Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA

Overview

General Information

Sample URL:	https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA
Analysis ID:	1467128
Infos:

Detection

HTMLPhisher

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish10

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML title does not match URL

Submit button contains javascript call

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 2472 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 3484 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1936,i,11490283771682766342,4315822117099355531,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6408 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

Dropped Files

Source	Rule	Description	Author	Strings
dropped/chromecache_116	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

HTML

Source	Rule	Description	Author	Strings
0.0.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_116, type: DROPPED

Source: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA

HTTP Parser: Number of links: 0

Source: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA

HTTP Parser: Title: Sharing Link Validation does not match URL

Source: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA

HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true))

Source: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA

HTTP Parser: No <meta name="author".. found

Source: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49753 version: TLS 1.2

Source: global traffic	TCP traffic: 192.168.2.4:55552 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:61361 -> 162.159.36.2:53

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA HTTP/1.1Host: eplogisticademexico-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=gYhtUdTxoXhtw-KxJrZaPU-L1VVzyMRiFAG3_YgDmtOMb9U-YBQ5_M-QIbkIOMQQuoHmFdfkJMBU6emMwcD_OLoppDSK1LUliULbeka_Ccc1&t=638533172441064469 HTTP/1.1Host: eplogisticademexico-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=vJyeF_G_zhTOis-uIci226CSQc3yswl8BafXJ2er74-j6lmz96G8GKwFy0HtwoXgXxfBBYeXLKo6GKlx2_QsUIFAJBf2dSvQENsLBJ82KlJRkySiMJiisNmWsJ2_-ScAqpInb_li2W56J59t5xWE3UodFKTlcOKnP7eWf88puJ41&t=ffffffffa8ad04d3 HTTP/1.1Host: eplogisticademexico-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=QriPSNnIO6opnZEP8lII4aiVjyTyjlacWrXPRydx3VU1W8I-1Fgirzt-PeHyUHQV7_n9l6X_Lq1MxIM1Jde0IPfDHnNtGMYlU53eTNs9T3YscIO65M4gkgHkF-zmJe2FnHkkMMz5vuQV0wJJZZU2KFyfVIL0eBEC5B-WmF5-4FU5uLKi7IUPEeLRecz3ShgU0&t=74258c30 HTTP/1.1Host: eplogisticademexico-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=gFO1aIFRjlyygLxe6DWiwbFNcUyyfGMmsx5XP-c0xoUfV_pvczwgTnE1b8Aq94UIqIVnnO6r3Moyf_Yl-X5rtpeBYASmRNJYKeF8ePYt05Tz7qkKdjShVK-uEybJUFRe4ZP3txcsEN27l9aNGYnb8LZt3anacaI6Y6dD3V3-NWlas3_HG5tIp3rK-0gYfS_60&t=74258c30 HTTP/1.1Host: eplogisticademexico-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/microsoft-logo.png HTTP/1.1Host: eplogisticademexico-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/microsoft-logo.png HTTP/1.1Host: eplogisticademexico-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1Host: eplogisticademexico-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1Host: eplogisticademexico-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com

Source: global traffic	DNS traffic detected: DNS query: eplogisticademexico-my.sharepoint.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: m365cdn.nel.measure.office.net

Source: chromecache_117.1.dr	String found in binary or memory: http://github.com/jrburke/requirejs
Source: chromecache_116.1.dr	String found in binary or memory: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/images/
Source: chromecache_121.1.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: chromecache_116.1.dr	String found in binary or memory: https://res-1.cdn.office.net
Source: chromecache_116.1.dr	String found in binary or memory: https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/require.js
Source: chromecache_116.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/
Source: chromecache_116.1.dr	String found in binary or memory: https://res-2.cdn.office.net/files/odsp-web-prod_2024-06-14.009/
Source: chromecache_116.1.dr	String found in binary or memory: https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61367 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61367
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49753 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@21/24@8/4

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1936,i,11490283771682766342,4315822117099355531,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1936,i,11490283771682766342,4315822117099355531,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	1 Scripting	Valid Accounts	Windows Management Instrumentation	1 Scripting	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://reactjs.org/docs/error-decoder.html?invariant=	0%	URL Reputation	safe
https://eplogisticademexico-my.sharepoint.com/WebResource.axd?d=gYhtUdTxoXhtw-KxJrZaPU-L1VVzyMRiFAG3_YgDmtOMb9U-YBQ5_M-QIbkIOMQQuoHmFdfkJMBU6emMwcD_OLoppDSK1LUliULbeka_Ccc1&t=638533172441064469	0%	Avira URL Cloud	safe
https://eplogisticademexico-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47	0%	Avira URL Cloud	safe
http://github.com/jrburke/requirejs	0%	Avira URL Cloud	safe
https://eplogisticademexico-my.sharepoint.com/ScriptResource.axd?d=vJyeF_G_zhTOis-uIci226CSQc3yswl8BafXJ2er74-j6lmz96G8GKwFy0HtwoXgXxfBBYeXLKo6GKlx2_QsUIFAJBf2dSvQENsLBJ82KlJRkySiMJiisNmWsJ2_-ScAqpInb_li2W56J59t5xWE3UodFKTlcOKnP7eWf88puJ41&t=ffffffffa8ad04d3	0%	Avira URL Cloud	safe
https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js	0%	Avira URL Cloud	safe
https://eplogisticademexico-my.sharepoint.com/_layouts/15/images/microsoft-logo.png	0%	Avira URL Cloud	safe
https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/images/	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
dual-spo-0005.spo-msedge.net	13.107.136.10	true	false		unknown
www.google.com	216.58.206.68	true	false		unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false		unknown
eplogisticademexico-my.sharepoint.com	unknown	unknown	false		unknown
m365cdn.nel.measure.office.net	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA	false		unknown
https://eplogisticademexico-my.sharepoint.com/WebResource.axd?d=gYhtUdTxoXhtw-KxJrZaPU-L1VVzyMRiFAG3_YgDmtOMb9U-YBQ5_M-QIbkIOMQQuoHmFdfkJMBU6emMwcD_OLoppDSK1LUliULbeka_Ccc1&t=638533172441064469	false	Avira URL Cloud: safe	unknown
https://eplogisticademexico-my.sharepoint.com/_layouts/15/images/microsoft-logo.png	false	Avira URL Cloud: safe	unknown
https://eplogisticademexico-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47	false	Avira URL Cloud: safe	unknown
https://eplogisticademexico-my.sharepoint.com/ScriptResource.axd?d=vJyeF_G_zhTOis-uIci226CSQc3yswl8BafXJ2er74-j6lmz96G8GKwFy0HtwoXgXxfBBYeXLKo6GKlx2_QsUIFAJBf2dSvQENsLBJ82KlJRkySiMJiisNmWsJ2_-ScAqpInb_li2W56J59t5xWE3UodFKTlcOKnP7eWf88puJ41&t=ffffffffa8ad04d3	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://github.com/jrburke/requirejs	chromecache_117.1.dr	false	Avira URL Cloud: safe	unknown
https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/images/	chromecache_116.1.dr	false	Avira URL Cloud: safe	unknown
https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js	chromecache_116.1.dr	false	Avira URL Cloud: safe	unknown
https://reactjs.org/docs/error-decoder.html?invariant=	chromecache_121.1.dr	false	URL Reputation: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
13.107.136.10	dual-spo-0005.spo-msedge.net	United States		8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
216.58.206.68	www.google.com	United States		15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false

Private

IP
192.168.2.4

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1467128
Start date and time:	2024-07-03 18:24:24 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 7s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	9
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.phis.win@21/24@8/4
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 216.58.206.67, 142.250.186.174, 64.233.167.84, 34.104.35.123, 2.23.209.32, 2.23.209.26, 2.23.209.39, 2.23.209.35, 2.23.209.37, 2.23.209.36, 2.23.209.29, 2.23.209.24, 2.23.209.34, 216.58.206.74, 142.250.185.202, 142.250.185.138, 142.250.186.42, 172.217.23.106, 142.250.184.202, 142.250.185.170, 216.58.212.170, 172.217.18.106, 142.250.185.74, 142.250.185.234, 142.250.181.234, 142.250.185.106, 142.250.184.234, 142.250.186.74, 216.58.206.42, 95.101.54.121, 95.101.54.113, 13.85.23.86, 2.19.126.137, 2.19.126.163, 192.229.221.95, 20.3.187.198, 13.95.31.18, 20.242.39.171, 142.250.186.163
Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, e40491.dscd.akamaiedge.net, clientservices.googleapis.com, res-1.cdn.office.net, a767.dspw65.akamai.net, a1894.dscb.akamai.net, clients2.google.com, ocsp.digicert.com, 201303-ipv4v6w.farm.dprodmgd108.sharepointonline.com.akadns.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, wu-b-net.trafficmanager.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, ctldl.windowsupdate.com, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net, d.3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.0.0.0.8.0.4.0.0.3.0.1.3.0.6.2.ip6.arpa
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input

Output

URL: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA Model: Perplexity: mixtral-8x7b-instruct

{"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form explicitly requesting sensitive information such as passwords, email addresses, usernames, phone numbers or credit card numbers (CVV).","The text does not create a sense of urgency or interest by using phrases such as 'Click here to view document', 'To view secured document click here', or 'Open the link to see your invoice'.","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]}

Title: Sharing Link Validation OCR: OneDrive Microsoft Verify Your Identity You've received a secure link to: ORDER No.93439 - stats To open this secure link. we'll need you to enter the email that this item was shared to. O Enter email Next ay clicking Next you allow EPLOGISTICA DE MEXICO S DE RL DE CV to use your email address in accordance with their privacy statement. EPLOGISTICA DE MEXICO S DE RL DE CV has not prcwided links to their terms for you to review. e 2017 Microsoft Privacy & Cookies

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 114

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	23063
Entropy (8bit):	4.7535440881548165
Encrypted:	false
SSDEEP:	384:GvUzYI+Vi4g1V5it1ONhA6w+Kv8i/4CYzLKL4DrLU0iTxZTAzIzrwDlTWMClQip9:bkON69kClQq8hDRJHp2tWU25Zt/gREVG
MD5:	90EA7274F19755002360945D54C2A0D7
SHA1:	647B5D8BF7D119A2C97895363A07A0C6EB8CD284
SHA-256:	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
SHA-512:	7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07
Malicious:	false
Reputation:	low
URL:	https://eplogisticademexico-my.sharepoint.com/WebResource.axd?d=gYhtUdTxoXhtw-KxJrZaPU-L1VVzyMRiFAG3_YgDmtOMb9U-YBQ5_M-QIbkIOMQQuoHmFdfkJMBU6emMwcD_OLoppDSK1LUliULbeka_Ccc1&t=638533172441064469
Preview:	function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) {.. this.eventTarget = eventTarget;.. this.eventArgument = eventArgument;.. this.validation = validation;.. this.validationGroup = validationGroup;.. this.actionUrl = actionUrl;.. this.trackFocus = trackFocus;.. this.clientSubmit = clientSubmit;..}..function WebForm_DoPostBackWithOptions(options) {.. var validationResult = true;.. if (options.validation) {.. if (typeof(Page_ClientValidate) == 'function') {.. validationResult = Page_ClientValidate(options.validationGroup);.. }.. }.. if (validationResult) {.. if ((typeof(options.actionUrl) != "undefined") && (options.actionUrl != null) && (options.actionUrl.length > 0)) {.. theForm.action = options.actionUrl;.. }.. if (options.trackFocus) {.. var lastFocus = theForm.elements["__LASTFOCUS"];.. if ((typeo

Chrome Cache Entry: 115

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3331
Entropy (8bit):	7.927896166439245
Encrypted:	false
SSDEEP:	96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq
MD5:	EF884BDEDEF280DF97A4C5604058D8DB
SHA1:	6F04244B51AD2409659E267D308B97E09CE9062B
SHA-256:	825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB
SHA-512:	A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2
Malicious:	false
Reputation:	low
URL:	https://eplogisticademexico-my.sharepoint.com/_layouts/15/images/microsoft-logo.png
Preview:	.PNG........IHDR.......0............sRGB.........IDATx..=w....G.z..L.4fN.k\dS..._`..........r...~.F..e._.RZ.0.K.\..CB...1.{qq/..^\|.G..o.......?....Or.......y~....]..V.a.mM...M.\kH..@B`s.$"n...)!.@"b#4. !.9...7.u...hD ....T.........:EJ.4"..X........<\|.pgkk+....>~.....pju1i"b.J.&!.!...=T....k..D7.....O.<.?}......./..(.`0..!.C..'.?..e..~.....l6...._.x1rmR...$\|E...l.WKDH...f..... ...Y.0R....>...{...-..o........,...E../......_....eM.Q....@Q...w sp5.9..l.W)...Pq... .]..B..).../M.G.g....].V...5$<......Eb.9.....>LYAk.Z.k..b..]N%>}4a....4!S...t..d..<.8AH+.../r...._...!qt.:q..fR.:..KW.._...T...5..>.0!.hq.rbND\...XR.,2.uX..Q.b...wQ......g..X...F...~.....ikZE...UA....V.I!..]..Mm..R.....~k.VC.n..V.B#W...\..yI.3.....2........6c....2J....,g..5O1.s.4V2.....f..K..Obf\....;.w...\|.F>F>6_z..P.dU<.wVV......?.q.?&........O.>....l.S.upp....59.C_.......fJ.M.={v,......]Y_....n.?UF....v<.$..AD...p.....:$r =p...C.k.3....n.v..~.TGd!...l.W...s..

Chrome Cache Entry: 116

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (30522), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	68995
Entropy (8bit):	5.664523824177227
Encrypted:	false
SSDEEP:	1536:PlgguXKWhKlWXBOxSPSW8N6fGNNKJJxoJs2wVXUaH3k:PLuDCGeTKJLVXUJ
MD5:	5FC05DD5FEE75F047D937EA92527A27B
SHA1:	17A067E94429BB902C74756660556059AA08FF60
SHA-256:	728CA21699421C153D925F429F876EAF87615152E25E53D66AFA47A0C4E347AE
SHA-512:	A1ACD96738D44D5921CC0BF93A17FD49712FFB860407475E67909DC2D82275E7E543FCA563941920F167EFE10B40A1804787F7DDAE98A493DB75BB48FFB48A78
Malicious:	false
Reputation:	low
URL:	https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA
Preview:	..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr">..<head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Expires" content="0" /><meta name="Robots" content="NOHTMLINDEX" /><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><link id="favicon" rel="shortcut icon" href="/_layouts/15/images/favicon.ico?rev=47" type="image/vnd.microsoft.icon" /><title>...Sharing Link Validation..</title>...<style type="text/css" media="screen, print, projection">....html{line-height:1.15;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,footer,header,nav,section{display:block}h1{font-size:2em;margin:.67em 0}figcaption,figure,ma

Chrome Cache Entry: 117

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17444)
Category:	downloaded
Size (bytes):	17672
Entropy (8bit):	5.233316811547578
Encrypted:	false
SSDEEP:	384:lpLsOooX8uvFBiRh+HnEDuvvy1pqvuvDX/0ohHK9mm+tMHvVOPoQeOMmuI:QnoX8uNB2YHnEDsvy1pqvub/0iq4NMHM
MD5:	6EFDDF589864D2E146A55C01C6764A35
SHA1:	EFA8BBA46CB97877EEC5430C43F0AC32585B6B2F
SHA-256:	2D92F0CE8491D2F9A27EA16D261A15089C4A9BE879D1EEDCB6F4A3859E7F1999
SHA-512:	1AFC735660AAE010C04EF89C732D08EBA1B87BE6048164F273BEAEBECA3F30062812B4CD141DDF0291A6AB54F730875D597678A3564C0EED2AAC11E5400F951A
Malicious:	false
Reputation:	low
URL:	https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/require.js
Preview:	/** vim: et:ts=4:sw=4:sts=4. * @license RequireJS 2.1.22 Copyright (c) 2010-2015, The Dojo Foundation All Rights Reserved.. * Available via the MIT or new BSD license.. * see: http://github.com/jrburke/requirejs for details. */.var requirejs,require,define;!function(global){function isFunction(e){return"[object Function]"===ostring.call(e)}function isArray(e){return"[object Array]"===ostring.call(e)}function each(e,t){if(e){var r;for(r=0;r<e.length&&(!e[r]\|\|!t(e[r],r,e));r+=1);}}function eachReverse(e,t){if(e){var r;for(r=e.length-1;r>-1&&(!e[r]\|\|!t(e[r],r,e));r-=1);}}function hasProp(e,t){return hasOwn.call(e,t)}function getOwn(e,t){return hasProp(e,t)&&e[t]}function eachProp(e,t){var r;for(r in e)if(hasProp(e,r)&&t(e[r],r))break}function mixin(e,t,r,i){return t&&eachProp(t,function(t,n){(r\|\|!hasProp(e,n))&&(!i\|\|"object"!=typeof t\|\|!t\|\|isArray(t)\|\|isFunction(t)\|\|t instanceof RegExp?e[n]=t:(e[n]\|\|(e[n]={}),mixin(e[n],t,r,i)))}),e}function bind(e,t){return function(){return t.apply(e,ar

Chrome Cache Entry: 118

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	3331
Entropy (8bit):	7.927896166439245
Encrypted:	false
SSDEEP:	96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq
MD5:	EF884BDEDEF280DF97A4C5604058D8DB
SHA1:	6F04244B51AD2409659E267D308B97E09CE9062B
SHA-256:	825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB
SHA-512:	A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......0............sRGB.........IDATx..=w....G.z..L.4fN.k\dS..._`..........r...~.F..e._.RZ.0.K.\..CB...1.{qq/..^\|.G..o.......?....Or.......y~....]..V.a.mM...M.\kH..@B`s.$"n...)!.@"b#4. !.9...7.u...hD ....T.........:EJ.4"..X........<\|.pgkk+....>~.....pju1i"b.J.&!.!...=T....k..D7.....O.<.?}......./..(.`0..!.C..'.?..e..~.....l6...._.x1rmR...$\|E...l.WKDH...f..... ...Y.0R....>...{...-..o........,...E../......_....eM.Q....@Q...w sp5.9..l.W)...Pq... .]..B..).../M.G.g....].V...5$<......Eb.9.....>LYAk.Z.k..b..]N%>}4a....4!S...t..d..<.8AH+.../r...._...!qt.:q..fR.:..KW.._...T...5..>.0!.hq.rbND\...XR.,2.uX..Q.b...wQ......g..X...F...~.....ikZE...UA....V.I!..]..Mm..R.....~k.VC.n..V.B#W...\..yI.3.....2........6c....2J....,g..5O1.s.4V2.....f..K..Obf\....;.w...\|.F>F>6_z..P.dU<.wVV......?.q.?&........O.>....l.S.upp....59.C_.......fJ.M.={v,......]Y_....n.?UF....v<.$..AD...p.....:$r =p...C.k.3....n.v..~.TGd!...l.W...s..

Chrome Cache Entry: 119

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.702819531114783
Encrypted:	false
SSDEEP:	3:H6xhkY:aQY
MD5:	858372DD32511CB4DD08E48A93B4F175
SHA1:	CE4555B7B2EFBBD644D8E34CF3453A0E8CAA3C43
SHA-256:	3D18F3E1469C83D62CF3A39BA93F8EAA5B22447FE630E59F39DC1B7747635359
SHA-512:	6A57E0D4A1C23CB693AA9312F6FDAA1FC4309B5BC91D1B2279B5792BEE3534749FD3693C19AA95E0768800472D11D438EC3116F337679A249C28BE0E038E6DE0
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAme0p2EaRWnvBIFDfSCVyI=?alt=proto
Preview:	CgkKBw30glciGgA=

Chrome Cache Entry: 120

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	26951
Entropy (8bit):	4.514992390210281
Encrypted:	false
SSDEEP:	384:jMgviMjM4if38GmhXeC1QRwweTkBE9wbOY4Jf/JhRZ5h+73hNVt8oC4veONhLYVi:CLEiJSdo11vIYHqb5Klo8v
MD5:	B3D7A123BE5203A1A3F0F10233ED373F
SHA1:	F4C61F321D8F79A805B356C6EC94090C0D96215C
SHA-256:	EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192
SHA-512:	A01BFE8546E59C8AF83280A795B3F56DFA23D556B992813A4EB70089E80621686C7B51EE87B3109502667CAF1F95CBCA074BF607E543A0390BF6F8BB3ECD992B
Malicious:	false
Reputation:	low
URL:	https://eplogisticademexico-my.sharepoint.com/ScriptResource.axd?d=vJyeF_G_zhTOis-uIci226CSQc3yswl8BafXJ2er74-j6lmz96G8GKwFy0HtwoXgXxfBBYeXLKo6GKlx2_QsUIFAJBf2dSvQENsLBJ82KlJRkySiMJiisNmWsJ2_-ScAqpInb_li2W56J59t5xWE3UodFKTlcOKnP7eWf88puJ41&t=ffffffffa8ad04d3
Preview:	var Page_ValidationVer = "125";..var Page_IsValid = true;..var Page_BlockSubmit = false;..var Page_InvalidControlToBeFocused = null;..var Page_TextTypes = /^(text\|password\|file\|search\|tel\|url\|email\|number\|range\|color\|datetime\|date\|month\|week\|time\|datetime-local)$/i;..function ValidatorUpdateDisplay(val) {.. if (typeof(val.display) == "string") {.. if (val.display == "None") {.. return;.. }.. if (val.display == "Dynamic") {.. val.style.display = val.isvalid ? "none" : "inline";.. return;.. }.. }.. if ((navigator.userAgent.indexOf("Mac") > -1) &&.. (navigator.userAgent.indexOf("MSIE") > -1)) {.. val.style.display = "inline";.. }.. val.style.visibility = val.isvalid ? "hidden" : "visible";..}..function ValidatorUpdateIsValid() {.. Page_IsValid = AllValidatorsValid(Page_Validators);..}..function AllValidatorsValid(validators) {.. if ((typeof(validators) != "undefined") && (validators != null)) {

Chrome Cache Entry: 121

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (37521)
Category:	downloaded
Size (bytes):	40512
Entropy (8bit):	5.386921349191213
Encrypted:	false
SSDEEP:	768:Tkv+rkfa2aH5m7UYfXLMQWGjaKEstpgG9ycj:Pr8LaZkzLM46G9
MD5:	8DCE60169BA666CA03A31D123DB49908
SHA1:	956C46BB6058C23D35440DCC656CE61C7B151399
SHA-256:	F9F5A40C01C6D569373CE61EE77849F30E4176E1310652FF17D458C68680CF75
SHA-512:	26BA15ADE0F62393413156C5061B04AA8FCE3A5A5EE06EE35DFC42D3F76AF850980731A38DCF7094711E7FAB18C80EF66C9B354C029D06FA2E846330ACCC7E9E
Malicious:	false
Reputation:	low
URL:	https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/spoguestaccesswebpack/spoguestaccess.js
Preview:	/! For license information please see spoguestaccess.js.LICENSE.txt /.document.currentScript,define("@fluentui/react-file-type-icons",[],()=>{var e;return(()=>{"use strict";var t=[e=>{var t=Object.getOwnPropertySymbols,n=Object.prototype.hasOwnProperty,a=Object.prototype.propertyIsEnumerable;function i(e){if(null==e)throw new TypeError("Object.assign cannot be called with null or undefined");return Object(e)}e.exports=function(){try{if(!Object.assign)return!1;var e=new String("abc");if(e[5]="de","5"===Object.getOwnPropertyNames(e)[0])return!1;for(var t={},n=0;n<10;n++)t["_"+String.fromCharCode(n)]=n;if("0123456789"!==Object.getOwnPropertyNames(t).map(function(e){return t[e]}).join(""))return!1;var a={};return"abcdefghijklmnopqrst".split("").forEach(function(e){a[e]=e}),"abcdefghijklmnopqrst"===Object.keys(Object.assign({},a)).join("")}catch(e){return!1}}()?Object.assign:function(e,r){for(var o,s,c=i(e),d=1;d<arguments.length;d++){for(var l in o=Object(arguments[d]))n.call(o,l)&&(c[l]

Chrome Cache Entry: 122

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, Unicode text, UTF-8 (with BOM) text
Category:	downloaded
Size (bytes):	215
Entropy (8bit):	5.303558467083159
Encrypted:	false
SSDEEP:	6:JiMVBdgqZjZWtMfgRTH1wdcvyERIOgtg6n:MMHdVBZWyUTidkPt6
MD5:	384AE7406DE0A6E7D376A2B2929F82E8
SHA1:	E29734DEEFA88A9118F29481D6631D566DDEDC5F
SHA-256:	318168A145C248970D99BF87C4B57D8DF5C2AC5A7200D69E6F024E2D910BACC6
SHA-512:	59F8C070D7FE400E6721510AA1C9A1CCD8E7B4E6C1A30FE5CA4C9DA0CFCDB33ACCAA68B601904E5BAEE50D7E013864373C3AE85C5BCC312956AFBD75A4E76B04
Malicious:	false
Reputation:	low
URL:	https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/@uifabric/file-type-icons/lib/initializeFileTypeIcons.js
Preview:	.<?xml version="1.0" encoding="utf-8"?><Error><Code>BlobNotFound</Code><Message>The specified blob does not exist..RequestId:f2b927d9-f01e-001d-0165-cd65bc000000.Time:2024-07-03T16:25:02.4050658Z</Message></Error>

Chrome Cache Entry: 123

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Category:	downloaded
Size (bytes):	7886
Entropy (8bit):	3.9482833105763633
Encrypted:	false
SSDEEP:	48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E
MD5:	0B60F3C9E4DA6E807E808DA7360F24F2
SHA1:	9AFC7ABB910DE855EFB426206E547574A1E074B7
SHA-256:	ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
SHA-512:	1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
Malicious:	false
Reputation:	low
URL:	https://eplogisticademexico-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47
Preview:	...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................

Chrome Cache Entry: 124

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Category:	dropped
Size (bytes):	7886
Entropy (8bit):	3.9482833105763633
Encrypted:	false
SSDEEP:	48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E
MD5:	0B60F3C9E4DA6E807E808DA7360F24F2
SHA1:	9AFC7ABB910DE855EFB426206E547574A1E074B7
SHA-256:	ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
SHA-512:	1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
Malicious:	false
Reputation:	low
Preview:	...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................

Chrome Cache Entry: 125

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (39257), with CRLF line terminators
Category:	downloaded
Size (bytes):	40326
Entropy (8bit):	5.245555585297941
Encrypted:	false
SSDEEP:	384:bvrc3TrJ1vMZCKZ4pLRy6DkfDLcbTzcXanT2rxb64aKQr1vySAwBaPUge6ydE:bTaYB4Hy7mTzcaTKStrwSAwBaPUTdE
MD5:	DA9DC1C32E89C02FC1E9EEB7E5AAB91E
SHA1:	3EFB110EFA6068CE6B586A67F87DA5125310BC30
SHA-256:	398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1
SHA-512:	D4730EBC4CA62624B8300E292F27FD79D42A9277E409545DF7DC916189ED9DF13E46FAA37E3924B85A7C7EA8C76BF65A05ECA69B4029B550430536EC6DF8552A
Malicious:	false
Reputation:	low
URL:	https://eplogisticademexico-my.sharepoint.com/ScriptResource.axd?d=gFO1aIFRjlyygLxe6DWiwbFNcUyyfGMmsx5XP-c0xoUfV_pvczwgTnE1b8Aq94UIqIVnnO6r3Moyf_Yl-X5rtpeBYASmRNJYKeF8ePYt05Tz7qkKdjShVK-uEybJUFRe4ZP3txcsEN27l9aNGYnb8LZt3anacaI6Y6dD3V3-NWlas3_HG5tIp3rK-0gYfS_60&t=74258c30
Preview:	//----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjaxWebForms.js..Type._registerScript("MicrosoftAjaxWebForms.js",["MicrosoftAjaxCore.js","MicrosoftAjaxSerialization.js","MicrosoftAjaxNetwork.js","MicrosoftAjaxComponentModel.js"]);Type.registerNamespace("Sys.WebForms");Sys.WebForms.BeginRequestEventArgs=function(c,b,a){Sys.WebForms.BeginRequestEventArgs.initializeBase(this);this._request=c;this._postBackElement=b;this._updatePanelsToUpdate=a};Sys.WebForms.BeginRequestEventArgs.prototype={get_postBackElement:function(){return this._postBackElement},get_request:function(){return this._request},get_updatePanelsToUpdate:function(){return this._updatePanelsToUpdate?Array.clone(this._updatePanelsToUpdate):[]}};Sys.WebForms.BeginRequestEventArgs.registerClass("Sys.WebForms.BeginRequestEventArgs",Sys.EventArgs);Sys.WebForms.EndRequestEventArgs=fun

Chrome Cache Entry: 126

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65329), with CRLF line terminators
Category:	downloaded
Size (bytes):	102801
Entropy (8bit):	5.336080509196147
Encrypted:	false
SSDEEP:	1536:MGLiogSomRYvoGtT+KHsVS0bT79DSsi46j/LPyR7kbE:MGLXGFKT79DSs6WCE
MD5:	C89EAA5B28DF1E17376BE71D71649173
SHA1:	2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD
SHA-256:	66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C
SHA-512:	B73D56304986CD587DA17BEBF21341B450D41861824102CC53885D863B118F6FDF2456B20791B9A7AE56DF91403F342550AF9E46F7401429FBA1D4A15A6BD3C0
Malicious:	false
Reputation:	low
URL:	https://eplogisticademexico-my.sharepoint.com/ScriptResource.axd?d=QriPSNnIO6opnZEP8lII4aiVjyTyjlacWrXPRydx3VU1W8I-1Fgirzt-PeHyUHQV7_n9l6X_Lq1MxIM1Jde0IPfDHnNtGMYlU53eTNs9T3YscIO65M4gkgHkF-zmJe2FnHkkMMz5vuQV0wJJZZU2KFyfVIL0eBEC5B-WmF5-4FU5uLKi7IUPEeLRecz3ShgU0&t=74258c30
Preview:	//----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjax.js..Function.__typeName="Function";Function.__class=true;Function.createCallback=function(b,a){return function(){var e=arguments.length;if(e>0){var d=[];for(var c=0;c<e;c++)d[c]=arguments[c];d[e]=a;return b.apply(this,d)}return b.call(this,a)}};Function.createDelegate=function(a,b){return function(){return b.apply(a,arguments)}};Function.emptyFunction=Function.emptyMethod=function(){};Function.validateParameters=function(c,b,a){return Function._validateParams(c,b,a)};Function._validateParams=function(g,e,c){var a,d=e.length;c=c\|\|typeof c==="undefined";a=Function._validateParameterCount(g,e,c);if(a){a.popStackFrame();return a}for(var b=0,i=g.length;b<i;b++){var f=e[Math.min(b,d-1)],h=f.name;if(f.parameterArray)h+="["+(b-d+1)+"]";else if(!c&&b>=d)break;a=Function._validateParameter(g[b],f

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jul 3, 2024 18:25:08.436217070 CEST	49675	443	192.168.2.4	173.222.162.32
Jul 3, 2024 18:25:17.262748957 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.262783051 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:17.262862921 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.263282061 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.263289928 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:17.263345957 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.263513088 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.263525963 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:17.263945103 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.263955116 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:17.856654882 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:17.856952906 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.856981993 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:17.858105898 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:17.858208895 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.860083103 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.860208035 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:17.860565901 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.860585928 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:17.860806942 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:17.861068010 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.861082077 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:17.862199068 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:17.862447023 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.863637924 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.863745928 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:17.905625105 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.905625105 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:17.905656099 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:17.949163914 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.045985937 CEST	49675	443	192.168.2.4	173.222.162.32
Jul 3, 2024 18:25:18.429965019 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.429991961 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.430068970 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.430098057 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.430150032 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.430820942 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.430824041 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.430921078 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.430938005 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.431593895 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.431668043 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.431683064 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.431723118 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.517398119 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.517503977 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.517529011 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.517870903 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.517932892 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.517941952 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.518764973 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.518840075 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.518847942 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.518964052 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.519025087 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.519032955 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.562279940 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.604254961 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.604268074 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.604332924 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.604379892 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.604379892 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.604398966 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.604430914 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.604446888 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.604815960 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.604886055 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.604892969 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.604943991 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.604990959 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.621718884 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.621731997 CEST	443	49736	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.621757984 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.621782064 CEST	49736	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.629340887 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.630989075 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.631010056 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.631072044 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.631650925 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.631660938 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.632225037 CEST	49742	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.632231951 CEST	443	49742	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.632337093 CEST	49742	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.633244038 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.633280039 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.633356094 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.633945942 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.633959055 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.634278059 CEST	49742	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.634288073 CEST	443	49742	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.635938883 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.635972023 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.636035919 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.636193991 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.636207104 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.676497936 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.815423965 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.815449953 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.815515995 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.815529108 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.815573931 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.816698074 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.816705942 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.816735029 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.816755056 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.816821098 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.816823959 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.816833973 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.816871881 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.904118061 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.904130936 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.904191971 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.904678106 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.904736996 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.904799938 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.906451941 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.906466961 CEST	443	49735	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:18.906497955 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:18.906534910 CEST	49735	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.222603083 CEST	49745	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:25:19.222645044 CEST	443	49745	216.58.206.68	192.168.2.4
Jul 3, 2024 18:25:19.222718000 CEST	49745	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:25:19.223556995 CEST	49745	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:25:19.223571062 CEST	443	49745	216.58.206.68	192.168.2.4
Jul 3, 2024 18:25:19.319602013 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.319819927 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.319834948 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.320154905 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.320748091 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.320807934 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.320904016 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.322236061 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.322576046 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.322592020 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.322597027 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.323004007 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.323020935 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.323373079 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.323575974 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.323625088 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.324282885 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.324347019 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.325222015 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.325278997 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.325850964 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.326168060 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.326174974 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.330001116 CEST	443	49742	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.330348969 CEST	49742	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.330355883 CEST	443	49742	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.331701994 CEST	443	49742	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.331760883 CEST	49742	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.332278967 CEST	49742	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.332341909 CEST	443	49742	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.332539082 CEST	49742	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.332545042 CEST	443	49742	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.364492893 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.372504950 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.374799013 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.374946117 CEST	49742	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.476053953 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.476326942 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.476382971 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.476404905 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.477402925 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.477454901 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.477464914 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.477516890 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.487438917 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.487462997 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.487533092 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.487552881 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.487687111 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.487694025 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.487726927 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.487735033 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.487755060 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.488537073 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.488595963 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.488600969 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.488650084 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.505894899 CEST	443	49742	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.505916119 CEST	443	49742	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.505970001 CEST	49742	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.505985975 CEST	443	49742	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.506027937 CEST	49742	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.506223917 CEST	443	49742	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.506293058 CEST	443	49742	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.506331921 CEST	49742	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.509649992 CEST	49742	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.509661913 CEST	443	49742	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.564991951 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.565072060 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.565088034 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.565896034 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.565947056 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.565956116 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.566982031 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.567040920 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.567049980 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.568028927 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.568089962 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.568098068 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.569554090 CEST	49746	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.569597960 CEST	443	49746	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.569654942 CEST	49746	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.570192099 CEST	49746	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.570211887 CEST	443	49746	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.572516918 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.572535992 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.572572947 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.572583914 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.572629929 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.573550940 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.573559046 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.573601961 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.573609114 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.574089050 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.574130058 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.574136019 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.574177027 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.576734066 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.576801062 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.576813936 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.577187061 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.577225924 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.577230930 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.578222990 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.578274012 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.578279018 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.578871012 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.578913927 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.580662012 CEST	49744	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.580673933 CEST	443	49744	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.608963013 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.659039021 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.659068108 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.659112930 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.659148932 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.659157991 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.659245968 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.659301996 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.659311056 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.659579039 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.659667969 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.659682989 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.660399914 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.660468102 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.660475969 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.661271095 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.661334038 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.661344051 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.662226915 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.662273884 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.662292004 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.662301064 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.662321091 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.662337065 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.662348032 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.662364960 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.662384033 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.662426949 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.662434101 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.662581921 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.662589073 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.662612915 CEST	443	49743	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.662640095 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.662672043 CEST	49743	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.662730932 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.662772894 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.663189888 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.663198948 CEST	443	49741	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:19.663208008 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.663242102 CEST	49741	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:19.872241974 CEST	443	49745	216.58.206.68	192.168.2.4
Jul 3, 2024 18:25:19.872493029 CEST	49745	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:25:19.872517109 CEST	443	49745	216.58.206.68	192.168.2.4
Jul 3, 2024 18:25:19.873611927 CEST	443	49745	216.58.206.68	192.168.2.4
Jul 3, 2024 18:25:19.873666048 CEST	49745	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:25:19.944964886 CEST	49747	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:19.945004940 CEST	443	49747	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:19.945097923 CEST	49747	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:19.946837902 CEST	49747	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:19.946849108 CEST	443	49747	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:20.082586050 CEST	49745	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:25:20.082741022 CEST	443	49745	216.58.206.68	192.168.2.4
Jul 3, 2024 18:25:20.136502981 CEST	49745	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:25:20.136531115 CEST	443	49745	216.58.206.68	192.168.2.4
Jul 3, 2024 18:25:20.183365107 CEST	49745	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:25:20.184230089 CEST	443	49746	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.198976994 CEST	49746	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.199052095 CEST	443	49746	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.200150967 CEST	443	49746	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.200313091 CEST	49746	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.201280117 CEST	49746	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.201353073 CEST	443	49746	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.205271959 CEST	49746	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.205290079 CEST	443	49746	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.233685017 CEST	49749	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.233722925 CEST	443	49749	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.233791113 CEST	49749	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.241049051 CEST	49749	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.241061926 CEST	443	49749	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.251444101 CEST	49746	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.377477884 CEST	443	49746	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.377497911 CEST	443	49746	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.377660036 CEST	49746	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.377695084 CEST	443	49746	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.377895117 CEST	49746	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.378016949 CEST	443	49746	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.378068924 CEST	443	49746	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.378175974 CEST	49746	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.540152073 CEST	49746	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.540188074 CEST	443	49746	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.601373911 CEST	443	49747	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:20.601628065 CEST	49747	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:20.644988060 CEST	49747	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:20.645015001 CEST	443	49747	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:20.645294905 CEST	443	49747	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:20.700174093 CEST	49747	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:20.831820965 CEST	443	49749	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.832313061 CEST	49749	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.832339048 CEST	443	49749	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.832690954 CEST	443	49749	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.833163977 CEST	49749	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.833235025 CEST	443	49749	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.833647966 CEST	49749	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.871750116 CEST	49747	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:20.880496025 CEST	443	49749	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:20.888473988 CEST	49749	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:20.912492990 CEST	443	49747	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:21.005263090 CEST	443	49749	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.007191896 CEST	443	49749	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.007203102 CEST	443	49749	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.007226944 CEST	443	49749	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.007278919 CEST	443	49749	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.007292986 CEST	49749	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.007292986 CEST	49749	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.007678986 CEST	49749	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.008924007 CEST	49749	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.008940935 CEST	443	49749	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.067950964 CEST	443	49747	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:21.068022013 CEST	443	49747	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:21.068072081 CEST	49747	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:21.068913937 CEST	49752	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.068958998 CEST	443	49752	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.069039106 CEST	49752	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.069828987 CEST	49752	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.069842100 CEST	443	49752	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.070952892 CEST	49747	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:21.070980072 CEST	443	49747	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:21.160283089 CEST	49753	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:21.160327911 CEST	443	49753	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:21.160393000 CEST	49753	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:21.160706997 CEST	49753	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:21.160716057 CEST	443	49753	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:21.658562899 CEST	443	49752	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.667148113 CEST	49752	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.667180061 CEST	443	49752	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.667660952 CEST	443	49752	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.671865940 CEST	49752	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.671962023 CEST	443	49752	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.672254086 CEST	49752	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.716505051 CEST	443	49752	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.799324989 CEST	443	49753	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:21.799446106 CEST	49753	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:21.819597006 CEST	49753	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:21.819617033 CEST	443	49753	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:21.819885015 CEST	443	49753	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:21.823446035 CEST	49753	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:21.837666988 CEST	443	49752	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.837721109 CEST	443	49752	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.837759018 CEST	49752	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.837769985 CEST	443	49752	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.837783098 CEST	443	49752	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.837825060 CEST	49752	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.838013887 CEST	443	49752	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.838052034 CEST	49752	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.838076115 CEST	443	49752	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.838116884 CEST	49752	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.839977980 CEST	49752	443	192.168.2.4	13.107.136.10
Jul 3, 2024 18:25:21.840014935 CEST	443	49752	13.107.136.10	192.168.2.4
Jul 3, 2024 18:25:21.868498087 CEST	443	49753	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:22.161335945 CEST	443	49753	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:22.161393881 CEST	443	49753	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:22.161561012 CEST	49753	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:22.163136005 CEST	49753	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:22.163136005 CEST	49753	443	192.168.2.4	184.28.90.27
Jul 3, 2024 18:25:22.163162947 CEST	443	49753	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:22.163175106 CEST	443	49753	184.28.90.27	192.168.2.4
Jul 3, 2024 18:25:29.777226925 CEST	443	49745	216.58.206.68	192.168.2.4
Jul 3, 2024 18:25:29.777292013 CEST	443	49745	216.58.206.68	192.168.2.4
Jul 3, 2024 18:25:29.777405977 CEST	49745	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:25:31.694907904 CEST	49745	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:25:31.694987059 CEST	443	49745	216.58.206.68	192.168.2.4
Jul 3, 2024 18:25:58.396609068 CEST	55552	53	192.168.2.4	1.1.1.1
Jul 3, 2024 18:25:58.401520967 CEST	53	55552	1.1.1.1	192.168.2.4
Jul 3, 2024 18:25:58.401598930 CEST	55552	53	192.168.2.4	1.1.1.1
Jul 3, 2024 18:25:58.401623011 CEST	55552	53	192.168.2.4	1.1.1.1
Jul 3, 2024 18:25:58.406445026 CEST	53	55552	1.1.1.1	192.168.2.4
Jul 3, 2024 18:25:58.820230007 CEST	61361	53	192.168.2.4	162.159.36.2
Jul 3, 2024 18:25:58.825139046 CEST	53	61361	162.159.36.2	192.168.2.4
Jul 3, 2024 18:25:58.825218916 CEST	61361	53	192.168.2.4	162.159.36.2
Jul 3, 2024 18:25:58.825381041 CEST	61361	53	192.168.2.4	162.159.36.2
Jul 3, 2024 18:25:58.830203056 CEST	53	61361	162.159.36.2	192.168.2.4
Jul 3, 2024 18:25:58.856630087 CEST	53	55552	1.1.1.1	192.168.2.4
Jul 3, 2024 18:25:58.857613087 CEST	55552	53	192.168.2.4	1.1.1.1
Jul 3, 2024 18:25:58.862808943 CEST	53	55552	1.1.1.1	192.168.2.4
Jul 3, 2024 18:25:58.862867117 CEST	55552	53	192.168.2.4	1.1.1.1
Jul 3, 2024 18:25:59.270286083 CEST	53	61361	162.159.36.2	192.168.2.4
Jul 3, 2024 18:25:59.274933100 CEST	61361	53	192.168.2.4	162.159.36.2
Jul 3, 2024 18:25:59.279994011 CEST	53	61361	162.159.36.2	192.168.2.4
Jul 3, 2024 18:25:59.280086994 CEST	61361	53	192.168.2.4	162.159.36.2
Jul 3, 2024 18:26:19.265093088 CEST	61367	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:26:19.265153885 CEST	443	61367	216.58.206.68	192.168.2.4
Jul 3, 2024 18:26:19.265264988 CEST	61367	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:26:19.265675068 CEST	61367	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:26:19.265691996 CEST	443	61367	216.58.206.68	192.168.2.4
Jul 3, 2024 18:26:19.938432932 CEST	443	61367	216.58.206.68	192.168.2.4
Jul 3, 2024 18:26:19.938726902 CEST	61367	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:26:19.938762903 CEST	443	61367	216.58.206.68	192.168.2.4
Jul 3, 2024 18:26:19.939104080 CEST	443	61367	216.58.206.68	192.168.2.4
Jul 3, 2024 18:26:19.939528942 CEST	61367	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:26:19.939623117 CEST	443	61367	216.58.206.68	192.168.2.4
Jul 3, 2024 18:26:19.982393980 CEST	61367	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:26:25.937129021 CEST	49723	80	192.168.2.4	199.232.210.172
Jul 3, 2024 18:26:25.937297106 CEST	49724	80	192.168.2.4	93.184.221.240
Jul 3, 2024 18:26:25.944370985 CEST	80	49723	199.232.210.172	192.168.2.4
Jul 3, 2024 18:26:25.944434881 CEST	49723	80	192.168.2.4	199.232.210.172
Jul 3, 2024 18:26:25.944438934 CEST	80	49724	93.184.221.240	192.168.2.4
Jul 3, 2024 18:26:25.944502115 CEST	49724	80	192.168.2.4	93.184.221.240
Jul 3, 2024 18:26:29.833404064 CEST	443	61367	216.58.206.68	192.168.2.4
Jul 3, 2024 18:26:29.833470106 CEST	443	61367	216.58.206.68	192.168.2.4
Jul 3, 2024 18:26:29.833534002 CEST	61367	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:26:31.706043005 CEST	61367	443	192.168.2.4	216.58.206.68
Jul 3, 2024 18:26:31.706090927 CEST	443	61367	216.58.206.68	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jul 3, 2024 18:25:15.437030077 CEST	53	60556	1.1.1.1	192.168.2.4
Jul 3, 2024 18:25:15.514096022 CEST	53	63595	1.1.1.1	192.168.2.4
Jul 3, 2024 18:25:16.902653933 CEST	59379	53	192.168.2.4	1.1.1.1
Jul 3, 2024 18:25:16.902795076 CEST	65397	53	192.168.2.4	1.1.1.1
Jul 3, 2024 18:25:17.426902056 CEST	53	50018	1.1.1.1	192.168.2.4
Jul 3, 2024 18:25:19.204189062 CEST	63941	53	192.168.2.4	1.1.1.1
Jul 3, 2024 18:25:19.204595089 CEST	58197	53	192.168.2.4	1.1.1.1
Jul 3, 2024 18:25:19.219676018 CEST	53	58197	1.1.1.1	192.168.2.4
Jul 3, 2024 18:25:19.220478058 CEST	53	63941	1.1.1.1	192.168.2.4
Jul 3, 2024 18:25:19.523976088 CEST	50271	53	192.168.2.4	1.1.1.1
Jul 3, 2024 18:25:19.524506092 CEST	52013	53	192.168.2.4	1.1.1.1
Jul 3, 2024 18:25:20.240417957 CEST	53	54593	1.1.1.1	192.168.2.4
Jul 3, 2024 18:25:21.522877932 CEST	53336	53	192.168.2.4	1.1.1.1
Jul 3, 2024 18:25:21.523278952 CEST	62473	53	192.168.2.4	1.1.1.1
Jul 3, 2024 18:25:34.570564032 CEST	53	60352	1.1.1.1	192.168.2.4
Jul 3, 2024 18:25:37.502604008 CEST	138	138	192.168.2.4	192.168.2.255
Jul 3, 2024 18:25:53.351250887 CEST	53	54882	1.1.1.1	192.168.2.4
Jul 3, 2024 18:25:58.395921946 CEST	53	62836	1.1.1.1	192.168.2.4
Jul 3, 2024 18:25:58.818943024 CEST	53	54760	162.159.36.2	192.168.2.4
Jul 3, 2024 18:25:59.283858061 CEST	53	60780	1.1.1.1	192.168.2.4
Jul 3, 2024 18:26:14.932867050 CEST	53	63205	1.1.1.1	192.168.2.4

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Jul 3, 2024 18:25:17.501830101 CEST	192.168.2.4	1.1.1.1	c374	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jul 3, 2024 18:25:16.902653933 CEST	192.168.2.4	1.1.1.1	0xefab	Standard query (0)	eplogisticademexico-my.sharepoint.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 18:25:16.902795076 CEST	192.168.2.4	1.1.1.1	0xcee7	Standard query (0)	eplogisticademexico-my.sharepoint.com	65	IN (0x0001)	false
Jul 3, 2024 18:25:19.204189062 CEST	192.168.2.4	1.1.1.1	0xfee1	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 18:25:19.204595089 CEST	192.168.2.4	1.1.1.1	0x4849	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jul 3, 2024 18:25:19.523976088 CEST	192.168.2.4	1.1.1.1	0x4f71	Standard query (0)	eplogisticademexico-my.sharepoint.com	A (IP address)	IN (0x0001)	false
Jul 3, 2024 18:25:19.524506092 CEST	192.168.2.4	1.1.1.1	0x8d78	Standard query (0)	eplogisticademexico-my.sharepoint.com	65	IN (0x0001)	false
Jul 3, 2024 18:25:21.522877932 CEST	192.168.2.4	1.1.1.1	0x2f95	Standard query (0)	m365cdn.nel.measure.office.net	A (IP address)	IN (0x0001)	false
Jul 3, 2024 18:25:21.523278952 CEST	192.168.2.4	1.1.1.1	0x21b2	Standard query (0)	m365cdn.nel.measure.office.net	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jul 3, 2024 18:25:17.206607103 CEST	1.1.1.1	192.168.2.4	0xefab	No error (0)	eplogisticademexico-my.sharepoint.com	eplogisticademexico.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:17.206607103 CEST	1.1.1.1	192.168.2.4	0xefab	No error (0)	eplogisticademexico.sharepoint.com	763-ipv4v6e.clump.dprodmgd108.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:17.206607103 CEST	1.1.1.1	192.168.2.4	0xefab	No error (0)	763-ipv4v6e.clump.dprodmgd108.aa-rt.sharepoint.com	201303-ipv4v6e.farm.dprodmgd108.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:17.206607103 CEST	1.1.1.1	192.168.2.4	0xefab	No error (0)	201303-ipv4v6e.farm.dprodmgd108.aa-rt.sharepoint.com	201303-ipv4v6w.farm.dprodmgd108.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:17.206607103 CEST	1.1.1.1	192.168.2.4	0xefab	No error (0)	201303-ipv4v6.farm.dprodmgd108.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.net	dual-spo-0005.spo-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:17.206607103 CEST	1.1.1.1	192.168.2.4	0xefab	No error (0)	dual-spo-0005.spo-msedge.net		13.107.136.10	A (IP address)	IN (0x0001)	false
Jul 3, 2024 18:25:17.206607103 CEST	1.1.1.1	192.168.2.4	0xefab	No error (0)	dual-spo-0005.spo-msedge.net		13.107.138.10	A (IP address)	IN (0x0001)	false
Jul 3, 2024 18:25:17.501755953 CEST	1.1.1.1	192.168.2.4	0xcee7	No error (0)	eplogisticademexico-my.sharepoint.com	eplogisticademexico.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:17.501755953 CEST	1.1.1.1	192.168.2.4	0xcee7	No error (0)	eplogisticademexico.sharepoint.com	763-ipv4v6e.clump.dprodmgd108.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:17.501755953 CEST	1.1.1.1	192.168.2.4	0xcee7	No error (0)	763-ipv4v6e.clump.dprodmgd108.aa-rt.sharepoint.com	201303-ipv4v6e.farm.dprodmgd108.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:17.501755953 CEST	1.1.1.1	192.168.2.4	0xcee7	No error (0)	201303-ipv4v6e.farm.dprodmgd108.aa-rt.sharepoint.com	201303-ipv4v6w.farm.dprodmgd108.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:19.219676018 CEST	1.1.1.1	192.168.2.4	0x4849	No error (0)	www.google.com			65	IN (0x0001)	false
Jul 3, 2024 18:25:19.220478058 CEST	1.1.1.1	192.168.2.4	0xfee1	No error (0)	www.google.com		216.58.206.68	A (IP address)	IN (0x0001)	false
Jul 3, 2024 18:25:19.567080021 CEST	1.1.1.1	192.168.2.4	0x8d78	No error (0)	eplogisticademexico-my.sharepoint.com	eplogisticademexico.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:19.567080021 CEST	1.1.1.1	192.168.2.4	0x8d78	No error (0)	eplogisticademexico.sharepoint.com	763-ipv4v6e.clump.dprodmgd108.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:19.567080021 CEST	1.1.1.1	192.168.2.4	0x8d78	No error (0)	763-ipv4v6e.clump.dprodmgd108.aa-rt.sharepoint.com	201303-ipv4v6e.farm.dprodmgd108.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:19.567080021 CEST	1.1.1.1	192.168.2.4	0x8d78	No error (0)	201303-ipv4v6e.farm.dprodmgd108.aa-rt.sharepoint.com	201303-ipv4v6w.farm.dprodmgd108.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:19.568037033 CEST	1.1.1.1	192.168.2.4	0x4f71	No error (0)	eplogisticademexico-my.sharepoint.com	eplogisticademexico.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:19.568037033 CEST	1.1.1.1	192.168.2.4	0x4f71	No error (0)	eplogisticademexico.sharepoint.com	763-ipv4v6e.clump.dprodmgd108.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:19.568037033 CEST	1.1.1.1	192.168.2.4	0x4f71	No error (0)	763-ipv4v6e.clump.dprodmgd108.aa-rt.sharepoint.com	201303-ipv4v6e.farm.dprodmgd108.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:19.568037033 CEST	1.1.1.1	192.168.2.4	0x4f71	No error (0)	201303-ipv4v6e.farm.dprodmgd108.aa-rt.sharepoint.com	201303-ipv4v6w.farm.dprodmgd108.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:19.568037033 CEST	1.1.1.1	192.168.2.4	0x4f71	No error (0)	201303-ipv4v6.farm.dprodmgd108.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.net	dual-spo-0005.spo-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:19.568037033 CEST	1.1.1.1	192.168.2.4	0x4f71	No error (0)	dual-spo-0005.spo-msedge.net		13.107.136.10	A (IP address)	IN (0x0001)	false
Jul 3, 2024 18:25:19.568037033 CEST	1.1.1.1	192.168.2.4	0x4f71	No error (0)	dual-spo-0005.spo-msedge.net		13.107.138.10	A (IP address)	IN (0x0001)	false
Jul 3, 2024 18:25:21.532005072 CEST	1.1.1.1	192.168.2.4	0x2f95	No error (0)	m365cdn.nel.measure.office.net	nel.measure.office.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:21.533262014 CEST	1.1.1.1	192.168.2.4	0x21b2	No error (0)	m365cdn.nel.measure.office.net	nel.measure.office.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:32.516904116 CEST	1.1.1.1	192.168.2.4	0xf94c	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:32.516904116 CEST	1.1.1.1	192.168.2.4	0xf94c	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Jul 3, 2024 18:25:45.787970066 CEST	1.1.1.1	192.168.2.4	0xd92f	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:25:45.787970066 CEST	1.1.1.1	192.168.2.4	0xd92f	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Jul 3, 2024 18:26:40.819608927 CEST	1.1.1.1	192.168.2.4	0xecff	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jul 3, 2024 18:26:40.819608927 CEST	1.1.1.1	192.168.2.4	0xecff	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

eplogisticademexico-my.sharepoint.com

https:

fs.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49736	13.107.136.10	443	3484	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 16:25:17 UTC	814	OUT	GET /personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA HTTP/1.1 Host: eplogisticademexico-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 16:25:18 UTC	2033	IN	HTTP/1.1 200 OK Cache-Control: private Content-Length: 68995 Content-Type: text/html; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 4294967295,4294967295,4294967295,4294967295,4294967295,4294967295,4294967295,4294967295 X-SharePointHealthScore: 2 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 6fb938a1-90d6-0000-1a2e-191a53e28289 request-id: 6fb938a1-90d6-0000-1a2e-191a53e28289 MS-CV: oTi5b9aQAAAaLhkaU+KCiQ.0 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=de9db152-98a2-4b97-9511-86a003dcdb23&destinationEndpoint=Edge-Prod-EWR31r5d&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com .powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com; SPRequestDuration: 412 SPIisLatency: 1 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 281D699279A7404C893AE607F4D398AE Ref B: EWR311000107053 Ref C: 2024-07-03T16:25:17Z Date: Wed, 03 Jul 2024 16:25:17 GMT Connection: close
2024-07-03 16:25:18 UTC	2137	IN	Data Raw: 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3a 6f 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 6d 69 63 72 6f 73 6f 66 74 2d 63 6f 6d 3a 6f 66 66 69 63 65 3a 6f 66 66 69 63 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 75 73 22 20 64 69 72 3d 22 6c 74 72 22 3e 0d 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 47 45 4e 45 52 41 54 4f 52 22 20 63 6f 6e 74 65 6e 74 3d 22 4d 69 63 72 6f 73 6f 66 74 20 53 68 61 72 65 50 6f 69 6e 74 22 20 2f Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr"><head><meta name="GENERATOR" content="Microsoft SharePoint" /
2024-07-03 16:25:18 UTC	8192	IN	Data Raw: 75 74 74 6f 6e 5d 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 72 69 6e 67 2c 5b 74 79 70 65 3d 72 65 73 65 74 5d 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 72 69 6e 67 2c 5b 74 79 70 65 3d 73 75 62 6d 69 74 5d 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 72 69 6e 67 2c 62 75 74 74 6f 6e 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 72 69 6e 67 7b 6f 75 74 6c 69 6e 65 3a 31 70 78 20 64 6f 74 74 65 64 20 42 75 74 74 6f 6e 54 65 78 74 7d 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 2e 33 35 65 6d 20 2e 37 35 65 6d 20 2e 36 32 35 65 6d 7d 6c 65 67 65 6e 64 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 64 69 73 70 6c 61 79 3a 74 61 62 6c 65 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 70 61 64 64 69 6e 67 3a 30 3b 77 68 69 74 65 2d Data Ascii: utton]:-moz-focusring,[type=reset]:-moz-focusring,[type=submit]:-moz-focusring,button:-moz-focusring{outline:1px dotted ButtonText}fieldset{padding:.35em .75em .625em}legend{box-sizing:border-box;color:inherit;display:table;max-width:100%;padding:0;white-
2024-07-03 16:25:18 UTC	4144	IN	Data Raw: 20 31 20 31 30 30 25 7d 69 6e 70 75 74 3a 3a 2d 77 65 62 6b 69 74 2d 69 6e 6e 65 72 2d 73 70 69 6e 2d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 3a 3a 2d 77 65 62 6b 69 74 2d 6f 75 74 65 72 2d 73 70 69 6e 2d 62 75 74 74 6f 6e 7b 6d 61 72 67 69 6e 3a 30 3b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 7d 69 6e 70 75 74 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 7b 2d 6d 6f 7a 2d 61 70 70 65 61 72 61 6e 63 65 3a 74 65 78 74 66 69 65 6c 64 7d 69 6e 70 75 74 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 3a 3a 2d 6d 73 2d 63 6c 65 61 72 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 64 65 73 6b 74 6f 70 2d 6c 6f 67 6f 7b 6d 61 72 67 69 6e 3a 35 37 70 78 20 30 20 32 30 70 78 7d 2e 6d 6f 62 69 6c 65 2d 6c 6f 67 6f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 34 70 Data Ascii: 1 100%}input::-webkit-inner-spin-button,input::-webkit-outer-spin-button{margin:0;-webkit-appearance:none}input[type=number]{-moz-appearance:textfield}input[type=number]::-ms-clear{display:none}.desktop-logo{margin:57px 0 20px}.mobile-logo{margin-top:24p
2024-07-03 16:25:18 UTC	8192	IN	Data Raw: 69 67 69 6e 20 2f 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 6e 6f 6e 63 65 3d 22 61 62 34 39 65 63 30 64 2d 32 30 31 61 2d 34 38 32 36 2d 62 31 62 63 2d 38 34 65 39 31 65 30 65 34 39 62 62 22 3e 0d 0a 09 09 21 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 27 50 65 72 66 6f 72 6d 61 6e 63 65 4c 6f 6e 67 54 61 73 6b 54 69 6d 69 6e 67 27 20 69 6e 20 77 69 6e 64 6f 77 29 7b 76 61 72 20 67 3d 77 69 6e 64 6f 77 2e 5f 5f 74 74 69 3d 7b 65 3a 5b 5d 7d 3b 67 2e 6f 3d 6e 65 77 20 50 65 72 66 6f 72 6d 61 6e 63 65 4f 62 73 65 72 76 65 72 28 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 67 2e 65 3d 67 2e 65 2e 63 6f 6e 63 61 74 28 6c 2e 67 65 74 45 6e 74 72 69 65 73 28 29 29 7d 29 3b 67 2e 6f 2e 6f 62 73 65 72 76 65 28 7b 65 6e Data Ascii: igin /><script type="text/javascript" nonce="ab49ec0d-201a-4826-b1bc-84e91e0e49bb">!function(){if('PerformanceLongTaskTiming' in window){var g=window.__tti={e:[]};g.o=new PerformanceObserver(function(l){g.e=g.e.concat(l.getEntries())});g.o.observe({en
2024-07-03 16:25:18 UTC	8192	IN	Data Raw: 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 74 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 74 29 3a 65 2e 45 53 36 50 72 6f 6d 69 73 65 3d 74 28 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 63 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 7d 66 75 6e 63 74 69 6f 6e 20 74 28 29 7b 76 61 72 20 65 3d 73 65 74 54 69 6d 65 6f 75 74 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 72 2c 31 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 72 28 29 7b 66 6f 72 Data Ascii: ined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):e.ES6Promise=t()}(this,function(){"use strict";function c(e){return"function"==typeof e}function t(){var e=setTimeout;return function(){return e(r,1)}}function r(){for
2024-07-03 16:25:18 UTC	8192	IN	Data Raw: 7b 63 66 67 3d 72 65 71 75 69 72 65 3b 72 65 71 75 69 72 65 3d 76 6f 69 64 20 30 7d 72 65 71 3d 72 65 71 75 69 72 65 6a 73 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 2c 6e 29 7b 76 61 72 20 69 2c 6f 2c 73 3d 64 65 66 43 6f 6e 74 65 78 74 4e 61 6d 65 3b 69 66 28 21 69 73 41 72 72 61 79 28 65 29 26 26 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 29 7b 6f 3d 65 3b 69 66 28 69 73 41 72 72 61 79 28 74 29 29 7b 65 3d 74 3b 74 3d 72 3b 72 3d 6e 7d 65 6c 73 65 20 65 3d 5b 5d 7d 6f 26 26 6f 2e 63 6f 6e 74 65 78 74 26 26 28 73 3d 6f 2e 63 6f 6e 74 65 78 74 29 3b 69 3d 28 69 3d 67 65 74 4f 77 6e 28 63 6f 6e 74 65 78 74 73 2c 73 29 29 7c 7c 28 63 6f 6e 74 65 78 74 73 5b 73 5d 3d 72 65 71 2e 73 2e 6e 65 77 43 6f 6e 74 65 78 74 28 73 29 29 3b 6f 26 26 69 2e Data Ascii: {cfg=require;require=void 0}req=requirejs=function(e,t,r,n){var i,o,s=defContextName;if(!isArray(e)&&"string"!=typeof e){o=e;if(isArray(t)){e=t;t=r;r=n}else e=[]}o&&o.context&&(s=o.context);i=(i=getOwn(contexts,s))\|\|(contexts[s]=req.s.newContext(s));o&&i.
2024-07-03 16:25:18 UTC	8192	IN	Data Raw: 69 73 2e 6d 61 70 3b 74 2e 72 65 71 75 69 72 65 4d 6f 64 75 6c 65 73 3d 74 68 69 73 2e 6d 61 70 2e 69 73 44 65 66 69 6e 65 3f 5b 74 68 69 73 2e 6d 61 70 2e 69 64 5d 3a 6e 75 6c 6c 3b 74 2e 72 65 71 75 69 72 65 54 79 70 65 3d 74 68 69 73 2e 6d 61 70 2e 69 73 44 65 66 69 6e 65 3f 22 64 65 66 69 6e 65 22 3a 22 72 65 71 75 69 72 65 22 3b 72 65 74 75 72 6e 20 6a 28 74 68 69 73 2e 65 72 72 6f 72 3d 74 29 7d 7d 65 6c 73 65 20 69 3d 6f 3b 74 68 69 73 2e 65 78 70 6f 72 74 73 3d 69 3b 69 66 28 74 68 69 73 2e 6d 61 70 2e 69 73 44 65 66 69 6e 65 26 26 21 74 68 69 73 2e 69 67 6e 6f 72 65 29 7b 6d 5b 72 5d 3d 69 3b 69 66 28 72 65 71 2e 6f 6e 52 65 73 6f 75 72 63 65 4c 6f 61 64 29 7b 76 61 72 20 73 3d 5b 5d 3b 65 61 63 68 28 74 68 69 73 2e 64 65 70 4d 61 70 73 2c 66 75 Data Ascii: is.map;t.requireModules=this.map.isDefine?[this.map.id]:null;t.requireType=this.map.isDefine?"define":"require";return j(this.error=t)}}else i=o;this.exports=i;if(this.map.isDefine&&!this.ignore){m[r]=i;if(req.onResourceLoad){var s=[];each(this.depMaps,fu
2024-07-03 16:25:18 UTC	8192	IN	Data Raw: 61 63 6b 3a 20 66 75 6e 63 74 69 6f 6e 20 28 6d 6f 64 75 6c 65 49 64 2c 20 70 61 74 68 73 29 20 7b 0d 0a 20 20 20 20 20 20 76 61 72 20 66 61 69 6c 65 64 4d 6f 64 75 6c 65 73 20 3d 20 66 61 69 6c 4f 76 65 72 53 74 61 74 65 2e 6d 6f 64 75 6c 65 73 46 61 6c 6c 65 64 42 61 63 6b 3b 0d 0a 20 20 20 20 20 20 66 61 69 6c 65 64 4d 6f 64 75 6c 65 73 2e 70 75 73 68 28 6d 6f 64 75 6c 65 49 64 29 3b 0d 0a 20 20 20 20 20 20 69 66 20 28 21 66 61 69 6c 4f 76 65 72 53 74 61 74 65 2e 62 61 73 65 55 72 6c 46 61 69 6c 65 64 4f 76 65 72 20 26 26 20 66 61 69 6c 65 64 4d 6f 64 75 6c 65 73 2e 6c 65 6e 67 74 68 20 3e 3d 20 32 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 66 6f 72 20 28 76 61 72 20 69 64 20 69 6e 20 70 61 74 68 73 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 76 61 72 20 Data Ascii: ack: function (moduleId, paths) { var failedModules = failOverState.modulesFalledBack; failedModules.push(moduleId); if (!failOverState.baseUrlFailedOver && failedModules.length >= 2) { for (var id in paths) { var
2024-07-03 16:25:18 UTC	8192	IN	Data Raw: 6f 72 4f 6e 53 75 62 6d 69 74 28 29 20 3d 3d 20 66 61 6c 73 65 29 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 69 66 20 28 74 79 70 65 6f 66 28 5f 73 70 46 6f 72 6d 4f 6e 53 75 62 6d 69 74 57 72 61 70 70 65 72 29 20 21 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 72 65 74 75 72 6e 20 5f 73 70 46 6f 72 6d 4f 6e 53 75 62 6d 69 74 57 72 61 70 70 65 72 28 29 3b 7d 20 65 6c 73 65 20 7b 72 65 74 75 72 6e 20 74 72 75 65 3b 7d 3b 0d 0a 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 7d 0d 0a 09 2f 2f 5d 5d 3e 0d 0a 3c 2f 73 63 72 69 70 74 3e 0d 0a 0d 0a 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 61 73 70 4e 65 74 48 69 64 64 65 6e 22 3e 0d 0a 0d 0a 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 5f 5f 56 49 45 57 53 54 41 54 45 47 45 Data Ascii: orOnSubmit() == false) return false;if (typeof(_spFormOnSubmitWrapper) != 'undefined') {return _spFormOnSubmitWrapper();} else {return true;};return true;}//...</script><div class="aspNetHidden"><input type="hidden" name="__VIEWSTATEGE
2024-07-03 16:25:18 UTC	5370	IN	Data Raw: 5e 5b 5e 20 5c 5c 72 5c 5c 74 5c 5c 6e 5c 5c 66 40 5d 2b 40 5b 5e 20 5c 5c 72 5c 5c 74 5c 5c 6e 5c 5c 66 40 5d 2b 24 22 3b 0d 0a 09 76 61 72 20 49 6e 63 6f 72 72 65 63 74 54 4f 41 41 45 4d 61 69 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 20 3f 20 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 5b 22 49 6e 63 6f 72 72 65 63 74 54 4f 41 41 45 4d 61 69 6c 22 5d 20 3a 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 49 6e 63 6f 72 72 65 63 74 54 4f 41 41 45 4d 61 69 6c 22 29 3b 0d 0a 09 49 6e 63 6f 72 72 65 63 74 54 4f 41 41 45 4d 61 69 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 76 61 6c 69 64 61 74 65 20 3d 20 22 74 78 74 54 4f 41 41 45 6d 61 69 6c 22 3b 0d 0a 09 49 6e 63 6f 72 72 65 63 74 54 4f 41 41 45 4d 61 69 6c 2e 66 6f 63 75 73 4f 6e 45 72 Data Ascii: ^[^ \\r\\t\\n\\f@]+@[^ \\r\\t\\n\\f@]+$";var IncorrectTOAAEMail = document.all ? document.all["IncorrectTOAAEMail"] : document.getElementById("IncorrectTOAAEMail");IncorrectTOAAEMail.controltovalidate = "txtTOAAEmail";IncorrectTOAAEMail.focusOnEr

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49735	13.107.136.10	443	3484	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 16:25:18 UTC	840	OUT	GET /WebResource.axd?d=gYhtUdTxoXhtw-KxJrZaPU-L1VVzyMRiFAG3_YgDmtOMb9U-YBQ5_M-QIbkIOMQQuoHmFdfkJMBU6emMwcD_OLoppDSK1LUliULbeka_Ccc1&t=638533172441064469 HTTP/1.1 Host: eplogisticademexico-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 16:25:18 UTC	755	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 23063 Content-Type: application/x-javascript Expires: Thu, 03 Jul 2025 05:20:22 GMT Last-Modified: Fri, 10 May 2024 20:46:52 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,525568,0,0,95582,0,32146,173 X-AspNet-Version: 4.0.30319 SPRequestDuration: 4 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 4E4911CE91174F9BA93D077C85E81886 Ref B: EWR311000108035 Ref C: 2024-07-03T16:25:18Z Date: Wed, 03 Jul 2024 16:25:18 GMT Connection: close
2024-07-03 16:25:18 UTC	3391	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 50 6f 73 74 42 61 63 6b 4f 70 74 69 6f 6e 73 28 65 76 65 6e 74 54 61 72 67 65 74 2c 20 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 2c 20 76 61 6c 69 64 61 74 69 6f 6e 2c 20 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 2c 20 61 63 74 69 6f 6e 55 72 6c 2c 20 74 72 61 63 6b 46 6f 63 75 73 2c 20 63 6c 69 65 6e 74 53 75 62 6d 69 74 29 20 7b 0d 0a 20 20 20 20 74 68 69 73 2e 65 76 65 6e 74 54 61 72 67 65 74 20 3d 20 65 76 65 6e 74 54 61 72 67 65 74 3b 0d 0a 20 20 20 20 74 68 69 73 2e 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 20 3d 20 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 3b 0d 0a 20 20 20 20 74 68 69 73 2e 76 61 6c 69 64 61 74 69 6f 6e 20 3d 20 76 61 6c 69 64 61 74 69 6f 6e 3b 0d 0a 20 20 20 20 74 68 69 73 2e 76 61 6c Data Ascii: function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) { this.eventTarget = eventTarget; this.eventArgument = eventArgument; this.validation = validation; this.val
2024-07-03 16:25:18 UTC	8192	IN	Data Raw: 73 74 61 74 65 63 68 61 6e 67 65 20 3d 20 57 65 62 46 6f 72 6d 5f 43 61 6c 6c 62 61 63 6b 43 6f 6d 70 6c 65 74 65 3b 0d 0a 20 20 20 20 20 20 20 20 63 61 6c 6c 62 61 63 6b 2e 78 6d 6c 52 65 71 75 65 73 74 20 3d 20 78 6d 6c 52 65 71 75 65 73 74 3b 0d 0a 20 20 20 20 20 20 20 20 2f 2f 20 65 2e 67 2e 20 68 74 74 70 3a 0d 0a 20 20 20 20 20 20 20 20 76 61 72 20 61 63 74 69 6f 6e 20 3d 20 74 68 65 46 6f 72 6d 2e 61 63 74 69 6f 6e 20 7c 7c 20 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 70 61 74 68 6e 61 6d 65 2c 20 66 72 61 67 6d 65 6e 74 49 6e 64 65 78 20 3d 20 61 63 74 69 6f 6e 2e 69 6e 64 65 78 4f 66 28 27 23 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 66 72 61 67 6d 65 6e 74 49 6e 64 65 78 20 21 3d 3d 20 2d 31 29 20 7b 0d 0a 20 20 20 20 20 20 Data Ascii: statechange = WebForm_CallbackComplete; callback.xmlRequest = xmlRequest; // e.g. http: var action = theForm.action \|\| document.location.pathname, fragmentIndex = action.indexOf('#'); if (fragmentIndex !== -1) {
2024-07-03 16:25:18 UTC	4168	IN	Data Raw: 20 20 20 20 72 65 74 75 72 6e 20 69 3b 0d 0a 7d 0d 0a 76 61 72 20 5f 5f 6e 6f 6e 4d 53 44 4f 4d 42 72 6f 77 73 65 72 20 3d 20 28 77 69 6e 64 6f 77 2e 6e 61 76 69 67 61 74 6f 72 2e 61 70 70 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2e 69 6e 64 65 78 4f 66 28 27 65 78 70 6c 6f 72 65 72 27 29 20 3d 3d 20 2d 31 29 3b 0d 0a 76 61 72 20 5f 5f 74 68 65 46 6f 72 6d 50 6f 73 74 44 61 74 61 20 3d 20 22 22 3b 0d 0a 76 61 72 20 5f 5f 74 68 65 46 6f 72 6d 50 6f 73 74 43 6f 6c 6c 65 63 74 69 6f 6e 20 3d 20 6e 65 77 20 41 72 72 61 79 28 29 3b 0d 0a 76 61 72 20 5f 5f 63 61 6c 6c 62 61 63 6b 54 65 78 74 54 79 70 65 73 20 3d 20 2f 5e 28 74 65 78 74 7c 70 61 73 73 77 6f 72 64 7c 68 69 64 64 65 6e 7c 73 65 61 72 63 68 7c 74 65 6c 7c 75 72 6c 7c 65 6d 61 69 6c 7c Data Ascii: return i;}var __nonMSDOMBrowser = (window.navigator.appName.toLowerCase().indexOf('explorer') == -1);var __theFormPostData = "";var __theFormPostCollection = new Array();var __callbackTextTypes = /^(text\|password\|hidden\|search\|tel\|url\|email\|
2024-07-03 16:25:18 UTC	7312	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 5b 74 61 72 67 65 74 5d 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 57 65 62 46 6f 72 6d 5f 53 69 6d 75 6c 61 74 65 43 6c 69 63 6b 28 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 2c 20 65 76 65 6e 74 29 3b 0d 0a 20 20 20 20 20 20 20 20 7d 20 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 47 65 74 53 63 72 6f 6c 6c 58 28 29 20 7b 0d 0a 20 20 20 20 69 66 20 28 5f 5f 6e 6f 6e 4d 53 44 4f 4d 42 72 6f 77 73 65 72 29 20 Data Ascii: defaultButton = document.all[target]; } if (defaultButton) { return WebForm_SimulateClick(defaultButton, event); } } return true;}function WebForm_GetScrollX() { if (__nonMSDOMBrowser)

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49741	13.107.136.10	443	3484	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 16:25:19 UTC	905	OUT	GET /ScriptResource.axd?d=vJyeF_G_zhTOis-uIci226CSQc3yswl8BafXJ2er74-j6lmz96G8GKwFy0HtwoXgXxfBBYeXLKo6GKlx2_QsUIFAJBf2dSvQENsLBJ82KlJRkySiMJiisNmWsJ2_-ScAqpInb_li2W56J59t5xWE3UodFKTlcOKnP7eWf88puJ41&t=ffffffffa8ad04d3 HTTP/1.1 Host: eplogisticademexico-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 16:25:19 UTC	768	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 26951 Content-Type: application/x-javascript; charset=utf-8 Expires: Thu, 03 Jul 2025 03:02:52 GMT Last-Modified: Wed, 03 Jul 2024 03:02:52 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,262656,0,0,467,0,26615,131 X-AspNet-Version: 4.0.30319 SPRequestDuration: 4 SPIisLatency: 1 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 3229641B11D04A1EB3BFBF83E9334CBC Ref B: EWR311000101027 Ref C: 2024-07-03T16:25:19Z Date: Wed, 03 Jul 2024 16:25:19 GMT Connection: close
2024-07-03 16:25:19 UTC	3378	IN	Data Raw: 76 61 72 20 50 61 67 65 5f 56 61 6c 69 64 61 74 69 6f 6e 56 65 72 20 3d 20 22 31 32 35 22 3b 0d 0a 76 61 72 20 50 61 67 65 5f 49 73 56 61 6c 69 64 20 3d 20 74 72 75 65 3b 0d 0a 76 61 72 20 50 61 67 65 5f 42 6c 6f 63 6b 53 75 62 6d 69 74 20 3d 20 66 61 6c 73 65 3b 0d 0a 76 61 72 20 50 61 67 65 5f 49 6e 76 61 6c 69 64 43 6f 6e 74 72 6f 6c 54 6f 42 65 46 6f 63 75 73 65 64 20 3d 20 6e 75 6c 6c 3b 0d 0a 76 61 72 20 50 61 67 65 5f 54 65 78 74 54 79 70 65 73 20 3d 20 2f 5e 28 74 65 78 74 7c 70 61 73 73 77 6f 72 64 7c 66 69 6c 65 7c 73 65 61 72 63 68 7c 74 65 6c 7c 75 72 6c 7c 65 6d 61 69 6c 7c 6e 75 6d 62 65 72 7c 72 61 6e 67 65 7c 63 6f 6c 6f 72 7c 64 61 74 65 74 69 6d 65 7c 64 61 74 65 7c 6d 6f 6e 74 68 7c 77 65 65 6b 7c 74 69 6d 65 7c 64 61 74 65 74 69 6d 65 Data Ascii: var Page_ValidationVer = "125";var Page_IsValid = true;var Page_BlockSubmit = false;var Page_InvalidControlToBeFocused = null;var Page_TextTypes = /^(text\|password\|file\|search\|tel\|url\|email\|number\|range\|color\|datetime\|date\|month\|week\|time\|datetime
2024-07-03 16:25:19 UTC	8192	IN	Data Raw: 20 20 20 63 6f 6e 74 72 6f 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 69 64 29 3b 0d 0a 20 20 20 20 69 66 20 28 74 79 70 65 6f 66 28 63 6f 6e 74 72 6f 6c 2e 76 61 6c 75 65 29 20 3d 3d 20 22 73 74 72 69 6e 67 22 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 63 6f 6e 74 72 6f 6c 2e 76 61 6c 75 65 3b 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 72 65 74 75 72 6e 20 56 61 6c 69 64 61 74 6f 72 47 65 74 56 61 6c 75 65 52 65 63 75 72 73 69 76 65 28 63 6f 6e 74 72 6f 6c 29 3b 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 56 61 6c 69 64 61 74 6f 72 47 65 74 56 61 6c 75 65 52 65 63 75 72 73 69 76 65 28 63 6f 6e 74 72 6f 6c 29 0d 0a 7b 0d 0a 20 20 20 20 69 66 20 28 74 79 70 65 6f 66 28 63 6f 6e 74 72 6f 6c 2e 76 61 6c 75 Data Ascii: control = document.getElementById(id); if (typeof(control.value) == "string") { return control.value; } return ValidatorGetValueRecursive(control);}function ValidatorGetValueRecursive(control){ if (typeof(control.valu
2024-07-03 16:25:19 UTC	4168	IN	Data Raw: 5c 2b 5d 3f 5c 64 2b 5c 73 2a 24 2f 3b 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 6f 70 2e 6d 61 74 63 68 28 65 78 70 29 20 3d 3d 20 6e 75 6c 6c 29 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 0d 0a 20 20 20 20 20 20 20 20 6e 75 6d 20 3d 20 70 61 72 73 65 49 6e 74 28 6f 70 2c 20 31 30 29 3b 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 28 69 73 4e 61 4e 28 6e 75 6d 29 20 3f 20 6e 75 6c 6c 20 3a 20 6e 75 6d 29 3b 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 65 6c 73 65 20 69 66 28 64 61 74 61 54 79 70 65 20 3d 3d 20 22 44 6f 75 62 6c 65 22 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 65 78 70 20 3d 20 6e 65 77 20 52 65 67 45 78 70 28 22 5e 5c 5c 73 2a 28 5b 2d 5c 5c 2b 5d 29 3f 28 5c 5c 64 2a 29 5c 5c 22 20 2b 20 76 61 6c 2e 64 65 Data Ascii: \+]?\d+\s$/; if (op.match(exp) == null) return null; num = parseInt(op, 10); return (isNaN(num) ? null : num); } else if(dataType == "Double") { exp = new RegExp("^\\s([-\\+])?(\\d*)\\" + val.de
2024-07-03 16:25:19 UTC	8192	IN	Data Raw: 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 76 61 6c 69 64 61 74 65 29 3b 0d 0a 20 20 20 20 69 66 20 28 56 61 6c 69 64 61 74 6f 72 54 72 69 6d 28 76 61 6c 75 65 29 2e 6c 65 6e 67 74 68 20 3d 3d 20 30 29 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 20 20 20 20 76 61 72 20 63 6f 6d 70 61 72 65 54 6f 20 3d 20 22 22 3b 0d 0a 20 20 20 20 69 66 20 28 28 74 79 70 65 6f 66 28 76 61 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 63 6f 6d 70 61 72 65 29 20 21 3d 20 22 73 74 72 69 6e 67 22 29 20 7c 7c 0d 0a 20 20 20 20 20 20 20 20 28 74 79 70 65 6f 66 28 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 76 61 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 63 6f 6d 70 61 72 65 29 29 20 3d 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 20 7c 7c 0d 0a 20 20 20 20 Data Ascii: l.controltovalidate); if (ValidatorTrim(value).length == 0) return true; var compareTo = ""; if ((typeof(val.controltocompare) != "string") \|\| (typeof(document.getElementById(val.controltocompare)) == "undefined") \|\|
2024-07-03 16:25:19 UTC	3021	IN	Data Raw: 20 20 20 20 20 20 20 20 20 76 61 72 20 6c 65 6e 67 74 68 20 3d 20 70 61 72 73 65 53 70 65 63 69 66 69 63 41 74 74 72 69 62 75 74 65 28 73 65 6c 65 63 74 6f 72 2c 20 64 61 74 61 56 61 6c 69 64 61 74 69 6f 6e 41 74 74 72 69 62 75 74 65 2c 20 50 61 67 65 5f 56 61 6c 69 64 61 74 6f 72 73 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 65 6e 67 74 68 20 2b 3d 20 70 61 72 73 65 53 70 65 63 69 66 69 63 41 74 74 72 69 62 75 74 65 28 73 65 6c 65 63 74 6f 72 2c 20 64 61 74 61 56 61 6c 69 64 61 74 69 6f 6e 53 75 6d 6d 61 72 79 41 74 74 72 69 62 75 74 65 2c 20 50 61 67 65 5f 56 61 6c 69 64 61 74 69 6f 6e 53 75 6d 6d 61 72 69 65 73 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 6c 65 6e 67 74 68 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 Data Ascii: var length = parseSpecificAttribute(selector, dataValidationAttribute, Page_Validators); length += parseSpecificAttribute(selector, dataValidationSummaryAttribute, Page_ValidationSummaries); return length; }

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49743	13.107.136.10	443	3484	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 16:25:19 UTC	918	OUT	GET /ScriptResource.axd?d=QriPSNnIO6opnZEP8lII4aiVjyTyjlacWrXPRydx3VU1W8I-1Fgirzt-PeHyUHQV7_n9l6X_Lq1MxIM1Jde0IPfDHnNtGMYlU53eTNs9T3YscIO65M4gkgHkF-zmJe2FnHkkMMz5vuQV0wJJZZU2KFyfVIL0eBEC5B-WmF5-4FU5uLKi7IUPEeLRecz3ShgU0&t=74258c30 HTTP/1.1 Host: eplogisticademexico-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 16:25:19 UTC	769	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 102801 Content-Type: application/x-javascript; charset=utf-8 Expires: Thu, 03 Jul 2025 06:54:36 GMT Last-Modified: Wed, 03 Jul 2024 06:54:36 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,262656,0,0,458,0,26335,143 X-AspNet-Version: 4.0.30319 SPRequestDuration: 4 SPIisLatency: 1 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 383CACAF8A054EE798FD90FA25B36961 Ref B: EWR311000102011 Ref C: 2024-07-03T16:25:19Z Date: Wed, 03 Jul 2024 16:25:18 GMT Connection: close
2024-07-03 16:25:19 UTC	291	IN	Data Raw: 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0d 0a 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 2e 6a 73 0d 0a 46 75 6e 63 74 69 6f 6e 2e 5f 5f 74 79 70 65 4e 61 6d 65 3d 22 46 75 6e 63 74 69 6f 6e 22 3b 46 75 6e 63 74 69 6f 6e 2e 5f 5f 63 6c 61 73 73 3d Data Ascii: //----------------------------------------------------------// Copyright (C) Microsoft Corporation. All rights reserved.//----------------------------------------------------------// MicrosoftAjax.jsFunction.__typeName="Function";Function.__class=
2024-07-03 16:25:19 UTC	8192	IN	Data Raw: 6e 28 62 2c 61 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 69 66 28 65 3e 30 29 7b 76 61 72 20 64 3d 5b 5d 3b 66 6f 72 28 76 61 72 20 63 3d 30 3b 63 3c 65 3b 63 2b 2b 29 64 5b 63 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 63 5d 3b 64 5b 65 5d 3d 61 3b 72 65 74 75 72 6e 20 62 2e 61 70 70 6c 79 28 74 68 69 73 2c 64 29 7d 72 65 74 75 72 6e 20 62 2e 63 61 6c 6c 28 74 68 69 73 2c 61 29 7d 7d 3b 46 75 6e 63 74 69 6f 6e 2e 63 72 65 61 74 65 44 65 6c 65 67 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 62 2e 61 70 70 6c 79 28 61 2c 61 72 67 75 6d 65 6e 74 73 29 7d 7d 3b 46 75 6e 63 74 69 6f 6e 2e 65 6d 70 Data Ascii: n(b,a){return function(){var e=arguments.length;if(e>0){var d=[];for(var c=0;c<e;c++)d[c]=arguments[c];d[e]=a;return b.apply(this,d)}return b.call(this,a)}};Function.createDelegate=function(a,b){return function(){return b.apply(a,arguments)}};Function.emp
2024-07-03 16:25:19 UTC	7254	IN	Data Raw: 3b 77 68 69 6c 65 28 61 29 7b 69 66 28 61 3d 3d 3d 62 29 72 65 74 75 72 6e 20 74 72 75 65 3b 61 3d 61 2e 5f 5f 62 61 73 65 54 79 70 65 7d 72 65 74 75 72 6e 20 66 61 6c 73 65 7d 3b 54 79 70 65 2e 70 72 6f 74 6f 74 79 70 65 2e 69 6e 69 74 69 61 6c 69 7a 65 42 61 73 65 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 74 68 69 73 2e 72 65 73 6f 6c 76 65 49 6e 68 65 72 69 74 61 6e 63 65 28 29 3b 69 66 28 74 68 69 73 2e 5f 5f 62 61 73 65 54 79 70 65 29 69 66 28 21 62 29 74 68 69 73 2e 5f 5f 62 61 73 65 54 79 70 65 2e 61 70 70 6c 79 28 61 29 3b 65 6c 73 65 20 74 68 69 73 2e 5f 5f 62 61 73 65 54 79 70 65 2e 61 70 70 6c 79 28 61 2c 62 29 3b 72 65 74 75 72 6e 20 61 7d 3b 54 79 70 65 2e 70 72 6f 74 6f 74 79 70 65 2e 69 73 49 6d 70 6c 65 6d 65 6e 74 65 64 42 79 3d 66 75 Data Ascii: ;while(a){if(a===b)return true;a=a.__baseType}return false};Type.prototype.initializeBase=function(a,b){this.resolveInheritance();if(this.__baseType)if(!b)this.__baseType.apply(a);else this.__baseType.apply(a,b);return a};Type.prototype.isImplementedBy=fu
2024-07-03 16:25:19 UTC	8192	IN	Data Raw: 6e 74 41 72 67 73 29 3b 54 79 70 65 2e 72 65 67 69 73 74 65 72 4e 61 6d 65 73 70 61 63 65 28 22 53 79 73 2e 55 49 22 29 3b 53 79 73 2e 5f 44 65 62 75 67 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 53 79 73 2e 5f 44 65 62 75 67 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 5f 61 70 70 65 6e 64 43 6f 6e 73 6f 6c 65 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 74 79 70 65 6f 66 20 44 65 62 75 67 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 44 65 62 75 67 2e 77 72 69 74 65 6c 6e 29 44 65 62 75 67 2e 77 72 69 74 65 6c 6e 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 26 26 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 29 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 6f 70 65 72 61 29 77 69 6e Data Ascii: ntArgs);Type.registerNamespace("Sys.UI");Sys._Debug=function(){};Sys._Debug.prototype={_appendConsole:function(a){if(typeof Debug!=="undefined"&&Debug.writeln)Debug.writeln(a);if(window.console&&window.console.log)window.console.log(a);if(window.opera)win
2024-07-03 16:25:19 UTC	8192	IN	Data Raw: 2c 2d 31 2c 5b 62 5d 2c 63 29 29 3b 72 65 74 75 72 6e 20 74 72 75 65 7d 72 65 74 75 72 6e 20 66 61 6c 73 65 7d 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 72 65 6d 6f 76 65 41 74 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 61 29 7b 69 66 28 61 3e 2d 31 26 26 61 3c 62 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 63 3d 62 5b 61 5d 3b 41 72 72 61 79 2e 72 65 6d 6f 76 65 41 74 28 62 2c 61 29 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 5f 63 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 28 62 2c 6e 65 77 20 53 79 73 2e 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 28 53 79 73 2e 4e 6f 74 69 66 79 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 64 41 63 74 69 6f 6e 2e 72 65 6d 6f 76 65 2c 6e 75 6c 6c 2c 2d 31 2c 5b 63 5d 2c 61 29 29 7d 7d 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 Data Ascii: ,-1,[b],c));return true}return false};Sys.Observer.removeAt=function(b,a){if(a>-1&&a<b.length){var c=b[a];Array.removeAt(b,a);Sys.Observer._collectionChange(b,new Sys.CollectionChange(Sys.NotifyCollectionChangedAction.remove,null,-1,[c],a))}};Sys.Observer
2024-07-03 16:25:19 UTC	8192	IN	Data Raw: 69 6e 67 28 29 7d 66 75 6e 63 74 69 6f 6e 20 76 28 61 29 7b 69 66 28 61 3c 31 30 29 72 65 74 75 72 6e 20 22 30 30 30 22 2b 61 3b 65 6c 73 65 20 69 66 28 61 3c 31 30 30 29 72 65 74 75 72 6e 20 22 30 30 22 2b 61 3b 65 6c 73 65 20 69 66 28 61 3c 31 30 30 30 29 72 65 74 75 72 6e 20 22 30 22 2b 61 3b 72 65 74 75 72 6e 20 61 2e 74 6f 53 74 72 69 6e 67 28 29 7d 76 61 72 20 68 2c 70 2c 74 3d 2f 28 5b 5e 64 5d 7c 5e 29 28 64 7c 64 64 29 28 5b 5e 64 5d 7c 24 29 2f 67 3b 66 75 6e 63 74 69 6f 6e 20 73 28 29 7b 69 66 28 68 7c 7c 70 29 72 65 74 75 72 6e 20 68 3b 68 3d 74 2e 74 65 73 74 28 65 29 3b 70 3d 74 72 75 65 3b 72 65 74 75 72 6e 20 68 7d 76 61 72 20 71 3d 30 2c 6f 3d 44 61 74 65 2e 5f 67 65 74 54 6f 6b 65 6e 52 65 67 45 78 70 28 29 2c 66 3b 69 66 28 21 6b 26 26 Data Ascii: ing()}function v(a){if(a<10)return "000"+a;else if(a<100)return "00"+a;else if(a<1000)return "0"+a;return a.toString()}var h,p,t=/([^d]\|^)(d\|dd)([^d]\|$)/g;function s(){if(h\|\|p)return h;h=t.test(e);p=true;return h}var q=0,o=Date._getTokenRegExp(),f;if(!k&&
2024-07-03 16:25:19 UTC	8192	IN	Data Raw: 2e 5f 75 70 70 65 72 41 62 62 72 44 61 79 73 3d 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 41 72 72 61 79 28 74 68 69 73 2e 64 61 74 65 54 69 6d 65 46 6f 72 6d 61 74 2e 41 62 62 72 65 76 69 61 74 65 64 44 61 79 4e 61 6d 65 73 29 3b 72 65 74 75 72 6e 20 41 72 72 61 79 2e 69 6e 64 65 78 4f 66 28 74 68 69 73 2e 5f 75 70 70 65 72 41 62 62 72 44 61 79 73 2c 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 28 61 29 29 7d 2c 5f 74 6f 55 70 70 65 72 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 62 3d 5b 5d 3b 66 6f 72 28 76 61 72 20 61 3d 30 2c 64 3d 63 2e 6c 65 6e 67 74 68 3b 61 3c 64 3b 61 2b 2b 29 62 5b 61 5d 3d 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 28 63 5b 61 5d 29 3b 72 65 74 75 72 6e 20 62 7d 2c 5f 74 6f 55 70 70 65 72 3a 66 75 6e 63 74 69 6f 6e 28 Data Ascii: ._upperAbbrDays=this._toUpperArray(this.dateTimeFormat.AbbreviatedDayNames);return Array.indexOf(this._upperAbbrDays,this._toUpper(a))},_toUpperArray:function(c){var b=[];for(var a=0,d=c.length;a<d;a++)b[a]=this._toUpper(c[a]);return b},_toUpper:function(
2024-07-03 16:25:19 UTC	8192	IN	Data Raw: 31 29 69 66 28 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 4f 70 65 72 61 7c 7c 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 46 69 72 65 46 6f 78 29 61 3d 61 2e 73 70 6c 69 74 28 62 29 2e 6a 6f 69 6e 28 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 65 73 63 61 70 65 43 68 61 72 73 5b 62 5d 29 3b 65 6c 73 65 20 61 3d 61 2e 72 65 70 6c 61 63 65 28 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 63 68 61 72 73 54 6f 45 73 63 61 70 65 52 65 67 45 78 73 5b 62 5d 2c 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e Data Ascii: 1)if(Sys.Browser.agent===Sys.Browser.Opera\|\|Sys.Browser.agent===Sys.Browser.FireFox)a=a.split(b).join(Sys.Serialization.JavaScriptSerializer._escapeChars[b]);else a=a.replace(Sys.Serialization.JavaScriptSerializer._charsToEscapeRegExs[b],Sys.Serialization
2024-07-03 16:25:19 UTC	8192	IN	Data Raw: 79 70 65 6f 66 20 61 2e 6f 66 66 73 65 74 58 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 74 79 70 65 6f 66 20 61 2e 6f 66 66 73 65 74 59 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 7b 74 68 69 73 2e 6f 66 66 73 65 74 58 3d 61 2e 6f 66 66 73 65 74 58 3b 74 68 69 73 2e 6f 66 66 73 65 74 59 3d 61 2e 6f 66 66 73 65 74 59 7d 65 6c 73 65 20 69 66 28 74 68 69 73 2e 74 61 72 67 65 74 26 26 74 68 69 73 2e 74 61 72 67 65 74 2e 6e 6f 64 65 54 79 70 65 21 3d 3d 33 26 26 74 79 70 65 6f 66 20 61 2e 63 6c 69 65 6e 74 58 3d 3d 3d 22 6e 75 6d 62 65 72 22 29 7b 76 61 72 20 63 3d 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 67 65 74 4c 6f 63 61 74 69 6f 6e 28 74 68 69 73 2e 74 61 72 67 65 74 29 2c 64 3d 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 5f Data Ascii: ypeof a.offsetX!=="undefined"&&typeof a.offsetY!=="undefined"){this.offsetX=a.offsetX;this.offsetY=a.offsetY}else if(this.target&&this.target.nodeType!==3&&typeof a.clientX==="number"){var c=Sys.UI.DomElement.getLocation(this.target),d=Sys.UI.DomElement._
2024-07-03 16:25:19 UTC	8192	IN	Data Raw: 28 61 29 7b 69 66 28 21 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 29 7b 76 61 72 20 62 3d 61 2e 63 75 72 72 65 6e 74 53 74 79 6c 65 7c 7c 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 5f 67 65 74 43 75 72 72 65 6e 74 53 74 79 6c 65 28 61 29 3b 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 3d 62 3f 62 2e 64 69 73 70 6c 61 79 3a 6e 75 6c 6c 3b 69 66 28 21 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 7c 7c 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 3d 3d 3d 22 6e 6f 6e 65 22 29 73 77 69 74 63 68 28 61 2e 74 61 67 4e 61 6d 65 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 29 7b 63 61 73 65 20 22 44 49 56 22 3a 63 61 73 65 20 22 50 22 3a 63 61 73 65 20 22 41 44 44 52 45 53 53 22 3a 63 61 73 65 20 22 42 4c 4f 43 4b 51 55 4f 54 45 Data Ascii: (a){if(!a._oldDisplayMode){var b=a.currentStyle\|\|Sys.UI.DomElement._getCurrentStyle(a);a._oldDisplayMode=b?b.display:null;if(!a._oldDisplayMode\|\|a._oldDisplayMode==="none")switch(a.tagName.toUpperCase()){case "DIV":case "P":case "ADDRESS":case "BLOCKQUOTE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49744	13.107.136.10	443	3484	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 16:25:19 UTC	918	OUT	GET /ScriptResource.axd?d=gFO1aIFRjlyygLxe6DWiwbFNcUyyfGMmsx5XP-c0xoUfV_pvczwgTnE1b8Aq94UIqIVnnO6r3Moyf_Yl-X5rtpeBYASmRNJYKeF8ePYt05Tz7qkKdjShVK-uEybJUFRe4ZP3txcsEN27l9aNGYnb8LZt3anacaI6Y6dD3V3-NWlas3_HG5tIp3rK-0gYfS_60&t=74258c30 HTTP/1.1 Host: eplogisticademexico-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 16:25:19 UTC	767	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 40326 Content-Type: application/x-javascript; charset=utf-8 Expires: Thu, 03 Jul 2025 10:03:20 GMT Last-Modified: Wed, 03 Jul 2024 10:03:20 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,262656,0,0,298,0,26500,36 X-AspNet-Version: 4.0.30319 SPRequestDuration: 4 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: D8E258148ED047C69871D0C8D9E26F00 Ref B: EWR311000103017 Ref C: 2024-07-03T16:25:19Z Date: Wed, 03 Jul 2024 16:25:19 GMT Connection: close
2024-07-03 16:25:19 UTC	1703	IN	Data Raw: 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0d 0a 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 57 65 62 46 6f 72 6d 73 2e 6a 73 0d 0a 54 79 70 65 2e 5f 72 65 67 69 73 74 65 72 53 63 72 69 70 74 28 22 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 57 65 62 46 6f Data Ascii: //----------------------------------------------------------// Copyright (C) Microsoft Corporation. All rights reserved.//----------------------------------------------------------// MicrosoftAjaxWebForms.jsType._registerScript("MicrosoftAjaxWebFo
2024-07-03 16:25:19 UTC	8192	IN	Data Raw: 65 6c 73 54 6f 55 70 64 61 74 65 3d 61 7d 3b 53 79 73 2e 57 65 62 46 6f 72 6d 73 2e 49 6e 69 74 69 61 6c 69 7a 65 52 65 71 75 65 73 74 45 76 65 6e 74 41 72 67 73 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 67 65 74 5f 70 6f 73 74 42 61 63 6b 45 6c 65 6d 65 6e 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 70 6f 73 74 42 61 63 6b 45 6c 65 6d 65 6e 74 7d 2c 67 65 74 5f 72 65 71 75 65 73 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 72 65 71 75 65 73 74 7d 2c 67 65 74 5f 75 70 64 61 74 65 50 61 6e 65 6c 73 54 6f 55 70 64 61 74 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 75 70 64 61 74 65 50 61 6e 65 6c 73 54 6f 55 70 64 61 74 65 3f 41 72 72 61 79 2e 63 6c 6f 6e 65 28 74 Data Ascii: elsToUpdate=a};Sys.WebForms.InitializeRequestEventArgs.prototype={get_postBackElement:function(){return this._postBackElement},get_request:function(){return this._request},get_updatePanelsToUpdate:function(){return this._updatePanelsToUpdate?Array.clone(t
2024-07-03 16:25:19 UTC	5844	IN	Data Raw: 6e 74 56 61 6c 69 64 61 74 65 28 65 7c 7c 6e 75 6c 6c 29 29 72 65 74 75 72 6e 3b 74 68 69 73 2e 5f 70 6f 73 74 42 61 63 6b 53 65 74 74 69 6e 67 73 3d 74 68 69 73 2e 5f 63 72 65 61 74 65 50 6f 73 74 42 61 63 6b 53 65 74 74 69 6e 67 73 28 74 72 75 65 2c 63 2c 61 29 3b 76 61 72 20 62 3d 74 68 69 73 2e 5f 66 6f 72 6d 3b 62 2e 5f 5f 45 56 45 4e 54 54 41 52 47 45 54 2e 76 61 6c 75 65 3d 61 7c 7c 22 22 3b 62 2e 5f 5f 45 56 45 4e 54 41 52 47 55 4d 45 4e 54 2e 76 61 6c 75 65 3d 66 7c 7c 22 22 3b 74 68 69 73 2e 5f 69 73 43 72 6f 73 73 50 6f 73 74 3d 66 61 6c 73 65 3b 74 68 69 73 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 3d 6e 75 6c 6c 3b 74 68 69 73 2e 5f 6f 6e 46 6f 72 6d 53 75 62 6d 69 74 28 29 7d 2c 5f 63 61 6e 63 65 6c 50 65 6e 64 69 6e 67 43 61 6c 6c Data Ascii: ntValidate(e\|\|null))return;this._postBackSettings=this._createPostBackSettings(true,c,a);var b=this._form;b.__EVENTTARGET.value=a\|\|"";b.__EVENTARGUMENT.value=f\|\|"";this._isCrossPost=false;this._additionalInput=null;this._onFormSubmit()},_cancelPendingCall
2024-07-03 16:25:19 UTC	8192	IN	Data Raw: 64 61 74 65 28 61 2e 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 29 3b 69 66 28 64 29 7b 69 66 28 74 79 70 65 6f 66 20 61 2e 61 63 74 69 6f 6e 55 72 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 61 2e 61 63 74 69 6f 6e 55 72 6c 21 3d 6e 75 6c 6c 26 26 61 2e 61 63 74 69 6f 6e 55 72 6c 2e 6c 65 6e 67 74 68 3e 30 29 74 68 65 46 6f 72 6d 2e 61 63 74 69 6f 6e 3d 61 2e 61 63 74 69 6f 6e 55 72 6c 3b 69 66 28 61 2e 74 72 61 63 6b 46 6f 63 75 73 29 7b 76 61 72 20 63 3d 74 68 65 46 6f 72 6d 2e 65 6c 65 6d 65 6e 74 73 5b 22 5f 5f 4c 41 53 54 46 4f 43 55 53 22 5d 3b 69 66 28 74 79 70 65 6f 66 20 63 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 63 21 3d 6e 75 6c 6c 29 69 66 28 74 79 70 65 6f 66 20 64 6f 63 75 6d 65 6e 74 2e 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 3d Data Ascii: date(a.validationGroup);if(d){if(typeof a.actionUrl!="undefined"&&a.actionUrl!=null&&a.actionUrl.length>0)theForm.action=a.actionUrl;if(a.trackFocus){var c=theForm.elements["__LASTFOCUS"];if(typeof c!="undefined"&&c!=null)if(typeof document.activeElement=
2024-07-03 16:25:19 UTC	8192	IN	Data Raw: 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 29 7b 62 2e 61 70 70 65 6e 64 28 74 68 69 73 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 29 3b 74 68 69 73 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 3d 6e 75 6c 6c 7d 76 61 72 20 63 3d 6e 65 77 20 53 79 73 2e 4e 65 74 2e 57 65 62 52 65 71 75 65 73 74 2c 61 3d 77 2e 61 63 74 69 6f 6e 3b 69 66 28 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 49 6e 74 65 72 6e 65 74 45 78 70 6c 6f 72 65 72 29 7b 76 61 72 20 72 3d 61 2e 69 6e 64 65 78 4f 66 28 22 23 22 29 3b 69 66 28 72 21 3d 3d 2d 31 29 61 3d 61 2e 73 75 62 73 74 72 28 30 2c 72 29 3b 76 61 72 20 6f 3d 22 22 2c 76 3d 22 22 2c 6d 3d 61 2e 69 6e 64 65 78 4f 66 28 22 3f 22 29 3b 69 66 28 6d 21 3d 3d 2d 31 Data Ascii: dditionalInput){b.append(this._additionalInput);this._additionalInput=null}var c=new Sys.Net.WebRequest,a=w.action;if(Sys.Browser.agent===Sys.Browser.InternetExplorer){var r=a.indexOf("#");if(r!==-1)a=a.substr(0,r);var o="",v="",m=a.indexOf("?");if(m!==-1
2024-07-03 16:25:19 UTC	8192	IN	Data Raw: 73 65 73 5b 61 5d 2c 62 29 7d 2c 5f 73 63 72 69 70 74 49 6e 63 6c 75 64 65 73 4c 6f 61 64 43 6f 6d 70 6c 65 74 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 62 29 7b 69 66 28 62 2e 65 78 65 63 75 74 6f 72 2e 67 65 74 5f 77 65 62 52 65 71 75 65 73 74 28 29 21 3d 3d 74 68 69 73 2e 5f 72 65 71 75 65 73 74 29 72 65 74 75 72 6e 3b 74 68 69 73 2e 5f 63 6f 6d 6d 69 74 43 6f 6e 74 72 6f 6c 73 28 62 2e 75 70 64 61 74 65 50 61 6e 65 6c 44 61 74 61 2c 62 2e 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 54 69 6d 65 6f 75 74 4e 6f 64 65 3f 62 2e 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 54 69 6d 65 6f 75 74 4e 6f 64 65 2e 63 6f 6e 74 65 6e 74 3a 6e 75 6c 6c 29 3b 69 66 28 62 2e 66 6f 72 6d 41 63 74 69 6f 6e 4e 6f 64 65 29 74 68 69 73 2e 5f 66 6f 72 6d 2e 61 63 74 69 6f 6e 3d 62 2e 66 Data Ascii: ses[a],b)},_scriptIncludesLoadComplete:function(e,b){if(b.executor.get_webRequest()!==this._request)return;this._commitControls(b.updatePanelData,b.asyncPostBackTimeoutNode?b.asyncPostBackTimeoutNode.content:null);if(b.formActionNode)this._form.action=b.f
2024-07-03 16:25:19 UTC	11	IN	Data Raw: 61 6e 20 6f 6e 63 65 2e 22 7d 3b Data Ascii: an once."};

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49742	13.107.136.10	443	3484	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 16:25:19 UTC	790	OUT	GET /_layouts/15/images/microsoft-logo.png HTTP/1.1 Host: eplogisticademexico-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 16:25:19 UTC	738	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 3331 Content-Type: image/png Last-Modified: Thu, 27 Jun 2024 04:12:01 GMT Accept-Ranges: bytes ETag: "74fd3c2948c8da1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,8409600,460,204,16021943,0,7229733,40 SPRequestDuration: 7 SPIisLatency: 1 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 5A6D009F7CA14C10A4537827AF1F9465 Ref B: EWR311000107017 Ref C: 2024-07-03T16:25:19Z Date: Wed, 03 Jul 2024 16:25:18 GMT Connection: close
2024-07-03 16:25:19 UTC	3331	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 e2 00 00 00 30 08 06 00 00 00 0c e6 a6 f3 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 0c bd 49 44 41 54 78 01 ed 9c 3d 77 1b b9 15 86 47 b6 7a d3 bf c0 4c ca 34 66 4e d2 6b 5c 64 53 9a ee b3 c7 a3 5f 60 fa ab 8d a8 da 1f d2 fe 02 8f 72 d2 9b ee b2 95 c9 7e cf 46 aa dc 65 a9 5f b0 52 5a 7f 30 cf 4b 03 5c 0c 06 43 42 12 87 de 8d 31 e7 8c 81 7b 71 71 2f e6 05 5e 7c 0c 47 de fa 6f ff f7 b3 ac 85 0b a7 3f de 18 fd e7 4f 72 fd f7 ef b3 1f b6 b6 b2 79 7e dd a1 f6 ff 92 5d cb b6 b2 56 9e 61 dd 6d 4d fe 12 02 4d 08 5c 6b 2a 48 fa 84 40 42 60 73 08 24 22 6e 0e eb 14 29 21 d0 88 40 22 62 23 34 a9 20 21 b0 39 04 12 11 37 87 75 8a 94 10 68 44 20 11 b1 11 9a 54 90 10 d8 1c 02 89 88 9b c3 3a 45 4a 08 34 22 b0 dd Data Ascii: PNGIHDR0sRGBIDATx=wGzL4fNk\dS_`r~Fe_RZ0K\CB1{qq/^\|Go?Ory~]VamMM\k*H@B`s$"n)!@"b#4 !97uhD T:EJ4"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.4	49746	13.107.136.10	443	3484	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 16:25:20 UTC	398	OUT	GET /_layouts/15/images/microsoft-logo.png HTTP/1.1 Host: eplogisticademexico-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 16:25:20 UTC	732	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 3331 Content-Type: image/png Last-Modified: Thu, 27 Jun 2024 04:12:01 GMT Accept-Ranges: bytes ETag: "74fd3c2948c8da1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,525568,0,63,4168726,0,525568,40 SPRequestDuration: 6 SPIisLatency: 1 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 99A5BBD8D95C4711B4077B8714278B44 Ref B: EWR311000104031 Ref C: 2024-07-03T16:25:20Z Date: Wed, 03 Jul 2024 16:25:19 GMT Connection: close
2024-07-03 16:25:20 UTC	3331	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 e2 00 00 00 30 08 06 00 00 00 0c e6 a6 f3 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 0c bd 49 44 41 54 78 01 ed 9c 3d 77 1b b9 15 86 47 b6 7a d3 bf c0 4c ca 34 66 4e d2 6b 5c 64 53 9a ee b3 c7 a3 5f 60 fa ab 8d a8 da 1f d2 fe 02 8f 72 d2 9b ee b2 95 c9 7e cf 46 aa dc 65 a9 5f b0 52 5a 7f 30 cf 4b 03 5c 0c 06 43 42 12 87 de 8d 31 e7 8c 81 7b 71 71 2f e6 05 5e 7c 0c 47 de fa 6f ff f7 b3 ac 85 0b a7 3f de 18 fd e7 4f 72 fd f7 ef b3 1f b6 b6 b2 79 7e dd a1 f6 ff 92 5d cb b6 b2 56 9e 61 dd 6d 4d fe 12 02 4d 08 5c 6b 2a 48 fa 84 40 42 60 73 08 24 22 6e 0e eb 14 29 21 d0 88 40 22 62 23 34 a9 20 21 b0 39 04 12 11 37 87 75 8a 94 10 68 44 20 11 b1 11 9a 54 90 10 d8 1c 02 89 88 9b c3 3a 45 4a 08 34 22 b0 dd Data Ascii: PNGIHDR0sRGBIDATx=wGzL4fNk\dS_`r~Fe_RZ0K\CB1{qq/^\|Go?Ory~]VamMM\k*H@B`s$"n)!@"b#4 !97uhD T:EJ4"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.4	49749	13.107.136.10	443	3484	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 16:25:20 UTC	790	OUT	GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1 Host: eplogisticademexico-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 16:25:21 UTC	732	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 7886 Content-Type: image/x-icon Last-Modified: Thu, 27 Jun 2024 04:11:44 GMT Accept-Ranges: bytes ETag: "8b1ed1e48c8da1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,525568,0,0,916811,0,248294,40 SPRequestDuration: 4 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: C5EAEAFCEE8B46A5A23DE1F6DFE798C0 Ref B: EWR311000102021 Ref C: 2024-07-03T16:25:20Z Date: Wed, 03 Jul 2024 16:25:20 GMT Connection: close
2024-07-03 16:25:21 UTC	155	IN	Data Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 c6 37 30 d0 c6 37 af d0 c6 37 ff d0 Data Ascii: 6 hf( @ 7077
2024-07-03 16:25:21 UTC	7731	IN	Data Raw: c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 af d0 c6 37 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 c6 37 60 d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 c6 37 50 d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff Data Ascii: 7777707`777777777`7P7777

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.4	49747	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-07-03 16:25:20 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-07-03 16:25:21 UTC	466	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=85424 Date: Wed, 03 Jul 2024 16:25:20 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.4	49752	13.107.136.10	443	3484	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-07-03 16:25:21 UTC	398	OUT	GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1 Host: eplogisticademexico-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 16:25:21 UTC	735	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 7886 Content-Type: image/x-icon Last-Modified: Thu, 27 Jun 2024 04:11:44 GMT Accept-Ranges: bytes ETag: "8b1ed1e48c8da1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,1051136,0,0,9130805,0,1051136,40 SPRequestDuration: 5 SPIisLatency: 1 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25012 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 58413FC8E8134EBEA493705FBDAFA978 Ref B: EWR311000104051 Ref C: 2024-07-03T16:25:21Z Date: Wed, 03 Jul 2024 16:25:20 GMT Connection: close
2024-07-03 16:25:21 UTC	1494	IN	Data Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 c6 37 30 d0 c6 37 af d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 af d0 c6 37 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 6 hf( @ 7077777770
2024-07-03 16:25:21 UTC	6392	IN	Data Raw: a1 9b 1a ff a1 9b 1a 60 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff da d8 b0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff d2 d1 a1 ff 8f 8b 13 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 78 72 1f ff bb b2 31 ff d0 c6 37 ff d0 c6 37 ff b3 ab 25 ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a af 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff ff ff ff ff f8 f7 ef ff e1 e0 c0 ff e1 e0 c0 ff ff ff ff ff ff ff ff ff d2 d1 a1 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 78 72 1f ff bb b2 31 ff c1 b9 2e ff aa a3 1f ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a Data Ascii: `xr177%xr1.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.4	49753	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-07-03 16:25:21 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-07-03 16:25:22 UTC	514	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=85433 Date: Wed, 03 Jul 2024 16:25:21 GMT Content-Length: 55 Connection: close X-CID: 2
2024-07-03 16:25:22 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 2472, Parent PID: 3264

General

Target ID:	0
Start time:	12:25:11
Start date:	03/07/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 3484, Parent PID: 2472

General

Target ID:	1
Start time:	12:25:13
Start date:	03/07/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1936,i,11490283771682766342,4315822117099355531,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6408, Parent PID: 3264

General

Target ID:	3
Start time:	12:25:16
Start date:	03/07/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://eplogisticademexico-my.sharepoint.com/personal/natalyar_eplogistics_com1/_layouts/15/guestaccess.aspx?e=5%3aIF7Pg7&at=9&share=ElyrWNLgmPNHoLatr5CK5xABy6AUzd-VUKQ5lFH-DHWgkA"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly