Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
https://t.infomail.microsoft.com/r/?id=h56495708,550d4cc3,550efed9&e=b2NpZD0&s=NPL3wY6rhZZOI7vpy7HRRpRseMLYTNK_pRqROD10Y9w

Overview

General Information

Sample URL:https://t.infomail.microsoft.com/r/?id=h56495708,550d4cc3,550efed9&e=b2NpZD0&s=NPL3wY6rhZZOI7vpy7HRRpRseMLYTNK_pRqROD10Y9w
Analysis ID:1413840
Infos:

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

HTML title does not match URL

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • chrome.exe (PID: 1740 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4520 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1984,i,11009249731134780383,10756960108393307057,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6532 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://t.infomail.microsoft.com/r/?id=h56495708,550d4cc3,550efed9&e=b2NpZD0&s=NPL3wY6rhZZOI7vpy7HRRpRseMLYTNK_pRqROD10Y9w" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

  • Phishing
  • Compliance
  • Networking
  • System Summary

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=22&ct=1711088558&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1HTTP Parser: Title: Sign in to your Microsoft account does not match URL
Source: https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=22&ct=1711088558&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1HTTP Parser: No <meta name="author".. found
Source: https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=22&ct=1711088558&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1HTTP Parser: No <meta name="author".. found
Source: https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=22&ct=1711088558&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1HTTP Parser: No <meta name="copyright".. found
Source: https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=22&ct=1711088558&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1HTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 69.192.108.161:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 69.192.108.161:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.192.108.161
Source: unknownTCP traffic detected without corresponding DNS query: 69.164.46.128
Source: unknownTCP traffic detected without corresponding DNS query: 69.164.46.128
Source: unknownTCP traffic detected without corresponding DNS query: 69.164.46.128
Source: unknownTCP traffic detected without corresponding DNS query: 69.164.46.128
Source: unknownTCP traffic detected without corresponding DNS query: 69.164.46.128
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /?v=managestorage&ocid=cmm4esjh8wf HTTP/1.1Host: onedrive.live.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/5/js/login_en_4XWJLQsDnjOrefMiFTdF2g2.js HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/5/chunks/oneds-analytics-js_c53074e74ebeb8e140d6_en.js HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/5/images/2_bc3d32a696895f78c19d.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/5/images/signin_options_4e48046ce74f4b89d450.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/5/images/2_bc3d32a696895f78c19d.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /16.000.30141.5/images/favicon.ico HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/5/images/signin_options_4e48046ce74f4b89d450.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /16.000.30141.5/images/favicon.ico HTTP/1.1Host: logincdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: unknownDNS traffic detected: queries for: onedrive.live.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownHTTPS traffic detected: 69.192.108.161:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 69.192.108.161:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: classification engineClassification label: clean0.win@17/20@10/6
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1984,i,11009249731134780383,10756960108393307057,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://t.infomail.microsoft.com/r/?id=h56495708,550d4cc3,550efed9&e=b2NpZD0&s=NPL3wY6rhZZOI7vpy7HRRpRseMLYTNK_pRqROD10Y9w"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1984,i,11009249731134780383,10756960108393307057,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeAutomated click: Next
Source: C:\Program Files\Google\Chrome\Application\chrome.exeAutomated click: Next
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1413840 URL: https://t.infomail.microsof... Startdate: 22/03/2024 Architecture: WINDOWS Score: 0 5 chrome.exe 1 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.4, 138, 443, 49322 unknown unknown 5->13 15 239.255.255.250 unknown Reserved 5->15 10 chrome.exe 5->10         started        process4 dnsIp5 17 dual-spov-0006.spov-msedge.net 13.107.137.11, 443, 49739 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 10->17 19 part-0012.t-0009.t-msedge.net 13.107.246.40, 443, 49744, 49745 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 10->19 21 10 other IPs or domains 10->21

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://t.infomail.microsoft.com/r/?id=h56495708,550d4cc3,550efed9&e=b2NpZD0&s=NPL3wY6rhZZOI7vpy7HRRpRseMLYTNK_pRqROD10Y9w0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://logincdn.msftauth.net/shared/5/js/login_en_4XWJLQsDnjOrefMiFTdF2g2.js0%Avira URL Cloudsafe
https://logincdn.msftauth.net/shared/5/chunks/oneds-analytics-js_c53074e74ebeb8e140d6_en.js0%Avira URL Cloudsafe
https://logincdn.msftauth.net/16.000.30141.5/images/favicon.ico0%Avira URL Cloudsafe
https://logincdn.msftauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg0%Avira URL Cloudsafe
https://logincdn.msftauth.net/shared/5/images/signin_options_4e48046ce74f4b89d450.svg0%Avira URL Cloudsafe
https://logincdn.msftauth.net/shared/5/images/2_bc3d32a696895f78c19d.svg0%Avira URL Cloudsafe
https://logincdn.msftauth.net/shared/5/images/signin_options_4e48046ce74f4b89d450.svg0%VirustotalBrowse
https://logincdn.msftauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg0%VirustotalBrowse
https://logincdn.msftauth.net/16.000.30141.5/images/favicon.ico0%VirustotalBrowse
https://logincdn.msftauth.net/shared/5/chunks/oneds-analytics-js_c53074e74ebeb8e140d6_en.js0%VirustotalBrowse
https://logincdn.msftauth.net/shared/5/js/login_en_4XWJLQsDnjOrefMiFTdF2g2.js0%VirustotalBrowse

Domains and IPs

Download Network PCAP: filteredfull

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
dual-spov-0006.spov-msedge.net
13.107.137.11
truefalse
    		unknown
    sni1gl.wpc.alphacdn.net
    		152.195.19.97
    		truefalse
      		unknown
      www.google.com
      		142.251.35.164
      		truefalse
        		high
        cs1227.wpc.alphacdn.net
        		192.229.211.199
        		truefalse
          		unknown
          part-0012.t-0009.t-msedge.net
          		13.107.246.40
          		truefalse
            		unknown
            fp2e7a.wpc.phicdn.net
            		192.229.211.108
            		truefalse
              		unknown
              onedrive.live.com
              		unknown
              		unknownfalse
                		high
                logincdn.msftauth.net
                		unknown
                		unknownfalse
                  		unknown
                  acctcdn.msftauth.net
                  		unknown
                  		unknownfalse
                    		unknown

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://logincdn.msftauth.net/shared/5/js/login_en_4XWJLQsDnjOrefMiFTdF2g2.jsfalse
                    • 0%, Virustotal, Browse
                    • Avira URL Cloud: safe
                    		unknown
                    https://logincdn.msftauth.net/shared/5/chunks/oneds-analytics-js_c53074e74ebeb8e140d6_en.jsfalse
                    • 0%, Virustotal, Browse
                    • Avira URL Cloud: safe
                    		unknown
                    https://logincdn.msftauth.net/shared/5/images/signin_options_4e48046ce74f4b89d450.svgfalse
                    • 0%, Virustotal, Browse
                    • Avira URL Cloud: safe
                    		unknown
                    https://logincdn.msftauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svgfalse
                    • 0%, Virustotal, Browse
                    • Avira URL Cloud: safe
                    		unknown
                    https://logincdn.msftauth.net/16.000.30141.5/images/favicon.icofalse
                    • 0%, Virustotal, Browse
                    • Avira URL Cloud: safe
                    		unknown
                    https://onedrive.live.com/?v=managestorage&ocid=cmm4esjh8wffalse
                      		high
                      https://logincdn.msftauth.net/shared/5/images/2_bc3d32a696895f78c19d.svgfalse
                      • Avira URL Cloud: safe
                      		unknown

                      World Map of Contacted IPs

                      • No. of IPs < 25%
                      • 25% < No. of IPs < 50%
                      • 50% < No. of IPs < 75%
                      • 75% < No. of IPs

                      Public IPs

                      IPDomainCountryFlagASNASN NameMalicious
                      13.107.137.11
                      		dual-spov-0006.spov-msedge.netUnited States
                      		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                      13.107.246.40
                      		part-0012.t-0009.t-msedge.netUnited States
                      		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                      192.229.211.199
                      		cs1227.wpc.alphacdn.netUnited States
                      		15133EDGECASTUSfalse
                      239.255.255.250
                      		unknownReserved
                      		unknownunknownfalse
                      142.251.35.164
                      		www.google.comUnited States
                      		15169GOOGLEUSfalse

                      Private

                      IP
                      192.168.2.4

                      General Information

                      Joe Sandbox version:40.0.0 Tourmaline
                      Analysis ID:1413840
                      Start date and time:2024-03-22 07:21:46 +01:00
                      Joe Sandbox product:CloudBasic
                      Overall analysis duration:0h 3m 10s
                      Hypervisor based Inspection enabled:false
                      Report type:full
                      Cookbook file name:browseurl.jbs
                      Sample URL:https://t.infomail.microsoft.com/r/?id=h56495708,550d4cc3,550efed9&e=b2NpZD0&s=NPL3wY6rhZZOI7vpy7HRRpRseMLYTNK_pRqROD10Y9w
                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                      Number of analysed new started processes analysed:8
                      Number of new started drivers analysed:0
                      Number of existing processes analysed:0
                      Number of existing drivers analysed:0
                      Number of injected processes analysed:0
                      Technologies:
                      • HCA enabled
                      • EGA enabled
                      • AMSI enabled
                      Analysis Mode:default
                      Analysis stop reason:Timeout
                      Detection:CLEAN
                      Classification:clean0.win@17/20@10/6
                      EGA Information:Failed
                      HCA Information:
                      • Successful, ratio: 100%
                      • Number of executed functions: 0
                      • Number of non-executed functions: 0
                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                      • Excluded IPs from analysis (whitelisted): 142.250.72.99, 142.251.40.238, 142.251.111.84, 34.104.35.123, 20.97.219.252, 69.192.109.165, 40.126.24.149, 20.190.152.20, 40.126.24.83, 20.190.152.19, 20.190.152.22, 40.126.24.148, 40.126.24.81, 40.126.24.82, 142.250.81.234, 142.251.40.138, 142.251.41.10, 142.250.64.106, 142.250.72.106, 142.250.80.42, 142.250.80.74, 142.250.80.106, 142.250.176.202, 142.251.40.202, 142.251.40.106, 142.250.65.170, 142.250.65.202, 142.250.65.234, 142.251.40.170, 142.251.40.234, 20.42.72.131, 20.189.173.11, 20.114.59.183, 104.102.251.89, 104.102.251.17, 192.229.211.108, 13.95.31.18, 20.3.187.198, 142.251.35.163
                      • Excluded domains from analysis (whitelisted): logincdn.msauth.net, odc-web-brs.onedrive.akadns.net, lgincdnmsftuswe2.azureedge.net, slscr.update.microsoft.com, clientservices.googleapis.com, browser.events.data.trafficmanager.net, a767.dspw65.akamai.net, acctcdn.msauth.net, acctcdn.trafficmanager.net, e11290.dspg.akamaiedge.net, mscom-mkt-prod8-lb.campaign.adobe.com, clients2.google.com, go.microsoft.com, onedscolprdwus10.westus.cloudapp.azure.com, ocsp.digicert.com, login.live.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, acctcdnvzeuno.azureedge.net, acctcdnvzeuno.ec.azureedge.net, glb.sls.prod.dcat.dsp.trafficmanager.net, prdv4a.aadg.msidentity.com, fs.microsoft.com, acctcdnmsftuswe2.azureedge.net, accounts.google.com, odc-web-geo.onedrive.akadns.net, content-autofill.googleapis.com, www.tm.v4.a.prd.aadg.akadns.net, acctcdnmsftuswe2.afd.azureedge.net, lgincdnvzeuno.ec.azureedge.net, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.n
                      • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                      • Not all processes where analyzed, report is missing behavior information
                      • Report size getting too big, too many NtSetInformationFile calls found.

                      Simulations

                      Behavior and APIs

                      No simulations

                      Joe Sandbox View / Context

                      IPs

                      No context

                      Domains

                      No context

                      ASNs

                      No context

                      JA3 Fingerprints

                      No context

                      Dropped Files

                      No context

                      Created / dropped Files

                      Chrome Cache Entry: 47

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
                      Category:downloaded
                      Size (bytes):17174
                      Entropy (8bit):2.9129715116732746
                      Encrypted:false
                      SSDEEP:24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO
                      MD5:12E3DAC858061D088023B2BD48E2FA96
                      SHA1:E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
                      SHA-256:90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
                      SHA-512:C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
                      Malicious:false
                      Reputation:low
                      URL:https://logincdn.msftauth.net/16.000.30141.5/images/favicon.ico
                      Preview:..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

                      Chrome Cache Entry: 48

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:SVG Scalable Vector Graphics image
                      Category:dropped
                      Size (bytes):1592
                      Entropy (8bit):4.205005284721148
                      Encrypted:false
                      SSDEEP:48:ztSAS1OtmCtc7aIVmt4yyR9S2lKUyDWwh:RoOtmCtc7aCmVQHSRh
                      MD5:4E48046CE74F4B89D45037C90576BFAC
                      SHA1:4A41B3B51ED787F7B33294202DA72220C7CD2C32
                      SHA-256:8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
                      SHA-512:B2BBA2A68EDAA1A08CFA31ED058AFB5E6A3150AABB9A78DB9F5CCC2364186D44A015986A57707B57E2CC855FA7DA57861AD19FC4E7006C2C239C98063FE903CF
                      Malicious:false
                      Reputation:low
                      Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><defs><style>.a{fill:none;}.b{fill:#404040;}</style></defs><rect class="a" width="48" height="48"/><path class="b" d="M40,32.578V40H32V36H28V32H24V28.766A10.689,10.689,0,0,1,19,30a10.9,10.9,0,0,1-5.547-1.5,11.106,11.106,0,0,1-2.219-1.719A11.373,11.373,0,0,1,9.5,24.547a10.4,10.4,0,0,1-1.109-2.625A11.616,11.616,0,0,1,8,19a10.9,10.9,0,0,1,1.5-5.547,11.106,11.106,0,0,1,1.719-2.219A11.373,11.373,0,0,1,13.453,9.5a10.4,10.4,0,0,1,2.625-1.109A11.616,11.616,0,0,1,19,8a10.9,10.9,0,0,1,5.547,1.5,11.106,11.106,0,0,1,2.219,1.719A11.373,11.373,0,0,1,28.5,13.453a10.4,10.4,0,0,1,1.109,2.625A11.616,11.616,0,0,1,30,19a10.015,10.015,0,0,1-.125,1.578,10.879,10.879,0,0,1-.359,1.531Zm-2,.844L27.219,22.641a14.716,14.716,0,0,0,.562-1.782A7.751,7.751,0,0,0,28,19a8.786,8.786,0,0,0-.7-3.5,8.9,8.9,0,0,0-1.938-2.859A9.269,9.269,0,0,0,22.5,10.719,8.9,8.9,0,0,0,19,10a8.786,8.786,0,0,0-3.5.7,8.9,8.9,0,0,0-2.859,1.938A9.269,9.269,0,0,0,

                      Chrome Cache Entry: 49

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (65436)
                      Category:downloaded
                      Size (bytes):90613
                      Entropy (8bit):5.3296525719025665
                      Encrypted:false
                      SSDEEP:768:UVEDx3ySKZOP00d5TjMSYzSRRM1d0YjSRpUKHHacTItx7vtn1yC0JalF1rmq6Llj:U+0Z9yFrGi8SRGfyC0JalFx3gKaD
                      MD5:8C23B3506E2A888DDE241C243149E71D
                      SHA1:F2A4C763A4BF50A0FA212FAA0A14FE837B0741E6
                      SHA-256:F6CA33591EFE5EAA905F49F5CB0D0643080DBC045865F02DC88F33DC7DDC7C33
                      SHA-512:581DB58643509958DEBD85B5EB1CAC59DC7084BC99A647976AD2A3722A8E5836BA9C5EAF6E8EB27B768D8B5A4E52D46A936141188A92A0968CAE41DEFC17A5C8
                      Malicious:false
                      Reputation:low
                      URL:https://logincdn.msftauth.net/shared/5/chunks/oneds-analytics-js_c53074e74ebeb8e140d6_en.js
                      Preview:/*! For license information please see oneds-analytics-js_c53074e74ebeb8e140d6_en.js.LICENSE.txt */."use strict";(self.webpackChunk_msidentity_sisu_msa=self.webpackChunk_msidentity_sisu_msa||[]).push([[251],{41696:function(n,e,t){t.r(e),t.d(e,{AppInsightsCore:function(){return qo},ApplicationInsights:function(){return ja},BE_PROFILE:function(){return Vo},BaseTelemetryPlugin:function(){return di},Cloud:function(){return Vi},CoreUtils:function(){return Hr},Device:function(){return Xi},DiagnosticLogger:function(){return et},EventLatency:function(){return Ga},EventPersistence:function(){return Qa},EventsDiscardedReason:function(){return Ho},InternalAppInsightsCore:function(){return Ko},Loc:function(){return $i},LoggingSeverity:function(){return Wa},MinChannelPriorty:function(){return $a},NRT_PROFILE:function(){return Wo},NotificationManager:function(){return Uo},PostChannel:function(){return qa},PropertiesPlugin:function(){return Po},RT_PROFILE:function(){return jo},Session:function(){retu

                      Chrome Cache Entry: 50

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:SVG Scalable Vector Graphics image
                      Category:downloaded
                      Size (bytes):1592
                      Entropy (8bit):4.205005284721148
                      Encrypted:false
                      SSDEEP:48:ztSAS1OtmCtc7aIVmt4yyR9S2lKUyDWwh:RoOtmCtc7aCmVQHSRh
                      MD5:4E48046CE74F4B89D45037C90576BFAC
                      SHA1:4A41B3B51ED787F7B33294202DA72220C7CD2C32
                      SHA-256:8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
                      SHA-512:B2BBA2A68EDAA1A08CFA31ED058AFB5E6A3150AABB9A78DB9F5CCC2364186D44A015986A57707B57E2CC855FA7DA57861AD19FC4E7006C2C239C98063FE903CF
                      Malicious:false
                      Reputation:low
                      URL:https://logincdn.msftauth.net/shared/5/images/signin_options_4e48046ce74f4b89d450.svg
                      Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><defs><style>.a{fill:none;}.b{fill:#404040;}</style></defs><rect class="a" width="48" height="48"/><path class="b" d="M40,32.578V40H32V36H28V32H24V28.766A10.689,10.689,0,0,1,19,30a10.9,10.9,0,0,1-5.547-1.5,11.106,11.106,0,0,1-2.219-1.719A11.373,11.373,0,0,1,9.5,24.547a10.4,10.4,0,0,1-1.109-2.625A11.616,11.616,0,0,1,8,19a10.9,10.9,0,0,1,1.5-5.547,11.106,11.106,0,0,1,1.719-2.219A11.373,11.373,0,0,1,13.453,9.5a10.4,10.4,0,0,1,2.625-1.109A11.616,11.616,0,0,1,19,8a10.9,10.9,0,0,1,5.547,1.5,11.106,11.106,0,0,1,2.219,1.719A11.373,11.373,0,0,1,28.5,13.453a10.4,10.4,0,0,1,1.109,2.625A11.616,11.616,0,0,1,30,19a10.015,10.015,0,0,1-.125,1.578,10.879,10.879,0,0,1-.359,1.531Zm-2,.844L27.219,22.641a14.716,14.716,0,0,0,.562-1.782A7.751,7.751,0,0,0,28,19a8.786,8.786,0,0,0-.7-3.5,8.9,8.9,0,0,0-1.938-2.859A9.269,9.269,0,0,0,22.5,10.719,8.9,8.9,0,0,0,19,10a8.786,8.786,0,0,0-3.5.7,8.9,8.9,0,0,0-2.859,1.938A9.269,9.269,0,0,0,

                      Chrome Cache Entry: 51

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with no line terminators
                      Category:downloaded
                      Size (bytes):20
                      Entropy (8bit):3.8464393446710154
                      Encrypted:false
                      SSDEEP:3:Sic/Cm:Sic/Cm
                      MD5:FFDF36EA8BC44BB187C17DE113EE5C5F
                      SHA1:315CCB39356B97B40797BB2AF89A7397B66D7EFE
                      SHA-256:B0613ED71834B726DC1241F28B12071A64B0CC19D99B33D834F1C06062BFE280
                      SHA-512:12D8B8487AEC51A95D945F8E2819DC7151D019DB09A8C1F76D463C63AA40CE3ABDBA08DA3FC4B0C20A311691C1AA24384C6B06EF5EC267F3240AF2FFB3F780E9
                      Malicious:false
                      Reputation:low
                      URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAlCt3QpV_m2AhIFDdFbUVI=?alt=proto
                      Preview:Cg0KCw3RW1FSGgQIZBgC

                      Chrome Cache Entry: 52

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:SVG Scalable Vector Graphics image
                      Category:dropped
                      Size (bytes):1864
                      Entropy (8bit):5.222032823730197
                      Encrypted:false
                      SSDEEP:48:yvswNIBLBpJawmMH44log6gw/MHm7pJroog6gwkMH9Xog6gwdMHdqdyqog7C:ykfXYx+odPcs9B
                      MD5:BC3D32A696895F78C19DF6C717586A5D
                      SHA1:9191CB156A30A3ED79C44C0A16C95159E8FF689D
                      SHA-256:0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
                      SHA-512:8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64
                      Malicious:false
                      Reputation:low
                      Preview:<svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6z" fill="url(#A)"/><path d="M394.2 1815.6c746.58 0 1351.8-493.2 1351.8-1101.6S1140.78-387.6 394.2-387.6-957.6 105.603-957.6 714-352.38 1815.6 394.2 1815.6z" fill="url(#B)"/><path d="M1548.6 1885.2c631.92 0 1144.2-417.45 1144.2-932.4S2180.52 20.4 1548.6 20.4 404.4 437.85 404.4 952.8s512.276 932.4 1144.2 932.4z" fill="url(#C)"/><path d="M265.8 1215.6c690.246 0 1249.8-455.595 1249.8-1017.6S956.046-819.6 265.8-819.6-984-364.005-984 198-424.445 1215.6 265.8 1215.6z" fill="url(#D)"/></g><defs><radialGradient id="A" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(1466.4 393.6) rotate(90) scale(1401.6 1720.8)"><stop stop-color="#107c10"/><stop offset="1" stop-color="#c4c4c4" stop-opacity="0"/></radialGradient><r

                      Chrome Cache Entry: 53

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JSON data
                      Category:dropped
                      Size (bytes):72
                      Entropy (8bit):4.241202481433726
                      Encrypted:false
                      SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                      MD5:9E576E34B18E986347909C29AE6A82C6
                      SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                      SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                      SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                      Malicious:false
                      Reputation:low
                      Preview:{"Message":"The requested resource does not support http method 'GET'."}

                      Chrome Cache Entry: 54

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
                      Category:dropped
                      Size (bytes):17174
                      Entropy (8bit):2.9129715116732746
                      Encrypted:false
                      SSDEEP:24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO
                      MD5:12E3DAC858061D088023B2BD48E2FA96
                      SHA1:E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
                      SHA-256:90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
                      SHA-512:C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
                      Malicious:false
                      Reputation:low
                      Preview:..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

                      Chrome Cache Entry: 55

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JSON data
                      Category:dropped
                      Size (bytes):72
                      Entropy (8bit):4.241202481433726
                      Encrypted:false
                      SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                      MD5:9E576E34B18E986347909C29AE6A82C6
                      SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                      SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                      SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                      Malicious:false
                      Reputation:low
                      Preview:{"Message":"The requested resource does not support http method 'GET'."}

                      Chrome Cache Entry: 56

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (65470)
                      Category:downloaded
                      Size (bytes):887551
                      Entropy (8bit):5.418722467225116
                      Encrypted:false
                      SSDEEP:6144:4+WApOIxJhpHKlpmM1axRN8kReGmLCMGoY1KD+ylNYvb2ooTujY40dvYbD48qMQu:ZK8RekRWLCQ+0NiaUlEqd
                      MD5:E175892D0B039E33AB79F322153745DA
                      SHA1:284440C3C1A0767113260898B6BBC8EC21E35C4B
                      SHA-256:1A4D3768384D0C5443F8187F67EE73A15C15A9281E7960F3F8F00C0DB17A7E7D
                      SHA-512:6235C58433E167C1952E66ADB775881CE5B72D30F404F6C1EA71D5EA57C7E75E314072BED6D8E18942BDD63F19CDAD0F91EB68C6B258522922974C7A48B2DD7B
                      Malicious:false
                      Reputation:low
                      URL:https://logincdn.msftauth.net/shared/5/js/login_en_4XWJLQsDnjOrefMiFTdF2g2.js
                      Preview:/*! For license information please see login_en.js.LICENSE.txt */.!function(){var e,t,n,r,o={97206:function(e,t,n){"use strict";var r=n(9384),o={childContextTypes:!0,contextType:!0,contextTypes:!0,defaultProps:!0,displayName:!0,getDefaultProps:!0,getDerivedStateFromError:!0,getDerivedStateFromProps:!0,mixins:!0,propTypes:!0,type:!0},i={name:!0,length:!0,prototype:!0,caller:!0,callee:!0,arguments:!0,arity:!0},a={$$typeof:!0,compare:!0,defaultProps:!0,displayName:!0,propTypes:!0,type:!0},l={};function s(e){return r.isMemo(e)?a:l[e.$$typeof]||o}l[r.ForwardRef]={$$typeof:!0,render:!0,defaultProps:!0,displayName:!0,propTypes:!0},l[r.Memo]=a;var c=Object.defineProperty,u=Object.getOwnPropertyNames,d=Object.getOwnPropertySymbols,f=Object.getOwnPropertyDescriptor,p=Object.getPrototypeOf,g=Object.prototype;e.exports=function e(t,n,r){if("string"!=typeof n){if(g){var o=p(n);o&&o!==g&&e(t,o,r)}var a=u(n);d&&(a=a.concat(d(n)));for(var l=s(t),m=s(n),h=0;h<a.length;++h){var b=a[h];if(!(i[b]||r&&r[b]

                      Chrome Cache Entry: 57

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:SVG Scalable Vector Graphics image
                      Category:downloaded
                      Size (bytes):3651
                      Entropy (8bit):4.094801914706141
                      Encrypted:false
                      SSDEEP:96:wO4DZ+Stb/jY+eo4hAryAes9mBYYQgWLDm9:wToSBjlevudl9nO
                      MD5:EE5C8D9FB6248C938FD0DC19370E90BD
                      SHA1:D01A22720918B781338B5BBF9202B241A5F99EE4
                      SHA-256:04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
                      SHA-512:C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58
                      Malicious:false
                      Reputation:low
                      URL:https://logincdn.msftauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg
                      Preview:<svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0,0,1,.419-.967,1.413,1.413,0,0,1,1-.39,1.392,1.392,0,0,1,1.02.4,1.3,1.3,0,0,1,.4.958,1.248,1.248,0,0,1-.414.953,1.428,1.428,0,0,1-1.01.385A1.4,1.4,0,0,1,47.25,6.6a1.261,1.261,0,0,1-.409-.948M49.41,18.4H47.081V8.507H49.41Zm7.064-1.694a3.213,3.213,0,0,0,1.145-.241,4.811,4.811,0,0,0,1.155-.635V18a4.665,4.665,0,0,1-1.266.481,6.886,6.886,0,0,1-1.554.164,4.707,4.707,0,0,1-4.918-4.908,5.641,5.641,0,0,1,1.4-3.932,5.055,5.055,0,0,1,3.955-1.545,5.414,5.414,0,0,1,1.324.168,4.431,4.431,0,0,1,1.063.39v2.233a4.763,4.763,0,0,0-1.1-.611,3.184,3.184,0,0,0-1.15-.217,2.919,2.919,0,0,0-2.223.9,3.37,3.37,0,0,0-.847,2.416,3.216,3.216,0,0,0,.813,2.338,2.936,2.936,0,0,0,2.209.837M65.4,8.343a2.952,2.952,0,0,1,.5.039,2.1,2.1,0,0,1,.375.1v2.358a2.04,2.04,0,0,0-.

                      Chrome Cache Entry: 58

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:SVG Scalable Vector Graphics image
                      Category:downloaded
                      Size (bytes):1864
                      Entropy (8bit):5.222032823730197
                      Encrypted:false
                      SSDEEP:48:yvswNIBLBpJawmMH44log6gw/MHm7pJroog6gwkMH9Xog6gwdMHdqdyqog7C:ykfXYx+odPcs9B
                      MD5:BC3D32A696895F78C19DF6C717586A5D
                      SHA1:9191CB156A30A3ED79C44C0A16C95159E8FF689D
                      SHA-256:0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
                      SHA-512:8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64
                      Malicious:false
                      Reputation:low
                      URL:https://logincdn.msftauth.net/shared/5/images/2_bc3d32a696895f78c19d.svg
                      Preview:<svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6z" fill="url(#A)"/><path d="M394.2 1815.6c746.58 0 1351.8-493.2 1351.8-1101.6S1140.78-387.6 394.2-387.6-957.6 105.603-957.6 714-352.38 1815.6 394.2 1815.6z" fill="url(#B)"/><path d="M1548.6 1885.2c631.92 0 1144.2-417.45 1144.2-932.4S2180.52 20.4 1548.6 20.4 404.4 437.85 404.4 952.8s512.276 932.4 1144.2 932.4z" fill="url(#C)"/><path d="M265.8 1215.6c690.246 0 1249.8-455.595 1249.8-1017.6S956.046-819.6 265.8-819.6-984-364.005-984 198-424.445 1215.6 265.8 1215.6z" fill="url(#D)"/></g><defs><radialGradient id="A" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(1466.4 393.6) rotate(90) scale(1401.6 1720.8)"><stop stop-color="#107c10"/><stop offset="1" stop-color="#c4c4c4" stop-opacity="0"/></radialGradient><r

                      Chrome Cache Entry: 59

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:SVG Scalable Vector Graphics image
                      Category:dropped
                      Size (bytes):3651
                      Entropy (8bit):4.094801914706141
                      Encrypted:false
                      SSDEEP:96:wO4DZ+Stb/jY+eo4hAryAes9mBYYQgWLDm9:wToSBjlevudl9nO
                      MD5:EE5C8D9FB6248C938FD0DC19370E90BD
                      SHA1:D01A22720918B781338B5BBF9202B241A5F99EE4
                      SHA-256:04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
                      SHA-512:C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58
                      Malicious:false
                      Reputation:low
                      Preview:<svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0,0,1,.419-.967,1.413,1.413,0,0,1,1-.39,1.392,1.392,0,0,1,1.02.4,1.3,1.3,0,0,1,.4.958,1.248,1.248,0,0,1-.414.953,1.428,1.428,0,0,1-1.01.385A1.4,1.4,0,0,1,47.25,6.6a1.261,1.261,0,0,1-.409-.948M49.41,18.4H47.081V8.507H49.41Zm7.064-1.694a3.213,3.213,0,0,0,1.145-.241,4.811,4.811,0,0,0,1.155-.635V18a4.665,4.665,0,0,1-1.266.481,6.886,6.886,0,0,1-1.554.164,4.707,4.707,0,0,1-4.918-4.908,5.641,5.641,0,0,1,1.4-3.932,5.055,5.055,0,0,1,3.955-1.545,5.414,5.414,0,0,1,1.324.168,4.431,4.431,0,0,1,1.063.39v2.233a4.763,4.763,0,0,0-1.1-.611,3.184,3.184,0,0,0-1.15-.217,2.919,2.919,0,0,0-2.223.9,3.37,3.37,0,0,0-.847,2.416,3.216,3.216,0,0,0,.813,2.338,2.936,2.936,0,0,0,2.209.837M65.4,8.343a2.952,2.952,0,0,1,.5.039,2.1,2.1,0,0,1,.375.1v2.358a2.04,2.04,0,0,0-.

                      Static File Info

                      No static file info

                      Network Behavior

                      Download Network PCAP: filteredfull

                      Network Port Distribution

                      • Total Packets: 67
                      • 443 (HTTPS)
                      • 80 (HTTP)
                      • 53 (DNS)
                      TimestampSource PortDest PortSource IPDest IP
                      Mar 22, 2024 07:22:28.536714077 CET49675443192.168.2.4173.222.162.32
                      Mar 22, 2024 07:22:28.614940882 CET49678443192.168.2.4104.46.162.224
                      Mar 22, 2024 07:22:38.144699097 CET49675443192.168.2.4173.222.162.32
                      Mar 22, 2024 07:22:38.222126961 CET49739443192.168.2.413.107.137.11
                      Mar 22, 2024 07:22:38.222166061 CET4434973913.107.137.11192.168.2.4
                      Mar 22, 2024 07:22:38.222235918 CET49739443192.168.2.413.107.137.11
                      Mar 22, 2024 07:22:38.222815990 CET49739443192.168.2.413.107.137.11
                      Mar 22, 2024 07:22:38.222830057 CET4434973913.107.137.11192.168.2.4
                      Mar 22, 2024 07:22:38.531696081 CET4434973913.107.137.11192.168.2.4
                      Mar 22, 2024 07:22:38.532144070 CET49739443192.168.2.413.107.137.11
                      Mar 22, 2024 07:22:38.532161951 CET4434973913.107.137.11192.168.2.4
                      Mar 22, 2024 07:22:38.533138990 CET4434973913.107.137.11192.168.2.4
                      Mar 22, 2024 07:22:38.533194065 CET49739443192.168.2.413.107.137.11
                      Mar 22, 2024 07:22:38.535883904 CET49739443192.168.2.413.107.137.11
                      Mar 22, 2024 07:22:38.535967112 CET4434973913.107.137.11192.168.2.4
                      Mar 22, 2024 07:22:38.536180019 CET49739443192.168.2.413.107.137.11
                      Mar 22, 2024 07:22:38.536186934 CET4434973913.107.137.11192.168.2.4
                      Mar 22, 2024 07:22:38.583796024 CET49739443192.168.2.413.107.137.11
                      Mar 22, 2024 07:22:38.772340059 CET4434973913.107.137.11192.168.2.4
                      Mar 22, 2024 07:22:38.772356033 CET4434973913.107.137.11192.168.2.4
                      Mar 22, 2024 07:22:38.772423983 CET49739443192.168.2.413.107.137.11
                      Mar 22, 2024 07:22:38.772437096 CET4434973913.107.137.11192.168.2.4
                      Mar 22, 2024 07:22:38.772454977 CET4434973913.107.137.11192.168.2.4
                      Mar 22, 2024 07:22:38.772630930 CET49739443192.168.2.413.107.137.11
                      Mar 22, 2024 07:22:38.775118113 CET49739443192.168.2.413.107.137.11
                      Mar 22, 2024 07:22:38.775129080 CET4434973913.107.137.11192.168.2.4
                      Mar 22, 2024 07:22:39.246007919 CET49741443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:39.246119976 CET4434974169.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:39.246800900 CET49741443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:39.256815910 CET49741443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:39.256836891 CET4434974169.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:39.348542929 CET49742443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:22:39.348582983 CET44349742142.251.35.164192.168.2.4
                      Mar 22, 2024 07:22:39.352050066 CET49742443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:22:39.352415085 CET49742443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:22:39.352432966 CET44349742142.251.35.164192.168.2.4
                      Mar 22, 2024 07:22:39.548223972 CET44349742142.251.35.164192.168.2.4
                      Mar 22, 2024 07:22:39.548727989 CET49742443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:22:39.548747063 CET44349742142.251.35.164192.168.2.4
                      Mar 22, 2024 07:22:39.549609900 CET44349742142.251.35.164192.168.2.4
                      Mar 22, 2024 07:22:39.549829960 CET49742443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:22:39.585232019 CET4434974169.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:39.585370064 CET49741443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:39.604032040 CET49742443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:22:39.604101896 CET44349742142.251.35.164192.168.2.4
                      Mar 22, 2024 07:22:39.608537912 CET49741443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:39.608561039 CET4434974169.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:39.608757019 CET4434974169.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:39.643348932 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:39.643373966 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:39.643637896 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:39.645332098 CET49742443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:22:39.645339966 CET44349742142.251.35.164192.168.2.4
                      Mar 22, 2024 07:22:39.651360035 CET49744443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:39.651388884 CET4434974413.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:39.651468992 CET49744443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:39.658557892 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:39.658570051 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:39.662331104 CET49741443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:39.663542986 CET49745443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:39.663567066 CET4434974513.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:39.663614035 CET49745443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:39.667135954 CET49745443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:39.667150974 CET4434974513.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:39.667723894 CET49744443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:39.667735100 CET4434974413.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:39.691659927 CET49742443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:22:39.855498075 CET49741443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:39.896275043 CET4434974169.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:39.931337118 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:39.931716919 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:39.931734085 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:39.932861090 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:39.932913065 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:39.940990925 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:39.941055059 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:39.944047928 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:39.944055080 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:39.951956987 CET4434974413.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:39.952056885 CET4434974513.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:39.952302933 CET49744443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:39.952311039 CET4434974413.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:39.952511072 CET49745443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:39.952526093 CET4434974513.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:39.953339100 CET4434974413.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:39.953419924 CET4434974513.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:39.953469038 CET49744443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:39.953469992 CET49745443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:39.955657959 CET49744443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:39.955727100 CET4434974413.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:39.956129074 CET49745443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:39.956196070 CET4434974513.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:39.988925934 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.004055023 CET49744443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:40.004057884 CET49745443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:40.004064083 CET4434974413.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:40.004072905 CET4434974513.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:40.016295910 CET4434974169.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:40.016405106 CET4434974169.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:40.016449928 CET49741443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:40.017071962 CET49741443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:40.017086029 CET4434974169.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:40.052367926 CET49745443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:40.052381992 CET49744443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:40.103030920 CET49746443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:40.103060007 CET4434974669.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:40.103132963 CET49746443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:40.103986025 CET49746443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:40.103996992 CET4434974669.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:40.108448029 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.109102964 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.109110117 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.109128952 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.109157085 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.109174013 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.109193087 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.109205961 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.109227896 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.109986067 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.110002041 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.110040903 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.110044956 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.110073090 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.160239935 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.160248041 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.197134018 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.197141886 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.197161913 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.197170973 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.197187901 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.197196007 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.197221041 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.198354959 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.198369026 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.198390961 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.198401928 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.198409081 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.198432922 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.199717045 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.199734926 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.199801922 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.199801922 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.199807882 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.200784922 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.200798988 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.200828075 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.200833082 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.200860977 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.241406918 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.285523891 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.285547018 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.285573959 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.285583019 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.285628080 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.287705898 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.287739992 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.287755966 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.287760019 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.287779093 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.287806988 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.288651943 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.288666964 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.288706064 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.288711071 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.288746119 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.289673090 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.289688110 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.289747953 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.289747953 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.289752960 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.289783955 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.290601969 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.290621042 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.290658951 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.290663004 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.290683985 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.290709019 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.291382074 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.291398048 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.291430950 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.291435003 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.291460037 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.291476965 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.292330980 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.292345047 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.292377949 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.292381048 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.292403936 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.292424917 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.293222904 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.293237925 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.293270111 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.293273926 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.293299913 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.293317080 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.293319941 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.315270901 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.371371984 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.371392012 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.371434927 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.371442080 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.371469975 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.371484995 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.381022930 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.381046057 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.381079912 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.381084919 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.381124020 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.381148100 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.381763935 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.381778955 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.381829023 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.381834984 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.381871939 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.382882118 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.382898092 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.382930040 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.382937908 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.382962942 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.382986069 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.383951902 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.383966923 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.384010077 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.384015083 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.384048939 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.385056019 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.385071039 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.385098934 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.385135889 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.385139942 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.385173082 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.385991096 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.386006117 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.386038065 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.386043072 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.386075974 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.386928082 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.386943102 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.386981964 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.386986017 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.387028933 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.388087034 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.388102055 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.388144016 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.388148069 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.388185024 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.389180899 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.389195919 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.389238119 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.389240980 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.389271975 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.389288902 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.390182018 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.390197039 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.390224934 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.390229940 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.390263081 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.392174959 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.392203093 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.392235041 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.392240047 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.392257929 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.392282963 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.393218040 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.393234015 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.393263102 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.393266916 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.393299103 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.394284010 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.394301891 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.394335985 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.394340038 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.394387007 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.395463943 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.395478964 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.395524979 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.395529032 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.395572901 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.396447897 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.396462917 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.396506071 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.396512032 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.396548986 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.397581100 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.397598028 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.397643089 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.397646904 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.397680998 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.398891926 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.406661034 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.406682968 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.406717062 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.406721115 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.406759977 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.447325945 CET4434974669.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:40.447397947 CET49746443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:40.451056004 CET49746443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:40.451066017 CET4434974669.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:40.451287985 CET4434974669.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:40.454473972 CET49746443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:40.460711956 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.460730076 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.460787058 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.460794926 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.460839033 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.460858107 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.468643904 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.468658924 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.468698025 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.468703985 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.468733072 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.475104094 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.475116968 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.475156069 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.475161076 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.475198030 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.478441000 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.478460073 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.478494883 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.478501081 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.478528976 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.478543997 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.483567953 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.483582973 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.483618975 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.483624935 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.483670950 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.485102892 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.485117912 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.485155106 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.485160112 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.485202074 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.486063957 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.486078978 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.486134052 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.486139059 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.486171007 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.487320900 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.487334967 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.487390041 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.487395048 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.487428904 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.487924099 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.487940073 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.487972021 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.487974882 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.488013983 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.488034010 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.488763094 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.488778114 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.488828897 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.488835096 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.488883018 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.489789009 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.489804029 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.489840031 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.489845037 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.489870071 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.489885092 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.490628958 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.490643978 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.490693092 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.490696907 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.490719080 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.490732908 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.491504908 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.491518974 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.491560936 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.491565943 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.491604090 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.492482901 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.492500067 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.492532015 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.492536068 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.492573023 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.495176077 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.495193005 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.495229006 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.495234013 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.495287895 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.496237040 CET4434974669.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:40.496704102 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.496718884 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.496752024 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.496757984 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.496784925 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.496798038 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.498095036 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.498109102 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.498152018 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.498157978 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.498198986 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.498878002 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.498891115 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.498933077 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.498938084 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.498986006 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.499811888 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.499829054 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.499860048 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.499864101 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.499892950 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.499910116 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.500724077 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.500739098 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.500770092 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.500775099 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.500807047 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.500834942 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.501684904 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.501709938 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.501740932 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.501744032 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.501775026 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.501791000 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.502851963 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.502866983 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.502912998 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.502918005 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.502959013 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.502981901 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.502988100 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.503026962 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.503031015 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.503077984 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.503113985 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.503309965 CET49743443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:40.503319979 CET44349743192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:40.778394938 CET4434974669.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:40.778636932 CET4434974669.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:40.779295921 CET49746443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:40.779295921 CET49746443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:40.779439926 CET49746443192.168.2.469.192.108.161
                      Mar 22, 2024 07:22:40.779450893 CET4434974669.192.108.161192.168.2.4
                      Mar 22, 2024 07:22:41.129334927 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.129353046 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.129990101 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.133584023 CET49748443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.133629084 CET44349748192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.133769035 CET49748443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.134727955 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.134735107 CET49749443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.134742975 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.134768009 CET44349749192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.135267019 CET49748443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.135289907 CET44349748192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.135320902 CET49749443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.135818958 CET49749443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.135835886 CET44349749192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.446168900 CET44349749192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.448292971 CET49749443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.448308945 CET44349749192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.449439049 CET44349749192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.449543953 CET49749443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.451745987 CET49749443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.451745987 CET49749443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.451759100 CET44349749192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.451891899 CET44349749192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.456908941 CET44349748192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.457324028 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.458703041 CET49748443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.458703041 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.458713055 CET44349748192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.458714962 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.459080935 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.459600925 CET44349748192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.459709883 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.459722996 CET49748443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.459788084 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.460144997 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.460752964 CET49748443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.460834026 CET44349748192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.461025953 CET49748443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.503477097 CET49749443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.503493071 CET44349749192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.503509045 CET49748443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.503516912 CET44349748192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.503528118 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.503535986 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.551352024 CET49748443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.551354885 CET49749443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.597357988 CET49750443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.597404003 CET44349750192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.600390911 CET44349749192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.600495100 CET49750443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.600548029 CET44349749192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.600596905 CET44349749192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.600749016 CET49749443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.604017973 CET49750443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.604032993 CET44349750192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.605870008 CET49749443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.605886936 CET44349749192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.607661009 CET44349748192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.607836962 CET44349748192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.607917070 CET44349748192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.607968092 CET49748443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.608625889 CET49748443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.619111061 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.619769096 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.619776011 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.619807005 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.619834900 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.619843006 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.619867086 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.619878054 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.619896889 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.619936943 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.620588064 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.620604992 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.620817900 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.620825052 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.623980045 CET49748443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.623997927 CET44349748192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.660285950 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.707062006 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.707079887 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.707107067 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.707127094 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.707165003 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.707740068 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.707756996 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.707787991 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.707794905 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.707818985 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.707838058 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.708651066 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.708668947 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.708704948 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.708712101 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.708745003 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.709161997 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.709216118 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.709222078 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.709248066 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.709290981 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.716697931 CET49747443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.716707945 CET44349747192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.872186899 CET44349750192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.872550964 CET49750443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.872564077 CET44349750192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.872925043 CET44349750192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.873878002 CET49750443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.873943090 CET44349750192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.874620914 CET49750443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.916238070 CET44349750192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.994971991 CET49752443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.994987011 CET44349752192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.995043039 CET49752443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.996133089 CET49753443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.996160030 CET44349753192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.996221066 CET49753443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.996939898 CET49752443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.996948004 CET44349752192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:41.997208118 CET49753443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:41.997219086 CET44349753192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.051045895 CET44349750192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.051076889 CET44349750192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.051114082 CET49750443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.051120996 CET44349750192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.051131010 CET44349750192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.051179886 CET49750443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.052405119 CET49750443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.052417994 CET44349750192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.090502024 CET49754443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.090529919 CET44349754192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.090593100 CET49754443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.090924978 CET49754443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.090940952 CET44349754192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.100857019 CET49755443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.100872993 CET44349755192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.100934982 CET49755443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.101103067 CET49755443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.101113081 CET44349755192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.277836084 CET44349753192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.278167963 CET49753443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.278178930 CET44349753192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.278532982 CET44349752192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.278697968 CET49752443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.278707981 CET44349752192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.279079914 CET44349753192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.279134989 CET49753443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.279575109 CET44349752192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.279628038 CET49753443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.279628992 CET49752443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.279680967 CET44349753192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.279913902 CET49752443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.279974937 CET44349752192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.280114889 CET49753443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.280118942 CET44349753192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.280278921 CET49752443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.280283928 CET44349752192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.324645042 CET49753443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.324645042 CET49752443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.358459949 CET44349754192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.358711004 CET49754443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.358726025 CET44349754192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.359011889 CET44349754192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.359319925 CET49754443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.359370947 CET44349754192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.359508038 CET49754443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.368658066 CET44349755192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.368818045 CET49755443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.368827105 CET44349755192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.369694948 CET44349755192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.369750977 CET49755443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.370007992 CET49755443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.370058060 CET44349755192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.370101929 CET49755443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.370106936 CET44349755192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.400238037 CET44349754192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.420978069 CET49755443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.452589989 CET44349753192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.452905893 CET44349753192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.452945948 CET44349753192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.452963114 CET49753443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.453001976 CET49753443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.453486919 CET49753443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.453495026 CET44349753192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.456090927 CET44349752192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.456480026 CET44349752192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.456523895 CET49752443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.456533909 CET44349752192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.456548929 CET44349752192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.456583977 CET49752443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.456816912 CET49752443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.456825972 CET44349752192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.538464069 CET44349754192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.539745092 CET44349754192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.539760113 CET44349754192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.539803982 CET49754443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.539819956 CET44349754192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.539834023 CET44349754192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.539834976 CET49754443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.539859056 CET49754443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.539875984 CET49754443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.540061951 CET49754443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.540070057 CET44349754192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.546622038 CET44349755192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.546664953 CET44349755192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.546705961 CET44349755192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.546710014 CET49755443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.546765089 CET49755443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.547219992 CET49755443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.547226906 CET44349755192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.664271116 CET49756443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.664316893 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.664541960 CET49756443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.664885044 CET49756443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:42.664901972 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.934194088 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:42.984549046 CET49756443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:43.005799055 CET49756443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:43.005814075 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:43.006253004 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:43.033746004 CET49756443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:43.033819914 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:43.041651011 CET49756443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:43.084235907 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:43.130526066 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:43.131577969 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:43.131586075 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:43.131620884 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:43.131638050 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:43.131653070 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:43.131679058 CET49756443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:43.131690025 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:43.131733894 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:43.131757975 CET49756443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:43.131757975 CET49756443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:43.132550001 CET49756443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:43.200304985 CET49756443192.168.2.4192.229.211.199
                      Mar 22, 2024 07:22:43.200329065 CET44349756192.229.211.199192.168.2.4
                      Mar 22, 2024 07:22:44.846702099 CET4434974413.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:44.846793890 CET4434974413.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:44.846905947 CET49744443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:44.852616072 CET4434974513.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:44.852694988 CET4434974513.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:44.852868080 CET49745443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:44.944381952 CET49744443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:44.944406033 CET4434974413.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:44.944438934 CET49745443192.168.2.413.107.246.40
                      Mar 22, 2024 07:22:44.944454908 CET4434974513.107.246.40192.168.2.4
                      Mar 22, 2024 07:22:49.569880962 CET44349742142.251.35.164192.168.2.4
                      Mar 22, 2024 07:22:49.569936991 CET44349742142.251.35.164192.168.2.4
                      Mar 22, 2024 07:22:49.570018053 CET49742443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:22:51.168042898 CET49742443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:22:51.168071032 CET44349742142.251.35.164192.168.2.4
                      Mar 22, 2024 07:22:57.933317900 CET804972369.164.46.128192.168.2.4
                      Mar 22, 2024 07:22:57.933440924 CET4972380192.168.2.469.164.46.128
                      Mar 22, 2024 07:22:57.933440924 CET4972380192.168.2.469.164.46.128
                      Mar 22, 2024 07:22:58.020848036 CET804972369.164.46.128192.168.2.4
                      Mar 22, 2024 07:22:58.020896912 CET804972369.164.46.128192.168.2.4
                      Mar 22, 2024 07:22:58.020950079 CET4972380192.168.2.469.164.46.128
                      Mar 22, 2024 07:23:12.242746115 CET804972469.164.46.128192.168.2.4
                      Mar 22, 2024 07:23:12.242861032 CET4972480192.168.2.469.164.46.128
                      Mar 22, 2024 07:23:12.242908001 CET4972480192.168.2.469.164.46.128
                      Mar 22, 2024 07:23:12.330477953 CET804972469.164.46.128192.168.2.4
                      Mar 22, 2024 07:23:39.302021027 CET49776443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:23:39.302062035 CET44349776142.251.35.164192.168.2.4
                      Mar 22, 2024 07:23:39.302130938 CET49776443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:23:39.302937031 CET49776443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:23:39.302954912 CET44349776142.251.35.164192.168.2.4
                      Mar 22, 2024 07:23:39.490513086 CET44349776142.251.35.164192.168.2.4
                      Mar 22, 2024 07:23:39.491017103 CET49776443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:23:39.491034031 CET44349776142.251.35.164192.168.2.4
                      Mar 22, 2024 07:23:39.491367102 CET44349776142.251.35.164192.168.2.4
                      Mar 22, 2024 07:23:39.492292881 CET49776443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:23:39.492352009 CET44349776142.251.35.164192.168.2.4
                      Mar 22, 2024 07:23:39.535032034 CET49776443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:23:49.512183905 CET44349776142.251.35.164192.168.2.4
                      Mar 22, 2024 07:23:49.512264013 CET44349776142.251.35.164192.168.2.4
                      Mar 22, 2024 07:23:49.512325048 CET49776443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:23:50.942985058 CET49776443192.168.2.4142.251.35.164
                      Mar 22, 2024 07:23:50.943022013 CET44349776142.251.35.164192.168.2.4
                      TimestampSource PortDest PortSource IPDest IP
                      Mar 22, 2024 07:22:34.722878933 CET53521371.1.1.1192.168.2.4
                      Mar 22, 2024 07:22:34.802033901 CET53631231.1.1.1192.168.2.4
                      Mar 22, 2024 07:22:35.527251959 CET53493221.1.1.1192.168.2.4
                      Mar 22, 2024 07:22:38.110258102 CET5499553192.168.2.41.1.1.1
                      Mar 22, 2024 07:22:38.110723972 CET5895453192.168.2.41.1.1.1
                      Mar 22, 2024 07:22:39.255167961 CET5163053192.168.2.41.1.1.1
                      Mar 22, 2024 07:22:39.255167961 CET5134553192.168.2.41.1.1.1
                      Mar 22, 2024 07:22:39.343264103 CET53513451.1.1.1192.168.2.4
                      Mar 22, 2024 07:22:39.343283892 CET53516301.1.1.1192.168.2.4
                      Mar 22, 2024 07:22:39.520931959 CET5157453192.168.2.41.1.1.1
                      Mar 22, 2024 07:22:39.521157980 CET5056653192.168.2.41.1.1.1
                      Mar 22, 2024 07:22:39.521703959 CET5265253192.168.2.41.1.1.1
                      Mar 22, 2024 07:22:39.523353100 CET5126453192.168.2.41.1.1.1
                      Mar 22, 2024 07:22:39.618912935 CET53515741.1.1.1192.168.2.4
                      Mar 22, 2024 07:22:41.827377081 CET6235453192.168.2.41.1.1.1
                      Mar 22, 2024 07:22:41.827922106 CET6303953192.168.2.41.1.1.1
                      Mar 22, 2024 07:22:41.915606022 CET53623541.1.1.1192.168.2.4
                      Mar 22, 2024 07:22:41.916699886 CET53630391.1.1.1192.168.2.4
                      Mar 22, 2024 07:22:52.677670956 CET53599561.1.1.1192.168.2.4
                      Mar 22, 2024 07:22:59.150103092 CET138138192.168.2.4192.168.2.255
                      Mar 22, 2024 07:23:11.393114090 CET53573781.1.1.1192.168.2.4
                      Mar 22, 2024 07:23:34.359436989 CET53509071.1.1.1192.168.2.4
                      Mar 22, 2024 07:23:34.469531059 CET53514841.1.1.1192.168.2.4
                      Mar 22, 2024 07:24:02.937568903 CET53607061.1.1.1192.168.2.4
                      TimestampSource IPDest IPChecksumCodeType
                      Mar 22, 2024 07:22:38.251950979 CET192.168.2.41.1.1.1c2c5(Port unreachable)Destination Unreachable

                      DNS Queries

                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                      Mar 22, 2024 07:22:38.110258102 CET192.168.2.41.1.1.10xc681Standard query (0)onedrive.live.comA (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:38.110723972 CET192.168.2.41.1.1.10x3b2fStandard query (0)onedrive.live.com65IN (0x0001)false
                      Mar 22, 2024 07:22:39.255167961 CET192.168.2.41.1.1.10x3276Standard query (0)www.google.comA (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.255167961 CET192.168.2.41.1.1.10xdc81Standard query (0)www.google.com65IN (0x0001)false
                      Mar 22, 2024 07:22:39.520931959 CET192.168.2.41.1.1.10x4060Standard query (0)logincdn.msftauth.netA (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.521157980 CET192.168.2.41.1.1.10xc55eStandard query (0)logincdn.msftauth.net65IN (0x0001)false
                      Mar 22, 2024 07:22:39.521703959 CET192.168.2.41.1.1.10x6e08Standard query (0)acctcdn.msftauth.netA (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.523353100 CET192.168.2.41.1.1.10x7333Standard query (0)acctcdn.msftauth.net65IN (0x0001)false
                      Mar 22, 2024 07:22:41.827377081 CET192.168.2.41.1.1.10xb547Standard query (0)logincdn.msftauth.netA (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:41.827922106 CET192.168.2.41.1.1.10x8cc6Standard query (0)logincdn.msftauth.net65IN (0x0001)false

                      DNS Answers

                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                      Mar 22, 2024 07:22:38.197877884 CET1.1.1.1192.168.2.40xc681No error (0)onedrive.live.comweb.fe.1drv.comCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:38.197877884 CET1.1.1.1192.168.2.40xc681No error (0)web.fe.1drv.comodc-web-geo.onedrive.akadns.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:38.197877884 CET1.1.1.1192.168.2.40xc681No error (0)odwebpl.trafficmanager.net.dual-spov-0006.spov-msedge.netdual-spov-0006.spov-msedge.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:38.197877884 CET1.1.1.1192.168.2.40xc681No error (0)dual-spov-0006.spov-msedge.net13.107.137.11A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:38.197877884 CET1.1.1.1192.168.2.40xc681No error (0)dual-spov-0006.spov-msedge.net13.107.139.11A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:38.251890898 CET1.1.1.1192.168.2.40x3b2fNo error (0)onedrive.live.comweb.fe.1drv.comCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:38.251890898 CET1.1.1.1192.168.2.40x3b2fNo error (0)web.fe.1drv.comodc-web-geo.onedrive.akadns.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:39.343264103 CET1.1.1.1192.168.2.40xdc81No error (0)www.google.com65IN (0x0001)false
                      Mar 22, 2024 07:22:39.343283892 CET1.1.1.1192.168.2.40x3276No error (0)www.google.com142.251.35.164A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.618912935 CET1.1.1.1192.168.2.40x4060No error (0)logincdn.msftauth.netcs1227.wpc.alphacdn.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:39.618912935 CET1.1.1.1192.168.2.40x4060No error (0)cs1227.wpc.alphacdn.net192.229.211.199A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.642354965 CET1.1.1.1192.168.2.40x6e08No error (0)acctcdn.msftauth.netacctcdn.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:39.642354965 CET1.1.1.1192.168.2.40x6e08No error (0)shed.dual-low.part-0012.t-0009.t-msedge.netpart-0012.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:39.642354965 CET1.1.1.1192.168.2.40x6e08No error (0)part-0012.t-0009.t-msedge.net13.107.246.40A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.642354965 CET1.1.1.1192.168.2.40x6e08No error (0)part-0012.t-0009.t-msedge.net13.107.213.40A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.642693043 CET1.1.1.1192.168.2.40x7333No error (0)acctcdn.msftauth.netacctcdn.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:39.645452976 CET1.1.1.1192.168.2.40x3a2eNo error (0)shed.dual-low.part-0012.t-0009.t-msedge.netpart-0012.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:39.645452976 CET1.1.1.1192.168.2.40x3a2eNo error (0)part-0012.t-0009.t-msedge.net13.107.246.40A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.645452976 CET1.1.1.1192.168.2.40x3a2eNo error (0)part-0012.t-0009.t-msedge.net13.107.213.40A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.735867977 CET1.1.1.1192.168.2.40x64cdNo error (0)shed.dual-low.part-0012.t-0009.t-msedge.netpart-0012.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:39.735867977 CET1.1.1.1192.168.2.40x64cdNo error (0)part-0012.t-0009.t-msedge.net13.107.213.40A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.735867977 CET1.1.1.1192.168.2.40x64cdNo error (0)part-0012.t-0009.t-msedge.net13.107.246.40A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.743400097 CET1.1.1.1192.168.2.40x28daNo error (0)cs1227.wpc.alphacdn.net192.229.211.199A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.765250921 CET1.1.1.1192.168.2.40x59b8No error (0)shed.dual-low.part-0012.t-0009.t-msedge.netpart-0012.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:39.765250921 CET1.1.1.1192.168.2.40x59b8No error (0)part-0012.t-0009.t-msedge.net13.107.246.40A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.765250921 CET1.1.1.1192.168.2.40x59b8No error (0)part-0012.t-0009.t-msedge.net13.107.213.40A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.864263058 CET1.1.1.1192.168.2.40xa678No error (0)scdn1efff.wpc.9da5e.alphacdn.netsni1gl.wpc.alphacdn.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:39.864263058 CET1.1.1.1192.168.2.40xa678No error (0)sni1gl.wpc.alphacdn.net152.195.19.97A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.865266085 CET1.1.1.1192.168.2.40x9709No error (0)scdn1efff.wpc.9da5e.alphacdn.netsni1gl.wpc.alphacdn.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:39.880522966 CET1.1.1.1192.168.2.40xad67No error (0)shed.dual-low.part-0012.t-0009.t-msedge.netpart-0012.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:39.880522966 CET1.1.1.1192.168.2.40xad67No error (0)part-0012.t-0009.t-msedge.net13.107.246.40A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:39.880522966 CET1.1.1.1192.168.2.40xad67No error (0)part-0012.t-0009.t-msedge.net13.107.213.40A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:41.915606022 CET1.1.1.1192.168.2.40xb547No error (0)logincdn.msftauth.netcs1227.wpc.alphacdn.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:41.915606022 CET1.1.1.1192.168.2.40xb547No error (0)cs1227.wpc.alphacdn.net192.229.211.199A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:22:41.916699886 CET1.1.1.1192.168.2.40x8cc6No error (0)logincdn.msftauth.netcs1227.wpc.alphacdn.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:52.105648041 CET1.1.1.1192.168.2.40x97deNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:22:52.105648041 CET1.1.1.1192.168.2.40x97deNo error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:23:04.968826056 CET1.1.1.1192.168.2.40xe96bNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:23:04.968826056 CET1.1.1.1192.168.2.40xe96bNo error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:23:26.592842102 CET1.1.1.1192.168.2.40xdb95No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:23:26.592842102 CET1.1.1.1192.168.2.40xdb95No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                      Mar 22, 2024 07:23:47.108838081 CET1.1.1.1192.168.2.40xf61dNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                      Mar 22, 2024 07:23:47.108838081 CET1.1.1.1192.168.2.40xf61dNo error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false

                      HTTP Request Dependency Graph

                      • onedrive.live.com
                      • https:
                        • logincdn.msftauth.net
                      • fs.microsoft.com

                      HTTPS Proxied Packets

                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      0192.168.2.44973913.107.137.114434520C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-03-22 06:22:38 UTC693OUTGET /?v=managestorage&ocid=cmm4esjh8wf HTTP/1.1
                      Host: onedrive.live.com
                      Connection: keep-alive
                      Upgrade-Insecure-Requests: 1
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                      Sec-Fetch-Site: none
                      Sec-Fetch-Mode: navigate
                      Sec-Fetch-User: ?1
                      Sec-Fetch-Dest: document
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      sec-ch-ua-mobile: ?0
                      sec-ch-ua-platform: "Windows"
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-03-22 06:22:38 UTC2064INHTTP/1.1 302 Found
                      Cache-Control: no-cache, no-store
                      Pragma: no-cache
                      Content-Length: 450
                      Content-Type: text/html; charset=utf-8
                      Expires: -1
                      Location: https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=22&ct=1711088558&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1
                      P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                      Set-Cookie: RpsContextCookie=UHJldmlvdXNSZXF1ZXN0Q29ycmVsYXRpb25JZD0wMDAwMDAwMCUyRDAwMDAlMkQwMDAwJTJEMDAwMCUyRDAwMDAwMDAwMDAwMCZSZXR1cm5Vcmw9aHR0cHMlM0ElMkYlMkZvbmVkcml2ZSUyRWxpdmUlMkVjb20lMkYlM0Z2JTNEbWFuYWdlc3RvcmFnZSUyNm9jaWQlM0RjbW00ZXNqaDh3Zg==; expires=Fri, 22-Mar-2024 06:32:38 GMT; path=/; SameSite=None; secure; HttpOnly
                      X-NetworkStatistics: 0,525568,0,0,787,0,29562
                      X-SharePointHealthScore: 3
                      X-AspNet-Version: 4.0.30319
                      X-DataBoundary: NONE
                      X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
                      X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/
                      SPRequestGuid: 037017a1-c09f-5000-2f0a-1f1ddb75ef62
                      request-id: 037017a1-c09f-5000-2f0a-1f1ddb75ef62
                      MS-CV: oRdwA5/AAFAvCh8d23XvYg.0
                      Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-BN3r2&frontEnd=AFD&remoteIp=191.96.227.0"}]}
                      NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
                      Strict-Transport-Security: max-age=31536000
                      SPRequestDuration: 41
                      SPIisLatency: 61
                      X-Powered-By: ASP.NET
                      MicrosoftSharePointTeamServices: 16.0.0.24628
                      X-Content-Type-Options: nosniff
                      X-MS-InvokeApp: 1; RequireReadOnly
                      X-Cache: CONFIG_NOCACHE
                      X-MSEdge-Ref: Ref A: 6140E1E705A241C0960BB839D20E3B98 Ref B: BN3EDGE0916 Ref C: 2024-03-22T06:22:38Z
                      Date: Fri, 22 Mar 2024 06:22:38 GMT
                      Connection: close
                      2024-03-22 06:22:38 UTC450INData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6c 6f 67 69 6e 2e 6c 69 76 65 2e 63 6f 6d 2f 6c 6f 67 69 6e 2e 73 72 66 3f 77 61 3d 77 73 69 67 6e 69 6e 31 25 32 45 30 26 61 6d 70 3b 72 70 73 6e 76 3d 32 32 26 61 6d 70 3b 63 74 3d 31 37 31 31 30 38 38 35 35 38 26 61 6d 70 3b 72 76 65 72 3d 37 25 32 45 35 25 32 45 32 31 34 36 25 32 45 30 26 61 6d 70 3b 77 70 3d 4d 42 49 25 35 46 53 53 4c 26 61 6d 70 3b 77 72 65 70 6c 79 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 6f 6e 65 64 72 69 76 65 25 32 45 6c 69 76 65 25 32 45 63 6f 6d 25 32 46
                      Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="https://login.live.com/login.srf?wa=wsignin1%2E0&amp;rpsnv=22&amp;ct=1711088558&amp;rver=7%2E5%2E2146%2E0&amp;wp=MBI%5FSSL&amp;wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      1192.168.2.44974169.192.108.161443
                      TimestampBytes transferredDirectionData
                      2024-03-22 06:22:39 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                      Connection: Keep-Alive
                      Accept: */*
                      Accept-Encoding: identity
                      User-Agent: Microsoft BITS/7.8
                      Host: fs.microsoft.com
                      2024-03-22 06:22:40 UTC467INHTTP/1.1 200 OK
                      Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                      Content-Type: application/octet-stream
                      ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                      Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                      Server: ECAcc (chd/0790)
                      X-CID: 11
                      X-Ms-ApiVersion: Distribute 1.2
                      X-Ms-Region: prod-eus-z1
                      Cache-Control: public, max-age=133338
                      Date: Fri, 22 Mar 2024 06:22:39 GMT
                      Connection: close
                      X-CID: 2


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      2192.168.2.449743192.229.211.1994434520C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-03-22 06:22:39 UTC595OUTGET /shared/5/js/login_en_4XWJLQsDnjOrefMiFTdF2g2.js HTTP/1.1
                      Host: logincdn.msftauth.net
                      Connection: keep-alive
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      Origin: https://login.live.com
                      sec-ch-ua-mobile: ?0
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      Accept: */*
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: script
                      Referer: https://login.live.com/
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-03-22 06:22:40 UTC750INHTTP/1.1 200 OK
                      Access-Control-Allow-Origin: *
                      Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                      Age: 1136023
                      Cache-Control: public, max-age=31536000
                      Content-MD5: 7srD9gWJffEfz123CPvBLA==
                      Content-Type: application/x-javascript
                      Date: Fri, 22 Mar 2024 06:22:40 GMT
                      Etag: 0x8DC3F503B562BED
                      Last-Modified: Fri, 08 Mar 2024 09:15:00 GMT
                      Server: ECAcc (nya/7982)
                      Vary: Accept-Encoding
                      X-Cache: HIT
                      x-ms-blob-type: BlockBlob
                      x-ms-lease-status: unlocked
                      x-ms-request-id: a1b88463-301e-00bc-0acc-71d87b000000
                      x-ms-version: 2009-09-19
                      Content-Length: 887551
                      Connection: close
                      2024-03-22 06:22:40 UTC16383INData Raw: 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 6c 6f 67 69 6e 5f 65 6e 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 2c 74 2c 6e 2c 72 2c 6f 3d 7b 39 37 32 30 36 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 72 3d 6e 28 39 33 38 34 29 2c 6f 3d 7b 63 68 69 6c 64 43 6f 6e 74 65 78 74 54 79 70 65 73 3a 21 30 2c 63 6f 6e 74 65 78 74 54 79 70 65 3a 21 30 2c 63 6f 6e 74 65 78 74 54 79 70 65 73 3a 21 30 2c 64 65 66 61 75 6c 74 50 72 6f 70 73 3a 21 30 2c 64 69 73 70 6c 61 79 4e 61 6d 65 3a 21 30 2c 67 65 74 44 65 66 61 75 6c 74 50 72 6f 70 73 3a 21 30 2c 67 65 74 44 65 72 69 76
                      Data Ascii: /*! For license information please see login_en.js.LICENSE.txt */!function(){var e,t,n,r,o={97206:function(e,t,n){"use strict";var r=n(9384),o={childContextTypes:!0,contextType:!0,contextTypes:!0,defaultProps:!0,displayName:!0,getDefaultProps:!0,getDeriv
                      2024-03-22 06:22:40 UTC16383INData Raw: 73 65 6c 65 63 74 65 64 3d 21 30 2c 76 6f 69 64 28 72 26 26 28 65 5b 6f 5d 2e 64 65 66 61 75 6c 74 53 65 6c 65 63 74 65 64 3d 21 30 29 29 3b 6e 75 6c 6c 21 3d 3d 74 7c 7c 65 5b 6f 5d 2e 64 69 73 61 62 6c 65 64 7c 7c 28 74 3d 65 5b 6f 5d 29 7d 6e 75 6c 6c 21 3d 3d 74 26 26 28 74 2e 73 65 6c 65 63 74 65 64 3d 21 30 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 49 65 28 65 2c 74 29 7b 69 66 28 6e 75 6c 6c 21 3d 74 2e 64 61 6e 67 65 72 6f 75 73 6c 79 53 65 74 49 6e 6e 65 72 48 54 4d 4c 29 74 68 72 6f 77 20 45 72 72 6f 72 28 6c 28 39 31 29 29 3b 72 65 74 75 72 6e 20 69 28 7b 7d 2c 74 2c 7b 76 61 6c 75 65 3a 76 6f 69 64 20 30 2c 64 65 66 61 75 6c 74 56 61 6c 75 65 3a 76 6f 69 64 20 30 2c 63 68 69 6c 64 72 65 6e 3a 22 22 2b 65 2e 5f 77 72 61 70 70 65 72 53 74 61 74 65 2e
                      Data Ascii: selected=!0,void(r&&(e[o].defaultSelected=!0));null!==t||e[o].disabled||(t=e[o])}null!==t&&(t.selected=!0)}}function Ie(e,t){if(null!=t.dangerouslySetInnerHTML)throw Error(l(91));return i({},t,{value:void 0,defaultValue:void 0,children:""+e._wrapperState.
                      2024-03-22 06:22:40 UTC2INData Raw: 74 68
                      Data Ascii: th
                      2024-03-22 06:22:40 UTC16383INData Raw: 72 6f 77 20 45 72 72 6f 72 28 6c 28 33 33 29 29 7d 66 75 6e 63 74 69 6f 6e 20 52 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 5b 6a 6e 5d 7c 7c 6e 75 6c 6c 7d 66 75 6e 63 74 69 6f 6e 20 42 6e 28 65 29 7b 64 6f 7b 65 3d 65 2e 72 65 74 75 72 6e 7d 77 68 69 6c 65 28 65 26 26 35 21 3d 3d 65 2e 74 61 67 29 3b 72 65 74 75 72 6e 20 65 7c 7c 6e 75 6c 6c 7d 66 75 6e 63 74 69 6f 6e 20 46 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 65 2e 73 74 61 74 65 4e 6f 64 65 3b 69 66 28 21 6e 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 76 61 72 20 6f 3d 6d 28 6e 29 3b 69 66 28 21 6f 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 6e 3d 6f 5b 74 5d 3b 65 3a 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 6f 6e 43 6c 69 63 6b 22 3a 63 61 73 65 22 6f 6e 43 6c 69 63 6b 43 61 70 74 75 72 65 22 3a 63 61 73 65
                      Data Ascii: row Error(l(33))}function Rn(e){return e[jn]||null}function Bn(e){do{e=e.return}while(e&&5!==e.tag);return e||null}function Fn(e,t){var n=e.stateNode;if(!n)return null;var o=m(n);if(!o)return null;n=o[t];e:switch(t){case"onClick":case"onClickCapture":case
                      2024-03-22 06:22:40 UTC16383INData Raw: 73 74 61 62 6c 65 5f 73 63 68 65 64 75 6c 65 43 61 6c 6c 62 61 63 6b 2c 45 6f 3d 61 2e 75 6e 73 74 61 62 6c 65 5f 63 61 6e 63 65 6c 43 61 6c 6c 62 61 63 6b 2c 6a 6f 3d 61 2e 75 6e 73 74 61 62 6c 65 5f 72 65 71 75 65 73 74 50 61 69 6e 74 2c 49 6f 3d 61 2e 75 6e 73 74 61 62 6c 65 5f 6e 6f 77 2c 4c 6f 3d 61 2e 75 6e 73 74 61 62 6c 65 5f 67 65 74 43 75 72 72 65 6e 74 50 72 69 6f 72 69 74 79 4c 65 76 65 6c 2c 44 6f 3d 61 2e 75 6e 73 74 61 62 6c 65 5f 49 6d 6d 65 64 69 61 74 65 50 72 69 6f 72 69 74 79 2c 4e 6f 3d 61 2e 75 6e 73 74 61 62 6c 65 5f 55 73 65 72 42 6c 6f 63 6b 69 6e 67 50 72 69 6f 72 69 74 79 2c 52 6f 3d 61 2e 75 6e 73 74 61 62 6c 65 5f 4e 6f 72 6d 61 6c 50 72 69 6f 72 69 74 79 2c 42 6f 3d 61 2e 75 6e 73 74 61 62 6c 65 5f 4c 6f 77 50 72 69 6f 72 69
                      Data Ascii: stable_scheduleCallback,Eo=a.unstable_cancelCallback,jo=a.unstable_requestPaint,Io=a.unstable_now,Lo=a.unstable_getCurrentPriorityLevel,Do=a.unstable_ImmediatePriority,No=a.unstable_UserBlockingPriority,Ro=a.unstable_NormalPriority,Bo=a.unstable_LowPriori
                      2024-03-22 06:22:40 UTC16383INData Raw: 20 6f 3d 6e 61 28 29 3b 72 3d 76 6f 69 64 20 30 3d 3d 3d 72 3f 6e 75 6c 6c 3a 72 3b 76 61 72 20 69 3d 76 6f 69 64 20 30 3b 69 66 28 6e 75 6c 6c 21 3d 3d 4b 69 29 7b 76 61 72 20 61 3d 4b 69 2e 6d 65 6d 6f 69 7a 65 64 53 74 61 74 65 3b 69 66 28 69 3d 61 2e 64 65 73 74 72 6f 79 2c 6e 75 6c 6c 21 3d 3d 72 26 26 4a 69 28 72 2c 61 2e 64 65 70 73 29 29 72 65 74 75 72 6e 20 76 6f 69 64 20 6c 61 28 74 2c 6e 2c 69 2c 72 29 7d 71 69 2e 65 66 66 65 63 74 54 61 67 7c 3d 65 2c 6f 2e 6d 65 6d 6f 69 7a 65 64 53 74 61 74 65 3d 6c 61 28 31 7c 74 2c 6e 2c 69 2c 72 29 7d 66 75 6e 63 74 69 6f 6e 20 64 61 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 63 61 28 35 31 36 2c 34 2c 65 2c 74 29 7d 66 75 6e 63 74 69 6f 6e 20 66 61 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 75 61 28 35 31 36 2c
                      Data Ascii: o=na();r=void 0===r?null:r;var i=void 0;if(null!==Ki){var a=Ki.memoizedState;if(i=a.destroy,null!==r&&Ji(r,a.deps))return void la(t,n,i,r)}qi.effectTag|=e,o.memoizedState=la(1|t,n,i,r)}function da(e,t){return ca(516,4,e,t)}function fa(e,t){return ua(516,
                      2024-03-22 06:22:40 UTC16383INData Raw: 3d 74 79 70 65 6f 66 20 63 2e 6f 6e 43 6c 69 63 6b 26 26 28 65 2e 6f 6e 63 6c 69 63 6b 3d 66 6e 29 7d 78 6e 28 6f 2c 72 29 26 26 28 74 2e 65 66 66 65 63 74 54 61 67 7c 3d 34 29 7d 6e 75 6c 6c 21 3d 3d 74 2e 72 65 66 26 26 28 74 2e 65 66 66 65 63 74 54 61 67 7c 3d 31 32 38 29 7d 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 63 61 73 65 20 36 3a 69 66 28 65 26 26 6e 75 6c 6c 21 3d 74 2e 73 74 61 74 65 4e 6f 64 65 29 71 61 28 30 2c 74 2c 65 2e 6d 65 6d 6f 69 7a 65 64 50 72 6f 70 73 2c 72 29 3b 65 6c 73 65 7b 69 66 28 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 72 26 26 6e 75 6c 6c 3d 3d 3d 74 2e 73 74 61 74 65 4e 6f 64 65 29 74 68 72 6f 77 20 45 72 72 6f 72 28 6c 28 31 36 36 29 29 3b 6e 3d 42 69 28 52 69 2e 63 75 72 72 65 6e 74 29 2c 42 69 28 44 69 2e 63 75 72
                      Data Ascii: =typeof c.onClick&&(e.onclick=fn)}xn(o,r)&&(t.effectTag|=4)}null!==t.ref&&(t.effectTag|=128)}return null;case 6:if(e&&null!=t.stateNode)qa(0,t,e.memoizedProps,r);else{if("string"!=typeof r&&null===t.stateNode)throw Error(l(166));n=Bi(Ri.current),Bi(Di.cur
                      2024-03-22 06:22:40 UTC16383INData Raw: 6c 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 6c 28 33 32 37 29 29 3b 69 66 28 4f 73 28 29 2c 65 3d 3d 3d 44 6c 26 26 74 3d 3d 3d 52 6c 7c 7c 66 73 28 65 2c 74 29 2c 6e 75 6c 6c 21 3d 3d 4e 6c 29 7b 76 61 72 20 6e 3d 4c 6c 3b 4c 6c 7c 3d 41 6c 3b 66 6f 72 28 76 61 72 20 72 3d 67 73 28 29 3b 3b 29 74 72 79 7b 62 73 28 29 3b 62 72 65 61 6b 7d 63 61 74 63 68 28 6f 29 7b 70 73 28 65 2c 6f 29 7d 69 66 28 61 69 28 29 2c 4c 6c 3d 6e 2c 43 6c 2e 63 75 72 72 65 6e 74 3d 72 2c 31 3d 3d 3d 42 6c 29 74 68 72 6f 77 20 6e 3d 46 6c 2c 66 73 28 65 2c 74 29 2c 56 73 28 65 2c 74 29 2c 6c 73 28 65 29 2c 6e 3b 69 66 28 6e 75 6c 6c 21 3d 3d 4e 6c 29 74 68 72 6f 77 20 45 72 72 6f 72 28 6c 28 32 36 31 29 29 3b 65 2e 66 69 6e 69 73 68 65 64 57 6f 72 6b 3d 65 2e 63 75 72 72 65 6e
                      Data Ascii: l))throw Error(l(327));if(Os(),e===Dl&&t===Rl||fs(e,t),null!==Nl){var n=Ll;Ll|=Al;for(var r=gs();;)try{bs();break}catch(o){ps(e,o)}if(ai(),Ll=n,Cl.current=r,1===Bl)throw n=Fl,fs(e,t),Vs(e,t),ls(e),n;if(null!==Nl)throw Error(l(261));e.finishedWork=e.curren
                      2024-03-22 06:22:40 UTC16383INData Raw: 43 68 69 6c 64 72 65 6e 3a 6e 75 6c 6c 2c 69 6d 70 6c 65 6d 65 6e 74 61 74 69 6f 6e 3a 65 2e 69 6d 70 6c 65 6d 65 6e 74 61 74 69 6f 6e 7d 2c 74 7d 66 75 6e 63 74 69 6f 6e 20 7a 73 28 65 2c 74 2c 6e 29 7b 74 68 69 73 2e 74 61 67 3d 74 2c 74 68 69 73 2e 63 75 72 72 65 6e 74 3d 6e 75 6c 6c 2c 74 68 69 73 2e 63 6f 6e 74 61 69 6e 65 72 49 6e 66 6f 3d 65 2c 74 68 69 73 2e 70 69 6e 67 43 61 63 68 65 3d 74 68 69 73 2e 70 65 6e 64 69 6e 67 43 68 69 6c 64 72 65 6e 3d 6e 75 6c 6c 2c 74 68 69 73 2e 66 69 6e 69 73 68 65 64 45 78 70 69 72 61 74 69 6f 6e 54 69 6d 65 3d 30 2c 74 68 69 73 2e 66 69 6e 69 73 68 65 64 57 6f 72 6b 3d 6e 75 6c 6c 2c 74 68 69 73 2e 74 69 6d 65 6f 75 74 48 61 6e 64 6c 65 3d 2d 31 2c 74 68 69 73 2e 70 65 6e 64 69 6e 67 43 6f 6e 74 65 78 74 3d 74
                      Data Ascii: Children:null,implementation:e.implementation},t}function zs(e,t,n){this.tag=t,this.current=null,this.containerInfo=e,this.pingCache=this.pendingChildren=null,this.finishedExpirationTime=0,this.finishedWork=null,this.timeoutHandle=-1,this.pendingContext=t
                      2024-03-22 06:22:40 UTC16383INData Raw: 7b 52 65 61 63 74 43 75 72 72 65 6e 74 44 69 73 70 61 74 63 68 65 72 3a 4d 2c 52 65 61 63 74 43 75 72 72 65 6e 74 42 61 74 63 68 43 6f 6e 66 69 67 3a 7b 73 75 73 70 65 6e 73 65 3a 6e 75 6c 6c 7d 2c 52 65 61 63 74 43 75 72 72 65 6e 74 4f 77 6e 65 72 3a 4f 2c 49 73 53 6f 6d 65 52 65 6e 64 65 72 65 72 41 63 74 69 6e 67 3a 7b 63 75 72 72 65 6e 74 3a 21 31 7d 2c 61 73 73 69 67 6e 3a 6f 7d 3b 74 2e 43 68 69 6c 64 72 65 6e 3d 7b 6d 61 70 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 69 66 28 6e 75 6c 6c 3d 3d 65 29 72 65 74 75 72 6e 20 65 3b 76 61 72 20 72 3d 5b 5d 3b 72 65 74 75 72 6e 20 55 28 65 2c 72 2c 6e 75 6c 6c 2c 74 2c 6e 29 2c 72 7d 2c 66 6f 72 45 61 63 68 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 69 66 28 6e 75 6c 6c 3d 3d 65 29 72 65 74
                      Data Ascii: {ReactCurrentDispatcher:M,ReactCurrentBatchConfig:{suspense:null},ReactCurrentOwner:O,IsSomeRendererActing:{current:!1},assign:o};t.Children={map:function(e,t,n){if(null==e)return e;var r=[];return U(e,r,null,t,n),r},forEach:function(e,t,n){if(null==e)ret


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      3192.168.2.44974669.192.108.161443
                      TimestampBytes transferredDirectionData
                      2024-03-22 06:22:40 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                      Connection: Keep-Alive
                      Accept: */*
                      Accept-Encoding: identity
                      If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                      Range: bytes=0-2147483646
                      User-Agent: Microsoft BITS/7.8
                      Host: fs.microsoft.com
                      2024-03-22 06:22:40 UTC531INHTTP/1.1 200 OK
                      Content-Type: application/octet-stream
                      Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                      ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                      ApiVersion: Distribute 1.1
                      Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                      X-Azure-Ref: 0rcGnYgAAAAANOnx9vccHTr21ROgX9ESTU0pDRURHRTAzMDkAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
                      Cache-Control: public, max-age=133336
                      Date: Fri, 22 Mar 2024 06:22:40 GMT
                      Content-Length: 55
                      Connection: close
                      X-CID: 2
                      2024-03-22 06:22:40 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                      Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      4192.168.2.449749192.229.211.1994434520C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-03-22 06:22:41 UTC634OUTGET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1
                      Host: logincdn.msftauth.net
                      Connection: keep-alive
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      sec-ch-ua-mobile: ?0
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: image
                      Referer: https://login.live.com/
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-03-22 06:22:41 UTC737INHTTP/1.1 200 OK
                      Access-Control-Allow-Origin: *
                      Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                      Age: 1333297
                      Cache-Control: public, max-age=31536000
                      Content-MD5: nzaLxFgP7ZB3dfMcaybWzw==
                      Content-Type: image/svg+xml
                      Date: Fri, 22 Mar 2024 06:22:41 GMT
                      Etag: 0x8DB77257FFE6B4E
                      Last-Modified: Tue, 27 Jun 2023 15:45:14 GMT
                      Server: ECAcc (nya/7898)
                      Vary: Accept-Encoding
                      X-Cache: HIT
                      x-ms-blob-type: BlockBlob
                      x-ms-lease-status: unlocked
                      x-ms-request-id: 7e420b1b-e01e-0001-5601-707124000000
                      x-ms-version: 2009-09-19
                      Content-Length: 3651
                      Connection: close
                      2024-03-22 06:22:41 UTC3651INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 31 30 38 22 20 68 65 69 67 68 74 3d 22 32 34 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 30 38 20 32 34 22 3e 3c 74 69 74 6c 65 3e 61 73 73 65 74 73 3c 2f 74 69 74 6c 65 3e 3c 70 61 74 68 20 64 3d 22 4d 34 34 2e 38 33 36 2c 34 2e 36 56 31 38 2e 34 68 2d 32 2e 34 56 37 2e 35 38 33 48 34 32 2e 34 4c 33 38 2e 31 31 39 2c 31 38 2e 34 48 33 36 2e 35 33 31 4c 33 32 2e 31 34 32 2c 37 2e 35 38 33 68 2d 2e 30 32 39 56 31 38 2e 34 48 32 39 2e 39 56 34 2e 36 68 33 2e 34 33 36 4c 33 37 2e 33 2c 31 34 2e 38 33 68 2e 30 35 38 4c 34 31 2e 35 34 35 2c 34 2e 36 5a 6d 32 2c 31 2e 30 34 39 61 31 2e 32 36 38 2c 31 2e 32 36 38 2c 30
                      Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      5192.168.2.449747192.229.211.1994434520C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-03-22 06:22:41 UTC609OUTGET /shared/5/chunks/oneds-analytics-js_c53074e74ebeb8e140d6_en.js HTTP/1.1
                      Host: logincdn.msftauth.net
                      Connection: keep-alive
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      Origin: https://login.live.com
                      sec-ch-ua-mobile: ?0
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      Accept: */*
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: script
                      Referer: https://login.live.com/
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-03-22 06:22:41 UTC749INHTTP/1.1 200 OK
                      Access-Control-Allow-Origin: *
                      Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                      Age: 3226455
                      Cache-Control: public, max-age=31536000
                      Content-MD5: s98wrnDDS6yV/JFUTZIJvQ==
                      Content-Type: application/x-javascript
                      Date: Fri, 22 Mar 2024 06:22:41 GMT
                      Etag: 0x8DC2734BD782EB3
                      Last-Modified: Tue, 06 Feb 2024 16:57:45 GMT
                      Server: ECAcc (nya/7895)
                      Vary: Accept-Encoding
                      X-Cache: HIT
                      x-ms-blob-type: BlockBlob
                      x-ms-lease-status: unlocked
                      x-ms-request-id: 8884d87b-e01e-00d1-28c9-5e4542000000
                      x-ms-version: 2009-09-19
                      Content-Length: 90613
                      Connection: close
                      2024-03-22 06:22:41 UTC16383INData Raw: 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 6f 6e 65 64 73 2d 61 6e 61 6c 79 74 69 63 73 2d 6a 73 5f 63 35 33 30 37 34 65 37 34 65 62 65 62 38 65 31 34 30 64 36 5f 65 6e 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 22 75 73 65 20 73 74 72 69 63 74 22 3b 28 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 6d 73 69 64 65 6e 74 69 74 79 5f 73 69 73 75 5f 6d 73 61 3d 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 6d 73 69 64 65 6e 74 69 74 79 5f 73 69 73 75 5f 6d 73 61 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 32 35 31 5d 2c 7b 34 31 36 39 36 3a 66 75 6e 63 74 69 6f 6e 28 6e 2c 65 2c 74 29 7b 74 2e 72 28 65 29 2c 74 2e 64 28 65 2c 7b 41 70 70 49 6e 73 69 67 68 74 73
                      Data Ascii: /*! For license information please see oneds-analytics-js_c53074e74ebeb8e140d6_en.js.LICENSE.txt */"use strict";(self.webpackChunk_msidentity_sisu_msa=self.webpackChunk_msidentity_sisu_msa||[]).push([[251],{41696:function(n,e,t){t.r(e),t.d(e,{AppInsights
                      2024-03-22 06:22:41 UTC16383INData Raw: 4d 54 53 74 72 69 6e 67 22 2c 61 74 3d 22 74 6f 55 54 43 53 74 72 69 6e 67 22 2c 75 74 3d 22 65 78 70 69 72 65 73 22 2c 63 74 3d 6e 75 6c 6c 2c 73 74 3d 6e 75 6c 6c 2c 6c 74 3d 6e 75 6c 6c 2c 66 74 3d 44 65 28 29 2c 64 74 3d 7b 7d 2c 76 74 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 70 74 28 6e 2c 65 29 7b 76 61 72 20 74 3d 6d 74 2e 5f 63 6b 4d 67 72 7c 7c 76 74 2e 5f 63 6b 4d 67 72 3b 72 65 74 75 72 6e 20 74 7c 7c 28 74 3d 6d 74 2e 5f 63 6b 4d 67 72 3d 6d 74 28 6e 2c 65 29 2c 76 74 2e 5f 63 6b 4d 67 72 3d 74 29 2c 74 7d 66 75 6e 63 74 69 6f 6e 20 67 74 28 6e 29 7b 72 65 74 75 72 6e 21 6e 7c 7c 6e 2e 69 73 45 6e 61 62 6c 65 64 28 29 7d 66 75 6e 63 74 69 6f 6e 20 79 74 28 6e 2c 65 29 7b 72 65 74 75 72 6e 21 21 28 65 26 26 6e 26 26 42 6e 28 6e 2e 69 67 6e 6f 72
                      Data Ascii: MTString",at="toUTCString",ut="expires",ct=null,st=null,lt=null,ft=De(),dt={},vt={};function pt(n,e){var t=mt._ckMgr||vt._ckMgr;return t||(t=mt._ckMgr=mt(n,e),vt._ckMgr=t),t}function gt(n){return!n||n.isEnabled()}function yt(n,e){return!!(e&&n&&Bn(n.ignor
                      2024-03-22 06:22:41 UTC16383INData Raw: 74 75 72 6e 20 74 65 28 75 29 7d 28 6e 2c 65 2c 74 29 3b 69 7c 7c 28 69 3d 75 29 2c 61 26 26 61 2e 5f 73 65 74 4e 65 78 74 28 75 29 2c 61 3d 75 7d 7d 29 29 7d 72 65 74 75 72 6e 20 72 26 26 21 69 3f 6c 69 28 5b 72 5d 2c 65 2c 74 29 3a 69 7d 66 75 6e 63 74 69 6f 6e 20 66 69 28 29 7b 76 61 72 20 6e 3d 5b 5d 3b 72 65 74 75 72 6e 7b 61 64 64 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 26 26 6e 2e 70 75 73 68 28 65 29 7d 2c 72 75 6e 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 57 6e 28 6e 2c 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 74 72 79 7b 6e 28 65 2c 74 29 7d 63 61 74 63 68 28 72 29 7b 72 74 28 65 2e 64 69 61 67 4c 6f 67 28 29 2c 32 2c 37 33 2c 22 55 6e 65 78 70 65 63 74 65 64 20 65 72 72 6f 72 20 63 61 6c 6c 69 6e 67 20 75 6e 6c 6f 61 64 20 68 61 6e 64 6c 65
                      Data Ascii: turn te(u)}(n,e,t);i||(i=u),a&&a._setNext(u),a=u}}))}return r&&!i?li([r],e,t):i}function fi(){var n=[];return{add:function(e){e&&n.push(e)},run:function(e,t){Wn(n,(function(n){try{n(e,t)}catch(r){rt(e.diagLog(),2,73,"Unexpected error calling unload handle
                      2024-03-22 06:22:41 UTC16383INData Raw: 74 5b 32 5d 3d 72 2e 72 6f 6c 65 56 65 72 2c 74 29 2c 64 29 7d 2c 6e 2e 61 70 70 6c 79 41 49 54 72 61 63 65 43 6f 6e 74 65 78 74 3d 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 76 61 72 20 65 3b 69 66 28 74 2e 65 6e 61 62 6c 65 41 70 70 6c 69 63 61 74 69 6f 6e 49 6e 73 69 67 68 74 73 54 72 61 63 65 29 7b 76 61 72 20 72 3d 70 28 29 3b 72 26 26 54 6f 28 32 2c 6e 2c 44 69 2c 28 28 65 3d 7b 7d 29 5b 30 5d 3d 72 2e 67 65 74 54 72 61 63 65 49 64 28 29 2c 65 5b 31 5d 3d 72 2e 67 65 74 4e 61 6d 65 28 29 2c 65 5b 32 5d 3d 72 2e 67 65 74 53 70 61 6e 49 64 28 29 2c 65 29 2c 21 31 29 7d 7d 2c 6e 2e 61 70 70 6c 79 44 69 73 74 72 69 62 75 74 65 64 54 72 61 63 65 43 6f 6e 74 65 78 74 3d 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 76 61 72 20 65 2c 74 3d 70 28 29 3b 69 66 28 74 29 7b 76
                      Data Ascii: t[2]=r.roleVer,t),d)},n.applyAITraceContext=function(n){var e;if(t.enableApplicationInsightsTrace){var r=p();r&&To(2,n,Di,((e={})[0]=r.getTraceId(),e[1]=r.getName(),e[2]=r.getSpanId(),e),!1)}},n.applyDistributedTraceContext=function(n){var e,t=p();if(t){v
                      2024-03-22 06:22:41 UTC16383INData Raw: 2c 73 69 7a 65 45 78 63 65 65 64 3a 5b 5d 2c 66 61 69 6c 65 64 45 76 74 73 3a 5b 5d 2c 62 61 74 63 68 65 73 3a 5b 5d 2c 6e 75 6d 45 76 65 6e 74 73 3a 30 2c 72 65 74 72 79 43 6e 74 3a 6e 2c 69 73 54 65 61 72 64 6f 77 6e 3a 65 2c 69 73 53 79 6e 63 3a 74 2c 69 73 42 65 61 63 6f 6e 3a 72 2c 73 65 6e 64 54 79 70 65 3a 6f 2c 73 65 6e 64 52 65 61 73 6f 6e 3a 69 7d 7d 2c 6e 2e 61 70 70 65 6e 64 50 61 79 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 72 2c 69 29 7b 76 61 72 20 6f 3d 74 26 26 72 26 26 21 74 2e 6f 76 65 72 66 6c 6f 77 3b 72 65 74 75 72 6e 20 6f 26 26 47 72 28 65 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 22 53 65 72 69 61 6c 69 7a 65 72 3a 61 70 70 65 6e 64 50 61 79 6c 6f 61 64 22 7d 29 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72
                      Data Ascii: ,sizeExceed:[],failedEvts:[],batches:[],numEvents:0,retryCnt:n,isTeardown:e,isSync:t,isBeacon:r,sendType:o,sendReason:i}},n.appendPayload=function(t,r,i){var o=t&&r&&!t.overflow;return o&&Gr(e,(function(){return"Serializer:appendPayload"}),(function(){for
                      2024-03-22 06:22:41 UTC8698INData Raw: 6f 6e 20 58 28 29 7b 28 62 3d 7b 7d 29 5b 6a 6f 5d 3d 5b 32 2c 31 2c 30 5d 2c 62 5b 57 6f 5d 3d 5b 36 2c 33 2c 30 5d 2c 62 5b 56 6f 5d 3d 5b 31 38 2c 39 2c 30 5d 7d 66 75 6e 63 74 69 6f 6e 20 47 28 65 2c 74 29 7b 76 61 72 20 72 3d 5b 5d 2c 69 3d 6b 3b 50 26 26 28 69 3d 4e 29 2c 57 6e 28 65 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 26 26 65 2e 63 6f 75 6e 74 28 29 3e 30 26 26 57 6e 28 65 2e 65 76 65 6e 74 73 28 29 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 26 26 28 65 2e 73 79 6e 63 26 26 28 65 2e 6c 61 74 65 6e 63 79 3d 34 2c 65 2e 73 79 6e 63 3d 21 31 29 2c 65 2e 73 65 6e 64 41 74 74 65 6d 70 74 3c 69 3f 28 7a 72 28 65 2c 6e 2e 69 64 65 6e 74 69 66 69 65 72 29 2c 41 28 65 2c 21 31 29 29 3a 72 2e 70 75 73 68 28 65 29 29 7d 29 29 7d 29 29 2c 72 2e 6c
                      Data Ascii: on X(){(b={})[jo]=[2,1,0],b[Wo]=[6,3,0],b[Vo]=[18,9,0]}function G(e,t){var r=[],i=k;P&&(i=N),Wn(e,(function(e){e&&e.count()>0&&Wn(e.events(),(function(e){e&&(e.sync&&(e.latency=4,e.sync=!1),e.sendAttempt<i?(zr(e,n.identifier),A(e,!1)):r.push(e))}))})),r.l


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      6192.168.2.449748192.229.211.1994434520C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-03-22 06:22:41 UTC621OUTGET /shared/5/images/2_bc3d32a696895f78c19d.svg HTTP/1.1
                      Host: logincdn.msftauth.net
                      Connection: keep-alive
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      sec-ch-ua-mobile: ?0
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: image
                      Referer: https://login.live.com/
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-03-22 06:22:41 UTC738INHTTP/1.1 200 OK
                      Access-Control-Allow-Origin: *
                      Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                      Age: 22067430
                      Cache-Control: public, max-age=31536000
                      Content-MD5: DhdidjYrlCeaRJJRG/y9mA==
                      Content-Type: image/svg+xml
                      Date: Fri, 22 Mar 2024 06:22:41 GMT
                      Etag: 0x8DB77257C91B168
                      Last-Modified: Tue, 27 Jun 2023 15:45:09 GMT
                      Server: ECAcc (nya/788A)
                      Vary: Accept-Encoding
                      X-Cache: HIT
                      x-ms-blob-type: BlockBlob
                      x-ms-lease-status: unlocked
                      x-ms-request-id: fc2cc48a-201e-005c-136d-b3518c000000
                      x-ms-version: 2009-09-19
                      Content-Length: 1864
                      Connection: close
                      2024-03-22 06:22:41 UTC1864INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 31 39 32 30 22 20 68 65 69 67 68 74 3d 22 31 30 38 30 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 3e 3c 67 20 6f 70 61 63 69 74 79 3d 22 2e 32 22 20 63 6c 69 70 2d 70 61 74 68 3d 22 75 72 6c 28 23 45 29 22 3e 3c 70 61 74 68 20 64 3d 22 4d 31 34 36 36 2e 34 20 31 37 39 35 2e 32 63 39 35 30 2e 33 37 20 30 20 31 37 32 30 2e 38 2d 36 32 37 2e 35 32 20 31 37 32 30 2e 38 2d 31 34 30 31 2e 36 53 32 34 31 36 2e 37 37 2d 31 30 30 38 20 31 34 36 36 2e 34 2d 31 30 30 38 2d 32 35 34 2e 34 2d 33 38 30 2e 34 38 32 2d 32 35 34 2e 34 20 33 39 33 2e 36 73 37 37 30 2e 34 32 38 20 31 34 30 31 2e 36 20 31 37 32 30 2e 38 20 31 34 30 31 2e 36
                      Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      7192.168.2.449750192.229.211.1994434520C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-03-22 06:22:41 UTC634OUTGET /shared/5/images/signin_options_4e48046ce74f4b89d450.svg HTTP/1.1
                      Host: logincdn.msftauth.net
                      Connection: keep-alive
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      sec-ch-ua-mobile: ?0
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: image
                      Referer: https://login.live.com/
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-03-22 06:22:42 UTC738INHTTP/1.1 200 OK
                      Access-Control-Allow-Origin: *
                      Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                      Age: 21226808
                      Cache-Control: public, max-age=31536000
                      Content-MD5: R2FAVxfpONfnQAuxVxXbHg==
                      Content-Type: image/svg+xml
                      Date: Fri, 22 Mar 2024 06:22:42 GMT
                      Etag: 0x8DB772582D4527C
                      Last-Modified: Tue, 27 Jun 2023 15:45:19 GMT
                      Server: ECAcc (nya/78AF)
                      Vary: Accept-Encoding
                      X-Cache: HIT
                      x-ms-blob-type: BlockBlob
                      x-ms-lease-status: unlocked
                      x-ms-request-id: bfbf4f2d-801e-006a-5f12-bb7634000000
                      x-ms-version: 2009-09-19
                      Content-Length: 1592
                      Connection: close
                      2024-03-22 06:22:42 UTC1592INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 34 38 22 20 68 65 69 67 68 74 3d 22 34 38 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 34 38 20 34 38 22 3e 3c 64 65 66 73 3e 3c 73 74 79 6c 65 3e 2e 61 7b 66 69 6c 6c 3a 6e 6f 6e 65 3b 7d 2e 62 7b 66 69 6c 6c 3a 23 34 30 34 30 34 30 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 64 65 66 73 3e 3c 72 65 63 74 20 63 6c 61 73 73 3d 22 61 22 20 77 69 64 74 68 3d 22 34 38 22 20 68 65 69 67 68 74 3d 22 34 38 22 2f 3e 3c 70 61 74 68 20 63 6c 61 73 73 3d 22 62 22 20 64 3d 22 4d 34 30 2c 33 32 2e 35 37 38 56 34 30 48 33 32 56 33 36 48 32 38 56 33 32 48 32 34 56 32 38 2e 37 36 36 41 31 30 2e 36 38 39 2c 31 30 2e 36 38 39 2c 30 2c 30 2c
                      Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><defs><style>.a{fill:none;}.b{fill:#404040;}</style></defs><rect class="a" width="48" height="48"/><path class="b" d="M40,32.578V40H32V36H28V32H24V28.766A10.689,10.689,0,0,


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      8192.168.2.449753192.229.211.1994434520C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-03-22 06:22:42 UTC400OUTGET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1
                      Host: logincdn.msftauth.net
                      Connection: keep-alive
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Accept: */*
                      Sec-Fetch-Site: none
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: empty
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-03-22 06:22:42 UTC737INHTTP/1.1 200 OK
                      Access-Control-Allow-Origin: *
                      Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                      Age: 1333298
                      Cache-Control: public, max-age=31536000
                      Content-MD5: nzaLxFgP7ZB3dfMcaybWzw==
                      Content-Type: image/svg+xml
                      Date: Fri, 22 Mar 2024 06:22:42 GMT
                      Etag: 0x8DB77257FFE6B4E
                      Last-Modified: Tue, 27 Jun 2023 15:45:14 GMT
                      Server: ECAcc (nya/7898)
                      Vary: Accept-Encoding
                      X-Cache: HIT
                      x-ms-blob-type: BlockBlob
                      x-ms-lease-status: unlocked
                      x-ms-request-id: 7e420b1b-e01e-0001-5601-707124000000
                      x-ms-version: 2009-09-19
                      Content-Length: 3651
                      Connection: close
                      2024-03-22 06:22:42 UTC3651INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 31 30 38 22 20 68 65 69 67 68 74 3d 22 32 34 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 30 38 20 32 34 22 3e 3c 74 69 74 6c 65 3e 61 73 73 65 74 73 3c 2f 74 69 74 6c 65 3e 3c 70 61 74 68 20 64 3d 22 4d 34 34 2e 38 33 36 2c 34 2e 36 56 31 38 2e 34 68 2d 32 2e 34 56 37 2e 35 38 33 48 34 32 2e 34 4c 33 38 2e 31 31 39 2c 31 38 2e 34 48 33 36 2e 35 33 31 4c 33 32 2e 31 34 32 2c 37 2e 35 38 33 68 2d 2e 30 32 39 56 31 38 2e 34 48 32 39 2e 39 56 34 2e 36 68 33 2e 34 33 36 4c 33 37 2e 33 2c 31 34 2e 38 33 68 2e 30 35 38 4c 34 31 2e 35 34 35 2c 34 2e 36 5a 6d 32 2c 31 2e 30 34 39 61 31 2e 32 36 38 2c 31 2e 32 36 38 2c 30
                      Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      9192.168.2.449752192.229.211.1994434520C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-03-22 06:22:42 UTC387OUTGET /shared/5/images/2_bc3d32a696895f78c19d.svg HTTP/1.1
                      Host: logincdn.msftauth.net
                      Connection: keep-alive
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Accept: */*
                      Sec-Fetch-Site: none
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: empty
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-03-22 06:22:42 UTC738INHTTP/1.1 200 OK
                      Access-Control-Allow-Origin: *
                      Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                      Age: 22067431
                      Cache-Control: public, max-age=31536000
                      Content-MD5: DhdidjYrlCeaRJJRG/y9mA==
                      Content-Type: image/svg+xml
                      Date: Fri, 22 Mar 2024 06:22:42 GMT
                      Etag: 0x8DB77257C91B168
                      Last-Modified: Tue, 27 Jun 2023 15:45:09 GMT
                      Server: ECAcc (nya/788A)
                      Vary: Accept-Encoding
                      X-Cache: HIT
                      x-ms-blob-type: BlockBlob
                      x-ms-lease-status: unlocked
                      x-ms-request-id: fc2cc48a-201e-005c-136d-b3518c000000
                      x-ms-version: 2009-09-19
                      Content-Length: 1864
                      Connection: close
                      2024-03-22 06:22:42 UTC1864INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 31 39 32 30 22 20 68 65 69 67 68 74 3d 22 31 30 38 30 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 3e 3c 67 20 6f 70 61 63 69 74 79 3d 22 2e 32 22 20 63 6c 69 70 2d 70 61 74 68 3d 22 75 72 6c 28 23 45 29 22 3e 3c 70 61 74 68 20 64 3d 22 4d 31 34 36 36 2e 34 20 31 37 39 35 2e 32 63 39 35 30 2e 33 37 20 30 20 31 37 32 30 2e 38 2d 36 32 37 2e 35 32 20 31 37 32 30 2e 38 2d 31 34 30 31 2e 36 53 32 34 31 36 2e 37 37 2d 31 30 30 38 20 31 34 36 36 2e 34 2d 31 30 30 38 2d 32 35 34 2e 34 2d 33 38 30 2e 34 38 32 2d 32 35 34 2e 34 20 33 39 33 2e 36 73 37 37 30 2e 34 32 38 20 31 34 30 31 2e 36 20 31 37 32 30 2e 38 20 31 34 30 31 2e 36
                      Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      10192.168.2.449754192.229.211.1994434520C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-03-22 06:22:42 UTC612OUTGET /16.000.30141.5/images/favicon.ico HTTP/1.1
                      Host: logincdn.msftauth.net
                      Connection: keep-alive
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      sec-ch-ua-mobile: ?0
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: image
                      Referer: https://login.live.com/
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-03-22 06:22:42 UTC718INHTTP/1.1 200 OK
                      Accept-Ranges: bytes
                      Access-Control-Allow-Origin: *
                      Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                      Age: 618512
                      Cache-Control: public, max-age=31536000
                      Content-MD5: EuPayFgGHQiAI7K9SOL6lg==
                      Content-Type: image/x-icon
                      Date: Fri, 22 Mar 2024 06:22:42 GMT
                      Etag: 0x8DC44841B13711F
                      Last-Modified: Fri, 15 Mar 2024 00:08:56 GMT
                      Server: ECAcc (nya/7990)
                      X-Cache: HIT
                      x-ms-blob-type: BlockBlob
                      x-ms-lease-status: unlocked
                      x-ms-request-id: e9fe0f5f-b01e-0088-0f81-765562000000
                      x-ms-version: 2009-09-19
                      Content-Length: 17174
                      Connection: close
                      2024-03-22 06:22:42 UTC16383INData Raw: 00 00 01 00 06 00 80 80 10 00 00 00 00 00 68 28 00 00 66 00 00 00 48 48 10 00 00 00 00 00 e8 0d 00 00 ce 28 00 00 30 30 10 00 00 00 00 00 68 06 00 00 b6 36 00 00 20 20 10 00 00 00 00 00 e8 02 00 00 1e 3d 00 00 18 18 10 00 00 00 00 00 e8 01 00 00 06 40 00 00 10 10 10 00 00 00 00 00 28 01 00 00 ee 41 00 00 28 00 00 00 80 00 00 00 00 01 00 00 01 00 04 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 ba 7f 00 22 50 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 20 00 00 03 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33
                      Data Ascii: h(fHH(00h6 =@(A(("P"""""""""""""""""""""""""""""" 333333333333333
                      2024-03-22 06:22:42 UTC791INData Raw: 01 80 00 00 01 80 00 28 00 00 00 18 00 00 00 30 00 00 00 01 00 04 00 00 00 00 00 80 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 ba 7f 00 22 50 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30
                      Data Ascii: (0"P""""" 333330""""" 333330""""" 333330""""" 333330""""" 333330""""" 333330""""" 333330""""" 333330""""" 333330""""" 333330""""" 333330


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      11192.168.2.449755192.229.211.1994434520C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-03-22 06:22:42 UTC400OUTGET /shared/5/images/signin_options_4e48046ce74f4b89d450.svg HTTP/1.1
                      Host: logincdn.msftauth.net
                      Connection: keep-alive
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Accept: */*
                      Sec-Fetch-Site: none
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: empty
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-03-22 06:22:42 UTC738INHTTP/1.1 200 OK
                      Access-Control-Allow-Origin: *
                      Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                      Age: 21226808
                      Cache-Control: public, max-age=31536000
                      Content-MD5: R2FAVxfpONfnQAuxVxXbHg==
                      Content-Type: image/svg+xml
                      Date: Fri, 22 Mar 2024 06:22:42 GMT
                      Etag: 0x8DB772582D4527C
                      Last-Modified: Tue, 27 Jun 2023 15:45:19 GMT
                      Server: ECAcc (nya/78AF)
                      Vary: Accept-Encoding
                      X-Cache: HIT
                      x-ms-blob-type: BlockBlob
                      x-ms-lease-status: unlocked
                      x-ms-request-id: bfbf4f2d-801e-006a-5f12-bb7634000000
                      x-ms-version: 2009-09-19
                      Content-Length: 1592
                      Connection: close
                      2024-03-22 06:22:42 UTC1592INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 34 38 22 20 68 65 69 67 68 74 3d 22 34 38 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 34 38 20 34 38 22 3e 3c 64 65 66 73 3e 3c 73 74 79 6c 65 3e 2e 61 7b 66 69 6c 6c 3a 6e 6f 6e 65 3b 7d 2e 62 7b 66 69 6c 6c 3a 23 34 30 34 30 34 30 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 64 65 66 73 3e 3c 72 65 63 74 20 63 6c 61 73 73 3d 22 61 22 20 77 69 64 74 68 3d 22 34 38 22 20 68 65 69 67 68 74 3d 22 34 38 22 2f 3e 3c 70 61 74 68 20 63 6c 61 73 73 3d 22 62 22 20 64 3d 22 4d 34 30 2c 33 32 2e 35 37 38 56 34 30 48 33 32 56 33 36 48 32 38 56 33 32 48 32 34 56 32 38 2e 37 36 36 41 31 30 2e 36 38 39 2c 31 30 2e 36 38 39 2c 30 2c 30 2c
                      Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><defs><style>.a{fill:none;}.b{fill:#404040;}</style></defs><rect class="a" width="48" height="48"/><path class="b" d="M40,32.578V40H32V36H28V32H24V28.766A10.689,10.689,0,0,


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      12192.168.2.449756192.229.211.1994434520C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-03-22 06:22:43 UTC378OUTGET /16.000.30141.5/images/favicon.ico HTTP/1.1
                      Host: logincdn.msftauth.net
                      Connection: keep-alive
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      Accept: */*
                      Sec-Fetch-Site: none
                      Sec-Fetch-Mode: cors
                      Sec-Fetch-Dest: empty
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-03-22 06:22:43 UTC718INHTTP/1.1 200 OK
                      Accept-Ranges: bytes
                      Access-Control-Allow-Origin: *
                      Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                      Age: 618513
                      Cache-Control: public, max-age=31536000
                      Content-MD5: EuPayFgGHQiAI7K9SOL6lg==
                      Content-Type: image/x-icon
                      Date: Fri, 22 Mar 2024 06:22:43 GMT
                      Etag: 0x8DC44841B13711F
                      Last-Modified: Fri, 15 Mar 2024 00:08:56 GMT
                      Server: ECAcc (nya/7990)
                      X-Cache: HIT
                      x-ms-blob-type: BlockBlob
                      x-ms-lease-status: unlocked
                      x-ms-request-id: e9fe0f5f-b01e-0088-0f81-765562000000
                      x-ms-version: 2009-09-19
                      Content-Length: 17174
                      Connection: close
                      2024-03-22 06:22:43 UTC16383INData Raw: 00 00 01 00 06 00 80 80 10 00 00 00 00 00 68 28 00 00 66 00 00 00 48 48 10 00 00 00 00 00 e8 0d 00 00 ce 28 00 00 30 30 10 00 00 00 00 00 68 06 00 00 b6 36 00 00 20 20 10 00 00 00 00 00 e8 02 00 00 1e 3d 00 00 18 18 10 00 00 00 00 00 e8 01 00 00 06 40 00 00 10 10 10 00 00 00 00 00 28 01 00 00 ee 41 00 00 28 00 00 00 80 00 00 00 00 01 00 00 01 00 04 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 ba 7f 00 22 50 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 20 00 00 03 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33
                      Data Ascii: h(fHH(00h6 =@(A(("P"""""""""""""""""""""""""""""" 333333333333333
                      2024-03-22 06:22:43 UTC791INData Raw: 01 80 00 00 01 80 00 28 00 00 00 18 00 00 00 30 00 00 00 01 00 04 00 00 00 00 00 80 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 ba 7f 00 22 50 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30 22 22 22 22 22 20 33 33 33 33 33 30
                      Data Ascii: (0"P""""" 333330""""" 333330""""" 333330""""" 333330""""" 333330""""" 333330""""" 333330""""" 333330""""" 333330""""" 333330""""" 333330


                      Statistics

                      CPU Usage

                      020406080s020406080100

                      Click to jump to process

                      Memory Usage

                      020406080s0.0050100MB

                      Click to jump to process

                      Behavior

                      Click to jump to process

                      System Behavior

                      General

                      Target ID:0
                      Start time:03:22:30
                      Start date:22/03/2024
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                      Imagebase:0x7ff76e190000
                      File size:3'242'272 bytes
                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:false
                      Show Windows behavior

                      File Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      Process Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      Memory Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      Process Token Activities


                      General

                      Target ID:2
                      Start time:03:22:32
                      Start date:22/03/2024
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1984,i,11009249731134780383,10756960108393307057,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                      Imagebase:0x7ff76e190000
                      File size:3'242'272 bytes
                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:false
                      Show Windows behavior

                      File Activities

                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      Memory Activities


                      General

                      Target ID:3
                      Start time:03:22:34
                      Start date:22/03/2024
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://t.infomail.microsoft.com/r/?id=h56495708,550d4cc3,550efed9&e=b2NpZD0&s=NPL3wY6rhZZOI7vpy7HRRpRseMLYTNK_pRqROD10Y9w"
                      Imagebase:0x7ff76e190000
                      File size:3'242'272 bytes
                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:true
                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                      Show Windows behavior

                      Memory Activities


                      Disassembly

                      No disassembly