Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub

Overview

General Information

Sample URL:https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzN
Analysis ID:1466528
Infos:

Detection

HTMLPhisher
Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Yara detected HtmlPhish10
HTML body contains low number of good links
HTML title does not match URL
Stores files to the Windows start menu directory
Submit button contains javascript call
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5368 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 1852 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1936,i,9897313922879356444,17441930425800332553,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 5036 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_81JoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security

    HTML

    SourceRuleDescriptionAuthorStrings
    0.1.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
      0.0.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security

        Sigma Signatures

        No Sigma rule has matched

        Snort Signatures

        No Snort rule has matched

        Joe Sandbox Signatures

        Click to jump to signature section

        Show All Signature Results

        Phishing

        barindex
        Yara detected HtmlPhish10
        Source: Yara matchFile source: 0.1.pages.csv, type: HTML
        Source: Yara matchFile source: 0.0.pages.csv, type: HTML
        Source: Yara matchFile source: dropped/chromecache_81, type: DROPPED
        Source: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3dHTTP Parser: Number of links: 0
        Source: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3dHTTP Parser: Title: Sharing Link Validation does not match URL
        Source: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3dHTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true))
        Source: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3dHTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true))
        Source: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3dHTTP Parser: No <meta name="author".. found
        Source: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3dHTTP Parser: No <meta name="author".. found
        Source: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3dHTTP Parser: No <meta name="copyright".. found
        Source: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3dHTTP Parser: No <meta name="copyright".. found
        Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49734 version: TLS 1.0
        Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49721 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49725 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49734 version: TLS 1.0
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: global trafficHTTP traffic detected: GET /:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d HTTP/1.1Host: cottonaust-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /WebResource.axd?d=mjf41zbhcy6XSi2MT4IyfXy9eaA_1J2DzcHlChcfmbH9LgiujjrIBFG9F_XiAHLSQtWNSQI2DPkKf39dr0QR5eTTPvtGW770jKStT60E1Ok1&t=638533172441064469 HTTP/1.1Host: cottonaust-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /ScriptResource.axd?d=UB81VRIqU8-q--F_Tm8YSrMkmQn_FnAtBEJXqV-fw0a3QLGBGB09uXHhAA-UjRsiG461unCTYAHSok1cTsIvQNF8Civw5DnMopo4lRQi7zwa0ULv-TQjM7LW7pRAaHot14Cy72k2GboVUdRu0Glvj4qJJqD6TziWtjRqK1Wgsmw1&t=ffffffffa8ad04d3 HTTP/1.1Host: cottonaust-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /ScriptResource.axd?d=6Qrb1MfQHAYn0ld2KcB-IQagUn10Pz5rZNeeQFR9J31DjkkXSk6Ms-LupgZ2opu0gtlqdkYGjWhk_NfS0G8dmK-4IH4jF-bcKMZVrbzYRMUiqwBvCIUPUgnW_Ep2ufYz580Cqbm_g0V7ziifpquJmJAr0lDt1oViTng0WEBuRFbYE_sGYg6owziEf46s9z-T0&t=74258c30 HTTP/1.1Host: cottonaust-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /ScriptResource.axd?d=SEcewcKlewa2Zn8STa8wutLAB03BeU2Kte1tliaQWUNmEotkU_hQfYWZb8clo440783cWlQAWYOa9gponU1_PssX0i55ojQPo7OvA-g25rlV6707O5-4mlXca5Grx-XbN9odycpgyFYciaRc0LhaRRF_472P6sQ2f587XxWrT61rsrCpsUjgMQrk3x9NSSgB0&t=74258c30 HTTP/1.1Host: cottonaust-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /_layouts/15/images/microsoft-logo.png HTTP/1.1Host: cottonaust-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /_layouts/15/images/microsoft-logo.png HTTP/1.1Host: cottonaust-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1Host: cottonaust-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
        Source: global trafficHTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1Host: cottonaust-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficDNS traffic detected: DNS query: cottonaust-my.sharepoint.com
        Source: global trafficDNS traffic detected: DNS query: www.google.com
        Source: global trafficDNS traffic detected: DNS query: m365cdn.nel.measure.office.net
        Source: chromecache_73.2.drString found in binary or memory: http://github.com/jrburke/requirejs
        Source: chromecache_81.2.drString found in binary or memory: https://cottonaust-my.sharepoint.com/personal/alik_cotton_org_au/_layouts/15/images/256_icone.png
        Source: chromecache_78.2.drString found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
        Source: chromecache_81.2.drString found in binary or memory: https://res-1.cdn.office.net
        Source: chromecache_81.2.drString found in binary or memory: https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12008/require.js
        Source: chromecache_81.2.drString found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/
        Source: chromecache_81.2.drString found in binary or memory: https://res-2.cdn.office.net/files/odsp-web-prod_2024-06-14.009/
        Source: chromecache_81.2.drString found in binary or memory: https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js
        Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
        Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
        Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
        Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
        Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
        Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
        Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
        Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
        Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49721 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49725 version: TLS 1.2
        Source: classification engineClassification label: mal48.phis.win@16/30@8/4
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
        Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1936,i,9897313922879356444,17441930425800332553,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
        Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d"
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1936,i,9897313922879356444,17441930425800332553,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeAutomated click: Next
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeAutomated click: Next
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeAutomated click: Next
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeAutomated click: Next
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeAutomated click: Next
        Source: Window RecorderWindow detected: More than 3 window changes detected
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

        Mitre Att&ck Matrix

        ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
        Gather Victim Identity Information1
        Scripting        		Valid AccountsWindows Management Instrumentation1
        Scripting        		1
        Process Injection        		1
        Masquerading        		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
        Encrypted Channel        		Exfiltration Over Other Network MediumAbuse Accessibility Features
        CredentialsDomainsDefault AccountsScheduled Task/Job1
        Registry Run Keys / Startup Folder        		1
        Registry Run Keys / Startup Folder        		1
        Process Injection        		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
        Non-Application Layer Protocol        		Exfiltration Over BluetoothNetwork Denial of Service
        Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
        Application Layer Protocol        		Automated ExfiltrationData Encrypted for Impact
        Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
        Ingress Tool Transfer        		Traffic DuplicationData Destruction

        Behavior Graph

        Hide Legend

        Legend:

        • Process
        • Signature
        • Created File
        • DNS/IP Info
        • Is Dropped
        • Is Windows Process
        • Number of created Registry Values
        • Number of created Files
        • Visual Basic
        • Delphi
        • Java
        • .Net C# or VB.NET
        • C, C++ or other language
        • Is malicious
        • Internet

        Screenshots

        Thumbnails

        This section contains all screenshots as thumbnails, including those not shown in the slideshow.


        windows-stand

        Antivirus, Machine Learning and Genetic Malware Detection

        Initial Sample

        SourceDetectionScannerLabelLink
        https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d0%Avira URL Cloudsafe

        Dropped Files

        No Antivirus matches

        Unpacked PE Files

        No Antivirus matches

        Domains

        No Antivirus matches

        URLs

        SourceDetectionScannerLabelLink
        https://reactjs.org/docs/error-decoder.html?invariant=0%URL Reputationsafe
        https://cottonaust-my.sharepoint.com/WebResource.axd?d=mjf41zbhcy6XSi2MT4IyfXy9eaA_1J2DzcHlChcfmbH9LgiujjrIBFG9F_XiAHLSQtWNSQI2DPkKf39dr0QR5eTTPvtGW770jKStT60E1Ok1&t=6385331724410644690%Avira URL Cloudsafe
        https://cottonaust-my.sharepoint.com/personal/alik_cotton_org_au/_layouts/15/images/256_icone.png0%Avira URL Cloudsafe
        http://github.com/jrburke/requirejs0%Avira URL Cloudsafe
        https://cottonaust-my.sharepoint.com/ScriptResource.axd?d=6Qrb1MfQHAYn0ld2KcB-IQagUn10Pz5rZNeeQFR9J31DjkkXSk6Ms-LupgZ2opu0gtlqdkYGjWhk_NfS0G8dmK-4IH4jF-bcKMZVrbzYRMUiqwBvCIUPUgnW_Ep2ufYz580Cqbm_g0V7ziifpquJmJAr0lDt1oViTng0WEBuRFbYE_sGYg6owziEf46s9z-T0&t=74258c300%Avira URL Cloudsafe
        https://cottonaust-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=470%Avira URL Cloudsafe
        https://cottonaust-my.sharepoint.com/_layouts/15/images/microsoft-logo.png0%Avira URL Cloudsafe
        https://cottonaust-my.sharepoint.com/ScriptResource.axd?d=SEcewcKlewa2Zn8STa8wutLAB03BeU2Kte1tliaQWUNmEotkU_hQfYWZb8clo440783cWlQAWYOa9gponU1_PssX0i55ojQPo7OvA-g25rlV6707O5-4mlXca5Grx-XbN9odycpgyFYciaRc0LhaRRF_472P6sQ2f587XxWrT61rsrCpsUjgMQrk3x9NSSgB0&t=74258c300%Avira URL Cloudsafe
        https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js0%Avira URL Cloudsafe
        https://cottonaust-my.sharepoint.com/ScriptResource.axd?d=UB81VRIqU8-q--F_Tm8YSrMkmQn_FnAtBEJXqV-fw0a3QLGBGB09uXHhAA-UjRsiG461unCTYAHSok1cTsIvQNF8Civw5DnMopo4lRQi7zwa0ULv-TQjM7LW7pRAaHot14Cy72k2GboVUdRu0Glvj4qJJqD6TziWtjRqK1Wgsmw1&t=ffffffffa8ad04d30%Avira URL Cloudsafe

        Domains and IPs

        Contacted Domains

        NameIPActiveMaliciousAntivirus DetectionReputation
        dual-spo-0005.spo-msedge.net
        		13.107.136.10
        		truefalse
          		unknown
          edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
          		217.20.57.34
          		truefalse
            		unknown
            www.google.com
            		142.250.74.196
            		truefalse
              		unknown
              fp2e7a.wpc.phicdn.net
              		192.229.221.95
              		truefalse
                		unknown
                cottonaust-my.sharepoint.com
                		unknown
                		unknownfalse
                  		unknown
                  m365cdn.nel.measure.office.net
                  		unknown
                  		unknownfalse
                    		unknown

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://cottonaust-my.sharepoint.com/ScriptResource.axd?d=UB81VRIqU8-q--F_Tm8YSrMkmQn_FnAtBEJXqV-fw0a3QLGBGB09uXHhAA-UjRsiG461unCTYAHSok1cTsIvQNF8Civw5DnMopo4lRQi7zwa0ULv-TQjM7LW7pRAaHot14Cy72k2GboVUdRu0Glvj4qJJqD6TziWtjRqK1Wgsmw1&t=ffffffffa8ad04d3false
                    • Avira URL Cloud: safe
                    		unknown
                    https://cottonaust-my.sharepoint.com/ScriptResource.axd?d=6Qrb1MfQHAYn0ld2KcB-IQagUn10Pz5rZNeeQFR9J31DjkkXSk6Ms-LupgZ2opu0gtlqdkYGjWhk_NfS0G8dmK-4IH4jF-bcKMZVrbzYRMUiqwBvCIUPUgnW_Ep2ufYz580Cqbm_g0V7ziifpquJmJAr0lDt1oViTng0WEBuRFbYE_sGYg6owziEf46s9z-T0&t=74258c30false
                    • Avira URL Cloud: safe
                    		unknown
                    https://cottonaust-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47false
                    • Avira URL Cloud: safe
                    		unknown
                    https://cottonaust-my.sharepoint.com/WebResource.axd?d=mjf41zbhcy6XSi2MT4IyfXy9eaA_1J2DzcHlChcfmbH9LgiujjrIBFG9F_XiAHLSQtWNSQI2DPkKf39dr0QR5eTTPvtGW770jKStT60E1Ok1&t=638533172441064469false
                    • Avira URL Cloud: safe
                    		unknown
                    https://cottonaust-my.sharepoint.com/_layouts/15/images/microsoft-logo.pngfalse
                    • Avira URL Cloud: safe
                    		unknown
                    https://cottonaust-my.sharepoint.com/ScriptResource.axd?d=SEcewcKlewa2Zn8STa8wutLAB03BeU2Kte1tliaQWUNmEotkU_hQfYWZb8clo440783cWlQAWYOa9gponU1_PssX0i55ojQPo7OvA-g25rlV6707O5-4mlXca5Grx-XbN9odycpgyFYciaRc0LhaRRF_472P6sQ2f587XxWrT61rsrCpsUjgMQrk3x9NSSgB0&t=74258c30false
                    • Avira URL Cloud: safe
                    		unknown

                    URLs from Memory and Binaries

                    NameSourceMaliciousAntivirus DetectionReputation
                    http://github.com/jrburke/requirejschromecache_73.2.drfalse
                    • Avira URL Cloud: safe
                    		unknown
                    https://cottonaust-my.sharepoint.com/personal/alik_cotton_org_au/_layouts/15/images/256_icone.pngchromecache_81.2.drfalse
                    • Avira URL Cloud: safe
                    		unknown
                    https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.jschromecache_81.2.drfalse
                    • Avira URL Cloud: safe
                    		unknown
                    https://reactjs.org/docs/error-decoder.html?invariant=chromecache_78.2.drfalse
                    • URL Reputation: safe
                    		unknown

                    World Map of Contacted IPs

                    • No. of IPs < 25%
                    • 25% < No. of IPs < 50%
                    • 50% < No. of IPs < 75%
                    • 75% < No. of IPs

                    Public IPs

                    IPDomainCountryFlagASNASN NameMalicious
                    13.107.136.10
                    		dual-spo-0005.spo-msedge.netUnited States
                    		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                    239.255.255.250
                    		unknownReserved
                    		unknownunknownfalse
                    142.250.74.196
                    		www.google.comUnited States
                    		15169GOOGLEUSfalse

                    Private

                    IP
                    192.168.2.5

                    General Information

                    Joe Sandbox version:40.0.0 Tourmaline
                    Analysis ID:1466528
                    Start date and time:2024-07-03 01:51:04 +02:00
                    Joe Sandbox product:CloudBasic
                    Overall analysis duration:0h 3m 4s
                    Hypervisor based Inspection enabled:false
                    Report type:full
                    Cookbook file name:browseurl.jbs
                    Sample URL:https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d
                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                    Number of analysed new started processes analysed:8
                    Number of new started drivers analysed:0
                    Number of existing processes analysed:0
                    Number of existing drivers analysed:0
                    Number of injected processes analysed:0
                    Technologies:
                    • HCA enabled
                    • EGA enabled
                    • AMSI enabled
                    Analysis Mode:default
                    Analysis stop reason:Timeout
                    Detection:MAL
                    Classification:mal48.phis.win@16/30@8/4
                    EGA Information:Failed
                    HCA Information:
                    • Successful, ratio: 100%
                    • Number of executed functions: 0
                    • Number of non-executed functions: 0

                    Warnings

                    • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                    • Excluded IPs from analysis (whitelisted): 216.58.206.67, 142.250.185.110, 74.125.71.84, 34.104.35.123, 2.17.22.9, 2.17.22.27, 142.250.186.170, 142.250.185.234, 216.58.206.42, 216.58.206.74, 142.250.185.170, 172.217.16.202, 142.250.185.202, 142.250.185.138, 142.250.186.74, 172.217.23.106, 142.250.184.234, 142.250.185.106, 142.250.185.74, 142.250.186.138, 142.250.186.106, 142.250.181.234, 2.16.241.17, 2.16.241.15, 40.127.169.103, 217.20.57.34, 192.229.221.95, 20.242.39.171, 172.217.23.99, 2.19.126.137, 2.19.126.163
                    • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, e40491.dscd.akamaiedge.net, clientservices.googleapis.com, res-1.cdn.office.net, a767.dspw65.akamai.net, a1894.dscb.akamai.net, clients2.google.com, 196426-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.net, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, wu-b-net.trafficmanager.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, download.windowsupdate.com.edgesuite.net, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net
                    • Not all processes where analyzed, report is missing behavior information
                    • Report size getting too big, too many NtSetInformationFile calls found.
                    • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                    • VT rate limit hit for: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d

                    Simulations

                    Behavior and APIs

                    No simulations

                    LLM Input / Output

                    InputOutput
                    URL: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5Nzll Model: Perplexity: mixtral-8x7b-instruct
                    {"loginform": true,"urgency": false,
                    Title: Sharing Link Validation OCR: OneDrive Microsoft Verify Your Identity You've received a secure link to: BRAND RELATIONS MANAGER COTTON TO MARKET To open this secure link. we'll need you to enter the email that this item was shared to. O Enter email Next By clicking Next you allow COTTON AUSTRALIA LIMITED to use your email address in accordance with their privacy statement. COTTON AUSTRALIA LIMITED has not provided links to their terms for you to review. 2017 Microsoft Privacy & Cookies
                    URL: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5Nzll Model: Perplexity: mixtral-8x7b-instruct
                    {"loginform": true,"urgency": false,
                    Title: Sharing Link Validation OCR: OneDrive Microsoft Verify Your Identity You've received a secure link to: BRAND RELATIONS MANAGER COTTON TO MARKET To open this secure link. we'll need you to enter the email that this item was shared to. O Enter email Your email address is required Next By clicking Next you allow COTTON AUSTRALIA LIMITED to use your email address in accordance with their privacy statement. COTTON AUSTRALIA LIMITED has not provided links to their terms for you to review. 2017 Microsoft Privacy & Cookies

                    Joe Sandbox View / Context

                    IPs

                    No context

                    Domains

                    No context

                    ASNs

                    No context

                    JA3 Fingerprints

                    No context

                    Dropped Files

                    No context

                    Created / dropped Files

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 22:51:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                    Category:dropped
                    Size (bytes):2677
                    Entropy (8bit):3.981759542555363
                    Encrypted:false
                    SSDEEP:48:8XvdYwT4Up1H5idAKZdA19ehwiZUklqehKlxy+3:8WwkaNrxy
                    MD5:EC2B2457384D94418B55146BC9CD782D
                    SHA1:565C7452CE89D90A1E464AF4082B57A2423BDF2D
                    SHA-256:21CC6B1871131CDE2001810882C9B773422AE038E14DBB5D868C33D1C84F812A
                    SHA-512:51E00E9627B34E2424E1E104761156306BEFC5F3C8027947D414D60FE42180845551DFE58A2018FD9726C9F78104D32895832550647843981949E4478E12FFF9
                    Malicious:false
                    Reputation:low
                    Preview:L..................F.@.. ...$+.,............N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Xz.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........3........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 22:51:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                    Category:dropped
                    Size (bytes):2679
                    Entropy (8bit):3.9958476107303382
                    Encrypted:false
                    SSDEEP:48:8OdYwT4Up1H5idAKZdA1weh/iZUkAQkqehZlxy+2:8vwkan9Q4xy
                    MD5:20B52EB115D2BD6A256DD5777849117D
                    SHA1:B93216113703797A61DEAD6E3FC7CD99ED7E8859
                    SHA-256:6995C79C314BC0F693CBFD7E188DBC08657309405632157042E549856829B281
                    SHA-512:325F8A87EAD97DE0FBE9CB51AC0833544C2D0EE68AF3CDFC259E3E622D5C5DFD08123A534E7F1834AC1FCD48098207A55D8576703F919102F260C52FE37A59B4
                    Malicious:false
                    Reputation:low
                    Preview:L..................F.@.. ...$+.,.....5......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Xz.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........3........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                    Category:dropped
                    Size (bytes):2693
                    Entropy (8bit):4.00578685025677
                    Encrypted:false
                    SSDEEP:48:8xqdYwT4UpsH5idAKZdA14tseh7sFiZUkmgqeh7sPlxy+BX:8xDwkaYnfxy
                    MD5:159AD17625670CD3A4CC8A17F9E68515
                    SHA1:E0233C4E54404ED2E039971DC3C3AE5EAB5CECCA
                    SHA-256:1125DAE38D3A03676B6D6A6DD2002A092889D3CC95420DF7F0EF184F7E410664
                    SHA-512:38514790C7DFBA052A9AB4BC79A9908D0D2289B401B50F4DA8E732D220FB97C55CF6DF0335D85B8F5E51BA91CF881E2097CAD15460FEA43C048AF7D9CB7637C8
                    Malicious:false
                    Reputation:low
                    Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Xz.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........3........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 22:51:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                    Category:dropped
                    Size (bytes):2681
                    Entropy (8bit):3.996328005459617
                    Encrypted:false
                    SSDEEP:48:8AdYwT4Up1H5idAKZdA1vehDiZUkwqehNlxy+R:8lwkaEVxy
                    MD5:F18E03652A96AF7632D60AE4546498F9
                    SHA1:877661E83F424716A2ABDBCB28E1E9C73F8BFB4C
                    SHA-256:C6D26EDD3A8365140E5EEE6CFC149B03E1C5544F9ED69226BD3D7FDE434430FD
                    SHA-512:ECD261D676F7378DFDA3CDED0326D61F9C7ADC2CCD51864BF17AC598AA1F0A6681DCC9FBE7700B9D5F6A70BB8E5558A258B3F977C2427817ACC4A8AE56905B9B
                    Malicious:false
                    Reputation:low
                    Preview:L..................F.@.. ...$+.,...."[......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Xz.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........3........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 22:51:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                    Category:dropped
                    Size (bytes):2681
                    Entropy (8bit):3.9850208591113545
                    Encrypted:false
                    SSDEEP:48:8adYwT4Up1H5idAKZdA1hehBiZUk1W1qehblxy+C:8TwkaE9hxy
                    MD5:14A2166D85D3D1240F41C15315CD3CD3
                    SHA1:6924F16EAE45FFA8101A112515657DC9CF577A29
                    SHA-256:639EDA20FBD84AB27429F991C895B99287D22FB031BE1E24EA6D683E96525C95
                    SHA-512:3CC27EF58DABB824255562BC8B014DB9F9DBB611425C43B3B855FFDB13466F3E4AAEA30431ABE45C7F40C6AB1B4D8E63B79CABBD7F23670D89A8F8B9C081118B
                    Malicious:false
                    Reputation:low
                    Preview:L..................F.@.. ...$+.,....XM......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Xz.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........3........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 22:51:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                    Category:dropped
                    Size (bytes):2683
                    Entropy (8bit):3.994091468140395
                    Encrypted:false
                    SSDEEP:48:8zdYwT4Up1H5idAKZdA1duT+ehOuTbbiZUk5OjqehOuTbFlxy+yT+:8SwkaqT/TbxWOvTbfxy7T
                    MD5:C073775A04AB208AF0F4DB8A506FFC27
                    SHA1:64AC927AB94F6EF6E172C27FC655C473CDC09B40
                    SHA-256:046AA303F2D3D3624B156983E346E5B11D85A6B4E9E046E302BA953D2F78FFB7
                    SHA-512:CBDEE53D8464AB942D8A5C5397862A11F1EB727C6C0AAFE45AE3AF0EEDB6C192F7F4F87E699E1C83C0647DA09DBA43B8D724F2EAC665D875F3705072416B6021
                    Malicious:false
                    Reputation:low
                    Preview:L..................F.@.. ...$+.,.....A......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Xz.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........3........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                    Chrome Cache Entry: 70

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:ASCII text, with CRLF line terminators
                    Category:downloaded
                    Size (bytes):26951
                    Entropy (8bit):4.514992390210281
                    Encrypted:false
                    SSDEEP:384:jMgviMjM4if38GmhXeC1QRwweTkBE9wbOY4Jf/JhRZ5h+73hNVt8oC4veONhLYVi:CLEiJSdo11vIYHqb5Klo8v
                    MD5:B3D7A123BE5203A1A3F0F10233ED373F
                    SHA1:F4C61F321D8F79A805B356C6EC94090C0D96215C
                    SHA-256:EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192
                    SHA-512:A01BFE8546E59C8AF83280A795B3F56DFA23D556B992813A4EB70089E80621686C7B51EE87B3109502667CAF1F95CBCA074BF607E543A0390BF6F8BB3ECD992B
                    Malicious:false
                    Reputation:low
                    URL:https://cottonaust-my.sharepoint.com/ScriptResource.axd?d=UB81VRIqU8-q--F_Tm8YSrMkmQn_FnAtBEJXqV-fw0a3QLGBGB09uXHhAA-UjRsiG461unCTYAHSok1cTsIvQNF8Civw5DnMopo4lRQi7zwa0ULv-TQjM7LW7pRAaHot14Cy72k2GboVUdRu0Glvj4qJJqD6TziWtjRqK1Wgsmw1&t=ffffffffa8ad04d3
                    Preview:var Page_ValidationVer = "125";..var Page_IsValid = true;..var Page_BlockSubmit = false;..var Page_InvalidControlToBeFocused = null;..var Page_TextTypes = /^(text|password|file|search|tel|url|email|number|range|color|datetime|date|month|week|time|datetime-local)$/i;..function ValidatorUpdateDisplay(val) {.. if (typeof(val.display) == "string") {.. if (val.display == "None") {.. return;.. }.. if (val.display == "Dynamic") {.. val.style.display = val.isvalid ? "none" : "inline";.. return;.. }.. }.. if ((navigator.userAgent.indexOf("Mac") > -1) &&.. (navigator.userAgent.indexOf("MSIE") > -1)) {.. val.style.display = "inline";.. }.. val.style.visibility = val.isvalid ? "hidden" : "visible";..}..function ValidatorUpdateIsValid() {.. Page_IsValid = AllValidatorsValid(Page_Validators);..}..function AllValidatorsValid(validators) {.. if ((typeof(validators) != "undefined") && (validators != null)) {

                    Chrome Cache Entry: 71

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:ASCII text, with very long lines (65329), with CRLF line terminators
                    Category:downloaded
                    Size (bytes):102801
                    Entropy (8bit):5.336080509196147
                    Encrypted:false
                    SSDEEP:1536:MGLiogSomRYvoGtT+KHsVS0bT79DSsi46j/LPyR7kbE:MGLXGFKT79DSs6WCE
                    MD5:C89EAA5B28DF1E17376BE71D71649173
                    SHA1:2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD
                    SHA-256:66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C
                    SHA-512:B73D56304986CD587DA17BEBF21341B450D41861824102CC53885D863B118F6FDF2456B20791B9A7AE56DF91403F342550AF9E46F7401429FBA1D4A15A6BD3C0
                    Malicious:false
                    Reputation:low
                    URL:https://cottonaust-my.sharepoint.com/ScriptResource.axd?d=6Qrb1MfQHAYn0ld2KcB-IQagUn10Pz5rZNeeQFR9J31DjkkXSk6Ms-LupgZ2opu0gtlqdkYGjWhk_NfS0G8dmK-4IH4jF-bcKMZVrbzYRMUiqwBvCIUPUgnW_Ep2ufYz580Cqbm_g0V7ziifpquJmJAr0lDt1oViTng0WEBuRFbYE_sGYg6owziEf46s9z-T0&t=74258c30
                    Preview://----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjax.js..Function.__typeName="Function";Function.__class=true;Function.createCallback=function(b,a){return function(){var e=arguments.length;if(e>0){var d=[];for(var c=0;c<e;c++)d[c]=arguments[c];d[e]=a;return b.apply(this,d)}return b.call(this,a)}};Function.createDelegate=function(a,b){return function(){return b.apply(a,arguments)}};Function.emptyFunction=Function.emptyMethod=function(){};Function.validateParameters=function(c,b,a){return Function._validateParams(c,b,a)};Function._validateParams=function(g,e,c){var a,d=e.length;c=c||typeof c==="undefined";a=Function._validateParameterCount(g,e,c);if(a){a.popStackFrame();return a}for(var b=0,i=g.length;b<i;b++){var f=e[Math.min(b,d-1)],h=f.name;if(f.parameterArray)h+="["+(b-d+1)+"]";else if(!c&&b>=d)break;a=Function._validateParameter(g[b],f

                    Chrome Cache Entry: 72

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
                    Category:dropped
                    Size (bytes):7886
                    Entropy (8bit):3.9482833105763633
                    Encrypted:false
                    SSDEEP:48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E
                    MD5:0B60F3C9E4DA6E807E808DA7360F24F2
                    SHA1:9AFC7ABB910DE855EFB426206E547574A1E074B7
                    SHA-256:ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
                    SHA-512:1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
                    Malicious:false
                    Reputation:low
                    Preview:...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................

                    Chrome Cache Entry: 73

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:ASCII text, with very long lines (17444)
                    Category:downloaded
                    Size (bytes):17672
                    Entropy (8bit):5.233316811547578
                    Encrypted:false
                    SSDEEP:384:lpLsOooX8uvFBiRh+HnEDuvvy1pqvuvDX/0ohHK9mm+tMHvVOPoQeOMmuI:QnoX8uNB2YHnEDsvy1pqvub/0iq4NMHM
                    MD5:6EFDDF589864D2E146A55C01C6764A35
                    SHA1:EFA8BBA46CB97877EEC5430C43F0AC32585B6B2F
                    SHA-256:2D92F0CE8491D2F9A27EA16D261A15089C4A9BE879D1EEDCB6F4A3859E7F1999
                    SHA-512:1AFC735660AAE010C04EF89C732D08EBA1B87BE6048164F273BEAEBECA3F30062812B4CD141DDF0291A6AB54F730875D597678A3564C0EED2AAC11E5400F951A
                    Malicious:false
                    Reputation:low
                    URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12008/require.js
                    Preview:/** vim: et:ts=4:sw=4:sts=4. * @license RequireJS 2.1.22 Copyright (c) 2010-2015, The Dojo Foundation All Rights Reserved.. * Available via the MIT or new BSD license.. * see: http://github.com/jrburke/requirejs for details. */.var requirejs,require,define;!function(global){function isFunction(e){return"[object Function]"===ostring.call(e)}function isArray(e){return"[object Array]"===ostring.call(e)}function each(e,t){if(e){var r;for(r=0;r<e.length&&(!e[r]||!t(e[r],r,e));r+=1);}}function eachReverse(e,t){if(e){var r;for(r=e.length-1;r>-1&&(!e[r]||!t(e[r],r,e));r-=1);}}function hasProp(e,t){return hasOwn.call(e,t)}function getOwn(e,t){return hasProp(e,t)&&e[t]}function eachProp(e,t){var r;for(r in e)if(hasProp(e,r)&&t(e[r],r))break}function mixin(e,t,r,i){return t&&eachProp(t,function(t,n){(r||!hasProp(e,n))&&(!i||"object"!=typeof t||!t||isArray(t)||isFunction(t)||t instanceof RegExp?e[n]=t:(e[n]||(e[n]={}),mixin(e[n],t,r,i)))}),e}function bind(e,t){return function(){return t.apply(e,ar

                    Chrome Cache Entry: 74

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:ASCII text, with CRLF line terminators
                    Category:downloaded
                    Size (bytes):23063
                    Entropy (8bit):4.7535440881548165
                    Encrypted:false
                    SSDEEP:384:GvUzYI+Vi4g1V5it1ONhA6w+Kv8i/4CYzLKL4DrLU0iTxZTAzIzrwDlTWMClQip9:bkON69kClQq8hDRJHp2tWU25Zt/gREVG
                    MD5:90EA7274F19755002360945D54C2A0D7
                    SHA1:647B5D8BF7D119A2C97895363A07A0C6EB8CD284
                    SHA-256:40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
                    SHA-512:7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07
                    Malicious:false
                    Reputation:low
                    URL:https://cottonaust-my.sharepoint.com/WebResource.axd?d=mjf41zbhcy6XSi2MT4IyfXy9eaA_1J2DzcHlChcfmbH9LgiujjrIBFG9F_XiAHLSQtWNSQI2DPkKf39dr0QR5eTTPvtGW770jKStT60E1Ok1&t=638533172441064469
                    Preview:function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) {.. this.eventTarget = eventTarget;.. this.eventArgument = eventArgument;.. this.validation = validation;.. this.validationGroup = validationGroup;.. this.actionUrl = actionUrl;.. this.trackFocus = trackFocus;.. this.clientSubmit = clientSubmit;..}..function WebForm_DoPostBackWithOptions(options) {.. var validationResult = true;.. if (options.validation) {.. if (typeof(Page_ClientValidate) == 'function') {.. validationResult = Page_ClientValidate(options.validationGroup);.. }.. }.. if (validationResult) {.. if ((typeof(options.actionUrl) != "undefined") && (options.actionUrl != null) && (options.actionUrl.length > 0)) {.. theForm.action = options.actionUrl;.. }.. if (options.trackFocus) {.. var lastFocus = theForm.elements["__LASTFOCUS"];.. if ((typeo

                    Chrome Cache Entry: 75

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:ASCII text, with no line terminators
                    Category:downloaded
                    Size (bytes):16
                    Entropy (8bit):3.702819531114783
                    Encrypted:false
                    SSDEEP:3:H6xhkY:aQY
                    MD5:858372DD32511CB4DD08E48A93B4F175
                    SHA1:CE4555B7B2EFBBD644D8E34CF3453A0E8CAA3C43
                    SHA-256:3D18F3E1469C83D62CF3A39BA93F8EAA5B22447FE630E59F39DC1B7747635359
                    SHA-512:6A57E0D4A1C23CB693AA9312F6FDAA1FC4309B5BC91D1B2279B5792BEE3534749FD3693C19AA95E0768800472D11D438EC3116F337679A249C28BE0E038E6DE0
                    Malicious:false
                    Reputation:low
                    URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAkG7HtT-LI7ORIFDfSCVyI=?alt=proto
                    Preview:CgkKBw30glciGgA=

                    Chrome Cache Entry: 76

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:ASCII text, with very long lines (39257), with CRLF line terminators
                    Category:downloaded
                    Size (bytes):40326
                    Entropy (8bit):5.245555585297941
                    Encrypted:false
                    SSDEEP:384:bvrc3TrJ1vMZCKZ4pLRy6DkfDLcbTzcXanT2rxb64aKQr1vySAwBaPUge6ydE:bTaYB4Hy7mTzcaTKStrwSAwBaPUTdE
                    MD5:DA9DC1C32E89C02FC1E9EEB7E5AAB91E
                    SHA1:3EFB110EFA6068CE6B586A67F87DA5125310BC30
                    SHA-256:398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1
                    SHA-512:D4730EBC4CA62624B8300E292F27FD79D42A9277E409545DF7DC916189ED9DF13E46FAA37E3924B85A7C7EA8C76BF65A05ECA69B4029B550430536EC6DF8552A
                    Malicious:false
                    Reputation:low
                    URL:https://cottonaust-my.sharepoint.com/ScriptResource.axd?d=SEcewcKlewa2Zn8STa8wutLAB03BeU2Kte1tliaQWUNmEotkU_hQfYWZb8clo440783cWlQAWYOa9gponU1_PssX0i55ojQPo7OvA-g25rlV6707O5-4mlXca5Grx-XbN9odycpgyFYciaRc0LhaRRF_472P6sQ2f587XxWrT61rsrCpsUjgMQrk3x9NSSgB0&t=74258c30
                    Preview://----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjaxWebForms.js..Type._registerScript("MicrosoftAjaxWebForms.js",["MicrosoftAjaxCore.js","MicrosoftAjaxSerialization.js","MicrosoftAjaxNetwork.js","MicrosoftAjaxComponentModel.js"]);Type.registerNamespace("Sys.WebForms");Sys.WebForms.BeginRequestEventArgs=function(c,b,a){Sys.WebForms.BeginRequestEventArgs.initializeBase(this);this._request=c;this._postBackElement=b;this._updatePanelsToUpdate=a};Sys.WebForms.BeginRequestEventArgs.prototype={get_postBackElement:function(){return this._postBackElement},get_request:function(){return this._request},get_updatePanelsToUpdate:function(){return this._updatePanelsToUpdate?Array.clone(this._updatePanelsToUpdate):[]}};Sys.WebForms.BeginRequestEventArgs.registerClass("Sys.WebForms.BeginRequestEventArgs",Sys.EventArgs);Sys.WebForms.EndRequestEventArgs=fun

                    Chrome Cache Entry: 77

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
                    Category:downloaded
                    Size (bytes):3331
                    Entropy (8bit):7.927896166439245
                    Encrypted:false
                    SSDEEP:96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq
                    MD5:EF884BDEDEF280DF97A4C5604058D8DB
                    SHA1:6F04244B51AD2409659E267D308B97E09CE9062B
                    SHA-256:825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB
                    SHA-512:A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2
                    Malicious:false
                    Reputation:low
                    URL:https://cottonaust-my.sharepoint.com/_layouts/15/images/microsoft-logo.png
                    Preview:.PNG........IHDR.......0............sRGB.........IDATx..=w....G.z..L.4fN.k\dS..._`..........r...~.F..e._.RZ.0.K.\..CB...1.{qq/..^|.G..o.......?....Or.......y~....]..V.a.mM...M.\k*H..@B`s.$"n...)!.@"b#4. !.9...7.u...hD ....T.........:EJ.4"..X........<|.pgkk+....>~.....pju1i"b.J.&!.!...=T....k..D7.....O.<.?}......./..(.`0..!.C..'.?..e..~.....l6...._.x1rmR...$|E...l.WKDH...f..... ...Y.0R....>...{...-..o........,...E../......_....eM.Q....@Q...w sp5.9..l.W)...Pq... .]..B..).../M.G.g....].V...5$<......Eb.9.....>LYAk.Z.k..b..]N%>}4a....4!S...t..d..<.8AH+.../r...._...!qt.:q..fR.:..KW.._...T...5..>.0!.hq.rbND\...XR.,2.uX..Q.b...wQ......g..X...F...~.....ikZE...UA....V.I!..]..Mm..R.....~k.VC.n..V.*B#W...\..yI.3.....2........6c....2J....,g..5O1.s.4V2.....f..K..Obf\....;.w...|.F>F>6_z..P.dU<.wVV......?.q.?&........O.>....l.S.upp....59.C_.......fJ.M.={v,......]Y_....n.?UF....v<.$..AD...p.....:$r =p...C.k.3....n.v..~.TGd!...l.W...s..

                    Chrome Cache Entry: 78

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:ASCII text, with very long lines (37521)
                    Category:downloaded
                    Size (bytes):40512
                    Entropy (8bit):5.386921349191213
                    Encrypted:false
                    SSDEEP:768:Tkv+rkfa2aH5m7UYfXLMQWGjaKEstpgG9ycj:Pr8LaZkzLM46G9
                    MD5:8DCE60169BA666CA03A31D123DB49908
                    SHA1:956C46BB6058C23D35440DCC656CE61C7B151399
                    SHA-256:F9F5A40C01C6D569373CE61EE77849F30E4176E1310652FF17D458C68680CF75
                    SHA-512:26BA15ADE0F62393413156C5061B04AA8FCE3A5A5EE06EE35DFC42D3F76AF850980731A38DCF7094711E7FAB18C80EF66C9B354C029D06FA2E846330ACCC7E9E
                    Malicious:false
                    Reputation:low
                    URL:https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/spoguestaccesswebpack/spoguestaccess.js
                    Preview:/*! For license information please see spoguestaccess.js.LICENSE.txt */.document.currentScript,define("@fluentui/react-file-type-icons",[],()=>{var e;return(()=>{"use strict";var t=[e=>{var t=Object.getOwnPropertySymbols,n=Object.prototype.hasOwnProperty,a=Object.prototype.propertyIsEnumerable;function i(e){if(null==e)throw new TypeError("Object.assign cannot be called with null or undefined");return Object(e)}e.exports=function(){try{if(!Object.assign)return!1;var e=new String("abc");if(e[5]="de","5"===Object.getOwnPropertyNames(e)[0])return!1;for(var t={},n=0;n<10;n++)t["_"+String.fromCharCode(n)]=n;if("0123456789"!==Object.getOwnPropertyNames(t).map(function(e){return t[e]}).join(""))return!1;var a={};return"abcdefghijklmnopqrst".split("").forEach(function(e){a[e]=e}),"abcdefghijklmnopqrst"===Object.keys(Object.assign({},a)).join("")}catch(e){return!1}}()?Object.assign:function(e,r){for(var o,s,c=i(e),d=1;d<arguments.length;d++){for(var l in o=Object(arguments[d]))n.call(o,l)&&(c[l]

                    Chrome Cache Entry: 79

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
                    Category:dropped
                    Size (bytes):3331
                    Entropy (8bit):7.927896166439245
                    Encrypted:false
                    SSDEEP:96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq
                    MD5:EF884BDEDEF280DF97A4C5604058D8DB
                    SHA1:6F04244B51AD2409659E267D308B97E09CE9062B
                    SHA-256:825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB
                    SHA-512:A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2
                    Malicious:false
                    Reputation:low
                    Preview:.PNG........IHDR.......0............sRGB.........IDATx..=w....G.z..L.4fN.k\dS..._`..........r...~.F..e._.RZ.0.K.\..CB...1.{qq/..^|.G..o.......?....Or.......y~....]..V.a.mM...M.\k*H..@B`s.$"n...)!.@"b#4. !.9...7.u...hD ....T.........:EJ.4"..X........<|.pgkk+....>~.....pju1i"b.J.&!.!...=T....k..D7.....O.<.?}......./..(.`0..!.C..'.?..e..~.....l6...._.x1rmR...$|E...l.WKDH...f..... ...Y.0R....>...{...-..o........,...E../......_....eM.Q....@Q...w sp5.9..l.W)...Pq... .]..B..).../M.G.g....].V...5$<......Eb.9.....>LYAk.Z.k..b..]N%>}4a....4!S...t..d..<.8AH+.../r...._...!qt.:q..fR.:..KW.._...T...5..>.0!.hq.rbND\...XR.,2.uX..Q.b...wQ......g..X...F...~.....ikZE...UA....V.I!..]..Mm..R.....~k.VC.n..V.*B#W...\..yI.3.....2........6c....2J....,g..5O1.s.4V2.....f..K..Obf\....;.w...|.F>F>6_z..P.dU<.wVV......?.q.?&........O.>....l.S.upp....59.C_.......fJ.M.={v,......]Y_....n.?UF....v<.$..AD...p.....:$r =p...C.k.3....n.v..~.TGd!...l.W...s..

                    Chrome Cache Entry: 80

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text
                    Category:downloaded
                    Size (bytes):215
                    Entropy (8bit):5.310272895783063
                    Encrypted:false
                    SSDEEP:6:JiMVBdgqZjZWtMfgRTH1EwPZpXkS/SRIJtUfJLjag6n:MMHdVBZWyUTP3kfNr6
                    MD5:FB6A9ECC7F3556626BDC693E28986D8B
                    SHA1:9E06E0E0246CAAA116751E40C10DE1F6888252F8
                    SHA-256:72E97E67E84AC94DEAE2415B6D6CDC39908CC5373CD24AF4A39B2E2DF292FB47
                    SHA-512:EC9B75290B7AB576F684EED2A905E645EC170787566EAE3261C336CA29B66F7B4054048673382BA8F7470572233505B2508482D27A7FAE441D17C4D9582B7C0C
                    Malicious:false
                    Reputation:low
                    URL:https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/@uifabric/file-type-icons/lib/initializeFileTypeIcons.js
                    Preview:.<?xml version="1.0" encoding="utf-8"?><Error><Code>BlobNotFound</Code><Message>The specified blob does not exist..RequestId:8c154070-c01e-0016-42da-cc9ed7000000.Time:2024-07-02T23:51:59.0809566Z</Message></Error>

                    Chrome Cache Entry: 81

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:HTML document, Unicode text, UTF-8 text, with very long lines (30522), with CRLF, LF line terminators
                    Category:downloaded
                    Size (bytes):69193
                    Entropy (8bit):5.671552419166367
                    Encrypted:false
                    SSDEEP:1536:PlgguXJMJMhJ8JPWXBOxSPSW8N6fGNNK0OIUJs2wVXUaH3J5:PLubCGeTKJoVXUQ
                    MD5:9A1358B4C98495343B2C776CEC992D03
                    SHA1:26864CE9D2462AC6A9C92250225716875D2F5F44
                    SHA-256:D24E96ABB450E18F167AAEC8B5C694261B098F4D6362BAFDC37FD0B03F3F429A
                    SHA-512:8317E18A417DD453D31874CF526188A77C22A73DC6F342EBEEA8EB29015F7D644538F5A0D7B90CFF312BFF5CDC4BDCAF603FE7D9988D55F4A3B076873EAB7256
                    Malicious:false
                    Reputation:low
                    URL:https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d
                    Preview:..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr">..<head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Expires" content="0" /><meta name="Robots" content="NOHTMLINDEX" /><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><link id="favicon" rel="shortcut icon" href="/_layouts/15/images/favicon.ico?rev=47" type="image/vnd.microsoft.icon" /><title>...Sharing Link Validation..</title>...<style type="text/css" media="screen, print, projection">....html{line-height:1.15;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,footer,header,nav,section{display:block}h1{font-size:2em;margin:.67em 0}figcaption,figure,ma

                    Chrome Cache Entry: 82

                    Download File
                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                    File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
                    Category:downloaded
                    Size (bytes):7886
                    Entropy (8bit):3.9482833105763633
                    Encrypted:false
                    SSDEEP:48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E
                    MD5:0B60F3C9E4DA6E807E808DA7360F24F2
                    SHA1:9AFC7ABB910DE855EFB426206E547574A1E074B7
                    SHA-256:ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
                    SHA-512:1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
                    Malicious:false
                    Reputation:low
                    URL:https://cottonaust-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47
                    Preview:...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................

                    Static File Info

                    No static file info

                    Network Behavior

                    Network Port Distribution

                    TCP Packets

                    TimestampSource PortDest PortSource IPDest IP
                    Jul 3, 2024 01:51:48.052525043 CEST49674443192.168.2.523.1.237.91
                    Jul 3, 2024 01:51:48.052644014 CEST49675443192.168.2.523.1.237.91
                    Jul 3, 2024 01:51:48.193118095 CEST49673443192.168.2.523.1.237.91
                    Jul 3, 2024 01:51:54.273433924 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:54.273490906 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:54.273580074 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:54.273870945 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:54.273881912 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:54.273931026 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:54.274115086 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:54.274132013 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:54.274247885 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:54.274256945 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:54.838013887 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:54.839009047 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:54.839035034 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:54.840073109 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:54.840152979 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:54.843787909 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:54.843868017 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:54.843977928 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:54.843985081 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:54.859467983 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:54.862624884 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:54.862637043 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:54.863679886 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:54.863759041 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:54.875976086 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:54.876092911 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:54.884882927 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.007894039 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.007916927 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.113949060 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.348063946 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.348092079 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.348177910 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.348197937 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.348242044 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.348490000 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.348498106 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.348550081 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.348558903 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.349277973 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.349334955 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.349340916 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.349381924 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.436218977 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.436288118 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.436328888 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.436342001 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.436363935 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.436429024 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.436650991 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.436727047 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.436736107 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.479465008 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.521266937 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.521373034 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.521450996 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.521547079 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.521547079 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.521559000 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.521605015 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.521785021 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.521838903 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.521884918 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.522059917 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.522072077 CEST4434971013.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.522080898 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.522124052 CEST49710443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.529515028 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.531052113 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.531105042 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.531181097 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.531497002 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.531569004 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.531646013 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.531946898 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.531982899 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.532040119 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.532376051 CEST49718443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.532413006 CEST4434971813.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.532465935 CEST49718443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.532968044 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.533000946 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.533159018 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.533193111 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.533318043 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.533335924 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.533473969 CEST49718443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.533493042 CEST4434971813.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.572510004 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.863471031 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.864660025 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.864666939 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.864706993 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.864763021 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.864792109 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.864820004 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.864836931 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.865446091 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.865453005 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.865478039 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.865500927 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.918508053 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.954359055 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.954370022 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.954406023 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.954446077 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.954488993 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.954619884 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.954682112 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:55.954727888 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.971071959 CEST49709443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:55.971090078 CEST4434970913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.084291935 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.084709883 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.086314917 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.086381912 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.086735010 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.086766958 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.086808920 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.087126970 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.087882042 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.087979078 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.088691950 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.088764906 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.090082884 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.090352058 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.107647896 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.108165979 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.108191013 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.109236956 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.109253883 CEST4434971813.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.109293938 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.110393047 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.110470057 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.110871077 CEST49718443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.110893011 CEST4434971813.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.111176014 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.111191034 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.111876965 CEST4434971813.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.111937046 CEST49718443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.112546921 CEST49718443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.112608910 CEST4434971813.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.112823963 CEST49718443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.112847090 CEST4434971813.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.132500887 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.132510900 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.160583973 CEST49718443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.160584927 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.426213026 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.426233053 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.426486015 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.429950953 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.429975986 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.430037022 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.433455944 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.433489084 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.433569908 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.433599949 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.433645964 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.434523106 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.434533119 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.434582949 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.434592009 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.435295105 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.435329914 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.435347080 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.435353994 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.435362101 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.435390949 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.435429096 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.435446024 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.435489893 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.436675072 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.436682940 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.436744928 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.436760902 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.440218925 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.440280914 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.440299988 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.440341949 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.449152946 CEST4434971813.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.449171066 CEST4434971813.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.449197054 CEST4434971813.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.449233055 CEST49718443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.449251890 CEST4434971813.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.449302912 CEST49718443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.449352980 CEST4434971813.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.449399948 CEST4434971813.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.449459076 CEST49718443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.466689110 CEST49718443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.466721058 CEST4434971813.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.513017893 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.513094902 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.513130903 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.513142109 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.513555050 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.513617039 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.513633966 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.520155907 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.520196915 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.520340919 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.520340919 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.520376921 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.520638943 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.520699024 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.521733046 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.521771908 CEST4434971613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.521797895 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.521826982 CEST49716443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.526048899 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.526107073 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.526123047 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.526717901 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.526776075 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.526787043 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.526799917 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.526865005 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.526873112 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.527103901 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.527529955 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.527580976 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.527620077 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.530303001 CEST49717443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.530335903 CEST4434971713.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.554003000 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.558186054 CEST49719443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.558270931 CEST4434971913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.558346987 CEST49719443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.559134007 CEST49719443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.559189081 CEST4434971913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.638807058 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.638818979 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.638907909 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.638925076 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.639559031 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.639624119 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.639631987 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.640862942 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.640928984 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.640937090 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.641722918 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.641782045 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.641789913 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.642590046 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.642654896 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.642663002 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.643460035 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.643527031 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.643532991 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.691786051 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.851950884 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.851960897 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.852042913 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.852058887 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.852505922 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.852550983 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.852560997 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.852569103 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.852593899 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.852801085 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.852847099 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.852854013 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.852880001 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:56.852924109 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.854928017 CEST49715443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:56.854939938 CEST4434971513.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:57.046216011 CEST49720443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:51:57.046252012 CEST44349720142.250.74.196192.168.2.5
                    Jul 3, 2024 01:51:57.046354055 CEST49720443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:51:57.047007084 CEST49720443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:51:57.047019005 CEST44349720142.250.74.196192.168.2.5
                    Jul 3, 2024 01:51:57.106818914 CEST4434971913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:57.108218908 CEST49719443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:57.108253956 CEST4434971913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:57.109308958 CEST4434971913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:57.109380960 CEST49719443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:57.109750032 CEST49719443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:57.109819889 CEST4434971913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:57.110173941 CEST49719443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:57.110184908 CEST4434971913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:57.162300110 CEST49719443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:57.440300941 CEST4434971913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:57.440320015 CEST4434971913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:57.440402031 CEST4434971913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:57.440423965 CEST49719443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:57.440505028 CEST49719443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:57.441534042 CEST49719443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:57.441575050 CEST4434971913.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:57.466582060 CEST49721443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:57.466623068 CEST44349721184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:57.466777086 CEST49721443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:57.468390942 CEST49721443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:57.468410969 CEST44349721184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:57.573295116 CEST49723443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:57.573365927 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:57.573528051 CEST49723443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:57.574024916 CEST49723443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:57.574059010 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:57.652997971 CEST49675443192.168.2.523.1.237.91
                    Jul 3, 2024 01:51:57.653026104 CEST49674443192.168.2.523.1.237.91
                    Jul 3, 2024 01:51:57.690561056 CEST44349720142.250.74.196192.168.2.5
                    Jul 3, 2024 01:51:57.699491024 CEST49720443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:51:57.699500084 CEST44349720142.250.74.196192.168.2.5
                    Jul 3, 2024 01:51:57.700579882 CEST44349720142.250.74.196192.168.2.5
                    Jul 3, 2024 01:51:57.700669050 CEST49720443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:51:57.748167038 CEST49720443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:51:57.748271942 CEST44349720142.250.74.196192.168.2.5
                    Jul 3, 2024 01:51:57.803107977 CEST49673443192.168.2.523.1.237.91
                    Jul 3, 2024 01:51:57.803168058 CEST49720443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:51:57.803178072 CEST44349720142.250.74.196192.168.2.5
                    Jul 3, 2024 01:51:57.849137068 CEST49720443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:51:58.116292000 CEST44349721184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:58.116375923 CEST49721443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:58.128793001 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:58.175817966 CEST49723443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:58.238008976 CEST49723443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:58.238044977 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:58.238461018 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:58.245677948 CEST49721443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:58.245703936 CEST44349721184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:58.245999098 CEST44349721184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:58.275681019 CEST49723443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:58.275829077 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:58.282819986 CEST49723443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:58.285461903 CEST49721443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:58.328500032 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:58.496385098 CEST49721443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:58.536503077 CEST44349721184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:58.613033056 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:58.613053083 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:58.613131046 CEST49723443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:58.613178015 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:58.613562107 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:58.613564968 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:58.613631964 CEST49723443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:58.613651991 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:58.613719940 CEST49723443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:58.613868952 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:58.613918066 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:58.613965988 CEST49723443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:58.642795086 CEST49723443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:58.642844915 CEST4434972313.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:58.682810068 CEST44349721184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:58.682871103 CEST44349721184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:58.683008909 CEST49721443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:58.683665991 CEST49721443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:58.683685064 CEST44349721184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:58.727961063 CEST49725443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:58.727998972 CEST44349725184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:58.728156090 CEST49725443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:58.728348970 CEST49725443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:58.728367090 CEST44349725184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:59.125273943 CEST49726443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:59.125371933 CEST4434972613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:59.125462055 CEST49726443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:59.125963926 CEST49726443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:59.126003981 CEST4434972613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:59.455415964 CEST44349725184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:59.455507994 CEST49725443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:59.458604097 CEST49725443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:59.458616972 CEST44349725184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:59.458879948 CEST44349725184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:59.464895964 CEST49725443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:59.512494087 CEST44349725184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:59.518968105 CEST4434970323.1.237.91192.168.2.5
                    Jul 3, 2024 01:51:59.519077063 CEST49703443192.168.2.523.1.237.91
                    Jul 3, 2024 01:51:59.778723955 CEST44349725184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:59.778795004 CEST44349725184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:59.778925896 CEST49725443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:59.781213045 CEST49725443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:59.781230927 CEST44349725184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:59.781239986 CEST49725443192.168.2.5184.28.90.27
                    Jul 3, 2024 01:51:59.781244993 CEST44349725184.28.90.27192.168.2.5
                    Jul 3, 2024 01:51:59.799176931 CEST4434972613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:59.802628040 CEST49726443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:59.802673101 CEST4434972613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:59.803056002 CEST4434972613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:59.804590940 CEST49726443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:59.804662943 CEST4434972613.107.136.10192.168.2.5
                    Jul 3, 2024 01:51:59.805155039 CEST49726443192.168.2.513.107.136.10
                    Jul 3, 2024 01:51:59.848500013 CEST4434972613.107.136.10192.168.2.5
                    Jul 3, 2024 01:52:00.145078897 CEST4434972613.107.136.10192.168.2.5
                    Jul 3, 2024 01:52:00.145107031 CEST4434972613.107.136.10192.168.2.5
                    Jul 3, 2024 01:52:00.145181894 CEST49726443192.168.2.513.107.136.10
                    Jul 3, 2024 01:52:00.145205021 CEST4434972613.107.136.10192.168.2.5
                    Jul 3, 2024 01:52:00.145356894 CEST4434972613.107.136.10192.168.2.5
                    Jul 3, 2024 01:52:00.145411968 CEST49726443192.168.2.513.107.136.10
                    Jul 3, 2024 01:52:00.145427942 CEST4434972613.107.136.10192.168.2.5
                    Jul 3, 2024 01:52:00.145860910 CEST4434972613.107.136.10192.168.2.5
                    Jul 3, 2024 01:52:00.145927906 CEST49726443192.168.2.513.107.136.10
                    Jul 3, 2024 01:52:00.146341085 CEST49726443192.168.2.513.107.136.10
                    Jul 3, 2024 01:52:00.146375895 CEST4434972613.107.136.10192.168.2.5
                    Jul 3, 2024 01:52:00.146399021 CEST49726443192.168.2.513.107.136.10
                    Jul 3, 2024 01:52:00.146433115 CEST49726443192.168.2.513.107.136.10
                    Jul 3, 2024 01:52:07.594542027 CEST44349720142.250.74.196192.168.2.5
                    Jul 3, 2024 01:52:07.594604015 CEST44349720142.250.74.196192.168.2.5
                    Jul 3, 2024 01:52:07.594937086 CEST49720443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:52:09.472876072 CEST49720443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:52:09.472903967 CEST44349720142.250.74.196192.168.2.5
                    Jul 3, 2024 01:52:10.370942116 CEST49703443192.168.2.523.1.237.91
                    Jul 3, 2024 01:52:10.371049881 CEST49703443192.168.2.523.1.237.91
                    Jul 3, 2024 01:52:10.371498108 CEST49734443192.168.2.523.1.237.91
                    Jul 3, 2024 01:52:10.371547937 CEST4434973423.1.237.91192.168.2.5
                    Jul 3, 2024 01:52:10.371613026 CEST49734443192.168.2.523.1.237.91
                    Jul 3, 2024 01:52:10.372009993 CEST49734443192.168.2.523.1.237.91
                    Jul 3, 2024 01:52:10.372023106 CEST4434973423.1.237.91192.168.2.5
                    Jul 3, 2024 01:52:10.375787020 CEST4434970323.1.237.91192.168.2.5
                    Jul 3, 2024 01:52:10.375799894 CEST4434970323.1.237.91192.168.2.5
                    Jul 3, 2024 01:52:11.697114944 CEST4434973423.1.237.91192.168.2.5
                    Jul 3, 2024 01:52:11.697282076 CEST49734443192.168.2.523.1.237.91
                    Jul 3, 2024 01:52:30.856329918 CEST4434973423.1.237.91192.168.2.5
                    Jul 3, 2024 01:52:30.856399059 CEST49734443192.168.2.523.1.237.91
                    Jul 3, 2024 01:52:57.006231070 CEST49739443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:52:57.006266117 CEST44349739142.250.74.196192.168.2.5
                    Jul 3, 2024 01:52:57.006582975 CEST49739443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:52:57.009665966 CEST49739443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:52:57.009680033 CEST44349739142.250.74.196192.168.2.5
                    Jul 3, 2024 01:52:57.644529104 CEST44349739142.250.74.196192.168.2.5
                    Jul 3, 2024 01:52:57.644938946 CEST49739443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:52:57.644963980 CEST44349739142.250.74.196192.168.2.5
                    Jul 3, 2024 01:52:57.645275116 CEST44349739142.250.74.196192.168.2.5
                    Jul 3, 2024 01:52:57.645709991 CEST49739443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:52:57.645767927 CEST44349739142.250.74.196192.168.2.5
                    Jul 3, 2024 01:52:57.691662073 CEST49739443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:53:07.565453053 CEST44349739142.250.74.196192.168.2.5
                    Jul 3, 2024 01:53:07.565525055 CEST44349739142.250.74.196192.168.2.5
                    Jul 3, 2024 01:53:07.567545891 CEST49739443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:53:09.088247061 CEST49739443192.168.2.5142.250.74.196
                    Jul 3, 2024 01:53:09.088273048 CEST44349739142.250.74.196192.168.2.5

                    UDP Packets

                    TimestampSource PortDest PortSource IPDest IP
                    Jul 3, 2024 01:51:52.759844065 CEST53611381.1.1.1192.168.2.5
                    Jul 3, 2024 01:51:52.793674946 CEST53555681.1.1.1192.168.2.5
                    Jul 3, 2024 01:51:53.891110897 CEST53502361.1.1.1192.168.2.5
                    Jul 3, 2024 01:51:54.216962099 CEST5854153192.168.2.51.1.1.1
                    Jul 3, 2024 01:51:54.218394995 CEST5344053192.168.2.51.1.1.1
                    Jul 3, 2024 01:51:56.491606951 CEST5062053192.168.2.51.1.1.1
                    Jul 3, 2024 01:51:56.491981030 CEST6364353192.168.2.51.1.1.1
                    Jul 3, 2024 01:51:57.028443098 CEST5305553192.168.2.51.1.1.1
                    Jul 3, 2024 01:51:57.034043074 CEST5810553192.168.2.51.1.1.1
                    Jul 3, 2024 01:51:57.035309076 CEST53530551.1.1.1192.168.2.5
                    Jul 3, 2024 01:51:57.040662050 CEST53581051.1.1.1192.168.2.5
                    Jul 3, 2024 01:51:57.579272985 CEST53515291.1.1.1192.168.2.5
                    Jul 3, 2024 01:51:59.248445988 CEST5326753192.168.2.51.1.1.1
                    Jul 3, 2024 01:51:59.248620033 CEST6393653192.168.2.51.1.1.1
                    Jul 3, 2024 01:52:11.696234941 CEST53523331.1.1.1192.168.2.5
                    Jul 3, 2024 01:52:30.730411053 CEST53611901.1.1.1192.168.2.5
                    Jul 3, 2024 01:52:52.591538906 CEST53549951.1.1.1192.168.2.5
                    Jul 3, 2024 01:52:53.957468033 CEST53579901.1.1.1192.168.2.5

                    ICMP Packets

                    TimestampSource IPDest IPChecksumCodeType
                    Jul 3, 2024 01:51:56.610903025 CEST192.168.2.51.1.1.1c364(Port unreachable)Destination Unreachable

                    DNS Queries

                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                    Jul 3, 2024 01:51:54.216962099 CEST192.168.2.51.1.1.10xa277Standard query (0)cottonaust-my.sharepoint.comA (IP address)IN (0x0001)false
                    Jul 3, 2024 01:51:54.218394995 CEST192.168.2.51.1.1.10x990Standard query (0)cottonaust-my.sharepoint.com65IN (0x0001)false
                    Jul 3, 2024 01:51:56.491606951 CEST192.168.2.51.1.1.10xb501Standard query (0)cottonaust-my.sharepoint.comA (IP address)IN (0x0001)false
                    Jul 3, 2024 01:51:56.491981030 CEST192.168.2.51.1.1.10x6165Standard query (0)cottonaust-my.sharepoint.com65IN (0x0001)false
                    Jul 3, 2024 01:51:57.028443098 CEST192.168.2.51.1.1.10xbb2cStandard query (0)www.google.comA (IP address)IN (0x0001)false
                    Jul 3, 2024 01:51:57.034043074 CEST192.168.2.51.1.1.10x7164Standard query (0)www.google.com65IN (0x0001)false
                    Jul 3, 2024 01:51:59.248445988 CEST192.168.2.51.1.1.10x5261Standard query (0)m365cdn.nel.measure.office.netA (IP address)IN (0x0001)false
                    Jul 3, 2024 01:51:59.248620033 CEST192.168.2.51.1.1.10xd3f3Standard query (0)m365cdn.nel.measure.office.net65IN (0x0001)false

                    DNS Answers

                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                    Jul 3, 2024 01:51:54.252240896 CEST1.1.1.1192.168.2.50x990No error (0)cottonaust-my.sharepoint.comcottonaust.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:54.252240896 CEST1.1.1.1192.168.2.50x990No error (0)cottonaust.sharepoint.com1621-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:54.252240896 CEST1.1.1.1192.168.2.50x990No error (0)1621-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.com196426-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:54.252240896 CEST1.1.1.1192.168.2.50x990No error (0)196426-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.com196426-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:54.267713070 CEST1.1.1.1192.168.2.50xa277No error (0)cottonaust-my.sharepoint.comcottonaust.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:54.267713070 CEST1.1.1.1192.168.2.50xa277No error (0)cottonaust.sharepoint.com1621-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:54.267713070 CEST1.1.1.1192.168.2.50xa277No error (0)1621-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.com196426-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:54.267713070 CEST1.1.1.1192.168.2.50xa277No error (0)196426-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.com196426-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:54.267713070 CEST1.1.1.1192.168.2.50xa277No error (0)196426-ipv4v6.farm.dprodmgd106.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.netdual-spo-0005.spo-msedge.netCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:54.267713070 CEST1.1.1.1192.168.2.50xa277No error (0)dual-spo-0005.spo-msedge.net13.107.136.10A (IP address)IN (0x0001)false
                    Jul 3, 2024 01:51:54.267713070 CEST1.1.1.1192.168.2.50xa277No error (0)dual-spo-0005.spo-msedge.net13.107.138.10A (IP address)IN (0x0001)false
                    Jul 3, 2024 01:51:56.541897058 CEST1.1.1.1192.168.2.50xb501No error (0)cottonaust-my.sharepoint.comcottonaust.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:56.541897058 CEST1.1.1.1192.168.2.50xb501No error (0)cottonaust.sharepoint.com1621-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:56.541897058 CEST1.1.1.1192.168.2.50xb501No error (0)1621-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.com196426-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:56.541897058 CEST1.1.1.1192.168.2.50xb501No error (0)196426-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.com196426-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:56.541897058 CEST1.1.1.1192.168.2.50xb501No error (0)196426-ipv4v6.farm.dprodmgd106.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.netdual-spo-0005.spo-msedge.netCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:56.541897058 CEST1.1.1.1192.168.2.50xb501No error (0)dual-spo-0005.spo-msedge.net13.107.136.10A (IP address)IN (0x0001)false
                    Jul 3, 2024 01:51:56.541897058 CEST1.1.1.1192.168.2.50xb501No error (0)dual-spo-0005.spo-msedge.net13.107.138.10A (IP address)IN (0x0001)false
                    Jul 3, 2024 01:51:56.610793114 CEST1.1.1.1192.168.2.50x6165No error (0)cottonaust-my.sharepoint.comcottonaust.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:56.610793114 CEST1.1.1.1192.168.2.50x6165No error (0)cottonaust.sharepoint.com1621-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:56.610793114 CEST1.1.1.1192.168.2.50x6165No error (0)1621-ipv4v6e.clump.dprodmgd106.aa-rt.sharepoint.com196426-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:56.610793114 CEST1.1.1.1192.168.2.50x6165No error (0)196426-ipv4v6e.farm.dprodmgd106.aa-rt.sharepoint.com196426-ipv4v6w.farm.dprodmgd106.sharepointonline.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:57.035309076 CEST1.1.1.1192.168.2.50xbb2cNo error (0)www.google.com142.250.74.196A (IP address)IN (0x0001)false
                    Jul 3, 2024 01:51:57.040662050 CEST1.1.1.1192.168.2.50x7164No error (0)www.google.com65IN (0x0001)false
                    Jul 3, 2024 01:51:59.255065918 CEST1.1.1.1192.168.2.50x5261No error (0)m365cdn.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:51:59.256128073 CEST1.1.1.1192.168.2.50xd3f3No error (0)m365cdn.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:52:08.751534939 CEST1.1.1.1192.168.2.50xbc3aNo error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com217.20.57.34A (IP address)IN (0x0001)false
                    Jul 3, 2024 01:52:08.751534939 CEST1.1.1.1192.168.2.50xbc3aNo error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com217.20.57.18A (IP address)IN (0x0001)false
                    Jul 3, 2024 01:52:09.689491034 CEST1.1.1.1192.168.2.50x1f95No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:52:09.689491034 CEST1.1.1.1192.168.2.50x1f95No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                    Jul 3, 2024 01:52:23.952143908 CEST1.1.1.1192.168.2.50x5808No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:52:23.952143908 CEST1.1.1.1192.168.2.50x5808No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                    Jul 3, 2024 01:52:45.810081959 CEST1.1.1.1192.168.2.50x5d1eNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:52:45.810081959 CEST1.1.1.1192.168.2.50x5d1eNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                    Jul 3, 2024 01:53:05.574719906 CEST1.1.1.1192.168.2.50x4f20No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                    Jul 3, 2024 01:53:05.574719906 CEST1.1.1.1192.168.2.50x4f20No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false

                    HTTP Request Dependency Graph

                    • cottonaust-my.sharepoint.com
                    • https:
                    • fs.microsoft.com

                    HTTPS Proxied Packets

                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    0192.168.2.54971013.107.136.104431852C:\Program Files\Google\Chrome\Application\chrome.exe
                    TimestampBytes transferredDirectionData
                    2024-07-02 23:51:54 UTC1122OUTGET /:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d HTTP/1.1
                    Host: cottonaust-my.sharepoint.com
                    Connection: keep-alive
                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                    sec-ch-ua-mobile: ?0
                    sec-ch-ua-platform: "Windows"
                    Upgrade-Insecure-Requests: 1
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                    Sec-Fetch-Site: none
                    Sec-Fetch-Mode: navigate
                    Sec-Fetch-User: ?1
                    Sec-Fetch-Dest: document
                    Accept-Encoding: gzip, deflate, br
                    Accept-Language: en-US,en;q=0.9
                    2024-07-02 23:51:55 UTC1981INHTTP/1.1 200 OK
                    Cache-Control: private
                    Content-Length: 69193
                    Content-Type: text/html; charset=utf-8
                    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                    X-NetworkStatistics: 0,525568,0,1493,601917,0,415444,208
                    X-SharePointHealthScore: 3
                    X-AspNet-Version: 4.0.30319
                    X-DataBoundary: NONE
                    X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
                    X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/
                    SPRequestGuid: 988038a1-0058-3000-826d-86f537ef3a81
                    request-id: 988038a1-0058-3000-826d-86f537ef3a81
                    MS-CV: oTiAmFgAADCCbYb1N+86gQ.0
                    Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=02a441e0-9927-4ea0-8ec8-160f901c519c&destinationEndpoint=Edge-Prod-EWR31r5d&frontEnd=AFD&RemoteIP=8.46.123.0"}]}
                    NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
                    Strict-Transport-Security: max-age=31536000
                    X-FRAME-OPTIONS: SAMEORIGIN
                    Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com *.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
                    SPRequestDuration: 162
                    SPIisLatency: 5
                    X-Powered-By: ASP.NET
                    MicrosoftSharePointTeamServices: 16.0.0.25012
                    X-Content-Type-Options: nosniff
                    X-MS-InvokeApp: 1; RequireReadOnly
                    X-Cache: CONFIG_NOCACHE
                    X-MSEdge-Ref: Ref A: AFCC339BF0034C96AB0BE99259D6BD90 Ref B: EWR311000108009 Ref C: 2024-07-02T23:51:54Z
                    Date: Tue, 02 Jul 2024 23:51:54 GMT
                    Connection: close
                    2024-07-02 23:51:55 UTC2765INData Raw: 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3a 6f 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 6d 69 63 72 6f 73 6f 66 74 2d 63 6f 6d 3a 6f 66 66 69 63 65 3a 6f 66 66 69 63 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 75 73 22 20 64 69 72 3d 22 6c 74 72 22 3e 0d 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 47 45 4e 45 52 41 54 4f 52 22 20 63 6f 6e 74 65 6e 74 3d 22 4d 69 63 72 6f 73 6f 66 74 20 53 68 61 72 65 50 6f 69 6e 74 22 20 2f
                    Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr"><head><meta name="GENERATOR" content="Microsoft SharePoint" /
                    2024-07-02 23:51:55 UTC8192INData Raw: 74 2d 73 65 61 72 63 68 2d 64 65 63 6f 72 61 74 69 6f 6e 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 7d 3a 3a 2d 77 65 62 6b 69 74 2d 66 69 6c 65 2d 75 70 6c 6f 61 64 2d 62 75 74 74 6f 6e 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 62 75 74 74 6f 6e 3b 66 6f 6e 74 3a 69 6e 68 65 72 69 74 7d 64 65 74 61 69 6c 73 2c 6d 65 6e 75 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 73 75 6d 6d 61 72 79 7b 64 69 73 70 6c 61 79 3a 6c 69 73 74 2d 69 74 65 6d 7d 63 61 6e 76 61 73 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 74 65 6d 70 6c 61 74 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 5b 68 69 64 64 65 6e 5d 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 0d 0a 09 09 2e 6d 73 2d 46 61 62 72 69 63 7b 2d 6d 6f
                    Data Ascii: t-search-decoration{-webkit-appearance:none}::-webkit-file-upload-button{-webkit-appearance:button;font:inherit}details,menu{display:block}summary{display:list-item}canvas{display:inline-block}template{display:none}[hidden]{display:none}.ms-Fabric{-mo
                    2024-07-02 23:51:55 UTC3568INData Raw: 72 69 67 68 74 2d 72 61 64 69 75 73 3a 36 70 78 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 32 31 70 78 3b 68 65 69 67 68 74 3a 37 32 70 78 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 77 69 64 74 68 3a 31 70 78 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 63 38 63 38 63 38 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 31 70 78 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 38 66 38 66 38 3b 7a 2d 69 6e 64 65 78 3a 32 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 66 6f 72 6d 2d 63 6f 6e 74 65 6e 74 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 36 70 78 3b 62 6f 72 64 65 72 2d
                    Data Ascii: right-radius:6px;padding-top:21px;height:72px;border-bottom-width:1px;border-bottom-style:solid;border-color:#c8c8c8;font-size:21px;text-align:center;background-color:#f8f8f8;z-index:2;position:relative}.form-content{border-bottom-right-radius:6px;border-
                    2024-07-02 23:51:55 UTC8192INData Raw: 38 2d 30 35 32 35 2d 34 35 31 38 2d 62 64 31 33 2d 30 61 30 66 31 64 37 38 62 61 66 35 22 3e 0d 0a 09 09 21 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 27 50 65 72 66 6f 72 6d 61 6e 63 65 4c 6f 6e 67 54 61 73 6b 54 69 6d 69 6e 67 27 20 69 6e 20 77 69 6e 64 6f 77 29 7b 76 61 72 20 67 3d 77 69 6e 64 6f 77 2e 5f 5f 74 74 69 3d 7b 65 3a 5b 5d 7d 3b 67 2e 6f 3d 6e 65 77 20 50 65 72 66 6f 72 6d 61 6e 63 65 4f 62 73 65 72 76 65 72 28 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 67 2e 65 3d 67 2e 65 2e 63 6f 6e 63 61 74 28 6c 2e 67 65 74 45 6e 74 72 69 65 73 28 29 29 7d 29 3b 67 2e 6f 2e 6f 62 73 65 72 76 65 28 7b 65 6e 74 72 79 54 79 70 65 73 3a 5b 27 6c 6f 6e 67 74 61 73 6b 27 5d 7d 29 7d 7d 28 29 3b 0d 0a 09 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 74 79 70 65
                    Data Ascii: 8-0525-4518-bd13-0a0f1d78baf5">!function(){if('PerformanceLongTaskTiming' in window){var g=window.__tti={e:[]};g.o=new PerformanceObserver(function(l){g.e=g.e.concat(l.getEntries())});g.o.observe({entryTypes:['longtask']})}}();</script><script type
                    2024-07-02 23:51:55 UTC8192INData Raw: 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 74 29 3a 65 2e 45 53 36 50 72 6f 6d 69 73 65 3d 74 28 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 63 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 7d 66 75 6e 63 74 69 6f 6e 20 74 28 29 7b 76 61 72 20 65 3d 73 65 74 54 69 6d 65 6f 75 74 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 72 2c 31 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 72 28 29 7b 66 6f 72 28 76 61 72 20 65 3d 30 3b 65 3c 53 3b 65 2b 3d 32 29 7b 28 30 2c 54 5b 65 5d 29 28 54 5b 65 2b 31 5d 29 2c 54 5b 65 5d 3d 76 6f 69 64 20 30 2c 54 5b 65 2b
                    Data Ascii: typeof define&&define.amd?define(t):e.ES6Promise=t()}(this,function(){"use strict";function c(e){return"function"==typeof e}function t(){var e=setTimeout;return function(){return e(r,1)}}function r(){for(var e=0;e<S;e+=2){(0,T[e])(T[e+1]),T[e]=void 0,T[e+
                    2024-07-02 23:51:55 UTC8192INData Raw: 2c 74 2c 72 2c 6e 29 7b 76 61 72 20 69 2c 6f 2c 73 3d 64 65 66 43 6f 6e 74 65 78 74 4e 61 6d 65 3b 69 66 28 21 69 73 41 72 72 61 79 28 65 29 26 26 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 29 7b 6f 3d 65 3b 69 66 28 69 73 41 72 72 61 79 28 74 29 29 7b 65 3d 74 3b 74 3d 72 3b 72 3d 6e 7d 65 6c 73 65 20 65 3d 5b 5d 7d 6f 26 26 6f 2e 63 6f 6e 74 65 78 74 26 26 28 73 3d 6f 2e 63 6f 6e 74 65 78 74 29 3b 69 3d 28 69 3d 67 65 74 4f 77 6e 28 63 6f 6e 74 65 78 74 73 2c 73 29 29 7c 7c 28 63 6f 6e 74 65 78 74 73 5b 73 5d 3d 72 65 71 2e 73 2e 6e 65 77 43 6f 6e 74 65 78 74 28 73 29 29 3b 6f 26 26 69 2e 63 6f 6e 66 69 67 75 72 65 28 6f 29 3b 72 65 74 75 72 6e 20 69 2e 72 65 71 75 69 72 65 28 65 2c 74 2c 72 29 7d 3b 72 65 71 2e 63 6f 6e 66 69 67 3d 66 75 6e
                    Data Ascii: ,t,r,n){var i,o,s=defContextName;if(!isArray(e)&&"string"!=typeof e){o=e;if(isArray(t)){e=t;t=r;r=n}else e=[]}o&&o.context&&(s=o.context);i=(i=getOwn(contexts,s))||(contexts[s]=req.s.newContext(s));o&&i.configure(o);return i.require(e,t,r)};req.config=fun
                    2024-07-02 23:51:55 UTC8192INData Raw: 69 64 5d 3a 6e 75 6c 6c 3b 74 2e 72 65 71 75 69 72 65 54 79 70 65 3d 74 68 69 73 2e 6d 61 70 2e 69 73 44 65 66 69 6e 65 3f 22 64 65 66 69 6e 65 22 3a 22 72 65 71 75 69 72 65 22 3b 72 65 74 75 72 6e 20 6a 28 74 68 69 73 2e 65 72 72 6f 72 3d 74 29 7d 7d 65 6c 73 65 20 69 3d 6f 3b 74 68 69 73 2e 65 78 70 6f 72 74 73 3d 69 3b 69 66 28 74 68 69 73 2e 6d 61 70 2e 69 73 44 65 66 69 6e 65 26 26 21 74 68 69 73 2e 69 67 6e 6f 72 65 29 7b 6d 5b 72 5d 3d 69 3b 69 66 28 72 65 71 2e 6f 6e 52 65 73 6f 75 72 63 65 4c 6f 61 64 29 7b 76 61 72 20 73 3d 5b 5d 3b 65 61 63 68 28 74 68 69 73 2e 64 65 70 4d 61 70 73 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 73 2e 70 75 73 68 28 65 2e 6e 6f 72 6d 61 6c 69 7a 65 64 4d 61 70 7c 7c 65 29 7d 29 3b 72 65 71 2e 6f 6e 52 65 73 6f 75 72 63
                    Data Ascii: id]:null;t.requireType=this.map.isDefine?"define":"require";return j(this.error=t)}}else i=o;this.exports=i;if(this.map.isDefine&&!this.ignore){m[r]=i;if(req.onResourceLoad){var s=[];each(this.depMaps,function(e){s.push(e.normalizedMap||e)});req.onResourc
                    2024-07-02 23:51:55 UTC8192INData Raw: 6f 64 75 6c 65 73 20 3d 20 66 61 69 6c 4f 76 65 72 53 74 61 74 65 2e 6d 6f 64 75 6c 65 73 46 61 6c 6c 65 64 42 61 63 6b 3b 0d 0a 20 20 20 20 20 20 66 61 69 6c 65 64 4d 6f 64 75 6c 65 73 2e 70 75 73 68 28 6d 6f 64 75 6c 65 49 64 29 3b 0d 0a 20 20 20 20 20 20 69 66 20 28 21 66 61 69 6c 4f 76 65 72 53 74 61 74 65 2e 62 61 73 65 55 72 6c 46 61 69 6c 65 64 4f 76 65 72 20 26 26 20 66 61 69 6c 65 64 4d 6f 64 75 6c 65 73 2e 6c 65 6e 67 74 68 20 3e 3d 20 32 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 66 6f 72 20 28 76 61 72 20 69 64 20 69 6e 20 70 61 74 68 73 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 76 61 72 20 69 74 65 6d 73 20 3d 20 70 61 74 68 73 5b 69 64 5d 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 69 66 20 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 69 74 65 6d
                    Data Ascii: odules = failOverState.modulesFalledBack; failedModules.push(moduleId); if (!failOverState.baseUrlFailedOver && failedModules.length >= 2) { for (var id in paths) { var items = paths[id]; if (Array.isArray(item
                    2024-07-02 23:51:55 UTC8192INData Raw: 69 70 74 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0d 0a 2f 2f 3c 21 5b 43 44 41 54 41 5b 0d 0a 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 4f 6e 53 75 62 6d 69 74 28 29 20 7b 0d 0a 69 66 20 28 74 79 70 65 6f 66 28 56 61 6c 69 64 61 74 6f 72 4f 6e 53 75 62 6d 69 74 29 20 3d 3d 20 22 66 75 6e 63 74 69 6f 6e 22 20 26 26 20 56 61 6c 69 64 61 74 6f 72 4f 6e 53 75 62 6d 69 74 28 29 20 3d 3d 20 66 61 6c 73 65 29 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 69 66 20 28 74 79 70 65 6f 66 28 5f 73 70 46 6f 72 6d 4f 6e 53 75 62 6d 69 74 57 72 61 70 70 65 72 29 20 21 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 72 65 74 75 72 6e 20 5f 73 70 46 6f 72 6d 4f 6e 53 75 62 6d
                    Data Ascii: ipt"></script><script type="text/javascript">//<![CDATA[function WebForm_OnSubmit() {if (typeof(ValidatorOnSubmit) == "function" && ValidatorOnSubmit() == false) return false;if (typeof(_spFormOnSubmitWrapper) != 'undefined') {return _spFormOnSubm
                    2024-07-02 23:51:55 UTC5516INData Raw: 6c 61 79 20 3d 20 22 44 79 6e 61 6d 69 63 22 3b 0d 0a 09 56 61 6c 69 64 61 74 65 54 4f 41 41 45 4d 61 69 6c 2e 65 76 61 6c 75 61 74 69 6f 6e 66 75 6e 63 74 69 6f 6e 20 3d 20 22 52 65 67 75 6c 61 72 45 78 70 72 65 73 73 69 6f 6e 56 61 6c 69 64 61 74 6f 72 45 76 61 6c 75 61 74 65 49 73 56 61 6c 69 64 22 3b 0d 0a 09 56 61 6c 69 64 61 74 65 54 4f 41 41 45 4d 61 69 6c 2e 76 61 6c 69 64 61 74 69 6f 6e 65 78 70 72 65 73 73 69 6f 6e 20 3d 20 22 5e 5b 5e 20 5c 5c 72 5c 5c 74 5c 5c 6e 5c 5c 66 40 5d 2b 40 5b 5e 20 5c 5c 72 5c 5c 74 5c 5c 6e 5c 5c 66 40 5d 2b 24 22 3b 0d 0a 09 76 61 72 20 49 6e 63 6f 72 72 65 63 74 54 4f 41 41 45 4d 61 69 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 20 3f 20 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 5b 22 49 6e 63 6f 72 72 65 63 74 54
                    Data Ascii: lay = "Dynamic";ValidateTOAAEMail.evaluationfunction = "RegularExpressionValidatorEvaluateIsValid";ValidateTOAAEMail.validationexpression = "^[^ \\r\\t\\n\\f@]+@[^ \\r\\t\\n\\f@]+$";var IncorrectTOAAEMail = document.all ? document.all["IncorrectT


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    1192.168.2.54970913.107.136.104431852C:\Program Files\Google\Chrome\Application\chrome.exe
                    TimestampBytes transferredDirectionData
                    2024-07-02 23:51:55 UTC1139OUTGET /WebResource.axd?d=mjf41zbhcy6XSi2MT4IyfXy9eaA_1J2DzcHlChcfmbH9LgiujjrIBFG9F_XiAHLSQtWNSQI2DPkKf39dr0QR5eTTPvtGW770jKStT60E1Ok1&t=638533172441064469 HTTP/1.1
                    Host: cottonaust-my.sharepoint.com
                    Connection: keep-alive
                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                    sec-ch-ua-mobile: ?0
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                    sec-ch-ua-platform: "Windows"
                    Accept: */*
                    Sec-Fetch-Site: same-origin
                    Sec-Fetch-Mode: no-cors
                    Sec-Fetch-Dest: script
                    Referer: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d
                    Accept-Encoding: gzip, deflate, br
                    Accept-Language: en-US,en;q=0.9
                    2024-07-02 23:51:55 UTC756INHTTP/1.1 200 OK
                    Cache-Control: public
                    Content-Length: 23063
                    Content-Type: application/x-javascript
                    Expires: Wed, 02 Jul 2025 12:22:11 GMT
                    Last-Modified: Fri, 10 May 2024 20:46:52 GMT
                    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                    X-NetworkStatistics: 0,1573888,0,0,185654,0,54759,97
                    X-AspNet-Version: 4.0.30319
                    SPRequestDuration: 4
                    SPIisLatency: 0
                    X-Powered-By: ASP.NET
                    MicrosoftSharePointTeamServices: 16.0.0.25012
                    X-Content-Type-Options: nosniff
                    X-MS-InvokeApp: 1; RequireReadOnly
                    X-Cache: CONFIG_NOCACHE
                    X-MSEdge-Ref: Ref A: AEECA0576B9C4369A5C1942CB0B086D1 Ref B: EWR311000102031 Ref C: 2024-07-02T23:51:55Z
                    Date: Tue, 02 Jul 2024 23:51:55 GMT
                    Connection: close
                    2024-07-02 23:51:55 UTC1117INData Raw: 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 50 6f 73 74 42 61 63 6b 4f 70 74 69 6f 6e 73 28 65 76 65 6e 74 54 61 72 67 65 74 2c 20 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 2c 20 76 61 6c 69 64 61 74 69 6f 6e 2c 20 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 2c 20 61 63 74 69 6f 6e 55 72 6c 2c 20 74 72 61 63 6b 46 6f 63 75 73 2c 20 63 6c 69 65 6e 74 53 75 62 6d 69 74 29 20 7b 0d 0a 20 20 20 20 74 68 69 73 2e 65 76 65 6e 74 54 61 72 67 65 74 20 3d 20 65 76 65 6e 74 54 61 72 67 65 74 3b 0d 0a 20 20 20 20 74 68 69 73 2e 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 20 3d 20 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 3b 0d 0a 20 20 20 20 74 68 69 73 2e 76 61 6c 69 64 61 74 69 6f 6e 20 3d 20 76 61 6c 69 64 61 74 69 6f 6e 3b 0d 0a 20 20 20 20 74 68 69 73 2e 76 61 6c
                    Data Ascii: function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) { this.eventTarget = eventTarget; this.eventArgument = eventArgument; this.validation = validation; this.val
                    2024-07-02 23:51:55 UTC8192INData Raw: 6e 65 64 22 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6c 61 73 74 46 6f 63 75 73 2e 76 61 6c 75 65 20 3d 20 6f 70 74 69 6f 6e 73 2e 65 76 65 6e 74 54 61 72 67 65 74 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 6c 73 65 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 61 63 74 69 76 65 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 28 74 79 70 65 6f 66 28 61 63 74 69 76 65 29 20 21 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 20 26 26 20 28 61 63 74 69 76 65 20 21 3d 20 6e 75 6c 6c 29 29 20 7b 0d 0a 20 20 20 20 20
                    Data Ascii: ned") { lastFocus.value = options.eventTarget; } else { var active = document.activeElement; if ((typeof(active) != "undefined") && (active != null)) {
                    2024-07-02 23:51:55 UTC6441INData Raw: 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 78 6d 6c 52 65 71 75 65 73 74 46 72 61 6d 65 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 78 6d 6c 52 65 71 75 65 73 74 46 72 61 6d 65 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 78 6d 6c 52 65 71 75 65 73 74 46 72 61 6d 65 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 57 65 62 46 6f 72 6d 5f 45 78 65 63 75 74 65 43 61 6c 6c 62 61 63 6b 28 63 61 6c 6c 62 61 63 6b 4f 62 6a 65 63 74 29 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 7d 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 45 78 65 63 75 74 65 43 61 6c 6c 62 61 63 6b 28 63 61 6c 6c 62 61 63 6b 4f 62 6a 65 63 74 29 20 7b 0d 0a
                    Data Ascii: ; if (xmlRequestFrame) { xmlRequestFrame.parentNode.removeChild(xmlRequestFrame); } WebForm_ExecuteCallback(callbackObject); } }}function WebForm_ExecuteCallback(callbackObject) {
                    2024-07-02 23:51:55 UTC7313INData Raw: 20 20 20 20 20 20 20 20 20 20 20 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 5b 74 61 72 67 65 74 5d 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 57 65 62 46 6f 72 6d 5f 53 69 6d 75 6c 61 74 65 43 6c 69 63 6b 28 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 2c 20 65 76 65 6e 74 29 3b 0d 0a 20 20 20 20 20 20 20 20 7d 20 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 47 65 74 53 63 72 6f 6c 6c 58 28 29 20 7b 0d 0a 20 20 20 20 69 66 20 28 5f 5f 6e 6f 6e 4d 53 44 4f 4d 42 72 6f 77 73 65 72 29
                    Data Ascii: defaultButton = document.all[target]; } if (defaultButton) { return WebForm_SimulateClick(defaultButton, event); } } return true;}function WebForm_GetScrollX() { if (__nonMSDOMBrowser)


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    2192.168.2.54971613.107.136.104431852C:\Program Files\Google\Chrome\Application\chrome.exe
                    TimestampBytes transferredDirectionData
                    2024-07-02 23:51:56 UTC1204OUTGET /ScriptResource.axd?d=UB81VRIqU8-q--F_Tm8YSrMkmQn_FnAtBEJXqV-fw0a3QLGBGB09uXHhAA-UjRsiG461unCTYAHSok1cTsIvQNF8Civw5DnMopo4lRQi7zwa0ULv-TQjM7LW7pRAaHot14Cy72k2GboVUdRu0Glvj4qJJqD6TziWtjRqK1Wgsmw1&t=ffffffffa8ad04d3 HTTP/1.1
                    Host: cottonaust-my.sharepoint.com
                    Connection: keep-alive
                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                    sec-ch-ua-mobile: ?0
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                    sec-ch-ua-platform: "Windows"
                    Accept: */*
                    Sec-Fetch-Site: same-origin
                    Sec-Fetch-Mode: no-cors
                    Sec-Fetch-Dest: script
                    Referer: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d
                    Accept-Encoding: gzip, deflate, br
                    Accept-Language: en-US,en;q=0.9
                    2024-07-02 23:51:56 UTC768INHTTP/1.1 200 OK
                    Cache-Control: public
                    Content-Length: 26951
                    Content-Type: application/x-javascript; charset=utf-8
                    Expires: Wed, 02 Jul 2025 23:51:49 GMT
                    Last-Modified: Tue, 02 Jul 2024 23:51:49 GMT
                    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                    X-NetworkStatistics: 0,262656,0,0,586,0,26370,185
                    X-AspNet-Version: 4.0.30319
                    SPRequestDuration: 3
                    SPIisLatency: 4
                    X-Powered-By: ASP.NET
                    MicrosoftSharePointTeamServices: 16.0.0.25012
                    X-Content-Type-Options: nosniff
                    X-MS-InvokeApp: 1; RequireReadOnly
                    X-Cache: CONFIG_NOCACHE
                    X-MSEdge-Ref: Ref A: 964EA9AC6C4248E980FE0B018B1471DA Ref B: EWR311000101017 Ref C: 2024-07-02T23:51:56Z
                    Date: Tue, 02 Jul 2024 23:51:55 GMT
                    Connection: close
                    2024-07-02 23:51:56 UTC3520INData Raw: 76 61 72 20 50 61 67 65 5f 56 61 6c 69 64 61 74 69 6f 6e 56 65 72 20 3d 20 22 31 32 35 22 3b 0d 0a 76 61 72 20 50 61 67 65 5f 49 73 56 61 6c 69 64 20 3d 20 74 72 75 65 3b 0d 0a 76 61 72 20 50 61 67 65 5f 42 6c 6f 63 6b 53 75 62 6d 69 74 20 3d 20 66 61 6c 73 65 3b 0d 0a 76 61 72 20 50 61 67 65 5f 49 6e 76 61 6c 69 64 43 6f 6e 74 72 6f 6c 54 6f 42 65 46 6f 63 75 73 65 64 20 3d 20 6e 75 6c 6c 3b 0d 0a 76 61 72 20 50 61 67 65 5f 54 65 78 74 54 79 70 65 73 20 3d 20 2f 5e 28 74 65 78 74 7c 70 61 73 73 77 6f 72 64 7c 66 69 6c 65 7c 73 65 61 72 63 68 7c 74 65 6c 7c 75 72 6c 7c 65 6d 61 69 6c 7c 6e 75 6d 62 65 72 7c 72 61 6e 67 65 7c 63 6f 6c 6f 72 7c 64 61 74 65 74 69 6d 65 7c 64 61 74 65 7c 6d 6f 6e 74 68 7c 77 65 65 6b 7c 74 69 6d 65 7c 64 61 74 65 74 69 6d 65
                    Data Ascii: var Page_ValidationVer = "125";var Page_IsValid = true;var Page_BlockSubmit = false;var Page_InvalidControlToBeFocused = null;var Page_TextTypes = /^(text|password|file|search|tel|url|email|number|range|color|datetime|date|month|week|time|datetime
                    2024-07-02 23:51:56 UTC8192INData Raw: 64 61 74 6f 72 47 65 74 56 61 6c 75 65 52 65 63 75 72 73 69 76 65 28 63 6f 6e 74 72 6f 6c 29 3b 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 56 61 6c 69 64 61 74 6f 72 47 65 74 56 61 6c 75 65 52 65 63 75 72 73 69 76 65 28 63 6f 6e 74 72 6f 6c 29 0d 0a 7b 0d 0a 20 20 20 20 69 66 20 28 74 79 70 65 6f 66 28 63 6f 6e 74 72 6f 6c 2e 76 61 6c 75 65 29 20 3d 3d 20 22 73 74 72 69 6e 67 22 20 26 26 20 28 63 6f 6e 74 72 6f 6c 2e 74 79 70 65 20 21 3d 20 22 72 61 64 69 6f 22 20 7c 7c 20 63 6f 6e 74 72 6f 6c 2e 63 68 65 63 6b 65 64 20 3d 3d 20 74 72 75 65 29 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 63 6f 6e 74 72 6f 6c 2e 76 61 6c 75 65 3b 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 76 61 72 20 69 2c 20 76 61 6c 3b 0d 0a 20 20 20 20 66 6f 72 20 28 69 20 3d
                    Data Ascii: datorGetValueRecursive(control);}function ValidatorGetValueRecursive(control){ if (typeof(control.value) == "string" && (control.type != "radio" || control.checked == true)) { return control.value; } var i, val; for (i =
                    2024-07-02 23:51:56 UTC4026INData Raw: 6c 20 3a 20 6e 75 6d 29 3b 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 65 6c 73 65 20 69 66 28 64 61 74 61 54 79 70 65 20 3d 3d 20 22 44 6f 75 62 6c 65 22 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 65 78 70 20 3d 20 6e 65 77 20 52 65 67 45 78 70 28 22 5e 5c 5c 73 2a 28 5b 2d 5c 5c 2b 5d 29 3f 28 5c 5c 64 2a 29 5c 5c 22 20 2b 20 76 61 6c 2e 64 65 63 69 6d 61 6c 63 68 61 72 20 2b 20 22 3f 28 5c 5c 64 2a 29 5c 5c 73 2a 24 22 29 3b 0d 0a 20 20 20 20 20 20 20 20 6d 20 3d 20 6f 70 2e 6d 61 74 63 68 28 65 78 70 29 3b 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 6d 20 3d 3d 20 6e 75 6c 6c 29 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 6d 5b 32 5d 2e 6c 65 6e 67 74 68 20 3d 3d 20 30 20 26 26 20 6d 5b
                    Data Ascii: l : num); } else if(dataType == "Double") { exp = new RegExp("^\\s*([-\\+])?(\\d*)\\" + val.decimalchar + "?(\\d*)\\s*$"); m = op.match(exp); if (m == null) return null; if (m[2].length == 0 && m[
                    2024-07-02 23:51:56 UTC8192INData Raw: 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 76 61 6c 69 64 61 74 65 29 3b 0d 0a 20 20 20 20 69 66 20 28 56 61 6c 69 64 61 74 6f 72 54 72 69 6d 28 76 61 6c 75 65 29 2e 6c 65 6e 67 74 68 20 3d 3d 20 30 29 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 20 20 20 20 76 61 72 20 63 6f 6d 70 61 72 65 54 6f 20 3d 20 22 22 3b 0d 0a 20 20 20 20 69 66 20 28 28 74 79 70 65 6f 66 28 76 61 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 63 6f 6d 70 61 72 65 29 20 21 3d 20 22 73 74 72 69 6e 67 22 29 20 7c 7c 0d 0a 20 20 20 20 20 20 20 20 28 74 79 70 65 6f 66 28 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 76 61 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 63 6f 6d 70 61 72 65 29 29 20 3d 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 20 7c 7c 0d 0a 20 20 20 20
                    Data Ascii: l.controltovalidate); if (ValidatorTrim(value).length == 0) return true; var compareTo = ""; if ((typeof(val.controltocompare) != "string") || (typeof(document.getElementById(val.controltocompare)) == "undefined") ||
                    2024-07-02 23:51:56 UTC3021INData Raw: 20 20 20 20 20 20 20 20 20 76 61 72 20 6c 65 6e 67 74 68 20 3d 20 70 61 72 73 65 53 70 65 63 69 66 69 63 41 74 74 72 69 62 75 74 65 28 73 65 6c 65 63 74 6f 72 2c 20 64 61 74 61 56 61 6c 69 64 61 74 69 6f 6e 41 74 74 72 69 62 75 74 65 2c 20 50 61 67 65 5f 56 61 6c 69 64 61 74 6f 72 73 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 65 6e 67 74 68 20 2b 3d 20 70 61 72 73 65 53 70 65 63 69 66 69 63 41 74 74 72 69 62 75 74 65 28 73 65 6c 65 63 74 6f 72 2c 20 64 61 74 61 56 61 6c 69 64 61 74 69 6f 6e 53 75 6d 6d 61 72 79 41 74 74 72 69 62 75 74 65 2c 20 50 61 67 65 5f 56 61 6c 69 64 61 74 69 6f 6e 53 75 6d 6d 61 72 69 65 73 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 6c 65 6e 67 74 68 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20
                    Data Ascii: var length = parseSpecificAttribute(selector, dataValidationAttribute, Page_Validators); length += parseSpecificAttribute(selector, dataValidationSummaryAttribute, Page_ValidationSummaries); return length; }


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    3192.168.2.54971513.107.136.104431852C:\Program Files\Google\Chrome\Application\chrome.exe
                    TimestampBytes transferredDirectionData
                    2024-07-02 23:51:56 UTC1217OUTGET /ScriptResource.axd?d=6Qrb1MfQHAYn0ld2KcB-IQagUn10Pz5rZNeeQFR9J31DjkkXSk6Ms-LupgZ2opu0gtlqdkYGjWhk_NfS0G8dmK-4IH4jF-bcKMZVrbzYRMUiqwBvCIUPUgnW_Ep2ufYz580Cqbm_g0V7ziifpquJmJAr0lDt1oViTng0WEBuRFbYE_sGYg6owziEf46s9z-T0&t=74258c30 HTTP/1.1
                    Host: cottonaust-my.sharepoint.com
                    Connection: keep-alive
                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                    sec-ch-ua-mobile: ?0
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                    sec-ch-ua-platform: "Windows"
                    Accept: */*
                    Sec-Fetch-Site: same-origin
                    Sec-Fetch-Mode: no-cors
                    Sec-Fetch-Dest: script
                    Referer: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d
                    Accept-Encoding: gzip, deflate, br
                    Accept-Language: en-US,en;q=0.9
                    2024-07-02 23:51:56 UTC772INHTTP/1.1 200 OK
                    Cache-Control: public
                    Content-Length: 102801
                    Content-Type: application/x-javascript; charset=utf-8
                    Expires: Wed, 02 Jul 2025 23:51:56 GMT
                    Last-Modified: Tue, 02 Jul 2024 23:51:56 GMT
                    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                    X-NetworkStatistics: 0,525568,0,0,264987,0,36457,208
                    X-AspNet-Version: 4.0.30319
                    SPRequestDuration: 6
                    SPIisLatency: 0
                    X-Powered-By: ASP.NET
                    MicrosoftSharePointTeamServices: 16.0.0.25012
                    X-Content-Type-Options: nosniff
                    X-MS-InvokeApp: 1; RequireReadOnly
                    X-Cache: CONFIG_NOCACHE
                    X-MSEdge-Ref: Ref A: ABA8B90D3C99472F93C3E169FED51461 Ref B: EWR311000107037 Ref C: 2024-07-02T23:51:56Z
                    Date: Tue, 02 Jul 2024 23:51:55 GMT
                    Connection: close
                    2024-07-02 23:51:56 UTC1540INData Raw: 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0d 0a 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 2e 6a 73 0d 0a 46 75 6e 63 74 69 6f 6e 2e 5f 5f 74 79 70 65 4e 61 6d 65 3d 22 46 75 6e 63 74 69 6f 6e 22 3b 46 75 6e 63 74 69 6f 6e 2e 5f 5f 63 6c 61 73 73 3d
                    Data Ascii: //----------------------------------------------------------// Copyright (C) Microsoft Corporation. All rights reserved.//----------------------------------------------------------// MicrosoftAjax.jsFunction.__typeName="Function";Function.__class=
                    2024-07-02 23:51:56 UTC8192INData Raw: 70 53 74 61 63 6b 46 72 61 6d 65 28 29 3b 72 65 74 75 72 6e 20 62 7d 76 61 72 20 65 3d 61 2e 65 6c 65 6d 65 6e 74 54 79 70 65 2c 66 3d 21 21 61 2e 65 6c 65 6d 65 6e 74 4d 61 79 42 65 4e 75 6c 6c 3b 69 66 28 67 3d 3d 3d 41 72 72 61 79 26 26 74 79 70 65 6f 66 20 63 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 63 21 3d 3d 6e 75 6c 6c 26 26 28 65 7c 7c 21 66 29 29 7b 76 61 72 20 6a 3d 21 21 61 2e 65 6c 65 6d 65 6e 74 49 6e 74 65 67 65 72 2c 69 3d 21 21 61 2e 65 6c 65 6d 65 6e 74 44 6f 6d 45 6c 65 6d 65 6e 74 3b 66 6f 72 28 76 61 72 20 64 3d 30 3b 64 3c 63 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 7b 76 61 72 20 6e 3d 63 5b 64 5d 3b 62 3d 46 75 6e 63 74 69 6f 6e 2e 5f 76 61 6c 69 64 61 74 65 50 61 72 61 6d 65 74 65 72 54 79 70 65 28 6e 2c 65 2c 6a 2c 69 2c 66 2c
                    Data Ascii: pStackFrame();return b}var e=a.elementType,f=!!a.elementMayBeNull;if(g===Array&&typeof c!=="undefined"&&c!==null&&(e||!f)){var j=!!a.elementInteger,i=!!a.elementDomElement;for(var d=0;d<c.length;d++){var n=c[d];b=Function._validateParameterType(n,e,j,i,f,
                    2024-07-02 23:51:56 UTC6002INData Raw: 65 74 52 6f 6f 74 4e 61 6d 65 73 70 61 63 65 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 41 72 72 61 79 2e 63 6c 6f 6e 65 28 53 79 73 2e 5f 5f 72 6f 6f 74 4e 61 6d 65 73 70 61 63 65 73 29 7d 3b 54 79 70 65 2e 69 73 43 6c 61 73 73 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 7c 7c 61 3d 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 72 65 74 75 72 6e 20 21 21 61 2e 5f 5f 63 6c 61 73 73 7d 3b 54 79 70 65 2e 69 73 49 6e 74 65 72 66 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 7c 7c 61 3d 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 72 65 74 75 72 6e 20 21 21 61 2e 5f 5f
                    Data Ascii: etRootNamespaces=function(){return Array.clone(Sys.__rootNamespaces)};Type.isClass=function(a){if(typeof a==="undefined"||a===null)return false;return !!a.__class};Type.isInterface=function(a){if(typeof a==="undefined"||a===null)return false;return !!a.__
                    2024-07-02 23:51:56 UTC8192INData Raw: 45 76 65 6e 74 41 72 67 73 29 3b 54 79 70 65 2e 72 65 67 69 73 74 65 72 4e 61 6d 65 73 70 61 63 65 28 22 53 79 73 2e 55 49 22 29 3b 53 79 73 2e 5f 44 65 62 75 67 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 53 79 73 2e 5f 44 65 62 75 67 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 5f 61 70 70 65 6e 64 43 6f 6e 73 6f 6c 65 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 74 79 70 65 6f 66 20 44 65 62 75 67 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 44 65 62 75 67 2e 77 72 69 74 65 6c 6e 29 44 65 62 75 67 2e 77 72 69 74 65 6c 6e 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 26 26 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 29 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 6f 70 65 72 61 29
                    Data Ascii: EventArgs);Type.registerNamespace("Sys.UI");Sys._Debug=function(){};Sys._Debug.prototype={_appendConsole:function(a){if(typeof Debug!=="undefined"&&Debug.writeln)Debug.writeln(a);if(window.console&&window.console.log)window.console.log(a);if(window.opera)
                    2024-07-02 23:51:56 UTC8192INData Raw: 75 6c 6c 2c 2d 31 2c 5b 62 5d 2c 63 29 29 3b 72 65 74 75 72 6e 20 74 72 75 65 7d 72 65 74 75 72 6e 20 66 61 6c 73 65 7d 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 72 65 6d 6f 76 65 41 74 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 61 29 7b 69 66 28 61 3e 2d 31 26 26 61 3c 62 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 63 3d 62 5b 61 5d 3b 41 72 72 61 79 2e 72 65 6d 6f 76 65 41 74 28 62 2c 61 29 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 5f 63 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 28 62 2c 6e 65 77 20 53 79 73 2e 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 28 53 79 73 2e 4e 6f 74 69 66 79 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 64 41 63 74 69 6f 6e 2e 72 65 6d 6f 76 65 2c 6e 75 6c 6c 2c 2d 31 2c 5b 63 5d 2c 61 29 29 7d 7d 3b 53 79 73 2e 4f 62 73 65 72
                    Data Ascii: ull,-1,[b],c));return true}return false};Sys.Observer.removeAt=function(b,a){if(a>-1&&a<b.length){var c=b[a];Array.removeAt(b,a);Sys.Observer._collectionChange(b,new Sys.CollectionChange(Sys.NotifyCollectionChangedAction.remove,null,-1,[c],a))}};Sys.Obser
                    2024-07-02 23:51:56 UTC8192INData Raw: 53 74 72 69 6e 67 28 29 7d 66 75 6e 63 74 69 6f 6e 20 76 28 61 29 7b 69 66 28 61 3c 31 30 29 72 65 74 75 72 6e 20 22 30 30 30 22 2b 61 3b 65 6c 73 65 20 69 66 28 61 3c 31 30 30 29 72 65 74 75 72 6e 20 22 30 30 22 2b 61 3b 65 6c 73 65 20 69 66 28 61 3c 31 30 30 30 29 72 65 74 75 72 6e 20 22 30 22 2b 61 3b 72 65 74 75 72 6e 20 61 2e 74 6f 53 74 72 69 6e 67 28 29 7d 76 61 72 20 68 2c 70 2c 74 3d 2f 28 5b 5e 64 5d 7c 5e 29 28 64 7c 64 64 29 28 5b 5e 64 5d 7c 24 29 2f 67 3b 66 75 6e 63 74 69 6f 6e 20 73 28 29 7b 69 66 28 68 7c 7c 70 29 72 65 74 75 72 6e 20 68 3b 68 3d 74 2e 74 65 73 74 28 65 29 3b 70 3d 74 72 75 65 3b 72 65 74 75 72 6e 20 68 7d 76 61 72 20 71 3d 30 2c 6f 3d 44 61 74 65 2e 5f 67 65 74 54 6f 6b 65 6e 52 65 67 45 78 70 28 29 2c 66 3b 69 66 28 21
                    Data Ascii: String()}function v(a){if(a<10)return "000"+a;else if(a<100)return "00"+a;else if(a<1000)return "0"+a;return a.toString()}var h,p,t=/([^d]|^)(d|dd)([^d]|$)/g;function s(){if(h||p)return h;h=t.test(e);p=true;return h}var q=0,o=Date._getTokenRegExp(),f;if(!
                    2024-07-02 23:51:56 UTC8192INData Raw: 68 69 73 2e 5f 75 70 70 65 72 41 62 62 72 44 61 79 73 3d 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 41 72 72 61 79 28 74 68 69 73 2e 64 61 74 65 54 69 6d 65 46 6f 72 6d 61 74 2e 41 62 62 72 65 76 69 61 74 65 64 44 61 79 4e 61 6d 65 73 29 3b 72 65 74 75 72 6e 20 41 72 72 61 79 2e 69 6e 64 65 78 4f 66 28 74 68 69 73 2e 5f 75 70 70 65 72 41 62 62 72 44 61 79 73 2c 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 28 61 29 29 7d 2c 5f 74 6f 55 70 70 65 72 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 62 3d 5b 5d 3b 66 6f 72 28 76 61 72 20 61 3d 30 2c 64 3d 63 2e 6c 65 6e 67 74 68 3b 61 3c 64 3b 61 2b 2b 29 62 5b 61 5d 3d 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 28 63 5b 61 5d 29 3b 72 65 74 75 72 6e 20 62 7d 2c 5f 74 6f 55 70 70 65 72 3a 66 75 6e 63 74 69
                    Data Ascii: his._upperAbbrDays=this._toUpperArray(this.dateTimeFormat.AbbreviatedDayNames);return Array.indexOf(this._upperAbbrDays,this._toUpper(a))},_toUpperArray:function(c){var b=[];for(var a=0,d=c.length;a<d;a++)b[a]=this._toUpper(c[a]);return b},_toUpper:functi
                    2024-07-02 23:51:56 UTC8192INData Raw: 3d 3d 2d 31 29 69 66 28 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 4f 70 65 72 61 7c 7c 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 46 69 72 65 46 6f 78 29 61 3d 61 2e 73 70 6c 69 74 28 62 29 2e 6a 6f 69 6e 28 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 65 73 63 61 70 65 43 68 61 72 73 5b 62 5d 29 3b 65 6c 73 65 20 61 3d 61 2e 72 65 70 6c 61 63 65 28 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 63 68 61 72 73 54 6f 45 73 63 61 70 65 52 65 67 45 78 73 5b 62 5d 2c 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74
                    Data Ascii: ==-1)if(Sys.Browser.agent===Sys.Browser.Opera||Sys.Browser.agent===Sys.Browser.FireFox)a=a.split(b).join(Sys.Serialization.JavaScriptSerializer._escapeChars[b]);else a=a.replace(Sys.Serialization.JavaScriptSerializer._charsToEscapeRegExs[b],Sys.Serializat
                    2024-07-02 23:51:56 UTC8192INData Raw: 66 28 74 79 70 65 6f 66 20 61 2e 6f 66 66 73 65 74 58 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 74 79 70 65 6f 66 20 61 2e 6f 66 66 73 65 74 59 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 7b 74 68 69 73 2e 6f 66 66 73 65 74 58 3d 61 2e 6f 66 66 73 65 74 58 3b 74 68 69 73 2e 6f 66 66 73 65 74 59 3d 61 2e 6f 66 66 73 65 74 59 7d 65 6c 73 65 20 69 66 28 74 68 69 73 2e 74 61 72 67 65 74 26 26 74 68 69 73 2e 74 61 72 67 65 74 2e 6e 6f 64 65 54 79 70 65 21 3d 3d 33 26 26 74 79 70 65 6f 66 20 61 2e 63 6c 69 65 6e 74 58 3d 3d 3d 22 6e 75 6d 62 65 72 22 29 7b 76 61 72 20 63 3d 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 67 65 74 4c 6f 63 61 74 69 6f 6e 28 74 68 69 73 2e 74 61 72 67 65 74 29 2c 64 3d 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e
                    Data Ascii: f(typeof a.offsetX!=="undefined"&&typeof a.offsetY!=="undefined"){this.offsetX=a.offsetX;this.offsetY=a.offsetY}else if(this.target&&this.target.nodeType!==3&&typeof a.clientX==="number"){var c=Sys.UI.DomElement.getLocation(this.target),d=Sys.UI.DomElemen
                    2024-07-02 23:51:56 UTC8192INData Raw: 69 6f 6e 28 61 29 7b 69 66 28 21 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 29 7b 76 61 72 20 62 3d 61 2e 63 75 72 72 65 6e 74 53 74 79 6c 65 7c 7c 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 5f 67 65 74 43 75 72 72 65 6e 74 53 74 79 6c 65 28 61 29 3b 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 3d 62 3f 62 2e 64 69 73 70 6c 61 79 3a 6e 75 6c 6c 3b 69 66 28 21 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 7c 7c 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 3d 3d 3d 22 6e 6f 6e 65 22 29 73 77 69 74 63 68 28 61 2e 74 61 67 4e 61 6d 65 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 29 7b 63 61 73 65 20 22 44 49 56 22 3a 63 61 73 65 20 22 50 22 3a 63 61 73 65 20 22 41 44 44 52 45 53 53 22 3a 63 61 73 65 20 22 42 4c 4f 43 4b 51 55
                    Data Ascii: ion(a){if(!a._oldDisplayMode){var b=a.currentStyle||Sys.UI.DomElement._getCurrentStyle(a);a._oldDisplayMode=b?b.display:null;if(!a._oldDisplayMode||a._oldDisplayMode==="none")switch(a.tagName.toUpperCase()){case "DIV":case "P":case "ADDRESS":case "BLOCKQU


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    4192.168.2.54971713.107.136.104431852C:\Program Files\Google\Chrome\Application\chrome.exe
                    TimestampBytes transferredDirectionData
                    2024-07-02 23:51:56 UTC1217OUTGET /ScriptResource.axd?d=SEcewcKlewa2Zn8STa8wutLAB03BeU2Kte1tliaQWUNmEotkU_hQfYWZb8clo440783cWlQAWYOa9gponU1_PssX0i55ojQPo7OvA-g25rlV6707O5-4mlXca5Grx-XbN9odycpgyFYciaRc0LhaRRF_472P6sQ2f587XxWrT61rsrCpsUjgMQrk3x9NSSgB0&t=74258c30 HTTP/1.1
                    Host: cottonaust-my.sharepoint.com
                    Connection: keep-alive
                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                    sec-ch-ua-mobile: ?0
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                    sec-ch-ua-platform: "Windows"
                    Accept: */*
                    Sec-Fetch-Site: same-origin
                    Sec-Fetch-Mode: no-cors
                    Sec-Fetch-Dest: script
                    Referer: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d
                    Accept-Encoding: gzip, deflate, br
                    Accept-Language: en-US,en;q=0.9
                    2024-07-02 23:51:56 UTC765INHTTP/1.1 200 OK
                    Cache-Control: public
                    Content-Length: 40326
                    Content-Type: application/x-javascript; charset=utf-8
                    Expires: Wed, 02 Jul 2025 22:22:55 GMT
                    Last-Modified: Tue, 02 Jul 2024 22:22:55 GMT
                    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                    X-NetworkStatistics: 0,262656,0,0,82,0,20775,1
                    X-AspNet-Version: 4.0.30319
                    SPRequestDuration: 5
                    SPIisLatency: 0
                    X-Powered-By: ASP.NET
                    MicrosoftSharePointTeamServices: 16.0.0.25012
                    X-Content-Type-Options: nosniff
                    X-MS-InvokeApp: 1; RequireReadOnly
                    X-Cache: CONFIG_NOCACHE
                    X-MSEdge-Ref: Ref A: 8A14F861BEFC4A818AA4A442EE682318 Ref B: EWR311000108031 Ref C: 2024-07-02T23:51:56Z
                    Date: Tue, 02 Jul 2024 23:51:55 GMT
                    Connection: close
                    2024-07-02 23:51:56 UTC3405INData Raw: 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0d 0a 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 57 65 62 46 6f 72 6d 73 2e 6a 73 0d 0a 54 79 70 65 2e 5f 72 65 67 69 73 74 65 72 53 63 72 69 70 74 28 22 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 57 65 62 46 6f
                    Data Ascii: //----------------------------------------------------------// Copyright (C) Microsoft Corporation. All rights reserved.//----------------------------------------------------------// MicrosoftAjaxWebForms.jsType._registerScript("MicrosoftAjaxWebFo
                    2024-07-02 23:51:56 UTC8192INData Raw: 2e 5f 65 76 65 6e 74 73 29 64 65 6c 65 74 65 20 74 68 69 73 2e 5f 65 76 65 6e 74 73 3b 74 68 69 73 2e 5f 73 65 73 73 69 6f 6e 73 3d 6e 75 6c 6c 3b 74 68 69 73 2e 5f 63 75 72 72 65 6e 74 53 65 73 73 69 6f 6e 3d 6e 75 6c 6c 3b 74 68 69 73 2e 5f 73 63 72 69 70 74 4c 6f 61 64 65 64 44 65 6c 65 67 61 74 65 3d 6e 75 6c 6c 7d 2c 6c 6f 61 64 53 63 72 69 70 74 73 3a 66 75 6e 63 74 69 6f 6e 28 64 2c 62 2c 63 2c 61 29 7b 76 61 72 20 65 3d 7b 61 6c 6c 53 63 72 69 70 74 73 4c 6f 61 64 65 64 43 61 6c 6c 62 61 63 6b 3a 62 2c 73 63 72 69 70 74 4c 6f 61 64 46 61 69 6c 65 64 43 61 6c 6c 62 61 63 6b 3a 63 2c 73 63 72 69 70 74 4c 6f 61 64 54 69 6d 65 6f 75 74 43 61 6c 6c 62 61 63 6b 3a 61 2c 73 63 72 69 70 74 73 54 6f 4c 6f 61 64 3a 74 68 69 73 2e 5f 73 63 72 69 70 74 73 54
                    Data Ascii: ._events)delete this._events;this._sessions=null;this._currentSession=null;this._scriptLoadedDelegate=null},loadScripts:function(d,b,c,a){var e={allScriptsLoadedCallback:b,scriptLoadFailedCallback:c,scriptLoadTimeoutCallback:a,scriptsToLoad:this._scriptsT
                    2024-07-02 23:51:56 UTC4144INData Raw: 73 2e 50 61 67 65 52 65 71 75 65 73 74 4d 61 6e 61 67 65 72 53 65 72 76 65 72 45 72 72 6f 72 45 78 63 65 70 74 69 6f 6e 3a 20 22 2b 28 64 7c 7c 53 74 72 69 6e 67 2e 66 6f 72 6d 61 74 28 53 79 73 2e 57 65 62 46 6f 72 6d 73 2e 52 65 73 2e 50 52 4d 5f 53 65 72 76 65 72 45 72 72 6f 72 2c 61 29 29 2c 62 3d 45 72 72 6f 72 2e 63 72 65 61 74 65 28 63 2c 7b 6e 61 6d 65 3a 22 53 79 73 2e 57 65 62 46 6f 72 6d 73 2e 50 61 67 65 52 65 71 75 65 73 74 4d 61 6e 61 67 65 72 53 65 72 76 65 72 45 72 72 6f 72 45 78 63 65 70 74 69 6f 6e 22 2c 68 74 74 70 53 74 61 74 75 73 43 6f 64 65 3a 61 7d 29 3b 62 2e 70 6f 70 53 74 61 63 6b 46 72 61 6d 65 28 29 3b 72 65 74 75 72 6e 20 62 7d 2c 5f 63 72 65 61 74 65 50 61 67 65 52 65 71 75 65 73 74 4d 61 6e 61 67 65 72 50 61 72 73 65 72 45
                    Data Ascii: s.PageRequestManagerServerErrorException: "+(d||String.format(Sys.WebForms.Res.PRM_ServerError,a)),b=Error.create(c,{name:"Sys.WebForms.PageRequestManagerServerErrorException",httpStatusCode:a});b.popStackFrame();return b},_createPageRequestManagerParserE
                    2024-07-02 23:51:56 UTC8192INData Raw: 74 65 28 61 2e 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 29 3b 69 66 28 64 29 7b 69 66 28 74 79 70 65 6f 66 20 61 2e 61 63 74 69 6f 6e 55 72 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 61 2e 61 63 74 69 6f 6e 55 72 6c 21 3d 6e 75 6c 6c 26 26 61 2e 61 63 74 69 6f 6e 55 72 6c 2e 6c 65 6e 67 74 68 3e 30 29 74 68 65 46 6f 72 6d 2e 61 63 74 69 6f 6e 3d 61 2e 61 63 74 69 6f 6e 55 72 6c 3b 69 66 28 61 2e 74 72 61 63 6b 46 6f 63 75 73 29 7b 76 61 72 20 63 3d 74 68 65 46 6f 72 6d 2e 65 6c 65 6d 65 6e 74 73 5b 22 5f 5f 4c 41 53 54 46 4f 43 55 53 22 5d 3b 69 66 28 74 79 70 65 6f 66 20 63 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 63 21 3d 6e 75 6c 6c 29 69 66 28 74 79 70 65 6f 66 20 64 6f 63 75 6d 65 6e 74 2e 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 3d 3d 22
                    Data Ascii: te(a.validationGroup);if(d){if(typeof a.actionUrl!="undefined"&&a.actionUrl!=null&&a.actionUrl.length>0)theForm.action=a.actionUrl;if(a.trackFocus){var c=theForm.elements["__LASTFOCUS"];if(typeof c!="undefined"&&c!=null)if(typeof document.activeElement=="
                    2024-07-02 23:51:56 UTC8192INData Raw: 69 74 69 6f 6e 61 6c 49 6e 70 75 74 29 7b 62 2e 61 70 70 65 6e 64 28 74 68 69 73 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 29 3b 74 68 69 73 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 3d 6e 75 6c 6c 7d 76 61 72 20 63 3d 6e 65 77 20 53 79 73 2e 4e 65 74 2e 57 65 62 52 65 71 75 65 73 74 2c 61 3d 77 2e 61 63 74 69 6f 6e 3b 69 66 28 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 49 6e 74 65 72 6e 65 74 45 78 70 6c 6f 72 65 72 29 7b 76 61 72 20 72 3d 61 2e 69 6e 64 65 78 4f 66 28 22 23 22 29 3b 69 66 28 72 21 3d 3d 2d 31 29 61 3d 61 2e 73 75 62 73 74 72 28 30 2c 72 29 3b 76 61 72 20 6f 3d 22 22 2c 76 3d 22 22 2c 6d 3d 61 2e 69 6e 64 65 78 4f 66 28 22 3f 22 29 3b 69 66 28 6d 21 3d 3d 2d 31 29 7b
                    Data Ascii: itionalInput){b.append(this._additionalInput);this._additionalInput=null}var c=new Sys.Net.WebRequest,a=w.action;if(Sys.Browser.agent===Sys.Browser.InternetExplorer){var r=a.indexOf("#");if(r!==-1)a=a.substr(0,r);var o="",v="",m=a.indexOf("?");if(m!==-1){
                    2024-07-02 23:51:56 UTC8192INData Raw: 73 5b 61 5d 2c 62 29 7d 2c 5f 73 63 72 69 70 74 49 6e 63 6c 75 64 65 73 4c 6f 61 64 43 6f 6d 70 6c 65 74 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 62 29 7b 69 66 28 62 2e 65 78 65 63 75 74 6f 72 2e 67 65 74 5f 77 65 62 52 65 71 75 65 73 74 28 29 21 3d 3d 74 68 69 73 2e 5f 72 65 71 75 65 73 74 29 72 65 74 75 72 6e 3b 74 68 69 73 2e 5f 63 6f 6d 6d 69 74 43 6f 6e 74 72 6f 6c 73 28 62 2e 75 70 64 61 74 65 50 61 6e 65 6c 44 61 74 61 2c 62 2e 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 54 69 6d 65 6f 75 74 4e 6f 64 65 3f 62 2e 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 54 69 6d 65 6f 75 74 4e 6f 64 65 2e 63 6f 6e 74 65 6e 74 3a 6e 75 6c 6c 29 3b 69 66 28 62 2e 66 6f 72 6d 41 63 74 69 6f 6e 4e 6f 64 65 29 74 68 69 73 2e 5f 66 6f 72 6d 2e 61 63 74 69 6f 6e 3d 62 2e 66 6f 72
                    Data Ascii: s[a],b)},_scriptIncludesLoadComplete:function(e,b){if(b.executor.get_webRequest()!==this._request)return;this._commitControls(b.updatePanelData,b.asyncPostBackTimeoutNode?b.asyncPostBackTimeoutNode.content:null);if(b.formActionNode)this._form.action=b.for
                    2024-07-02 23:51:56 UTC9INData Raw: 20 6f 6e 63 65 2e 22 7d 3b
                    Data Ascii: once."};


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    5192.168.2.54971813.107.136.104431852C:\Program Files\Google\Chrome\Application\chrome.exe
                    TimestampBytes transferredDirectionData
                    2024-07-02 23:51:56 UTC1089OUTGET /_layouts/15/images/microsoft-logo.png HTTP/1.1
                    Host: cottonaust-my.sharepoint.com
                    Connection: keep-alive
                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                    sec-ch-ua-mobile: ?0
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                    sec-ch-ua-platform: "Windows"
                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Sec-Fetch-Site: same-origin
                    Sec-Fetch-Mode: no-cors
                    Sec-Fetch-Dest: image
                    Referer: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d
                    Accept-Encoding: gzip, deflate, br
                    Accept-Language: en-US,en;q=0.9
                    2024-07-02 23:51:56 UTC730INHTTP/1.1 200 OK
                    Cache-Control: max-age=31536000
                    Content-Length: 3331
                    Content-Type: image/png
                    Last-Modified: Thu, 27 Jun 2024 04:12:01 GMT
                    Accept-Ranges: bytes
                    ETag: "74fd3c2948c8da1:0"
                    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                    X-NetworkStatistics: 0,525568,0,0,302545,0,78544,208
                    SPRequestDuration: 4
                    SPIisLatency: 0
                    X-Powered-By: ASP.NET
                    MicrosoftSharePointTeamServices: 16.0.0.25012
                    X-Content-Type-Options: nosniff
                    X-MS-InvokeApp: 1; RequireReadOnly
                    X-Cache: CONFIG_NOCACHE
                    X-MSEdge-Ref: Ref A: 309899593B444574AA253958B3E1AEDE Ref B: EWR311000107025 Ref C: 2024-07-02T23:51:56Z
                    Date: Tue, 02 Jul 2024 23:51:56 GMT
                    Connection: close
                    2024-07-02 23:51:56 UTC1510INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 e2 00 00 00 30 08 06 00 00 00 0c e6 a6 f3 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 0c bd 49 44 41 54 78 01 ed 9c 3d 77 1b b9 15 86 47 b6 7a d3 bf c0 4c ca 34 66 4e d2 6b 5c 64 53 9a ee b3 c7 a3 5f 60 fa ab 8d a8 da 1f d2 fe 02 8f 72 d2 9b ee b2 95 c9 7e cf 46 aa dc 65 a9 5f b0 52 5a 7f 30 cf 4b 03 5c 0c 06 43 42 12 87 de 8d 31 e7 8c 81 7b 71 71 2f e6 05 5e 7c 0c 47 de fa 6f ff f7 b3 ac 85 0b a7 3f de 18 fd e7 4f 72 fd f7 ef b3 1f b6 b6 b2 79 7e dd a1 f6 ff 92 5d cb b6 b2 56 9e 61 dd 6d 4d fe 12 02 4d 08 5c 6b 2a 48 fa 84 40 42 60 73 08 24 22 6e 0e eb 14 29 21 d0 88 40 22 62 23 34 a9 20 21 b0 39 04 12 11 37 87 75 8a 94 10 68 44 20 11 b1 11 9a 54 90 10 d8 1c 02 89 88 9b c3 3a 45 4a 08 34 22 b0 dd
                    Data Ascii: PNGIHDR0sRGBIDATx=wGzL4fNk\dS_`r~Fe_RZ0K\CB1{qq/^|Go?Ory~]VamMM\k*H@B`s$"n)!@"b#4 !97uhD T:EJ4"
                    2024-07-02 23:51:56 UTC1821INData Raw: 95 d4 b9 61 eb 89 70 22 1e 72 61 75 f8 e8 a1 b7 e2 3c c5 a6 70 5e a4 9c a1 9c 72 8f 84 03 98 f7 e7 46 ce 3f b4 e1 40 be 1d d5 3c 8b ef ca f9 d8 96 eb 79 f0 33 a2 ce 6d ab 33 e9 1e 65 a5 c1 a0 b4 65 3c 0b 74 a9 5e cb ce a9 e0 3e c6 b7 3b b9 65 1a 2b a1 ef 87 b7 ed 7f 79 58 75 bf 5e 69 ff 9b ec db f5 7a 6c d7 9b 06 14 20 4e 3c 10 ef d3 39 03 ca 34 20 fc eb be ab a0 e3 4b 57 5e 57 5e 9d 48 9b fc 81 76 ce c4 d1 53 9b 9b e2 b8 a4 6a b2 71 f4 05 f6 23 47 ce 2c 19 c0 64 e8 ea 4d 5e 5f 00 e5 0d b8 64 9a 90 18 c0 05 b6 af bd ba c2 73 e8 b4 db 27 c3 22 ae 57 2f 33 b1 4a 57 6f 5e f2 e4 ae ce e4 ef f9 cf 63 6d 14 9b 36 e4 10 7e 8a ae 32 51 80 75 81 ee 90 7b 23 57 da 9a 36 c3 5c fa 45 a6 73 2a 6a cd f8 90 a3 eb 2a 5b 7c 49 53 21 bc 62 42 fa 81 33 98 dd 66 5c 38 8f af
                    Data Ascii: ap"rau<p^rF?@<y3m3ee<t^>;e+yXu^izl N<94 KW^W^HvSjq#G,dM^_ds'"W/3JWo^cm6~2Qu{#W6\Es*j*[|IS!bB3f\8


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    6192.168.2.54971913.107.136.104431852C:\Program Files\Google\Chrome\Application\chrome.exe
                    TimestampBytes transferredDirectionData
                    2024-07-02 23:51:57 UTC389OUTGET /_layouts/15/images/microsoft-logo.png HTTP/1.1
                    Host: cottonaust-my.sharepoint.com
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                    Accept: */*
                    Sec-Fetch-Site: none
                    Sec-Fetch-Mode: cors
                    Sec-Fetch-Dest: empty
                    Accept-Encoding: gzip, deflate, br
                    Accept-Language: en-US,en;q=0.9
                    2024-07-02 23:51:57 UTC730INHTTP/1.1 200 OK
                    Cache-Control: max-age=31536000
                    Content-Length: 3331
                    Content-Type: image/png
                    Last-Modified: Thu, 27 Jun 2024 04:12:01 GMT
                    Accept-Ranges: bytes
                    ETag: "74fd3c2948c8da1:0"
                    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                    X-NetworkStatistics: 0,525568,0,0,110532,0,82640,208
                    SPRequestDuration: 5
                    SPIisLatency: 1
                    X-Powered-By: ASP.NET
                    MicrosoftSharePointTeamServices: 16.0.0.25012
                    X-Content-Type-Options: nosniff
                    X-MS-InvokeApp: 1; RequireReadOnly
                    X-Cache: CONFIG_NOCACHE
                    X-MSEdge-Ref: Ref A: 80591B0C5E204E938A138F696C3FC3F6 Ref B: EWR311000107027 Ref C: 2024-07-02T23:51:57Z
                    Date: Tue, 02 Jul 2024 23:51:56 GMT
                    Connection: close
                    2024-07-02 23:51:57 UTC3331INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 e2 00 00 00 30 08 06 00 00 00 0c e6 a6 f3 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 0c bd 49 44 41 54 78 01 ed 9c 3d 77 1b b9 15 86 47 b6 7a d3 bf c0 4c ca 34 66 4e d2 6b 5c 64 53 9a ee b3 c7 a3 5f 60 fa ab 8d a8 da 1f d2 fe 02 8f 72 d2 9b ee b2 95 c9 7e cf 46 aa dc 65 a9 5f b0 52 5a 7f 30 cf 4b 03 5c 0c 06 43 42 12 87 de 8d 31 e7 8c 81 7b 71 71 2f e6 05 5e 7c 0c 47 de fa 6f ff f7 b3 ac 85 0b a7 3f de 18 fd e7 4f 72 fd f7 ef b3 1f b6 b6 b2 79 7e dd a1 f6 ff 92 5d cb b6 b2 56 9e 61 dd 6d 4d fe 12 02 4d 08 5c 6b 2a 48 fa 84 40 42 60 73 08 24 22 6e 0e eb 14 29 21 d0 88 40 22 62 23 34 a9 20 21 b0 39 04 12 11 37 87 75 8a 94 10 68 44 20 11 b1 11 9a 54 90 10 d8 1c 02 89 88 9b c3 3a 45 4a 08 34 22 b0 dd
                    Data Ascii: PNGIHDR0sRGBIDATx=wGzL4fNk\dS_`r~Fe_RZ0K\CB1{qq/^|Go?Ory~]VamMM\k*H@B`s$"n)!@"b#4 !97uhD T:EJ4"


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    7192.168.2.54972313.107.136.104431852C:\Program Files\Google\Chrome\Application\chrome.exe
                    TimestampBytes transferredDirectionData
                    2024-07-02 23:51:58 UTC1089OUTGET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1
                    Host: cottonaust-my.sharepoint.com
                    Connection: keep-alive
                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                    sec-ch-ua-mobile: ?0
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                    sec-ch-ua-platform: "Windows"
                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Sec-Fetch-Site: same-origin
                    Sec-Fetch-Mode: no-cors
                    Sec-Fetch-Dest: image
                    Referer: https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d
                    Accept-Encoding: gzip, deflate, br
                    Accept-Language: en-US,en;q=0.9
                    2024-07-02 23:51:58 UTC737INHTTP/1.1 200 OK
                    Cache-Control: max-age=31536000
                    Content-Length: 7886
                    Content-Type: image/x-icon
                    Last-Modified: Thu, 27 Jun 2024 04:11:44 GMT
                    Accept-Ranges: bytes
                    ETag: "8b1ed1e48c8da1:0"
                    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                    X-NetworkStatistics: 0,1051136,0,426,4616354,0,737981,208
                    SPRequestDuration: 4
                    SPIisLatency: 0
                    X-Powered-By: ASP.NET
                    MicrosoftSharePointTeamServices: 16.0.0.25012
                    X-Content-Type-Options: nosniff
                    X-MS-InvokeApp: 1; RequireReadOnly
                    X-Cache: CONFIG_NOCACHE
                    X-MSEdge-Ref: Ref A: 9871E3570E494C07A7A079BEDEA112C7 Ref B: EWR311000104019 Ref C: 2024-07-02T23:51:58Z
                    Date: Tue, 02 Jul 2024 23:51:58 GMT
                    Connection: close
                    2024-07-02 23:51:58 UTC2055INData Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 c6 37 30 d0 c6 37 af d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 af d0 c6 37 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                    Data Ascii: 6 hf( @ 7077777770
                    2024-07-02 23:51:58 UTC5831INData Raw: ff ff ff ad aa 52 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 5d 59 0e ff 91 8b 17 ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff cb c9 91 ff ff ff ff ff ff ff ff ff ff ff ff ff d2 d1 a1 ff 9e 9a 32 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 5d 59 0e ff 91 8b 17 ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a cf 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff ff ff ff ff ff ff ff ff da d8 b0 ff 96 93 23 ff 87 83 03 ff
                    Data Ascii: R]Y2]Y#


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    8192.168.2.549721184.28.90.27443
                    TimestampBytes transferredDirectionData
                    2024-07-02 23:51:58 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                    Connection: Keep-Alive
                    Accept: */*
                    Accept-Encoding: identity
                    User-Agent: Microsoft BITS/7.8
                    Host: fs.microsoft.com
                    2024-07-02 23:51:58 UTC467INHTTP/1.1 200 OK
                    Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                    Content-Type: application/octet-stream
                    ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                    Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                    Server: ECAcc (lpl/EF06)
                    X-CID: 11
                    X-Ms-ApiVersion: Distribute 1.2
                    X-Ms-Region: prod-neu-z1
                    Cache-Control: public, max-age=145026
                    Date: Tue, 02 Jul 2024 23:51:58 GMT
                    Connection: close
                    X-CID: 2


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    9192.168.2.549725184.28.90.27443
                    TimestampBytes transferredDirectionData
                    2024-07-02 23:51:59 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                    Connection: Keep-Alive
                    Accept: */*
                    Accept-Encoding: identity
                    If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                    Range: bytes=0-2147483646
                    User-Agent: Microsoft BITS/7.8
                    Host: fs.microsoft.com
                    2024-07-02 23:51:59 UTC515INHTTP/1.1 200 OK
                    ApiVersion: Distribute 1.1
                    Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                    Content-Type: application/octet-stream
                    ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                    Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                    Server: ECAcc (lpl/EF06)
                    X-CID: 11
                    X-Ms-ApiVersion: Distribute 1.2
                    X-Ms-Region: prod-weu-z1
                    Cache-Control: public, max-age=145035
                    Date: Tue, 02 Jul 2024 23:51:59 GMT
                    Content-Length: 55
                    Connection: close
                    X-CID: 2
                    2024-07-02 23:51:59 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                    Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                    10192.168.2.54972613.107.136.104431852C:\Program Files\Google\Chrome\Application\chrome.exe
                    TimestampBytes transferredDirectionData
                    2024-07-02 23:51:59 UTC389OUTGET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1
                    Host: cottonaust-my.sharepoint.com
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                    Accept: */*
                    Sec-Fetch-Site: none
                    Sec-Fetch-Mode: cors
                    Sec-Fetch-Dest: empty
                    Accept-Encoding: gzip, deflate, br
                    Accept-Language: en-US,en;q=0.9
                    2024-07-02 23:52:00 UTC732INHTTP/1.1 200 OK
                    Cache-Control: max-age=31536000
                    Content-Length: 7886
                    Content-Type: image/x-icon
                    Last-Modified: Thu, 27 Jun 2024 04:11:44 GMT
                    Accept-Ranges: bytes
                    ETag: "8b1ed1e48c8da1:0"
                    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                    X-NetworkStatistics: 0,525568,0,0,174158,0,46606,208
                    SPRequestDuration: 5
                    SPIisLatency: 1
                    X-Powered-By: ASP.NET
                    MicrosoftSharePointTeamServices: 16.0.0.25012
                    X-Content-Type-Options: nosniff
                    X-MS-InvokeApp: 1; RequireReadOnly
                    X-Cache: CONFIG_NOCACHE
                    X-MSEdge-Ref: Ref A: 67CEDAC6C6DD4F6D9C4813EEE5251705 Ref B: EWR311000107031 Ref C: 2024-07-02T23:51:59Z
                    Date: Tue, 02 Jul 2024 23:51:59 GMT
                    Connection: close
                    2024-07-02 23:52:00 UTC3619INData Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 c6 37 30 d0 c6 37 af d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 af d0 c6 37 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                    Data Ascii: 6 hf( @ 7077777770
                    2024-07-02 23:52:00 UTC4267INData Raw: 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 6c 03 8f 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 8f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 6c 03 9f 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff
                    Data Ascii: lplplplplplpl@plplplplplplplplplplplplplplplplplplplplplplplplpl


                    Statistics

                    CPU Usage

                    Click to jump to process

                    Memory Usage

                    Click to jump to process

                    Behavior

                    Click to jump to process

                    System Behavior

                    General

                    Target ID:0
                    Start time:19:51:48
                    Start date:02/07/2024
                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                    Wow64 process (32bit):false
                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                    Imagebase:0x7ff715980000
                    File size:3'242'272 bytes
                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                    Has elevated privileges:true
                    Has administrator privileges:true
                    Programmed in:C, C++ or other language
                    Reputation:low
                    Has exited:false

                    General

                    Target ID:2
                    Start time:19:51:51
                    Start date:02/07/2024
                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                    Wow64 process (32bit):false
                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1936,i,9897313922879356444,17441930425800332553,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                    Imagebase:0x7ff715980000
                    File size:3'242'272 bytes
                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                    Has elevated privileges:true
                    Has administrator privileges:true
                    Programmed in:C, C++ or other language
                    Reputation:low
                    Has exited:false

                    General

                    Target ID:3
                    Start time:19:51:53
                    Start date:02/07/2024
                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                    Wow64 process (32bit):false
                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cottonaust-my.sharepoint.com/:o:/g/personal/alik_cotton_org_au/EuLPuwXgoYRMiEqYXs3_rLwB-wXPnDQH36qdcfGJf36wfQ?e=5%3a5iMFOj&at=9&xsdata=MDV8MDJ8anJvc2luZ0Bzbi5jb20uYXV8ZTM1ZDk4Mjc1MTRkNDBhYTMzNTEwOGRjOWFlNzVjZmJ8YzliYTVmZjE1MGZiNDQzYWFhNTFmOGE5NzllNmU2ZDF8MHwwfDYzODU1NTU2NTcxOTU0MzY0NHxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MHx8fA%3d%3d&sdata=MFc3WHlZbDlQVVZ4dEtjOENETThRcWo2M2JHdzVDVElrYjVkVDdERHZGYz0%3d"
                    Imagebase:0x7ff715980000
                    File size:3'242'272 bytes
                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                    Has elevated privileges:true
                    Has administrator privileges:true
                    Programmed in:C, C++ or other language
                    Reputation:low
                    Has exited:true

                    Disassembly

                    No disassembly