a cf 00 0f ea c6 33 c0 83 21 c6 33 c0 83 21 c6 7b 4d 72 26 2e 34 8d b7 54 3a 8c 28 9e c7 63 a8 1f b5 06 78 30 c4 78 8f 4a 87 b6 f1 16 99 2e 8c 77 c5 84 a6 f1 56 4a 87 b6 f1 0c f0 60 88 f1 6e 95 0e 23 8c b7 ce b4 10 00 d4 8c 77 a9 74 18 51 3c 03 3c a8 1f b5 06 78 30 c4 78 fe d0 18 75 e3 19 e0 c1 10 e3 19 e0 41 dd 78 f3 4c 6f 18 db 42 41 d5 78 77 4a 87 b6 f1 0c f0 60 88 f1 0c f0 a0 ce 2f 00 00 00 ff ff 03 00 9b b1 76 45 70 01 ca 12 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDR:ApHYs cHRMz%u0`:o_FIDATxFaSCjhUDDD6Fj5.mD*6{qlm6xIdT$?y5;Hd&n4wtho'4J64aDv.=I>e=([dBMm$N/V4wta$"ExJx(Zh1eGh^6bDxwJf^}:!R:(>jOm0Fxx0xxP7^c[(3!3!{Mr&.4T:(cx0xJ.wVJ`n#wtQ<<x0xuAxLoBAxwJ`/vEpIENDB`
TimestampkBytestransferred Direction Data
Copyright null 2020 Page 96 of 111
Session ID Source IP Source Port Destination IP Destination Port Process
9 192.168.2.4 49788 193.56.140.134 80 C:\Program Files (x86)\Internet Explorer\iexplore.exe
TimestampkBytestransferred Direction Data
Aug 20, 2020 21:55:53.650887012 CEST
12211 OUT GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: www.coface.maIf-Modified-Since: Thu, 20 Aug 2020 19:55:37 GMTConnection: Keep-AliveCookie: BIGipServer~DMZ_COFACE~pool-cofweb.coface.com=!rjOqmvKeOpiMqJbYVTfOmOFDLEsPBhd3SpWsqqx9eyP0h1mYggsNldoX9GjGbS+KgwtL9HtPN4hW/HJhFDzIkVucnlI+ZwDYTER9oF+9Ew==; language=fre-FR; cofaweb_pop=215608; tarteaucitron=!gajs=wait!addthis=wait
Aug 20, 2020 21:55:53.747705936 CEST
12212 IN HTTP/1.1 200 OKDate: Thu, 20 Aug 2020 19:55:53 GMTServer: ApacheExpires: Thu, 20 Aug 2020 17:55:53 GMTLast-Modified: Thu, 20 Aug 2020 19:55:53 GMTCache-Control: public,max-age=14000Pragma: cacheServed-by: www.coface.maContent-language: fr-FRX-UA-Compatible: IE=edgeVary: Accept-EncodingKeep-Alive: timeout=5, max=500Connection: Keep-AliveContent-Type: text/html; charset=utf-8Content-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 39 32 66 0d 0a 1f 8b 08 00 00 00 00 00 04 03 e2 e4 b4 51 74 f1 77 0e 89 0c 70 55 c8 28 c9 cd 51 08 08 75 f2 f1 74 56 50 d2 d5 d7 0f 37 76 d6 d7 77 09 71 51 88 f0 08 f1 f5 51 30 d4 33 50 08 2e 29 ca 4c 2e d1 d7 77 f5 53 52 50 d2 d7 2f 2f 2f d7 2b 37 d6 cb 2f 4a d7 0f 09 d2 af 00 19 60 08 d2 01 65 ea 16 83 95 eb a5 94 a4 28 d9 71 71 d9 80 04 15 2a 72 73 f2 8a 6d 51 35 1b 5a 5a 5a 42 f4 28 81 e4 ad 72 12 f3 d2 6d 95 d2 8a 74 dd 82 94 14 90 39 76 40 43 52 13 53 80 94 a2 ae ae 82 73 7e 5a 62 79 6a 92 42 59 6a 51 71 66 7e 9e 82 95 82 91 9e b1 9e a1 99 42 52 69 66 4e 8a 82 5b 6a 52 51 69 62 51 a5 82 91 89 8e 82 91 81 91 81 82 ae ae 9d 02 1a 00 3a 2b 27 33 2f 5b 21 a3 28 35 0d e8 aa b4 c4 b2 cc e4 fc 3c 3d 20 a1 a4 50 94 9a 63 ab 54 9c 91 5f 54 92 5c 5a a2 00 14 ca 53 52 28 a9 2c 48 b5 55 ca cc 4d 4c 4f d5 af d0 05 8b 81 cd e4 04 01 10 83 0b e2 36 97 d4 b4 d4 e4 12 05 13 0b 73 90 ad 5c 36 25 99 25 39 a9 76 20 17 27 a7 5a 29 a4 e5 17 29 94 14 25 a6 a4 da e8 43 24 b8 6c 72 53 4b 12 81 51 50 52 a0 9b 5a 58 9a 59 66 ab e4 9c 9f 57 92 9a 57 a2 1b 02 b4 51 49 21 19 c2 b3 55 2a 49 ad 28 d1 07 05 95 b5 42 72 46 62 51 71 6a 89 6d 68 88 9b ae 85 92 82 3e cc 94 bc c4 5c a0 1b 53 52 8b 93 8b 32 0b 4a 80 21 83 a4 3d a0 28 bf 04 e8 30 a0 60 b1 42 71 69 91 42 6e 2a 90 4c 05 cb 03 a9 9c d4 62 85 cc dc 82 c4 ca c3 2b 8b 15 0a f2 81 f2 65 f9 20 f1 54 90 6c 41 51 66 71 aa 8e 42 0a 50 59 a2 42 80 af ab c2 e1 05 20 56 6e 69 4e 49 66 5e 22 c8 c8 c4 9c 54 3d 85 e0 fc 9c 52 10 a7 58 21 e5 51 c3 cc c4 62 a0 f9 89 79 c9 a9 ba c9 45 87 57 a6 64 96 80 0d 48 03 6a 00 8a e5 02 cd 55 48 2d 01 89 14 a5 26 e7 97 96 15 41 84 12 cb 52 93 15 20 61 a5 87 ee 2f 25 df e0 e0 dc c4 a2 92 90 c4 f4 e2 80 a2 d4 32 a0 fa 80 44 60 fc e7 a5 23 f9 32 24 28 d4 15 a4 11 14 21 c8 7a 8b f2 93 f2 4b 8a 91 1466 e6 a5 a4 56 e8 a4 e5 e7 e4 e4 97 eb e4 e5 e7 a7 14 28 d9 71 72 29 40 01 24 69 80 93 41 62 4e 49 6a 11 d0 97 c0 a8 c8 4d 4d c9 4c b4 55 ca cf cb a9 54 00 06 71 6a 6a 9e 42 62 5e 8a 82 46 6e 62 85 6e 79 66 4a 49 86 95 82 99 89 41 41 85 a6 12 2c 55 e9 e7 ea 25 43 7c 93 9b 08 72 16 d8 02 bc 86 67 00 4d cc 48 cd 49 c1 69 04 92 ee e2 92 4a 60 bc 65 a4 a6 96 c0 92 27 38 8d 24 17 17 c3 75 97 25 16 e9 83 b4 03 73 8b 7e 72 62 72 46 aa 7e 41 69 52 4e 66 b2 3e 42 6f b1 7e 9a a5 b1 99 a1 71 b2 65 4a 92 a9 b9 79 6a 6a 9a a5 45 52 9a b9 a9 45 52 92 a9 91 a1 89 69 52 6a 7c 62 4e 8e 1e d8 54 7d 3b 5e 48 32 8f ce 4c 53 f0 74 8d b5 e3 42 77 0e d8 48 74 e7 c0 7d 07 09 35 b8 eb 80 d2 a9 79 a0 1c 0c 77 23 30 ed 66 a6 23 b8 08 23 8b f5 33 53 61 6e 00 ba 20 3a 35 2f 25 33 2d 16 9c c3 8a c1 a9 1d d9 ca ac c4 b2 44 88 a8 92 42 71 51 32 d0 26 98 81 a0 32 a5 14 98 85 f5 Data Ascii: 492fQtwpU(QutVP7vwqQQ03P.)L.wSRP///+7/J`e(qq*rsmQ5ZZZB(rmt9v@CRSs~ZbyjBYjQqf~BRifN[jRQibQ:+'3/[!(5<= PcT_T\ZSR(,HUMLO6s\6%%9v 'Z))%C$lrSKQPRZXYfWWQI!U*I(BrFbQqjmh>\SR2J!=(0`BqiBn*Lb+e TlAQfqBPYB VniNIf^"T=RX!QbyEWdHjUH-&AR a/%2D`#2$(!zKfV(qr)@$iAbNIjMMLUTqjjBb^FnbnyfJIAA,U%C|rgMHIiJ`e'8$u%s~rbrF~AiRNf>Bo~qeJyjjERERiRj|bNT};^H2LStBwHt}5yw#0f##3San :5/%3-DBqQ2&2
Timestamp Source IPSourcePort Dest IP
DestPort Subject Issuer
NotBefore
NotAfter
JA3 SSLClientFingerprint JA3 SSL Client Digest
Aug 20, 2020 21:55:02.271898985 CEST
193.56.140.134 443 192.168.2.4 49738 CN=*.coface.com, OU=DSI, O=COFACE S.A., L=Bois-Colombes, C=FR CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Fri Mar 20 01:00:00 CET 2020 Fri Mar 08 13:00:00 CET 2013
Thu Apr 15 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Fri Mar 08 13:00:00 CET 2013
Wed Mar 08 13:00:00 CET 2023
HTTPS Packets
Copyright null 2020 Page 97 of 111
Aug 20, 2020 21:55:02.272352934 CEST
193.56.140.134 443 192.168.2.4 49739 CN=*.coface.com, OU=DSI, O=COFACE S.A., L=Bois-Colombes, C=FR CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Fri Mar 20 01:00:00 CET 2020 Fri Mar 08 13:00:00 CET 2013
Thu Apr 15 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Fri Mar 08 13:00:00 CET 2013
Wed Mar 08 13:00:00 CET 2023
Aug 20, 2020 21:55:03.694775105 CEST
185.226.224.134 443 192.168.2.4 49744 CN=*.solutions.webfg.ch, OU=Domain Control Validated CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Sat Jun 20 18:11:15 CEST 2020 Tue May 03 09:00:00 CEST 2011 Wed Jan 01 08:00:00 CET 2014
Mon Jun 20 18:11:15 CEST 2022 Sat May 03 09:00:00 CEST 2031 Fri May 30 09:00:00 CEST 2031
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
Tue May 03 09:00:00 CEST 2011
Sat May 03 09:00:00 CEST 2031
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Wed Jan 01 08:00:00 CET 2014
Fri May 30 09:00:00 CEST 2031
Aug 20, 2020 21:55:03.694938898 CEST
185.226.224.134 443 192.168.2.4 49745 CN=*.solutions.webfg.ch, OU=Domain Control Validated CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Sat Jun 20 18:11:15 CEST 2020 Tue May 03 09:00:00 CEST 2011 Wed Jan 01 08:00:00 CET 2014
Mon Jun 20 18:11:15 CEST 2022 Sat May 03 09:00:00 CEST 2031 Fri May 30 09:00:00 CEST 2031
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
Tue May 03 09:00:00 CEST 2011
Sat May 03 09:00:00 CEST 2031
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Wed Jan 01 08:00:00 CET 2014
Fri May 30 09:00:00 CEST 2031
Aug 20, 2020 21:55:28.425225019 CEST
193.56.140.134 443 192.168.2.4 49749 CN=*.coface.com, OU=DSI, O=COFACE S.A., L=Bois-Colombes, C=FR CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Fri Mar 20 01:00:00 CET 2020 Fri Mar 08 13:00:00 CET 2013
Thu Apr 15 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0
37f463bf4616ecd445d4a1937da06e19
Timestamp Source IPSourcePort Dest IP
DestPort Subject Issuer
NotBefore
NotAfter
JA3 SSLClientFingerprint JA3 SSL Client Digest
Copyright null 2020 Page 98 of 111
Code Manipulations
Statistics
Behavior
CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Fri Mar 08 13:00:00 CET 2013
Wed Mar 08 13:00:00 CET 2023
Aug 20, 2020 21:55:35.964754105 CEST
172.217.218.156 443 192.168.2.4 49765 CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US
CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Wed Jul 15 10:29:13 CEST 2020 Thu Jun 15 02:00:42 CEST 2017
Wed Oct 07 10:29:13 CEST 2020 Wed Dec 15 01:00:42 CET 2021
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=GTS CA 1O1, O=Google Trust Services, C=US
CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Thu Jun 15 02:00:42 CEST 2017
Wed Dec 15 01:00:42 CET 2021
Aug 20, 2020 21:55:35.971977949 CEST
172.217.218.156 443 192.168.2.4 49764 CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US
CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Wed Jul 15 10:29:13 CEST 2020 Thu Jun 15 02:00:42 CEST 2017
Wed Oct 07 10:29:13 CEST 2020 Wed Dec 15 01:00:42 CET 2021
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=GTS CA 1O1, O=Google Trust Services, C=US
CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Thu Jun 15 02:00:42 CEST 2017
Wed Dec 15 01:00:42 CET 2021
Aug 20, 2020 21:55:36.273350000 CEST
172.217.168.67 443 192.168.2.4 49773 CN=*.google.ch, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US
CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Wed Jul 15 10:35:34 CEST 2020 Thu Jun 15 02:00:42 CEST 2017
Wed Oct 07 10:35:34 CEST 2020 Wed Dec 15 01:00:42 CET 2021
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=GTS CA 1O1, O=Google Trust Services, C=US
CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Thu Jun 15 02:00:42 CEST 2017
Wed Dec 15 01:00:42 CET 2021
Aug 20, 2020 21:55:36.279566050 CEST
172.217.168.67 443 192.168.2.4 49772 CN=*.google.ch, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US
CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Wed Jul 15 10:35:34 CEST 2020 Thu Jun 15 02:00:42 CEST 2017
Wed Oct 07 10:35:34 CEST 2020 Wed Dec 15 01:00:42 CET 2021
771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0
9e10692f1b7f78228b2d4e424db3a98c
CN=GTS CA 1O1, O=Google Trust Services, C=US
CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Thu Jun 15 02:00:42 CEST 2017
Wed Dec 15 01:00:42 CET 2021
Timestamp Source IPSourcePort Dest IP
DestPort Subject Issuer
NotBefore
NotAfter
JA3 SSLClientFingerprint JA3 SSL Client Digest
Copyright null 2020 Page 99 of 111
• AcroRd32.exe
• AcroRd32.exe
• RdrCEF.exe
• RdrCEF.exe
• RdrCEF.exe
• RdrCEF.exe
• RdrCEF.exe
• iexplore.exe
• iexplore.exe
Click to jump to process
System Behavior
File ActivitiesFile Activities
Start time: 21:53:23
Start date: 20/08/2020
Path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Wow64 process (32bit): true
Commandline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' 'C:\Users\user\Desktop\Survey--Debt Accumulation and Business Reorganization.pdf'
Imagebase: 0xc80000
File size: 2571312 bytes
MD5 hash: B969CF0C7B2C443A99034881E8C8740A
Has administrator privileges: false
Programmed in: C, C++ or other language
Reputation: low
File Path Access Attributes Options Completion CountSourceAddress Symbol
C:\Users\user\AppData\Local\Temp\acrord32_sbx read data or list directory | read attributes | write attributes | synchronize
device directory file | synchronous io non alert | open for backup ident | open reparse point
object name collision 1 CB65C3 CreateDirectoryExW
C:\Users\user\AppData\Local\Temp\acrocef_low read data or list directory | synchronize
device directory file | synchronous io non alert | open for backup ident | open reparse point
object name collision 1 CDAE05 CreateDirectoryW
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons read data or list directory | synchronize
device directory file | synchronous io non alert | open for backup ident
success or wait 1 CCEA85 NtCreateFile
Analysis Process: AcroRd32.exe PID: 6728 Parent PID: 5552Analysis Process: AcroRd32.exe PID: 6728 Parent PID: 5552
General
File CreatedFile Created
Copyright null 2020 Page 100 of 111
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-200821045335Z-329.bmp
read data or list directory | write data or add file | append data or add subdirectory or create pipe instance | read ea | write ea | read attributes | write attributes | read control | synchronize
device synchronous io non alert | non directory file
success or wait 1 CCEA85 NtCreateFile
C:\Users\user read data or list directory | synchronize
device directory file | synchronous io non alert | open for backup ident | open reparse point
object name collision 1 D483C8 HttpSendRequestA
C:\Users\user\AppData\Local read data or list directory | synchronize
device directory file | synchronous io non alert | open for backup ident | open reparse point
object name collision 1 D483C8 HttpSendRequestA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache read data or list directory | synchronize
device directory file | synchronous io non alert | open for backup ident | open reparse point
object name collision 1 D483C8 HttpSendRequestA
C:\Users\user read data or list directory | synchronize
device directory file | synchronous io non alert | open for backup ident | open reparse point
object name collision 1 D483C8 HttpSendRequestA
C:\Users\user\AppData\Local read data or list directory | synchronize
device directory file | synchronous io non alert | open for backup ident | open reparse point
object name collision 1 D483C8 HttpSendRequestA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies read data or list directory | synchronize
device directory file | synchronous io non alert | open for backup ident | open reparse point
object name collision 1 D483C8 HttpSendRequestA
C:\Users\user\AppData\Local\Temp\acrord32_sbx\A9Rq4zsrt_1ehf6n4_58k.tmp
read data or list directory | write data or add file | append data or add subdirectory or create pipe instance | read ea | write ea | read attributes | write attributes | read control | synchronize
device synchronous io non alert | non directory file
success or wait 1 CCEA85 NtCreateFile
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
read data or list directory | write data or add file | append data or add subdirectory or create pipe instance | read ea | write ea | read attributes | write attributes | read control | synchronize
device synchronous io non alert | non directory file
success or wait 4 CCEA85 NtCreateFile
File Path Access Attributes Options Completion CountSourceAddress Symbol
Copyright null 2020 Page 101 of 111
Registry ActivitiesRegistry Activities
C:\Users\user\AppData\Local\Temp\acrord32_sbx\A9Rd1ix6s_1ehf6n5_58k.tmp
read data or list directory | write data or add file | append data or add subdirectory or create pipe instance | read ea | write ea | read attributes | write attributes | read control | synchronize
device synchronous io non alert | non directory file
success or wait 1 CCEA85 NtCreateFile
C:\Users\user\AppData\Local\Temp\acrord32_sbx\A9R1iffzob_1ehf6n6_58k.tmp
read data or list directory | write data or add file | append data or add subdirectory or create pipe instance | read ea | write ea | read attributes | write attributes | read control | synchronize
device synchronous io non alert | non directory file
success or wait 1 CCEA85 NtCreateFile
C:\Users\user\AppData\Local\Temp\acrord32_sbx\A9Rcwcbbp_1ehf6n7_58k.tmp
read data or list directory | write data or add file | append data or add subdirectory or create pipe instance | read ea | write ea | read attributes | write attributes | read control | synchronize
device synchronous io non alert | non directory file
success or wait 1 CCEA85 NtCreateFile
C:\Users\user\AppData\Local\Temp\acrord32_sbx\A9R1ksukpv_1ehf6n8_58k.tmp
read data or list directory | write data or add file | append data or add subdirectory or create pipe instance | read ea | write ea | read attributes | write attributes | read control | synchronize
device synchronous io non alert | non directory file
success or wait 1 CCEA85 NtCreateFile
File Path Access Attributes Options Completion CountSourceAddress Symbol
File Path Offset Length Completion CountSourceAddress Symbol
Key Path Completion CountSourceAddress Symbol
HKEY_LOCAL_MACHINE\System\Acrobatbrokerserverdispatchercpp789 success or wait 1 CCCF19 RegCreateKeyW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent\cWin0 success or wait 1 CCD41D NtCreateKey
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent\cWin0\cTab0 success or wait 1 CCD41D NtCreateKey
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent\cWin0\cTab0\cPathInfo
success or wait 1 CCD41D NtCreateKey
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles success or wait 1 C8EA55 RegCreateKeyExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1 success or wait 1 C8EA55 RegCreateKeyExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2 success or wait 1 C8EA55 RegCreateKeyExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\TrustManager success or wait 1 CCD41D NtCreateKey
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\TrustManager\cDefaultLaunchURLPerms success or wait 1 CCD41D NtCreateKey
Key CreatedKey Created
Key Value CreatedKey Value Created
Copyright null 2020 Page 102 of 111
Key Path Name Type Data Completion CountSourceAddress Symbol
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
aFS unicode DOS success or wait 1 CDDF47 RegSetValueExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
tDIText unicode /C/Users/user/Desktop/Survey--Debt Accumulation and Business Reorganization.pdf
success or wait 1 CDDF47 RegSetValueExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
tFileName unicode Survey--Debt Accumulation and Business Reorganization.pdf
success or wait 1 CDDF47 RegSetValueExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
tFileSource unicode local success or wait 1 CDDF47 RegSetValueExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
sFileAncestors binary 5B 5D 00 success or wait 1 CDDF69 RegSetValueExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
sDI binary 2F 43 2F 55 73 65 72 73 2F 6A 6F 6E 65 73 2F 44 65 73 6B 74 6F 70 2F 53 75 72 76 65 79 2D 2D 44 65 62 74 20 41 63 63 75 6D 75 6C 61 74 69 6F 6E 20 61 6E 64 20 42 75 73 69 6E 65 73 73 20 52 65 6F 72 67 61 6E 69 7A 61 74 69 6F 6E 2E 70 64 66 00
success or wait 1 CDDF69 RegSetValueExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
sDate binary 44 3A 32 30 32 30 30 38 32 30 32 31 35 33 33 35 2D 30 37 27 30 30 27 00
success or wait 1 CDDF69 RegSetValueExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
uFileSize dword 1483159 success or wait 1 CDDF89 RegSetValueExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
uPageCount dword 4 success or wait 1 CDDF89 RegSetValueExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
aFS unicode CHTTP success or wait 1 CDDF47 RegSetValueExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
tDIText unicode http://www.adobe.com/go/homeacrordrunified18_2018
success or wait 1 CDDF47 RegSetValueExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
tFileName unicode Welcome.pdf success or wait 1 CDDF47 RegSetValueExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
sFileAncestors binary 5B 5D 00 success or wait 1 CDDF69 RegSetValueExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
sDI binary 68 74 74 70 3A 2F 2F 77 77 77 2E 61 64 6F 62 65 2E 63 6F 6D 2F 67 6F 2F 68 6F 6D 65 61 63 72 6F 72 64 72 75 6E 69 66 69 65 64 31 38 5F 32 30 31 38 00
success or wait 1 CDDF69 RegSetValueExW
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
sDate binary 44 3A 32 30 31 39 30 36 32 37 31 31 31 33 35 31 2D 30 37 27 30 30 27 00
success or wait 1 CDDF69 RegSetValueExW
File ActivitiesFile Activities
Start time: 21:53:24
Start date: 20/08/2020
Path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Wow64 process (32bit): true
Commandline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\Survey--Debt Accumulation and Business Reorganization.pdf'
Imagebase: 0xc80000
File size: 2571312 bytes
MD5 hash: B969CF0C7B2C443A99034881E8C8740A
Has administrator privileges: true
Programmed in: C, C++ or other language
Reputation: low
File Path Access Attributes Options Completion CountSourceAddress Symbol
File Path Completion CountSourceAddress Symbol
File Path Offset Length Value Ascii Completion CountSourceAddress Symbol
Analysis Process: AcroRd32.exe PID: 6788 Parent PID: 6728Analysis Process: AcroRd32.exe PID: 6788 Parent PID: 6728
General
Copyright null 2020 Page 103 of 111
Registry ActivitiesRegistry Activities
File Path Offset Length Completion CountSourceAddress Symbol
Key Path Name Type Data Completion CountSourceAddress Symbol
Key Path Name Type Old Data New Data Completion CountSourceAddress Symbol
File ActivitiesFile Activities
Start time: 21:53:34
Start date: 20/08/2020
Path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit): true
Commandline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043
Imagebase: 0xb30000
File size: 9475120 bytes
MD5 hash: 9AEBA3BACD721484391D15478A4080C7
Has administrator privileges: false
Programmed in: C, C++ or other language
Reputation: low
File Path Access Attributes Options Completion CountSourceAddress Symbol
File Path Completion CountSourceAddress Symbol
Old File Path New File Path Completion CountSourceAddress Symbol
File Path Offset Length Value Ascii Completion CountSourceAddress Symbol
File Path Offset Length Completion CountSourceAddress Symbol
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\index.html unknown 4096 success or wait 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\index.html unknown 4096 end of file 3 C259E2 ReadFile
\com.adobe.reader.rna.user.DC.0 unknown 4 success or wait 3 C383E5 ReadFile
\com.adobe.reader.rna.user.DC.0 unknown 57 success or wait 37 C38447 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\main.css
unknown 4096 success or wait 160 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\main.css
unknown 4096 end of file 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\init.js unknown 4096 success or wait 4 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\init.js unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\plugins.js unknown 4096 success or wait 18 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\plugins.js unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\base_uris.js unknown 4096 success or wait 6 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\base_uris.js unknown 4096 end of file 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\require\2.1.15\require.min.js
unknown 4096 success or wait 12 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\libs\require\2.1.15\require.min.js
unknown 4096 end of file 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\rna-main.js
unknown 4096 success or wait 1634 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\rna-main.js
unknown 4096 end of file 3 C259E2 ReadFile
Analysis Process: RdrCEF.exe PID: 6964 Parent PID: 6728Analysis Process: RdrCEF.exe PID: 6964 Parent PID: 6728
General
File ReadFile Read
Copyright null 2020 Page 104 of 111
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\main-cef.css
unknown 4096 success or wait 45 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\main-cef.css
unknown 4096 end of file 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\main-cef-ui-theme.css
unknown 4096 success or wait 9 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\main-cef-ui-theme.css
unknown 4096 end of file 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\main-cef-win.css
unknown 4096 success or wait 6 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\css\main-cef-win.css
unknown 4096 end of file 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\config.js
unknown 4096 success or wait 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\config.js
unknown 4096 end of file 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\desktop.js
unknown 4096 success or wait 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\desktop.js
unknown 4096 end of file 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\css\main-selector.css
unknown 4096 success or wait 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\css\main-selector.css
unknown 4096 end of file 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files-select\css\main-selector.css
unknown 4096 success or wait 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files-select\css\main-selector.css
unknown 4096 end of file 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\css\main.css
unknown 4096 success or wait 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\css\main.css
unknown 4096 end of file 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files-select\css\main.css
unknown 4096 success or wait 6 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files-select\css\main.css
unknown 4096 end of file 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\css\plugin-selectors.css
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\css\plugin-selectors.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\selector.js
unknown 4096 success or wait 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\selector.js
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\selector.js
unknown 4096 success or wait 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\selector.js
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files-select\js\selector.js
unknown 4096 success or wait 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files-select\js\selector.js
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\plugin.js
unknown 4096 success or wait 11 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files\js\plugin.js
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files-select\js\plugin.js
unknown 4096 success or wait 12 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-files-select\js\plugin.js
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\plugin.js
unknown 4096 success or wait 28 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files\js\plugin.js
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files-select\js\plugin.js
unknown 4096 success or wait 30 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\desktop-connector-files-select\js\plugin.js
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\js\plugins\rhp\exportpdf-rna-selector.js
unknown 4096 success or wait 44 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\js\plugins\rhp\exportpdf-rna-selector.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\css\home-selector.css
unknown 4096 success or wait 2 C259E2 ReadFile
File Path Offset Length Completion CountSourceAddress Symbol
Copyright null 2020 Page 105 of 111
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\css\home-selector.css
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\css\main.css
unknown 4096 success or wait 28 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\css\main.css
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\css\main.css
unknown 4096 success or wait 30 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\css\main.css
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\css\home-view.css
unknown 4096 success or wait 10 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\css\home-view.css
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\selector.js
unknown 4096 success or wait 10 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\selector.js
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\selector.js
unknown 4096 success or wait 10 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\selector.js
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\home-view\selector.js
unknown 4096 success or wait 10 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\home-view\selector.js
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\plugin.js
unknown 4096 success or wait 120 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\reviews\js\plugin.js
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\plugin.js
unknown 4096 success or wait 144 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\signatures\js\plugin.js
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\home-view\plugin.js
unknown 4096 success or wait 134 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\home-view\plugin.js
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\css\main.css
unknown 4096 success or wait 25 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\css\main.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\js\plugins\rhp\exportpdf-rna-tool-view.js
unknown 4096 success or wait 98 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\js\plugins\rhp\exportpdf-rna-tool-view.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\core_icons.png
unknown 4096 success or wait 16 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\core_icons.png
unknown 4096 end of file 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\images\rhp_world_icon.png
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\aicuc\images\rhp_world_icon.png
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\spectrum_spinner.svg
unknown 4096 success or wait 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\images\spectrum_spinner.svg
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\css\main-selector.css
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\css\main-selector.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\css\main-selector.css
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\css\main-selector.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\css\main-selector.css
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\css\main-selector.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\css\main.css
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\css\main.css
unknown 4096 end of file 1 C259E2 ReadFile
File Path Offset Length Completion CountSourceAddress Symbol
Copyright null 2020 Page 106 of 111
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\css\main.css
unknown 4096 success or wait 3 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\css\main.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\css\main.css
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\css\main.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\js\selector.js
unknown 4096 success or wait 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\js\selector.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\selector.js
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\selector.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\selector.js
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\selector.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\js\plugin.js
unknown 4096 success or wait 4 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\home\js\plugin.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\plugin.js
unknown 4096 success or wait 85 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\uss-search\js\plugin.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\plugin.js
unknown 4096 success or wait 4 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\sign-services-auth\js\plugin.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\css\main-selector.css
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\css\main-selector.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\css\main-selector.css
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\css\main-selector.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\css\main-selector.css
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\css\main-selector.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\css\main-selector.css
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\css\main-selector.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\css\main-selector.css
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\css\main-selector.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\css\main.css
unknown 4096 success or wait 8 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\css\main.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\css\main.css
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\css\main.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\css\main.css
unknown 4096 success or wait 163 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\css\main.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\css\main.css
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\css\main.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\selector.js
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\selector.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\selector.js
unknown 4096 success or wait 1 C259E2 ReadFile
File Path Offset Length Completion CountSourceAddress Symbol
Copyright null 2020 Page 107 of 111
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\selector.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\selector.js
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\add-account\js\selector.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\selector.js
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\selector.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\selector.js
unknown 4096 success or wait 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\selector.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\plugin.js
unknown 4096 success or wait 75 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\scan-files\js\plugin.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\css\main-selector.css
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\css\main-selector.css
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\plugin.js
unknown 4096 success or wait 6 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-computer\js\plugin.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\plugin.js
unknown 4096 success or wait 16 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\activity-badge\js\plugin.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\plugin.js
unknown 4096 success or wait 5 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\app-center\js\plugin.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\selector.js
unknown 4096 success or wait 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\search-summary\js\selector.js
unknown 4096 end of file 1 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-recent-files\js\selector.js
unknown 4096 success or wait 2 C259E2 ReadFile
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\my-recent-files\js\selector.js
unknown 4096 end of file 1 C259E2 ReadFile
\com.adobe.reader.rna.user.DC.0 unknown 4 pipe broken 1 C383E5 ReadFile
File Path Offset Length Completion CountSourceAddress Symbol
Start time: 21:53:37
Start date: 20/08/2020
Path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit): true
Commandline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1692,3667437398516176857,6754206857185316677,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=16727687707754831113 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16727687707754831113 --renderer-client-id=2 --mojo-platform-channel-handle=1700 --allow-no-sandbox-job /prefetch:1
Imagebase: 0xb30000
File size: 9475120 bytes
MD5 hash: 9AEBA3BACD721484391D15478A4080C7
Has administrator privileges: false
Programmed in: C, C++ or other language
Reputation: low
Analysis Process: RdrCEF.exe PID: 7132 Parent PID: 6964Analysis Process: RdrCEF.exe PID: 7132 Parent PID: 6964
General
Copyright null 2020 Page 108 of 111
File ActivitiesFile Activities
File Path Offset Length Completion CountSourceAddress Symbol
File ActivitiesFile Activities
Start time: 21:53:40
Start date: 20/08/2020
Path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit): true
Commandline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1692,3667437398516176857,6754206857185316677,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=17724554824988114311 --mojo-platform-channel-handle=1688 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2
Imagebase: 0xb30000
File size: 9475120 bytes
MD5 hash: 9AEBA3BACD721484391D15478A4080C7
Has administrator privileges: true
Programmed in: C, C++ or other language
Reputation: low
File Path Offset Length Completion CountSourceAddress Symbol
File ActivitiesFile Activities
Start time: 21:53:42
Start date: 20/08/2020
Path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit): true
Commandline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1692,3667437398516176857,6754206857185316677,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=9859498215506974923 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9859498215506974923 --renderer-client-id=4 --mojo-platform-channel-handle=1836 --allow-no-sandbox-job /prefetch:1
Imagebase: 0xb30000
File size: 9475120 bytes
MD5 hash: 9AEBA3BACD721484391D15478A4080C7
Has administrator privileges: false
Programmed in: C, C++ or other language
Reputation: low
File Path Offset Length Completion CountSourceAddress Symbol
Analysis Process: RdrCEF.exe PID: 5364 Parent PID: 6964Analysis Process: RdrCEF.exe PID: 5364 Parent PID: 6964
General
Analysis Process: RdrCEF.exe PID: 412 Parent PID: 6964Analysis Process: RdrCEF.exe PID: 412 Parent PID: 6964
General
Copyright null 2020 Page 109 of 111
File ActivitiesFile Activities
Start time: 21:53:44
Start date: 20/08/2020
Path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit): true
Commandline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1692,3667437398516176857,6754206857185316677,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=6776044376724744051 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6776044376724744051 --renderer-client-id=5 --mojo-platform-channel-handle=2128 --allow-no-sandbox-job /prefetch:1
Imagebase: 0xb30000
File size: 9475120 bytes
MD5 hash: 9AEBA3BACD721484391D15478A4080C7
Has administrator privileges: false
Programmed in: C, C++ or other language
Reputation: low
File Path Offset Length Completion CountSourceAddress Symbol
File ActivitiesFile Activities
Registry ActivitiesRegistry Activities
Start time: 21:54:59
Start date: 20/08/2020
Path: C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit): false
Commandline: 'C:\Program Files\Internet Explorer\iexplore.exe' https://www.coface.com/News-Publications/News/Are-corporate-balance-sheets-in-Spain-and-Italy-ready-
Imagebase: 0x7ff700950000
File size: 823560 bytes
MD5 hash: 6465CB92B25A7BC1DF8E01D8AC5E7596
Has administrator privileges: false
Programmed in: C, C++ or other language
Reputation: low
File Path Access Attributes Options Completion CountSourceAddress Symbol
File Path Offset Length Value Ascii Completion CountSourceAddress Symbol
File Path Offset Length Completion CountSourceAddress Symbol
Key Path Completion CountSourceAddress Symbol
Key Path Name Type Data Completion CountSourceAddress Symbol
Analysis Process: RdrCEF.exe PID: 5820 Parent PID: 6964Analysis Process: RdrCEF.exe PID: 5820 Parent PID: 6964
General
Analysis Process: iexplore.exe PID: 3160 Parent PID: 6728Analysis Process: iexplore.exe PID: 3160 Parent PID: 6728
General
Copyright null 2020 Page 110 of 111
Disassembly
Code Analysis
Key Path Name Type Old Data New Data Completion CountSourceAddress Symbol
File ActivitiesFile Activities
Start time: 21:55:00
Start date: 20/08/2020
Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit): true
Commandline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3160 CREDAT:17410 /prefetch:2
Imagebase: 0xed0000
File size: 822536 bytes
MD5 hash: 071277CC2E3DF41EEEA8013E2AB58D5A
Has administrator privileges: false
Programmed in: C, C++ or other language
Reputation: low
File Path Access Attributes Options Completion CountSourceAddress Symbol
File Path Offset Length Value Ascii Completion CountSourceAddress Symbol
File Path Offset Length Completion CountSourceAddress Symbol
Analysis Process: iexplore.exe PID: 5620 Parent PID: 3160Analysis Process: iexplore.exe PID: 5620 Parent PID: 3160
General
Copyright null 2020 Page 111 of 111
