Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g

Overview

General Information

Sample URL:	http://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g
Analysis ID:	1466467
Infos:

Detection

HTMLPhisher

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish10

HTML body contains low number of good links

HTML title does not match URL

Submit button contains javascript call

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 3804 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 6016 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=2004,i,11345286447279090360,7519142752581784919,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 3040 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

Dropped Files

Source	Rule	Description	Author	Strings
dropped/chromecache_63	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

HTML

Source	Rule	Description	Author	Strings
0.0.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_63, type: DROPPED

Source: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g

HTTP Parser: Number of links: 0

Source: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g

HTTP Parser: Title: Sharing Link Validation does not match URL

Source: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g

HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true))

Source: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g

HTTP Parser: No <meta name="author".. found

Source: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.7:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.7:49728 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 40.119.148.38
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=uGOwVaDVQSQCpBdkqNc5yxvm33jVELtRB5xpLAgch1-8aQY5YKzdAoshrB0ev09NV2_tUKZlrSOnvNLyRrJpP1MXJLubWixpFoyHT_59rc81&t=638509456120891867 HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7gAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=fz5b1NoOmf7XpLYfpTtd_ByoO6mCDajdygxqvwvlKPX_c2MLKN2zYNpRuVXw_sjj6mhIP1WreUiw9JFK6l4KlEFAy0WTw8Ah70RyGo2fFja05yf6L2IcMFjjohlUQOxpjzDft1zzk2yft58am4GMn4nI-Qsk4fUlW5TZfGWm_vg1&t=ffffffffa8ad04d3 HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7gAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=BPZZHAzyiNzOHF1qjpHwK2Iiip7ofKYDBinOf_3u64bxXfveZFChng8J6xm7E6G_NvDbY50Zc1CRv4_5WtD44aaLkCGiLE8dRk_RjlGSaXGP_XmyQ-XsxDsM15-yMp12VEq5pkLT7xq7ssFCpIVf3erlDm1aAay2ADnDVk01TwDgXUHVPZaNK6GUm2Onifr90&t=74258c30 HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7gAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=tM6FjENUq-AqRTrG-nKjsZBvBEL_WoCNVelbcqc-AiTFC5Zr5nKgI3s8s43QwNGHROgPUGDOMk8QarIRpFk51lj7vqW3Kny7uBviSE3Oxm-jOwp-V8yjBgIlfsWxiLilJfh7gZ_QADAxWhj82eyEXJBd0dnpYVXt_pPpciWccOwqXR_NN_UkaE-brJpn4gpT0&t=74258c30 HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7gAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/microsoft-logo.png HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7gAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/microsoft-logo.png HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7gAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: bombeirosamora-my.sharepoint.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: m365cdn.nel.measure.office.net

Source: chromecache_60.5.dr	String found in binary or memory: http://github.com/jrburke/requirejs
Source: chromecache_63.5.dr	String found in binary or memory: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/images
Source: chromecache_65.5.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: chromecache_63.5.dr	String found in binary or memory: https://res-1.cdn.office.net
Source: chromecache_63.5.dr	String found in binary or memory: https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12008/require.js
Source: chromecache_63.5.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/
Source: chromecache_63.5.dr	String found in binary or memory: https://res-2.cdn.office.net/files/odsp-web-prod_2024-06-14.009/
Source: chromecache_63.5.dr	String found in binary or memory: https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.7:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.7:49728 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@17/22@10/5

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=2004,i,11345286447279090360,7519142752581784919,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=2004,i,11345286447279090360,7519142752581784919,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	1 Scripting	Valid Accounts	Windows Management Instrumentation	1 Scripting	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://reactjs.org/docs/error-decoder.html?invariant=	0%	URL Reputation	safe
https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=tM6FjENUq-AqRTrG-nKjsZBvBEL_WoCNVelbcqc-AiTFC5Zr5nKgI3s8s43QwNGHROgPUGDOMk8QarIRpFk51lj7vqW3Kny7uBviSE3Oxm-jOwp-V8yjBgIlfsWxiLilJfh7gZ_QADAxWhj82eyEXJBd0dnpYVXt_pPpciWccOwqXR_NN_UkaE-brJpn4gpT0&t=74258c30	0%	Avira URL Cloud	safe
https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/images	0%	Avira URL Cloud	safe
http://github.com/jrburke/requirejs	0%	Avira URL Cloud	safe
https://bombeirosamora-my.sharepoint.com/_layouts/15/images/microsoft-logo.png	0%	Avira URL Cloud	safe
https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js	0%	Avira URL Cloud	safe
https://bombeirosamora-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47	0%	Avira URL Cloud	safe
https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=BPZZHAzyiNzOHF1qjpHwK2Iiip7ofKYDBinOf_3u64bxXfveZFChng8J6xm7E6G_NvDbY50Zc1CRv4_5WtD44aaLkCGiLE8dRk_RjlGSaXGP_XmyQ-XsxDsM15-yMp12VEq5pkLT7xq7ssFCpIVf3erlDm1aAay2ADnDVk01TwDgXUHVPZaNK6GUm2Onifr90&t=74258c30	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
bg.microsoft.map.fastly.net	199.232.214.172	true	false		unknown
dual-spo-0005.spo-msedge.net	13.107.136.10	true	false		unknown
www.google.com	142.250.186.68	true	false		unknown
windowsupdatebg.s.llnwi.net	87.248.205.0	true	false		unknown
bombeirosamora-my.sharepoint.com	unknown	unknown	false		unknown
m365cdn.nel.measure.office.net	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g	false		unknown
https://bombeirosamora-my.sharepoint.com/_layouts/15/images/microsoft-logo.png	false	Avira URL Cloud: safe	unknown
https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=BPZZHAzyiNzOHF1qjpHwK2Iiip7ofKYDBinOf_3u64bxXfveZFChng8J6xm7E6G_NvDbY50Zc1CRv4_5WtD44aaLkCGiLE8dRk_RjlGSaXGP_XmyQ-XsxDsM15-yMp12VEq5pkLT7xq7ssFCpIVf3erlDm1aAay2ADnDVk01TwDgXUHVPZaNK6GUm2Onifr90&t=74258c30	false	Avira URL Cloud: safe	unknown
https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=tM6FjENUq-AqRTrG-nKjsZBvBEL_WoCNVelbcqc-AiTFC5Zr5nKgI3s8s43QwNGHROgPUGDOMk8QarIRpFk51lj7vqW3Kny7uBviSE3Oxm-jOwp-V8yjBgIlfsWxiLilJfh7gZ_QADAxWhj82eyEXJBd0dnpYVXt_pPpciWccOwqXR_NN_UkaE-brJpn4gpT0&t=74258c30	false	Avira URL Cloud: safe	unknown
https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g	false		unknown
https://bombeirosamora-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://github.com/jrburke/requirejs	chromecache_60.5.dr	false	Avira URL Cloud: safe	unknown
https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/images	chromecache_63.5.dr	false	Avira URL Cloud: safe	unknown
https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js	chromecache_63.5.dr	false	Avira URL Cloud: safe	unknown
https://reactjs.org/docs/error-decoder.html?invariant=	chromecache_65.5.dr	false	URL Reputation: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
142.250.186.68	www.google.com	United States		15169	GOOGLEUS	false
13.107.136.10	dual-spo-0005.spo-msedge.net	United States		8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false

Private

IP
192.168.2.7
192.168.2.12

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1466467
Start date and time:	2024-07-03 00:17:42 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 22s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	17
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.phis.win@17/22@10/5
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, SgrmBroker.exe, MoUsoCoreWorker.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 216.58.212.131, 142.250.185.174, 64.233.184.84, 34.104.35.123, 2.23.209.42, 2.23.209.37, 142.250.186.106, 142.250.185.74, 142.250.186.170, 216.58.212.170, 172.217.16.138, 142.250.186.42, 216.58.212.138, 216.58.206.74, 172.217.18.10, 172.217.16.202, 142.250.184.234, 142.250.185.106, 142.250.184.202, 142.250.186.138, 142.250.181.234, 172.217.23.106, 2.16.238.149, 2.16.238.152, 52.165.165.26, 87.248.205.0, 20.242.39.171, 173.222.108.226, 173.222.108.210, 13.85.23.206, 142.250.185.227
Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, e40491.dscd.akamaiedge.net, clientservices.googleapis.com, res-1.cdn.office.net, time.windows.com, a767.dspw65.akamai.net, a1894.dscb.akamai.net, clients2.google.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, wu-b-net.trafficmanager.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, download.windowsupdate.com.edgesuite.net, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net, 189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input

Output

URL: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g Model: Perplexity: mixtral-8x7b-instruct

{"loginform": true,"urgency": true,

Title: Sharing Link Validation OCR: OneDrive Microsoft Verify Your Identity You've received a secure link to: Urgent Request To open this secure link. we'll need you to enter the email that this item was shared to. O Enter email Next ay clicking Next you allow Associago HumanitSria 30mbeiros Mistos Amora to use your email address in accordance with their privacy statement. Associa$o HumanitSria Bombeiros Mistas de Amora has not prNided links to their terms for you to review. 2017 Microsoft Privacy & Cookies

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 56

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	3331
Entropy (8bit):	7.927896166439245
Encrypted:	false
SSDEEP:	96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq
MD5:	EF884BDEDEF280DF97A4C5604058D8DB
SHA1:	6F04244B51AD2409659E267D308B97E09CE9062B
SHA-256:	825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB
SHA-512:	A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......0............sRGB.........IDATx..=w....G.z..L.4fN.k\dS..._`..........r...~.F..e._.RZ.0.K.\..CB...1.{qq/..^\|.G..o.......?....Or.......y~....]..V.a.mM...M.\kH..@B`s.$"n...)!.@"b#4. !.9...7.u...hD ....T.........:EJ.4"..X........<\|.pgkk+....>~.....pju1i"b.J.&!.!...=T....k..D7.....O.<.?}......./..(.`0..!.C..'.?..e..~.....l6...._.x1rmR...$\|E...l.WKDH...f..... ...Y.0R....>...{...-..o........,...E../......_....eM.Q....@Q...w sp5.9..l.W)...Pq... .]..B..).../M.G.g....].V...5$<......Eb.9.....>LYAk.Z.k..b..]N%>}4a....4!S...t..d..<.8AH+.../r...._...!qt.:q..fR.:..KW.._...T...5..>.0!.hq.rbND\...XR.,2.uX..Q.b...wQ......g..X...F...~.....ikZE...UA....V.I!..]..Mm..R.....~k.VC.n..V.B#W...\..yI.3.....2........6c....2J....,g..5O1.s.4V2.....f..K..Obf\....;.w...\|.F>F>6_z..P.dU<.wVV......?.q.?&........O.>....l.S.upp....59.C_.......fJ.M.={v,......]Y_....n.?UF....v<.$..AD...p.....:$r =p...C.k.3....n.v..~.TGd!...l.W...s..

Chrome Cache Entry: 57

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Category:	downloaded
Size (bytes):	7886
Entropy (8bit):	3.9482833105763633
Encrypted:	false
SSDEEP:	48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E
MD5:	0B60F3C9E4DA6E807E808DA7360F24F2
SHA1:	9AFC7ABB910DE855EFB426206E547574A1E074B7
SHA-256:	ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
SHA-512:	1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
Malicious:	false
Reputation:	low
URL:	https://bombeirosamora-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47
Preview:	...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................

Chrome Cache Entry: 58

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Category:	dropped
Size (bytes):	7886
Entropy (8bit):	3.9482833105763633
Encrypted:	false
SSDEEP:	48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E
MD5:	0B60F3C9E4DA6E807E808DA7360F24F2
SHA1:	9AFC7ABB910DE855EFB426206E547574A1E074B7
SHA-256:	ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
SHA-512:	1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
Malicious:	false
Reputation:	low
Preview:	...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................

Chrome Cache Entry: 59

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3331
Entropy (8bit):	7.927896166439245
Encrypted:	false
SSDEEP:	96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq
MD5:	EF884BDEDEF280DF97A4C5604058D8DB
SHA1:	6F04244B51AD2409659E267D308B97E09CE9062B
SHA-256:	825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB
SHA-512:	A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2
Malicious:	false
Reputation:	low
URL:	https://bombeirosamora-my.sharepoint.com/_layouts/15/images/microsoft-logo.png
Preview:	.PNG........IHDR.......0............sRGB.........IDATx..=w....G.z..L.4fN.k\dS..._`..........r...~.F..e._.RZ.0.K.\..CB...1.{qq/..^\|.G..o.......?....Or.......y~....]..V.a.mM...M.\kH..@B`s.$"n...)!.@"b#4. !.9...7.u...hD ....T.........:EJ.4"..X........<\|.pgkk+....>~.....pju1i"b.J.&!.!...=T....k..D7.....O.<.?}......./..(.`0..!.C..'.?..e..~.....l6...._.x1rmR...$\|E...l.WKDH...f..... ...Y.0R....>...{...-..o........,...E../......_....eM.Q....@Q...w sp5.9..l.W)...Pq... .]..B..).../M.G.g....].V...5$<......Eb.9.....>LYAk.Z.k..b..]N%>}4a....4!S...t..d..<.8AH+.../r...._...!qt.:q..fR.:..KW.._...T...5..>.0!.hq.rbND\...XR.,2.uX..Q.b...wQ......g..X...F...~.....ikZE...UA....V.I!..]..Mm..R.....~k.VC.n..V.B#W...\..yI.3.....2........6c....2J....,g..5O1.s.4V2.....f..K..Obf\....;.w...\|.F>F>6_z..P.dU<.wVV......?.q.?&........O.>....l.S.upp....59.C_.......fJ.M.={v,......]Y_....n.?UF....v<.$..AD...p.....:$r =p...C.k.3....n.v..~.TGd!...l.W...s..

Chrome Cache Entry: 60

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17444)
Category:	downloaded
Size (bytes):	17672
Entropy (8bit):	5.233316811547578
Encrypted:	false
SSDEEP:	384:lpLsOooX8uvFBiRh+HnEDuvvy1pqvuvDX/0ohHK9mm+tMHvVOPoQeOMmuI:QnoX8uNB2YHnEDsvy1pqvub/0iq4NMHM
MD5:	6EFDDF589864D2E146A55C01C6764A35
SHA1:	EFA8BBA46CB97877EEC5430C43F0AC32585B6B2F
SHA-256:	2D92F0CE8491D2F9A27EA16D261A15089C4A9BE879D1EEDCB6F4A3859E7F1999
SHA-512:	1AFC735660AAE010C04EF89C732D08EBA1B87BE6048164F273BEAEBECA3F30062812B4CD141DDF0291A6AB54F730875D597678A3564C0EED2AAC11E5400F951A
Malicious:	false
Reputation:	low
URL:	https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12008/require.js
Preview:	/** vim: et:ts=4:sw=4:sts=4. * @license RequireJS 2.1.22 Copyright (c) 2010-2015, The Dojo Foundation All Rights Reserved.. * Available via the MIT or new BSD license.. * see: http://github.com/jrburke/requirejs for details. */.var requirejs,require,define;!function(global){function isFunction(e){return"[object Function]"===ostring.call(e)}function isArray(e){return"[object Array]"===ostring.call(e)}function each(e,t){if(e){var r;for(r=0;r<e.length&&(!e[r]\|\|!t(e[r],r,e));r+=1);}}function eachReverse(e,t){if(e){var r;for(r=e.length-1;r>-1&&(!e[r]\|\|!t(e[r],r,e));r-=1);}}function hasProp(e,t){return hasOwn.call(e,t)}function getOwn(e,t){return hasProp(e,t)&&e[t]}function eachProp(e,t){var r;for(r in e)if(hasProp(e,r)&&t(e[r],r))break}function mixin(e,t,r,i){return t&&eachProp(t,function(t,n){(r\|\|!hasProp(e,n))&&(!i\|\|"object"!=typeof t\|\|!t\|\|isArray(t)\|\|isFunction(t)\|\|t instanceof RegExp?e[n]=t:(e[n]\|\|(e[n]={}),mixin(e[n],t,r,i)))}),e}function bind(e,t){return function(){return t.apply(e,ar

Chrome Cache Entry: 61

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	26951
Entropy (8bit):	4.514992390210281
Encrypted:	false
SSDEEP:	384:jMgviMjM4if38GmhXeC1QRwweTkBE9wbOY4Jf/JhRZ5h+73hNVt8oC4veONhLYVi:CLEiJSdo11vIYHqb5Klo8v
MD5:	B3D7A123BE5203A1A3F0F10233ED373F
SHA1:	F4C61F321D8F79A805B356C6EC94090C0D96215C
SHA-256:	EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192
SHA-512:	A01BFE8546E59C8AF83280A795B3F56DFA23D556B992813A4EB70089E80621686C7B51EE87B3109502667CAF1F95CBCA074BF607E543A0390BF6F8BB3ECD992B
Malicious:	false
Reputation:	low
URL:	https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=fz5b1NoOmf7XpLYfpTtd_ByoO6mCDajdygxqvwvlKPX_c2MLKN2zYNpRuVXw_sjj6mhIP1WreUiw9JFK6l4KlEFAy0WTw8Ah70RyGo2fFja05yf6L2IcMFjjohlUQOxpjzDft1zzk2yft58am4GMn4nI-Qsk4fUlW5TZfGWm_vg1&t=ffffffffa8ad04d3
Preview:	var Page_ValidationVer = "125";..var Page_IsValid = true;..var Page_BlockSubmit = false;..var Page_InvalidControlToBeFocused = null;..var Page_TextTypes = /^(text\|password\|file\|search\|tel\|url\|email\|number\|range\|color\|datetime\|date\|month\|week\|time\|datetime-local)$/i;..function ValidatorUpdateDisplay(val) {.. if (typeof(val.display) == "string") {.. if (val.display == "None") {.. return;.. }.. if (val.display == "Dynamic") {.. val.style.display = val.isvalid ? "none" : "inline";.. return;.. }.. }.. if ((navigator.userAgent.indexOf("Mac") > -1) &&.. (navigator.userAgent.indexOf("MSIE") > -1)) {.. val.style.display = "inline";.. }.. val.style.visibility = val.isvalid ? "hidden" : "visible";..}..function ValidatorUpdateIsValid() {.. Page_IsValid = AllValidatorsValid(Page_Validators);..}..function AllValidatorsValid(validators) {.. if ((typeof(validators) != "undefined") && (validators != null)) {

Chrome Cache Entry: 62

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.702819531114783
Encrypted:	false
SSDEEP:	3:H6xhkY:aQY
MD5:	858372DD32511CB4DD08E48A93B4F175
SHA1:	CE4555B7B2EFBBD644D8E34CF3453A0E8CAA3C43
SHA-256:	3D18F3E1469C83D62CF3A39BA93F8EAA5B22447FE630E59F39DC1B7747635359
SHA-512:	6A57E0D4A1C23CB693AA9312F6FDAA1FC4309B5BC91D1B2279B5792BEE3534749FD3693C19AA95E0768800472D11D438EC3116F337679A249C28BE0E038E6DE0
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzQSEAnq3J4hoa5xcRIFDfSCVyI=?alt=proto
Preview:	CgkKBw30glciGgA=

Chrome Cache Entry: 63

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (30522), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	69038
Entropy (8bit):	5.664758074654345
Encrypted:	false
SSDEEP:	1536:PlgguX44hoTWXBOxSPSW8N6fGNNKD73Js2wVXUaH3y:PLujCGeTKDcVXUt
MD5:	EC397E368213A9ED39E5F8F0FB14D098
SHA1:	98EA05A70E02EDD0A6594F4D65A1B90742DF78C0
SHA-256:	74A02845005E503766B417F7128DDCCEABCC07ACD6519ED6F2994654310E5123
SHA-512:	C610294354B090B64823C47D7D8E1284369F2E0DD05A97DFF9B19D73DBE3B52E05D5213044FE89EADE267CDD5219E2BB73C27B0B0DDFF76D962A1EDAEC54489C
Malicious:	false
Reputation:	low
URL:	https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g
Preview:	..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr">..<head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Expires" content="0" /><meta name="Robots" content="NOHTMLINDEX" /><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><link id="favicon" rel="shortcut icon" href="/_layouts/15/images/favicon.ico?rev=47" type="image/vnd.microsoft.icon" /><title>...Sharing Link Validation..</title>...<style type="text/css" media="screen, print, projection">....html{line-height:1.15;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,footer,header,nav,section{display:block}h1{font-size:2em;margin:.67em 0}figcaption,figure,ma

Chrome Cache Entry: 64

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (39257), with CRLF line terminators
Category:	downloaded
Size (bytes):	40326
Entropy (8bit):	5.245555585297941
Encrypted:	false
SSDEEP:	384:bvrc3TrJ1vMZCKZ4pLRy6DkfDLcbTzcXanT2rxb64aKQr1vySAwBaPUge6ydE:bTaYB4Hy7mTzcaTKStrwSAwBaPUTdE
MD5:	DA9DC1C32E89C02FC1E9EEB7E5AAB91E
SHA1:	3EFB110EFA6068CE6B586A67F87DA5125310BC30
SHA-256:	398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1
SHA-512:	D4730EBC4CA62624B8300E292F27FD79D42A9277E409545DF7DC916189ED9DF13E46FAA37E3924B85A7C7EA8C76BF65A05ECA69B4029B550430536EC6DF8552A
Malicious:	false
Reputation:	low
URL:	https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=tM6FjENUq-AqRTrG-nKjsZBvBEL_WoCNVelbcqc-AiTFC5Zr5nKgI3s8s43QwNGHROgPUGDOMk8QarIRpFk51lj7vqW3Kny7uBviSE3Oxm-jOwp-V8yjBgIlfsWxiLilJfh7gZ_QADAxWhj82eyEXJBd0dnpYVXt_pPpciWccOwqXR_NN_UkaE-brJpn4gpT0&t=74258c30
Preview:	//----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjaxWebForms.js..Type._registerScript("MicrosoftAjaxWebForms.js",["MicrosoftAjaxCore.js","MicrosoftAjaxSerialization.js","MicrosoftAjaxNetwork.js","MicrosoftAjaxComponentModel.js"]);Type.registerNamespace("Sys.WebForms");Sys.WebForms.BeginRequestEventArgs=function(c,b,a){Sys.WebForms.BeginRequestEventArgs.initializeBase(this);this._request=c;this._postBackElement=b;this._updatePanelsToUpdate=a};Sys.WebForms.BeginRequestEventArgs.prototype={get_postBackElement:function(){return this._postBackElement},get_request:function(){return this._request},get_updatePanelsToUpdate:function(){return this._updatePanelsToUpdate?Array.clone(this._updatePanelsToUpdate):[]}};Sys.WebForms.BeginRequestEventArgs.registerClass("Sys.WebForms.BeginRequestEventArgs",Sys.EventArgs);Sys.WebForms.EndRequestEventArgs=fun

Chrome Cache Entry: 65

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (37521)
Category:	downloaded
Size (bytes):	40512
Entropy (8bit):	5.386921349191213
Encrypted:	false
SSDEEP:	768:Tkv+rkfa2aH5m7UYfXLMQWGjaKEstpgG9ycj:Pr8LaZkzLM46G9
MD5:	8DCE60169BA666CA03A31D123DB49908
SHA1:	956C46BB6058C23D35440DCC656CE61C7B151399
SHA-256:	F9F5A40C01C6D569373CE61EE77849F30E4176E1310652FF17D458C68680CF75
SHA-512:	26BA15ADE0F62393413156C5061B04AA8FCE3A5A5EE06EE35DFC42D3F76AF850980731A38DCF7094711E7FAB18C80EF66C9B354C029D06FA2E846330ACCC7E9E
Malicious:	false
Reputation:	low
URL:	https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/spoguestaccesswebpack/spoguestaccess.js
Preview:	/! For license information please see spoguestaccess.js.LICENSE.txt /.document.currentScript,define("@fluentui/react-file-type-icons",[],()=>{var e;return(()=>{"use strict";var t=[e=>{var t=Object.getOwnPropertySymbols,n=Object.prototype.hasOwnProperty,a=Object.prototype.propertyIsEnumerable;function i(e){if(null==e)throw new TypeError("Object.assign cannot be called with null or undefined");return Object(e)}e.exports=function(){try{if(!Object.assign)return!1;var e=new String("abc");if(e[5]="de","5"===Object.getOwnPropertyNames(e)[0])return!1;for(var t={},n=0;n<10;n++)t["_"+String.fromCharCode(n)]=n;if("0123456789"!==Object.getOwnPropertyNames(t).map(function(e){return t[e]}).join(""))return!1;var a={};return"abcdefghijklmnopqrst".split("").forEach(function(e){a[e]=e}),"abcdefghijklmnopqrst"===Object.keys(Object.assign({},a)).join("")}catch(e){return!1}}()?Object.assign:function(e,r){for(var o,s,c=i(e),d=1;d<arguments.length;d++){for(var l in o=Object(arguments[d]))n.call(o,l)&&(c[l]

Chrome Cache Entry: 66

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65329), with CRLF line terminators
Category:	downloaded
Size (bytes):	102801
Entropy (8bit):	5.336080509196147
Encrypted:	false
SSDEEP:	1536:MGLiogSomRYvoGtT+KHsVS0bT79DSsi46j/LPyR7kbE:MGLXGFKT79DSs6WCE
MD5:	C89EAA5B28DF1E17376BE71D71649173
SHA1:	2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD
SHA-256:	66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C
SHA-512:	B73D56304986CD587DA17BEBF21341B450D41861824102CC53885D863B118F6FDF2456B20791B9A7AE56DF91403F342550AF9E46F7401429FBA1D4A15A6BD3C0
Malicious:	false
Reputation:	low
URL:	https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=BPZZHAzyiNzOHF1qjpHwK2Iiip7ofKYDBinOf_3u64bxXfveZFChng8J6xm7E6G_NvDbY50Zc1CRv4_5WtD44aaLkCGiLE8dRk_RjlGSaXGP_XmyQ-XsxDsM15-yMp12VEq5pkLT7xq7ssFCpIVf3erlDm1aAay2ADnDVk01TwDgXUHVPZaNK6GUm2Onifr90&t=74258c30
Preview:	//----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjax.js..Function.__typeName="Function";Function.__class=true;Function.createCallback=function(b,a){return function(){var e=arguments.length;if(e>0){var d=[];for(var c=0;c<e;c++)d[c]=arguments[c];d[e]=a;return b.apply(this,d)}return b.call(this,a)}};Function.createDelegate=function(a,b){return function(){return b.apply(a,arguments)}};Function.emptyFunction=Function.emptyMethod=function(){};Function.validateParameters=function(c,b,a){return Function._validateParams(c,b,a)};Function._validateParams=function(g,e,c){var a,d=e.length;c=c\|\|typeof c==="undefined";a=Function._validateParameterCount(g,e,c);if(a){a.popStackFrame();return a}for(var b=0,i=g.length;b<i;b++){var f=e[Math.min(b,d-1)],h=f.name;if(f.parameterArray)h+="["+(b-d+1)+"]";else if(!c&&b>=d)break;a=Function._validateParameter(g[b],f

Chrome Cache Entry: 67

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	23063
Entropy (8bit):	4.7535440881548165
Encrypted:	false
SSDEEP:	384:GvUzYI+Vi4g1V5it1ONhA6w+Kv8i/4CYzLKL4DrLU0iTxZTAzIzrwDlTWMClQip9:bkON69kClQq8hDRJHp2tWU25Zt/gREVG
MD5:	90EA7274F19755002360945D54C2A0D7
SHA1:	647B5D8BF7D119A2C97895363A07A0C6EB8CD284
SHA-256:	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
SHA-512:	7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07
Malicious:	false
Reputation:	low
URL:	https://bombeirosamora-my.sharepoint.com/WebResource.axd?d=uGOwVaDVQSQCpBdkqNc5yxvm33jVELtRB5xpLAgch1-8aQY5YKzdAoshrB0ev09NV2_tUKZlrSOnvNLyRrJpP1MXJLubWixpFoyHT_59rc81&t=638509456120891867
Preview:	function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) {.. this.eventTarget = eventTarget;.. this.eventArgument = eventArgument;.. this.validation = validation;.. this.validationGroup = validationGroup;.. this.actionUrl = actionUrl;.. this.trackFocus = trackFocus;.. this.clientSubmit = clientSubmit;..}..function WebForm_DoPostBackWithOptions(options) {.. var validationResult = true;.. if (options.validation) {.. if (typeof(Page_ClientValidate) == 'function') {.. validationResult = Page_ClientValidate(options.validationGroup);.. }.. }.. if (validationResult) {.. if ((typeof(options.actionUrl) != "undefined") && (options.actionUrl != null) && (options.actionUrl.length > 0)) {.. theForm.action = options.actionUrl;.. }.. if (options.trackFocus) {.. var lastFocus = theForm.elements["__LASTFOCUS"];.. if ((typeo

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jul 3, 2024 00:18:31.790435076 CEST	49674	443	192.168.2.7	104.98.116.138
Jul 3, 2024 00:18:31.790486097 CEST	49675	443	192.168.2.7	104.98.116.138
Jul 3, 2024 00:18:31.821717024 CEST	49672	443	192.168.2.7	104.98.116.138
Jul 3, 2024 00:18:33.665400028 CEST	49671	443	192.168.2.7	204.79.197.203
Jul 3, 2024 00:18:38.477894068 CEST	49671	443	192.168.2.7	204.79.197.203
Jul 3, 2024 00:18:39.177052975 CEST	49677	443	192.168.2.7	20.50.201.200
Jul 3, 2024 00:18:39.649794102 CEST	49677	443	192.168.2.7	20.50.201.200
Jul 3, 2024 00:18:40.540426970 CEST	49677	443	192.168.2.7	20.50.201.200
Jul 3, 2024 00:18:41.431051016 CEST	49672	443	192.168.2.7	104.98.116.138
Jul 3, 2024 00:18:41.556041956 CEST	49674	443	192.168.2.7	104.98.116.138
Jul 3, 2024 00:18:41.556222916 CEST	49675	443	192.168.2.7	104.98.116.138
Jul 3, 2024 00:18:42.040491104 CEST	49677	443	192.168.2.7	20.50.201.200
Jul 3, 2024 00:18:45.150039911 CEST	49677	443	192.168.2.7	20.50.201.200
Jul 3, 2024 00:18:46.133002996 CEST	49703	80	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:46.133755922 CEST	49704	80	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:46.140186071 CEST	80	49703	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:46.140335083 CEST	49703	80	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:46.140666962 CEST	80	49704	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:46.140723944 CEST	49704	80	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:46.141292095 CEST	49703	80	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:46.148637056 CEST	80	49703	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:46.860172033 CEST	80	49703	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:46.861181021 CEST	80	49703	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:46.861258984 CEST	49703	80	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:46.916726112 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:46.916781902 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:46.916923046 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:46.917242050 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:46.917258024 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:47.458812952 CEST	49708	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:18:47.458861113 CEST	443	49708	142.250.186.68	192.168.2.7
Jul 3, 2024 00:18:47.458929062 CEST	49708	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:18:47.459178925 CEST	49708	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:18:47.459198952 CEST	443	49708	142.250.186.68	192.168.2.7
Jul 3, 2024 00:18:47.496113062 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:47.496469975 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:47.496493101 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:47.497572899 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:47.497653961 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:47.498764038 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:47.498843908 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:47.499130011 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:47.499139071 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:47.543186903 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.044568062 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.044595003 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.044694901 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.044703960 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.044735909 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.044760942 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.044791937 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.044934034 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.044986963 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.044996023 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.045041084 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.052578926 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.052650928 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.052668095 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.054043055 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.054117918 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.054128885 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.058659077 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.058734894 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.058747053 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.061465979 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.061553955 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.061563969 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.063308954 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.063384056 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.063396931 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.065627098 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.065725088 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.065736055 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.066543102 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.066598892 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.066606998 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.066634893 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.066673040 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.077785969 CEST	49705	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.077811956 CEST	443	49705	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.088824987 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.088867903 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.088956118 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.089216948 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.089231968 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.106369019 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.106380939 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.106442928 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.106693983 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.106703997 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.107659101 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.107695103 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.107755899 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.108051062 CEST	49712	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.108083963 CEST	443	49712	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.108133078 CEST	49712	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.108454943 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.108494043 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.108565092 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.108791113 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.108808994 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.108977079 CEST	49712	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.108990908 CEST	443	49712	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.109126091 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.109143019 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.131911993 CEST	49671	443	192.168.2.7	204.79.197.203
Jul 3, 2024 00:18:48.142183065 CEST	443	49708	142.250.186.68	192.168.2.7
Jul 3, 2024 00:18:48.142406940 CEST	49708	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:18:48.142445087 CEST	443	49708	142.250.186.68	192.168.2.7
Jul 3, 2024 00:18:48.143621922 CEST	443	49708	142.250.186.68	192.168.2.7
Jul 3, 2024 00:18:48.143678904 CEST	49708	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:18:48.144751072 CEST	49708	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:18:48.144819021 CEST	443	49708	142.250.186.68	192.168.2.7
Jul 3, 2024 00:18:48.325485945 CEST	49708	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:18:48.325512886 CEST	443	49708	142.250.186.68	192.168.2.7
Jul 3, 2024 00:18:48.371304035 CEST	49708	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:18:48.750499010 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.750869989 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.750900030 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.751358986 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.751683950 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.751785040 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.751830101 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.755297899 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.755512953 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.755525112 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.755918026 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.756216049 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.756282091 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.756320000 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.756768942 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.756829023 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.756942987 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.756963968 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.757034063 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.757050991 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.758109093 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.758126974 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.758225918 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.758227110 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.758569002 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.758647919 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.758836985 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.758904934 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.758960962 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.758970976 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.758996010 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.759005070 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.762351990 CEST	443	49712	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.762576103 CEST	49712	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.762595892 CEST	443	49712	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.763679028 CEST	443	49712	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.763750076 CEST	49712	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.764072895 CEST	49712	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.764132023 CEST	443	49712	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.764209986 CEST	49712	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.764218092 CEST	443	49712	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.791507006 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.791532993 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.796500921 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.806668043 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.806678057 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.806857109 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.806860924 CEST	49712	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.963766098 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.964086056 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.964106083 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.964178085 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.964195013 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.965958118 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.965966940 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.966028929 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.966042995 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.966068029 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.966082096 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.966703892 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.966712952 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.966769934 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.966778040 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.966795921 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.967995882 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.968055010 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.968061924 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.968741894 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.968822002 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.975040913 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.975073099 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.975112915 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.975125074 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.976548910 CEST	443	49712	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.976566076 CEST	443	49712	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.976636887 CEST	49712	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.976640940 CEST	443	49712	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.976685047 CEST	49712	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.977186918 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.977229118 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.977240086 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.977247953 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.977274895 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.977727890 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.977782011 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.977791071 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.977830887 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.978050947 CEST	49712	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.978069067 CEST	443	49712	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.997389078 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.997411013 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.997487068 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.997520924 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.999857903 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.999870062 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:48.999938965 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:48.999957085 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.002461910 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.002535105 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.002546072 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.002582073 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.012708902 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.039037943 CEST	49717	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.039073944 CEST	443	49717	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.039153099 CEST	49717	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.039371014 CEST	49717	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.039383888 CEST	443	49717	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.051291943 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.051306009 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.051333904 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.051379919 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.051417112 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.051675081 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.051726103 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.051760912 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.051827908 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.051840067 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.052164078 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.052203894 CEST	443	49710	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.052251101 CEST	49710	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.053816080 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.053903103 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.053913116 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.056253910 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.056319952 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.056329012 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.056648970 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.056704998 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.063488007 CEST	49713	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.063507080 CEST	443	49713	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.063843966 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.063920021 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.064008951 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.064070940 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.064110041 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.074297905 CEST	49709	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.074358940 CEST	443	49709	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.084434032 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.084515095 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.084536076 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.086107016 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.086174965 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.086194992 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.087878942 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.087939024 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.087948084 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.090486050 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.090563059 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.090575933 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.136432886 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.170706987 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.170720100 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.170789003 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.170814037 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.171020985 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.171060085 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.171072960 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.171082020 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.171119928 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.171617985 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.171673059 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.171679974 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.172497034 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.172571898 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.172580004 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.172667027 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.172718048 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.172725916 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.173594952 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.173672915 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.173680067 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.173863888 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.173923969 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.173929930 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.173949003 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.173985958 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.174777985 CEST	49711	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.174796104 CEST	443	49711	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.407491922 CEST	49721	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.407538891 CEST	443	49721	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.407597065 CEST	49721	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.407798052 CEST	49721	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.407810926 CEST	443	49721	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.700562000 CEST	443	49717	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.700886011 CEST	49717	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.700907946 CEST	443	49717	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.702528954 CEST	443	49717	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.702615023 CEST	49717	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.702966928 CEST	49717	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.703068972 CEST	443	49717	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.703116894 CEST	49717	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.743571997 CEST	49717	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.743593931 CEST	443	49717	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.792186022 CEST	49717	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.911228895 CEST	443	49717	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.911245108 CEST	443	49717	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.911381006 CEST	49717	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.911416054 CEST	443	49717	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.911461115 CEST	49717	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.911534071 CEST	443	49717	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.911582947 CEST	443	49717	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:49.911686897 CEST	49717	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.955959082 CEST	49717	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:49.955991030 CEST	443	49717	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.003407955 CEST	443	49721	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.005662918 CEST	49721	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:50.005691051 CEST	443	49721	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.006052017 CEST	443	49721	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.012212992 CEST	49721	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:50.012295008 CEST	443	49721	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.012437105 CEST	49721	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:50.056500912 CEST	443	49721	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.260144949 CEST	443	49721	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.260196924 CEST	443	49721	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.260272026 CEST	49721	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:50.260299921 CEST	443	49721	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.260346889 CEST	49721	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:50.260714054 CEST	443	49721	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.260855913 CEST	49721	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:50.261081934 CEST	443	49721	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.261145115 CEST	443	49721	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.261213064 CEST	49721	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:50.286645889 CEST	49721	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:50.286688089 CEST	443	49721	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.312731981 CEST	49723	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:50.312772036 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.312843084 CEST	49723	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:50.313137054 CEST	49723	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:50.313153982 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.891463995 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.946742058 CEST	49723	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:50.999273062 CEST	49723	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:50.999288082 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:50.999775887 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:51.000668049 CEST	49723	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:51.000741005 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:51.000823021 CEST	49723	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:51.048513889 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:51.103054047 CEST	49677	443	192.168.2.7	20.50.201.200
Jul 3, 2024 00:18:51.235610008 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:51.235630989 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:51.235680103 CEST	49723	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:51.235697985 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:51.236207962 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:51.236260891 CEST	49723	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:51.236269951 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:51.236308098 CEST	49723	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:51.236558914 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:51.236623049 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:51.236670971 CEST	49723	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:51.242643118 CEST	49723	443	192.168.2.7	13.107.136.10
Jul 3, 2024 00:18:51.242671013 CEST	443	49723	13.107.136.10	192.168.2.7
Jul 3, 2024 00:18:51.686594963 CEST	49726	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:51.686638117 CEST	443	49726	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:51.686773062 CEST	49726	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:51.688503981 CEST	49726	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:51.688517094 CEST	443	49726	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:52.417071104 CEST	443	49726	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:52.417176008 CEST	49726	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:52.468574047 CEST	49726	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:52.468604088 CEST	443	49726	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:52.468894005 CEST	443	49726	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:52.511049032 CEST	49726	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:52.784446001 CEST	49726	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:52.824512005 CEST	443	49726	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:53.067879915 CEST	443	49726	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:53.067956924 CEST	443	49726	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:53.068604946 CEST	49726	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:53.073103905 CEST	49726	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:53.073122978 CEST	443	49726	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:53.121064901 CEST	49728	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:53.121109962 CEST	443	49728	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:53.121351957 CEST	49728	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:53.123320103 CEST	49728	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:53.123344898 CEST	443	49728	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:53.782531023 CEST	443	49728	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:53.782628059 CEST	49728	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:53.962584972 CEST	49728	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:53.962610960 CEST	443	49728	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:53.964870930 CEST	443	49728	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:53.966599941 CEST	49728	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:54.012490988 CEST	443	49728	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:54.156533957 CEST	443	49728	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:54.156625032 CEST	443	49728	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:54.156748056 CEST	49728	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:54.158799887 CEST	49728	443	192.168.2.7	184.28.90.27
Jul 3, 2024 00:18:54.158818960 CEST	443	49728	184.28.90.27	192.168.2.7
Jul 3, 2024 00:18:58.061465979 CEST	443	49708	142.250.186.68	192.168.2.7
Jul 3, 2024 00:18:58.061568022 CEST	443	49708	142.250.186.68	192.168.2.7
Jul 3, 2024 00:18:58.061626911 CEST	49708	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:18:58.574254036 CEST	49708	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:18:58.574278116 CEST	443	49708	142.250.186.68	192.168.2.7
Jul 3, 2024 00:19:03.011307001 CEST	49677	443	192.168.2.7	20.50.201.200
Jul 3, 2024 00:19:31.147463083 CEST	49704	80	192.168.2.7	13.107.136.10
Jul 3, 2024 00:19:31.152347088 CEST	80	49704	13.107.136.10	192.168.2.7
Jul 3, 2024 00:19:31.869419098 CEST	49703	80	192.168.2.7	13.107.136.10
Jul 3, 2024 00:19:31.875375986 CEST	80	49703	13.107.136.10	192.168.2.7
Jul 3, 2024 00:19:46.561418056 CEST	49704	80	192.168.2.7	13.107.136.10
Jul 3, 2024 00:19:46.568605900 CEST	80	49704	13.107.136.10	192.168.2.7
Jul 3, 2024 00:19:46.568660975 CEST	49704	80	192.168.2.7	13.107.136.10
Jul 3, 2024 00:19:47.510826111 CEST	49735	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:19:47.510878086 CEST	443	49735	142.250.186.68	192.168.2.7
Jul 3, 2024 00:19:47.514718056 CEST	49735	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:19:47.514961004 CEST	49735	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:19:47.514976978 CEST	443	49735	142.250.186.68	192.168.2.7
Jul 3, 2024 00:19:48.182569981 CEST	443	49735	142.250.186.68	192.168.2.7
Jul 3, 2024 00:19:48.190125942 CEST	49735	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:19:48.190148115 CEST	443	49735	142.250.186.68	192.168.2.7
Jul 3, 2024 00:19:48.190599918 CEST	443	49735	142.250.186.68	192.168.2.7
Jul 3, 2024 00:19:48.194638968 CEST	49735	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:19:48.194717884 CEST	443	49735	142.250.186.68	192.168.2.7
Jul 3, 2024 00:19:48.244014978 CEST	49735	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:19:54.072244883 CEST	80	49703	13.107.136.10	192.168.2.7
Jul 3, 2024 00:19:54.072324038 CEST	49703	80	192.168.2.7	13.107.136.10
Jul 3, 2024 00:19:54.598452091 CEST	49703	80	192.168.2.7	13.107.136.10
Jul 3, 2024 00:19:54.605587006 CEST	80	49703	13.107.136.10	192.168.2.7
Jul 3, 2024 00:19:58.100563049 CEST	443	49735	142.250.186.68	192.168.2.7
Jul 3, 2024 00:19:58.100632906 CEST	443	49735	142.250.186.68	192.168.2.7
Jul 3, 2024 00:19:58.100775957 CEST	49735	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:19:58.566030979 CEST	49735	443	192.168.2.7	142.250.186.68
Jul 3, 2024 00:19:58.566065073 CEST	443	49735	142.250.186.68	192.168.2.7

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jul 3, 2024 00:18:45.174037933 CEST	53	57841	1.1.1.1	192.168.2.7
Jul 3, 2024 00:18:45.397938013 CEST	53	61074	1.1.1.1	192.168.2.7
Jul 3, 2024 00:18:46.091228962 CEST	56222	53	192.168.2.7	1.1.1.1
Jul 3, 2024 00:18:46.091381073 CEST	62849	53	192.168.2.7	1.1.1.1
Jul 3, 2024 00:18:46.794091940 CEST	53	51402	1.1.1.1	192.168.2.7
Jul 3, 2024 00:18:46.866518021 CEST	56087	53	192.168.2.7	1.1.1.1
Jul 3, 2024 00:18:46.866981983 CEST	63285	53	192.168.2.7	1.1.1.1
Jul 3, 2024 00:18:47.168915987 CEST	123	123	192.168.2.7	40.119.148.38
Jul 3, 2024 00:18:47.448503017 CEST	61034	53	192.168.2.7	1.1.1.1
Jul 3, 2024 00:18:47.448662996 CEST	50118	53	192.168.2.7	1.1.1.1
Jul 3, 2024 00:18:47.457465887 CEST	53	61034	1.1.1.1	192.168.2.7
Jul 3, 2024 00:18:47.457979918 CEST	53	50118	1.1.1.1	192.168.2.7
Jul 3, 2024 00:18:47.721355915 CEST	123	123	40.119.148.38	192.168.2.7
Jul 3, 2024 00:18:48.991070032 CEST	65103	53	192.168.2.7	1.1.1.1
Jul 3, 2024 00:18:48.991240978 CEST	59165	53	192.168.2.7	1.1.1.1
Jul 3, 2024 00:18:49.354526043 CEST	53	57048	1.1.1.1	192.168.2.7
Jul 3, 2024 00:18:50.708965063 CEST	56691	53	192.168.2.7	1.1.1.1
Jul 3, 2024 00:18:50.709460020 CEST	53753	53	192.168.2.7	1.1.1.1
Jul 3, 2024 00:19:03.845647097 CEST	53	59769	1.1.1.1	192.168.2.7
Jul 3, 2024 00:19:22.616722107 CEST	53	49405	1.1.1.1	192.168.2.7
Jul 3, 2024 00:19:38.174007893 CEST	138	138	192.168.2.7	192.168.2.255
Jul 3, 2024 00:19:43.919079065 CEST	53	58459	1.1.1.1	192.168.2.7
Jul 3, 2024 00:19:45.515193939 CEST	53	50702	1.1.1.1	192.168.2.7

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jul 3, 2024 00:18:46.091228962 CEST	192.168.2.7	1.1.1.1	0x6f90	Standard query (0)	bombeirosamora-my.sharepoint.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:18:46.091381073 CEST	192.168.2.7	1.1.1.1	0xc69a	Standard query (0)	bombeirosamora-my.sharepoint.com	65	IN (0x0001)	false
Jul 3, 2024 00:18:46.866518021 CEST	192.168.2.7	1.1.1.1	0x1d65	Standard query (0)	bombeirosamora-my.sharepoint.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:18:46.866981983 CEST	192.168.2.7	1.1.1.1	0x42df	Standard query (0)	bombeirosamora-my.sharepoint.com	65	IN (0x0001)	false
Jul 3, 2024 00:18:47.448503017 CEST	192.168.2.7	1.1.1.1	0x1b27	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:18:47.448662996 CEST	192.168.2.7	1.1.1.1	0x3490	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jul 3, 2024 00:18:48.991070032 CEST	192.168.2.7	1.1.1.1	0x6d1b	Standard query (0)	bombeirosamora-my.sharepoint.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:18:48.991240978 CEST	192.168.2.7	1.1.1.1	0x4109	Standard query (0)	bombeirosamora-my.sharepoint.com	65	IN (0x0001)	false
Jul 3, 2024 00:18:50.708965063 CEST	192.168.2.7	1.1.1.1	0xb5aa	Standard query (0)	m365cdn.nel.measure.office.net	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:18:50.709460020 CEST	192.168.2.7	1.1.1.1	0x3f5b	Standard query (0)	m365cdn.nel.measure.office.net	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jul 3, 2024 00:18:46.126315117 CEST	1.1.1.1	192.168.2.7	0xc69a	No error (0)	bombeirosamora-my.sharepoint.com	bombeirosamora.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.126315117 CEST	1.1.1.1	192.168.2.7	0xc69a	No error (0)	bombeirosamora.sharepoint.com	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.126315117 CEST	1.1.1.1	192.168.2.7	0xc69a	No error (0)	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.126315117 CEST	1.1.1.1	192.168.2.7	0xc69a	No error (0)	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.131370068 CEST	1.1.1.1	192.168.2.7	0x6f90	No error (0)	bombeirosamora-my.sharepoint.com	bombeirosamora.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.131370068 CEST	1.1.1.1	192.168.2.7	0x6f90	No error (0)	bombeirosamora.sharepoint.com	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.131370068 CEST	1.1.1.1	192.168.2.7	0x6f90	No error (0)	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.131370068 CEST	1.1.1.1	192.168.2.7	0x6f90	No error (0)	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.131370068 CEST	1.1.1.1	192.168.2.7	0x6f90	No error (0)	189324-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.net	dual-spo-0005.spo-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.131370068 CEST	1.1.1.1	192.168.2.7	0x6f90	No error (0)	dual-spo-0005.spo-msedge.net		13.107.136.10	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:18:46.131370068 CEST	1.1.1.1	192.168.2.7	0x6f90	No error (0)	dual-spo-0005.spo-msedge.net		13.107.138.10	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:18:46.914725065 CEST	1.1.1.1	192.168.2.7	0x1d65	No error (0)	bombeirosamora-my.sharepoint.com	bombeirosamora.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.914725065 CEST	1.1.1.1	192.168.2.7	0x1d65	No error (0)	bombeirosamora.sharepoint.com	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.914725065 CEST	1.1.1.1	192.168.2.7	0x1d65	No error (0)	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.914725065 CEST	1.1.1.1	192.168.2.7	0x1d65	No error (0)	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.914725065 CEST	1.1.1.1	192.168.2.7	0x1d65	No error (0)	189324-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.net	dual-spo-0005.spo-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.914725065 CEST	1.1.1.1	192.168.2.7	0x1d65	No error (0)	dual-spo-0005.spo-msedge.net		13.107.136.10	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:18:46.914725065 CEST	1.1.1.1	192.168.2.7	0x1d65	No error (0)	dual-spo-0005.spo-msedge.net		13.107.138.10	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:18:46.915772915 CEST	1.1.1.1	192.168.2.7	0x42df	No error (0)	bombeirosamora-my.sharepoint.com	bombeirosamora.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.915772915 CEST	1.1.1.1	192.168.2.7	0x42df	No error (0)	bombeirosamora.sharepoint.com	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.915772915 CEST	1.1.1.1	192.168.2.7	0x42df	No error (0)	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:46.915772915 CEST	1.1.1.1	192.168.2.7	0x42df	No error (0)	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:47.457465887 CEST	1.1.1.1	192.168.2.7	0x1b27	No error (0)	www.google.com		142.250.186.68	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:18:47.457979918 CEST	1.1.1.1	192.168.2.7	0x3490	No error (0)	www.google.com			65	IN (0x0001)	false
Jul 3, 2024 00:18:49.033734083 CEST	1.1.1.1	192.168.2.7	0x6d1b	No error (0)	bombeirosamora-my.sharepoint.com	bombeirosamora.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:49.033734083 CEST	1.1.1.1	192.168.2.7	0x6d1b	No error (0)	bombeirosamora.sharepoint.com	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:49.033734083 CEST	1.1.1.1	192.168.2.7	0x6d1b	No error (0)	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:49.033734083 CEST	1.1.1.1	192.168.2.7	0x6d1b	No error (0)	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:49.033734083 CEST	1.1.1.1	192.168.2.7	0x6d1b	No error (0)	189324-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.net	dual-spo-0005.spo-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:49.033734083 CEST	1.1.1.1	192.168.2.7	0x6d1b	No error (0)	dual-spo-0005.spo-msedge.net		13.107.136.10	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:18:49.033734083 CEST	1.1.1.1	192.168.2.7	0x6d1b	No error (0)	dual-spo-0005.spo-msedge.net		13.107.138.10	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:18:49.038470030 CEST	1.1.1.1	192.168.2.7	0x4109	No error (0)	bombeirosamora-my.sharepoint.com	bombeirosamora.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:49.038470030 CEST	1.1.1.1	192.168.2.7	0x4109	No error (0)	bombeirosamora.sharepoint.com	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:49.038470030 CEST	1.1.1.1	192.168.2.7	0x4109	No error (0)	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:49.038470030 CEST	1.1.1.1	192.168.2.7	0x4109	No error (0)	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:50.717828035 CEST	1.1.1.1	192.168.2.7	0xb5aa	No error (0)	m365cdn.nel.measure.office.net	nel.measure.office.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:50.718354940 CEST	1.1.1.1	192.168.2.7	0x3f5b	No error (0)	m365cdn.nel.measure.office.net	nel.measure.office.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 00:18:55.895781040 CEST	1.1.1.1	192.168.2.7	0x495d	No error (0)	windowsupdatebg.s.llnwi.net		87.248.205.0	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:19:37.738557100 CEST	1.1.1.1	192.168.2.7	0x9a97	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:19:37.738557100 CEST	1.1.1.1	192.168.2.7	0x9a97	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:19:57.646389961 CEST	1.1.1.1	192.168.2.7	0x8411	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false
Jul 3, 2024 00:19:57.646389961 CEST	1.1.1.1	192.168.2.7	0x8411	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

bombeirosamora-my.sharepoint.com

https:

fs.microsoft.com

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.7	49703	13.107.136.10	80	6016	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 00:18:46.141292095 CEST	540	OUT	GET /:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jul 3, 2024 00:18:46.860172033 CEST	1236	IN	HTTP/1.1 301 Moved Permanently Location: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,23040,0,0,6,0,14400,0 X-DataBoundary: EU X-1DSCollectorUrl: https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://eu-mobile.events.data.microsoft.com/Collector/3.0 SPRequestGuid: 447b38a1-8005-9000-3e72-78b568730c62 request-id: 447b38a1-8005-9000-3e72-78b568730c62 MS-CV: oTh7RAWAAJA+cni1aHMMYg.0 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-EWR31r5a&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office3 Data Raw: Data Ascii:
Jul 3, 2024 00:18:46.861181021 CEST	737	IN	Data Raw: 35 2e 63 6f 6d 20 67 6f 61 6c 73 2e 63 6c 6f 75 64 2e 6d 69 63 72 6f 73 6f 66 74 20 2a 2e 70 6f 77 65 72 61 70 70 73 2e 63 6f 6d 20 2a 2e 70 6f 77 65 72 62 69 2e 63 6f 6d 20 2a 2e 79 61 6d 6d 65 72 2e 63 6f 6d 20 65 6e 67 61 67 65 2e 63 6c 6f 75 Data Ascii: 5.com goals.cloud.microsoft .powerapps.com .powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net
Jul 3, 2024 00:19:31.869419098 CEST	6	OUT	Data Raw: 00 Data Ascii:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.7	49704	13.107.136.10	80	6016	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 00:19:31.147463083 CEST	6	OUT	Data Raw: 00 Data Ascii:

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.7	49705	13.107.136.10	443	6016	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:18:47 UTC	797	OUT	GET /personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:18:48 UTC	1987	IN	HTTP/1.1 200 OK Cache-Control: private Content-Length: 69038 Content-Type: text/html; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,8409600,0,1216,7485519,0,3714020,74 X-SharePointHealthScore: 2 X-AspNet-Version: 4.0.30319 X-DataBoundary: EU X-1DSCollectorUrl: https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://eu-mobile.events.data.microsoft.com/Collector/3.0 SPRequestGuid: 447b38a1-303c-9000-3e72-71f231502d02 request-id: 447b38a1-303c-9000-3e72-71f231502d02 MS-CV: oTh7RDwwAJA+cnHyMVAtAg.0 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=a052bb68-5e9e-40d5-ab74-d809f6766aa6&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com .powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com; SPRequestDuration: 118 SPIisLatency: 1 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: ADD9ED2BA7CA479586AC6DFB05F993EB Ref B: EWR311000103039 Ref C: 2024-07-02T22:18:47Z Date: Tue, 02 Jul 2024 22:18:47 GMT Connection: close
2024-07-02 22:18:48 UTC	2183	IN	Data Raw: 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3a 6f 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 6d 69 63 72 6f 73 6f 66 74 2d 63 6f 6d 3a 6f 66 66 69 63 65 3a 6f 66 66 69 63 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 75 73 22 20 64 69 72 3d 22 6c 74 72 22 3e 0d 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 47 45 4e 45 52 41 54 4f 52 22 20 63 6f 6e 74 65 6e 74 3d 22 4d 69 63 72 6f 73 6f 66 74 20 53 68 61 72 65 50 6f 69 6e 74 22 20 2f Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr"><head><meta name="GENERATOR" content="Microsoft SharePoint" /
2024-07-02 22:18:48 UTC	8192	IN	Data Raw: 69 6e 67 2c 5b 74 79 70 65 3d 73 75 62 6d 69 74 5d 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 72 69 6e 67 2c 62 75 74 74 6f 6e 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 72 69 6e 67 7b 6f 75 74 6c 69 6e 65 3a 31 70 78 20 64 6f 74 74 65 64 20 42 75 74 74 6f 6e 54 65 78 74 7d 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 2e 33 35 65 6d 20 2e 37 35 65 6d 20 2e 36 32 35 65 6d 7d 6c 65 67 65 6e 64 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 64 69 73 70 6c 61 79 3a 74 61 62 6c 65 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 70 61 64 64 69 6e 67 3a 30 3b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 72 6d 61 6c 7d 70 72 6f 67 72 65 73 73 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 76 65 72 Data Ascii: ing,[type=submit]:-moz-focusring,button:-moz-focusring{outline:1px dotted ButtonText}fieldset{padding:.35em .75em .625em}legend{box-sizing:border-box;color:inherit;display:table;max-width:100%;padding:0;white-space:normal}progress{display:inline-block;ver
2024-07-02 22:18:48 UTC	4144	IN	Data Raw: 3a 3a 2d 77 65 62 6b 69 74 2d 6f 75 74 65 72 2d 73 70 69 6e 2d 62 75 74 74 6f 6e 7b 6d 61 72 67 69 6e 3a 30 3b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 7d 69 6e 70 75 74 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 7b 2d 6d 6f 7a 2d 61 70 70 65 61 72 61 6e 63 65 3a 74 65 78 74 66 69 65 6c 64 7d 69 6e 70 75 74 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 3a 3a 2d 6d 73 2d 63 6c 65 61 72 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 64 65 73 6b 74 6f 70 2d 6c 6f 67 6f 7b 6d 61 72 67 69 6e 3a 35 37 70 78 20 30 20 32 30 70 78 7d 2e 6d 6f 62 69 6c 65 2d 6c 6f 67 6f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 34 70 78 7d 2e 6d 69 63 72 6f 73 6f 66 74 2d 6c 6f 67 6f 7b 68 65 69 67 68 74 3a 32 34 70 78 3b 77 69 64 74 68 3a 31 31 33 70 78 7d 2e 66 6f 72 Data Ascii: ::-webkit-outer-spin-button{margin:0;-webkit-appearance:none}input[type=number]{-moz-appearance:textfield}input[type=number]::-ms-clear{display:none}.desktop-logo{margin:57px 0 20px}.mobile-logo{margin-top:24px}.microsoft-logo{height:24px;width:113px}.for
2024-07-02 22:18:48 UTC	8192	IN	Data Raw: 35 61 63 63 30 65 61 2d 66 63 33 65 2d 34 37 31 30 2d 39 32 63 30 2d 38 37 61 31 66 36 33 63 63 37 33 36 22 3e 0d 0a 09 09 21 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 27 50 65 72 66 6f 72 6d 61 6e 63 65 4c 6f 6e 67 54 61 73 6b 54 69 6d 69 6e 67 27 20 69 6e 20 77 69 6e 64 6f 77 29 7b 76 61 72 20 67 3d 77 69 6e 64 6f 77 2e 5f 5f 74 74 69 3d 7b 65 3a 5b 5d 7d 3b 67 2e 6f 3d 6e 65 77 20 50 65 72 66 6f 72 6d 61 6e 63 65 4f 62 73 65 72 76 65 72 28 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 67 2e 65 3d 67 2e 65 2e 63 6f 6e 63 61 74 28 6c 2e 67 65 74 45 6e 74 72 69 65 73 28 29 29 7d 29 3b 67 2e 6f 2e 6f 62 73 65 72 76 65 28 7b 65 6e 74 72 79 54 79 70 65 73 3a 5b 27 6c 6f 6e 67 74 61 73 6b 27 5d 7d 29 7d 7d 28 29 3b 0d 0a 09 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 Data Ascii: 5acc0ea-fc3e-4710-92c0-87a1f63cc736">!function(){if('PerformanceLongTaskTiming' in window){var g=window.__tti={e:[]};g.o=new PerformanceObserver(function(l){g.e=g.e.concat(l.getEntries())});g.o.observe({entryTypes:['longtask']})}}();</script><scrip
2024-07-02 22:18:48 UTC	8192	IN	Data Raw: 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 74 29 3a 65 2e 45 53 36 50 72 6f 6d 69 73 65 3d 74 28 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 63 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 7d 66 75 6e 63 74 69 6f 6e 20 74 28 29 7b 76 61 72 20 65 3d 73 65 74 54 69 6d 65 6f 75 74 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 72 2c 31 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 72 28 29 7b 66 6f 72 28 76 61 72 20 65 3d 30 3b 65 3c 53 3b 65 2b 3d 32 29 7b 28 30 2c 54 5b 65 5d 29 28 54 5b 65 2b 31 5d 29 2c 54 5b 65 5d 3d 76 6f 69 64 20 Data Ascii: ion"==typeof define&&define.amd?define(t):e.ES6Promise=t()}(this,function(){"use strict";function c(e){return"function"==typeof e}function t(){var e=setTimeout;return function(){return e(r,1)}}function r(){for(var e=0;e<S;e+=2){(0,T[e])(T[e+1]),T[e]=void
2024-07-02 22:18:48 UTC	8192	IN	Data Raw: 74 69 6f 6e 28 65 2c 74 2c 72 2c 6e 29 7b 76 61 72 20 69 2c 6f 2c 73 3d 64 65 66 43 6f 6e 74 65 78 74 4e 61 6d 65 3b 69 66 28 21 69 73 41 72 72 61 79 28 65 29 26 26 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 29 7b 6f 3d 65 3b 69 66 28 69 73 41 72 72 61 79 28 74 29 29 7b 65 3d 74 3b 74 3d 72 3b 72 3d 6e 7d 65 6c 73 65 20 65 3d 5b 5d 7d 6f 26 26 6f 2e 63 6f 6e 74 65 78 74 26 26 28 73 3d 6f 2e 63 6f 6e 74 65 78 74 29 3b 69 3d 28 69 3d 67 65 74 4f 77 6e 28 63 6f 6e 74 65 78 74 73 2c 73 29 29 7c 7c 28 63 6f 6e 74 65 78 74 73 5b 73 5d 3d 72 65 71 2e 73 2e 6e 65 77 43 6f 6e 74 65 78 74 28 73 29 29 3b 6f 26 26 69 2e 63 6f 6e 66 69 67 75 72 65 28 6f 29 3b 72 65 74 75 72 6e 20 69 2e 72 65 71 75 69 72 65 28 65 2c 74 2c 72 29 7d 3b 72 65 71 2e 63 6f 6e 66 Data Ascii: tion(e,t,r,n){var i,o,s=defContextName;if(!isArray(e)&&"string"!=typeof e){o=e;if(isArray(t)){e=t;t=r;r=n}else e=[]}o&&o.context&&(s=o.context);i=(i=getOwn(contexts,s))\|\|(contexts[s]=req.s.newContext(s));o&&i.configure(o);return i.require(e,t,r)};req.conf
2024-07-02 22:18:48 UTC	8192	IN	Data Raw: 73 2e 6d 61 70 2e 69 64 5d 3a 6e 75 6c 6c 3b 74 2e 72 65 71 75 69 72 65 54 79 70 65 3d 74 68 69 73 2e 6d 61 70 2e 69 73 44 65 66 69 6e 65 3f 22 64 65 66 69 6e 65 22 3a 22 72 65 71 75 69 72 65 22 3b 72 65 74 75 72 6e 20 6a 28 74 68 69 73 2e 65 72 72 6f 72 3d 74 29 7d 7d 65 6c 73 65 20 69 3d 6f 3b 74 68 69 73 2e 65 78 70 6f 72 74 73 3d 69 3b 69 66 28 74 68 69 73 2e 6d 61 70 2e 69 73 44 65 66 69 6e 65 26 26 21 74 68 69 73 2e 69 67 6e 6f 72 65 29 7b 6d 5b 72 5d 3d 69 3b 69 66 28 72 65 71 2e 6f 6e 52 65 73 6f 75 72 63 65 4c 6f 61 64 29 7b 76 61 72 20 73 3d 5b 5d 3b 65 61 63 68 28 74 68 69 73 2e 64 65 70 4d 61 70 73 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 73 2e 70 75 73 68 28 65 2e 6e 6f 72 6d 61 6c 69 7a 65 64 4d 61 70 7c 7c 65 29 7d 29 3b 72 65 71 2e 6f 6e 52 Data Ascii: s.map.id]:null;t.requireType=this.map.isDefine?"define":"require";return j(this.error=t)}}else i=o;this.exports=i;if(this.map.isDefine&&!this.ignore){m[r]=i;if(req.onResourceLoad){var s=[];each(this.depMaps,function(e){s.push(e.normalizedMap\|\|e)});req.onR
2024-07-02 22:18:48 UTC	8192	IN	Data Raw: 61 69 6c 65 64 4d 6f 64 75 6c 65 73 20 3d 20 66 61 69 6c 4f 76 65 72 53 74 61 74 65 2e 6d 6f 64 75 6c 65 73 46 61 6c 6c 65 64 42 61 63 6b 3b 0d 0a 20 20 20 20 20 20 66 61 69 6c 65 64 4d 6f 64 75 6c 65 73 2e 70 75 73 68 28 6d 6f 64 75 6c 65 49 64 29 3b 0d 0a 20 20 20 20 20 20 69 66 20 28 21 66 61 69 6c 4f 76 65 72 53 74 61 74 65 2e 62 61 73 65 55 72 6c 46 61 69 6c 65 64 4f 76 65 72 20 26 26 20 66 61 69 6c 65 64 4d 6f 64 75 6c 65 73 2e 6c 65 6e 67 74 68 20 3e 3d 20 32 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 66 6f 72 20 28 76 61 72 20 69 64 20 69 6e 20 70 61 74 68 73 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 76 61 72 20 69 74 65 6d 73 20 3d 20 70 61 74 68 73 5b 69 64 5d 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 69 66 20 28 41 72 72 61 79 2e 69 73 41 72 72 61 Data Ascii: ailedModules = failOverState.modulesFalledBack; failedModules.push(moduleId); if (!failOverState.baseUrlFailedOver && failedModules.length >= 2) { for (var id in paths) { var items = paths[id]; if (Array.isArra
2024-07-02 22:18:48 UTC	8192	IN	Data Raw: 75 72 6e 20 66 61 6c 73 65 3b 69 66 20 28 74 79 70 65 6f 66 28 5f 73 70 46 6f 72 6d 4f 6e 53 75 62 6d 69 74 57 72 61 70 70 65 72 29 20 21 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 72 65 74 75 72 6e 20 5f 73 70 46 6f 72 6d 4f 6e 53 75 62 6d 69 74 57 72 61 70 70 65 72 28 29 3b 7d 20 65 6c 73 65 20 7b 72 65 74 75 72 6e 20 74 72 75 65 3b 7d 3b 0d 0a 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 7d 0d 0a 09 2f 2f 5d 5d 3e 0d 0a 3c 2f 73 63 72 69 70 74 3e 0d 0a 0d 0a 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 61 73 70 4e 65 74 48 69 64 64 65 6e 22 3e 0d 0a 0d 0a 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 5f 5f 56 49 45 57 53 54 41 54 45 47 45 4e 45 52 41 54 4f 52 22 20 69 64 3d 22 5f 5f 56 49 45 57 53 54 41 54 45 47 45 Data Ascii: urn false;if (typeof(_spFormOnSubmitWrapper) != 'undefined') {return _spFormOnSubmitWrapper();} else {return true;};return true;}//...</script><div class="aspNetHidden"><input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGE
2024-07-02 22:18:48 UTC	5367	IN	Data Raw: 5e 20 5c 5c 72 5c 5c 74 5c 5c 6e 5c 5c 66 40 5d 2b 40 5b 5e 20 5c 5c 72 5c 5c 74 5c 5c 6e 5c 5c 66 40 5d 2b 24 22 3b 0d 0a 09 76 61 72 20 49 6e 63 6f 72 72 65 63 74 54 4f 41 41 45 4d 61 69 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 20 3f 20 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 5b 22 49 6e 63 6f 72 72 65 63 74 54 4f 41 41 45 4d 61 69 6c 22 5d 20 3a 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 49 6e 63 6f 72 72 65 63 74 54 4f 41 41 45 4d 61 69 6c 22 29 3b 0d 0a 09 49 6e 63 6f 72 72 65 63 74 54 4f 41 41 45 4d 61 69 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 76 61 6c 69 64 61 74 65 20 3d 20 22 74 78 74 54 4f 41 41 45 6d 61 69 6c 22 3b 0d 0a 09 49 6e 63 6f 72 72 65 63 74 54 4f 41 41 45 4d 61 69 6c 2e 66 6f 63 75 73 4f 6e 45 72 72 6f Data Ascii: ^ \\r\\t\\n\\f@]+@[^ \\r\\t\\n\\f@]+$";var IncorrectTOAAEMail = document.all ? document.all["IncorrectTOAAEMail"] : document.getElementById("IncorrectTOAAEMail");IncorrectTOAAEMail.controltovalidate = "txtTOAAEmail";IncorrectTOAAEMail.focusOnErro

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.7	49709	13.107.136.10	443	6016	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:18:48 UTC	818	OUT	GET /WebResource.axd?d=uGOwVaDVQSQCpBdkqNc5yxvm33jVELtRB5xpLAgch1-8aQY5YKzdAoshrB0ev09NV2_tUKZlrSOnvNLyRrJpP1MXJLubWixpFoyHT_59rc81&t=638509456120891867 HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:18:48 UTC	752	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 23063 Content-Type: application/x-javascript Expires: Wed, 02 Jul 2025 03:06:30 GMT Last-Modified: Fri, 10 May 2024 20:46:52 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,262656,0,0,136,0,26650,21 X-AspNet-Version: 4.0.30319 SPRequestDuration: 3 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: A4B176D6EF0F42809D4D258F9A1C55A4 Ref B: EWR311000108011 Ref C: 2024-07-02T22:18:48Z Date: Tue, 02 Jul 2024 22:18:48 GMT Connection: close
2024-07-02 22:18:48 UTC	1674	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 50 6f 73 74 42 61 63 6b 4f 70 74 69 6f 6e 73 28 65 76 65 6e 74 54 61 72 67 65 74 2c 20 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 2c 20 76 61 6c 69 64 61 74 69 6f 6e 2c 20 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 2c 20 61 63 74 69 6f 6e 55 72 6c 2c 20 74 72 61 63 6b 46 6f 63 75 73 2c 20 63 6c 69 65 6e 74 53 75 62 6d 69 74 29 20 7b 0d 0a 20 20 20 20 74 68 69 73 2e 65 76 65 6e 74 54 61 72 67 65 74 20 3d 20 65 76 65 6e 74 54 61 72 67 65 74 3b 0d 0a 20 20 20 20 74 68 69 73 2e 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 20 3d 20 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 3b 0d 0a 20 20 20 20 74 68 69 73 2e 76 61 6c 69 64 61 74 69 6f 6e 20 3d 20 76 61 6c 69 64 61 74 69 6f 6e 3b 0d 0a 20 20 20 20 74 68 69 73 2e 76 61 6c Data Ascii: function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) { this.eventTarget = eventTarget; this.eventArgument = eventArgument; this.validation = validation; this.val
2024-07-02 22:18:48 UTC	8192	IN	Data Raw: 63 75 73 2e 76 61 6c 75 65 20 3d 20 61 63 74 69 76 65 2e 6e 61 6d 65 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 69 66 20 28 6f 70 74 69 6f 6e 73 2e 63 6c 69 65 6e 74 53 75 62 6d 69 74 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 5f 5f 64 6f 50 6f 73 74 42 61 63 6b 28 6f 70 74 69 6f 6e 73 2e 65 76 65 6e 74 54 61 72 67 65 74 2c 20 6f 70 74 69 6f 6e 73 2e 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 29 3b 0d 0a 20 20 20 20 7d 0d 0a 7d 0d 0a 76 61 72 20 5f 5f 70 65 6e 64 69 6e 67 43 61 6c 6c Data Ascii: cus.value = active.name; } } } } } } if (options.clientSubmit) { __doPostBack(options.eventTarget, options.eventArgument); }}var __pendingCall
2024-07-02 22:18:48 UTC	5888	IN	Data Raw: 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 65 6c 73 65 20 69 66 20 28 72 65 73 70 6f 6e 73 65 2e 63 68 61 72 41 74 28 30 29 20 3d 3d 20 22 65 22 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 28 74 79 70 65 6f 66 28 63 61 6c 6c 62 61 63 6b 4f 62 6a 65 63 74 2e 65 72 72 6f 72 43 61 6c 6c 62 61 63 6b 29 20 21 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 20 26 26 20 28 63 61 6c 6c 62 61 63 6b 4f 62 6a 65 63 74 2e 65 72 72 6f 72 43 61 6c 6c 62 61 63 6b 20 21 3d 20 6e 75 6c 6c 29 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 61 6c 6c 62 61 63 6b 4f 62 6a 65 63 74 2e 65 72 72 6f 72 43 61 6c 6c 62 61 63 6b 28 72 65 73 70 6f 6e 73 65 2e 73 75 62 73 74 72 69 6e 67 28 31 29 2c 20 63 61 6c 6c 62 61 63 6b 4f 62 6a 65 63 74 2e 63 6f 6e 74 65 Data Ascii: } } else if (response.charAt(0) == "e") { if ((typeof(callbackObject.errorCallback) != "undefined") && (callbackObject.errorCallback != null)) { callbackObject.errorCallback(response.substring(1), callbackObject.conte
2024-07-02 22:18:49 UTC	7309	IN	Data Raw: 20 20 20 20 20 20 20 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 5b 74 61 72 67 65 74 5d 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 57 65 62 46 6f 72 6d 5f 53 69 6d 75 6c 61 74 65 43 6c 69 63 6b 28 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 2c 20 65 76 65 6e 74 29 3b 0d 0a 20 20 20 20 20 20 20 20 7d 20 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 47 65 74 53 63 72 6f 6c 6c 58 28 29 20 7b 0d 0a 20 20 20 20 69 66 20 28 5f 5f 6e 6f 6e 4d 53 44 4f 4d 42 72 6f 77 73 65 72 29 20 7b 0d 0a Data Ascii: defaultButton = document.all[target]; } if (defaultButton) { return WebForm_SimulateClick(defaultButton, event); } } return true;}function WebForm_GetScrollX() { if (__nonMSDOMBrowser) {

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.7	49710	13.107.136.10	443	6016	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:18:48 UTC	883	OUT	GET /ScriptResource.axd?d=fz5b1NoOmf7XpLYfpTtd_ByoO6mCDajdygxqvwvlKPX_c2MLKN2zYNpRuVXw_sjj6mhIP1WreUiw9JFK6l4KlEFAy0WTw8Ah70RyGo2fFja05yf6L2IcMFjjohlUQOxpjzDft1zzk2yft58am4GMn4nI-Qsk4fUlW5TZfGWm_vg1&t=ffffffffa8ad04d3 HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:18:48 UTC	778	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 26951 Content-Type: application/x-javascript; charset=utf-8 Expires: Wed, 02 Jul 2025 22:18:48 GMT Last-Modified: Tue, 02 Jul 2024 22:18:48 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,2102272,117,456,4768941,0,1225149,74 X-AspNet-Version: 4.0.30319 SPRequestDuration: 7 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 809F7A6C488A417EB83CAFAF1512EB4E Ref B: EWR311000104051 Ref C: 2024-07-02T22:18:48Z Date: Tue, 02 Jul 2024 22:18:48 GMT Connection: close
2024-07-02 22:18:48 UTC	1745	IN	Data Raw: 76 61 72 20 50 61 67 65 5f 56 61 6c 69 64 61 74 69 6f 6e 56 65 72 20 3d 20 22 31 32 35 22 3b 0d 0a 76 61 72 20 50 61 67 65 5f 49 73 56 61 6c 69 64 20 3d 20 74 72 75 65 3b 0d 0a 76 61 72 20 50 61 67 65 5f 42 6c 6f 63 6b 53 75 62 6d 69 74 20 3d 20 66 61 6c 73 65 3b 0d 0a 76 61 72 20 50 61 67 65 5f 49 6e 76 61 6c 69 64 43 6f 6e 74 72 6f 6c 54 6f 42 65 46 6f 63 75 73 65 64 20 3d 20 6e 75 6c 6c 3b 0d 0a 76 61 72 20 50 61 67 65 5f 54 65 78 74 54 79 70 65 73 20 3d 20 2f 5e 28 74 65 78 74 7c 70 61 73 73 77 6f 72 64 7c 66 69 6c 65 7c 73 65 61 72 63 68 7c 74 65 6c 7c 75 72 6c 7c 65 6d 61 69 6c 7c 6e 75 6d 62 65 72 7c 72 61 6e 67 65 7c 63 6f 6c 6f 72 7c 64 61 74 65 74 69 6d 65 7c 64 61 74 65 7c 6d 6f 6e 74 68 7c 77 65 65 6b 7c 74 69 6d 65 7c 64 61 74 65 74 69 6d 65 Data Ascii: var Page_ValidationVer = "125";var Page_IsValid = true;var Page_BlockSubmit = false;var Page_InvalidControlToBeFocused = null;var Page_TextTypes = /^(text\|password\|file\|search\|tel\|url\|email\|number\|range\|color\|datetime\|date\|month\|week\|time\|datetime
2024-07-02 22:18:48 UTC	8192	IN	Data Raw: 41 52 45 41 22 20 26 26 20 63 6f 6e 74 72 6f 6c 2e 74 61 67 4e 61 6d 65 20 21 3d 20 22 53 45 4c 45 43 54 22 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 76 61 72 20 69 3b 0d 0a 20 20 20 20 20 20 20 20 66 6f 72 20 28 69 20 3d 20 30 3b 20 69 20 3c 20 63 6f 6e 74 72 6f 6c 2e 63 68 69 6c 64 4e 6f 64 65 73 2e 6c 65 6e 67 74 68 3b 20 69 2b 2b 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 56 61 6c 69 64 61 74 6f 72 48 6f 6f 6b 75 70 43 6f 6e 74 72 6f 6c 28 63 6f 6e 74 72 6f 6c 2e 63 68 69 6c 64 4e 6f 64 65 73 5b 69 5d 2c 20 76 61 6c 29 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 3b 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 65 6c 73 65 20 7b 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 74 79 70 65 6f 66 28 63 6f 6e 74 72 6f 6c 2e Data Ascii: AREA" && control.tagName != "SELECT") { var i; for (i = 0; i < control.childNodes.length; i++) { ValidatorHookupControl(control.childNodes[i], val); } return; } else { if (typeof(control.
2024-07-02 22:18:48 UTC	5791	IN	Data Raw: 6f 6e 47 72 6f 75 70 29 20 3d 3d 20 22 73 74 72 69 6e 67 22 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 63 6f 6e 74 72 6f 6c 47 72 6f 75 70 20 3d 20 63 6f 6e 74 72 6f 6c 2e 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 3b 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 72 65 74 75 72 6e 20 28 63 6f 6e 74 72 6f 6c 47 72 6f 75 70 20 3d 3d 20 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 29 3b 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 56 61 6c 69 64 61 74 6f 72 4f 6e 4c 6f 61 64 28 29 20 7b 0d 0a 20 20 20 20 69 66 20 28 74 79 70 65 6f 66 28 50 61 67 65 5f 56 61 6c 69 64 61 74 6f 72 73 29 20 3d 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 3b 0d 0a 20 20 20 20 76 61 72 20 69 2c 20 76 61 6c 3b 0d 0a 20 20 20 20 66 6f 72 20 28 69 20 Data Ascii: onGroup) == "string") { controlGroup = control.validationGroup; } return (controlGroup == validationGroup);}function ValidatorOnLoad() { if (typeof(Page_Validators) == "undefined") return; var i, val; for (i
2024-07-02 22:18:49 UTC	8192	IN	Data Raw: 65 74 56 61 6c 75 65 28 76 61 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 76 61 6c 69 64 61 74 65 29 3b 0d 0a 20 20 20 20 69 66 20 28 56 61 6c 69 64 61 74 6f 72 54 72 69 6d 28 76 61 6c 75 65 29 2e 6c 65 6e 67 74 68 20 3d 3d 20 30 29 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 20 20 20 20 76 61 72 20 63 6f 6d 70 61 72 65 54 6f 20 3d 20 22 22 3b 0d 0a 20 20 20 20 69 66 20 28 28 74 79 70 65 6f 66 28 76 61 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 63 6f 6d 70 61 72 65 29 20 21 3d 20 22 73 74 72 69 6e 67 22 29 20 7c 7c 0d 0a 20 20 20 20 20 20 20 20 28 74 79 70 65 6f 66 28 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 76 61 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 63 6f 6d 70 61 72 65 29 29 20 3d 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 Data Ascii: etValue(val.controltovalidate); if (ValidatorTrim(value).length == 0) return true; var compareTo = ""; if ((typeof(val.controltocompare) != "string") \|\| (typeof(document.getElementById(val.controltocompare)) == "undefined"
2024-07-02 22:18:49 UTC	3031	IN	Data Raw: 6f 72 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6c 65 6e 67 74 68 20 3d 20 70 61 72 73 65 53 70 65 63 69 66 69 63 41 74 74 72 69 62 75 74 65 28 73 65 6c 65 63 74 6f 72 2c 20 64 61 74 61 56 61 6c 69 64 61 74 69 6f 6e 41 74 74 72 69 62 75 74 65 2c 20 50 61 67 65 5f 56 61 6c 69 64 61 74 6f 72 73 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 65 6e 67 74 68 20 2b 3d 20 70 61 72 73 65 53 70 65 63 69 66 69 63 41 74 74 72 69 62 75 74 65 28 73 65 6c 65 63 74 6f 72 2c 20 64 61 74 61 56 61 6c 69 64 61 74 69 6f 6e 53 75 6d 6d 61 72 79 41 74 74 72 69 62 75 74 65 2c 20 50 61 67 65 5f 56 61 6c 69 64 61 74 69 6f 6e 53 75 6d 6d 61 72 69 65 73 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 6c 65 6e 67 74 68 3b 0d 0a 20 20 20 Data Ascii: or) { var length = parseSpecificAttribute(selector, dataValidationAttribute, Page_Validators); length += parseSpecificAttribute(selector, dataValidationSummaryAttribute, Page_ValidationSummaries); return length;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.7	49711	13.107.136.10	443	6016	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:18:48 UTC	896	OUT	GET /ScriptResource.axd?d=BPZZHAzyiNzOHF1qjpHwK2Iiip7ofKYDBinOf_3u64bxXfveZFChng8J6xm7E6G_NvDbY50Zc1CRv4_5WtD44aaLkCGiLE8dRk_RjlGSaXGP_XmyQ-XsxDsM15-yMp12VEq5pkLT7xq7ssFCpIVf3erlDm1aAay2ADnDVk01TwDgXUHVPZaNK6GUm2Onifr90&t=74258c30 HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:18:48 UTC	772	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 102801 Content-Type: application/x-javascript; charset=utf-8 Expires: Wed, 02 Jul 2025 22:18:48 GMT Last-Modified: Tue, 02 Jul 2024 22:18:48 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,525568,0,0,240300,0,57804,73 X-AspNet-Version: 4.0.30319 SPRequestDuration: 22 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 95732AD63D1640739909BF6B14CA1C9C Ref B: EWR311000107017 Ref C: 2024-07-02T22:18:48Z Date: Tue, 02 Jul 2024 22:18:48 GMT Connection: close
2024-07-02 22:18:48 UTC	1439	IN	Data Raw: 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0d 0a 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 2e 6a 73 0d 0a 46 75 6e 63 74 69 6f 6e 2e 5f 5f 74 79 70 65 4e 61 6d 65 3d 22 46 75 6e 63 74 69 6f 6e 22 3b 46 75 6e 63 74 69 6f 6e 2e 5f 5f 63 6c 61 73 73 3d Data Ascii: //----------------------------------------------------------// Copyright (C) Microsoft Corporation. All rights reserved.//----------------------------------------------------------// MicrosoftAjax.jsFunction.__typeName="Function";Function.__class=
2024-07-02 22:18:48 UTC	8192	IN	Data Raw: 21 61 2e 69 6e 74 65 67 65 72 2c 6b 3d 21 21 61 2e 64 6f 6d 45 6c 65 6d 65 6e 74 2c 6d 3d 21 21 61 2e 6d 61 79 42 65 4e 75 6c 6c 3b 62 3d 46 75 6e 63 74 69 6f 6e 2e 5f 76 61 6c 69 64 61 74 65 50 61 72 61 6d 65 74 65 72 54 79 70 65 28 63 2c 67 2c 6c 2c 6b 2c 6d 2c 68 29 3b 69 66 28 62 29 7b 62 2e 70 6f 70 53 74 61 63 6b 46 72 61 6d 65 28 29 3b 72 65 74 75 72 6e 20 62 7d 76 61 72 20 65 3d 61 2e 65 6c 65 6d 65 6e 74 54 79 70 65 2c 66 3d 21 21 61 2e 65 6c 65 6d 65 6e 74 4d 61 79 42 65 4e 75 6c 6c 3b 69 66 28 67 3d 3d 3d 41 72 72 61 79 26 26 74 79 70 65 6f 66 20 63 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 63 21 3d 3d 6e 75 6c 6c 26 26 28 65 7c 7c 21 66 29 29 7b 76 61 72 20 6a 3d 21 21 61 2e 65 6c 65 6d 65 6e 74 49 6e 74 65 67 65 72 2c 69 3d 21 21 61 2e Data Ascii: !a.integer,k=!!a.domElement,m=!!a.mayBeNull;b=Function._validateParameterType(c,g,l,k,m,h);if(b){b.popStackFrame();return b}var e=a.elementType,f=!!a.elementMayBeNull;if(g===Array&&typeof c!=="undefined"&&c!==null&&(e\|\|!f)){var j=!!a.elementInteger,i=!!a.
2024-07-02 22:18:48 UTC	6103	IN	Data Raw: 3d 62 2e 70 72 6f 74 6f 74 79 70 65 5b 61 5d 3b 69 66 28 21 74 68 69 73 2e 70 72 6f 74 6f 74 79 70 65 5b 61 5d 29 74 68 69 73 2e 70 72 6f 74 6f 74 79 70 65 5b 61 5d 3d 63 7d 64 65 6c 65 74 65 20 74 68 69 73 2e 5f 5f 62 61 73 65 50 72 6f 74 6f 74 79 70 65 50 65 6e 64 69 6e 67 7d 7d 3b 54 79 70 65 2e 67 65 74 52 6f 6f 74 4e 61 6d 65 73 70 61 63 65 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 41 72 72 61 79 2e 63 6c 6f 6e 65 28 53 79 73 2e 5f 5f 72 6f 6f 74 4e 61 6d 65 73 70 61 63 65 73 29 7d 3b 54 79 70 65 2e 69 73 43 6c 61 73 73 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 7c 7c 61 3d 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 72 65 74 75 72 6e 20 21 21 61 Data Ascii: =b.prototype[a];if(!this.prototype[a])this.prototype[a]=c}delete this.__basePrototypePending}};Type.getRootNamespaces=function(){return Array.clone(Sys.__rootNamespaces)};Type.isClass=function(a){if(typeof a==="undefined"\|\|a===null)return false;return !!a
2024-07-02 22:18:49 UTC	8192	IN	Data Raw: 45 76 65 6e 74 41 72 67 73 29 3b 54 79 70 65 2e 72 65 67 69 73 74 65 72 4e 61 6d 65 73 70 61 63 65 28 22 53 79 73 2e 55 49 22 29 3b 53 79 73 2e 5f 44 65 62 75 67 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 53 79 73 2e 5f 44 65 62 75 67 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 5f 61 70 70 65 6e 64 43 6f 6e 73 6f 6c 65 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 74 79 70 65 6f 66 20 44 65 62 75 67 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 44 65 62 75 67 2e 77 72 69 74 65 6c 6e 29 44 65 62 75 67 2e 77 72 69 74 65 6c 6e 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 26 26 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 29 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 6f 70 65 72 61 29 Data Ascii: EventArgs);Type.registerNamespace("Sys.UI");Sys._Debug=function(){};Sys._Debug.prototype={_appendConsole:function(a){if(typeof Debug!=="undefined"&&Debug.writeln)Debug.writeln(a);if(window.console&&window.console.log)window.console.log(a);if(window.opera)
2024-07-02 22:18:49 UTC	8192	IN	Data Raw: 75 6c 6c 2c 2d 31 2c 5b 62 5d 2c 63 29 29 3b 72 65 74 75 72 6e 20 74 72 75 65 7d 72 65 74 75 72 6e 20 66 61 6c 73 65 7d 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 72 65 6d 6f 76 65 41 74 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 61 29 7b 69 66 28 61 3e 2d 31 26 26 61 3c 62 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 63 3d 62 5b 61 5d 3b 41 72 72 61 79 2e 72 65 6d 6f 76 65 41 74 28 62 2c 61 29 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 5f 63 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 28 62 2c 6e 65 77 20 53 79 73 2e 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 28 53 79 73 2e 4e 6f 74 69 66 79 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 64 41 63 74 69 6f 6e 2e 72 65 6d 6f 76 65 2c 6e 75 6c 6c 2c 2d 31 2c 5b 63 5d 2c 61 29 29 7d 7d 3b 53 79 73 2e 4f 62 73 65 72 Data Ascii: ull,-1,[b],c));return true}return false};Sys.Observer.removeAt=function(b,a){if(a>-1&&a<b.length){var c=b[a];Array.removeAt(b,a);Sys.Observer._collectionChange(b,new Sys.CollectionChange(Sys.NotifyCollectionChangedAction.remove,null,-1,[c],a))}};Sys.Obser
2024-07-02 22:18:49 UTC	8192	IN	Data Raw: 53 74 72 69 6e 67 28 29 7d 66 75 6e 63 74 69 6f 6e 20 76 28 61 29 7b 69 66 28 61 3c 31 30 29 72 65 74 75 72 6e 20 22 30 30 30 22 2b 61 3b 65 6c 73 65 20 69 66 28 61 3c 31 30 30 29 72 65 74 75 72 6e 20 22 30 30 22 2b 61 3b 65 6c 73 65 20 69 66 28 61 3c 31 30 30 30 29 72 65 74 75 72 6e 20 22 30 22 2b 61 3b 72 65 74 75 72 6e 20 61 2e 74 6f 53 74 72 69 6e 67 28 29 7d 76 61 72 20 68 2c 70 2c 74 3d 2f 28 5b 5e 64 5d 7c 5e 29 28 64 7c 64 64 29 28 5b 5e 64 5d 7c 24 29 2f 67 3b 66 75 6e 63 74 69 6f 6e 20 73 28 29 7b 69 66 28 68 7c 7c 70 29 72 65 74 75 72 6e 20 68 3b 68 3d 74 2e 74 65 73 74 28 65 29 3b 70 3d 74 72 75 65 3b 72 65 74 75 72 6e 20 68 7d 76 61 72 20 71 3d 30 2c 6f 3d 44 61 74 65 2e 5f 67 65 74 54 6f 6b 65 6e 52 65 67 45 78 70 28 29 2c 66 3b 69 66 28 21 Data Ascii: String()}function v(a){if(a<10)return "000"+a;else if(a<100)return "00"+a;else if(a<1000)return "0"+a;return a.toString()}var h,p,t=/([^d]\|^)(d\|dd)([^d]\|$)/g;function s(){if(h\|\|p)return h;h=t.test(e);p=true;return h}var q=0,o=Date._getTokenRegExp(),f;if(!
2024-07-02 22:18:49 UTC	8192	IN	Data Raw: 68 69 73 2e 5f 75 70 70 65 72 41 62 62 72 44 61 79 73 3d 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 41 72 72 61 79 28 74 68 69 73 2e 64 61 74 65 54 69 6d 65 46 6f 72 6d 61 74 2e 41 62 62 72 65 76 69 61 74 65 64 44 61 79 4e 61 6d 65 73 29 3b 72 65 74 75 72 6e 20 41 72 72 61 79 2e 69 6e 64 65 78 4f 66 28 74 68 69 73 2e 5f 75 70 70 65 72 41 62 62 72 44 61 79 73 2c 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 28 61 29 29 7d 2c 5f 74 6f 55 70 70 65 72 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 62 3d 5b 5d 3b 66 6f 72 28 76 61 72 20 61 3d 30 2c 64 3d 63 2e 6c 65 6e 67 74 68 3b 61 3c 64 3b 61 2b 2b 29 62 5b 61 5d 3d 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 28 63 5b 61 5d 29 3b 72 65 74 75 72 6e 20 62 7d 2c 5f 74 6f 55 70 70 65 72 3a 66 75 6e 63 74 69 Data Ascii: his._upperAbbrDays=this._toUpperArray(this.dateTimeFormat.AbbreviatedDayNames);return Array.indexOf(this._upperAbbrDays,this._toUpper(a))},_toUpperArray:function(c){var b=[];for(var a=0,d=c.length;a<d;a++)b[a]=this._toUpper(c[a]);return b},_toUpper:functi
2024-07-02 22:18:49 UTC	8192	IN	Data Raw: 3d 3d 2d 31 29 69 66 28 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 4f 70 65 72 61 7c 7c 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 46 69 72 65 46 6f 78 29 61 3d 61 2e 73 70 6c 69 74 28 62 29 2e 6a 6f 69 6e 28 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 65 73 63 61 70 65 43 68 61 72 73 5b 62 5d 29 3b 65 6c 73 65 20 61 3d 61 2e 72 65 70 6c 61 63 65 28 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 63 68 61 72 73 54 6f 45 73 63 61 70 65 52 65 67 45 78 73 5b 62 5d 2c 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 Data Ascii: ==-1)if(Sys.Browser.agent===Sys.Browser.Opera\|\|Sys.Browser.agent===Sys.Browser.FireFox)a=a.split(b).join(Sys.Serialization.JavaScriptSerializer._escapeChars[b]);else a=a.replace(Sys.Serialization.JavaScriptSerializer._charsToEscapeRegExs[b],Sys.Serializat
2024-07-02 22:18:49 UTC	8192	IN	Data Raw: 66 28 74 79 70 65 6f 66 20 61 2e 6f 66 66 73 65 74 58 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 74 79 70 65 6f 66 20 61 2e 6f 66 66 73 65 74 59 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 7b 74 68 69 73 2e 6f 66 66 73 65 74 58 3d 61 2e 6f 66 66 73 65 74 58 3b 74 68 69 73 2e 6f 66 66 73 65 74 59 3d 61 2e 6f 66 66 73 65 74 59 7d 65 6c 73 65 20 69 66 28 74 68 69 73 2e 74 61 72 67 65 74 26 26 74 68 69 73 2e 74 61 72 67 65 74 2e 6e 6f 64 65 54 79 70 65 21 3d 3d 33 26 26 74 79 70 65 6f 66 20 61 2e 63 6c 69 65 6e 74 58 3d 3d 3d 22 6e 75 6d 62 65 72 22 29 7b 76 61 72 20 63 3d 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 67 65 74 4c 6f 63 61 74 69 6f 6e 28 74 68 69 73 2e 74 61 72 67 65 74 29 2c 64 3d 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e Data Ascii: f(typeof a.offsetX!=="undefined"&&typeof a.offsetY!=="undefined"){this.offsetX=a.offsetX;this.offsetY=a.offsetY}else if(this.target&&this.target.nodeType!==3&&typeof a.clientX==="number"){var c=Sys.UI.DomElement.getLocation(this.target),d=Sys.UI.DomElemen
2024-07-02 22:18:49 UTC	8192	IN	Data Raw: 69 6f 6e 28 61 29 7b 69 66 28 21 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 29 7b 76 61 72 20 62 3d 61 2e 63 75 72 72 65 6e 74 53 74 79 6c 65 7c 7c 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 5f 67 65 74 43 75 72 72 65 6e 74 53 74 79 6c 65 28 61 29 3b 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 3d 62 3f 62 2e 64 69 73 70 6c 61 79 3a 6e 75 6c 6c 3b 69 66 28 21 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 7c 7c 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 3d 3d 3d 22 6e 6f 6e 65 22 29 73 77 69 74 63 68 28 61 2e 74 61 67 4e 61 6d 65 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 29 7b 63 61 73 65 20 22 44 49 56 22 3a 63 61 73 65 20 22 50 22 3a 63 61 73 65 20 22 41 44 44 52 45 53 53 22 3a 63 61 73 65 20 22 42 4c 4f 43 4b 51 55 Data Ascii: ion(a){if(!a._oldDisplayMode){var b=a.currentStyle\|\|Sys.UI.DomElement._getCurrentStyle(a);a._oldDisplayMode=b?b.display:null;if(!a._oldDisplayMode\|\|a._oldDisplayMode==="none")switch(a.tagName.toUpperCase()){case "DIV":case "P":case "ADDRESS":case "BLOCKQU

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.7	49713	13.107.136.10	443	6016	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:18:48 UTC	896	OUT	GET /ScriptResource.axd?d=tM6FjENUq-AqRTrG-nKjsZBvBEL_WoCNVelbcqc-AiTFC5Zr5nKgI3s8s43QwNGHROgPUGDOMk8QarIRpFk51lj7vqW3Kny7uBviSE3Oxm-jOwp-V8yjBgIlfsWxiLilJfh7gZ_QADAxWhj82eyEXJBd0dnpYVXt_pPpciWccOwqXR_NN_UkaE-brJpn4gpT0&t=74258c30 HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:18:48 UTC	780	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 40326 Content-Type: application/x-javascript; charset=utf-8 Expires: Wed, 02 Jul 2025 22:18:48 GMT Last-Modified: Tue, 02 Jul 2024 22:18:48 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,4204800,81342,985,9164446,0,3004012,73 X-AspNet-Version: 4.0.30319 SPRequestDuration: 4 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: EC9B4B45EFBE4279B2DA1E2B302514DF Ref B: EWR311000103021 Ref C: 2024-07-02T22:18:48Z Date: Tue, 02 Jul 2024 22:18:48 GMT Connection: close
2024-07-02 22:18:48 UTC	1420	IN	Data Raw: 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0d 0a 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 57 65 62 46 6f 72 6d 73 2e 6a 73 0d 0a 54 79 70 65 2e 5f 72 65 67 69 73 74 65 72 53 63 72 69 70 74 28 22 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 57 65 62 46 6f Data Ascii: //----------------------------------------------------------// Copyright (C) Microsoft Corporation. All rights reserved.//----------------------------------------------------------// MicrosoftAjaxWebForms.jsType._registerScript("MicrosoftAjaxWebFo
2024-07-02 22:18:48 UTC	8192	IN	Data Raw: 73 2e 5f 72 65 73 70 6f 6e 73 65 7d 7d 3b 53 79 73 2e 57 65 62 46 6f 72 6d 73 2e 45 6e 64 52 65 71 75 65 73 74 45 76 65 6e 74 41 72 67 73 2e 72 65 67 69 73 74 65 72 43 6c 61 73 73 28 22 53 79 73 2e 57 65 62 46 6f 72 6d 73 2e 45 6e 64 52 65 71 75 65 73 74 45 76 65 6e 74 41 72 67 73 22 2c 53 79 73 2e 45 76 65 6e 74 41 72 67 73 29 3b 53 79 73 2e 57 65 62 46 6f 72 6d 73 2e 49 6e 69 74 69 61 6c 69 7a 65 52 65 71 75 65 73 74 45 76 65 6e 74 41 72 67 73 3d 66 75 6e 63 74 69 6f 6e 28 63 2c 62 2c 61 29 7b 53 79 73 2e 57 65 62 46 6f 72 6d 73 2e 49 6e 69 74 69 61 6c 69 7a 65 52 65 71 75 65 73 74 45 76 65 6e 74 41 72 67 73 2e 69 6e 69 74 69 61 6c 69 7a 65 42 61 73 65 28 74 68 69 73 29 3b 74 68 69 73 2e 5f 72 65 71 75 65 73 74 3d 63 3b 74 68 69 73 2e 5f 70 6f 73 74 42 Data Ascii: s._response}};Sys.WebForms.EndRequestEventArgs.registerClass("Sys.WebForms.EndRequestEventArgs",Sys.EventArgs);Sys.WebForms.InitializeRequestEventArgs=function(c,b,a){Sys.WebForms.InitializeRequestEventArgs.initializeBase(this);this._request=c;this._postB
2024-07-02 22:18:48 UTC	6114	IN	Data Raw: 68 69 73 2e 5f 67 65 74 5f 65 76 65 6e 74 48 61 6e 64 6c 65 72 4c 69 73 74 28 29 2e 72 65 6d 6f 76 65 48 61 6e 64 6c 65 72 28 22 70 61 67 65 4c 6f 61 64 69 6e 67 22 2c 61 29 7d 2c 61 62 6f 72 74 50 6f 73 74 42 61 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 21 74 68 69 73 2e 5f 70 72 6f 63 65 73 73 69 6e 67 52 65 71 75 65 73 74 26 26 74 68 69 73 2e 5f 72 65 71 75 65 73 74 29 7b 74 68 69 73 2e 5f 72 65 71 75 65 73 74 2e 67 65 74 5f 65 78 65 63 75 74 6f 72 28 29 2e 61 62 6f 72 74 28 29 3b 74 68 69 73 2e 5f 72 65 71 75 65 73 74 3d 6e 75 6c 6c 7d 7d 2c 62 65 67 69 6e 41 73 79 6e 63 50 6f 73 74 42 61 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 63 2c 61 2c 66 2c 64 2c 65 29 7b 69 66 28 64 26 26 74 79 70 65 6f 66 20 50 61 67 65 5f 43 6c 69 65 6e 74 56 61 6c 69 64 Data Ascii: his._get_eventHandlerList().removeHandler("pageLoading",a)},abortPostBack:function(){if(!this._processingRequest&&this._request){this._request.get_executor().abort();this._request=null}},beginAsyncPostBack:function(c,a,f,d,e){if(d&&typeof Page_ClientValid
2024-07-02 22:18:49 UTC	8192	IN	Data Raw: 67 65 5f 43 6c 69 65 6e 74 56 61 6c 69 64 61 74 65 28 61 2e 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 29 3b 69 66 28 64 29 7b 69 66 28 74 79 70 65 6f 66 20 61 2e 61 63 74 69 6f 6e 55 72 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 61 2e 61 63 74 69 6f 6e 55 72 6c 21 3d 6e 75 6c 6c 26 26 61 2e 61 63 74 69 6f 6e 55 72 6c 2e 6c 65 6e 67 74 68 3e 30 29 74 68 65 46 6f 72 6d 2e 61 63 74 69 6f 6e 3d 61 2e 61 63 74 69 6f 6e 55 72 6c 3b 69 66 28 61 2e 74 72 61 63 6b 46 6f 63 75 73 29 7b 76 61 72 20 63 3d 74 68 65 46 6f 72 6d 2e 65 6c 65 6d 65 6e 74 73 5b 22 5f 5f 4c 41 53 54 46 4f 43 55 53 22 5d 3b 69 66 28 74 79 70 65 6f 66 20 63 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 63 21 3d 6e 75 6c 6c 29 69 66 28 74 79 70 65 6f 66 20 64 6f 63 75 6d 65 6e 74 2e 61 Data Ascii: ge_ClientValidate(a.validationGroup);if(d){if(typeof a.actionUrl!="undefined"&&a.actionUrl!=null&&a.actionUrl.length>0)theForm.action=a.actionUrl;if(a.trackFocus){var c=theForm.elements["__LASTFOCUS"];if(typeof c!="undefined"&&c!=null)if(typeof document.a
2024-07-02 22:18:49 UTC	8192	IN	Data Raw: 22 29 3b 69 66 28 74 68 69 73 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 29 7b 62 2e 61 70 70 65 6e 64 28 74 68 69 73 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 29 3b 74 68 69 73 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 3d 6e 75 6c 6c 7d 76 61 72 20 63 3d 6e 65 77 20 53 79 73 2e 4e 65 74 2e 57 65 62 52 65 71 75 65 73 74 2c 61 3d 77 2e 61 63 74 69 6f 6e 3b 69 66 28 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 49 6e 74 65 72 6e 65 74 45 78 70 6c 6f 72 65 72 29 7b 76 61 72 20 72 3d 61 2e 69 6e 64 65 78 4f 66 28 22 23 22 29 3b 69 66 28 72 21 3d 3d 2d 31 29 61 3d 61 2e 73 75 62 73 74 72 28 30 2c 72 29 3b 76 61 72 20 6f 3d 22 22 2c 76 3d 22 22 2c 6d 3d 61 2e 69 6e 64 65 78 4f 66 28 22 Data Ascii: ");if(this._additionalInput){b.append(this._additionalInput);this._additionalInput=null}var c=new Sys.Net.WebRequest,a=w.action;if(Sys.Browser.agent===Sys.Browser.InternetExplorer){var r=a.indexOf("#");if(r!==-1)a=a.substr(0,r);var o="",v="",m=a.indexOf("
2024-07-02 22:18:49 UTC	8192	IN	Data Raw: 2e 5f 73 63 72 69 70 74 44 69 73 70 6f 73 65 73 5b 61 5d 2c 62 29 7d 2c 5f 73 63 72 69 70 74 49 6e 63 6c 75 64 65 73 4c 6f 61 64 43 6f 6d 70 6c 65 74 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 62 29 7b 69 66 28 62 2e 65 78 65 63 75 74 6f 72 2e 67 65 74 5f 77 65 62 52 65 71 75 65 73 74 28 29 21 3d 3d 74 68 69 73 2e 5f 72 65 71 75 65 73 74 29 72 65 74 75 72 6e 3b 74 68 69 73 2e 5f 63 6f 6d 6d 69 74 43 6f 6e 74 72 6f 6c 73 28 62 2e 75 70 64 61 74 65 50 61 6e 65 6c 44 61 74 61 2c 62 2e 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 54 69 6d 65 6f 75 74 4e 6f 64 65 3f 62 2e 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 54 69 6d 65 6f 75 74 4e 6f 64 65 2e 63 6f 6e 74 65 6e 74 3a 6e 75 6c 6c 29 3b 69 66 28 62 2e 66 6f 72 6d 41 63 74 69 6f 6e 4e 6f 64 65 29 74 68 69 73 2e 5f 66 6f Data Ascii: ._scriptDisposes[a],b)},_scriptIncludesLoadComplete:function(e,b){if(b.executor.get_webRequest()!==this._request)return;this._commitControls(b.updatePanelData,b.asyncPostBackTimeoutNode?b.asyncPostBackTimeoutNode.content:null);if(b.formActionNode)this._fo
2024-07-02 22:18:49 UTC	24	IN	Data Raw: 6c 69 7a 65 64 20 6d 6f 72 65 20 74 68 61 6e 20 6f 6e 63 65 2e 22 7d 3b Data Ascii: lized more than once."};

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.7	49712	13.107.136.10	443	6016	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:18:48 UTC	768	OUT	GET /_layouts/15/images/microsoft-logo.png HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:18:48 UTC	732	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 3331 Content-Type: image/png Last-Modified: Tue, 25 Jun 2024 04:08:42 GMT Accept-Ranges: bytes ETag: "a62f35eb5c6da1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,1051136,0,150,957010,0,629954,73 SPRequestDuration: 4 SPIisLatency: 1 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 56F693B92A4148838F4FD92D57A11EC1 Ref B: EWR311000103023 Ref C: 2024-07-02T22:18:48Z Date: Tue, 02 Jul 2024 22:18:48 GMT Connection: close
2024-07-02 22:18:48 UTC	3331	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 e2 00 00 00 30 08 06 00 00 00 0c e6 a6 f3 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 0c bd 49 44 41 54 78 01 ed 9c 3d 77 1b b9 15 86 47 b6 7a d3 bf c0 4c ca 34 66 4e d2 6b 5c 64 53 9a ee b3 c7 a3 5f 60 fa ab 8d a8 da 1f d2 fe 02 8f 72 d2 9b ee b2 95 c9 7e cf 46 aa dc 65 a9 5f b0 52 5a 7f 30 cf 4b 03 5c 0c 06 43 42 12 87 de 8d 31 e7 8c 81 7b 71 71 2f e6 05 5e 7c 0c 47 de fa 6f ff f7 b3 ac 85 0b a7 3f de 18 fd e7 4f 72 fd f7 ef b3 1f b6 b6 b2 79 7e dd a1 f6 ff 92 5d cb b6 b2 56 9e 61 dd 6d 4d fe 12 02 4d 08 5c 6b 2a 48 fa 84 40 42 60 73 08 24 22 6e 0e eb 14 29 21 d0 88 40 22 62 23 34 a9 20 21 b0 39 04 12 11 37 87 75 8a 94 10 68 44 20 11 b1 11 9a 54 90 10 d8 1c 02 89 88 9b c3 3a 45 4a 08 34 22 b0 dd Data Ascii: PNGIHDR0sRGBIDATx=wGzL4fNk\dS_`r~Fe_RZ0K\CB1{qq/^\|Go?Ory~]VamMM\k*H@B`s$"n)!@"b#4 !97uhD T:EJ4"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.7	49717	13.107.136.10	443	6016	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:18:49 UTC	393	OUT	GET /_layouts/15/images/microsoft-logo.png HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:18:49 UTC	730	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 3331 Content-Type: image/png Last-Modified: Tue, 25 Jun 2024 04:08:42 GMT Accept-Ranges: bytes ETag: "a62f35eb5c6da1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,525568,0,76,800164,0,235627,73 SPRequestDuration: 5 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 55986E13FD354ED1B7299A5FB4797047 Ref B: EWR311000107039 Ref C: 2024-07-02T22:18:49Z Date: Tue, 02 Jul 2024 22:18:49 GMT Connection: close
2024-07-02 22:18:49 UTC	3331	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 e2 00 00 00 30 08 06 00 00 00 0c e6 a6 f3 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 0c bd 49 44 41 54 78 01 ed 9c 3d 77 1b b9 15 86 47 b6 7a d3 bf c0 4c ca 34 66 4e d2 6b 5c 64 53 9a ee b3 c7 a3 5f 60 fa ab 8d a8 da 1f d2 fe 02 8f 72 d2 9b ee b2 95 c9 7e cf 46 aa dc 65 a9 5f b0 52 5a 7f 30 cf 4b 03 5c 0c 06 43 42 12 87 de 8d 31 e7 8c 81 7b 71 71 2f e6 05 5e 7c 0c 47 de fa 6f ff f7 b3 ac 85 0b a7 3f de 18 fd e7 4f 72 fd f7 ef b3 1f b6 b6 b2 79 7e dd a1 f6 ff 92 5d cb b6 b2 56 9e 61 dd 6d 4d fe 12 02 4d 08 5c 6b 2a 48 fa 84 40 42 60 73 08 24 22 6e 0e eb 14 29 21 d0 88 40 22 62 23 34 a9 20 21 b0 39 04 12 11 37 87 75 8a 94 10 68 44 20 11 b1 11 9a 54 90 10 d8 1c 02 89 88 9b c3 3a 45 4a 08 34 22 b0 dd Data Ascii: PNGIHDR0sRGBIDATx=wGzL4fNk\dS_`r~Fe_RZ0K\CB1{qq/^\|Go?Ory~]VamMM\k*H@B`s$"n)!@"b#4 !97uhD T:EJ4"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.7	49721	13.107.136.10	443	6016	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:18:50 UTC	768	OUT	GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/guestaccess.aspx?share=EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:18:50 UTC	738	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 7886 Content-Type: image/x-icon Last-Modified: Tue, 25 Jun 2024 04:09:01 GMT Accept-Ranges: bytes ETag: "7aea5269b5c6da1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,1051136,74,142,4004550,0,940435,73 SPRequestDuration: 5 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 2AA96FCF2C27402BA1C8241AE1F6C295 Ref B: EWR311000104037 Ref C: 2024-07-02T22:18:50Z Date: Tue, 02 Jul 2024 22:18:49 GMT Connection: close
2024-07-02 22:18:50 UTC	3432	IN	Data Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 c6 37 30 d0 c6 37 af d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 af d0 c6 37 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 6 hf( @ 7077777770
2024-07-02 22:18:50 UTC	4454	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 6c 03 bf 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 bf 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 6c 03 40 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: plplplplplplplplplplplplplplplplplplpl@plplplplplplplplplplplplplplplplpl@

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.7	49723	13.107.136.10	443	6016	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:18:50 UTC	393	OUT	GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-02 22:18:51 UTC	735	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 7886 Content-Type: image/x-icon Last-Modified: Tue, 25 Jun 2024 04:09:01 GMT Accept-Ranges: bytes ETag: "7aea5269b5c6da1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,1051136,0,0,6863766,0,941911,73 SPRequestDuration: 5 SPIisLatency: 1 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: C36C4F6D6D964F82A7854345FC8663D3 Ref B: EWR311000103031 Ref C: 2024-07-02T22:18:51Z Date: Tue, 02 Jul 2024 22:18:50 GMT Connection: close
2024-07-02 22:18:51 UTC	1879	IN	Data Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 c6 37 30 d0 c6 37 af d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 af d0 c6 37 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 6 hf( @ 7077777770
2024-07-02 22:18:51 UTC	6007	IN	Data Raw: 9b 1a ff a1 9b 1a ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff a5 a2 42 ff e9 e8 d0 ff ff ff ff ff e9 e8 d0 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 5d 59 0e ff 91 8b 17 ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff ad aa 52 ff e9 e8 d0 ff ff ff ff ff ff ff ff ff ff ff ff ff ad aa 52 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 5d 59 0e ff 91 8b 17 ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff Data Ascii: B]YRR]Y

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.7	49726	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:18:52 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-07-02 22:18:53 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=150612 Date: Tue, 02 Jul 2024 22:18:52 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.7	49728	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-07-02 22:18:53 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-07-02 22:18:54 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=150620 Date: Tue, 02 Jul 2024 22:18:54 GMT Content-Length: 55 Connection: close X-CID: 2
2024-07-02 22:18:54 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 3804, Parent PID: 5808

General

Target ID:	0
Start time:	18:18:35
Start date:	02/07/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff6c4390000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6016, Parent PID: 3804

General

Target ID:	5
Start time:	18:18:42
Start date:	02/07/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=2004,i,11345286447279090360,7519142752581784919,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff6c4390000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 3040, Parent PID: 5808

General

Target ID:	6
Start time:	18:18:44
Start date:	02/07/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g"
Imagebase:	0x7ff6c4390000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly