Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9

Overview

General Information

Sample URL:	https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9
Analysis ID:	1466757
Infos:

Detection

HTMLPhisher

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish10

HTML body contains low number of good links

HTML title does not match URL

Stores files to the Windows start menu directory

Submit button contains javascript call

Uses insecure TLS / SSL version for HTTPS connection

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 940 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6384 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 --field-trial-handle=2016,i,15795045157200504094,3472656699449798047,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 1084 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

Dropped Files

Source	Rule	Description	Author	Strings
dropped/chromecache_77	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

HTML

Source	Rule	Description	Author	Strings
0.0.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_77, type: DROPPED

Source: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9

HTTP Parser: Number of links: 0

Source: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9

HTTP Parser: Title: Sharing Link Validation does not match URL

Source: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9

HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true))

Source: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9

HTTP Parser: No <meta name="author".. found

Source: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9

HTTP Parser: No <meta name="copyright".. found

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49735 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.5:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.5:49728 version: TLS 1.2

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49735 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.43.61.160
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9 HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=uGOwVaDVQSQCpBdkqNc5yxvm33jVELtRB5xpLAgch1-8aQY5YKzdAoshrB0ev09NV2_tUKZlrSOnvNLyRrJpP1MXJLubWixpFoyHT_59rc81&t=638509456120891867 HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=fz5b1NoOmf7XpLYfpTtd_ByoO6mCDajdygxqvwvlKPX_c2MLKN2zYNpRuVXw_sjj6mhIP1WreUiw9JFK6l4KlEFAy0WTw8Ah70RyGo2fFja05yf6L2IcMFjjohlUQOxpjzDft1zzk2yft58am4GMn4nI-Qsk4fUlW5TZfGWm_vg1&t=ffffffffa8ad04d3 HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=BPZZHAzyiNzOHF1qjpHwK2Iiip7ofKYDBinOf_3u64bxXfveZFChng8J6xm7E6G_NvDbY50Zc1CRv4_5WtD44aaLkCGiLE8dRk_RjlGSaXGP_XmyQ-XsxDsM15-yMp12VEq5pkLT7xq7ssFCpIVf3erlDm1aAay2ADnDVk01TwDgXUHVPZaNK6GUm2Onifr90&t=74258c30 HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=tM6FjENUq-AqRTrG-nKjsZBvBEL_WoCNVelbcqc-AiTFC5Zr5nKgI3s8s43QwNGHROgPUGDOMk8QarIRpFk51lj7vqW3Kny7uBviSE3Oxm-jOwp-V8yjBgIlfsWxiLilJfh7gZ_QADAxWhj82eyEXJBd0dnpYVXt_pPpciWccOwqXR_NN_UkaE-brJpn4gpT0&t=74258c30 HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/microsoft-logo.png HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/microsoft-logo.png HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1Host: bombeirosamora-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: bombeirosamora-my.sharepoint.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: m365cdn.nel.measure.office.net

Source: chromecache_71.2.dr	String found in binary or memory: http://github.com/jrburke/requirejs
Source: chromecache_77.2.dr	String found in binary or memory: https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/images
Source: chromecache_80.2.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: chromecache_77.2.dr	String found in binary or memory: https://res-1.cdn.office.net
Source: chromecache_77.2.dr	String found in binary or memory: https://res-1.cdn.office.net/bld/_layouts/15/16.0.25019.12007/require.js
Source: chromecache_77.2.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/
Source: chromecache_77.2.dr	String found in binary or memory: https://res-2.cdn.office.net/files/odsp-web-prod_2024-06-14.009/
Source: chromecache_77.2.dr	String found in binary or memory: https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js

Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724

Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.5:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.5:49728 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@16/30@8/6

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 --field-trial-handle=2016,i,15795045157200504094,3472656699449798047,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 --field-trial-handle=2016,i,15795045157200504094,3472656699449798047,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk			Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	1 Scripting	Valid Accounts	Windows Management Instrumentation	1 Scripting	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Registry Run Keys / Startup Folder	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://reactjs.org/docs/error-decoder.html?invariant=	0%	URL Reputation	safe
https://bombeirosamora-my.sharepoint.com/_layouts/15/images/microsoft-logo.png	0%	Avira URL Cloud	safe
http://github.com/jrburke/requirejs	0%	Avira URL Cloud	safe
https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=tM6FjENUq-AqRTrG-nKjsZBvBEL_WoCNVelbcqc-AiTFC5Zr5nKgI3s8s43QwNGHROgPUGDOMk8QarIRpFk51lj7vqW3Kny7uBviSE3Oxm-jOwp-V8yjBgIlfsWxiLilJfh7gZ_QADAxWhj82eyEXJBd0dnpYVXt_pPpciWccOwqXR_NN_UkaE-brJpn4gpT0&t=74258c30	0%	Avira URL Cloud	safe
https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=BPZZHAzyiNzOHF1qjpHwK2Iiip7ofKYDBinOf_3u64bxXfveZFChng8J6xm7E6G_NvDbY50Zc1CRv4_5WtD44aaLkCGiLE8dRk_RjlGSaXGP_XmyQ-XsxDsM15-yMp12VEq5pkLT7xq7ssFCpIVf3erlDm1aAay2ADnDVk01TwDgXUHVPZaNK6GUm2Onifr90&t=74258c30	0%	Avira URL Cloud	safe
https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/images	0%	Avira URL Cloud	safe
https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js	0%	Avira URL Cloud	safe
https://bombeirosamora-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47	0%	Avira URL Cloud	safe
http://github.com/jrburke/requirejs	0%	Virustotal		Browse
https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js	0%	Virustotal		Browse

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
dual-spo-0005.spo-msedge.net	13.107.136.10	true	false		unknown
189324-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com	52.105.48.53	true	false		unknown
www.google.com	142.250.186.100	true	false		unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false		unknown
bombeirosamora-my.sharepoint.com	unknown	unknown	false		unknown
m365cdn.nel.measure.office.net	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://bombeirosamora-my.sharepoint.com/_layouts/15/images/microsoft-logo.png	false	Avira URL Cloud: safe	unknown
https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=BPZZHAzyiNzOHF1qjpHwK2Iiip7ofKYDBinOf_3u64bxXfveZFChng8J6xm7E6G_NvDbY50Zc1CRv4_5WtD44aaLkCGiLE8dRk_RjlGSaXGP_XmyQ-XsxDsM15-yMp12VEq5pkLT7xq7ssFCpIVf3erlDm1aAay2ADnDVk01TwDgXUHVPZaNK6GUm2Onifr90&t=74258c30	false	Avira URL Cloud: safe	unknown
https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=tM6FjENUq-AqRTrG-nKjsZBvBEL_WoCNVelbcqc-AiTFC5Zr5nKgI3s8s43QwNGHROgPUGDOMk8QarIRpFk51lj7vqW3Kny7uBviSE3Oxm-jOwp-V8yjBgIlfsWxiLilJfh7gZ_QADAxWhj82eyEXJBd0dnpYVXt_pPpciWccOwqXR_NN_UkaE-brJpn4gpT0&t=74258c30	false	Avira URL Cloud: safe	unknown
https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9	false		unknown
https://bombeirosamora-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://github.com/jrburke/requirejs	chromecache_71.2.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://bombeirosamora-my.sharepoint.com/personal/geral_comando_bombeirosamora_pt/_layouts/15/images	chromecache_77.2.dr	false	Avira URL Cloud: safe	unknown
https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js	chromecache_77.2.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://reactjs.org/docs/error-decoder.html?invariant=	chromecache_80.2.dr	false	URL Reputation: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
13.107.136.10	dual-spo-0005.spo-msedge.net	United States		8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.105.48.53	189324-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com	United States		8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
142.250.186.100	www.google.com	United States		15169	GOOGLEUS	false

Private

IP
192.168.2.8
192.168.2.5

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1466757
Start date and time:	2024-07-03 11:05:09 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 21s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.phis.win@16/30@8/6
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.131, 142.250.185.174, 64.233.184.84, 34.104.35.123, 23.38.98.98, 23.38.98.104, 23.38.98.111, 23.38.98.76, 23.38.98.102, 23.38.98.68, 23.38.98.67, 23.38.98.84, 23.38.98.103, 142.250.186.106, 142.250.186.42, 142.250.74.202, 142.250.186.138, 216.58.206.42, 142.250.185.138, 142.250.184.202, 142.250.185.170, 142.250.181.234, 142.250.185.106, 142.250.184.234, 142.250.185.202, 142.250.186.170, 172.217.18.10, 172.217.16.202, 142.250.185.234, 2.19.126.200, 2.19.126.199, 13.85.23.86, 93.184.221.240, 192.229.221.95, 20.3.187.198, 20.166.126.56, 216.58.206.35
Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, e40491.dscd.akamaiedge.net, clientservices.googleapis.com, res-1.cdn.office.net, a1894.dscb.akamai.net, wu.azureedge.net, clients2.google.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, wu-b-net.trafficmanager.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net, 189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input

Output

URL: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9 Model: Perplexity: mixtral-8x7b-instruct

{"loginform": true,"urgency": true,

Title: Sharing Link Validation OCR: OneDrive Microsoft Verify Your Identity You've received a secure link to: Urgent Request To open this secure link. we'll need you to enter the email that this item was shared to. O Enter email Next ay clicking Next you allow Associago HumanitSria 30mbeiros Mistos Amora to use your email address in accordance with their privacy statement. Associa$o HumanitSria Bombeiros Mistas de Amora has not prNided links to their terms for you to review. 2017 Microsoft Privacy & Cookies

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 08:06:09 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.981503591969161
Encrypted:	false
SSDEEP:	48:8z4pd3TvfDHpidAKZdA19ehwiZUklqehGy+3:8Ejjfdy
MD5:	1FAA1F73D027D441E3B9C486CDD93A5B
SHA1:	FEC8BA43E48D1FECFF3544F7654F9DC4128D01C1
SHA-256:	B4314A08B63215E1E0AC419D90094D3AEA4E9E04F2DACA61EDC4EA0800F406E8
SHA-512:	99C8F4F7F331D6193948D847A51B1577B2CFFCE4D4DBC7083EB4AF0840E0111882B6051A879DB1B18C0091A5EB07A7B2C15ED23BA8540CDBF1CEBD7092B88F11
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....f.>(...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.H....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.H....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.H....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.H..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.H...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........p..~.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 08:06:09 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9984289440736025
Encrypted:	false
SSDEEP:	48:8cmpd3TvfDHpidAKZdA1weh/iZUkAQkqehNy+2:8cmjjl9QQy
MD5:	B07A6A342EDABAD916ECFB50EFBE9BBF
SHA1:	C6AB9ED371967847FE5D2F2D10D0F5E5A5157B9A
SHA-256:	6E77D7F2348D17FB43988AB1DAF0D4FE57AA6FB67E3E4298C9043E931DDF0478
SHA-512:	AE888D56A7DF793A522531F16692271730735833088F1C68262B40BF026B35385FC2B53C439F0CD621F3590D7922F79B519C3E7264D14233107321A2786BC220
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....=.>(...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.H....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.H....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.H....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.H..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.H...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........p..~.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.006483303327855
Encrypted:	false
SSDEEP:	48:8xwd3TvfsHpidAKZdA14tseh7sFiZUkmgqeh7sHy+BX:8xMj4nxy
MD5:	E680D230362DACCA67FFF654A78703BD
SHA1:	BC372D03EC01BAC839117281E0E3A1BF3210CFBA
SHA-256:	433AB2ECD9F90B730BEDF690CC6437E4265C4D5B378555022336DD73045503C0
SHA-512:	7488899AC2293CD12CB3AF29508A9199A989437607E04864EAF14EE5C2A2B01E6154DE5553AA7CA01522B0C1B6601BE3A6F198DAF1DCBE209511996F83691D21
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.H....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.H....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.H....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.H..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........p..~.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 08:06:09 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.998056393034064
Encrypted:	false
SSDEEP:	48:8Rpd3TvfDHpidAKZdA1vehDiZUkwqehJy+R:8Rjjmfy
MD5:	F790DEBCF5F179007B3741841EB60FC4
SHA1:	0CAD16FBD477125E238C79572D3E6B70131DBF36
SHA-256:	99F0589478945F1A8EAF602A2388B730589533E5702FECB5F9DA2FD4018B5F87
SHA-512:	76C369EE4337A3F2C07D8E1DCD56BDC6A047D4B85DE640BBB20E58F512C4A32652E876AC434B122AADBC520AD13CF99AA03C1A1F0CD27C05ABA07718DEA3EE97
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......>(...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.H....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.H....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.H....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.H..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.H...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........p..~.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 08:06:09 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9863748470841096
Encrypted:	false
SSDEEP:	48:8mpd3TvfDHpidAKZdA1hehBiZUk1W1qehLy+C:8mjjm9ry
MD5:	69531B97CB3FABD7EDD08D4CECF8E219
SHA1:	3B218B3041EA5FCAED946481FC1F79AD27C7BDA3
SHA-256:	42D6361FB879E1ABF2A694485A26826AEFB16A0E85CC6C018031620E9BED2067
SHA-512:	A1A7554488F26B4C6F445A8AF02280B82BE8BE89DB459984E518C9F875E9FC73FCF83E2BF3CC72941117D03FCDEAD606F985D2A3A5679DE52010373B5FD6A95F
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......>(...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.H....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.H....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.H....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.H..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.H...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........p..~.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 08:06:09 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.9974332608569982
Encrypted:	false
SSDEEP:	48:8upd3TvfDHpidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbxy+yT+:8ujj4T/TbxWOvTbxy7T
MD5:	51A4B2B14A3EC1EBCBB3F94AF0D3658F
SHA1:	1E2492D42226FAD142399FACE51FC1E9B693395A
SHA-256:	EA39C203E879292AF4EBC99754DCAD45AD8B9BA10143D1D9E0F91FCAA68EEDA9
SHA-512:	0CDC8F218E5A149B1FAA5D6F17969DF4CB489E9AB2272F150BB131D0B34EA5F958EC9892BC3123BCF620A2607D3F3EF8D68B61524DE05B12FF9E18D097F27671
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....G.>(...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.H....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.H....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.H....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.H..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.H...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........p..~.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 71

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17444)
Category:	downloaded
Size (bytes):	17672
Entropy (8bit):	5.233316811547578
Encrypted:	false
SSDEEP:	384:lpLsOooX8uvFBiRh+HnEDuvvy1pqvuvDX/0ohHK9mm+tMHvVOPoQeOMmuI:QnoX8uNB2YHnEDsvy1pqvub/0iq4NMHM
MD5:	6EFDDF589864D2E146A55C01C6764A35
SHA1:	EFA8BBA46CB97877EEC5430C43F0AC32585B6B2F
SHA-256:	2D92F0CE8491D2F9A27EA16D261A15089C4A9BE879D1EEDCB6F4A3859E7F1999
SHA-512:	1AFC735660AAE010C04EF89C732D08EBA1B87BE6048164F273BEAEBECA3F30062812B4CD141DDF0291A6AB54F730875D597678A3564C0EED2AAC11E5400F951A
Malicious:	false
Reputation:	low
URL:	https://res-1.cdn.office.net/bld/_layouts/15/16.0.25019.12007/require.js
Preview:	/** vim: et:ts=4:sw=4:sts=4. * @license RequireJS 2.1.22 Copyright (c) 2010-2015, The Dojo Foundation All Rights Reserved.. * Available via the MIT or new BSD license.. * see: http://github.com/jrburke/requirejs for details. */.var requirejs,require,define;!function(global){function isFunction(e){return"[object Function]"===ostring.call(e)}function isArray(e){return"[object Array]"===ostring.call(e)}function each(e,t){if(e){var r;for(r=0;r<e.length&&(!e[r]\|\|!t(e[r],r,e));r+=1);}}function eachReverse(e,t){if(e){var r;for(r=e.length-1;r>-1&&(!e[r]\|\|!t(e[r],r,e));r-=1);}}function hasProp(e,t){return hasOwn.call(e,t)}function getOwn(e,t){return hasProp(e,t)&&e[t]}function eachProp(e,t){var r;for(r in e)if(hasProp(e,r)&&t(e[r],r))break}function mixin(e,t,r,i){return t&&eachProp(t,function(t,n){(r\|\|!hasProp(e,n))&&(!i\|\|"object"!=typeof t\|\|!t\|\|isArray(t)\|\|isFunction(t)\|\|t instanceof RegExp?e[n]=t:(e[n]\|\|(e[n]={}),mixin(e[n],t,r,i)))}),e}function bind(e,t){return function(){return t.apply(e,ar

Chrome Cache Entry: 72

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	3331
Entropy (8bit):	7.927896166439245
Encrypted:	false
SSDEEP:	96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq
MD5:	EF884BDEDEF280DF97A4C5604058D8DB
SHA1:	6F04244B51AD2409659E267D308B97E09CE9062B
SHA-256:	825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB
SHA-512:	A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......0............sRGB.........IDATx..=w....G.z..L.4fN.k\dS..._`..........r...~.F..e._.RZ.0.K.\..CB...1.{qq/..^\|.G..o.......?....Or.......y~....]..V.a.mM...M.\kH..@B`s.$"n...)!.@"b#4. !.9...7.u...hD ....T.........:EJ.4"..X........<\|.pgkk+....>~.....pju1i"b.J.&!.!...=T....k..D7.....O.<.?}......./..(.`0..!.C..'.?..e..~.....l6...._.x1rmR...$\|E...l.WKDH...f..... ...Y.0R....>...{...-..o........,...E../......_....eM.Q....@Q...w sp5.9..l.W)...Pq... .]..B..).../M.G.g....].V...5$<......Eb.9.....>LYAk.Z.k..b..]N%>}4a....4!S...t..d..<.8AH+.../r...._...!qt.:q..fR.:..KW.._...T...5..>.0!.hq.rbND\...XR.,2.uX..Q.b...wQ......g..X...F...~.....ikZE...UA....V.I!..]..Mm..R.....~k.VC.n..V.B#W...\..yI.3.....2........6c....2J....,g..5O1.s.4V2.....f..K..Obf\....;.w...\|.F>F>6_z..P.dU<.wVV......?.q.?&........O.>....l.S.upp....59.C_.......fJ.M.={v,......]Y_....n.?UF....v<.$..AD...p.....:$r =p...C.k.3....n.v..~.TGd!...l.W...s..

Chrome Cache Entry: 73

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Category:	downloaded
Size (bytes):	7886
Entropy (8bit):	3.9482833105763633
Encrypted:	false
SSDEEP:	48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E
MD5:	0B60F3C9E4DA6E807E808DA7360F24F2
SHA1:	9AFC7ABB910DE855EFB426206E547574A1E074B7
SHA-256:	ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
SHA-512:	1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
Malicious:	false
Reputation:	low
URL:	https://bombeirosamora-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47
Preview:	...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................

Chrome Cache Entry: 74

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Category:	dropped
Size (bytes):	7886
Entropy (8bit):	3.9482833105763633
Encrypted:	false
SSDEEP:	48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E
MD5:	0B60F3C9E4DA6E807E808DA7360F24F2
SHA1:	9AFC7ABB910DE855EFB426206E547574A1E074B7
SHA-256:	ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
SHA-512:	1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
Malicious:	false
Reputation:	low
Preview:	...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................

Chrome Cache Entry: 75

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3331
Entropy (8bit):	7.927896166439245
Encrypted:	false
SSDEEP:	96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq
MD5:	EF884BDEDEF280DF97A4C5604058D8DB
SHA1:	6F04244B51AD2409659E267D308B97E09CE9062B
SHA-256:	825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB
SHA-512:	A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2
Malicious:	false
Reputation:	low
URL:	https://bombeirosamora-my.sharepoint.com/_layouts/15/images/microsoft-logo.png
Preview:	.PNG........IHDR.......0............sRGB.........IDATx..=w....G.z..L.4fN.k\dS..._`..........r...~.F..e._.RZ.0.K.\..CB...1.{qq/..^\|.G..o.......?....Or.......y~....]..V.a.mM...M.\kH..@B`s.$"n...)!.@"b#4. !.9...7.u...hD ....T.........:EJ.4"..X........<\|.pgkk+....>~.....pju1i"b.J.&!.!...=T....k..D7.....O.<.?}......./..(.`0..!.C..'.?..e..~.....l6...._.x1rmR...$\|E...l.WKDH...f..... ...Y.0R....>...{...-..o........,...E../......_....eM.Q....@Q...w sp5.9..l.W)...Pq... .]..B..).../M.G.g....].V...5$<......Eb.9.....>LYAk.Z.k..b..]N%>}4a....4!S...t..d..<.8AH+.../r...._...!qt.:q..fR.:..KW.._...T...5..>.0!.hq.rbND\...XR.,2.uX..Q.b...wQ......g..X...F...~.....ikZE...UA....V.I!..]..Mm..R.....~k.VC.n..V.B#W...\..yI.3.....2........6c....2J....,g..5O1.s.4V2.....f..K..Obf\....;.w...\|.F>F>6_z..P.dU<.wVV......?.q.?&........O.>....l.S.upp....59.C_.......fJ.M.={v,......]Y_....n.?UF....v<.$..AD...p.....:$r =p...C.k.3....n.v..~.TGd!...l.W...s..

Chrome Cache Entry: 76

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	26951
Entropy (8bit):	4.514992390210281
Encrypted:	false
SSDEEP:	384:jMgviMjM4if38GmhXeC1QRwweTkBE9wbOY4Jf/JhRZ5h+73hNVt8oC4veONhLYVi:CLEiJSdo11vIYHqb5Klo8v
MD5:	B3D7A123BE5203A1A3F0F10233ED373F
SHA1:	F4C61F321D8F79A805B356C6EC94090C0D96215C
SHA-256:	EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192
SHA-512:	A01BFE8546E59C8AF83280A795B3F56DFA23D556B992813A4EB70089E80621686C7B51EE87B3109502667CAF1F95CBCA074BF607E543A0390BF6F8BB3ECD992B
Malicious:	false
Reputation:	low
URL:	https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=fz5b1NoOmf7XpLYfpTtd_ByoO6mCDajdygxqvwvlKPX_c2MLKN2zYNpRuVXw_sjj6mhIP1WreUiw9JFK6l4KlEFAy0WTw8Ah70RyGo2fFja05yf6L2IcMFjjohlUQOxpjzDft1zzk2yft58am4GMn4nI-Qsk4fUlW5TZfGWm_vg1&t=ffffffffa8ad04d3
Preview:	var Page_ValidationVer = "125";..var Page_IsValid = true;..var Page_BlockSubmit = false;..var Page_InvalidControlToBeFocused = null;..var Page_TextTypes = /^(text\|password\|file\|search\|tel\|url\|email\|number\|range\|color\|datetime\|date\|month\|week\|time\|datetime-local)$/i;..function ValidatorUpdateDisplay(val) {.. if (typeof(val.display) == "string") {.. if (val.display == "None") {.. return;.. }.. if (val.display == "Dynamic") {.. val.style.display = val.isvalid ? "none" : "inline";.. return;.. }.. }.. if ((navigator.userAgent.indexOf("Mac") > -1) &&.. (navigator.userAgent.indexOf("MSIE") > -1)) {.. val.style.display = "inline";.. }.. val.style.visibility = val.isvalid ? "hidden" : "visible";..}..function ValidatorUpdateIsValid() {.. Page_IsValid = AllValidatorsValid(Page_Validators);..}..function AllValidatorsValid(validators) {.. if ((typeof(validators) != "undefined") && (validators != null)) {

Chrome Cache Entry: 77

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (30522), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	69309
Entropy (8bit):	5.672493197204774
Encrypted:	false
SSDEEP:	1536:PlgguXE0hUnWXBOxSPSW8N6fGNNKz0t6Js2wVXUaH3o:PLuDCGeTKz0nVXUN
MD5:	563FAC679355CD9FC5214D41051166D1
SHA1:	8316B11EEB38F99BCA37DA10F57AFE5F651FBEE2
SHA-256:	95566890508FE0E2F7F7C12136FC6C35148D69605ACB5AC0451654569D48A1EC
SHA-512:	20E263A771106DA9D763FEAA6374F86C29CF12A951AF01F7D47E5C233EF99183C8A1C5BCF12FCAD296F7CB8DD1A8829E7F6083CD8294D399E6202A3F7558B7EF
Malicious:	false
Reputation:	low
URL:	https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9
Preview:	..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr">..<head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Expires" content="0" /><meta name="Robots" content="NOHTMLINDEX" /><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><link id="favicon" rel="shortcut icon" href="/_layouts/15/images/favicon.ico?rev=47" type="image/vnd.microsoft.icon" /><title>...Sharing Link Validation..</title>...<style type="text/css" media="screen, print, projection">....html{line-height:1.15;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,footer,header,nav,section{display:block}h1{font-size:2em;margin:.67em 0}figcaption,figure,ma

Chrome Cache Entry: 78

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.702819531114783
Encrypted:	false
SSDEEP:	3:H6xhkY:aQY
MD5:	858372DD32511CB4DD08E48A93B4F175
SHA1:	CE4555B7B2EFBBD644D8E34CF3453A0E8CAA3C43
SHA-256:	3D18F3E1469C83D62CF3A39BA93F8EAA5B22447FE630E59F39DC1B7747635359
SHA-512:	6A57E0D4A1C23CB693AA9312F6FDAA1FC4309B5BC91D1B2279B5792BEE3534749FD3693C19AA95E0768800472D11D438EC3116F337679A249C28BE0E038E6DE0
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAnq3J4hoa5xcRIFDfSCVyI=?alt=proto
Preview:	CgkKBw30glciGgA=

Chrome Cache Entry: 79

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (39257), with CRLF line terminators
Category:	downloaded
Size (bytes):	40326
Entropy (8bit):	5.245555585297941
Encrypted:	false
SSDEEP:	384:bvrc3TrJ1vMZCKZ4pLRy6DkfDLcbTzcXanT2rxb64aKQr1vySAwBaPUge6ydE:bTaYB4Hy7mTzcaTKStrwSAwBaPUTdE
MD5:	DA9DC1C32E89C02FC1E9EEB7E5AAB91E
SHA1:	3EFB110EFA6068CE6B586A67F87DA5125310BC30
SHA-256:	398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1
SHA-512:	D4730EBC4CA62624B8300E292F27FD79D42A9277E409545DF7DC916189ED9DF13E46FAA37E3924B85A7C7EA8C76BF65A05ECA69B4029B550430536EC6DF8552A
Malicious:	false
Reputation:	low
URL:	https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=tM6FjENUq-AqRTrG-nKjsZBvBEL_WoCNVelbcqc-AiTFC5Zr5nKgI3s8s43QwNGHROgPUGDOMk8QarIRpFk51lj7vqW3Kny7uBviSE3Oxm-jOwp-V8yjBgIlfsWxiLilJfh7gZ_QADAxWhj82eyEXJBd0dnpYVXt_pPpciWccOwqXR_NN_UkaE-brJpn4gpT0&t=74258c30
Preview:	//----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjaxWebForms.js..Type._registerScript("MicrosoftAjaxWebForms.js",["MicrosoftAjaxCore.js","MicrosoftAjaxSerialization.js","MicrosoftAjaxNetwork.js","MicrosoftAjaxComponentModel.js"]);Type.registerNamespace("Sys.WebForms");Sys.WebForms.BeginRequestEventArgs=function(c,b,a){Sys.WebForms.BeginRequestEventArgs.initializeBase(this);this._request=c;this._postBackElement=b;this._updatePanelsToUpdate=a};Sys.WebForms.BeginRequestEventArgs.prototype={get_postBackElement:function(){return this._postBackElement},get_request:function(){return this._request},get_updatePanelsToUpdate:function(){return this._updatePanelsToUpdate?Array.clone(this._updatePanelsToUpdate):[]}};Sys.WebForms.BeginRequestEventArgs.registerClass("Sys.WebForms.BeginRequestEventArgs",Sys.EventArgs);Sys.WebForms.EndRequestEventArgs=fun

Chrome Cache Entry: 80

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (37521)
Category:	downloaded
Size (bytes):	40512
Entropy (8bit):	5.386921349191213
Encrypted:	false
SSDEEP:	768:Tkv+rkfa2aH5m7UYfXLMQWGjaKEstpgG9ycj:Pr8LaZkzLM46G9
MD5:	8DCE60169BA666CA03A31D123DB49908
SHA1:	956C46BB6058C23D35440DCC656CE61C7B151399
SHA-256:	F9F5A40C01C6D569373CE61EE77849F30E4176E1310652FF17D458C68680CF75
SHA-512:	26BA15ADE0F62393413156C5061B04AA8FCE3A5A5EE06EE35DFC42D3F76AF850980731A38DCF7094711E7FAB18C80EF66C9B354C029D06FA2E846330ACCC7E9E
Malicious:	false
Reputation:	low
URL:	https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/spoguestaccesswebpack/spoguestaccess.js
Preview:	/! For license information please see spoguestaccess.js.LICENSE.txt /.document.currentScript,define("@fluentui/react-file-type-icons",[],()=>{var e;return(()=>{"use strict";var t=[e=>{var t=Object.getOwnPropertySymbols,n=Object.prototype.hasOwnProperty,a=Object.prototype.propertyIsEnumerable;function i(e){if(null==e)throw new TypeError("Object.assign cannot be called with null or undefined");return Object(e)}e.exports=function(){try{if(!Object.assign)return!1;var e=new String("abc");if(e[5]="de","5"===Object.getOwnPropertyNames(e)[0])return!1;for(var t={},n=0;n<10;n++)t["_"+String.fromCharCode(n)]=n;if("0123456789"!==Object.getOwnPropertyNames(t).map(function(e){return t[e]}).join(""))return!1;var a={};return"abcdefghijklmnopqrst".split("").forEach(function(e){a[e]=e}),"abcdefghijklmnopqrst"===Object.keys(Object.assign({},a)).join("")}catch(e){return!1}}()?Object.assign:function(e,r){for(var o,s,c=i(e),d=1;d<arguments.length;d++){for(var l in o=Object(arguments[d]))n.call(o,l)&&(c[l]

Chrome Cache Entry: 81

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, Unicode text, UTF-8 (with BOM) text
Category:	downloaded
Size (bytes):	215
Entropy (8bit):	5.292237848254463
Encrypted:	false
SSDEEP:	6:JiMVBdgqZjZWtMfgRTH1wcG1g/w6RIOOm9H8g6n:MMHdVBZWyUT+cog/N3P6
MD5:	C7BCA5070C10AF17A113F836E909607A
SHA1:	EAC76D86C849BD45AEFE582B2087138636559BD2
SHA-256:	CA9E762AD2477D5D0A44B6806FEC5D739156B35547255E7C550E07E801BEE6F6
SHA-512:	CB25FE23BB0AC8B2ABE50D64521DA26FCD16990ED9565F4F6A047DCE0B1C7F2701B2E965942BAB8E7A76E9DD184EEBEE65C6FB2808CB64FF793D1B248B54B598
Malicious:	false
Reputation:	low
URL:	https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/@uifabric/file-type-icons/lib/initializeFileTypeIcons.js
Preview:	.<?xml version="1.0" encoding="utf-8"?><Error><Code>BlobNotFound</Code><Message>The specified blob does not exist..RequestId:10d09cc2-b01e-000c-4728-cdff08000000.Time:2024-07-03T09:05:57.8677352Z</Message></Error>

Chrome Cache Entry: 82

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65329), with CRLF line terminators
Category:	downloaded
Size (bytes):	102801
Entropy (8bit):	5.336080509196147
Encrypted:	false
SSDEEP:	1536:MGLiogSomRYvoGtT+KHsVS0bT79DSsi46j/LPyR7kbE:MGLXGFKT79DSs6WCE
MD5:	C89EAA5B28DF1E17376BE71D71649173
SHA1:	2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD
SHA-256:	66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C
SHA-512:	B73D56304986CD587DA17BEBF21341B450D41861824102CC53885D863B118F6FDF2456B20791B9A7AE56DF91403F342550AF9E46F7401429FBA1D4A15A6BD3C0
Malicious:	false
Reputation:	low
URL:	https://bombeirosamora-my.sharepoint.com/ScriptResource.axd?d=BPZZHAzyiNzOHF1qjpHwK2Iiip7ofKYDBinOf_3u64bxXfveZFChng8J6xm7E6G_NvDbY50Zc1CRv4_5WtD44aaLkCGiLE8dRk_RjlGSaXGP_XmyQ-XsxDsM15-yMp12VEq5pkLT7xq7ssFCpIVf3erlDm1aAay2ADnDVk01TwDgXUHVPZaNK6GUm2Onifr90&t=74258c30
Preview:	//----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjax.js..Function.__typeName="Function";Function.__class=true;Function.createCallback=function(b,a){return function(){var e=arguments.length;if(e>0){var d=[];for(var c=0;c<e;c++)d[c]=arguments[c];d[e]=a;return b.apply(this,d)}return b.call(this,a)}};Function.createDelegate=function(a,b){return function(){return b.apply(a,arguments)}};Function.emptyFunction=Function.emptyMethod=function(){};Function.validateParameters=function(c,b,a){return Function._validateParams(c,b,a)};Function._validateParams=function(g,e,c){var a,d=e.length;c=c\|\|typeof c==="undefined";a=Function._validateParameterCount(g,e,c);if(a){a.popStackFrame();return a}for(var b=0,i=g.length;b<i;b++){var f=e[Math.min(b,d-1)],h=f.name;if(f.parameterArray)h+="["+(b-d+1)+"]";else if(!c&&b>=d)break;a=Function._validateParameter(g[b],f

Chrome Cache Entry: 83

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	23063
Entropy (8bit):	4.7535440881548165
Encrypted:	false
SSDEEP:	384:GvUzYI+Vi4g1V5it1ONhA6w+Kv8i/4CYzLKL4DrLU0iTxZTAzIzrwDlTWMClQip9:bkON69kClQq8hDRJHp2tWU25Zt/gREVG
MD5:	90EA7274F19755002360945D54C2A0D7
SHA1:	647B5D8BF7D119A2C97895363A07A0C6EB8CD284
SHA-256:	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
SHA-512:	7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07
Malicious:	false
Reputation:	low
URL:	https://bombeirosamora-my.sharepoint.com/WebResource.axd?d=uGOwVaDVQSQCpBdkqNc5yxvm33jVELtRB5xpLAgch1-8aQY5YKzdAoshrB0ev09NV2_tUKZlrSOnvNLyRrJpP1MXJLubWixpFoyHT_59rc81&t=638509456120891867
Preview:	function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) {.. this.eventTarget = eventTarget;.. this.eventArgument = eventArgument;.. this.validation = validation;.. this.validationGroup = validationGroup;.. this.actionUrl = actionUrl;.. this.trackFocus = trackFocus;.. this.clientSubmit = clientSubmit;..}..function WebForm_DoPostBackWithOptions(options) {.. var validationResult = true;.. if (options.validation) {.. if (typeof(Page_ClientValidate) == 'function') {.. validationResult = Page_ClientValidate(options.validationGroup);.. }.. }.. if (validationResult) {.. if ((typeof(options.actionUrl) != "undefined") && (options.actionUrl != null) && (options.actionUrl.length > 0)) {.. theForm.action = options.actionUrl;.. }.. if (options.trackFocus) {.. var lastFocus = theForm.elements["__LASTFOCUS"];.. if ((typeo

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jul 3, 2024 11:06:03.542718887 CEST	49674	443	192.168.2.5	23.1.237.91
Jul 3, 2024 11:06:03.545350075 CEST	49675	443	192.168.2.5	23.1.237.91
Jul 3, 2024 11:06:03.652101040 CEST	49673	443	192.168.2.5	23.1.237.91
Jul 3, 2024 11:06:09.818521976 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:09.818552971 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:09.818629026 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:09.818907022 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:09.818917036 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:09.818970919 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:09.819160938 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:09.819175959 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:09.819324970 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:09.819335938 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:10.385685921 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:10.394679070 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:10.394709110 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:10.395785093 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:10.395874977 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:10.402868032 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:10.402997971 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:10.403074980 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:10.403084040 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:10.406894922 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:10.419177055 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:10.419189930 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:10.420422077 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:10.420473099 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:10.422729015 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:10.422801971 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:10.457736969 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:10.473170042 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:10.473181009 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:10.522075891 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.011348009 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.011375904 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.011488914 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.011517048 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.011564016 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.016382933 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.016391039 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.016499043 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.016505957 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.017092943 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.017148018 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.017154932 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.017189980 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.099455118 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.099603891 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.099633932 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.101393938 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.101479053 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.101486921 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.102540970 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.102602005 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.102608919 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.104625940 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.104690075 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.104696989 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.158427000 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.184138060 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.184149981 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.184230089 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.184245110 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.185636044 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.185643911 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.185719967 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.185728073 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.186820030 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.186882019 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.186887980 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.186919928 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.186955929 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.200949907 CEST	49709	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.200965881 CEST	443	49709	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.210938931 CEST	49715	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.210993052 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.211050987 CEST	49715	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.211102009 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.211925030 CEST	49715	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.211940050 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.213610888 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.213622093 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.213677883 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.214297056 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.214308977 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.216087103 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.216095924 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.216165066 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.216639996 CEST	49718	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.216648102 CEST	443	49718	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.216696024 CEST	49718	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.217143059 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.217150927 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.217587948 CEST	49718	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.217597961 CEST	443	49718	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.252533913 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.428349972 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.430164099 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.430172920 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.430207014 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.430213928 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.430242062 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.430255890 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.432300091 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.432308912 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.432329893 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.432352066 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.432362080 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.432393074 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.473861933 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.522459984 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.522475004 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.522502899 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.522526979 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.522569895 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.522582054 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.522603989 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.522650003 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.558753967 CEST	49710	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.558784008 CEST	443	49710	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.768043995 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.768621922 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.768641949 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.769752979 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.769814014 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.772017002 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.772079945 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.772274017 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.772281885 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.777714968 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.778275967 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.778301001 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.778666973 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.779377937 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.779448032 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.780035019 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.795855045 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.796116114 CEST	49715	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.796124935 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.796502113 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.797254086 CEST	49715	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.797318935 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.797832012 CEST	49715	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.812349081 CEST	443	49718	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.812763929 CEST	49718	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.812772036 CEST	443	49718	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.813811064 CEST	443	49718	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.813895941 CEST	49718	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.815146923 CEST	49718	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.815203905 CEST	443	49718	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.815789938 CEST	49718	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.815797091 CEST	443	49718	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.816740036 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.820501089 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.844508886 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.861227036 CEST	49718	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.981158018 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.982911110 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.982919931 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.982978106 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.983000994 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.983026981 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.984147072 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.984205961 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.984217882 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.984268904 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.987771988 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.987802029 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.987840891 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.987850904 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.989211082 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.989275932 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.989284039 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.990070105 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:11.990139961 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:11.990148067 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.014502048 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.016280890 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.016290903 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.016369104 CEST	49715	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.016387939 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.016427994 CEST	49715	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.017424107 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.017493963 CEST	49715	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.027148962 CEST	49719	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:06:12.027189016 CEST	443	49719	142.250.186.100	192.168.2.5
Jul 3, 2024 11:06:12.027244091 CEST	49719	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:06:12.028018951 CEST	49719	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:06:12.028031111 CEST	443	49719	142.250.186.100	192.168.2.5
Jul 3, 2024 11:06:12.033535957 CEST	443	49718	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.033562899 CEST	443	49718	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.033617020 CEST	49718	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.033639908 CEST	443	49718	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.033685923 CEST	49718	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.034662008 CEST	443	49718	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.034729004 CEST	443	49718	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.034770012 CEST	49718	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.035937071 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.042191029 CEST	49718	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.042216063 CEST	443	49718	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.068721056 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.068803072 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.068821907 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.069726944 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.069773912 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.069782972 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.069834948 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.069844007 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.069880009 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.071439028 CEST	49717	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.071458101 CEST	443	49717	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.077876091 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.077887058 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.077944040 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.077961922 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.079655886 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.079726934 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.079736948 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.081368923 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.081428051 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.081435919 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.082998991 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.083066940 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.083074093 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.106962919 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.107039928 CEST	49715	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.107064009 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.110488892 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.110553980 CEST	49715	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.110563993 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.111777067 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.111917019 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.112029076 CEST	49715	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.112068892 CEST	49715	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.114218950 CEST	49720	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:12.114253044 CEST	443	49720	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:12.114320040 CEST	49720	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:12.115360022 CEST	49720	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:12.115372896 CEST	443	49720	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:12.117222071 CEST	49715	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.117238998 CEST	443	49715	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.129328966 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.165365934 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.165376902 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.165448904 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.165473938 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.166917086 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.166924953 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.166975975 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.166982889 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.168654919 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.168693066 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.168711901 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.168719053 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.168770075 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.170120955 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.170129061 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.170185089 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.170190096 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.170228958 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.171845913 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.171920061 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.171926022 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.173484087 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.173553944 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.173559904 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.174372911 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.174441099 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.174444914 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.174463987 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.174506903 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.177982092 CEST	49716	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.178002119 CEST	443	49716	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.672828913 CEST	443	49719	142.250.186.100	192.168.2.5
Jul 3, 2024 11:06:12.680636883 CEST	49719	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:06:12.680672884 CEST	443	49719	142.250.186.100	192.168.2.5
Jul 3, 2024 11:06:12.681777000 CEST	443	49719	142.250.186.100	192.168.2.5
Jul 3, 2024 11:06:12.681906939 CEST	49719	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:06:12.739418030 CEST	49719	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:06:12.739552021 CEST	443	49719	142.250.186.100	192.168.2.5
Jul 3, 2024 11:06:12.785828114 CEST	49719	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:06:12.785852909 CEST	443	49719	142.250.186.100	192.168.2.5
Jul 3, 2024 11:06:12.807008982 CEST	49722	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.807019949 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.807399988 CEST	49722	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.807811975 CEST	49722	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:12.807823896 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:12.831588030 CEST	49719	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:06:13.001811028 CEST	443	49720	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:13.007617950 CEST	49720	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:13.007631063 CEST	443	49720	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:13.008825064 CEST	443	49720	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:13.009013891 CEST	49720	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:13.016433001 CEST	49720	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:13.016541004 CEST	443	49720	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:13.017132044 CEST	49720	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:13.017143011 CEST	443	49720	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:13.067616940 CEST	49720	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:13.142380953 CEST	49675	443	192.168.2.5	23.1.237.91
Jul 3, 2024 11:06:13.142479897 CEST	49674	443	192.168.2.5	23.1.237.91
Jul 3, 2024 11:06:13.261791945 CEST	443	49720	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:13.261814117 CEST	443	49720	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:13.262130022 CEST	443	49720	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:13.262160063 CEST	49720	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:13.267241001 CEST	49673	443	192.168.2.5	23.1.237.91
Jul 3, 2024 11:06:13.267307997 CEST	49720	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:13.380290031 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:13.403634071 CEST	49722	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:13.403676987 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:13.404489040 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:13.405163050 CEST	49722	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:13.405342102 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:13.405654907 CEST	49722	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:13.409043074 CEST	49720	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:13.409070969 CEST	443	49720	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:13.429017067 CEST	49724	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:13.429058075 CEST	443	49724	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:13.429461002 CEST	49724	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:13.435170889 CEST	49724	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:13.435188055 CEST	443	49724	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:13.448513031 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:13.454758883 CEST	49722	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:13.603708029 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:13.603733063 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:13.603785038 CEST	49722	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:13.603807926 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:13.603849888 CEST	49722	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:13.604427099 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:13.604434967 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:13.604470968 CEST	49722	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:13.604629993 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:13.604693890 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:13.604727030 CEST	49722	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:13.668936014 CEST	49722	443	192.168.2.5	13.107.136.10
Jul 3, 2024 11:06:13.668962002 CEST	443	49722	13.107.136.10	192.168.2.5
Jul 3, 2024 11:06:14.110183954 CEST	443	49724	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:14.110270023 CEST	49724	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:14.114455938 CEST	49724	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:14.114470005 CEST	443	49724	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:14.114715099 CEST	443	49724	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:14.163001060 CEST	49724	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:14.171530962 CEST	49724	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:14.212516069 CEST	443	49724	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:14.374691963 CEST	443	49724	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:14.374761105 CEST	443	49724	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:14.374804974 CEST	49724	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:14.374922991 CEST	49724	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:14.374948025 CEST	443	49724	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:14.374958038 CEST	49724	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:14.374965906 CEST	443	49724	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:14.424421072 CEST	49726	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:14.424459934 CEST	443	49726	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:14.424526930 CEST	49726	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:14.424948931 CEST	49726	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:14.424969912 CEST	443	49726	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:14.438997030 CEST	49728	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:14.439039946 CEST	443	49728	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:14.439099073 CEST	49728	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:14.466252089 CEST	49728	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:14.466279030 CEST	443	49728	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:14.907038927 CEST	443	49703	23.1.237.91	192.168.2.5
Jul 3, 2024 11:06:14.907238960 CEST	49703	443	192.168.2.5	23.1.237.91
Jul 3, 2024 11:06:15.127315998 CEST	443	49728	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:15.127485037 CEST	49728	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:15.138384104 CEST	49728	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:15.138413906 CEST	443	49728	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:15.138720036 CEST	443	49728	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:15.141232014 CEST	49728	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:15.184510946 CEST	443	49728	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:15.217586994 CEST	443	49726	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:15.218354940 CEST	49726	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:15.218389034 CEST	443	49726	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:15.218703032 CEST	443	49726	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:15.220295906 CEST	49726	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:15.220376968 CEST	443	49726	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:15.220566034 CEST	49726	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:15.264506102 CEST	443	49726	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:15.401751041 CEST	443	49728	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:15.401818991 CEST	443	49728	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:15.401915073 CEST	49728	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:15.445168018 CEST	49728	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:15.445204973 CEST	443	49728	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:15.445240021 CEST	49728	443	192.168.2.5	23.43.61.160
Jul 3, 2024 11:06:15.445247889 CEST	443	49728	23.43.61.160	192.168.2.5
Jul 3, 2024 11:06:15.546807051 CEST	443	49726	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:15.546837091 CEST	443	49726	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:15.546931028 CEST	49726	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:15.546938896 CEST	443	49726	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:15.547013998 CEST	49726	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:15.547894955 CEST	49726	443	192.168.2.5	52.105.48.53
Jul 3, 2024 11:06:15.547919989 CEST	443	49726	52.105.48.53	192.168.2.5
Jul 3, 2024 11:06:22.578334093 CEST	443	49719	142.250.186.100	192.168.2.5
Jul 3, 2024 11:06:22.578399897 CEST	443	49719	142.250.186.100	192.168.2.5
Jul 3, 2024 11:06:22.578502893 CEST	49719	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:06:24.290069103 CEST	49719	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:06:24.290106058 CEST	443	49719	142.250.186.100	192.168.2.5
Jul 3, 2024 11:06:26.151884079 CEST	49703	443	192.168.2.5	23.1.237.91
Jul 3, 2024 11:06:26.152007103 CEST	49703	443	192.168.2.5	23.1.237.91
Jul 3, 2024 11:06:26.152539968 CEST	49735	443	192.168.2.5	23.1.237.91
Jul 3, 2024 11:06:26.152636051 CEST	443	49735	23.1.237.91	192.168.2.5
Jul 3, 2024 11:06:26.152710915 CEST	49735	443	192.168.2.5	23.1.237.91
Jul 3, 2024 11:06:26.153018951 CEST	49735	443	192.168.2.5	23.1.237.91
Jul 3, 2024 11:06:26.153033018 CEST	443	49735	23.1.237.91	192.168.2.5
Jul 3, 2024 11:06:26.156774998 CEST	443	49703	23.1.237.91	192.168.2.5
Jul 3, 2024 11:06:26.156790018 CEST	443	49703	23.1.237.91	192.168.2.5
Jul 3, 2024 11:06:26.774148941 CEST	443	49735	23.1.237.91	192.168.2.5
Jul 3, 2024 11:06:26.774245977 CEST	49735	443	192.168.2.5	23.1.237.91
Jul 3, 2024 11:06:45.934643984 CEST	443	49735	23.1.237.91	192.168.2.5
Jul 3, 2024 11:06:45.934741020 CEST	49735	443	192.168.2.5	23.1.237.91
Jul 3, 2024 11:07:12.066873074 CEST	49740	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:07:12.066967010 CEST	443	49740	142.250.186.100	192.168.2.5
Jul 3, 2024 11:07:12.067063093 CEST	49740	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:07:12.079241037 CEST	49740	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:07:12.079262018 CEST	443	49740	142.250.186.100	192.168.2.5
Jul 3, 2024 11:07:12.730182886 CEST	443	49740	142.250.186.100	192.168.2.5
Jul 3, 2024 11:07:12.730910063 CEST	49740	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:07:12.730926991 CEST	443	49740	142.250.186.100	192.168.2.5
Jul 3, 2024 11:07:12.731255054 CEST	443	49740	142.250.186.100	192.168.2.5
Jul 3, 2024 11:07:12.731668949 CEST	49740	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:07:12.731735945 CEST	443	49740	142.250.186.100	192.168.2.5
Jul 3, 2024 11:07:12.783796072 CEST	49740	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:07:22.633694887 CEST	443	49740	142.250.186.100	192.168.2.5
Jul 3, 2024 11:07:22.633758068 CEST	443	49740	142.250.186.100	192.168.2.5
Jul 3, 2024 11:07:22.633909941 CEST	49740	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:07:24.285620928 CEST	49740	443	192.168.2.5	142.250.186.100
Jul 3, 2024 11:07:24.285655022 CEST	443	49740	142.250.186.100	192.168.2.5

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jul 3, 2024 11:06:08.079169035 CEST	53	63783	1.1.1.1	192.168.2.5
Jul 3, 2024 11:06:08.144959927 CEST	53	50491	1.1.1.1	192.168.2.5
Jul 3, 2024 11:06:09.203687906 CEST	53	63632	1.1.1.1	192.168.2.5
Jul 3, 2024 11:06:09.762794971 CEST	62648	53	192.168.2.5	1.1.1.1
Jul 3, 2024 11:06:09.764296055 CEST	54261	53	192.168.2.5	1.1.1.1
Jul 3, 2024 11:06:12.014867067 CEST	52215	53	192.168.2.5	1.1.1.1
Jul 3, 2024 11:06:12.015923977 CEST	64268	53	192.168.2.5	1.1.1.1
Jul 3, 2024 11:06:12.022152901 CEST	53	52215	1.1.1.1	192.168.2.5
Jul 3, 2024 11:06:12.024828911 CEST	53	64268	1.1.1.1	192.168.2.5
Jul 3, 2024 11:06:12.061254025 CEST	50641	53	192.168.2.5	1.1.1.1
Jul 3, 2024 11:06:12.061583996 CEST	57296	53	192.168.2.5	1.1.1.1
Jul 3, 2024 11:06:12.812566042 CEST	53	61635	1.1.1.1	192.168.2.5
Jul 3, 2024 11:06:13.882991076 CEST	53491	53	192.168.2.5	1.1.1.1
Jul 3, 2024 11:06:13.883161068 CEST	61335	53	192.168.2.5	1.1.1.1
Jul 3, 2024 11:06:26.136634111 CEST	53	60329	1.1.1.1	192.168.2.5
Jul 3, 2024 11:06:45.235547066 CEST	53	64432	1.1.1.1	192.168.2.5
Jul 3, 2024 11:07:07.684607029 CEST	53	60037	1.1.1.1	192.168.2.5
Jul 3, 2024 11:07:08.292119980 CEST	53	51084	1.1.1.1	192.168.2.5

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Jul 3, 2024 11:06:09.830682039 CEST	192.168.2.5	1.1.1.1	c36d	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jul 3, 2024 11:06:09.762794971 CEST	192.168.2.5	1.1.1.1	0x5f7b	Standard query (0)	bombeirosamora-my.sharepoint.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 11:06:09.764296055 CEST	192.168.2.5	1.1.1.1	0x44db	Standard query (0)	bombeirosamora-my.sharepoint.com	65	IN (0x0001)	false
Jul 3, 2024 11:06:12.014867067 CEST	192.168.2.5	1.1.1.1	0x968b	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 11:06:12.015923977 CEST	192.168.2.5	1.1.1.1	0xc6e1	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jul 3, 2024 11:06:12.061254025 CEST	192.168.2.5	1.1.1.1	0x6ae1	Standard query (0)	bombeirosamora-my.sharepoint.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 11:06:12.061583996 CEST	192.168.2.5	1.1.1.1	0x7acb	Standard query (0)	bombeirosamora-my.sharepoint.com	65	IN (0x0001)	false
Jul 3, 2024 11:06:13.882991076 CEST	192.168.2.5	1.1.1.1	0x354d	Standard query (0)	m365cdn.nel.measure.office.net	A (IP address)	IN (0x0001)	false
Jul 3, 2024 11:06:13.883161068 CEST	192.168.2.5	1.1.1.1	0x175d	Standard query (0)	m365cdn.nel.measure.office.net	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jul 3, 2024 11:06:09.806917906 CEST	1.1.1.1	192.168.2.5	0x5f7b	No error (0)	bombeirosamora-my.sharepoint.com	bombeirosamora.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:09.806917906 CEST	1.1.1.1	192.168.2.5	0x5f7b	No error (0)	bombeirosamora.sharepoint.com	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:09.806917906 CEST	1.1.1.1	192.168.2.5	0x5f7b	No error (0)	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:09.806917906 CEST	1.1.1.1	192.168.2.5	0x5f7b	No error (0)	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:09.806917906 CEST	1.1.1.1	192.168.2.5	0x5f7b	No error (0)	189324-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.net	dual-spo-0005.spo-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:09.806917906 CEST	1.1.1.1	192.168.2.5	0x5f7b	No error (0)	dual-spo-0005.spo-msedge.net		13.107.136.10	A (IP address)	IN (0x0001)	false
Jul 3, 2024 11:06:09.806917906 CEST	1.1.1.1	192.168.2.5	0x5f7b	No error (0)	dual-spo-0005.spo-msedge.net		13.107.138.10	A (IP address)	IN (0x0001)	false
Jul 3, 2024 11:06:09.830563068 CEST	1.1.1.1	192.168.2.5	0x44db	No error (0)	bombeirosamora-my.sharepoint.com	bombeirosamora.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:09.830563068 CEST	1.1.1.1	192.168.2.5	0x44db	No error (0)	bombeirosamora.sharepoint.com	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:09.830563068 CEST	1.1.1.1	192.168.2.5	0x44db	No error (0)	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:09.830563068 CEST	1.1.1.1	192.168.2.5	0x44db	No error (0)	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:12.022152901 CEST	1.1.1.1	192.168.2.5	0x968b	No error (0)	www.google.com		142.250.186.100	A (IP address)	IN (0x0001)	false
Jul 3, 2024 11:06:12.024828911 CEST	1.1.1.1	192.168.2.5	0xc6e1	No error (0)	www.google.com			65	IN (0x0001)	false
Jul 3, 2024 11:06:12.111746073 CEST	1.1.1.1	192.168.2.5	0x6ae1	No error (0)	bombeirosamora-my.sharepoint.com	bombeirosamora.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:12.111746073 CEST	1.1.1.1	192.168.2.5	0x6ae1	No error (0)	bombeirosamora.sharepoint.com	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:12.111746073 CEST	1.1.1.1	192.168.2.5	0x6ae1	No error (0)	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:12.111746073 CEST	1.1.1.1	192.168.2.5	0x6ae1	No error (0)	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:12.111746073 CEST	1.1.1.1	192.168.2.5	0x6ae1	No error (0)	189324-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.net	189324-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:12.111746073 CEST	1.1.1.1	192.168.2.5	0x6ae1	No error (0)	189324-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com		52.105.48.53	A (IP address)	IN (0x0001)	false
Jul 3, 2024 11:06:12.111838102 CEST	1.1.1.1	192.168.2.5	0x7acb	No error (0)	bombeirosamora-my.sharepoint.com	bombeirosamora.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:12.111838102 CEST	1.1.1.1	192.168.2.5	0x7acb	No error (0)	bombeirosamora.sharepoint.com	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:12.111838102 CEST	1.1.1.1	192.168.2.5	0x7acb	No error (0)	13988-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:12.111838102 CEST	1.1.1.1	192.168.2.5	0x7acb	No error (0)	189324-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com	189324-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:13.891762018 CEST	1.1.1.1	192.168.2.5	0x354d	No error (0)	m365cdn.nel.measure.office.net	nel.measure.office.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:13.892365932 CEST	1.1.1.1	192.168.2.5	0x175d	No error (0)	m365cdn.nel.measure.office.net	nel.measure.office.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:25.480424881 CEST	1.1.1.1	192.168.2.5	0xd9c2	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:25.480424881 CEST	1.1.1.1	192.168.2.5	0xd9c2	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Jul 3, 2024 11:06:39.463249922 CEST	1.1.1.1	192.168.2.5	0x331f	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:06:39.463249922 CEST	1.1.1.1	192.168.2.5	0x331f	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Jul 3, 2024 11:07:00.343599081 CEST	1.1.1.1	192.168.2.5	0xc59c	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:07:00.343599081 CEST	1.1.1.1	192.168.2.5	0xc59c	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Jul 3, 2024 11:07:20.878748894 CEST	1.1.1.1	192.168.2.5	0x7803	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 11:07:20.878748894 CEST	1.1.1.1	192.168.2.5	0x7803	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

bombeirosamora-my.sharepoint.com

https:

fs.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.5	49709	13.107.136.10	443	6384	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 09:06:10 UTC	786	OUT	GET /:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9 HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 09:06:11 UTC	1979	IN	HTTP/1.1 200 OK Cache-Control: private Content-Length: 69309 Content-Type: text/html; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,525568,0,0,23753,0,30601,73 X-SharePointHealthScore: 0 X-AspNet-Version: 4.0.30319 X-DataBoundary: EU X-1DSCollectorUrl: https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://eu-mobile.events.data.microsoft.com/Collector/3.0 SPRequestGuid: 4fa038a1-f05c-9000-3e72-7f4990e87e22 request-id: 4fa038a1-f05c-9000-3e72-7f4990e87e22 MS-CV: oTigT1zwAJA+cn9JkOh+Ig.0 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=a052bb68-5e9e-40d5-ab74-d809f6766aa6&destinationEndpoint=Edge-Prod-EWR31r5a&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com .powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com; SPRequestDuration: 399 SPIisLatency: 4 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 1E4D08450B09495783620D1ADA328203 Ref B: EWR311000101021 Ref C: 2024-07-03T09:06:10Z Date: Wed, 03 Jul 2024 09:06:10 GMT Connection: close
2024-07-03 09:06:11 UTC	2106	IN	Data Raw: 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3a 6f 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 6d 69 63 72 6f 73 6f 66 74 2d 63 6f 6d 3a 6f 66 66 69 63 65 3a 6f 66 66 69 63 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 75 73 22 20 64 69 72 3d 22 6c 74 72 22 3e 0d 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 47 45 4e 45 52 41 54 4f 52 22 20 63 6f 6e 74 65 6e 74 3d 22 4d 69 63 72 6f 73 6f 66 74 20 53 68 61 72 65 50 6f 69 6e 74 22 20 2f Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr"><head><meta name="GENERATOR" content="Microsoft SharePoint" /
2024-07-03 09:06:11 UTC	8192	IN	Data Raw: 65 72 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 30 7d 5b 74 79 70 65 3d 62 75 74 74 6f 6e 5d 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 72 69 6e 67 2c 5b 74 79 70 65 3d 72 65 73 65 74 5d 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 72 69 6e 67 2c 5b 74 79 70 65 3d 73 75 62 6d 69 74 5d 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 72 69 6e 67 2c 62 75 74 74 6f 6e 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 72 69 6e 67 7b 6f 75 74 6c 69 6e 65 3a 31 70 78 20 64 6f 74 74 65 64 20 42 75 74 74 6f 6e 54 65 78 74 7d 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 2e 33 35 65 6d 20 2e 37 35 65 6d 20 2e 36 32 35 65 6d 7d 6c 65 67 65 6e 64 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 64 69 73 70 6c 61 79 3a 74 61 62 6c 65 3b Data Ascii: er-style:none;padding:0}[type=button]:-moz-focusring,[type=reset]:-moz-focusring,[type=submit]:-moz-focusring,button:-moz-focusring{outline:1px dotted ButtonText}fieldset{padding:.35em .75em .625em}legend{box-sizing:border-box;color:inherit;display:table;
2024-07-03 09:06:11 UTC	4151	IN	Data Raw: 30 20 38 70 78 7d 2e 6e 6f 74 69 66 69 63 61 74 69 6f 6e 20 73 70 61 6e 7b 66 6c 65 78 3a 31 20 31 20 31 30 30 25 7d 69 6e 70 75 74 3a 3a 2d 77 65 62 6b 69 74 2d 69 6e 6e 65 72 2d 73 70 69 6e 2d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 3a 3a 2d 77 65 62 6b 69 74 2d 6f 75 74 65 72 2d 73 70 69 6e 2d 62 75 74 74 6f 6e 7b 6d 61 72 67 69 6e 3a 30 3b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 7d 69 6e 70 75 74 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 7b 2d 6d 6f 7a 2d 61 70 70 65 61 72 61 6e 63 65 3a 74 65 78 74 66 69 65 6c 64 7d 69 6e 70 75 74 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 3a 3a 2d 6d 73 2d 63 6c 65 61 72 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 64 65 73 6b 74 6f 70 2d 6c 6f 67 6f 7b 6d 61 72 67 69 6e 3a 35 37 70 78 20 30 20 32 Data Ascii: 0 8px}.notification span{flex:1 1 100%}input::-webkit-inner-spin-button,input::-webkit-outer-spin-button{margin:0;-webkit-appearance:none}input[type=number]{-moz-appearance:textfield}input[type=number]::-ms-clear{display:none}.desktop-logo{margin:57px 0 2
2024-07-03 09:06:11 UTC	8192	IN	Data Raw: 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 20 2f 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 6e 6f 6e 63 65 3d 22 65 31 64 32 33 39 39 33 2d 36 36 35 34 2d 34 34 39 35 2d 39 62 33 33 2d 62 37 32 65 39 33 31 32 63 36 38 36 22 3e 0d 0a 09 09 21 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 27 50 65 72 66 6f 72 6d 61 6e 63 65 4c 6f 6e 67 54 61 73 6b 54 69 6d 69 6e 67 27 20 69 6e 20 77 69 6e 64 6f 77 29 7b 76 61 72 20 67 3d 77 69 6e 64 6f 77 2e 5f 5f 74 74 69 3d 7b 65 3a 5b 5d 7d 3b 67 2e 6f 3d 6e 65 77 20 50 65 72 66 6f 72 6d 61 6e 63 65 4f 62 73 65 72 76 65 72 28 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 67 2e 65 3d 67 2e 65 2e 63 6f 6e 63 61 74 28 6c 2e 67 65 74 45 6e 74 72 Data Ascii: .cdn.office.net" crossorigin /><script type="text/javascript" nonce="e1d23993-6654-4495-9b33-b72e9312c686">!function(){if('PerformanceLongTaskTiming' in window){var g=window.__tti={e:[]};g.o=new PerformanceObserver(function(l){g.e=g.e.concat(l.getEntr
2024-07-03 09:06:11 UTC	8192	IN	Data Raw: 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 74 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 74 29 3a 65 2e 45 53 36 50 72 6f 6d 69 73 65 3d 74 28 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 63 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 7d 66 75 6e 63 74 69 6f 6e 20 74 28 29 7b 76 61 72 20 65 3d 73 65 74 54 69 6d 65 6f 75 74 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 Data Ascii: ==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):e.ES6Promise=t()}(this,function(){"use strict";function c(e){return"function"==typeof e}function t(){var e=setTimeout;return function(){return
2024-07-03 09:06:11 UTC	8192	IN	Data Raw: 65 26 26 21 69 73 46 75 6e 63 74 69 6f 6e 28 72 65 71 75 69 72 65 29 29 7b 63 66 67 3d 72 65 71 75 69 72 65 3b 72 65 71 75 69 72 65 3d 76 6f 69 64 20 30 7d 72 65 71 3d 72 65 71 75 69 72 65 6a 73 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 2c 6e 29 7b 76 61 72 20 69 2c 6f 2c 73 3d 64 65 66 43 6f 6e 74 65 78 74 4e 61 6d 65 3b 69 66 28 21 69 73 41 72 72 61 79 28 65 29 26 26 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 29 7b 6f 3d 65 3b 69 66 28 69 73 41 72 72 61 79 28 74 29 29 7b 65 3d 74 3b 74 3d 72 3b 72 3d 6e 7d 65 6c 73 65 20 65 3d 5b 5d 7d 6f 26 26 6f 2e 63 6f 6e 74 65 78 74 26 26 28 73 3d 6f 2e 63 6f 6e 74 65 78 74 29 3b 69 3d 28 69 3d 67 65 74 4f 77 6e 28 63 6f 6e 74 65 78 74 73 2c 73 29 29 7c 7c 28 63 6f 6e 74 65 78 74 73 5b 73 5d 3d 72 65 Data Ascii: e&&!isFunction(require)){cfg=require;require=void 0}req=requirejs=function(e,t,r,n){var i,o,s=defContextName;if(!isArray(e)&&"string"!=typeof e){o=e;if(isArray(t)){e=t;t=r;r=n}else e=[]}o&&o.context&&(s=o.context);i=(i=getOwn(contexts,s))\|\|(contexts[s]=re
2024-07-03 09:06:11 UTC	8192	IN	Data Raw: 29 29 3b 69 66 28 74 29 7b 74 2e 72 65 71 75 69 72 65 4d 61 70 3d 74 68 69 73 2e 6d 61 70 3b 74 2e 72 65 71 75 69 72 65 4d 6f 64 75 6c 65 73 3d 74 68 69 73 2e 6d 61 70 2e 69 73 44 65 66 69 6e 65 3f 5b 74 68 69 73 2e 6d 61 70 2e 69 64 5d 3a 6e 75 6c 6c 3b 74 2e 72 65 71 75 69 72 65 54 79 70 65 3d 74 68 69 73 2e 6d 61 70 2e 69 73 44 65 66 69 6e 65 3f 22 64 65 66 69 6e 65 22 3a 22 72 65 71 75 69 72 65 22 3b 72 65 74 75 72 6e 20 6a 28 74 68 69 73 2e 65 72 72 6f 72 3d 74 29 7d 7d 65 6c 73 65 20 69 3d 6f 3b 74 68 69 73 2e 65 78 70 6f 72 74 73 3d 69 3b 69 66 28 74 68 69 73 2e 6d 61 70 2e 69 73 44 65 66 69 6e 65 26 26 21 74 68 69 73 2e 69 67 6e 6f 72 65 29 7b 6d 5b 72 5d 3d 69 3b 69 66 28 72 65 71 2e 6f 6e 52 65 73 6f 75 72 63 65 4c 6f 61 64 29 7b 76 61 72 20 73 Data Ascii: ));if(t){t.requireMap=this.map;t.requireModules=this.map.isDefine?[this.map.id]:null;t.requireType=this.map.isDefine?"define":"require";return j(this.error=t)}}else i=o;this.exports=i;if(this.map.isDefine&&!this.ignore){m[r]=i;if(req.onResourceLoad){var s
2024-07-03 09:06:11 UTC	8192	IN	Data Raw: 63 6b 3a 20 5b 5d 2c 0d 0a 20 20 20 20 6f 6e 50 61 74 68 46 61 6c 6c 62 61 63 6b 3a 20 66 75 6e 63 74 69 6f 6e 20 28 6d 6f 64 75 6c 65 49 64 2c 20 70 61 74 68 73 29 20 7b 0d 0a 20 20 20 20 20 20 76 61 72 20 66 61 69 6c 65 64 4d 6f 64 75 6c 65 73 20 3d 20 66 61 69 6c 4f 76 65 72 53 74 61 74 65 2e 6d 6f 64 75 6c 65 73 46 61 6c 6c 65 64 42 61 63 6b 3b 0d 0a 20 20 20 20 20 20 66 61 69 6c 65 64 4d 6f 64 75 6c 65 73 2e 70 75 73 68 28 6d 6f 64 75 6c 65 49 64 29 3b 0d 0a 20 20 20 20 20 20 69 66 20 28 21 66 61 69 6c 4f 76 65 72 53 74 61 74 65 2e 62 61 73 65 55 72 6c 46 61 69 6c 65 64 4f 76 65 72 20 26 26 20 66 61 69 6c 65 64 4d 6f 64 75 6c 65 73 2e 6c 65 6e 67 74 68 20 3e 3d 20 32 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 66 6f 72 20 28 76 61 72 20 69 64 20 69 6e 20 Data Ascii: ck: [], onPathFallback: function (moduleId, paths) { var failedModules = failOverState.modulesFalledBack; failedModules.push(moduleId); if (!failOverState.baseUrlFailedOver && failedModules.length >= 2) { for (var id in
2024-07-03 09:06:11 UTC	8192	IN	Data Raw: 4e 47 48 52 4f 67 50 55 47 44 4f 4d 6b 38 51 61 72 49 52 70 46 6b 35 31 6c 6a 37 76 71 57 33 4b 6e 79 37 75 42 76 69 53 45 33 4f 78 6d 2d 6a 4f 77 70 2d 56 38 79 6a 42 67 49 6c 66 73 57 78 69 4c 69 6c 4a 66 68 37 67 5a 5f 51 41 44 41 78 57 68 6a 38 32 65 79 45 58 4a 42 64 30 64 6e 70 59 56 58 74 5f 70 50 70 63 69 57 63 63 4f 77 71 58 52 5f 4e 4e 5f 55 6b 61 45 2d 62 72 4a 70 6e 34 67 70 54 30 26 61 6d 70 3b 74 3d 37 34 32 35 38 63 33 30 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0d 0a 2f 2f 3c 21 5b 43 44 41 54 41 5b 0d 0a 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 4f 6e 53 75 62 6d 69 74 28 Data Ascii: NGHROgPUGDOMk8QarIRpFk51lj7vqW3Kny7uBviSE3Oxm-jOwp-V8yjBgIlfsWxiLilJfh7gZ_QADAxWhj82eyEXJBd0dnpYVXt_pPpciWccOwqXR_NN_UkaE-brJpn4gpT0&t=74258c30" type="text/javascript"></script><script type="text/javascript">//<![CDATA[function WebForm_OnSubmit(
2024-07-03 09:06:11 UTC	5708	IN	Data Raw: 61 69 6c 22 3b 0d 0a 09 56 61 6c 69 64 61 74 65 54 4f 41 41 45 4d 61 69 6c 2e 66 6f 63 75 73 4f 6e 45 72 72 6f 72 20 3d 20 22 74 22 3b 0d 0a 09 56 61 6c 69 64 61 74 65 54 4f 41 41 45 4d 61 69 6c 2e 65 72 72 6f 72 6d 65 73 73 61 67 65 20 3d 20 22 59 6f 75 72 20 65 6d 61 69 6c 20 61 64 64 72 65 73 73 20 6d 75 73 74 20 62 65 20 69 6e 20 74 68 65 20 63 6f 72 72 65 63 74 20 65 6d 61 69 6c 20 66 6f 72 6d 61 74 20 28 65 2e 67 2e 20 5c 22 75 73 65 72 40 63 6f 6e 74 6f 73 6f 2e 63 6f 6d 5c 22 29 22 3b 0d 0a 09 56 61 6c 69 64 61 74 65 54 4f 41 41 45 4d 61 69 6c 2e 64 69 73 70 6c 61 79 20 3d 20 22 44 79 6e 61 6d 69 63 22 3b 0d 0a 09 56 61 6c 69 64 61 74 65 54 4f 41 41 45 4d 61 69 6c 2e 65 76 61 6c 75 61 74 69 6f 6e 66 75 6e 63 74 69 6f 6e 20 3d 20 22 52 65 67 75 6c Data Ascii: ail";ValidateTOAAEMail.focusOnError = "t";ValidateTOAAEMail.errormessage = "Your email address must be in the correct email format (e.g. \"user@contoso.com\")";ValidateTOAAEMail.display = "Dynamic";ValidateTOAAEMail.evaluationfunction = "Regul

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.5	49710	13.107.136.10	443	6384	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 09:06:11 UTC	807	OUT	GET /WebResource.axd?d=uGOwVaDVQSQCpBdkqNc5yxvm33jVELtRB5xpLAgch1-8aQY5YKzdAoshrB0ev09NV2_tUKZlrSOnvNLyRrJpP1MXJLubWixpFoyHT_59rc81&t=638509456120891867 HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 09:06:11 UTC	754	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 23063 Content-Type: application/x-javascript Expires: Thu, 03 Jul 2025 00:01:58 GMT Last-Modified: Fri, 10 May 2024 20:46:52 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,525568,0,0,38196,0,65542,33 X-AspNet-Version: 4.0.30319 SPRequestDuration: 3 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: B15ED8F376FA4150AE3FF125F8DAF341 Ref B: EWR311000102053 Ref C: 2024-07-03T09:06:11Z Date: Wed, 03 Jul 2024 09:06:10 GMT Connection: close
2024-07-03 09:06:11 UTC	110	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 50 6f 73 74 42 61 63 6b 4f 70 74 69 6f 6e 73 28 65 76 65 6e 74 54 61 72 67 65 74 2c 20 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 2c 20 76 61 6c 69 64 61 74 69 6f 6e 2c 20 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 2c 20 61 63 74 69 6f 6e 55 72 6c 2c 20 74 72 61 63 6b 46 6f 63 75 Data Ascii: function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocu
2024-07-03 09:06:11 UTC	8192	IN	Data Raw: 73 2c 20 63 6c 69 65 6e 74 53 75 62 6d 69 74 29 20 7b 0d 0a 20 20 20 20 74 68 69 73 2e 65 76 65 6e 74 54 61 72 67 65 74 20 3d 20 65 76 65 6e 74 54 61 72 67 65 74 3b 0d 0a 20 20 20 20 74 68 69 73 2e 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 20 3d 20 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 3b 0d 0a 20 20 20 20 74 68 69 73 2e 76 61 6c 69 64 61 74 69 6f 6e 20 3d 20 76 61 6c 69 64 61 74 69 6f 6e 3b 0d 0a 20 20 20 20 74 68 69 73 2e 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 20 3d 20 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 3b 0d 0a 20 20 20 20 74 68 69 73 2e 61 63 74 69 6f 6e 55 72 6c 20 3d 20 61 63 74 69 6f 6e 55 72 6c 3b 0d 0a 20 20 20 20 74 68 69 73 2e 74 72 61 63 6b 46 6f 63 75 73 20 3d 20 74 72 61 63 6b 46 6f 63 75 73 3b 0d 0a 20 20 20 20 74 68 69 73 2e Data Ascii: s, clientSubmit) { this.eventTarget = eventTarget; this.eventArgument = eventArgument; this.validation = validation; this.validationGroup = validationGroup; this.actionUrl = actionUrl; this.trackFocus = trackFocus; this.
2024-07-03 09:06:11 UTC	7450	IN	Data Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 63 61 6c 6c 62 61 63 6b 49 6e 64 65 78 46 69 65 6c 64 45 6c 65 6d 65 6e 74 20 3d 20 78 6d 6c 52 65 71 75 65 73 74 46 72 61 6d 65 2e 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 49 4e 50 55 54 22 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 61 6c 6c 62 61 63 6b 49 6e 64 65 78 46 69 65 6c 64 45 6c 65 6d 65 6e 74 2e 74 79 70 65 20 3d 20 22 68 69 64 64 65 6e 22 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 61 6c 6c 62 61 63 6b 49 6e 64 65 78 46 69 65 6c 64 45 6c 65 6d 65 6e 74 2e 6e 61 6d 65 20 3d 20 22 5f 5f 43 41 4c 4c 42 41 43 4b 49 4e 44 45 58 22 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 61 6c 6c 62 61 63 6b 49 6e 64 65 Data Ascii: } var callbackIndexFieldElement = xmlRequestFrame.document.createElement("INPUT"); callbackIndexFieldElement.type = "hidden"; callbackIndexFieldElement.name = "__CALLBACKINDEX"; callbackInde
2024-07-03 09:06:11 UTC	7311	IN	Data Raw: 20 20 20 20 20 20 20 20 20 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 5b 74 61 72 67 65 74 5d 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 57 65 62 46 6f 72 6d 5f 53 69 6d 75 6c 61 74 65 43 6c 69 63 6b 28 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 2c 20 65 76 65 6e 74 29 3b 0d 0a 20 20 20 20 20 20 20 20 7d 20 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 47 65 74 53 63 72 6f 6c 6c 58 28 29 20 7b 0d 0a 20 20 20 20 69 66 20 28 5f 5f 6e 6f 6e 4d 53 44 4f 4d 42 72 6f 77 73 65 72 29 20 7b Data Ascii: defaultButton = document.all[target]; } if (defaultButton) { return WebForm_SimulateClick(defaultButton, event); } } return true;}function WebForm_GetScrollX() { if (__nonMSDOMBrowser) {

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.5	49717	13.107.136.10	443	6384	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 09:06:11 UTC	872	OUT	GET /ScriptResource.axd?d=fz5b1NoOmf7XpLYfpTtd_ByoO6mCDajdygxqvwvlKPX_c2MLKN2zYNpRuVXw_sjj6mhIP1WreUiw9JFK6l4KlEFAy0WTw8Ah70RyGo2fFja05yf6L2IcMFjjohlUQOxpjzDft1zzk2yft58am4GMn4nI-Qsk4fUlW5TZfGWm_vg1&t=ffffffffa8ad04d3 HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 09:06:11 UTC	767	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 26951 Content-Type: application/x-javascript; charset=utf-8 Expires: Thu, 03 Jul 2025 07:46:20 GMT Last-Modified: Wed, 03 Jul 2024 07:46:20 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,262656,0,0,262,0,26535,23 X-AspNet-Version: 4.0.30319 SPRequestDuration: 5 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: C9AD79465F664CA884D6E67F28B825D4 Ref B: EWR311000108035 Ref C: 2024-07-03T09:06:11Z Date: Wed, 03 Jul 2024 09:06:10 GMT Connection: close
2024-07-03 09:06:11 UTC	391	IN	Data Raw: 76 61 72 20 50 61 67 65 5f 56 61 6c 69 64 61 74 69 6f 6e 56 65 72 20 3d 20 22 31 32 35 22 3b 0d 0a 76 61 72 20 50 61 67 65 5f 49 73 56 61 6c 69 64 20 3d 20 74 72 75 65 3b 0d 0a 76 61 72 20 50 61 67 65 5f 42 6c 6f 63 6b 53 75 62 6d 69 74 20 3d 20 66 61 6c 73 65 3b 0d 0a 76 61 72 20 50 61 67 65 5f 49 6e 76 61 6c 69 64 43 6f 6e 74 72 6f 6c 54 6f 42 65 46 6f 63 75 73 65 64 20 3d 20 6e 75 6c 6c 3b 0d 0a 76 61 72 20 50 61 67 65 5f 54 65 78 74 54 79 70 65 73 20 3d 20 2f 5e 28 74 65 78 74 7c 70 61 73 73 77 6f 72 64 7c 66 69 6c 65 7c 73 65 61 72 63 68 7c 74 65 6c 7c 75 72 6c 7c 65 6d 61 69 6c 7c 6e 75 6d 62 65 72 7c 72 61 6e 67 65 7c 63 6f 6c 6f 72 7c 64 61 74 65 74 69 6d 65 7c 64 61 74 65 7c 6d 6f 6e 74 68 7c 77 65 65 6b 7c 74 69 6d 65 7c 64 61 74 65 74 69 6d 65 Data Ascii: var Page_ValidationVer = "125";var Page_IsValid = true;var Page_BlockSubmit = false;var Page_InvalidControlToBeFocused = null;var Page_TextTypes = /^(text\|password\|file\|search\|tel\|url\|email\|number\|range\|color\|datetime\|date\|month\|week\|time\|datetime
2024-07-03 09:06:11 UTC	8192	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 76 61 6c 2e 64 69 73 70 6c 61 79 20 3d 3d 20 22 44 79 6e 61 6d 69 63 22 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 6c 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 20 3d 20 76 61 6c 2e 69 73 76 61 6c 69 64 20 3f 20 22 6e 6f 6e 65 22 20 3a 20 22 69 6e 6c 69 6e 65 22 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 69 66 20 28 28 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 2e 69 6e 64 65 78 4f 66 28 22 4d 61 63 22 29 20 3e 20 2d 31 29 20 26 26 0d 0a 20 20 20 20 20 20 20 20 28 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 Data Ascii: return; } if (val.display == "Dynamic") { val.style.display = val.isvalid ? "none" : "inline"; return; } } if ((navigator.userAgent.indexOf("Mac") > -1) && (navigator.userA
2024-07-03 09:06:11 UTC	7156	IN	Data Raw: 3d 20 22 74 61 62 6c 65 22 20 26 26 20 28 74 79 70 65 6f 66 28 5f 5f 6e 6f 6e 4d 53 44 4f 4d 42 72 6f 77 73 65 72 29 20 3d 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 20 7c 7c 20 5f 5f 6e 6f 6e 4d 53 44 4f 4d 42 72 6f 77 73 65 72 29 29 20 7c 7c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 28 63 74 72 6c 2e 74 61 67 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 20 3d 3d 20 22 73 70 61 6e 22 29 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 69 6e 70 75 74 45 6c 65 6d 65 6e 74 73 20 3d 20 63 74 72 6c 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 22 69 6e 70 75 74 22 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6c 61 73 74 49 6e 70 75 74 45 6c 65 6d 65 6e 74 20 20 3d 20 69 6e 70 75 74 45 6c 65 6d 65 6e 74 73 Data Ascii: = "table" && (typeof(__nonMSDOMBrowser) == "undefined" \|\| __nonMSDOMBrowser)) \|\| (ctrl.tagName.toLowerCase() == "span")) { var inputElements = ctrl.getElementsByTagName("input"); var lastInputElement = inputElements
2024-07-03 09:06:12 UTC	8192	IN	Data Raw: 2e 63 6f 6e 74 72 6f 6c 74 6f 76 61 6c 69 64 61 74 65 29 3b 0d 0a 20 20 20 20 69 66 20 28 56 61 6c 69 64 61 74 6f 72 54 72 69 6d 28 76 61 6c 75 65 29 2e 6c 65 6e 67 74 68 20 3d 3d 20 30 29 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 20 20 20 20 76 61 72 20 63 6f 6d 70 61 72 65 54 6f 20 3d 20 22 22 3b 0d 0a 20 20 20 20 69 66 20 28 28 74 79 70 65 6f 66 28 76 61 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 63 6f 6d 70 61 72 65 29 20 21 3d 20 22 73 74 72 69 6e 67 22 29 20 7c 7c 0d 0a 20 20 20 20 20 20 20 20 28 74 79 70 65 6f 66 28 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 76 61 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 63 6f 6d 70 61 72 65 29 29 20 3d 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 20 7c 7c 0d 0a 20 20 20 20 20 Data Ascii: .controltovalidate); if (ValidatorTrim(value).length == 0) return true; var compareTo = ""; if ((typeof(val.controltocompare) != "string") \|\| (typeof(document.getElementById(val.controltocompare)) == "undefined") \|\|
2024-07-03 09:06:12 UTC	3020	IN	Data Raw: 20 20 20 20 20 20 20 20 76 61 72 20 6c 65 6e 67 74 68 20 3d 20 70 61 72 73 65 53 70 65 63 69 66 69 63 41 74 74 72 69 62 75 74 65 28 73 65 6c 65 63 74 6f 72 2c 20 64 61 74 61 56 61 6c 69 64 61 74 69 6f 6e 41 74 74 72 69 62 75 74 65 2c 20 50 61 67 65 5f 56 61 6c 69 64 61 74 6f 72 73 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 65 6e 67 74 68 20 2b 3d 20 70 61 72 73 65 53 70 65 63 69 66 69 63 41 74 74 72 69 62 75 74 65 28 73 65 6c 65 63 74 6f 72 2c 20 64 61 74 61 56 61 6c 69 64 61 74 69 6f 6e 53 75 6d 6d 61 72 79 41 74 74 72 69 62 75 74 65 2c 20 50 61 67 65 5f 56 61 6c 69 64 61 74 69 6f 6e 53 75 6d 6d 61 72 69 65 73 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 6c 65 6e 67 74 68 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 Data Ascii: var length = parseSpecificAttribute(selector, dataValidationAttribute, Page_Validators); length += parseSpecificAttribute(selector, dataValidationSummaryAttribute, Page_ValidationSummaries); return length; }

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.5	49716	13.107.136.10	443	6384	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 09:06:11 UTC	885	OUT	GET /ScriptResource.axd?d=BPZZHAzyiNzOHF1qjpHwK2Iiip7ofKYDBinOf_3u64bxXfveZFChng8J6xm7E6G_NvDbY50Zc1CRv4_5WtD44aaLkCGiLE8dRk_RjlGSaXGP_XmyQ-XsxDsM15-yMp12VEq5pkLT7xq7ssFCpIVf3erlDm1aAay2ADnDVk01TwDgXUHVPZaNK6GUm2Onifr90&t=74258c30 HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 09:06:11 UTC	769	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 102801 Content-Type: application/x-javascript; charset=utf-8 Expires: Thu, 03 Jul 2025 06:07:17 GMT Last-Modified: Wed, 03 Jul 2024 06:07:17 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,262656,0,0,484,0,26370,154 X-AspNet-Version: 4.0.30319 SPRequestDuration: 4 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: E86CCF625F8747D89B26B408C0BEE6A1 Ref B: EWR311000107023 Ref C: 2024-07-03T09:06:11Z Date: Wed, 03 Jul 2024 09:06:11 GMT Connection: close
2024-07-03 09:06:11 UTC	1807	IN	Data Raw: 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0d 0a 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 2e 6a 73 0d 0a 46 75 6e 63 74 69 6f 6e 2e 5f 5f 74 79 70 65 4e 61 6d 65 3d 22 46 75 6e 63 74 69 6f 6e 22 3b 46 75 6e 63 74 69 6f 6e 2e 5f 5f 63 6c 61 73 73 3d Data Ascii: //----------------------------------------------------------// Copyright (C) Microsoft Corporation. All rights reserved.//----------------------------------------------------------// MicrosoftAjax.jsFunction.__typeName="Function";Function.__class=
2024-07-03 09:06:11 UTC	8192	IN	Data Raw: 3b 69 66 28 62 29 7b 62 2e 70 6f 70 53 74 61 63 6b 46 72 61 6d 65 28 29 3b 72 65 74 75 72 6e 20 62 7d 7d 7d 72 65 74 75 72 6e 20 6e 75 6c 6c 7d 3b 46 75 6e 63 74 69 6f 6e 2e 5f 76 61 6c 69 64 61 74 65 50 61 72 61 6d 65 74 65 72 54 79 70 65 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 63 2c 6b 2c 6a 2c 68 2c 64 29 7b 76 61 72 20 61 2c 67 3b 69 66 28 74 79 70 65 6f 66 20 62 3d 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 69 66 28 68 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 65 6c 73 65 7b 61 3d 45 72 72 6f 72 2e 61 72 67 75 6d 65 6e 74 55 6e 64 65 66 69 6e 65 64 28 64 29 3b 61 2e 70 6f 70 53 74 61 63 6b 46 72 61 6d 65 28 29 3b 72 65 74 75 72 6e 20 61 7d 69 66 28 62 3d 3d 3d 6e 75 6c 6c 29 69 66 28 68 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 65 6c 73 65 7b 61 3d 45 72 72 6f Data Ascii: ;if(b){b.popStackFrame();return b}}}return null};Function._validateParameterType=function(b,c,k,j,h,d){var a,g;if(typeof b==="undefined")if(h)return null;else{a=Error.argumentUndefined(d);a.popStackFrame();return a}if(b===null)if(h)return null;else{a=Erro
2024-07-03 09:06:11 UTC	5738	IN	Data Raw: 79 70 65 2e 69 73 4e 61 6d 65 73 70 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 7c 7c 61 3d 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 72 65 74 75 72 6e 20 21 21 61 2e 5f 5f 6e 61 6d 65 73 70 61 63 65 7d 3b 54 79 70 65 2e 70 61 72 73 65 3d 66 75 6e 63 74 69 6f 6e 28 74 79 70 65 4e 61 6d 65 2c 6e 73 29 7b 76 61 72 20 66 6e 3b 69 66 28 6e 73 29 7b 66 6e 3d 53 79 73 2e 5f 5f 75 70 70 65 72 43 61 73 65 54 79 70 65 73 5b 6e 73 2e 67 65 74 4e 61 6d 65 28 29 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 2b 22 2e 22 2b 74 79 70 65 4e 61 6d 65 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 5d 3b 72 65 74 75 72 6e 20 66 6e 7c 7c 6e 75 6c 6c 7d 69 66 28 21 74 79 70 65 4e 61 6d 65 Data Ascii: ype.isNamespace=function(a){if(typeof a==="undefined"\|\|a===null)return false;return !!a.__namespace};Type.parse=function(typeName,ns){var fn;if(ns){fn=Sys.__upperCaseTypes[ns.getName().toUpperCase()+"."+typeName.toUpperCase()];return fn\|\|null}if(!typeName
2024-07-03 09:06:12 UTC	8192	IN	Data Raw: 6e 74 41 72 67 73 29 3b 54 79 70 65 2e 72 65 67 69 73 74 65 72 4e 61 6d 65 73 70 61 63 65 28 22 53 79 73 2e 55 49 22 29 3b 53 79 73 2e 5f 44 65 62 75 67 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 53 79 73 2e 5f 44 65 62 75 67 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 5f 61 70 70 65 6e 64 43 6f 6e 73 6f 6c 65 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 74 79 70 65 6f 66 20 44 65 62 75 67 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 44 65 62 75 67 2e 77 72 69 74 65 6c 6e 29 44 65 62 75 67 2e 77 72 69 74 65 6c 6e 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 26 26 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 29 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 6f 70 65 72 61 29 77 69 6e Data Ascii: ntArgs);Type.registerNamespace("Sys.UI");Sys._Debug=function(){};Sys._Debug.prototype={_appendConsole:function(a){if(typeof Debug!=="undefined"&&Debug.writeln)Debug.writeln(a);if(window.console&&window.console.log)window.console.log(a);if(window.opera)win
2024-07-03 09:06:12 UTC	8192	IN	Data Raw: 2c 2d 31 2c 5b 62 5d 2c 63 29 29 3b 72 65 74 75 72 6e 20 74 72 75 65 7d 72 65 74 75 72 6e 20 66 61 6c 73 65 7d 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 72 65 6d 6f 76 65 41 74 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 61 29 7b 69 66 28 61 3e 2d 31 26 26 61 3c 62 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 63 3d 62 5b 61 5d 3b 41 72 72 61 79 2e 72 65 6d 6f 76 65 41 74 28 62 2c 61 29 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 5f 63 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 28 62 2c 6e 65 77 20 53 79 73 2e 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 28 53 79 73 2e 4e 6f 74 69 66 79 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 64 41 63 74 69 6f 6e 2e 72 65 6d 6f 76 65 2c 6e 75 6c 6c 2c 2d 31 2c 5b 63 5d 2c 61 29 29 7d 7d 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 Data Ascii: ,-1,[b],c));return true}return false};Sys.Observer.removeAt=function(b,a){if(a>-1&&a<b.length){var c=b[a];Array.removeAt(b,a);Sys.Observer._collectionChange(b,new Sys.CollectionChange(Sys.NotifyCollectionChangedAction.remove,null,-1,[c],a))}};Sys.Observer
2024-07-03 09:06:12 UTC	8192	IN	Data Raw: 69 6e 67 28 29 7d 66 75 6e 63 74 69 6f 6e 20 76 28 61 29 7b 69 66 28 61 3c 31 30 29 72 65 74 75 72 6e 20 22 30 30 30 22 2b 61 3b 65 6c 73 65 20 69 66 28 61 3c 31 30 30 29 72 65 74 75 72 6e 20 22 30 30 22 2b 61 3b 65 6c 73 65 20 69 66 28 61 3c 31 30 30 30 29 72 65 74 75 72 6e 20 22 30 22 2b 61 3b 72 65 74 75 72 6e 20 61 2e 74 6f 53 74 72 69 6e 67 28 29 7d 76 61 72 20 68 2c 70 2c 74 3d 2f 28 5b 5e 64 5d 7c 5e 29 28 64 7c 64 64 29 28 5b 5e 64 5d 7c 24 29 2f 67 3b 66 75 6e 63 74 69 6f 6e 20 73 28 29 7b 69 66 28 68 7c 7c 70 29 72 65 74 75 72 6e 20 68 3b 68 3d 74 2e 74 65 73 74 28 65 29 3b 70 3d 74 72 75 65 3b 72 65 74 75 72 6e 20 68 7d 76 61 72 20 71 3d 30 2c 6f 3d 44 61 74 65 2e 5f 67 65 74 54 6f 6b 65 6e 52 65 67 45 78 70 28 29 2c 66 3b 69 66 28 21 6b 26 26 Data Ascii: ing()}function v(a){if(a<10)return "000"+a;else if(a<100)return "00"+a;else if(a<1000)return "0"+a;return a.toString()}var h,p,t=/([^d]\|^)(d\|dd)([^d]\|$)/g;function s(){if(h\|\|p)return h;h=t.test(e);p=true;return h}var q=0,o=Date._getTokenRegExp(),f;if(!k&&
2024-07-03 09:06:12 UTC	8192	IN	Data Raw: 2e 5f 75 70 70 65 72 41 62 62 72 44 61 79 73 3d 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 41 72 72 61 79 28 74 68 69 73 2e 64 61 74 65 54 69 6d 65 46 6f 72 6d 61 74 2e 41 62 62 72 65 76 69 61 74 65 64 44 61 79 4e 61 6d 65 73 29 3b 72 65 74 75 72 6e 20 41 72 72 61 79 2e 69 6e 64 65 78 4f 66 28 74 68 69 73 2e 5f 75 70 70 65 72 41 62 62 72 44 61 79 73 2c 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 28 61 29 29 7d 2c 5f 74 6f 55 70 70 65 72 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 62 3d 5b 5d 3b 66 6f 72 28 76 61 72 20 61 3d 30 2c 64 3d 63 2e 6c 65 6e 67 74 68 3b 61 3c 64 3b 61 2b 2b 29 62 5b 61 5d 3d 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 28 63 5b 61 5d 29 3b 72 65 74 75 72 6e 20 62 7d 2c 5f 74 6f 55 70 70 65 72 3a 66 75 6e 63 74 69 6f 6e 28 Data Ascii: ._upperAbbrDays=this._toUpperArray(this.dateTimeFormat.AbbreviatedDayNames);return Array.indexOf(this._upperAbbrDays,this._toUpper(a))},_toUpperArray:function(c){var b=[];for(var a=0,d=c.length;a<d;a++)b[a]=this._toUpper(c[a]);return b},_toUpper:function(
2024-07-03 09:06:12 UTC	8192	IN	Data Raw: 31 29 69 66 28 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 4f 70 65 72 61 7c 7c 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 46 69 72 65 46 6f 78 29 61 3d 61 2e 73 70 6c 69 74 28 62 29 2e 6a 6f 69 6e 28 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 65 73 63 61 70 65 43 68 61 72 73 5b 62 5d 29 3b 65 6c 73 65 20 61 3d 61 2e 72 65 70 6c 61 63 65 28 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 63 68 61 72 73 54 6f 45 73 63 61 70 65 52 65 67 45 78 73 5b 62 5d 2c 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e Data Ascii: 1)if(Sys.Browser.agent===Sys.Browser.Opera\|\|Sys.Browser.agent===Sys.Browser.FireFox)a=a.split(b).join(Sys.Serialization.JavaScriptSerializer._escapeChars[b]);else a=a.replace(Sys.Serialization.JavaScriptSerializer._charsToEscapeRegExs[b],Sys.Serialization
2024-07-03 09:06:12 UTC	8192	IN	Data Raw: 79 70 65 6f 66 20 61 2e 6f 66 66 73 65 74 58 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 74 79 70 65 6f 66 20 61 2e 6f 66 66 73 65 74 59 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 7b 74 68 69 73 2e 6f 66 66 73 65 74 58 3d 61 2e 6f 66 66 73 65 74 58 3b 74 68 69 73 2e 6f 66 66 73 65 74 59 3d 61 2e 6f 66 66 73 65 74 59 7d 65 6c 73 65 20 69 66 28 74 68 69 73 2e 74 61 72 67 65 74 26 26 74 68 69 73 2e 74 61 72 67 65 74 2e 6e 6f 64 65 54 79 70 65 21 3d 3d 33 26 26 74 79 70 65 6f 66 20 61 2e 63 6c 69 65 6e 74 58 3d 3d 3d 22 6e 75 6d 62 65 72 22 29 7b 76 61 72 20 63 3d 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 67 65 74 4c 6f 63 61 74 69 6f 6e 28 74 68 69 73 2e 74 61 72 67 65 74 29 2c 64 3d 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 5f Data Ascii: ypeof a.offsetX!=="undefined"&&typeof a.offsetY!=="undefined"){this.offsetX=a.offsetX;this.offsetY=a.offsetY}else if(this.target&&this.target.nodeType!==3&&typeof a.clientX==="number"){var c=Sys.UI.DomElement.getLocation(this.target),d=Sys.UI.DomElement._
2024-07-03 09:06:12 UTC	8192	IN	Data Raw: 28 61 29 7b 69 66 28 21 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 29 7b 76 61 72 20 62 3d 61 2e 63 75 72 72 65 6e 74 53 74 79 6c 65 7c 7c 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 5f 67 65 74 43 75 72 72 65 6e 74 53 74 79 6c 65 28 61 29 3b 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 3d 62 3f 62 2e 64 69 73 70 6c 61 79 3a 6e 75 6c 6c 3b 69 66 28 21 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 7c 7c 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 3d 3d 3d 22 6e 6f 6e 65 22 29 73 77 69 74 63 68 28 61 2e 74 61 67 4e 61 6d 65 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 29 7b 63 61 73 65 20 22 44 49 56 22 3a 63 61 73 65 20 22 50 22 3a 63 61 73 65 20 22 41 44 44 52 45 53 53 22 3a 63 61 73 65 20 22 42 4c 4f 43 4b 51 55 4f 54 45 Data Ascii: (a){if(!a._oldDisplayMode){var b=a.currentStyle\|\|Sys.UI.DomElement._getCurrentStyle(a);a._oldDisplayMode=b?b.display:null;if(!a._oldDisplayMode\|\|a._oldDisplayMode==="none")switch(a.tagName.toUpperCase()){case "DIV":case "P":case "ADDRESS":case "BLOCKQUOTE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.5	49715	13.107.136.10	443	6384	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 09:06:11 UTC	885	OUT	GET /ScriptResource.axd?d=tM6FjENUq-AqRTrG-nKjsZBvBEL_WoCNVelbcqc-AiTFC5Zr5nKgI3s8s43QwNGHROgPUGDOMk8QarIRpFk51lj7vqW3Kny7uBviSE3Oxm-jOwp-V8yjBgIlfsWxiLilJfh7gZ_QADAxWhj82eyEXJBd0dnpYVXt_pPpciWccOwqXR_NN_UkaE-brJpn4gpT0&t=74258c30 HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 09:06:12 UTC	770	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 40326 Content-Type: application/x-javascript; charset=utf-8 Expires: Thu, 03 Jul 2025 09:06:11 GMT Last-Modified: Wed, 03 Jul 2024 09:06:11 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,525568,0,0,268485,0,37389,73 X-AspNet-Version: 4.0.30319 SPRequestDuration: 7 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: BB2243CFBDAA446B85BBF670E996BE54 Ref B: EWR311000102051 Ref C: 2024-07-03T09:06:11Z Date: Wed, 03 Jul 2024 09:06:11 GMT Connection: close
2024-07-03 09:06:12 UTC	588	IN	Data Raw: 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0d 0a 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 57 65 62 46 6f 72 6d 73 2e 6a 73 0d 0a 54 79 70 65 2e 5f 72 65 67 69 73 74 65 72 53 63 72 69 70 74 28 22 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 57 65 62 46 6f Data Ascii: //----------------------------------------------------------// Copyright (C) Microsoft Corporation. All rights reserved.//----------------------------------------------------------// MicrosoftAjaxWebForms.jsType._registerScript("MicrosoftAjaxWebFo
2024-07-03 09:06:12 UTC	8192	IN	Data Raw: 64 61 74 65 3d 61 7d 3b 53 79 73 2e 57 65 62 46 6f 72 6d 73 2e 42 65 67 69 6e 52 65 71 75 65 73 74 45 76 65 6e 74 41 72 67 73 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 67 65 74 5f 70 6f 73 74 42 61 63 6b 45 6c 65 6d 65 6e 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 70 6f 73 74 42 61 63 6b 45 6c 65 6d 65 6e 74 7d 2c 67 65 74 5f 72 65 71 75 65 73 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 72 65 71 75 65 73 74 7d 2c 67 65 74 5f 75 70 64 61 74 65 50 61 6e 65 6c 73 54 6f 55 70 64 61 74 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 75 70 64 61 74 65 50 61 6e 65 6c 73 54 6f 55 70 64 61 74 65 3f 41 72 72 61 79 2e 63 6c 6f 6e 65 28 74 68 69 73 2e 5f 75 70 64 61 74 65 50 Data Ascii: date=a};Sys.WebForms.BeginRequestEventArgs.prototype={get_postBackElement:function(){return this._postBackElement},get_request:function(){return this._request},get_updatePanelsToUpdate:function(){return this._updatePanelsToUpdate?Array.clone(this._updateP
2024-07-03 09:06:12 UTC	6956	IN	Data Raw: 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 5f 67 65 74 5f 65 76 65 6e 74 48 61 6e 64 6c 65 72 4c 69 73 74 28 29 2e 61 64 64 48 61 6e 64 6c 65 72 28 22 62 65 67 69 6e 52 65 71 75 65 73 74 22 2c 61 29 7d 2c 72 65 6d 6f 76 65 5f 62 65 67 69 6e 52 65 71 75 65 73 74 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 5f 67 65 74 5f 65 76 65 6e 74 48 61 6e 64 6c 65 72 4c 69 73 74 28 29 2e 72 65 6d 6f 76 65 48 61 6e 64 6c 65 72 28 22 62 65 67 69 6e 52 65 71 75 65 73 74 22 2c 61 29 7d 2c 61 64 64 5f 65 6e 64 52 65 71 75 65 73 74 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 5f 67 65 74 5f 65 76 65 6e 74 48 61 6e 64 6c 65 72 4c 69 73 74 28 29 2e 61 64 64 48 61 6e 64 6c 65 72 28 22 65 6e 64 52 65 71 75 65 73 74 22 2c 61 29 7d 2c 72 65 6d 6f 76 65 5f Data Ascii: unction(a){this._get_eventHandlerList().addHandler("beginRequest",a)},remove_beginRequest:function(a){this._get_eventHandlerList().removeHandler("beginRequest",a)},add_endRequest:function(a){this._get_eventHandlerList().addHandler("endRequest",a)},remove_
2024-07-03 09:06:12 UTC	8192	IN	Data Raw: 61 6c 69 64 61 74 65 28 61 2e 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 29 3b 69 66 28 64 29 7b 69 66 28 74 79 70 65 6f 66 20 61 2e 61 63 74 69 6f 6e 55 72 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 61 2e 61 63 74 69 6f 6e 55 72 6c 21 3d 6e 75 6c 6c 26 26 61 2e 61 63 74 69 6f 6e 55 72 6c 2e 6c 65 6e 67 74 68 3e 30 29 74 68 65 46 6f 72 6d 2e 61 63 74 69 6f 6e 3d 61 2e 61 63 74 69 6f 6e 55 72 6c 3b 69 66 28 61 2e 74 72 61 63 6b 46 6f 63 75 73 29 7b 76 61 72 20 63 3d 74 68 65 46 6f 72 6d 2e 65 6c 65 6d 65 6e 74 73 5b 22 5f 5f 4c 41 53 54 46 4f 43 55 53 22 5d 3b 69 66 28 74 79 70 65 6f 66 20 63 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 63 21 3d 6e 75 6c 6c 29 69 66 28 74 79 70 65 6f 66 20 64 6f 63 75 6d 65 6e 74 2e 61 63 74 69 76 65 45 6c 65 6d 65 Data Ascii: alidate(a.validationGroup);if(d){if(typeof a.actionUrl!="undefined"&&a.actionUrl!=null&&a.actionUrl.length>0)theForm.action=a.actionUrl;if(a.trackFocus){var c=theForm.elements["__LASTFOCUS"];if(typeof c!="undefined"&&c!=null)if(typeof document.activeEleme
2024-07-03 09:06:12 UTC	8192	IN	Data Raw: 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 29 7b 62 2e 61 70 70 65 6e 64 28 74 68 69 73 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 29 3b 74 68 69 73 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 3d 6e 75 6c 6c 7d 76 61 72 20 63 3d 6e 65 77 20 53 79 73 2e 4e 65 74 2e 57 65 62 52 65 71 75 65 73 74 2c 61 3d 77 2e 61 63 74 69 6f 6e 3b 69 66 28 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 49 6e 74 65 72 6e 65 74 45 78 70 6c 6f 72 65 72 29 7b 76 61 72 20 72 3d 61 2e 69 6e 64 65 78 4f 66 28 22 23 22 29 3b 69 66 28 72 21 3d 3d 2d 31 29 61 3d 61 2e 73 75 62 73 74 72 28 30 2c 72 29 3b 76 61 72 20 6f 3d 22 22 2c 76 3d 22 22 2c 6d 3d 61 2e 69 6e 64 65 78 4f 66 28 22 3f 22 29 3b 69 66 28 6d 21 3d Data Ascii: ._additionalInput){b.append(this._additionalInput);this._additionalInput=null}var c=new Sys.Net.WebRequest,a=w.action;if(Sys.Browser.agent===Sys.Browser.InternetExplorer){var r=a.indexOf("#");if(r!==-1)a=a.substr(0,r);var o="",v="",m=a.indexOf("?");if(m!=
2024-07-03 09:06:12 UTC	8192	IN	Data Raw: 73 70 6f 73 65 73 5b 61 5d 2c 62 29 7d 2c 5f 73 63 72 69 70 74 49 6e 63 6c 75 64 65 73 4c 6f 61 64 43 6f 6d 70 6c 65 74 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 62 29 7b 69 66 28 62 2e 65 78 65 63 75 74 6f 72 2e 67 65 74 5f 77 65 62 52 65 71 75 65 73 74 28 29 21 3d 3d 74 68 69 73 2e 5f 72 65 71 75 65 73 74 29 72 65 74 75 72 6e 3b 74 68 69 73 2e 5f 63 6f 6d 6d 69 74 43 6f 6e 74 72 6f 6c 73 28 62 2e 75 70 64 61 74 65 50 61 6e 65 6c 44 61 74 61 2c 62 2e 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 54 69 6d 65 6f 75 74 4e 6f 64 65 3f 62 2e 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 54 69 6d 65 6f 75 74 4e 6f 64 65 2e 63 6f 6e 74 65 6e 74 3a 6e 75 6c 6c 29 3b 69 66 28 62 2e 66 6f 72 6d 41 63 74 69 6f 6e 4e 6f 64 65 29 74 68 69 73 2e 5f 66 6f 72 6d 2e 61 63 74 69 6f 6e 3d Data Ascii: sposes[a],b)},_scriptIncludesLoadComplete:function(e,b){if(b.executor.get_webRequest()!==this._request)return;this._commitControls(b.updatePanelData,b.asyncPostBackTimeoutNode?b.asyncPostBackTimeoutNode.content:null);if(b.formActionNode)this._form.action=
2024-07-03 09:06:12 UTC	14	IN	Data Raw: 20 74 68 61 6e 20 6f 6e 63 65 2e 22 7d 3b Data Ascii: than once."};

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.5	49718	13.107.136.10	443	6384	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 09:06:11 UTC	757	OUT	GET /_layouts/15/images/microsoft-logo.png HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 09:06:12 UTC	728	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 3331 Content-Type: image/png Last-Modified: Fri, 28 Jun 2024 04:07:14 GMT Accept-Ranges: bytes ETag: "d97c43a810c9da1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,525568,0,0,85521,0,30934,73 SPRequestDuration: 4 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: CFE31FCF66174C138223993BEF5FBD2E Ref B: EWR311000107047 Ref C: 2024-07-03T09:06:11Z Date: Wed, 03 Jul 2024 09:06:10 GMT Connection: close
2024-07-03 09:06:12 UTC	2971	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 e2 00 00 00 30 08 06 00 00 00 0c e6 a6 f3 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 0c bd 49 44 41 54 78 01 ed 9c 3d 77 1b b9 15 86 47 b6 7a d3 bf c0 4c ca 34 66 4e d2 6b 5c 64 53 9a ee b3 c7 a3 5f 60 fa ab 8d a8 da 1f d2 fe 02 8f 72 d2 9b ee b2 95 c9 7e cf 46 aa dc 65 a9 5f b0 52 5a 7f 30 cf 4b 03 5c 0c 06 43 42 12 87 de 8d 31 e7 8c 81 7b 71 71 2f e6 05 5e 7c 0c 47 de fa 6f ff f7 b3 ac 85 0b a7 3f de 18 fd e7 4f 72 fd f7 ef b3 1f b6 b6 b2 79 7e dd a1 f6 ff 92 5d cb b6 b2 56 9e 61 dd 6d 4d fe 12 02 4d 08 5c 6b 2a 48 fa 84 40 42 60 73 08 24 22 6e 0e eb 14 29 21 d0 88 40 22 62 23 34 a9 20 21 b0 39 04 12 11 37 87 75 8a 94 10 68 44 20 11 b1 11 9a 54 90 10 d8 1c 02 89 88 9b c3 3a 45 4a 08 34 22 b0 dd Data Ascii: PNGIHDR0sRGBIDATx=wGzL4fNk\dS_`r~Fe_RZ0K\CB1{qq/^\|Go?Ory~]VamMM\k*H@B`s$"n)!@"b#4 !97uhD T:EJ4"
2024-07-03 09:06:12 UTC	360	IN	Data Raw: b5 79 09 09 2b e7 bb a6 46 e2 e7 84 89 e0 8f 4d ab 16 83 5f 3f 7d 68 3b be 8b 8f d8 c9 4a 76 9a 20 8a a6 b8 97 d5 f3 cc 83 98 89 e1 ab dd 9a d2 99 63 88 75 21 7c 35 c3 b1 f5 51 07 77 55 91 ed c5 b1 d2 65 57 28 8e 74 81 3a 3a c3 54 f4 74 e2 34 60 37 57 69 c0 91 29 78 11 31 c4 5f 4e be cf dd e1 5e 5c b4 6f 2a 9f 3c e7 d8 cc ce 8b 32 32 17 8a e7 56 54 de 8b af d8 39 77 87 98 3d d2 8c b8 c7 4a b9 b4 3d 1b db ef 73 3f ab ea ff 42 82 0e 5b d1 b9 1f ea ca 87 7c dd 26 3d 45 9e 1a ac c7 90 6c 54 af 5d d7 18 a2 96 c6 a7 88 d9 c5 6a ee 93 fc 09 f9 33 eb 73 c9 e4 50 71 4c bd fd 8a 22 42 30 38 f5 cd 39 57 ed d0 b3 cd 2f e2 cf fb 47 c2 16 7f 7d 11 dc 80 7f 36 bd c2 bf 33 fe e0 f8 db 9b f3 0f bd 67 df 67 fa 0b 8f 56 3e fa ce be c9 ae b5 f8 d1 f7 15 00 48 55 13 02 f1 08 Data Ascii: y+FM_?}h;Jv cu!\|5QwUeW(t::Tt4`7Wi)x1_N^\o*<22VT9w=J=s?B[\|&=ElT]j3sPqL"B089W/G}63ggV>HU

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.5	49720	52.105.48.53	443	6384	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 09:06:13 UTC	393	OUT	GET /_layouts/15/images/microsoft-logo.png HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 09:06:13 UTC	623	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Type: image/png Last-Modified: Fri, 28 Jun 2024 04:07:14 GMT Accept-Ranges: bytes ETag: "d97c43a810c9da1:0" Server: Microsoft-IIS/10.0 X-NetworkStatistics: 0,262656,0,0,636,0,24954,80 SPRequestDuration: 6 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Date: Wed, 03 Jul 2024 09:06:12 GMT Connection: close Content-Length: 3331
2024-07-03 09:06:13 UTC	3331	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 e2 00 00 00 30 08 06 00 00 00 0c e6 a6 f3 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 0c bd 49 44 41 54 78 01 ed 9c 3d 77 1b b9 15 86 47 b6 7a d3 bf c0 4c ca 34 66 4e d2 6b 5c 64 53 9a ee b3 c7 a3 5f 60 fa ab 8d a8 da 1f d2 fe 02 8f 72 d2 9b ee b2 95 c9 7e cf 46 aa dc 65 a9 5f b0 52 5a 7f 30 cf 4b 03 5c 0c 06 43 42 12 87 de 8d 31 e7 8c 81 7b 71 71 2f e6 05 5e 7c 0c 47 de fa 6f ff f7 b3 ac 85 0b a7 3f de 18 fd e7 4f 72 fd f7 ef b3 1f b6 b6 b2 79 7e dd a1 f6 ff 92 5d cb b6 b2 56 9e 61 dd 6d 4d fe 12 02 4d 08 5c 6b 2a 48 fa 84 40 42 60 73 08 24 22 6e 0e eb 14 29 21 d0 88 40 22 62 23 34 a9 20 21 b0 39 04 12 11 37 87 75 8a 94 10 68 44 20 11 b1 11 9a 54 90 10 d8 1c 02 89 88 9b c3 3a 45 4a 08 34 22 b0 dd Data Ascii: PNGIHDR0sRGBIDATx=wGzL4fNk\dS_`r~Fe_RZ0K\CB1{qq/^\|Go?Ory~]VamMM\k*H@B`s$"n)!@"b#4 !97uhD T:EJ4"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.5	49722	13.107.136.10	443	6384	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 09:06:13 UTC	757	OUT	GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 09:06:13 UTC	731	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 7886 Content-Type: image/x-icon Last-Modified: Fri, 28 Jun 2024 04:06:51 GMT Accept-Ranges: bytes ETag: "da70ce9a10c9da1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,525568,0,0,87098,0,34893,73 SPRequestDuration: 3 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 86437A1751A549DAAB56C09D1C0B6A25 Ref B: EWR311000107047 Ref C: 2024-07-03T09:06:13Z Date: Wed, 03 Jul 2024 09:06:12 GMT Connection: close
2024-07-03 09:06:13 UTC	3439	IN	Data Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 c6 37 30 d0 c6 37 af d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 af d0 c6 37 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 6 hf( @ 7077777770
2024-07-03 09:06:13 UTC	4447	IN	Data Raw: 00 00 00 00 00 00 00 70 6c 03 bf 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 bf 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 6c 03 40 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: plplplplplplplplplplplplplplplplplplpl@plplplplplplplplplplplplplplplplpl@

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.5	49724	23.43.61.160	443

Timestamp	Bytes transferred	Direction	Data
2024-07-03 09:06:14 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-07-03 09:06:14 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=111782 Date: Wed, 03 Jul 2024 09:06:14 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.5	49728	23.43.61.160	443

Timestamp	Bytes transferred	Direction	Data
2024-07-03 09:06:15 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-07-03 09:06:15 UTC	535	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y= Cache-Control: public, max-age=111808 Date: Wed, 03 Jul 2024 09:06:15 GMT Content-Length: 55 Connection: close X-CID: 2
2024-07-03 09:06:15 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.5	49726	52.105.48.53	443	6384	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 09:06:15 UTC	393	OUT	GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1 Host: bombeirosamora-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 09:06:15 UTC	626	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Type: image/x-icon Last-Modified: Fri, 28 Jun 2024 04:06:51 GMT Accept-Ranges: bytes ETag: "da70ce9a10c9da1:0" Server: Microsoft-IIS/10.0 X-NetworkStatistics: 0,262656,0,0,658,0,24954,80 SPRequestDuration: 6 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25019 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Date: Wed, 03 Jul 2024 09:06:14 GMT Connection: close Content-Length: 7886
2024-07-03 09:06:15 UTC	7886	IN	Data Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 c6 37 30 d0 c6 37 af d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 af d0 c6 37 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 6 hf( @ 7077777770

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 940, Parent PID: 5528

General

Target ID:	0
Start time:	05:06:03
Start date:	03/07/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6384, Parent PID: 940

General

Target ID:	2
Start time:	05:06:06
Start date:	03/07/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 --field-trial-handle=2016,i,15795045157200504094,3472656699449798047,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 1084, Parent PID: 5528

General

Target ID:	3
Start time:	05:06:09
Start date:	03/07/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://bombeirosamora-my.sharepoint.com/:o:/g/personal/geral_comando_bombeirosamora_pt/EqT53jeWO6ZGkv1O_1FowosB2CSGfrKDmTZiEPPt31Ds7g?e=5%3aGFx4a1&at=9"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly