Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
San Xavier District of the Tohono O#U2019odham Nation.pdf

Overview

General Information

Sample name:San Xavier District of the Tohono O#U2019odham Nation.pdf
renamed because original name is a hash value
Original sample name:San Xavier District of the Tohono Oodham Nation.pdf
Analysis ID:1500077
MD5:e04af1af7f451ca7e8d4fe6c13d2f9fe
SHA1:aab9b37a10fc9291c28ef044624d4129e6728f92
SHA256:51f056df8dfcde11515753ca915517ce4d76972e6979247d9e0b33c28f8c4afe
Infos:

Detection

Score:23
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Suspicious PDF detected (based on various text indicators)
Detected non-DNS traffic on DNS port
HTML page contains hidden javascript code
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • Acrobat.exe (PID: 1492 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\San Xavier District of the Tohono O#U2019odham Nation.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 5272 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 7200 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2080 --field-trial-handle=1584,i,2345941670000869250,4026492604822404281,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
  • chrome.exe (PID: 1628 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://baycitymi-my.sharepoint.com/:o:/g/personal/avogel_baycitymi_gov/Elmi9pmfBD9FsxTL7-oQ2IoBeHOG7eWvLU9bAnRZwDCz7Q?e=tcLUbt" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 8140 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2008,i,17246115955249219125,14719809775228950345,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • Phishing
  • Compliance
  • Networking
  • System Summary
  • Boot Survival
  • Hooking and other Techniques for Hiding and Protection

Click to jump to signature section

Show All Signature Results

Phishing

barindex
Source: Adobe Acrobat PDFOCR Text: SECURE ONLINE DOCUMENT CLICK HERE TO ACCESS VIA MICROSOFT PDF READER
Source: https://baycitymi-my.sharepoint.com/personal/avogel_baycitymi_gov/_layouts/15/Doc.aspx?sourcedoc=%7B99f6a259-049f-453f-b314-cbefea10d88a%7D&action=default&slrid=08764aa1-8002-6000-4edd-0ec3c14769fb&originalPath=aHR0cHM6Ly9iYXljaXR5bWktbXkuc2hhcmVwb2ludC5jb20vOm86L2cvcGVyc29uYWwvYXZvZ2VsX2JheWNpdHltaV9nb3YvRWxtaTlwbWZCRDlGc3hUTDctb1EySW9CZUhPRzdlV3ZMVTliQW5SWndEQ3o3UT9ydGltZT02NUN2S2NyRzNFZw&CID=5e7c16d6-5e9c-424b-ad78-f90465cf4904&_SRM=0:G:111HTTP Parser: Base64 decoded: {"typ":"JWT","alg":"RS256","x5t":"uXehQJPleVjNCbakUhGD6IyFQQk"}
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:50143 version: TLS 1.0
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49712 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49713 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.5:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.5:50146 version: TLS 1.2
Source: Binary string: V.xd?this.sFd(V):!1}im(V){return V?T.T5&&!K.a(V)?(h.ULS.sendTraceTag(50963545,324,10,"get_type is not a function of graph node. Type: {0}",Object.getType(V).toString()),!1):19===V.type:!1}sFd(V){return V.Oa(J.a.f2)}Pdb(V){return V.ka(J.a.lNh,0)}uH(V){V=this.Pdb(V);return 0!==V&&3!==V}NYa(V){const ba=this.eKh(V),ca=!!V.ka(J.a.Eka,0),Z=this.Rgf(V),ia=this.uH(V);return 5===S.ImageReader.Xq(V)&&!ba&&!ca&&!Z&&!ia}eKh(V){const ba=V.ka(J.a.Ahf,!1);return V.ka(J.a.ahf,!1)||ba}Rgf(V){const ba=!!V.ka(J.a.mBd, source: chromecache_318.9.dr, chromecache_310.9.dr
Source: Binary string: ({width:C,height:W}=Oe.ImageReader.SKb(C));return{width:C,height:W}}Xq(C){return Oe.ImageReader.Xq(C)}Rfb(C){return Oe.ImageReader.Rfb(C)}im(C){return Oe.ImageReader.im(C)}Pdb(C){return Oe.ImageReader.Pdb(C)}uH(C){return Oe.ImageReader.uH(C)}NYa(C){return Oe.ImageReader.NYa(C)}lka(C){return Oe.ImageReader.lka(C)}kka(C){return Oe.ImageReader.kka(C)}gua(C,W,oa){return Oe.ImageReader.gua(C,W,oa)}fua(C,W){return Oe.ImageReader.fua(C,W)}nYb(C){return Oe.ImageReader.nYb(C)}Kgb(C){return Oe.ImageReader.Kgb(C)}Sta(C){return Oe.ImageReader.Sta(C)}B3(C, source: chromecache_318.9.dr, chromecache_310.9.dr
Source: Binary string: d(77836);return fa.La.keyCode===Sys.UI.Key.enter&&"a"!==fa.$b.tagName.toLowerCase()?(aa.NXe&&this.Ieb&&this.wVa(this.pdb(this.Y4a),1),!0):!1}Q3h(fa,aa){if(fa.La.ctrlKey||fa.La.altKey||fa.La.keyCode>=H.a.apb&&fa.La.keyCode<=H.a.bpb)return!1;if(fa.eventName===I.a.Fd&&this.E0c){const X=fa.La.keyCode;X!==Sys.UI.Key.enter&&X!==Sys.UI.Key.space||aa(fa);this.E0c=!1}fa.eventName===I.a.Ve&&(this.E0c=!0);return!0}Rzc(fa){if(fa){var aa=fa.target;fa.type===I.a.focus?Sys.UI.DomElement.addCssClass(aa.parentNode, source: chromecache_318.9.dr, chromecache_310.9.dr
Source: Binary string: (this.kn.style.zIndex=String(fa.fa.DX)),this.ub.style.zIndex=String(fa.fa.HI),fa.fa.state=this.fPb?1:2,ea.vTc||(ea.vTc=ea.Okc,fa.ma.ja(K.a.Okc,T.a.frame,ea.vTc)),fa.J&&fa.J.Z("AccessibleMovingDialogsEnabled")&&(ea.CTc||(ea.CTc=this.kwi,fa.ma.ja(K.a.g1f,T.a.frame,ea.CTc)),ea.yTc||(ea.yTc=this.qdh,fa.ma.ja(K.a.H8g,T.a.frame,ea.yTc))),this.D5());fa.alc();ea.eXf("hidden");this.H$i();this.nba();fa.fa&&fa.fa.Ha.B0f&&this.MV();this.Ieb&&this.IJa(this.pdb(this.Y4a));fa.fa&&!fa.fa.Ha.B0f&&this.MV()}D5(){if(J.FocusManager.Vr()){var fa= source: chromecache_318.9.dr, chromecache_310.9.dr
Source: Binary string: t.Vc(8);for(A=t.Rc();A;){if(K.im(A)&&K.Uta(A.properties))return!0;A=t.$f()}return!1}static Pdb(t){return K.Sj.Pdb(t)}static uH(t){return K.Sj.uH(t)}static NYa(t){return K.Sj.NYa(t)}static zFd(t){return K.UXa()?t.ka(D.a.$uc,!1):3===K.Pdb(t)}static Xq(t){return K.Sj.Xq(t)}static yFa(t){return(t=K.vn(t))?K.Xq(t):0}static Doh(t){return(t=K.vn(t))?t.ka(D.a.ZRe,!1):!1}static t_h(t){return 5===K.yFa(t)}static r_h(t){return 10===K.yFa(t)}static s_h(t){return 48===K.yFa(t)}static pkd(t){return K.Doh(t)}static w_h(t){return 11=== source: chromecache_318.9.dr, chromecache_310.9.dr
Source: global trafficTCP traffic: 192.168.2.5:50091 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.5:50159 -> 1.1.1.1:53
Source: Joe Sandbox ViewIP Address: 20.141.12.34 20.141.12.34
Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
Source: Joe Sandbox ViewIP Address: 20.140.56.69 20.140.56.69
Source: Joe Sandbox ViewJA3 fingerprint: 1138de370e523e824bbca92d049a3777
Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:50143 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 104.78.188.188
Source: unknownTCP traffic detected without corresponding DNS query: 104.78.188.188
Source: unknownTCP traffic detected without corresponding DNS query: 104.78.188.188
Source: unknownTCP traffic detected without corresponding DNS query: 104.78.188.188
Source: unknownTCP traffic detected without corresponding DNS query: 104.78.188.188
Source: unknownTCP traffic detected without corresponding DNS query: 104.78.188.188
Source: unknownTCP traffic detected without corresponding DNS query: 104.78.188.188
Source: unknownTCP traffic detected without corresponding DNS query: 104.78.188.188
Source: unknownTCP traffic detected without corresponding DNS query: 104.78.188.188
Source: unknownTCP traffic detected without corresponding DNS query: 104.78.188.188
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /onboarding/smskillreader.txt HTTP/1.1Host: armmf.adobe.comConnection: keep-aliveAccept-Language: en-US,en;q=0.9User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ReaderServices/23.6.20320 Chrome/105.0.0.0 Safari/537.36Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brIf-None-Match: "78-5faa31cce96da"If-Modified-Since: Mon, 01 May 2023 15:02:33 GMT
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=8dzolmfARCn+Aww&MD=6lVLXk7B HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /:o:/g/personal/avogel_baycitymi_gov/Elmi9pmfBD9FsxTL7-oQ2IoBeHOG7eWvLU9bAnRZwDCz7Q?e=tcLUbt HTTP/1.1Host: baycitymi-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /personal/avogel_baycitymi_gov/_layouts/15/Doc.aspx?sourcedoc=%7B99f6a259-049f-453f-b314-cbefea10d88a%7D&action=default&slrid=08764aa1-8002-6000-4edd-0ec3c14769fb&originalPath=aHR0cHM6Ly9iYXljaXR5bWktbXkuc2hhcmVwb2ludC5jb20vOm86L2cvcGVyc29uYWwvYXZvZ2VsX2JheWNpdHltaV9nb3YvRWxtaTlwbWZCRDlGc3hUTDctb1EySW9CZUhPRzdlV3ZMVTliQW5SWndEQ3o3UT9ydGltZT02NUN2S2NyRzNFZw&CID=5e7c16d6-5e9c-424b-ad78-f90465cf4904&_SRM=0:G:111 HTTP/1.1Host: baycitymi-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzViMWNmMWY3YjBmYTE2ZGQzMGNmOTVmNjE1NmZhYTQyNzQyNTczOTIyMDNmODJlZDk3MGJkY2NiOGQ5ZWE4YzgsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNWIxY2YxZjdiMGZhMTZkZDMwY2Y5NWY2MTU2ZmFhNDI3NDI1NzM5MjIwM2Y4MmVkOTcwYmRjY2I4ZDllYThjOCwxMzM2OTI1ODk3NjAwMDAwMDAsMCwxMzM2OTM0NTA3NjQzNjQyMjAsMC4wLjAuMCwyNTgsZjhiOTkyZTctYzYwYy00MWE1LTk3ZGItNWJjOWNkMWE5ODU0LCwsMDg3NjRhYTEtODAwMi02MDAwLTRlZGQtMGVjM2MxNDc2OWZiLDA4NzY0YWExLTgwMDItNjAwMC00ZWRkLTBlYzNjMTQ3NjlmYixwTkVCZWQvM2pFZTVlNHFIY2kzTFl3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTIzMjcsLUg5ZzhtM01DREpWV2pVbHVlRmpFODRCdVpVLG5ab3dtNHhLQ1B0UWdGUTRYWlF6K015ZVgvS0o3dnVpQmEyU3FMSW1FdXNPOEZvL2JTZUZRVTJRU0NZcFZVTk9vU3Q5VVBQOHI3L2dCczJmaytQcTE4QkVZQ1FrNkV2RVFCaFlGMGcxcnIyVlhsNlN4bVFYbmVhcEFmb1pPem9VeGFwaFVrMFloUGFOYWduNEdRRnc5b243ZmVWK0FOUXVZa3BGdnVxUFhqa3FYY0VST1dmQXdRcUozWHRTY3BaSVNSSmEvS2ltdUVOYVFJdSt5QXJ2MHVqN1BTaEo5SXlHdEpZcDdFRFpvdzhyRXMzdVNPZk1TVVF4OTNzejdUbXJBS1VRWTBSd2hlcUlmT2g1M0tuc2RsL1VvYnlpVDJDSG1mcENURW1WdHI3UTcycElBUFkrUUYzRUlhbGlZckFaVUVYZFk4L3p5R1QydWdjZTNkTEdUZz09PC9TUD4=
Source: global trafficHTTP traffic detected: GET /wise/owl/owl.slim.b85bbf4e2366ca721a6f.js HTTP/1.1Host: wise.gcc.cdn.office.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://baycitymi-my.sharepoint.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://baycitymi-my.sharepoint.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wise/owl/onenote-boot.35885234f8e241512812.js HTTP/1.1Host: wise.gcc.cdn.office.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://baycitymi-my.sharepoint.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://baycitymi-my.sharepoint.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /files/odsp-web-prod_2024-08-09.009/wacowlhostwebpack/wacowlhostwebpack.js HTTP/1.1Host: res-1-gcc.cdn.office.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://baycitymi-my.sharepoint.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://baycitymi-my.sharepoint.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /files/odsp-web-prod_2024-08-09.009/wacowlhostwebpack/wacowlhostwebpack.js HTTP/1.1Host: res-1-gcc.cdn.office.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=8dzolmfARCn+Aww&MD=6lVLXk7B HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /files/odsp-web-prod_2024-08-09.009/wacowlhostwebpack/13.js HTTP/1.1Host: res-1-gcc.cdn.office.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://baycitymi-my.sharepoint.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://baycitymi-my.sharepoint.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /files/odsp-web-prod_2024-08-09.009/wacowlhostwebpack/13.js HTTP/1.1Host: res-1-gcc.cdn.office.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: baycitymi-my.sharepoint.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: gbc-common.online.office.com
Source: global trafficDNS traffic detected: DNS query: m365cdn.nel.measure.office.net
Source: global trafficDNS traffic detected: DNS query: onenoteonline.nel.measure.office.net
Source: E0F5C59F9FA661F6F4C50B87FEF3A15A0.2.drString found in binary or memory: http://apps.identrust.com/roots/dstrootcax3.p7c
Source: 77EC63BDA74BD0D0E0426DC8F8008506.2.drString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: chromecache_332.9.dr, chromecache_291.9.drString found in binary or memory: http://fb.me/use-check-prop-types
Source: chromecache_310.9.drString found in binary or memory: http://www.mozilla.org/newlayout/xml/parsererror.xml
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://1drv.ms
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://attributes.engagement.office-int.com
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://attributes.engagement.office.com
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://attributes.engagement.officeppe.com
Source: San Xavier District of the Tohono O#U2019odham Nation.pdfString found in binary or memory: https://baycitymi-my.sharepoint.com/:o:/g/personal/avogel_baycitymi_gov/Elmi9pmfBD9FsxTL7-oQ2IoBeHOG
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://cdn.dev.fluidpreview.office.net
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://cdn.dev.fluidpreview.office.net/fluid/dev
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://cdn.dev.fluidpreview.office.net/fluid/stg
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://cdn.fluidpreview.office.net
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://cdn.fluidpreview.office.net/fluid/df
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://cdn.fluidpreview.office.net/fluid/gcc
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://cdn.fluidpreview.office.net/fluid/prod
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://contentstorage.osi.office.net/images/2f4febe2cca96f7f.gif
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://contentstorage.osi.office.net/images/eb14b3fe6a1e1671.png
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://ecs.office.com
Source: chromecache_310.9.drString found in binary or memory: https://fa000000096.resources.office.net
Source: chromecache_310.9.drString found in binary or memory: https://fa000000096.resources.office.net/f7024bdc-7caf-4ca8-807d-2908f09640d6/1.0.2210.23001/en-us_w
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://fa000000096.resources.office.net/f7024bdc-7caf-4ca8-807d-2908f09640d6/1.0.2401.26003/en-us_w
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://feross.org
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://feross.org/opensource
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://my.microsoftpersonalcontent.com
Source: chromecache_291.9.drString found in binary or memory: https://reactjs.org/link/react-polyfills
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://res-dod.cdn.office.net
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://res-dod.cdn.office.net/fluid/dod
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://res-gcch.cdn.office.net
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://res-gcch.cdn.office.net/fluid/gcch
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://res-sdf.cdn.office.net
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://res.cdn.office.net
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://roaming.edog.officeapps.live.com/rs/v1/settings
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://roaming.officeapps.live.com/rs/v1/settings
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://roaming.officeapps.partner.office365.cn/rs/v1/settings
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://roaming.osi.apps.mil/rs/v1/settings
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://roaming.osi.office.de/rs/v1/settings
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://roaming.osi.office365.us/rs/v1/settings
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://support.office.com/article/7afcb4f3-4aa2-443a-9b08-125a5d692576
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://whiteboard.apps.mil
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://whiteboard.eaglex.ic.gov
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://whiteboard.microsoft.scloud
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://whiteboard.office.com/root/index.fluid.js
Source: chromecache_318.9.dr, chromecache_310.9.drString found in binary or memory: https://whiteboard.office365.us
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50170 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50143 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50175
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50133
Source: unknownNetwork traffic detected: HTTP traffic on port 50114 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50179
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50114
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50158
Source: unknownNetwork traffic detected: HTTP traffic on port 50133 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50158 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50179 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 50175 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50146 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50093 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50143
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50146
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50093
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50170
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49712 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49713 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.5:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.5:50146 version: TLS 1.2
Source: chromecache_318.9.dr, chromecache_310.9.drBinary or memory string: new y.a(u.a.zd());const H=".3gp .aa .aac .aax .act .aiff .amr .ape .au .awb .dct .dss .dvf .flac .gsm .iklax .ivs .m4a .m4b .m4p .mmf .mp3 .mpc .msv .ogg .oga .mogg .opus .ra .rm .raw .sln .tta .vox .wav .webm .wma .wv".split(" ");for(const v of H)G.$7b.add(v)}return G.$7b}static rYh(H){return G.jGh().contains(H)}static i2h(H){H=x.drh(H);return""!==document.createElement("audio").canPlayType(H)}}G.$7b=null;(0,z.a)(G,"EmbeddedFileReaderUtils",null,[])},15047:function(z,O,d){d.d(O,{a:function(){return k}});
Source: classification engineClassification label: sus23.phis.winPDF@45/122@24/12
Source: San Xavier District of the Tohono O#U2019odham Nation.pdfInitial sample: https://baycitymi-my.sharepoint.com/:o:/g/personal/avogel_baycitymi_gov/Elmi9pmfBD9FsxTL7-oQ2IoBeHOG7eWvLU9bAnRZwDCz7Q?e=tcLUbt
Source: San Xavier District of the Tohono O#U2019odham Nation.pdfInitial sample: https://baycitymi-my.sharepoint.com/:o:/g/personal/avogel_baycitymi_gov/elmi9pmfbd9fsxtl7-oq2iobehog7ewvlu9banrzwdcz7q?e=tclubt
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.6644Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-08-27 14-57-29-334.logJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\San Xavier District of the Tohono O#U2019odham Nation.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2080 --field-trial-handle=1584,i,2345941670000869250,4026492604822404281,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://baycitymi-my.sharepoint.com/:o:/g/personal/avogel_baycitymi_gov/Elmi9pmfBD9FsxTL7-oQ2IoBeHOG7eWvLU9bAnRZwDCz7Q?e=tcLUbt"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2008,i,17246115955249219125,14719809775228950345,262144 /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2080 --field-trial-handle=1584,i,2345941670000869250,4026492604822404281,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2008,i,17246115955249219125,14719809775228950345,262144 /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.8.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.8.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.8.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.8.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.8.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.8.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: Binary string: V.xd?this.sFd(V):!1}im(V){return V?T.T5&&!K.a(V)?(h.ULS.sendTraceTag(50963545,324,10,"get_type is not a function of graph node. Type: {0}",Object.getType(V).toString()),!1):19===V.type:!1}sFd(V){return V.Oa(J.a.f2)}Pdb(V){return V.ka(J.a.lNh,0)}uH(V){V=this.Pdb(V);return 0!==V&&3!==V}NYa(V){const ba=this.eKh(V),ca=!!V.ka(J.a.Eka,0),Z=this.Rgf(V),ia=this.uH(V);return 5===S.ImageReader.Xq(V)&&!ba&&!ca&&!Z&&!ia}eKh(V){const ba=V.ka(J.a.Ahf,!1);return V.ka(J.a.ahf,!1)||ba}Rgf(V){const ba=!!V.ka(J.a.mBd, source: chromecache_318.9.dr, chromecache_310.9.dr
Source: Binary string: ({width:C,height:W}=Oe.ImageReader.SKb(C));return{width:C,height:W}}Xq(C){return Oe.ImageReader.Xq(C)}Rfb(C){return Oe.ImageReader.Rfb(C)}im(C){return Oe.ImageReader.im(C)}Pdb(C){return Oe.ImageReader.Pdb(C)}uH(C){return Oe.ImageReader.uH(C)}NYa(C){return Oe.ImageReader.NYa(C)}lka(C){return Oe.ImageReader.lka(C)}kka(C){return Oe.ImageReader.kka(C)}gua(C,W,oa){return Oe.ImageReader.gua(C,W,oa)}fua(C,W){return Oe.ImageReader.fua(C,W)}nYb(C){return Oe.ImageReader.nYb(C)}Kgb(C){return Oe.ImageReader.Kgb(C)}Sta(C){return Oe.ImageReader.Sta(C)}B3(C, source: chromecache_318.9.dr, chromecache_310.9.dr
Source: Binary string: d(77836);return fa.La.keyCode===Sys.UI.Key.enter&&"a"!==fa.$b.tagName.toLowerCase()?(aa.NXe&&this.Ieb&&this.wVa(this.pdb(this.Y4a),1),!0):!1}Q3h(fa,aa){if(fa.La.ctrlKey||fa.La.altKey||fa.La.keyCode>=H.a.apb&&fa.La.keyCode<=H.a.bpb)return!1;if(fa.eventName===I.a.Fd&&this.E0c){const X=fa.La.keyCode;X!==Sys.UI.Key.enter&&X!==Sys.UI.Key.space||aa(fa);this.E0c=!1}fa.eventName===I.a.Ve&&(this.E0c=!0);return!0}Rzc(fa){if(fa){var aa=fa.target;fa.type===I.a.focus?Sys.UI.DomElement.addCssClass(aa.parentNode, source: chromecache_318.9.dr, chromecache_310.9.dr
Source: Binary string: (this.kn.style.zIndex=String(fa.fa.DX)),this.ub.style.zIndex=String(fa.fa.HI),fa.fa.state=this.fPb?1:2,ea.vTc||(ea.vTc=ea.Okc,fa.ma.ja(K.a.Okc,T.a.frame,ea.vTc)),fa.J&&fa.J.Z("AccessibleMovingDialogsEnabled")&&(ea.CTc||(ea.CTc=this.kwi,fa.ma.ja(K.a.g1f,T.a.frame,ea.CTc)),ea.yTc||(ea.yTc=this.qdh,fa.ma.ja(K.a.H8g,T.a.frame,ea.yTc))),this.D5());fa.alc();ea.eXf("hidden");this.H$i();this.nba();fa.fa&&fa.fa.Ha.B0f&&this.MV();this.Ieb&&this.IJa(this.pdb(this.Y4a));fa.fa&&!fa.fa.Ha.B0f&&this.MV()}D5(){if(J.FocusManager.Vr()){var fa= source: chromecache_318.9.dr, chromecache_310.9.dr
Source: Binary string: t.Vc(8);for(A=t.Rc();A;){if(K.im(A)&&K.Uta(A.properties))return!0;A=t.$f()}return!1}static Pdb(t){return K.Sj.Pdb(t)}static uH(t){return K.Sj.uH(t)}static NYa(t){return K.Sj.NYa(t)}static zFd(t){return K.UXa()?t.ka(D.a.$uc,!1):3===K.Pdb(t)}static Xq(t){return K.Sj.Xq(t)}static yFa(t){return(t=K.vn(t))?K.Xq(t):0}static Doh(t){return(t=K.vn(t))?t.ka(D.a.ZRe,!1):!1}static t_h(t){return 5===K.yFa(t)}static r_h(t){return 10===K.yFa(t)}static s_h(t){return 48===K.yFa(t)}static pkd(t){return K.Doh(t)}static w_h(t){return 11=== source: chromecache_318.9.dr, chromecache_310.9.dr
Source: San Xavier District of the Tohono O#U2019odham Nation.pdfInitial sample: PDF keyword /JS count = 0
Source: San Xavier District of the Tohono O#U2019odham Nation.pdfInitial sample: PDF keyword /JavaScript count = 0
Source: San Xavier District of the Tohono O#U2019odham Nation.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Spearphishing Link		Windows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential Dumping1
System Information Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1500077 Sample: San Xavier District of the ... Startdate: 27/08/2024 Architecture: WINDOWS Score: 23 34 Suspicious PDF detected (based on various text indicators) 2->34 7 chrome.exe 13 2->7         started        10 Acrobat.exe 18 64 2->10         started        process3 dnsIp4 22 192.168.2.16 unknown unknown 7->22 24 192.168.2.17 unknown unknown 7->24 26 3 other IPs or domains 7->26 12 chrome.exe 7->12         started        15 AcroCEF.exe 106 10->15         started        process5 dnsIp6 28 eafd-ffgov-snr9b2-roxy-default-sni.aksroxy.azureedge.us 20.140.151.75, 443, 50179 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 12->28 30 eafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.us 20.140.56.69, 443, 49737, 49738 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 12->30 32 17 other IPs or domains 12->32 17 AcroCEF.exe 2 15->17         started        process7 dnsIp8 20 104.78.188.188, 443, 49716 AKAMAI-ASUS United States 17->20

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://fb.me/use-check-prop-types0%URL Reputationsafe
https://reactjs.org/link/react-polyfills0%URL Reputationsafe
https://feross.org0%URL Reputationsafe
https://feross.org/opensource0%URL Reputationsafe
https://roaming.officeapps.partner.office365.cn/rs/v1/settings0%Avira URL Cloudsafe
https://whiteboard.apps.mil0%Avira URL Cloudsafe
https://my.microsoftpersonalcontent.com0%Avira URL Cloudsafe
https://cdn.fluidpreview.office.net/fluid/prod0%Avira URL Cloudsafe
https://baycitymi-my.sharepoint.com/:o:/g/personal/avogel_baycitymi_gov/Elmi9pmfBD9FsxTL7-oQ2IoBeHOG7eWvLU9bAnRZwDCz7Q?e=tcLUbt0%Avira URL Cloudsafe
https://cdn.dev.fluidpreview.office.net/fluid/dev0%Avira URL Cloudsafe
https://whiteboard.office365.us0%Avira URL Cloudsafe
https://roaming.osi.office.de/rs/v1/settings0%Avira URL Cloudsafe
https://cdn.fluidpreview.office.net0%Avira URL Cloudsafe
https://whiteboard.microsoft.scloud0%Avira URL Cloudsafe
https://1drv.ms0%Avira URL Cloudsafe
https://attributes.engagement.officeppe.com0%Avira URL Cloudsafe
https://whiteboard.eaglex.ic.gov0%Avira URL Cloudsafe
https://roaming.osi.apps.mil/rs/v1/settings0%Avira URL Cloudsafe
https://fa000000096.resources.office.net0%Avira URL Cloudsafe
https://roaming.osi.office365.us/rs/v1/settings0%Avira URL Cloudsafe
https://cdn.dev.fluidpreview.office.net0%Avira URL Cloudsafe
https://cdn.fluidpreview.office.net/fluid/gcc0%Avira URL Cloudsafe
https://baycitymi-my.sharepoint.com/:o:/g/personal/avogel_baycitymi_gov/Elmi9pmfBD9FsxTL7-oQ2IoBeHOG0%Avira URL Cloudsafe
https://cdn.fluidpreview.office.net/fluid/df0%Avira URL Cloudsafe
https://attributes.engagement.office.com0%Avira URL Cloudsafe
https://fa000000096.resources.office.net/f7024bdc-7caf-4ca8-807d-2908f09640d6/1.0.2401.26003/en-us_w0%Avira URL Cloudsafe
https://whiteboard.office.com/root/index.fluid.js0%Avira URL Cloudsafe
https://cdn.dev.fluidpreview.office.net/fluid/stg0%Avira URL Cloudsafe
https://support.office.com/article/7afcb4f3-4aa2-443a-9b08-125a5d6925760%Avira URL Cloudsafe
https://attributes.engagement.office-int.com0%Avira URL Cloudsafe
https://github.com/uuidjs/uuid#getrandomvalues-not-supported0%Avira URL Cloudsafe
https://fa000000096.resources.office.net/f7024bdc-7caf-4ca8-807d-2908f09640d6/1.0.2210.23001/en-us_w0%Avira URL Cloudsafe

Domains and IPs

Download Network PCAP: filteredfull

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
eafd-ffgov-phxr9b1-roxy-default-sni.aksroxy.azureedge.us
20.141.12.34
truefalse
    		unknown
    eafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.us
    		20.140.56.69
    		truefalse
      		unknown
      mira-ssc.tm-4.office.com
      		52.107.243.70
      		truefalse
        		unknown
        www.google.com
        		142.250.185.164
        		truefalse
          		unknown
          eafd-ffgov-snr9b2-roxy-default-sni.aksroxy.azureedge.us
          		20.140.151.75
          		truefalse
            		unknown
            baycitymi-my.sharepoint.com
            		unknown
            		unknownfalse
              		unknown
              onenoteonline.nel.measure.office.net
              		unknown
              		unknownfalse
                		unknown
                gbc-common.online.office.com
                		unknown
                		unknownfalse
                  		unknown
                  m365cdn.nel.measure.office.net
                  		unknown
                  		unknownfalse
                    		unknown

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://baycitymi-my.sharepoint.com/:o:/g/personal/avogel_baycitymi_gov/Elmi9pmfBD9FsxTL7-oQ2IoBeHOG7eWvLU9bAnRZwDCz7Q?e=tcLUbtfalse
                    • Avira URL Cloud: safe
                    		unknown
                    https://baycitymi-my.sharepoint.com/:o:/g/personal/avogel_baycitymi_gov/Elmi9pmfBD9FsxTL7-oQ2IoBeHOG7eWvLU9bAnRZwDCz7Q?rtime=65CvKcrG3Egfalse
                      		unknown
                      https://baycitymi-my.sharepoint.com/personal/avogel_baycitymi_gov/_layouts/15/Doc.aspx?sourcedoc=%7B99f6a259-049f-453f-b314-cbefea10d88a%7D&action=default&slrid=08764aa1-8002-6000-4edd-0ec3c14769fb&originalPath=aHR0cHM6Ly9iYXljaXR5bWktbXkuc2hhcmVwb2ludC5jb20vOm86L2cvcGVyc29uYWwvYXZvZ2VsX2JheWNpdHltaV9nb3YvRWxtaTlwbWZCRDlGc3hUTDctb1EySW9CZUhPRzdlV3ZMVTliQW5SWndEQ3o3UT9ydGltZT02NUN2S2NyRzNFZw&CID=5e7c16d6-5e9c-424b-ad78-f90465cf4904&_SRM=0:G:111false
                        		unknown
                        NameSourceMaliciousAntivirus DetectionReputation
                        https://roaming.officeapps.partner.office365.cn/rs/v1/settingschromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://whiteboard.apps.milchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://cdn.fluidpreview.office.net/fluid/prodchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://my.microsoftpersonalcontent.comchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://cdn.dev.fluidpreview.office.net/fluid/devchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://cdn.fluidpreview.office.netchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://whiteboard.office365.uschromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://roaming.osi.office.de/rs/v1/settingschromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://whiteboard.microsoft.scloudchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://fb.me/use-check-prop-typeschromecache_332.9.dr, chromecache_291.9.drfalse
                        • URL Reputation: safe
                        		unknown
                        https://1drv.mschromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://attributes.engagement.officeppe.comchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://whiteboard.eaglex.ic.govchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://roaming.osi.office365.us/rs/v1/settingschromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://reactjs.org/link/react-polyfillschromecache_291.9.drfalse
                        • URL Reputation: safe
                        		unknown
                        https://feross.orgchromecache_318.9.dr, chromecache_310.9.drfalse
                        • URL Reputation: safe
                        		unknown
                        https://feross.org/opensourcechromecache_318.9.dr, chromecache_310.9.drfalse
                        • URL Reputation: safe
                        		unknown
                        https://roaming.osi.apps.mil/rs/v1/settingschromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://fa000000096.resources.office.netchromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://cdn.dev.fluidpreview.office.netchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://cdn.fluidpreview.office.net/fluid/gccchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://baycitymi-my.sharepoint.com/:o:/g/personal/avogel_baycitymi_gov/Elmi9pmfBD9FsxTL7-oQ2IoBeHOGSan Xavier District of the Tohono O#U2019odham Nation.pdffalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://cdn.fluidpreview.office.net/fluid/dfchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://whiteboard.office.com/root/index.fluid.jschromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://attributes.engagement.office.comchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://cdn.dev.fluidpreview.office.net/fluid/stgchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://fa000000096.resources.office.net/f7024bdc-7caf-4ca8-807d-2908f09640d6/1.0.2401.26003/en-us_wchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://support.office.com/article/7afcb4f3-4aa2-443a-9b08-125a5d692576chromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://attributes.engagement.office-int.comchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://fa000000096.resources.office.net/f7024bdc-7caf-4ca8-807d-2908f09640d6/1.0.2210.23001/en-us_wchromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://github.com/uuidjs/uuid#getrandomvalues-not-supportedchromecache_318.9.dr, chromecache_310.9.drfalse
                        • Avira URL Cloud: safe
                        		unknown

                        World Map of Contacted IPs

                        • No. of IPs < 25%
                        • 25% < No. of IPs < 50%
                        • 50% < No. of IPs < 75%
                        • 75% < No. of IPs

                        Public IPs

                        IPDomainCountryFlagASNASN NameMalicious
                        52.107.243.70
                        		mira-ssc.tm-4.office.comUnited States
                        		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                        142.250.185.164
                        		www.google.comUnited States
                        		15169GOOGLEUSfalse
                        142.250.186.132
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        20.140.151.75
                        		eafd-ffgov-snr9b2-roxy-default-sni.aksroxy.azureedge.usUnited States
                        		8070MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                        20.141.12.34
                        		eafd-ffgov-phxr9b1-roxy-default-sni.aksroxy.azureedge.usUnited States
                        		8070MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                        104.78.188.188
                        		unknownUnited States
                        		16625AKAMAI-ASUSfalse
                        239.255.255.250
                        		unknownReserved
                        		unknownunknownfalse
                        20.140.56.69
                        		eafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.usUnited States
                        		8070MICROSOFT-CORP-MSN-AS-BLOCKUSfalse

                        Private

                        IP
                        192.168.2.17
                        192.168.2.16
                        192.168.2.18
                        192.168.2.5

                        General Information

                        Joe Sandbox version:40.0.0 Tourmaline
                        Analysis ID:1500077
                        Start date and time:2024-08-27 20:56:36 +02:00
                        Joe Sandbox product:CloudBasic
                        Overall analysis duration:0h 6m 8s
                        Hypervisor based Inspection enabled:false
                        Report type:full
                        Cookbook file name:defaultwindowspdfcookbook.jbs
                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                        Number of analysed new started processes analysed:13
                        Number of new started drivers analysed:0
                        Number of existing processes analysed:0
                        Number of existing drivers analysed:0
                        Number of injected processes analysed:0
                        Technologies:
                        • HCA enabled
                        • EGA enabled
                        • AMSI enabled
                        Analysis Mode:default
                        Analysis stop reason:Timeout
                        Sample name:San Xavier District of the Tohono O#U2019odham Nation.pdf
                        renamed because original name is a hash value
                        Original Sample Name:San Xavier District of the Tohono Oodham Nation.pdf
                        Detection:SUS
                        Classification:sus23.phis.winPDF@45/122@24/12
                        EGA Information:Failed
                        HCA Information:
                        • Successful, ratio: 100%
                        • Number of executed functions: 0
                        • Number of non-executed functions: 0
                        Cookbook Comments:
                        • Found application associated with file extension: .pdf
                        • Found PDF document
                        • Close Viewer
                        • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, WmiPrvSE.exe, svchost.exe
                        • Excluded IPs from analysis (whitelisted): 184.28.88.176, 107.22.247.231, 18.207.85.246, 54.144.73.197, 34.193.227.236, 162.159.61.3, 172.64.41.3, 2.16.241.15, 2.16.241.13, 93.184.221.240, 23.46.15.9, 192.229.221.95, 142.250.185.67, 216.58.206.78, 66.102.1.84, 34.104.35.123, 23.38.98.104, 23.38.98.96, 52.108.66.1, 142.250.186.106, 172.217.18.106, 142.250.74.202, 142.250.185.106, 142.250.185.74, 216.58.206.42, 172.217.16.202, 142.250.184.234, 172.217.23.106, 142.250.185.202, 142.250.186.138, 142.250.185.138, 142.250.184.202, 142.250.185.170, 216.58.212.138, 142.250.186.170, 23.38.98.97, 23.38.98.84, 52.108.140.0, 2.19.126.143, 2.19.126.146, 23.60.216.210, 23.10.216.208, 20.189.173.18, 20.189.173.1, 142.250.184.227, 2.16.238.152, 2.16.238.149, 2.19.126.199, 2.19.126.200, 72.247.153.209, 72.247.153.153, 142.250.185.238, 23.38.189.26, 23.38.189.42, 104.208.16.91, 52.168.117.171
                        • Excluded domains from analysis (whitelisted): onedscolprdwus00.westus.cloudapp.azure.com, slscr.update.microsoft.com, clientservices.googleapis.com, browser.events.data.trafficmanager.net, acroipm2.adobe.com, gbc-onenote-afd.officeapplf.live.com.akadns.net, onedscolprdcus17.centralus.cloudapp.azure.com, a1952.dscq.akamai.net, s1-onenote-15.cdn.office.net, clients2.google.com, ocsp.digicert.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, wise.gcc.cdn.office.net, apps.identrust.com, wu-b-net.trafficmanager.net, wildcard.cdn.office.net.edgekey.net, res-2-gcc.cdn.office.net, fs.microsoft.com, identrust.edgesuite.net, acroipm2.adobe.com.edgesuite.net, res-1-gcc.cdn.office.net, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, clients.l.google.com, geo2.adobe.com, e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, res-2-gcc.cdn.office.net.edgekey.net, e40491.dscd.akamaiedge.net, e7204.dspg.akamaiedge.net, a1894.dscb.akamai.net, onedsc
                        • Not all processes where analyzed, report is missing behavior information
                        • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                        • VT rate limit hit for: San Xavier District of the Tohono O#U2019odham Nation.pdf

                        Simulations

                        Behavior and APIs

                        TimeTypeDescription
                        14:57:40API Interceptor3x Sleep call for process: AcroCEF.exe modified

                        Joe Sandbox View / Context

                        IPs

                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                        104.78.188.188Murexltd Mail Security Update Required For gjohnson@murexltd.com.msgGet hashmaliciousHTMLPhisherBrowse
                          Secured Doc-[aAO-49313]-2.pdfGet hashmaliciousHTMLPhisher, Tycoon2FABrowse
                            Aging Report-429053.pdfGet hashmaliciousHTMLPhisherBrowse
                              Integra Lifesciences Open Benefits Enrollment.pdfGet hashmaliciousUnknownBrowse
                                239.255.255.250New Document from Highland Township Building Department.htmlGet hashmaliciousHTMLPhisherBrowse
                                  https://sysadmononnu.ru/BW0W/Get hashmaliciousHTMLPhisherBrowse
                                    file.exeGet hashmaliciousUnknownBrowse
                                      http://www.coredc.comGet hashmaliciousUnknownBrowse
                                        (No subject) (61).emlGet hashmaliciousHTMLPhisherBrowse
                                          nested-ConsultTrustNorth-payment Requisition #42 3L# 1414 18 Dock.pdf..emlGet hashmaliciousUnknownBrowse
                                            https://netorgft13995914-my.sharepoint.com/:f:/g/personal/joshg_tekton-builder_com1/Em3c3_jzJWtIg7W_bMwKbCgB2tM26D8KPHUEkttYIezrMg?e=3Aq2bKGet hashmaliciousUnknownBrowse
                                              httpsworker-nameless-haze-86e5.berwieberwieberwieberwieberwie.workers.deveba=.htmGet hashmaliciousHTMLPhisherBrowse
                                                20.140.56.69https://weblaunch.blifax.com/listener3/redirect?l=e6df36b9-5af1-4758-b7e4-83fbf7f30dfb&id=e0d346f1-f241-ee11-acc4-000c295a2555&u=%68%74%74%70%25%33%41heinleinarchives.net%2Fnew%2F80701%2F%2Fa3Jpc3RpbmUuc29yZW5zZW5AcmVkd2lyZXNwYWNlLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                  https://60787e6d.2d6833402ad75639fa4e0298.workers.dev/?email=kristine.sorensen@redwirespace.comGet hashmaliciousHTMLPhisherBrowse
                                                    https://gcc.dcv.ms/chg3kbw3tVGet hashmaliciousHTMLPhisherBrowse
                                                      https://gcv.microsoft.us/wf1HuXWFXiGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                        https://gcv.microsoft.us/wf1HuXWFXiGet hashmaliciousHTMLPhisherBrowse
                                                          20.141.12.34https://gcc.dcv.ms/i8Kf7mgiA8Get hashmaliciousHTMLPhisherBrowse
                                                            https://gcv.microsoft.us/kgRWagmalJGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                              https://url.us.m.mimecastprotect.com/s/kyINCpYnk3FnPVPtPeQKH?domain=gcv.microsoft.usGet hashmaliciousHTMLPhisherBrowse
                                                                https://gcv.microsoft.us/ZaEjOQljjeGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                  https://usaf.dps.mil/teams/13569/info/SitePages/Home.aspxGet hashmaliciousHTMLPhisherBrowse
                                                                    20.140.151.75https://weblaunch.blifax.com/listener3/redirect?l=e6df36b9-5af1-4758-b7e4-83fbf7f30dfb&id=e0d346f1-f241-ee11-acc4-000c295a2555&u=%68%74%74%70%25%33%41heinleinarchives.net%2Fnew%2F80701%2F%2Fa3Jpc3RpbmUuc29yZW5zZW5AcmVkd2lyZXNwYWNlLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                                      https://60787e6d.2d6833402ad75639fa4e0298.workers.dev/?email=kristine.sorensen@redwirespace.comGet hashmaliciousHTMLPhisherBrowse
                                                                        https://gcv.microsoft.us/kgRWagmalJGet hashmaliciousHtmlDropper, HTMLPhisherBrowse

                                                                          Domains

                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                          eafd-ffgov-snr9b2-roxy-default-sni.aksroxy.azureedge.ushttps://gcc.dcv.ms/i8Kf7mgiA8Get hashmaliciousHTMLPhisherBrowse
                                                                          • 20.140.151.75
                                                                          https://weblaunch.blifax.com/listener3/redirect?l=e6df36b9-5af1-4758-b7e4-83fbf7f30dfb&id=e0d346f1-f241-ee11-acc4-000c295a2555&u=%68%74%74%70%25%33%41heinleinarchives.net%2Fnew%2F80701%2F%2Fa3Jpc3RpbmUuc29yZW5zZW5AcmVkd2lyZXNwYWNlLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                                          • 20.140.151.75
                                                                          https://60787e6d.2d6833402ad75639fa4e0298.workers.dev/?email=kristine.sorensen@redwirespace.comGet hashmaliciousHTMLPhisherBrowse
                                                                          • 20.140.151.75
                                                                          mira-ssc.tm-4.office.comhttps://12dec6c2-3c78-e425-b87e-b20197f5da10.powerappsportals.com/Get hashmaliciousUnknownBrowse
                                                                          • 52.107.243.88
                                                                          https://netorgft11904377-my.sharepoint.com/:f:/g/personal/diwakar_d_symnn_com/Egh8Wigk3RNLgYl4YHrmY3wBASQTPrx6Li13Cr10RMG6nw?e=sSQT2N&xsdata=MDV8MDJ8UGhpc2hBbGVydHNARGV3YmVycnkuY29tfDQ3YjZjYWZiY2FmYjRiYzE5NjVkMDhkY2M1ZmJhZTM5fDg0YjdmNTM3ZmI3NjQyYjJhYzFiNDE1YTU1OTc3NjZjfDB8MHw2Mzg2MDI5MzE5OTY5Mjk2MjF8VW5rbm93bnxUV0ZwYkdac2IzZDhleUpXSWpvaU1DNHdMakF3TURBaUxDSlFJam9pVjJsdU16SWlMQ0pCVGlJNklrMWhhV3dpTENKWFZDSTZNbjA9fDB8fHw%3d&sdata=Q1R4VGhVK20rVytvaVJPWVRueXdFcTdmNU5xL0huZ3dzcjNFeERIMEx6Zz0%3dGet hashmaliciousHTMLPhisherBrowse
                                                                          • 52.107.225.8
                                                                          Corp.AcctPayable Payment Update.pdfGet hashmaliciousUnknownBrowse
                                                                          • 52.107.243.68
                                                                          https://wyattstowingzjsj-my.sharepoint.com/:f:/g/personal/bjones_wyattstowing_com/EjzAIQ7mUctGs25S241fgvEBS3R7FD7Mq_44HVe6sUvcYA?e=pxKGet hashmaliciousUnknownBrowse
                                                                          • 52.107.225.1
                                                                          http://url.uk.m.mimecastprotect.com/s/Qb9MCZ4z4h5VrB0KizfxuBiFFPGet hashmaliciousUnknownBrowse
                                                                          • 52.107.243.152
                                                                          https://ridgecomm-my.sharepoint.com/:f:/g/personal/mike_dickson_ridgecommunicate_com/EoIXqm_rhmNPgUmdh9oGxVYBOC8z-wLp52vmISycophX2A?e=pxBR5zGet hashmaliciousHTMLPhisherBrowse
                                                                          • 52.107.243.82
                                                                          https://brandscapewi-my.sharepoint.com/:o:/g/personal/cbraetsch_brandscape-online_com/EtDyLXmKWHJNlBoShRvCzXUBKEezMY-wbCulj2Qta1nXig?e=5%3aBOxRAk&at=9Get hashmaliciousUnknownBrowse
                                                                          • 52.107.243.66
                                                                          https://deacerousa2-my.sharepoint.com/:o:/g/personal/eservice_huynhlaw_com/Ekv2F9Kc_pJJuB-bxZ7Z5QcBrNuZWh85OaRkXp9nQSqCiQ?e=5%3aD7eLEH&at=9Get hashmaliciousHTMLPhisherBrowse
                                                                          • 52.107.242.226
                                                                          (No subject) (28).emlGet hashmaliciousUnknownBrowse
                                                                          • 52.107.243.94
                                                                          https://corroboree-my.sharepoint.com/:o:/g/personal/jim_corroboreegroup_com_au/EhkrUZo0A7NAnvRNEtKnYx0Bi8APjQb6lXmXpqhr_dptBQ?e=5%3ajUyr76&at=9Get hashmaliciousHTMLPhisherBrowse
                                                                          • 52.107.243.71
                                                                          eafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.ushttps://weblaunch.blifax.com/listener3/redirect?l=e6df36b9-5af1-4758-b7e4-83fbf7f30dfb&id=e0d346f1-f241-ee11-acc4-000c295a2555&u=%68%74%74%70%25%33%41heinleinarchives.net%2Fnew%2F80701%2F%2Fa3Jpc3RpbmUuc29yZW5zZW5AcmVkd2lyZXNwYWNlLmNvbQ==Get hashmaliciousHTMLPhisherBrowse
                                                                          • 20.140.56.69
                                                                          https://60787e6d.2d6833402ad75639fa4e0298.workers.dev/?email=kristine.sorensen@redwirespace.comGet hashmaliciousHTMLPhisherBrowse
                                                                          • 20.140.56.69
                                                                          https://gcc.dcv.ms/chg3kbw3tVGet hashmaliciousHTMLPhisherBrowse
                                                                          • 20.140.56.69
                                                                          eafd-ffgov-phxr9b1-roxy-default-sni.aksroxy.azureedge.ushttps://gcc.dcv.ms/i8Kf7mgiA8Get hashmaliciousHTMLPhisherBrowse
                                                                          • 20.141.12.34

                                                                          ASNs

                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                          MICROSOFT-CORP-MSN-AS-BLOCKUSfile.exeGet hashmaliciousUnknownBrowse
                                                                          • 13.107.246.60
                                                                          http://www.coredc.comGet hashmaliciousUnknownBrowse
                                                                          • 13.107.246.67
                                                                          (No subject) (61).emlGet hashmaliciousHTMLPhisherBrowse
                                                                          • 104.47.64.28
                                                                          nested-ConsultTrustNorth-payment Requisition #42 3L# 1414 18 Dock.pdf..emlGet hashmaliciousUnknownBrowse
                                                                          • 52.98.242.242
                                                                          https://netorgft13995914-my.sharepoint.com/:f:/g/personal/joshg_tekton-builder_com1/Em3c3_jzJWtIg7W_bMwKbCgB2tM26D8KPHUEkttYIezrMg?e=3Aq2bKGet hashmaliciousUnknownBrowse
                                                                          • 40.99.150.18
                                                                          https://aka.ms/LearnAboutSenderIdentificationGet hashmaliciousHTMLPhisherBrowse
                                                                          • 150.171.28.10
                                                                          (No subject) (60).emlGet hashmaliciousHTMLPhisherBrowse
                                                                          • 104.47.65.28
                                                                          Madisonwellsmedia546.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                          • 52.98.171.226
                                                                          MICROSOFT-CORP-MSN-AS-BLOCKUSfile.exeGet hashmaliciousUnknownBrowse
                                                                          • 13.107.246.60
                                                                          http://www.coredc.comGet hashmaliciousUnknownBrowse
                                                                          • 13.107.246.67
                                                                          (No subject) (61).emlGet hashmaliciousHTMLPhisherBrowse
                                                                          • 104.47.64.28
                                                                          nested-ConsultTrustNorth-payment Requisition #42 3L# 1414 18 Dock.pdf..emlGet hashmaliciousUnknownBrowse
                                                                          • 52.98.242.242
                                                                          https://netorgft13995914-my.sharepoint.com/:f:/g/personal/joshg_tekton-builder_com1/Em3c3_jzJWtIg7W_bMwKbCgB2tM26D8KPHUEkttYIezrMg?e=3Aq2bKGet hashmaliciousUnknownBrowse
                                                                          • 40.99.150.18
                                                                          https://aka.ms/LearnAboutSenderIdentificationGet hashmaliciousHTMLPhisherBrowse
                                                                          • 150.171.28.10
                                                                          (No subject) (60).emlGet hashmaliciousHTMLPhisherBrowse
                                                                          • 104.47.65.28
                                                                          Madisonwellsmedia546.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                          • 52.98.171.226
                                                                          MICROSOFT-CORP-MSN-AS-BLOCKUSfile.exeGet hashmaliciousUnknownBrowse
                                                                          • 13.107.246.60
                                                                          http://www.coredc.comGet hashmaliciousUnknownBrowse
                                                                          • 13.107.246.67
                                                                          (No subject) (61).emlGet hashmaliciousHTMLPhisherBrowse
                                                                          • 104.47.64.28
                                                                          nested-ConsultTrustNorth-payment Requisition #42 3L# 1414 18 Dock.pdf..emlGet hashmaliciousUnknownBrowse
                                                                          • 52.98.242.242
                                                                          https://netorgft13995914-my.sharepoint.com/:f:/g/personal/joshg_tekton-builder_com1/Em3c3_jzJWtIg7W_bMwKbCgB2tM26D8KPHUEkttYIezrMg?e=3Aq2bKGet hashmaliciousUnknownBrowse
                                                                          • 40.99.150.18
                                                                          https://aka.ms/LearnAboutSenderIdentificationGet hashmaliciousHTMLPhisherBrowse
                                                                          • 150.171.28.10
                                                                          (No subject) (60).emlGet hashmaliciousHTMLPhisherBrowse
                                                                          • 104.47.65.28
                                                                          Madisonwellsmedia546.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                          • 52.98.171.226

                                                                          JA3 Fingerprints

                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                          1138de370e523e824bbca92d049a3777httpsworker-nameless-haze-86e5.berwieberwieberwieberwieberwie.workers.deveba=.htmGet hashmaliciousHTMLPhisherBrowse
                                                                          • 23.1.237.91
                                                                          doc1.exeGet hashmaliciousClipboard Hijacker, Snake KeyloggerBrowse
                                                                          • 23.1.237.91
                                                                          http://email.e.quickshipping.com/c/eJxszLFSxCAQgOGnId1lYHchWFDY5D042JOdXGJkg45v72ht-88_X03gYiw8cXILUIjBeze1RKEwBLTBu5CDj2gBGWPMD-I7P9wkCSyQjRCcRwKcq1uWSEzW40spdTFkef4YUjZtcp5yvM3lfZ-eqV3XqQZfDawG1jtv0ud8ZeUmfc8b99_PwPp13uQoz1FZDaydq3QulwHUPatmQ3a079vQP7an_-pngp8AAAD__zWIRVUGet hashmaliciousUnknownBrowse
                                                                          • 23.1.237.91
                                                                          Status Update ECKY2.htmlGet hashmaliciousUnknownBrowse
                                                                          • 23.1.237.91
                                                                          file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                          • 23.1.237.91
                                                                          Madisonwellsmedia546.pdfGet hashmaliciousUnknownBrowse
                                                                          • 23.1.237.91
                                                                          Inv-Info98.htmGet hashmaliciousHTMLPhisherBrowse
                                                                          • 23.1.237.91
                                                                          ATT09876.htmGet hashmaliciousHTMLPhisherBrowse
                                                                          • 23.1.237.91
                                                                          https://clickme.thryv.com/ls/click?upn=u001.Als7cfHaJU2yMdsJgpsIFl8RKvJCjgfWXgpyGiQbouwIVFCzJZdO6C7IEJWnFiPmUdkD_OEO3HRIZ3eedLymwLhvJt9sqs3j4T3CqpVCO9A0ZKplqH1W1Ad1lCPdQBrRfbSauZPLLCLTYBsXDRt8yGG5FOZ7NK342oFTufTBA9n-2F9XZOJptL-2BsSl02HxRvbllikFuSJtHHDkVwyIj5AuFgiubBu9sTxc8j0-2BQG5wldcZa7WyDp4BZYdRmFKi1MU2RpCFoGVLX1rLVx-2BFFfe8ZtbBDm0OusvqG9hc8jycErQH9w4yo0iZBNb6ruS35AQpqe-2Bn9sSG0dYdsEjJuPPD68-2FQoiA15kbRIRZcVBuBtywmpClclGh64Ps2rLg6E3U3-2Ft-2B24zaJbCf8tvrjozgadicpaRwQ3KIy53pMZsOUCbTeEqGc-3D#bGFtYmVydC5nZW9yZ2lhQGFpZGIub3JnGet hashmaliciousUnknownBrowse
                                                                          • 23.1.237.91
                                                                          Gov Annual Salary + Employer - Provided Benefits.pdfGet hashmaliciousPhisherBrowse
                                                                          • 23.1.237.91
                                                                          28a2c9bd18a11de089ef85a160da29e4New Document from Highland Township Building Department.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                          • 13.85.23.86
                                                                          • 184.28.90.27
                                                                          https://sysadmononnu.ru/BW0W/Get hashmaliciousHTMLPhisherBrowse
                                                                          • 13.85.23.86
                                                                          • 184.28.90.27
                                                                          file.exeGet hashmaliciousUnknownBrowse
                                                                          • 13.85.23.86
                                                                          • 184.28.90.27
                                                                          http://www.coredc.comGet hashmaliciousUnknownBrowse
                                                                          • 13.85.23.86
                                                                          • 184.28.90.27
                                                                          (No subject) (61).emlGet hashmaliciousHTMLPhisherBrowse
                                                                          • 13.85.23.86
                                                                          • 184.28.90.27
                                                                          nested-ConsultTrustNorth-payment Requisition #42 3L# 1414 18 Dock.pdf..emlGet hashmaliciousUnknownBrowse
                                                                          • 13.85.23.86
                                                                          • 184.28.90.27
                                                                          https://netorgft13995914-my.sharepoint.com/:f:/g/personal/joshg_tekton-builder_com1/Em3c3_jzJWtIg7W_bMwKbCgB2tM26D8KPHUEkttYIezrMg?e=3Aq2bKGet hashmaliciousUnknownBrowse
                                                                          • 13.85.23.86
                                                                          • 184.28.90.27
                                                                          httpsworker-nameless-haze-86e5.berwieberwieberwieberwieberwie.workers.deveba=.htmGet hashmaliciousHTMLPhisherBrowse
                                                                          • 13.85.23.86
                                                                          • 184.28.90.27
                                                                          https://aka.ms/LearnAboutSenderIdentificationGet hashmaliciousHTMLPhisherBrowse
                                                                          • 13.85.23.86
                                                                          • 184.28.90.27
                                                                          (No subject) (60).emlGet hashmaliciousHTMLPhisherBrowse
                                                                          • 13.85.23.86
                                                                          • 184.28.90.27

                                                                          Dropped Files

                                                                          No context

                                                                          Created / dropped Files

                                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:ASCII text
                                                                          Category:dropped
                                                                          Size (bytes):291
                                                                          Entropy (8bit):5.213924329945855
                                                                          Encrypted:false
                                                                          SSDEEP:6:N7IndL+q2P92nKuAl9OmbnIFUt887Inl1Zmw+87InzLVkwO92nKuAl9OmbjLJ:N7a+v4HAahFUt887e1/+87YV5LHAaSJ
                                                                          MD5:7D1B6C01574BA5A6E552527742CAA1E1
                                                                          SHA1:80CFFC56EEDBE13DFA3F60C483479D2AFFC16E6D
                                                                          SHA-256:09EF6969FC86EC2BE1E23F6E9AA7C3981024C4850B5B7CF03D27A31F79FCAF50
                                                                          SHA-512:7777276172B03EEB1F3A22B8873C29EF86E8E2CE4D6A843321B8E9C9A7B034F2926ED0042A3ED6B79F80516F76DA7D2B64EB74643655655D4BFBE7D450E7059B
                                                                          Malicious:false
                                                                          Reputation:low
                                                                          Preview:2024/08/27-14:57:27.087 87c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/08/27-14:57:27.089 87c Recovering log #3.2024/08/27-14:57:27.089 87c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:ASCII text
                                                                          Category:dropped
                                                                          Size (bytes):291
                                                                          Entropy (8bit):5.213924329945855
                                                                          Encrypted:false
                                                                          SSDEEP:6:N7IndL+q2P92nKuAl9OmbnIFUt887Inl1Zmw+87InzLVkwO92nKuAl9OmbjLJ:N7a+v4HAahFUt887e1/+87YV5LHAaSJ
                                                                          MD5:7D1B6C01574BA5A6E552527742CAA1E1
                                                                          SHA1:80CFFC56EEDBE13DFA3F60C483479D2AFFC16E6D
                                                                          SHA-256:09EF6969FC86EC2BE1E23F6E9AA7C3981024C4850B5B7CF03D27A31F79FCAF50
                                                                          SHA-512:7777276172B03EEB1F3A22B8873C29EF86E8E2CE4D6A843321B8E9C9A7B034F2926ED0042A3ED6B79F80516F76DA7D2B64EB74643655655D4BFBE7D450E7059B
                                                                          Malicious:false
                                                                          Reputation:low
                                                                          Preview:2024/08/27-14:57:27.087 87c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/08/27-14:57:27.089 87c Recovering log #3.2024/08/27-14:57:27.089 87c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:ASCII text
                                                                          Category:dropped
                                                                          Size (bytes):338
                                                                          Entropy (8bit):5.238514122198474
                                                                          Encrypted:false
                                                                          SSDEEP:6:N7InvIq2P92nKuAl9Ombzo2jMGIFUt887IndZmw+87InlkwO92nKuAl9Ombzo2jz:N75v4HAa8uFUt887k/+87e5LHAa8RJ
                                                                          MD5:7D3A70D77C68C70599F1554EB79CAA10
                                                                          SHA1:A5B808A38EFECC1FFE57AC0B7D5886AA5FC89DDB
                                                                          SHA-256:88AA1695A5157E03D5F3DCF0F2846BE70957F6E82B9D5464A68E82B83893979E
                                                                          SHA-512:E6336C3962ADC57C4BA4D234F37CE39DAC63F8DEF48C008C694BBFA38E0126525D43795AD8BDE2DC6622EF11CB78E690F1856800CF10F2388230E5B784F5B861
                                                                          Malicious:false
                                                                          Reputation:low
                                                                          Preview:2024/08/27-14:57:27.179 1c64 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/08/27-14:57:27.188 1c64 Recovering log #3.2024/08/27-14:57:27.195 1c64 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:ASCII text
                                                                          Category:dropped
                                                                          Size (bytes):338
                                                                          Entropy (8bit):5.238514122198474
                                                                          Encrypted:false
                                                                          SSDEEP:6:N7InvIq2P92nKuAl9Ombzo2jMGIFUt887IndZmw+87InlkwO92nKuAl9Ombzo2jz:N75v4HAa8uFUt887k/+87e5LHAa8RJ
                                                                          MD5:7D3A70D77C68C70599F1554EB79CAA10
                                                                          SHA1:A5B808A38EFECC1FFE57AC0B7D5886AA5FC89DDB
                                                                          SHA-256:88AA1695A5157E03D5F3DCF0F2846BE70957F6E82B9D5464A68E82B83893979E
                                                                          SHA-512:E6336C3962ADC57C4BA4D234F37CE39DAC63F8DEF48C008C694BBFA38E0126525D43795AD8BDE2DC6622EF11CB78E690F1856800CF10F2388230E5B784F5B861
                                                                          Malicious:false
                                                                          Reputation:low
                                                                          Preview:2024/08/27-14:57:27.179 1c64 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/08/27-14:57:27.188 1c64 Recovering log #3.2024/08/27-14:57:27.195 1c64 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\5a8ae50f-6526-45f6-9754-be62b4c7dbe0.tmp

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:JSON data
                                                                          Category:modified
                                                                          Size (bytes):508
                                                                          Entropy (8bit):5.060592401477876
                                                                          Encrypted:false
                                                                          SSDEEP:12:YH/um3RA8sqPsBdOg2HJgcaq3QYiubxnP7E4T3OF+:Y2sRds9dMHJL3QYhbxP7nbI+
                                                                          MD5:163634A7C27CCCDDF645B4342B0610C2
                                                                          SHA1:F6E3BE560EA8575C6007F53273C9B6C09DCEB3ED
                                                                          SHA-256:1D3260FE9C9299EC41666CCEE74D8908D108050301558F954ABDB4D0FBB5CF4D
                                                                          SHA-512:CD9406781AA777C4B31D5E6BAA77C4FD0F8A24A5B8837F16677292ACE87AB165BDF48D1D72E25890AC09626367888ABC2A13EAABE151AD50FA406238E80D3F85
                                                                          Malicious:false
                                                                          Reputation:low
                                                                          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13369345059750351","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":160120},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.5","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G","CAYSABiAgICA+P////8B":"Offline"}}}

                                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):508
                                                                          Entropy (8bit):5.060592401477876
                                                                          Encrypted:false
                                                                          SSDEEP:12:YH/um3RA8sqPsBdOg2HJgcaq3QYiubxnP7E4T3OF+:Y2sRds9dMHJL3QYhbxP7nbI+
                                                                          MD5:163634A7C27CCCDDF645B4342B0610C2
                                                                          SHA1:F6E3BE560EA8575C6007F53273C9B6C09DCEB3ED
                                                                          SHA-256:1D3260FE9C9299EC41666CCEE74D8908D108050301558F954ABDB4D0FBB5CF4D
                                                                          SHA-512:CD9406781AA777C4B31D5E6BAA77C4FD0F8A24A5B8837F16677292ACE87AB165BDF48D1D72E25890AC09626367888ABC2A13EAABE151AD50FA406238E80D3F85
                                                                          Malicious:false
                                                                          Reputation:low
                                                                          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13369345059750351","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":160120},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.5","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G","CAYSABiAgICA+P////8B":"Offline"}}}

                                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:data
                                                                          Category:dropped
                                                                          Size (bytes):4509
                                                                          Entropy (8bit):5.238514656792687
                                                                          Encrypted:false
                                                                          SSDEEP:96:QqBpCqGp3Al+NehBmkID2w6bNMhugoKTNY+No/KTNcygLPGLLU68zi65vv5PzZ:rBpJGp3AoqBmki25ZEVoKTNY+NoCTNLE
                                                                          MD5:1731A813804263F58CD767BA93CACACA
                                                                          SHA1:0E927634F4B68170F1DFD8D0F20DD98D8E4EFC44
                                                                          SHA-256:E9D87D2EF13E1D48B9CDC889F292EFBB94D856E0E65A342DBB499C41C4391EF9
                                                                          SHA-512:DB98465654C0099362B22363A616A10C079DE52195CE245B381E7A36A7332E8C3FF61D2405E15680ECB104470269A311B7A696E06E32970FD2C43825C34CA5D4
                                                                          Malicious:false
                                                                          Preview:*...#................version.1..namespace-.1a.o................next-map-id.1.Pnamespace-047a745d_5c98_4926_b446_942fb948d072-https://rna-resource.acrobat.com/.0.K..r................next-map-id.2.Snamespace-bdf2fbfe_e08b_407d_8a81_9a6094e373a0-https://rna-v2-resource.acrobat.com/.1.m.Fr................next-map-id.3.Snamespace-24b9c7f4_3e31_4d11_a607_ac91d6485c9e-https://rna-v2-resource.acrobat.com/.2.8.o................next-map-id.4.Pnamespace-bc60f291_faa7_4492_8b22_e186b4ce62c1-https://rna-resource.acrobat.com/.3.A-N^...............Pnamespace-047a745d_5c98_4926_b446_942fb948d072-https://rna-resource.acrobat.com/-j..^...............Pnamespace-bc60f291_faa7_4492_8b22_e186b4ce62c1-https://rna-resource.acrobat.com/[.|.a...............Snamespace-bdf2fbfe_e08b_407d_8a81_9a6094e373a0-https://rna-v2-resource.acrobat.com/....a...............Snamespace-24b9c7f4_3e31_4d11_a607_ac91d6485c9e-https://rna-v2-resource.acrobat.com/.W.@o................next-map-id.5.Pnamespace-8fb46ac3_c992_47ca_bb04_

                                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:ASCII text
                                                                          Category:dropped
                                                                          Size (bytes):326
                                                                          Entropy (8bit):5.229373610076509
                                                                          Encrypted:false
                                                                          SSDEEP:6:N7Insq2P92nKuAl9OmbzNMxIFUt887InHZmw+87InsdFzkwO92nKuAl9OmbzNMFd:N7pv4HAa8jFUt887C/+879dFz5LHAa8E
                                                                          MD5:0C67F5B66C8E3E2D60888E865E1A7307
                                                                          SHA1:AC2107B2B8584EAA1E3ED4B79C659036DB434EB0
                                                                          SHA-256:353A0A239F1DB659B3959AC62725B02CC1D38A71C6AF9F2A584B38EFD08F76BB
                                                                          SHA-512:B271936E4D2C40ADC784837259146FF368136418F15723BA19E4A8BE8AB874D06EFD132BAAD5A72AEA97F4DA69D865BF6024BB33CB74D49ED3C67E3E0B64A308
                                                                          Malicious:false
                                                                          Preview:2024/08/27-14:57:27.311 1c64 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/08/27-14:57:27.313 1c64 Recovering log #3.2024/08/27-14:57:27.314 1c64 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                                                                          C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:ASCII text
                                                                          Category:dropped
                                                                          Size (bytes):326
                                                                          Entropy (8bit):5.229373610076509
                                                                          Encrypted:false
                                                                          SSDEEP:6:N7Insq2P92nKuAl9OmbzNMxIFUt887InHZmw+87InsdFzkwO92nKuAl9OmbzNMFd:N7pv4HAa8jFUt887C/+879dFz5LHAa8E
                                                                          MD5:0C67F5B66C8E3E2D60888E865E1A7307
                                                                          SHA1:AC2107B2B8584EAA1E3ED4B79C659036DB434EB0
                                                                          SHA-256:353A0A239F1DB659B3959AC62725B02CC1D38A71C6AF9F2A584B38EFD08F76BB
                                                                          SHA-512:B271936E4D2C40ADC784837259146FF368136418F15723BA19E4A8BE8AB874D06EFD132BAAD5A72AEA97F4DA69D865BF6024BB33CB74D49ED3C67E3E0B64A308
                                                                          Malicious:false
                                                                          Preview:2024/08/27-14:57:27.311 1c64 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/08/27-14:57:27.313 1c64 Recovering log #3.2024/08/27-14:57:27.314 1c64 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                                                                          C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240827185731Z-152.bmp

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:PC bitmap, Windows 3.x format, 164 x -115 x 32, cbSize 75494, bits offset 54
                                                                          Category:dropped
                                                                          Size (bytes):75494
                                                                          Entropy (8bit):3.5365751369680654
                                                                          Encrypted:false
                                                                          SSDEEP:768:kqDueEF4Z9V0mKtyj22A222gTCbrsbkr/:zESZ6to22A222gTCbeq
                                                                          MD5:657351598782C1AE9BB156EC37DD7E98
                                                                          SHA1:E787B49CACB2ABC179E1459E75039D327BA45491
                                                                          SHA-256:9FB0B3584CC88BC6C98335C3D80E1D231453749DFCE46E944EFF6C63707700DB
                                                                          SHA-512:4C636CE236A1426580FE4A8F13B3C4E1E7825459EE7C673EEAB67136D3B540A43E02EAB842E23D80EB5FD9EB4656629F299223590DFEBD9A4B69B63A73834749
                                                                          Malicious:false
                                                                          Preview:BM.&......6...(............. ....................................."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'........................."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#'."#

                                                                          C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
                                                                          Category:dropped
                                                                          Size (bytes):71954
                                                                          Entropy (8bit):7.996617769952133
                                                                          Encrypted:true
                                                                          SSDEEP:1536:gc257bHnClJ3v5mnAQEBP+bfnW8Ctl8G1G4eu76NWDdB34w18R5cBWcJAm68+Q:gp2ld5jPqW8LgeulxB3fgcEfDQ
                                                                          MD5:49AEBF8CBD62D92AC215B2923FB1B9F5
                                                                          SHA1:1723BE06719828DDA65AD804298D0431F6AFF976
                                                                          SHA-256:B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F
                                                                          SHA-512:BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B
                                                                          Malicious:false
                                                                          Preview:MSCF............,...................I..................XaK .authroot.stl.[.i..6..CK..<Tk......4.cl!Kg..E..*Y.f_..".$mR"$.J.E.KB."..rKv.."{.g....3.W.....c..9.s...=....y6#..x..........D......\(.#.s.!.A.......cd.c........+^.ov...n.....3BL..0.......BPUR&.X..02.q...R...J.....w.....b.vy>....-.&..(..oe."."...J9...0U.6J..|U..S.....M.F8g...=.......p...........l.?3.J.x.G.Ep..$g..tj......)v]9(:.)W.8.Op.1Q..:.nPd........7.7..M].V F..g.....12..!7(...B.......h.RZ.......l.<.....6..Z^.`p?... .p.Gp.#.'.X..........|!.8.....".m.49r?.I...g...8.v.....a``.g.R4.i...J8q....NFW,E.6Y....!.o5%.Y.....R..<..S9....r....WO...(.....F..Q=*....-..7d..O(....-..+k.........K..........{Q....Z..j._.E...QZ.~.\.^......N.9.k..O.}dD.b1r...[}/....T..E..G..c.|.c.&>?..^t. ..;..X.d.E.0G....[Q.*,*......#.Dp..L.o|#syc.J............}G-.ou6.=52..XWi=...m.....^u......c..fc?&pR7S5....I...j.G........j.j..Tc.El.....B.pQ.,Bp....j...9g.. >..s..m#.Nb.o_u.M.V...........\#...v..Mo\sF..s....Y...

                                                                          C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:data
                                                                          Category:dropped
                                                                          Size (bytes):893
                                                                          Entropy (8bit):7.366016576663508
                                                                          Encrypted:false
                                                                          SSDEEP:24:hBntmDvKUQQDvKUr7C5fpqp8gPvXHmXvponXux:3ntmD5QQD5XC5RqHHXmXvp++x
                                                                          MD5:D4AE187B4574036C2D76B6DF8A8C1A30
                                                                          SHA1:B06F409FA14BAB33CBAF4A37811B8740B624D9E5
                                                                          SHA-256:A2CE3A0FA7D2A833D1801E01EC48E35B70D84F3467CC9F8FAB370386E13879C7
                                                                          SHA-512:1F44A360E8BB8ADA22BC5BFE001F1BABB4E72005A46BC2A94C33C4BD149FF256CCE6F35D65CA4F7FC2A5B9E15494155449830D2809C8CF218D0B9196EC646B0C
                                                                          Malicious:false
                                                                          Preview:0..y..*.H.........j0..f...1.0...*.H.........N0..J0..2.......D....'..09...@k0...*.H........0?1$0"..U....Digital Signature Trust Co.1.0...U....DST Root CA X30...000930211219Z..210930140115Z0?1$0"..U....Digital Signature Trust Co.1.0...U....DST Root CA X30.."0...*.H.............0..........P..W..be......,k0.[...}.@......3vI*.?!I..N..>H.e...!.e.*.2....w..{........s.z..2..~..0....*8.y.1.P..e.Qc...a.Ka..Rk...K.(.H......>.... .[.*....p....%.tr.{j.4.0...h.{T....Z...=d.....Ap..r.&.8U9C....\@........%.......:..n.>..\..<.i....*.)W..=....]......B0@0...U.......0....0...U...........0...U.........{,q...K.u...`...0...*.H...............,...\...(f7:...?K.... ]..YD.>.>..K.t.....t..~.....K. D....}..j.....N..:.pI...........:^H...X._..Z.....Y..n......f3.Y[...sG.+..7H..VK....r2...D.SrmC.&H.Rg.X..gvqx...V..9$1....Z0G..P.......dc`........}...=2.e..|.Wv..(9..e...w.j..w.......)...55.1.

                                                                          C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:data
                                                                          Category:modified
                                                                          Size (bytes):328
                                                                          Entropy (8bit):3.1379890379152853
                                                                          Encrypted:false
                                                                          SSDEEP:6:kKxkT9UswDLL+N+SkQlPlEGYRMY9z+4KlDA3RUebT3:fDnLNkPlE99SNxAhUe/3
                                                                          MD5:9AF4FB1E606BF305E4AEBFEFC6B1ACD5
                                                                          SHA1:8DE13F7D0E974D15B0FEEAF2BDAABB18F88173C1
                                                                          SHA-256:8ECC065488B1F51637710536EE08DE302AD087EE7B261D8A95DBE39467324FBF
                                                                          SHA-512:B322D0F939D8DC63A481C94F057142E8C35D59BF964D2FDF7F5C95DE3873E4D99F08B71B99AC9A7B15529266A0277B8CBC97C629FC85FAB7496F8406C5D77E65
                                                                          Malicious:false
                                                                          Preview:p...... ........(..!....(....................................................... ........G..@.......&...............h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".a.7.2.8.2.e.b.4.0.b.1.d.a.1.:.0."...

                                                                          C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:data
                                                                          Category:dropped
                                                                          Size (bytes):252
                                                                          Entropy (8bit):3.01099116281767
                                                                          Encrypted:false
                                                                          SSDEEP:3:kkFklj3lltfllXlE/E/KRkzllPlzRkwWBARLNDU+ZMlKlBkvclcMlVHblB8V7ln3:kKILxliBAIdQZV7I7kc3
                                                                          MD5:B5555E17306BC39A9BEF7FDA955908C9
                                                                          SHA1:26F1C29167284AA1B4D5F7443B2EED4199C11C30
                                                                          SHA-256:46190D3516F4CAB1397D960ECCAB52EB43F9362F256193AD565DEAB1B4FF1000
                                                                          SHA-512:E47E7F014C547B8DE5D3C81C02327A42F3AEDB5EE592FB3DADFF901A42341BD64C8C3CD58C5C1EBE9856C7E76636D93E195AB420626640ED7D06461959A60A87
                                                                          Malicious:false
                                                                          Preview:p...... ....`.....c.....(....................................................... ........!.M........(...........}...h.t.t.p.:././.a.p.p.s...i.d.e.n.t.r.u.s.t...c.o.m./.r.o.o.t.s./.d.s.t.r.o.o.t.c.a.x.3...p.7.c...".3.7.d.-.6.0.7.9.b.8.c.0.9.2.9.c.0."...

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.6644

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:PostScript document text
                                                                          Category:dropped
                                                                          Size (bytes):185099
                                                                          Entropy (8bit):5.182478651346149
                                                                          Encrypted:false
                                                                          SSDEEP:1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC
                                                                          MD5:94185C5850C26B3C6FC24ABC385CDA58
                                                                          SHA1:42F042285037B0C35BC4226D387F88C770AB5CAA
                                                                          SHA-256:1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
                                                                          SHA-512:652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344
                                                                          Malicious:false
                                                                          Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Reg.FamilyName:Agency FB.StyleName:Regular.MenuName:Agency FB.StyleBits:0.WeightClass:400.WidthClass:3.AngleClass:0.FullName:Agency FB.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB.FileLength:58920.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Bold.FamilyName:Agency FB.StyleName:Bold.MenuName:Agency FB.StyleBits:2.WeightClass:700.WidthClass:3.AngleClass:0.FullName:Agency FB Bold.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB Bold.FileLength:60656.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB Bold.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Algerian.FamilyName:Algerian.StyleName:Regular.MenuName:Algerian.StyleBits:0.We

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:PostScript document text
                                                                          Category:dropped
                                                                          Size (bytes):185099
                                                                          Entropy (8bit):5.182478651346149
                                                                          Encrypted:false
                                                                          SSDEEP:1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC
                                                                          MD5:94185C5850C26B3C6FC24ABC385CDA58
                                                                          SHA1:42F042285037B0C35BC4226D387F88C770AB5CAA
                                                                          SHA-256:1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
                                                                          SHA-512:652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344
                                                                          Malicious:false
                                                                          Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Reg.FamilyName:Agency FB.StyleName:Regular.MenuName:Agency FB.StyleBits:0.WeightClass:400.WidthClass:3.AngleClass:0.FullName:Agency FB.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB.FileLength:58920.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Bold.FamilyName:Agency FB.StyleName:Bold.MenuName:Agency FB.StyleBits:2.WeightClass:700.WidthClass:3.AngleClass:0.FullName:Agency FB Bold.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB Bold.FileLength:60656.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB Bold.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Algerian.FamilyName:Algerian.StyleName:Regular.MenuName:Algerian.StyleBits:0.We

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheAcro65536.dat

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:data
                                                                          Category:dropped
                                                                          Size (bytes):228346
                                                                          Entropy (8bit):3.3890581331110528
                                                                          Encrypted:false
                                                                          SSDEEP:1536:WKPC4iyzDtrh1cK3XEivK7VK/3AYvYwgf/rRoL+sn:DPCaJ/3AYvYwgXFoL+sn
                                                                          MD5:BAE090D23B1C0D4F6DC247F0080D349E
                                                                          SHA1:8A7AAD52A54F9A3CCEF3CE323F6BBD5B2B530461
                                                                          SHA-256:D7D3096317CF32DBEDF75D85390FE89A96170D44C09B2F6D164036064F506AE3
                                                                          SHA-512:208136EBA10544EA5EADA1C32EADFD8066047A9D851FF95BADF9938D40AFA1771003C2725DB8C78991E700C73FA2FC3C9F3CC3712B3332E4CF6F8DDE0E539130
                                                                          Malicious:false
                                                                          Preview:Adobe Acrobat Reader (64-bit) 23.6.20320....?A12_AV2_Search_18px.............................................................................................................KKK KKK.KKK.KKK.KKK.KKK.KKK@........................................KKK`KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.............................KKKPKKK.KKK.KKK.KKK.........KKKPKKK.KKK.KKK.........................KKK.KKK.KKK.KKK0....................KKK.KKK.KKK.KKK`....................KKK`KKK.KKK.............................KKK@KKK.KKK.....................KKK.KKK.KKK0................................KKK.KKK.....................KKK.KKK.....................................KKK.KKK.....................KKK.KKK.KKK0................................KKK.KKK.....................KKK`KKK.KKK.............................KKK@KKK.KKK.....................KKK.KKK.KKK.KKK@....................KKK.KKK.KKK.KKK`........................KKKPKKK.KKK.KKK.KKK.........KKKPKKK.KKK.KKK.KKK.............................KKK`KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):295
                                                                          Entropy (8bit):5.345716780512473
                                                                          Encrypted:false
                                                                          SSDEEP:6:YEQXJ2HXkbG8x+FIbRI6XVW7+0YK6ZoAvJM3g98kUwPeUkwRe9:YvXKX/YpW7IWGMbLUkee9
                                                                          MD5:239A6D6898614FE0AA195B89927A256F
                                                                          SHA1:39AE4BA6818DF2AB5B0079E3E8D4D400764E84C8
                                                                          SHA-256:0D7FC915EB51FD096B9D10D2407C37960208A44BC24A99D5F8C9726DB59DD871
                                                                          SHA-512:D97E8FB453E572500DA32B5D35AC99801A7257E1837A69DEB0BC706071B841ECF5CE56F2F9F8C26904F625960B7CE9DCB7C29E0CD7702D7FAF5A763E94F91BC7
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"ACROBAT_READER_MASTER_SURFACEID","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):294
                                                                          Entropy (8bit):5.283656093909875
                                                                          Encrypted:false
                                                                          SSDEEP:6:YEQXJ2HXkbG8x+FIbRI6XVW7+0YK6ZoAvJfBoTfXpnrPeUkwRe9:YvXKX/YpW7IWGWTfXcUkee9
                                                                          MD5:107B153672D1AAF69B7E6BFB69DBB0FC
                                                                          SHA1:93B46A14274E1421AE41964A05C6F9AC266112A6
                                                                          SHA-256:5D9C3A9B4DB6782B621A686E3726FB668FB6175421721E03CA1C24D8FC2DC064
                                                                          SHA-512:D62D7B9EA5CA0BEE20021AD2F5F09F586C02CC2260BDD993BB24B43B6C3EF406F980C51DC75D9B3D6DC86C424D9C1D505152EBE65863C13D62EAB6E8722D1D0F
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"DC_FirstMile_Home_View_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):294
                                                                          Entropy (8bit):5.262923887824544
                                                                          Encrypted:false
                                                                          SSDEEP:6:YEQXJ2HXkbG8x+FIbRI6XVW7+0YK6ZoAvJfBD2G6UpnrPeUkwRe9:YvXKX/YpW7IWGR22cUkee9
                                                                          MD5:1D110E99CC2F2627B74EE6E7B634D3CC
                                                                          SHA1:3190286A6935680DB743AA0FE33BAA2295DDBB4D
                                                                          SHA-256:00C5CB740099071AFAF71982C855B0B170225A872E34D845CB83989174ED0EEB
                                                                          SHA-512:C2DF06374343A7E3E71C2C819BBD6195CB40BE1E2A121762ABDD3D1252A9046435EDCBB4DC72C2542E16B158672F96A11B42D7D6898A91A21978661274D4BE2E
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"DC_FirstMile_Right_Sec_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):285
                                                                          Entropy (8bit):5.323990479015366
                                                                          Encrypted:false
                                                                          SSDEEP:6:YEQXJ2HXkbG8x+FIbRI6XVW7+0YK6ZoAvJfPmwrPeUkwRe9:YvXKX/YpW7IWGH56Ukee9
                                                                          MD5:CFF87DE7AAD3BCF8151E0DE0909EBF31
                                                                          SHA1:DCEE55CDF5D2BD3054FBFFD82C0FDE7B336B3A27
                                                                          SHA-256:04109D7ED9F13DA88A37172A85476B36E71A3968F25BE3234E3401E0D8FE82C6
                                                                          SHA-512:EE6829E5A82859EEC9C48D65EA1F3F6CA969D7502A79BC7C6AD905AF6CA800683F879E83742D31B1F1BF0F9D66A5E63C4D3964112959577B60CFF0E554BA8E08
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"DC_READER_LAUNCH_CARD","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):1063
                                                                          Entropy (8bit):5.666612433273572
                                                                          Encrypted:false
                                                                          SSDEEP:24:Yv6XMiIDpLgEFqciGennl0RCmK8czOCY4w2Y:YvwUhgLtaAh8cvYvT
                                                                          MD5:3AF73E5CF188D1FB611BBD750390504F
                                                                          SHA1:171E7DF6C4B7F1F3246DA30A93F7BE105319853C
                                                                          SHA-256:6480B704CE8A0FBFAF3326C8710B2981B114061D7D3AB4433EF683477D6C1350
                                                                          SHA-512:E61B6674073C56DEDF6772409CB932815413E9A29EFFD78F92A491AEB40D67709EBBAE4AB6AD5BA6D6F9C480B08DC3C460483869F3E916051CAB0D293F2B606A
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"DC_Reader_Convert_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Convert_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"85534_264855ActionBlock_2","campaignId":85534,"containerId":"1","controlGroupId":"","treatmentId":"afb9c2a3-eaf4-41f9-9d73-768e72f72282","variationId":"264855"},"containerId":1,"containerLabel":"JSON for DC_Reader_Convert_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkNvbnZlcnQgZmlsZXMgdG8gYW5kIGZyb20gUERGXG53aXRob3V0IGxpbWl0cy4ifSwidGNhdElkIjpudWxsfQ==","dataType":"application\/json","encodingSc

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):1050
                                                                          Entropy (8bit):5.650525262056568
                                                                          Encrypted:false
                                                                          SSDEEP:24:Yv6XMiIfVLgEF0c7sbnl0RCmK8czOCYHflEpwiVY:YvwOFg6sGAh8cvYHWpwh
                                                                          MD5:D5038C79513F0B378334CDB2BDE89DEC
                                                                          SHA1:E156CE6DD1150064071E47D15D381C7ADD60696F
                                                                          SHA-256:6C545FC0DD661940246E837F6D877D5F9CDD2415FB3FF73A16D044712667CDAD
                                                                          SHA-512:7B67FBA39CB81C185F199B537E3C96961BF65068150E5DAE4CE9FDB89A9FCEA6DC629A6C6CFD595DC43981384B06D2E401DC2EE8B368BDDBCC60D1361E1C41AF
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Disc_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"85534_264855ActionBlock_0","campaignId":85534,"containerId":"1","controlGroupId":"","treatmentId":"0924134e-3c59-4f53-b731-add558c56fec","variationId":"264855"},"containerId":1,"containerLabel":"JSON for DC_Reader_Disc_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkNvbnZlcnQsIGVkaXQgYW5kIGUtc2lnblxuZm9ybXMgJiBhZ3JlZW1lbnRzLiJ9LCJ0Y2F0SWQiOm51bGx9","dataType":"application\/json","encodingScheme":true},"

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):292
                                                                          Entropy (8bit):5.271748144283256
                                                                          Encrypted:false
                                                                          SSDEEP:6:YEQXJ2HXkbG8x+FIbRI6XVW7+0YK6ZoAvJfQ1rPeUkwRe9:YvXKX/YpW7IWGY16Ukee9
                                                                          MD5:D30394BAB44EABB37714C3512ED492DA
                                                                          SHA1:DBD0B57E8EB77280BA31A04EF04AE25847651AA6
                                                                          SHA-256:D54CC1BB8E75863CE21E9DE5539F06BCAD0F6C7393F468A4E432507992756800
                                                                          SHA-512:6432A48B19C26EAC7476D2B6B99F679E47DD81574B19C6881B4BADEE27FB7BE63E2AECBA04FDDC3529D5E0B360481150E7C82310A9993901E6BD5C0DA244B1FF
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):1038
                                                                          Entropy (8bit):5.6474055432209855
                                                                          Encrypted:false
                                                                          SSDEEP:24:Yv6XMiIu2LgEF7cciAXs0nl0RCmK8czOCAPtciBY:Yvwbogc8hAh8cvAm
                                                                          MD5:8BA479DE24E8151B1D578A6CEE8D826D
                                                                          SHA1:C0DCEA562A4C59C2739EDA54267C6062688F76D5
                                                                          SHA-256:2F0146261DB4D594512A1BDDFCE34B42E857EC8FEE327A1F96F360686B5457D3
                                                                          SHA-512:659D139F62A7E6C9AEB11BD77665CD00E516D47760351C3B5A093894FDD14B5C1DAA2FB23C10BC504B597BC7544A7623E48533263E690C1DB4A4B4C5CFE67B42
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"DC_Reader_Edit_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Edit_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"85534_264855ActionBlock_1","campaignId":85534,"containerId":"1","controlGroupId":"","treatmentId":"49d2f713-7aa9-44db-aa50-0a7a22add459","variationId":"264855"},"containerId":1,"containerLabel":"JSON for DC_Reader_Edit_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkVkaXQgdGV4dCwgaW1hZ2VzLCBwYWdlcywgYW5kIG1vcmUuIn0sInRjYXRJZCI6bnVsbH0=","dataType":"application\/json","encodingScheme":true},"endDTS":1744

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):1164
                                                                          Entropy (8bit):5.697164023956531
                                                                          Encrypted:false
                                                                          SSDEEP:24:Yv6XMiIiKLgEfIcZVSkpsn264rS514ZjBrwloJTmcVIsrSK5Y:YvwXEgqprtrS5OZjSlwTmAfSKq
                                                                          MD5:D5DC40088BEAB2548279516661647B6F
                                                                          SHA1:67E60DC6B1D268CE0175FF3D6311AAA73D224DA4
                                                                          SHA-256:C484E2C03A63A51B568678A6CBD2D2F97C492B8E13F9C22CFF9958197EF29DD6
                                                                          SHA-512:3DDDD47307F87F657168084C79FCE5EF3EF9AE89BB916B534329FEFA615B7D284DE388BF5BF7F36BC2EBBEDDFA4E9120D6AF49DC7C16B93CA5A1529C52A24DB2
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"DC_Reader_Home_LHP_Trial_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Home_LHP_Trial_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"85531_264848ActionBlock_0","campaignId":85531,"containerId":"1","controlGroupId":"","treatmentId":"ee1a7497-76e7-43c2-bb63-9a0551e11d73","variationId":"264848"},"containerId":1,"containerLabel":"JSON for DC_Reader_Home_LHP_Trial_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IlRyeSBBY3JvYmF0IFBybyJ9LCJ1aSI6eyJ0aXRsZV9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjE1cHgiLCJmb250X3N0eWxlIjoiMCJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjEzcHgiLCJmb250X3N0eWxlIjoiLTEifSwidGl0bGUiOiJGcmVlIHRyaWFsIiwiZGVzY3JpcHRpb24iOiJHZXQgdW5saW1pdGVkIGFjY2VzcyB0b1xucHJlbWl1bSBQREYgYW5kIGUtc2lnbmluZ1xudG9vbHMuIn0sImJhbm5lcl9zdHlsaW5nIjo

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):289
                                                                          Entropy (8bit):5.2779435040260285
                                                                          Encrypted:false
                                                                          SSDEEP:6:YEQXJ2HXkbG8x+FIbRI6XVW7+0YK6ZoAvJfYdPeUkwRe9:YvXKX/YpW7IWGg8Ukee9
                                                                          MD5:974F9C2D4025FEAE89A912FCD37FA745
                                                                          SHA1:5E9CDB137257892ADEA24FE7AB9485CCA9422D9C
                                                                          SHA-256:93CD446107B8F031B0350A91435403396689C6CE0ED485FE4750952D1B39E3B8
                                                                          SHA-512:C80F719C20CD5462F111F2AFB306C0EE7B9368E1CCF66371D04C1CFF155A6A65F678A46ECA2C4AC0B00AFB295619742054A12AF6BCCC013BFFBB3E4593188182
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"DC_Reader_More_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):1395
                                                                          Entropy (8bit):5.775712796711696
                                                                          Encrypted:false
                                                                          SSDEEP:24:Yv6XMiIhrLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJNA:YvwqHgDv3W2aYQfgB5OUupHrQ9FJq
                                                                          MD5:6B1560AAB38361F1294F758AF6625918
                                                                          SHA1:543BF536008CFFD7B65437C7B21D0CEDC3FEE062
                                                                          SHA-256:DAC2217604244F3EB8A90756C21C15F4F9ADDD5D2C520C4B8622369FAF0E6469
                                                                          SHA-512:2C19E462820507208D273817D8F603842A29CC602CD8D5D61DAD5C13B723AA5B1730D37B971B0E01900DA8F3F8E5BF9F3AF2A856BFAAE0B3FEAAFDD8D49AEF16
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"DC_Reader_RHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_RHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"57802_176003ActionBlock_0","campaignId":57802,"containerId":"1","controlGroupId":"","treatmentId":"d0374f2d-08b2-49b9-9500-3392758c9e2e","variationId":"176003"},"containerId":1,"containerLabel":"JSON for Reader DC RHP Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctRGF5IFRyaWFsIiwiZ29fdXJsIjoiaHR0cHM6Ly9hY3JvYmF0LmFkb2JlLmNvbS9wcm94eS9wcmljaW5nL3VzL2VuL3NpZ24tZnJlZS10cmlhbC5odG1sP3RyYWNraW5naWQ9UEMxUFFMUVQmbXY9aW4tcHJvZHVjdCZtdjI9cmVhZGVyIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjEyIiwiZm9udF9zdHlsZSI6IjMifSwidGl0

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):291
                                                                          Entropy (8bit):5.261642192737514
                                                                          Encrypted:false
                                                                          SSDEEP:6:YEQXJ2HXkbG8x+FIbRI6XVW7+0YK6ZoAvJfbPtdPeUkwRe9:YvXKX/YpW7IWGDV8Ukee9
                                                                          MD5:AE942101D8418CBA83B90E1D4E65AC26
                                                                          SHA1:555FCC8BA86522989CB359B9ECAB2E5B8A0A6D47
                                                                          SHA-256:79CBC1C9F2D9082986897D6B6FB9B9F57F93978BD8EC87F8A12E1CBCE7D3F99C
                                                                          SHA-512:0295C907C185C2CEFFE609E0A9DFE3B5B6D58EB414A34594D82C3FEFB589ABE3871CD88DD6D383994917676749380E097C917D2A436BBE37710FC36AD1215D5C
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"DC_Reader_RHP_Intent_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):287
                                                                          Entropy (8bit):5.263010117178552
                                                                          Encrypted:false
                                                                          SSDEEP:6:YEQXJ2HXkbG8x+FIbRI6XVW7+0YK6ZoAvJf21rPeUkwRe9:YvXKX/YpW7IWG+16Ukee9
                                                                          MD5:08E46548288407A5CD743F792C291CF3
                                                                          SHA1:79A7D84A133BF3565F19437A93BE201B92087CA5
                                                                          SHA-256:BEAF0FC1C3EAE93B3EE2D1C6752BA73744EA64B38373210085603CE2950F6E81
                                                                          SHA-512:CA4840C014026602BEACA1DCA87687966C9ECDD619B6104E94DE2A69DBDEC7246E9C76513E937AA94F23D67ABB6D12A44B0138FB77427DF7E9F51955610DBE24
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"DC_Reader_RHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):1058
                                                                          Entropy (8bit):5.654231638038438
                                                                          Encrypted:false
                                                                          SSDEEP:24:Yv6XMiIzamXayLgEFRcONaqnl0RCmK8czOC+w2E+tg8BY:YvwWBguOAh8cv+NKL
                                                                          MD5:7B433364255B34BA35277B9358431C6E
                                                                          SHA1:C93DA1C617403E1255C22F3F021D9D841C3EA893
                                                                          SHA-256:E82A4DAFCDA0F668AC9894F7C14861092857CF89EE524A635677E46D25F74A23
                                                                          SHA-512:C384EB0F097D90075B747212248D959473A62117641FE610BE6502B12227FBFD80BE59C2B24F47EE575F52C8817C98FB5D89F26D6D029DD3F908D50462F78635
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"DC_Reader_Sign_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Sign_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"85534_264855ActionBlock_3","campaignId":85534,"containerId":"1","controlGroupId":"","treatmentId":"ece07729-7db6-4f20-9f8d-7976ad373049","variationId":"264855"},"containerId":1,"containerLabel":"JSON for DC_Reader_Sign_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IlNlbmQgZG9jdW1lbnRzICYgZm9ybXNcbmZvciBmYXN0IGUtc2lnbmluZyBvbmxpbmUuIn0sInRjYXRJZCI6bnVsbH0=","dataType":"application\/json","encodingScheme"

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):286
                                                                          Entropy (8bit):5.240118353187851
                                                                          Encrypted:false
                                                                          SSDEEP:6:YEQXJ2HXkbG8x+FIbRI6XVW7+0YK6ZoAvJfshHHrPeUkwRe9:YvXKX/YpW7IWGUUUkee9
                                                                          MD5:27B277942DE501C2924C719E8FE96C0F
                                                                          SHA1:FD6A255207C305C8A4960D0BAEE290F3922709CE
                                                                          SHA-256:C2D1D77AE345DFDDDAC1D69B45BF4378C240DC5BEE869DCC2E96C9B922524159
                                                                          SHA-512:32E87853D6294C245640FC24499B6F03C124040AEA3CF2F856214402D087065B7D032521E6FF4ABAD2800FD59C4F464D649FAEC18E5FDC945C1081FD532F4C13
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"DC_Reader_Upsell_Cards","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):782
                                                                          Entropy (8bit):5.367019594139547
                                                                          Encrypted:false
                                                                          SSDEEP:12:YvXKX/YpW7IWGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhW74:Yv6XMiIw168CgEXX5kcIfANhh
                                                                          MD5:C2B848F176419AA27735B43F75F53DE6
                                                                          SHA1:5335D8F7B2C7B2F7D784C4AB7D7296BEC03910B1
                                                                          SHA-256:A8308ADE8CC21D88A14153351ED61AF24353E99A571621A2B404AC868C3DBD92
                                                                          SHA-512:632C8DD8024B5E199FB35CA3149F02E96002B989A46D37E57E8646BFB5B469845BD4F6B4E2DB2CEB1FB78AC764BDBE4EB8E504509195A7749AD758363C8C1353
                                                                          Malicious:false
                                                                          Preview:{"analyticsData":{"responseGUID":"ef19ae06-a141-4562-bc65-b7b6b871170e","sophiaUUID":"FC1B1BAD-CA24-4641-AA35-0D02D0C204D1"},"encodingScheme":true,"expirationDTS":1724959938582,"statusCode":200,"surfaceID":"Edit_InApp_Aug2020","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"Edit_InApp_Aug2020"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"20360_57769ActionBlock_0","campaignId":20360,"containerId":"1","controlGroupId":"","treatmentId":"3c07988a-9c54-409d-9d06-53885c9f21ec","variationId":"57769"},"containerId":1,"containerLabel":"JSON for switching in-app test","content":{"data":"eyJ1cHNlbGxleHBlcmltZW50Ijp7InRlc3RpZCI6IjEiLCJjb2hvcnQiOiJicm93c2VyIn19","dataType":"application\/json","encodingScheme":true},"endDTS":1735804679000,"startDTS":1724785053618}}}}

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:data
                                                                          Category:dropped
                                                                          Size (bytes):4
                                                                          Entropy (8bit):0.8112781244591328
                                                                          Encrypted:false
                                                                          SSDEEP:3:e:e
                                                                          MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                                                                          SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                                                                          SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                                                                          SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                                                                          Malicious:false
                                                                          Preview:....

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):2818
                                                                          Entropy (8bit):5.134358680587989
                                                                          Encrypted:false
                                                                          SSDEEP:24:Yp4eEgiaUPQayoOGLCYb+MBXPHG+W1BHJ+ITjjj0S5l3t2wGGV2LSbUd0u6K5Ggd:Ypsjpbb/G+6NkAvZ4GVBUdf6KcgG9k
                                                                          MD5:205639308B7382B29F6EA27ABD03524F
                                                                          SHA1:5AC8DB7F6C4105C24CB984A20C5A60D1A6F4502F
                                                                          SHA-256:9F2FB4F15850E58EF7DCB389BBE9632EBCCA1A2D16DAF12EAEEE2FA8DB891B48
                                                                          SHA-512:6D62D698E27A45024C987B39A8511C4067EA3784BF76BDA1FC7C4A50D19AFE5E468A481842FC47798BB3D415B9ABCC9161DF76351F77E6B4865A64D81FE9AF09
                                                                          Malicious:false
                                                                          Preview:{"all":[{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"16c5eef928c0699d44cc0072d6fd4366","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":1050,"ts":1724785053000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"83a1d834a4dadf80271de7c875bcb187","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":1164,"ts":1724785053000},{"id":"DC_Reader_Sign_LHP_Banner","info":{"dg":"b22118a36aafd9bcf433b661b787f52d","sid":"DC_Reader_Sign_LHP_Banner"},"mimeType":"file","size":1058,"ts":1724785053000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"966450834767ef04e1b6b68cf3546552","sid":"DC_Reader_Convert_LHP_Banner"},"mimeType":"file","size":1063,"ts":1724785053000},{"id":"DC_Reader_Edit_LHP_Banner","info":{"dg":"26079858edb26600369c6c1cd7d2e118","sid":"DC_Reader_Edit_LHP_Banner"},"mimeType":"file","size":1038,"ts":1724785053000},{"id":"Edit_InApp_Aug2020","info":{"dg":"d3ae01007e3d64d627f7704215e43db9","sid":"Edit_InApp_Aug2020"},"mimeType":"file","size":782,"ts":17

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 19, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 19
                                                                          Category:dropped
                                                                          Size (bytes):12288
                                                                          Entropy (8bit):0.9859851356129128
                                                                          Encrypted:false
                                                                          SSDEEP:24:TLHRx/XYKQvGJF7urs6I1RZKHs/Ds/Spav4zJwtNBwtNbRZ6bRZ4DvF:TVl2GL7ms6ggOVpagzutYtp6Pc9
                                                                          MD5:64F079AD7A11FAD8A59C559DD879DEA2
                                                                          SHA1:5BDC5A69C9FAF5F0F806222B13C0FEB346AE5EC7
                                                                          SHA-256:B5317F775CF888EFD7490AD716F1D3EE6646D8A7DF8EEF8867C08332D5A04823
                                                                          SHA-512:7C65CDC4A1DFDC655D0DECD193389FB591819BDC05DC9CB3C11072A07417A1AA775E8F316FED64C79DB028B9D76E2D56C7AEF44F46235620B04BFB16AE6E8FEF
                                                                          Malicious:false
                                                                          Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                          C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:SQLite Rollback Journal
                                                                          Category:dropped
                                                                          Size (bytes):8720
                                                                          Entropy (8bit):1.339055877011907
                                                                          Encrypted:false
                                                                          SSDEEP:24:7+to+AD1RZKHs/Ds/SpavPzJwtNBwtNbRZ6bRZWf1RZKZqLBx/XYKQvGJF7urstt:7M9GgOVpaHzutYtp6PMUqll2GL7mstt
                                                                          MD5:51A4D0896B5FEC321770A12FD4B8AA38
                                                                          SHA1:88D5D157462071475B2B9387F831E64B0001844E
                                                                          SHA-256:15090448E57B985B96268195CC682DB3FA8CA0043CBEF48171208ED1309F0B01
                                                                          SHA-512:67C37868B62EB650548475E23C0BA268ADD375C2FD2ABFD4EEC59CC1D4C509C127EFAE99DDB76D4BBFB958F6D79BDD9DEE72498FC6348C4538FC86D139D2ACF7
                                                                          Malicious:false
                                                                          Preview:.... .c.....z.N.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................j...#..#.#.#.#.#.#.#.#.7.7........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                          C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Download Service\Files\aa3bc3af-1be9-4230-8250-00b017e04f61 (copy)

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Google Chrome extension, version 3
                                                                          Category:dropped
                                                                          Size (bytes):5074
                                                                          Entropy (8bit):7.873570030600911
                                                                          Encrypted:false
                                                                          SSDEEP:96:m3Rjcy7UMnDwqA4XSnl3xzHD8ciYkEMEpSu3UnANw98ZcYQGbNN5hh9qqEF3r:c49MnDnSBJDPhkr8iwo8ZNNf1RE1r
                                                                          MD5:EF5170D473FDC4620529500766D80D2A
                                                                          SHA1:B967D05D775C2B711F8B4F5D9F941F5B57AAC8AF
                                                                          SHA-256:2E60E371C11FB8B17F3DB90C9E66B35CE8C61C40226B64E919A08BD7D9A9346C
                                                                          SHA-512:37938D2DA1DEA2CFC3FB149BBEAD69795DA7620FF1D97E611641F0F767EFCDF3BFA8ACA038D5F774C0B96191553DB139E659DF4BA2F947D11AE823D0FFDB17D1
                                                                          Malicious:false
                                                                          Preview:Cr24....E.........0.."0...*.H.............0.........:.2.W.))...I...5_U(I7nz...2[.;..H...S.../...nb%Yx.6.]i.....u...PDF.i.LJK.?....l.....R...|...j...C..j!.%'..s....[."...Gy...=l)..=.l\....4..Q!$e.=...C.1.%d..B...K.[.l,.....7......y...$7J..G&TT..W.-=jgs[...&.@/.j$....+...yk|l^..Km)\Y..x..}OCXf.....A5s.7..8..o....L..(p[...^e......?&X..:~,.)..C..n...Hh.....<..N..0.....woa6....'&y....tH..*7@..a.t.....F..YQU......<......m!..^.#f.'F".....lt..97U3f...WM....]Lw...)..x...)..Hy Z...l.a.)J~'.y.o.NS.#.,6.D.9UMW..l>.pa.WG.^..L,..B...."p.Y.....<..............s.'..k...-.%.B......r.y.....I.s.C....LD.....u.I.K...AOS.O.q....p.c...`.iQ..\...Z...Y....C...d^.[P...Vbl..>>..E....K...\%|s....,.cF.h........&...rq:+...x.......w..<.zJd....i_.Pu..W...L.....W.%...\....A..}u...<T...?..=...e..N.,.^..Vu....}...."....uZ]c....DEN..W....)...L..W~.e9.o.Vh..xa.$.$..q.i..`}..?..C..}UC..p.,.1./..0..`$...+^9@..G..7....3.e..F_........)6....g......!....B1*..x.v.y+?.9.)`4-.(....<..Z`.

                                                                          C:\Users\user\AppData\Local\Temp\MSI6c292.LOG

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                          Category:dropped
                                                                          Size (bytes):246
                                                                          Entropy (8bit):3.536003181970279
                                                                          Encrypted:false
                                                                          SSDEEP:6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8AARcg:Qw946cPbiOxDlbYnuRKi
                                                                          MD5:6EDEF4E46EA5D3D2A34F70B751C440AF
                                                                          SHA1:874A120967AF72EE2C60178A0897586D5E1C5CAE
                                                                          SHA-256:4314BB30E4519194E739A533CF9E04B5CC27DB627AC3251CA98A16D7B82063D0
                                                                          SHA-512:109F23FE2E4354EEAB8C52140BFA790FFD5958E83FF5BFA4484AA168E82647620B58CC2FE2F6087EBD589D4EEDAF0158B563C5532676DADDB6483EFED778F87A
                                                                          Malicious:false
                                                                          Preview:..E.r.r.o.r. .2.7.1.1...T.h.e. .s.p.e.c.i.f.i.e.d. .F.e.a.t.u.r.e. .n.a.m.e. .(.'.A.R.M.'.). .n.o.t. .f.o.u.n.d. .i.n. .F.e.a.t.u.r.e. .t.a.b.l.e.......=.=.=. .L.o.g.g.i.n.g. .s.t.o.p.p.e.d.:. .2.7./.0.8./.2.0.2.4. . .1.4.:.5.7.:.3.5. .=.=.=.....

                                                                          C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-08-27 14-57-29-334.log

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:ASCII text, with very long lines (393)
                                                                          Category:dropped
                                                                          Size (bytes):16525
                                                                          Entropy (8bit):5.376360055978702
                                                                          Encrypted:false
                                                                          SSDEEP:384:6b1sdmfenwop+WP21h2RPjRNg7JjO2on6oU6CyuJw1oaNIIu9EMuJuF6MKK9g9JQ:vIn
                                                                          MD5:1336667A75083BF81E2632FABAA88B67
                                                                          SHA1:46E40800B27D95DAED0DBB830E0D0BA85C031D40
                                                                          SHA-256:F81B7C83E0B979F04D3763B4F88CD05BC8FBB2F441EBFAB75826793B869F75D1
                                                                          SHA-512:D039D8650CF7B149799D42C7415CBF94D4A0A4BF389B615EF7D1B427BC51727D3441AA37D8C178E7E7E89D69C95666EB14C31B56CDFBD3937E4581A31A69081A
                                                                          Malicious:false
                                                                          Preview:SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:961+0200 ThreadID=6596 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:962+0200 ThreadID=6596 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:962+0200 ThreadID=6596 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:962+0200 ThreadID=6596 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=03c9683a-b9c7-43c5-80d5-ee4bbf74fb26.1696428955961 Timestamp=2023-10-04T16:15:55:962+0200 ThreadID=6596 Component=ngl-lib_NglAppLib Description="SetConfig:

                                                                          C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:ASCII text, with very long lines (393), with CRLF line terminators
                                                                          Category:dropped
                                                                          Size (bytes):15113
                                                                          Entropy (8bit):5.342253185822408
                                                                          Encrypted:false
                                                                          SSDEEP:384:i95j663sI2QDipBpwGlSs5MxJup8dNJymZXuMhB/DR6iuA5+El6kshsh0zpKP001:H6V
                                                                          MD5:1854E8DA646E21F423C6609FEB9D7BB5
                                                                          SHA1:F68EA370C9171EACEE23840CE040D2083F30EC9C
                                                                          SHA-256:7E6C69A7578CB4F9F335D010ACA46E9D2CE026DEEEE7FD84E1F49B1C9ECEC4FE
                                                                          SHA-512:640F0E732C3A4F5627015C748B8E080808A8610CC86E91517CDC4C38634D386A50C18B0AC79F33E28A64568A371C75866A29089BF6AC4F5D72D7267D620CFC1C
                                                                          Malicious:false
                                                                          Preview:SessionID=f1df1457-8e17-438c-83e4-fb0e570b039e.1724785049345 Timestamp=2024-08-27T14:57:29:345-0400 ThreadID=7716 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------"..SessionID=f1df1457-8e17-438c-83e4-fb0e570b039e.1724785049345 Timestamp=2024-08-27T14:57:29:353-0400 ThreadID=7716 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found"..SessionID=f1df1457-8e17-438c-83e4-fb0e570b039e.1724785049345 Timestamp=2024-08-27T14:57:29:353-0400 ThreadID=7716 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!"..SessionID=f1df1457-8e17-438c-83e4-fb0e570b039e.1724785049345 Timestamp=2024-08-27T14:57:29:354-0400 ThreadID=7716 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1"..SessionID=f1df1457-8e17-438c-83e4-fb0e570b039e.1724785049345 Timestamp=2024-08-27T14:57:29:354-0400 ThreadID=7716 Component=ngl-lib_NglAppLib Description="SetConf

                                                                          C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          File Type:ASCII text, with CRLF line terminators
                                                                          Category:dropped
                                                                          Size (bytes):29752
                                                                          Entropy (8bit):5.4009361860482175
                                                                          Encrypted:false
                                                                          SSDEEP:768:GLxxlyVUFcAzWL8VWL1ANSFld5YjMWLvJ8Uy++NSXl3WLd5WLrbhhVClkVMwDGbl:h
                                                                          MD5:80CED8A5D16FB31E3ED11C30E2C8F70B
                                                                          SHA1:D5563C49AE0C4F0634D57E400632FE46B625D4C5
                                                                          SHA-256:427916A632A2B29626C9F82F877BAE0D59CBEA8F6A735B634AF1B25DCF2DBB37
                                                                          SHA-512:E439F0693595EABE5ADE24D33AA26EDB64937D406659DE7CA396812B6BBF7F1F90CB53A9C8F9BF1BF030CCB2166180A780D901874782BF23896D6C15BDB5218D
                                                                          Malicious:false
                                                                          Preview:04-10-2023 02:39:31:.---2---..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : ***************************************..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : ***************************************..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : Starting NGL..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..04-10-2023 02:39:31:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..04-10-2023 02:39:31:.Closing File..04-10-

                                                                          C:\Users\user\AppData\Local\Temp\acrocef_low\236927f6-ca55-48cb-a457-b54aa4502e55.tmp

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
                                                                          Category:dropped
                                                                          Size (bytes):1419751
                                                                          Entropy (8bit):7.976496077007677
                                                                          Encrypted:false
                                                                          SSDEEP:24576:/xA7owWLaGZDwYIGNPJodpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:JVwWLaGZDwZGk3mlind9i4ufFXpAXkru
                                                                          MD5:18E3D04537AF72FDBEB3760B2D10C80E
                                                                          SHA1:B313CD0B25E41E5CF0DFB83B33AB3E3C7678D5CC
                                                                          SHA-256:BBEF113A2057EE7EAC911DC960D36D4A62C262DAE5B1379257908228243BD6F4
                                                                          SHA-512:2A5B9B0A5DC98151AD2346055DF2F7BFDE62F6069A4A6A9AB3377B644D61AE31609B9FC73BEE4A0E929F84BF30DA4C1CDE628915AC37C7542FD170D12DE41298
                                                                          Malicious:false
                                                                          Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                                                                          C:\Users\user\AppData\Local\Temp\acrocef_low\46a9b3fe-ed9b-4cf0-828d-1b1a69300afc.tmp

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
                                                                          Category:dropped
                                                                          Size (bytes):386528
                                                                          Entropy (8bit):7.9736851559892425
                                                                          Encrypted:false
                                                                          SSDEEP:6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m
                                                                          MD5:5C48B0AD2FEF800949466AE872E1F1E2
                                                                          SHA1:337D617AE142815EDDACB48484628C1F16692A2F
                                                                          SHA-256:F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
                                                                          SHA-512:44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324
                                                                          Malicious:false
                                                                          Preview:...........]s[G. Z...{....;...J$%K&..%.[..k...S....$,.`. )Z..m........a.......o..7.VfV...S..HY}Ba.<.NUVVV~W.].;qG4..b,N..#1.=1.#1..o.Fb.........IC.....Z...g_~.OO.l..g.uO...bY.,[..o.s.D<..W....w....?$4..+..%.[.?..h.w<.T.9.vM.!..h0......}..H..$[...lq,....>..K.)=..s.{.g.O...S9".....Q...#...+..)>=.....|6......<4W.'.U.j$....+..=9...l.....S..<.\.k.'....{.1<.?..<..uk.v;.7n.!...g....."P..4.U........c.KC..w._G..u..g./.g....{'^.-|..h#.g.\.PO.|...]x..Kf4..s..............+.Y.....@.K....zI..X......6e?[..u.g"{..h.vKbM<.?i6{%.q)i...v..<P8P3.......CW.fwd...{:@h...;........5..@.C.j.....a.. U.5...].$.L..wW....z...v.......".M.?c.......o..}.a.9..A..%V..o.d....'..|m.WC.....|.....e.[W.p.8...rm....^..x'......5!...|......z..#......X_..Gl..c..R..`...*.s-1f..]x......f...g...k........g....... ).3.B..{"4...!r....v+As...Zn.]K{.8[..M.r.Y..........+%...]...J}f]~}_..K....;.Z.[..V.&..g...>...{F..{I..@~.^.|P..G.R>....U..../HY...(.z.<.~.9OW.Sxo.Y

                                                                          C:\Users\user\AppData\Local\Temp\acrocef_low\aa90aa29-a6e7-40a6-9664-9303a57f82c1.tmp

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
                                                                          Category:dropped
                                                                          Size (bytes):758601
                                                                          Entropy (8bit):7.98639316555857
                                                                          Encrypted:false
                                                                          SSDEEP:12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg
                                                                          MD5:3A49135134665364308390AC398006F1
                                                                          SHA1:28EF4CE5690BF8A9E048AF7D30688120DAC6F126
                                                                          SHA-256:D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B
                                                                          SHA-512:BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5
                                                                          Malicious:false
                                                                          Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....

                                                                          C:\Users\user\AppData\Local\Temp\acrocef_low\cb07182e-c5b9-4fea-82e8-e50696e0f1b8.tmp

                                                                          Download File
                                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
                                                                          Category:dropped
                                                                          Size (bytes):1407294
                                                                          Entropy (8bit):7.97605879016224
                                                                          Encrypted:false
                                                                          SSDEEP:24576:/xA7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07/WLaGZDwYIGNPJe:JVB3mlind9i4ufFXpAXkrfUs0jWLaGZo
                                                                          MD5:A0CFC77914D9BFBDD8BC1B1154A7B364
                                                                          SHA1:54962BFDF3797C95DC2A4C8B29E873743811AD30
                                                                          SHA-256:81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685
                                                                          SHA-512:74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE
                                                                          Malicious:false
                                                                          Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 17:57:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                          Category:dropped
                                                                          Size (bytes):2677
                                                                          Entropy (8bit):3.986847883098247
                                                                          Encrypted:false
                                                                          SSDEEP:48:8QdOTqiCHBidAKZdA19ehwiZUklqehLy+3:8dz0ky
                                                                          MD5:25BC2637E92C339EBDF6B8E025E50125
                                                                          SHA1:CE0E3CF1A58CA229F255F00AC08D53D47CC19097
                                                                          SHA-256:5DDBE3DC3C5F8F3C3C8A18CCCFD8F19E2440008F9AD9B71AF976886E08C07F1B
                                                                          SHA-512:058D08919540D589D6268DA355CF80F78E6EAE074EB35BD12C77737138FA0525D57F5561DC9B81C054ACFE54C80F07B581A3EFE1F8FE4A7C431DF592BA4A1AE8
                                                                          Malicious:false
                                                                          Preview:L..................F.@.. ...$+.,...........N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y<............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Yb(S.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 17:57:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                          Category:dropped
                                                                          Size (bytes):2679
                                                                          Entropy (8bit):3.9994994807653477
                                                                          Encrypted:false
                                                                          SSDEEP:48:89dOTqiCHBidAKZdA1weh/iZUkAQkqehUy+2:8+zG9QBy
                                                                          MD5:A70908E7AB6DC702C4CB6924645EF9A6
                                                                          SHA1:FD834FAC752ADB989954213D7D76851F9A6E30D2
                                                                          SHA-256:0DF708C10C1190950E6D2EF2A74274DD0F95420C08969E85A2075B507961DD9D
                                                                          SHA-512:9CB6A626AF282521F4721E0E7235DC2E65551CDDCE04B97AC4091592CE0EE9EEFC133978711A5C54560E5E0175588776E11D7C544F9B105BCC8E86261973F5C1
                                                                          Malicious:false
                                                                          Preview:L..................F.@.. ...$+.,.....:......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y<............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Yb(S.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                          Category:dropped
                                                                          Size (bytes):2693
                                                                          Entropy (8bit):4.006343646635743
                                                                          Encrypted:false
                                                                          SSDEEP:48:8xXdOTqisHBidAKZdA14tseh7sFiZUkmgqeh7sSy+BX:8x0zsnoy
                                                                          MD5:1886B4F4B8A773C4AAA97651AF72E44A
                                                                          SHA1:F32DB9F6158A9863408E99BBBCD8C859781EE427
                                                                          SHA-256:7C482104C28058EC494A8A252797F65D30458370D40617A81CD26FD3DC3D67CA
                                                                          SHA-512:9FC7399FB8B9719669044F9A433A4D807DB19255CE3A5197DC7394F55E55FD7E22480F0F6BB45F660017D69792F801F190F19232C273395099DAB6D45B961B53
                                                                          Malicious:false
                                                                          Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Yb(S.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 17:57:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                          Category:dropped
                                                                          Size (bytes):2681
                                                                          Entropy (8bit):4.000071824077909
                                                                          Encrypted:false
                                                                          SSDEEP:48:8odOTqiCHBidAKZdA1vehDiZUkwqehAy+R:81zNKy
                                                                          MD5:E6B69E65AFD96152E6AFB3181A3DE0C9
                                                                          SHA1:98234812F318EA9BF1B326C9264F8EAA59341921
                                                                          SHA-256:E32A2E7CD284F2C7A740253DCB547C5E1F99B5907F5763E184711E5687C4EA8F
                                                                          SHA-512:AA22BCB2386530E032292B25BF3EAC3F7CB1F7CAAC1D2780A4E57FE9CEBF900FB9E4EBED04857AACF8797186D4C30A441C3589C97E21BEB1325A6FB3B4BB5DA2
                                                                          Malicious:false
                                                                          Preview:L..................F.@.. ...$+.,.....(......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y<............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Yb(S.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 17:57:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                          Category:dropped
                                                                          Size (bytes):2681
                                                                          Entropy (8bit):3.9891634448634674
                                                                          Encrypted:false
                                                                          SSDEEP:48:8DUdOTqiCHBidAKZdA1hehBiZUk1W1qehWy+C:8DpzN92y
                                                                          MD5:2E606DC9FCD285A6F606264C1380D23F
                                                                          SHA1:D1839E230E357A91CC61DAB5E72FFC1276F69FC1
                                                                          SHA-256:9EC93F357399C2ECBAA8B95481641B06AF68B6FA8750BD06B14F7083B93750CF
                                                                          SHA-512:8F6A741078879BF02FEEE4FCDE2F7D8D3DE1C47A4DCEFEFDB8246B43E393C275AE4F4900EBF52628F53ADCF66F346466EC54863F74E2415ECAA39F813FB0AB78
                                                                          Malicious:false
                                                                          Preview:L..................F.@.. ...$+.,............N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y<............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Yb(S.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Aug 27 17:57:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                          Category:dropped
                                                                          Size (bytes):2683
                                                                          Entropy (8bit):3.9983097879826976
                                                                          Encrypted:false
                                                                          SSDEEP:48:8ddOTqiCHBidAKZdA1duT+ehOuTbbiZUk5OjqehOuTboy+yT+:8ezRT/TbxWOvTboy7T
                                                                          MD5:1D6407B6CE504263156A86F88594DB7D
                                                                          SHA1:FB73903DAD8AEC339D6A38F7B1AA3F8E444CEAB7
                                                                          SHA-256:B401B870F633DE123B8612596724C7BCAC91AA52BB3C12BFF5B817F13B6B67A1
                                                                          SHA-512:4E2B97CA6C6BFE0A867C0C2BD6943683EE21DB827776DAC463E7B6DF8D8B0806A357B68DD4FEBD62B7A5ED3073AEA7AA9A425ACB66D4DAF9196D59678AF604A9
                                                                          Malicious:false
                                                                          Preview:L..................F.@.. ...$+.,....}.......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y:.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y:.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y:............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y<............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Yb(S.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                          C:\Users\user\Downloads\1ffd6a69-b9c3-46d0-9a52-db803b3d0c43.tmp

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Google Chrome extension, version 3
                                                                          Category:dropped
                                                                          Size (bytes):5074
                                                                          Entropy (8bit):7.873570030600911
                                                                          Encrypted:false
                                                                          SSDEEP:96:m3Rjcy7UMnDwqA4XSnl3xzHD8ciYkEMEpSu3UnANw98ZcYQGbNN5hh9qqEF3r:c49MnDnSBJDPhkr8iwo8ZNNf1RE1r
                                                                          MD5:EF5170D473FDC4620529500766D80D2A
                                                                          SHA1:B967D05D775C2B711F8B4F5D9F941F5B57AAC8AF
                                                                          SHA-256:2E60E371C11FB8B17F3DB90C9E66B35CE8C61C40226B64E919A08BD7D9A9346C
                                                                          SHA-512:37938D2DA1DEA2CFC3FB149BBEAD69795DA7620FF1D97E611641F0F767EFCDF3BFA8ACA038D5F774C0B96191553DB139E659DF4BA2F947D11AE823D0FFDB17D1
                                                                          Malicious:false
                                                                          Preview:Cr24....E.........0.."0...*.H.............0.........:.2.W.))...I...5_U(I7nz...2[.;..H...S.../...nb%Yx.6.]i.....u...PDF.i.LJK.?....l.....R...|...j...C..j!.%'..s....[."...Gy...=l)..=.l\....4..Q!$e.=...C.1.%d..B...K.[.l,.....7......y...$7J..G&TT..W.-=jgs[...&.@/.j$....+...yk|l^..Km)\Y..x..}OCXf.....A5s.7..8..o....L..(p[...^e......?&X..:~,.)..C..n...Hh.....<..N..0.....woa6....'&y....tH..*7@..a.t.....F..YQU......<......m!..^.#f.'F".....lt..97U3f...WM....]Lw...)..x...)..Hy Z...l.a.)J~'.y.o.NS.#.,6.D.9UMW..l>.pa.WG.^..L,..B...."p.Y.....<..............s.'..k...-.%.B......r.y.....I.s.C....LD.....u.I.K...AOS.O.q....p.c...`.iQ..\...Z...Y....C...d^.[P...Vbl..>>..E....K...\%|s....,.cF.h........&...rq:+...x.......w..<.zJd....i_.Pu..W...L.....W.%...\....A..}u...<T...?..=...e..N.,.^..Vu....}...."....uZ]c....DEN..W....)...L..W~.e9.o.Vh..xa.$.$..q.i..`}..?..C..}UC..p.,.1./..0..`$...+^9@..G..7....3.e..F_........)6....g......!....B1*..x.v.y+?.9.)`4-.(....<..Z`.

                                                                          Chrome Cache Entry: 287

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:gzip compressed data, from Unix, original size modulo 2^32 264121
                                                                          Category:dropped
                                                                          Size (bytes):75709
                                                                          Entropy (8bit):7.996247890957903
                                                                          Encrypted:true
                                                                          SSDEEP:1536:up3ZqcUEZOJ5haIfDTdJkUL5zNMIcqFxGCheB0w8nU0whdnf:E3Zqg7ILZ6UL5zmURqH8Rwznf
                                                                          MD5:ADB39ABE63A2E3FC65BD41A3D24DAE83
                                                                          SHA1:EDFF3DEC741FD94E594E862D911FD64E0DB15AEE
                                                                          SHA-256:D6D2A7FDCECE055F2B236298904C1EB98C14948191D93D56A5B8695E21F83BA9
                                                                          SHA-512:3ACE0695A78AD940A6A5AA1F3F468E739D829B254D116CEE077B0DA95C45201218E5D1FC8EA0B4639C2BCF5B0E73192C6F027AFF5BA04420714DEC0F2C5314E6
                                                                          Malicious:false
                                                                          Preview:...........ks..0.....O.7..+.o.. ....i....U.=..IhhP!!_j.Y...Jr...wN&c........G.n6^ey#.#...j..W\.L5f...h.B4.;.......^...n....D.H..,)f...,.g|..m...{.f...I{6/..`.......n...."..}0.7.\.t..y..T;.4..qD.3N/.W.........r/..}xz|~|.....Y.n..U...~8..m.Y`..e......%!.*.._..M!.L..2}6..\..F<=.Y.'".P..+..S..Z}w..L...k.]o.9.Z....`..].....HN.Uv..WyvU.i..f+..S.3...W3}w.Rq%t~.?....J..9.....\O_.y..O(.~.y!......0.H...._.y:.....v$f.d..2...D....f..D.I.....|<.y....gJ.,....}~..:.......^~2.*..W.......r....x...Y...7.........<{.$o.JR......B..\|Ri..{P6......H.).... ..k..+.x.K_..bj...m.^....w.J..}...X$P.C.....T|..\$..H.........].._....+.&..C'{.D....vyO..7<=.Z....<...S........Z.T...?.g...<.//...n...Lg.....+.Vm].6-.._..nT...X.;;t..][.@.......+.7...u......;OL!........J.L......n:..]o....b.~...k.....}.*9..,S..ww.'_..#1.aUE.+O.ww.G....+..j.^.k.f3a....0.\.Wa.~.q..r..'.....w.l...)W./S....C...).O.X.B...b.0........fJ.[.h{..e..s....m..4....Ny^....J.{;.X.+...y...]....^.o..=.

                                                                          Chrome Cache Entry: 288

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):1978
                                                                          Entropy (8bit):4.788277848404429
                                                                          Encrypted:false
                                                                          SSDEEP:48:Y/glGn/Qh3SGhNj3cj1cForArXRmnjYUhKd92MBo4:in/fGj3cjlrVnjYUk92oo4
                                                                          MD5:784FF931417375E674A868E7E9833416
                                                                          SHA1:4CA4E042DA584E2416B2B646E9EA45B9A66AB6E5
                                                                          SHA-256:150A3428A6246EB9A1529A4CA6F3B7CD7F3C211583447AEE341C2E2EA7E9B646
                                                                          SHA-512:9BD2AB1A97987EA5E7F3A906CBC0013371668BC1328516F9E420250BD6438E1579E086EA22DEF37E02FE577272A4030F178AFB04DE581AF78EFAFD92595E880F
                                                                          Malicious:false
                                                                          Preview:{"timestamp":1724785113050,"BootstrapperUlsHeartBeatIsEnabled":false,"EnableCommonHostDiagnosticsParams":true,"ShouldLogJsApiKpisForWord":true,"EnableFramePageErrorReportingForWord":false,"EnableWordSessionRefreshTelemetry":false,"EnableWordSessionRefreshLoggingCleanup":false,"BootstrapperSettingsFetchPeriod":60000,"BootstrapperUlsHeartbeatIntervalMs":5000,"BootstrapperMaxUlsHeartbeatTime":600000,"BootstrapperNoCompleteWarning1Time":120000,"BootstrapperNoCompleteWarning2Time":180000,"BootstrapperUlsUploadCadenceMs":60000,"WordRefreshTelemetryExpirationInDays":7,"RequestedCallThrottlingDefaultToViewMinimumValue":"Major","RemoteUlsETag":"C42BCAE6AC233D9D9DD7AB85E16914AC39097A00","RemoteUlsSuppressions":"1671813,2209344,3249545,3290144,3548002,4285850,4542814,4542815,4542816,4849922,5904476,6038282,6112007,6375195,7365731,8194017,8458642,8697873,8713889,8713890,8713891,8713920,8713921,8713922,17043994,17044289,17085210,17085216,17162522,18920262,19214611,19707039,19939648,21627712,2241050

                                                                          Chrome Cache Entry: 289

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Unicode text, UTF-8 text, with very long lines (1592)
                                                                          Category:downloaded
                                                                          Size (bytes):6729
                                                                          Entropy (8bit):5.017081248596727
                                                                          Encrypted:false
                                                                          SSDEEP:192:f4oYSnScpAUV3POJeFpYWm9L4vRJWq2oeP1LPwGCnjKqAch:hF4qpdm9xXjPlPwhjlAch
                                                                          MD5:9F459A70528415ABEB166090BDB0EB08
                                                                          SHA1:436F5FF3F97954ACEF8B8BCA7ABBFA71E5AB91D2
                                                                          SHA-256:54FDAEB506B1BD9968E9D3EA365F2BC82B04E161E53EF9C68EDB4BB27E8FD324
                                                                          SHA-512:7E7F9EF76FB7C53E26293844DB0951A71AAAD192D118EFE561E72A529C862EB1A4DC15967C8F0656834F3388687FFDB129228194B5FEB707B3B6EE9054DE3117
                                                                          Malicious:false
                                                                          URL:https://res-2-gcc.cdn.office.net/files/odsp-web-prod_2024-08-09.009/wacowlhostwebpack/en-us/ondemand.resx.js
                                                                          Preview:"use strict";(self.odspNextWebpackJsonp=self.odspNextWebpackJsonp||[]).push([["ondemand.resx"],{706:e=>{e.exports=JSON.parse('{"a":"EnvironmentType is invalid","b":"Invalid GUID string: \\u0022{0}\\u0022","f":"The value for \\u0022{0}\\u0022 is false","g":"The value for \\u0022{0}\\u0022 must not be null","h":"The value for \\u0022{0}\\u0022 must not be undefined","e":"The value for \\u0022{0}\\u0022 must not be an empty string","d":"The \\u0022{0}\\u0022 object cannot be used because it has been disposed.","c":"Invalid version string: \\u0022{0}\\u0022","j":"Cannot consume services because the scope is not finished yet","k":"Cannot consume services during ServiceScope autocreation","i":"The ServiceScope is already finished","l":"Cannot register service because the scope is already finished","m":"The service key \\u0022{0}\\u0022 has already been registered in this scope","o":"INNERERROR:","n":"CALLSTACK:","p":"LOGPROPERTIES:"}')}.,804:e=>{e.exports=JSON.parse('{"a":"A source with id \

                                                                          Chrome Cache Entry: 290

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (30497), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):30497
                                                                          Entropy (8bit):5.0064253326064065
                                                                          Encrypted:false
                                                                          SSDEEP:384:NpM3QZmZwe3CDLqHOGRvCEWMYdd9KaAQnzkY65dv:NpM3QZbLqHO4XYdd9KvQnzkY65dv
                                                                          MD5:E55F3C2F2F2F2A339E4B0A08030E9803
                                                                          SHA1:729D608C534829E07F5DCDBBD75BBC031A9E9D9A
                                                                          SHA-256:40CBE329851D4261E0E4A3B3665FD1025747AAC3CBFD87689CF3F2689CACF4E9
                                                                          SHA-512:CB67A880ECAA6F59844F6604BB98A7E27AB64F639AC79BA683C164A2A809BFAF1D3B224CC50138846B8646EF05409820AEE490BA83D637145E16A78E67CF4847
                                                                          Malicious:false
                                                                          URL:https://s1-onenote-15.cdn.office.net/o/s/h40CBE329851D4261_App_Scripts/1033/WoncaIntl.js
                                                                          Preview:Type.registerNamespace("WoncaIntl");WoncaIntl.WoncaStrings=function(){};WoncaIntl.WoncaStrings.registerClass("WoncaIntl.WoncaStrings");WoncaIntl.WoncaStrings.L_RibbonLabel="Ribbon";WoncaIntl.WoncaStrings.L_TabHome="Home";WoncaIntl.WoncaStrings.L_TabInsert="Insert";WoncaIntl.WoncaStrings.L_TabWordDesign="Design";WoncaIntl.WoncaStrings.L_TabReferences="References";WoncaIntl.WoncaStrings.L_TabMailings="Mailings";WoncaIntl.WoncaStrings.L_TabReview="Review";WoncaIntl.WoncaStrings.L_TabView="View";WoncaIntl.WoncaStrings.L_TabDeveloper="Developer";WoncaIntl.WoncaStrings.L_TabAddIns="Add-ins";WoncaIntl.WoncaStrings.L_TabTableTools="Table Tools";WoncaIntl.WoncaStrings.L_TabLayout="Layout";WoncaIntl.WoncaStrings.L_TabPictureTools="Picture Tools";WoncaIntl.WoncaStrings.L_TabFormatPicture="Format";WoncaIntl.WoncaStrings.L_TabDesign="Design";WoncaIntl.WoncaStrings.L_TabHelp="Help";WoncaIntl.WoncaStrings.L_GroupUndoRedo="Undo";WoncaIntl.WoncaStrings.L_GroupClipboard="Clipboard";WoncaIntl.WoncaString

                                                                          Chrome Cache Entry: 291

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (63602)
                                                                          Category:downloaded
                                                                          Size (bytes):130562
                                                                          Entropy (8bit):5.272399177246052
                                                                          Encrypted:false
                                                                          SSDEEP:1536:Wh8VvaIdNDxIQxI4QAQuBqCELdzQBy0uR6OndkP:Wh8VyIWLdcov4Ondw
                                                                          MD5:527D38A8499757692216AD44E57423CD
                                                                          SHA1:7E8A57695B633543E207A11410FD0464A8939DDE
                                                                          SHA-256:F2016FB6CCF9FB18D7C0828564415E3B47FAFD7845EED4E8F12404CBFD443802
                                                                          SHA-512:FBBA39F21C300AA578742367E5A8DFDB89CEFA3948F081EA0D48101C7B8AE951FD2C4894236A54D00B40511386F66080AC73EBE60FE5AEDFBFB98868F75684A7
                                                                          Malicious:false
                                                                          URL:https://res-2-gcc.cdn.office.net/files/sp-client/odsp.react/odsp.react.lib-361c9c69.js
                                                                          Preview:/*! For license information please see odsp.react.lib-361c9c69.js.LICENSE.txt */.(self.odspNextWebpackJsonp=self.odspNextWebpackJsonp||[]).push([["odsp.react.lib"],{react_312:function(e){"use strict";var t=Object.getOwnPropertySymbols,n=Object.prototype.hasOwnProperty,a=Object.prototype.propertyIsEnumerable;function i(e){if(null==e)throw new TypeError("Object.assign cannot be called with null or undefined");return Object(e)}e.exports=function(){try{if(!Object.assign)return!1;var e=new String("abc");if(e[5]="de","5"===Object.getOwnPropertyNames(e)[0])return!1;for(var t={},n=0;n<10;n++)t["_"+String.fromCharCode(n)]=n;if("0123456789"!==Object.getOwnPropertyNames(t).map(function(e){return t[e]}).join(""))return!1;var a={};return"abcdefghijklmnopqrst".split("").forEach(function(e){a[e]=e}),"abcdefghijklmnopqrst"===Object.keys(Object.assign({},a)).join("")}catch(e){return!1}}()?Object.assign:function(e,r){for(var o,s,c=i(e),d=1;d<arguments.length;d++){for(var l in o=Object(arguments[d]))n.ca

                                                                          Chrome Cache Entry: 292

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:gzip compressed data, from Unix, original size modulo 2^32 456599
                                                                          Category:downloaded
                                                                          Size (bytes):140003
                                                                          Entropy (8bit):7.997374878298236
                                                                          Encrypted:true
                                                                          SSDEEP:3072:jJLmeOVeODPR/0Xr9FT/UCzp6473JKpIS8UmFet31F1pOcc4AcmG+JIwJy:jvOFDP2Bb64V6D1pxAcV4y
                                                                          MD5:D429AD96C5A35054CE3A27DDE2CC885F
                                                                          SHA1:4D41CF3460DEBF234CC260D620580D978FA8A42C
                                                                          SHA-256:581B9FA76F75273F788534B9497D6730F78A09657AA950319067A907F956CBB6
                                                                          SHA-512:C8B7CF8C1A43AF164B0DB820D1B891CE8135EAFFA9CC7AA32D28BEE90E5F1FF2306D09A89080A2D45446956B51A057DDF1A07C0649ABD8E48427989E6B3D9AC8
                                                                          Malicious:false
                                                                          URL:https://res-1-gcc.cdn.office.net/files/odsp-web-prod_2024-08-09.009/wacowlhostwebpack/wacowlhostwebpack.js
                                                                          Preview:............w.6.0...WH<su...%.M..I.d.o.&...^Y.....).jH.+...k.A.$%...|g..5..x?666....n.C.wR.3Q....,_Q.3.Y....S0..qv..d..c.k..2.{1..........W......!"o..4.0.d.f...<gB^.9_.q..\.0.b...<.L..?...].mV..OU. g4..._.3\6,.9..\...N.<........K, W..P",.I(.v>.E.."..9..{._..-..r.|i.......{...M7.Pi..vG.T_.....).......R.>p.&.f..][..|..9....".b.R.x>OX..T2.P...}]g...T..VI..D....|..c..s..J.lA7...S.Z6u......}a.uJ%.t.w....!.I.PIUB...5..J}.x>..M..\}..b...b]...o.......q....j.W{.v...F.....h...C...`.s..L...n.....=.G...BR..l.Q].z~klP.'r.....,...u..Hdz\...7..t'>....~..4..&{..M....=.....6..y.....t.4.-:....4..".....`w./.k.>.<....:..:j.:...X.....^tD&;..g...&.Y.......j."D[y..S..../f.L..$..Y....DQ(.b..`..@{X....r.s.....K_-...0%4_*$S.R&..f,^.89A. W;T.....vq.].....;........}.K.....Fj....p(..=n..S........i.R.z..bJg.M...."...z..`.....I.....u..zl.....C.Z6dh._S.....9.....5.6.|,....:e.......|./.E..r)...15C.yc.qF..O&22.H'.&t..u.e.:...%.2U.Z..."e.l]S.7...e..T.w..u.......G......~....i

                                                                          Chrome Cache Entry: 293

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65457)
                                                                          Category:dropped
                                                                          Size (bytes):141166
                                                                          Entropy (8bit):5.3305714273848155
                                                                          Encrypted:false
                                                                          SSDEEP:1536:lrekafzVM8v4ZvE3DUJ/N0SoY+2d2j6Cha18suGEYE4yH/OqyOPGJH76ORJDJ:5ekl8v4ZvEQUSov2dqha1JefOz1RJt
                                                                          MD5:CF40E07C7BB771ED65050122E3FFA5E8
                                                                          SHA1:9C5FA3EEEE1341C7B78727D28185AE3842377F09
                                                                          SHA-256:F0493D84E9C36FD98B4EADECD3AC0F5974BE243F2E1FF897D66701840B0731A2
                                                                          SHA-512:9D45059CE8A95C07307FF958DE5B038E535E98A1FD81BFBA18BD01BBC2C99443E4F2BE43BB80FEF1C073959CCE982D863DB98055FB7C58D5B4F83EF1AB9796EF
                                                                          Malicious:false
                                                                          Preview:/*! For license information please see odsp.1ds.lib-f4331117.js.LICENSE.txt */."use strict";(self.odspNextWebpackJsonp=self.odspNextWebpackJsonp||[]).push([["odsp.1ds.lib"],{"1ds-lib":function(e,t,n){n.r(t),n.d(t,{_InMemoryPropertyStorage:function(){return Ls},_OneDSLogger:function(){return As}});var a={};n.r(a),n.d(a,{optionalDiagnostic:function(){return fs},requiredDiagnostic:function(){return us},requiredService:function(){return ps}});var i=function(e,t){return i=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},i(e,t)};function r(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function n(){this.constructor=e}i(e,t),e.prototype=null===t?Object.create(t):(n.prototype=t.prototype,new n)}var o=function(){return o=Object.assign||function(e){for(var t,n=1,a=arguments.length;n<a;n++)for(var i i

                                                                          Chrome Cache Entry: 294

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:gzip compressed data, from Unix, original size modulo 2^32 264121
                                                                          Category:downloaded
                                                                          Size (bytes):75709
                                                                          Entropy (8bit):7.996247890957903
                                                                          Encrypted:true
                                                                          SSDEEP:1536:up3ZqcUEZOJ5haIfDTdJkUL5zNMIcqFxGCheB0w8nU0whdnf:E3Zqg7ILZ6UL5zmURqH8Rwznf
                                                                          MD5:ADB39ABE63A2E3FC65BD41A3D24DAE83
                                                                          SHA1:EDFF3DEC741FD94E594E862D911FD64E0DB15AEE
                                                                          SHA-256:D6D2A7FDCECE055F2B236298904C1EB98C14948191D93D56A5B8695E21F83BA9
                                                                          SHA-512:3ACE0695A78AD940A6A5AA1F3F468E739D829B254D116CEE077B0DA95C45201218E5D1FC8EA0B4639C2BCF5B0E73192C6F027AFF5BA04420714DEC0F2C5314E6
                                                                          Malicious:false
                                                                          URL:https://res-1-gcc.cdn.office.net/files/odsp-web-prod_2024-08-09.009/wacowlhostwebpack/13.js
                                                                          Preview:...........ks..0.....O.7..+.o.. ....i....U.=..IhhP!!_j.Y...Jr...wN&c........G.n6^ey#.#...j..W\.L5f...h.B4.;.......^...n....D.H..,)f...,.g|..m...{.f...I{6/..`.......n...."..}0.7.\.t..y..T;.4..qD.3N/.W.........r/..}xz|~|.....Y.n..U...~8..m.Y`..e......%!.*.._..M!.L..2}6..\..F<=.Y.'".P..+..S..Z}w..L...k.]o.9.Z....`..].....HN.Uv..WyvU.i..f+..S.3...W3}w.Rq%t~.?....J..9.....\O_.y..O(.~.y!......0.H...._.y:.....v$f.d..2...D....f..D.I.....|<.y....gJ.,....}~..:.......^~2.*..W.......r....x...Y...7.........<{.$o.JR......B..\|Ri..{P6......H.).... ..k..+.x.K_..bj...m.^....w.J..}...X$P.C.....T|..\$..H.........].._....+.&..C'{.D....vyO..7<=.Z....<...S........Z.T...?.g...<.//...n...Lg.....+.Vm].6-.._..nT...X.;;t..][.@.......+.7...u......;OL!........J.L......n:..]o....b.~...k.....}.*9..,S..ww.'_..#1.aUE.+O.ww.G....+..j.^.k.f3a....0.\.Wa.~.q..r..'.....w.l...)W./S....C...).O.X.B...b.0........fJ.[.h{..e..s....m..4....Ny^....J.{;.X.+...y...]....^.o..=.

                                                                          Chrome Cache Entry: 295

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (14666), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):14666
                                                                          Entropy (8bit):5.192998441009612
                                                                          Encrypted:false
                                                                          SSDEEP:192:9dbIGOqZ05GyaKzhRCwqyf/q2E+Rh99TzlfVNyv83+LBoaWLNwGfiC8O5PPM:9BiUQhRVfye99Pl9483+LBoaWLqv
                                                                          MD5:8880E957219B056B26B67D88CB7FFFF5
                                                                          SHA1:BE024ABFE99C2DC447191E2C59DD96FD9352E2C4
                                                                          SHA-256:4BBB0DBB03A136E993BB2FB363455E7DCABF84CBB17DE37AD6168B9326E56909
                                                                          SHA-512:1E611B1C8D3B7DE4CEE215C989885A6F8256B89A51621B77598A9A363AAF2897FC439DD73860234BA77AB682B84D05437CE0DBBDA59C3C1B5CC9D16662897EC5
                                                                          Malicious:false
                                                                          URL:https://s1-onenote-15.cdn.office.net/o/s/h4BBB0DBB03A136E9_App_Scripts/jsanity.js
                                                                          Preview:if("undefined"!=typeof jSanity)throw"jSanity has been defined, please check if there's any duplicate reference.";jSanity={},function(e){"use strict";var t={inputString:"",maxWidth:"600px",maxHeight:"200px",overflow:"hidden",allowLinks:!0,linkClickCallback:null,customProtocols:{},allowRelativeURLs:!1,allowAudioVideo:!1,unsupportedContentCallback:null,externalContentCallback:function(e,t,r,o){var i;if("attribute"===e&&"src"===t)for(var n in o)if(o.hasOwnProperty(n)&&r.substring(0,n.length)===n){i=!0;break}return i||(r="CSSURL"===e?'url("about:blank")':"about:blank"),r},isolatedTargetDOM:!1,directModifySource:!0,attributePrefix:"jSanity",dataAttributeCallback:null,debugLevel:0,onFinishedCallback:null},r=function(){this.sync=!0,this.jobs=[],this.id=r.globalId++,this.listnerPosfix=0,this.onCompletedListners={},this.onNewJobAddedListners={},this.useSync=function(){this.sync=!0},this.useAsync=function(){this.sync=!1},this.addNewJob=function(e){for(var t in this.jobs.push(e),this.onNewJobAdded

                                                                          Chrome Cache Entry: 296

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (38319), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):38319
                                                                          Entropy (8bit):4.894144984125977
                                                                          Encrypted:false
                                                                          SSDEEP:768:N4k0JvWptT2z2p9GmkNqJ3htY1xYhwn5n9O:CJOptT2Sp9v7htY1xYC5n9O
                                                                          MD5:51750E48816F1EC30133B634C2596216
                                                                          SHA1:ADCC6F7E3CE25657E15ACE3BF2F941D69D1A5575
                                                                          SHA-256:F9D844D7F9BC50FFDE02FF10BD265CD7682FA52C942DA4C989AD4AC6BBDF5094
                                                                          SHA-512:A91CB85B094F8B9F71B51E6CD2D18F4B24F6AAE61B32AB3021983D5C184A1AF77E45092608BE00DA667BAE5F44CE648232D21A0AC1EE2703A0115F7AB6B08626
                                                                          Malicious:false
                                                                          URL:https://s1-onenote-15.cdn.office.net/o/s/hF9D844D7F9BC50FF_App_Scripts/1033/OneNoteIntl.js
                                                                          Preview:Type.registerNamespace("OneNoteIntl");OneNoteIntl.OneNoteStrings=function(){};OneNoteIntl.OneNoteStrings.registerClass("OneNoteIntl.OneNoteStrings");OneNoteIntl.OneNoteStrings.L_CloudFilesUploadSuccess="Successfully Uploaded : {0}";OneNoteIntl.OneNoteStrings.L_CloudFilesUploadFailed="Error Uploading : {0}";OneNoteIntl.OneNoteStrings.L_ContextMenuSmartLookup="Search";OneNoteIntl.OneNoteStrings.L_ContextMenuTextSmartLookup='Search "{0}"';OneNoteIntl.OneNoteStrings.L_BrowseVersions="Page Versions";OneNoteIntl.OneNoteStrings.L_Camera="Camera";OneNoteIntl.OneNoteStrings.L_CopyNotebook="Copy Notebook";OneNoteIntl.OneNoteStrings.L_HierarchySyncErrorMessage="The new experimental sync feature has experienced an error and your change may not be saved.";OneNoteIntl.OneNoteStrings.L_HierarchySyncErrorRefreshMessage="Please click here or refresh the webpage to resolve the issue.";OneNoteIntl.OneNoteStrings.L_CopyToCloudDescription="Edit and view this notebook on all your devices";OneNoteIntl.OneNot

                                                                          Chrome Cache Entry: 297

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (57957)
                                                                          Category:downloaded
                                                                          Size (bytes):58000
                                                                          Entropy (8bit):5.310968385145406
                                                                          Encrypted:false
                                                                          SSDEEP:1536:4LKHejeriK/nQH7bif9yhUy1cNtQIl5a4SKv0TUcK://EPiQ/cvlL7v0K
                                                                          MD5:33276584A79EF91878C9EA47B8E940D4
                                                                          SHA1:B709FD58E9856FF86DE53BE67451B12080D5AA86
                                                                          SHA-256:3EBD75A33307DDF61561B93CC0F0EF6DE5B66554E25A630A27536B4A231EA170
                                                                          SHA-512:DC71D893AEE4ED31D8B31887417611178AF17D7C2C1740B625B439E2ECF048D8ABAE5C42AB4F35F3C6C5B2349416947E0FCB80B6014F2CBCB10413A8C62F5546
                                                                          Malicious:false
                                                                          URL:https://s1-onenote-15.cdn.office.net/o/s/h3EBD75A33307DDF6_App_Scripts/wp5/wacBootNew.min.js
                                                                          Preview:var wacBoot;!function(){"use strict";var e,t,n={},i={};function o(e){var t=i[e];if(void 0!==t)return t.exports;var s=i[e]={exports:{}};return n[e](s,s.exports,o),s.exports}o.m=n,o.d=function(e,t){for(var n in t)o.o(t,n)&&!o.o(e,n)&&Object.defineProperty(e,n,{enumerable:!0,get:t[n]})},o.f={},o.e=function(e){return Promise.all(Object.keys(o.f).reduce((function(t,n){return o.f[n](e,t),t}),[]))},o.u=function(e){return"pasLogger.min.js"},o.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),o.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},e={},t="wacBoot:",o.l=function(n,i,s,a){if(e[n])e[n].push(i);else{var r,l;if(void 0!==s)for(var c=document.getElementsByTagName("script"),d=0;d<c.length;d++){var u=c[d];if(u.getAttribute("src")==n||u.getAttribute("data-webpack")==t+s){r=u;break}}r||(l=!0,(r=document.createElement("script")).charset="utf-8",r.timeout=120,o.nc&&r.

                                                                          Chrome Cache Entry: 298

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (57957)
                                                                          Category:dropped
                                                                          Size (bytes):58000
                                                                          Entropy (8bit):5.310968385145406
                                                                          Encrypted:false
                                                                          SSDEEP:1536:4LKHejeriK/nQH7bif9yhUy1cNtQIl5a4SKv0TUcK://EPiQ/cvlL7v0K
                                                                          MD5:33276584A79EF91878C9EA47B8E940D4
                                                                          SHA1:B709FD58E9856FF86DE53BE67451B12080D5AA86
                                                                          SHA-256:3EBD75A33307DDF61561B93CC0F0EF6DE5B66554E25A630A27536B4A231EA170
                                                                          SHA-512:DC71D893AEE4ED31D8B31887417611178AF17D7C2C1740B625B439E2ECF048D8ABAE5C42AB4F35F3C6C5B2349416947E0FCB80B6014F2CBCB10413A8C62F5546
                                                                          Malicious:false
                                                                          Preview:var wacBoot;!function(){"use strict";var e,t,n={},i={};function o(e){var t=i[e];if(void 0!==t)return t.exports;var s=i[e]={exports:{}};return n[e](s,s.exports,o),s.exports}o.m=n,o.d=function(e,t){for(var n in t)o.o(t,n)&&!o.o(e,n)&&Object.defineProperty(e,n,{enumerable:!0,get:t[n]})},o.f={},o.e=function(e){return Promise.all(Object.keys(o.f).reduce((function(t,n){return o.f[n](e,t),t}),[]))},o.u=function(e){return"pasLogger.min.js"},o.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),o.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},e={},t="wacBoot:",o.l=function(n,i,s,a){if(e[n])e[n].push(i);else{var r,l;if(void 0!==s)for(var c=document.getElementsByTagName("script"),d=0;d<c.length;d++){var u=c[d];if(u.getAttribute("src")==n||u.getAttribute("data-webpack")==t+s){r=u;break}}r||(l=!0,(r=document.createElement("script")).charset="utf-8",r.timeout=120,o.nc&&r.

                                                                          Chrome Cache Entry: 299

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):175722
                                                                          Entropy (8bit):5.525258064743669
                                                                          Encrypted:false
                                                                          SSDEEP:3072:fvey2tNYuhrrb/xbI6sCnOQeMXbH/3Y3W8AhmKbAASiPRu/8vRlp91:nUNYCrDxbI6sUPeMXbHvNmKbFpL
                                                                          MD5:E84AC01580EAE7825AE4A6FE788C2180
                                                                          SHA1:47A6D41DA1E08B1451BA17804018D6F61D7E4ADC
                                                                          SHA-256:D2A2D8244F9305D4FC519DF36F72A6B0B9016785CADCADCA02435C439B964958
                                                                          SHA-512:D9F8765EB3260CEDE1EA915ACDF58F38CE4A0243382C98D97DAF27314D419B0343EBD7E591C01B942B5C86000327342E714423A7198AF7E74FFF7792362587D7
                                                                          Malicious:false
                                                                          Preview:var Microsoft;!function(){"use strict";var t,e,n,o,i={68725:function(t,e,n){n.d(e,{h:function(){return s}});var o=n(66411),i=n(38217),r=n(80364),s=function(t){function e(){var e=null!==t&&t.apply(this,arguments)||this;return e.value=null,e.hasNext=!1,e.hasCompleted=!1,e}return o.C6(e,t),e.prototype.U=function(e){return this.hasError?(e.error(this.thrownError),r.y.EMPTY):this.hasCompleted&&this.hasNext?(e.next(this.value),e.complete(),r.y.EMPTY):t.prototype.U.call(this,e)},e.prototype.next=function(t){this.hasCompleted||(this.value=t,this.hasNext=!0)},e.prototype.error=function(e){this.hasCompleted||t.prototype.error.call(this,e)},e.prototype.complete=function(){this.hasCompleted=!0,this.hasNext&&t.prototype.next.call(this,this.value),t.prototype.complete.call(this)},e}(i.B7)},7443:function(t,e,n){n.d(e,{t:function(){return s}});var o=n(66411),i=n(38217),r=n(90256),s=function(t){function e(e){var n=t.call(this)||this;return n.N=e,n}return o.C6(e,t),Object.defineProperty(e.prototype,"val

                                                                          Chrome Cache Entry: 300

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):124159
                                                                          Entropy (8bit):5.304824882770175
                                                                          Encrypted:false
                                                                          SSDEEP:1536:7GcYovBziFSDZ+w5uE2Bg9cFegKF1TA0So4RNRduCzEdb4u0xG1hlHpw:ycYovB4w5Kg9+z0GRNRdunNrvw
                                                                          MD5:914168910571B02884B5843A0D1B56C1
                                                                          SHA1:5416F23AA19293D2123410EDBFD94727A2E297AD
                                                                          SHA-256:003981BBEE6D2307CDBC93E0BB93C93912F31E67BC5D84262F07E7A73E76C92A
                                                                          SHA-512:49F70F4ADB63DBCB2852CCCED8FD2FFD4FFA9E051AF2EF646D2BE6698FA0C95103BCC912369A6D5C50D9763317D3A5470E26C1B9665E76B2762650D6BE0BBE6E
                                                                          Malicious:false
                                                                          Preview:(function(){function getAugmentedNamespace(e){if(e.__esModule)return e;var t=e.default;if("function"==typeof t){var r=function e(){if(this instanceof e){var r=[null];return r.push.apply(r,arguments),new(Function.bind.apply(t,r))}return t.apply(this,arguments)};r.prototype=t.prototype}else r={};return Object.defineProperty(r,"__esModule",{value:!0}),Object.keys(e).forEach((function(t){var n=Object.getOwnPropertyDescriptor(e,t);Object.defineProperty(r,t,n.get?n:{enumerable:!0,get:function(){return e[t]}})})),r}var lib={},extendStatics=function(e,t){return extendStatics=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var r in t)Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r])},extendStatics(e,t)};function __extends(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function r(){this.constructor=e}extendStatics(e,t),e.prototype=null===t?Object.create(t):(r.

                                                                          Chrome Cache Entry: 301

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):72
                                                                          Entropy (8bit):4.241202481433726
                                                                          Encrypted:false
                                                                          SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                                                          MD5:9E576E34B18E986347909C29AE6A82C6
                                                                          SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                                          SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                                          SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                                          Malicious:false
                                                                          Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                                          Chrome Cache Entry: 302

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:HTML document, ASCII text, with CRLF line terminators
                                                                          Category:dropped
                                                                          Size (bytes):1208
                                                                          Entropy (8bit):5.4647615085670616
                                                                          Encrypted:false
                                                                          SSDEEP:24:hM0mIAvy4WvsqFOa7JZRGNeHX+AYcvP2wk1USdYF9Yk5:lmIAq1UqFOiJZ+eHX+AdP2wyYFOk5
                                                                          MD5:D29FA9F2AB3A72F2608E8E82C8C3D1C6
                                                                          SHA1:8B21CC06752837B4B6B8FEF8D54F50EB2C7CCA8F
                                                                          SHA-256:E1B0A10649C4B92F828523EFC2EBE135EA9488179A2816888D1E84F786202DBF
                                                                          SHA-512:824A207E3F5AF4934B7B50FE5E3F8585FAECA571C3C39E510C06DC8FBDF3E64B07811CAAE06239936BDDDDFA4C90E534F03C0DA8147AF9294042DEA6B0FBCB94
                                                                          Malicious:false
                                                                          Preview:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns="http://www.w3.org/1999/xhtml">..<head>..<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>..<title>500 - Internal server error.</title>..<style type="text/css">.. ..body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}..fieldset{padding:0 15px 10px 15px;} ..h1{font-size:2.4em;margin:0;color:#FFF;}..h2{font-size:1.7em;margin:0;color:#CC0000;} ..h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} ..#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;..background-color:#555555;}..#content{margin:0 0 0 2%;position:relative;}...content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}..-->..</style>..</head>..<body>..<div id="header"><h1>Server Error</h1></div>..<div id="content">.. <div class="content-

                                                                          Chrome Cache Entry: 303

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (5949), with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):5949
                                                                          Entropy (8bit):5.021760613857532
                                                                          Encrypted:false
                                                                          SSDEEP:96:Vq+J+ZRrxLuL7H9T4Mh+HsQ7qQYHq3l0e4QDhMWp:xJ+ZR07HNhhw7qQYHq3l0e4P8
                                                                          MD5:BBF6A2B6E77972F0718F99C86AE3FE92
                                                                          SHA1:806E8C002AE178B41819BEAFE123AE09202DF966
                                                                          SHA-256:78FF6158246E4FA25F994827F90ED69FEEF349AA57449CB404E35C3026BD4B8A
                                                                          SHA-512:4B4F58735190254E74ED9BAF547046642F622EE35414784A093356D28982A28A5D84E4CE71E476A88BC43583B6BB2D916B16A733D67D5B30E145DC2E4182BC8C
                                                                          Malicious:false
                                                                          Preview:function __loadCompat(n){n.Debug=function(){};n.Debug._fail=function(n){throw new Error(n);};n.Debug.writeln=function(n){window.console&&window.console.debug(n)};n.__getNonTextNode=function(n){try{while(n&&n.nodeType!=1)n=n.parentNode}catch(t){n=null}return n}}function _loadSafariCompat(){Node.prototype.__defineGetter__("text",function(){return this.textContent});Node.prototype.__defineSetter__("text",function(n){this.textContent=n});Node.prototype.selectNodes=function(n){var t=this.ownerDocument;return selectNodes(t,n,this)};Node.prototype.selectSingleNode=function(n){var t=this.ownerDocument;return selectSingleNode(t,n,this)};Document.prototype.selectNodes=function(n){return selectNodes(this,n,this.documentElement)};Document.prototype.selectSingleNode=function(n){return selectSingleNode(this,n,this.documentElement)}}function _loadMozillaCompat(n){n.navigate=function(n){window.setTimeout('window.location = "'+n+'";',0)};var t=function(n,t){t._mozillaEventHandler=function(n){return win

                                                                          Chrome Cache Entry: 304

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (31106), with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):31106
                                                                          Entropy (8bit):5.183372295037654
                                                                          Encrypted:false
                                                                          SSDEEP:768:lWo0BHNt8EWDCPEN5DkvBouB8XHEDT95kdnkVv1owjH/7VXDneVh:lP0BHNuEWDCP39GsjpnIh
                                                                          MD5:0404EAE1FEC15D702E14F0C810A35C21
                                                                          SHA1:1D004F5E809634D981432903D5583C55A625E640
                                                                          SHA-256:4FD29AE096D0B83F323D13E0DFFC6E279D8E3818A377085C63D196B4B9149440
                                                                          SHA-512:8BEB433DD5861E153043EB293A936624F972EB9D3C790008A7BE0BEA2BC038239971982A0C4090D1DF6F622F92524E47B8BD22BF8B1C95367F1D9F457AFDECC7
                                                                          Malicious:false
                                                                          Preview:!(function(){if("PerformanceLongTaskTiming"in window){var e=window.__tti={e:[]};e.o=new PerformanceObserver((function(t){e.e=e.e.concat(t.getEntries())}));e.o.observe({entryTypes:["longtask"]})}})();!(function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports["es6-symbol"]=t():(e["es6-symbol"]=t(),e.Symbol=e.Symbol||e["es6-symbol"])})(window,(function(){return(function(e){var t={};function r(n){if(t[n])return t[n].exports;var i=t[n]={i:n,l:!1,exports:{}};return e[n].call(i.exports,i,i.exports,r),i.l=!0,i.exports}return r.m=e,r.c=t,r.d=function(e,t,n){r.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:n})},r.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.t=function(e,t){if(1&t&&(e=r(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e

                                                                          Chrome Cache Entry: 305

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (14666), with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):14666
                                                                          Entropy (8bit):5.192998441009612
                                                                          Encrypted:false
                                                                          SSDEEP:192:9dbIGOqZ05GyaKzhRCwqyf/q2E+Rh99TzlfVNyv83+LBoaWLNwGfiC8O5PPM:9BiUQhRVfye99Pl9483+LBoaWLqv
                                                                          MD5:8880E957219B056B26B67D88CB7FFFF5
                                                                          SHA1:BE024ABFE99C2DC447191E2C59DD96FD9352E2C4
                                                                          SHA-256:4BBB0DBB03A136E993BB2FB363455E7DCABF84CBB17DE37AD6168B9326E56909
                                                                          SHA-512:1E611B1C8D3B7DE4CEE215C989885A6F8256B89A51621B77598A9A363AAF2897FC439DD73860234BA77AB682B84D05437CE0DBBDA59C3C1B5CC9D16662897EC5
                                                                          Malicious:false
                                                                          Preview:if("undefined"!=typeof jSanity)throw"jSanity has been defined, please check if there's any duplicate reference.";jSanity={},function(e){"use strict";var t={inputString:"",maxWidth:"600px",maxHeight:"200px",overflow:"hidden",allowLinks:!0,linkClickCallback:null,customProtocols:{},allowRelativeURLs:!1,allowAudioVideo:!1,unsupportedContentCallback:null,externalContentCallback:function(e,t,r,o){var i;if("attribute"===e&&"src"===t)for(var n in o)if(o.hasOwnProperty(n)&&r.substring(0,n.length)===n){i=!0;break}return i||(r="CSSURL"===e?'url("about:blank")':"about:blank"),r},isolatedTargetDOM:!1,directModifySource:!0,attributePrefix:"jSanity",dataAttributeCallback:null,debugLevel:0,onFinishedCallback:null},r=function(){this.sync=!0,this.jobs=[],this.id=r.globalId++,this.listnerPosfix=0,this.onCompletedListners={},this.onNewJobAddedListners={},this.useSync=function(){this.sync=!0},this.useAsync=function(){this.sync=!1},this.addNewJob=function(e){for(var t in this.jobs.push(e),this.onNewJobAdded

                                                                          Chrome Cache Entry: 306

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):72
                                                                          Entropy (8bit):4.241202481433726
                                                                          Encrypted:false
                                                                          SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                                                          MD5:9E576E34B18E986347909C29AE6A82C6
                                                                          SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                                          SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                                          SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                                          Malicious:false
                                                                          Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                                          Chrome Cache Entry: 307

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JSON data
                                                                          Category:downloaded
                                                                          Size (bytes):1978
                                                                          Entropy (8bit):4.788345523767111
                                                                          Encrypted:false
                                                                          SSDEEP:48:Y/tlGn/Qh3SGhNj3cj1cForArXRmnjYUhKd92MBo4:i+/fGj3cjlrVnjYUk92oo4
                                                                          MD5:41998F19120569F1F28549F72349F909
                                                                          SHA1:30CA71491B7EB0A864C11604B4D51B5E1D759DBD
                                                                          SHA-256:CD535C7AFDBFA9AB03CADB1BB9EB777274CBE1A20CAF23F7C9E782EAC96C4F22
                                                                          SHA-512:93DE4C3EDB3692FC05AA58A7D422C24889E2118D6BFADA588053EB6CEFF6F7A2FBA9C46523B47FD03A3731865E80D00E95061502B9A1D0A78FAB240DC5351F8D
                                                                          Malicious:false
                                                                          URL:https://gbc-onenote.officeapps.live.com/o/AppSettingsHandler.ashx?app=OneNote&usid=cf74d7df-ca30-98d5-2d39-09e8f50586cc&build=
                                                                          Preview:{"timestamp":1724785112326,"BootstrapperUlsHeartBeatIsEnabled":false,"EnableCommonHostDiagnosticsParams":true,"ShouldLogJsApiKpisForWord":true,"EnableFramePageErrorReportingForWord":false,"EnableWordSessionRefreshTelemetry":false,"EnableWordSessionRefreshLoggingCleanup":false,"BootstrapperSettingsFetchPeriod":60000,"BootstrapperUlsHeartbeatIntervalMs":5000,"BootstrapperMaxUlsHeartbeatTime":600000,"BootstrapperNoCompleteWarning1Time":120000,"BootstrapperNoCompleteWarning2Time":180000,"BootstrapperUlsUploadCadenceMs":60000,"WordRefreshTelemetryExpirationInDays":7,"RequestedCallThrottlingDefaultToViewMinimumValue":"Major","RemoteUlsETag":"C42BCAE6AC233D9D9DD7AB85E16914AC39097A00","RemoteUlsSuppressions":"1671813,2209344,3249545,3290144,3548002,4285850,4542814,4542815,4542816,4849922,5904476,6038282,6112007,6375195,7365731,8194017,8458642,8697873,8713889,8713890,8713891,8713920,8713921,8713922,17043994,17044289,17085210,17085216,17162522,18920262,19214611,19707039,19939648,21627712,2241050

                                                                          Chrome Cache Entry: 308

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):11
                                                                          Entropy (8bit):3.2776134368191165
                                                                          Encrypted:false
                                                                          SSDEEP:3:LUQ9:LUA
                                                                          MD5:825644F747BAAB2C00E420DBBC39E4B3
                                                                          SHA1:10588307553E766AB3C7D328D948DC6754893CEF
                                                                          SHA-256:7C41B898C5DA0CFA4AA049B65EF50248BCE9A72D24BEF4C723786431921B75AA
                                                                          SHA-512:BFE6E8DF36C78CBFD17BA9270C86860EE9B051B82594FB8F34A0ADF6A14E1596D2A9DCDC7EB6857101E1502AFF6FF515A36E8BA6C80DA327BC11831624A5DAEA
                                                                          Malicious:false
                                                                          Preview:Bad Request

                                                                          Chrome Cache Entry: 309

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):124159
                                                                          Entropy (8bit):5.304824882770175
                                                                          Encrypted:false
                                                                          SSDEEP:1536:7GcYovBziFSDZ+w5uE2Bg9cFegKF1TA0So4RNRduCzEdb4u0xG1hlHpw:ycYovB4w5Kg9+z0GRNRdunNrvw
                                                                          MD5:914168910571B02884B5843A0D1B56C1
                                                                          SHA1:5416F23AA19293D2123410EDBFD94727A2E297AD
                                                                          SHA-256:003981BBEE6D2307CDBC93E0BB93C93912F31E67BC5D84262F07E7A73E76C92A
                                                                          SHA-512:49F70F4ADB63DBCB2852CCCED8FD2FFD4FFA9E051AF2EF646D2BE6698FA0C95103BCC912369A6D5C50D9763317D3A5470E26C1B9665E76B2762650D6BE0BBE6E
                                                                          Malicious:false
                                                                          URL:https://s1-onenote-15.cdn.office.net/o/s/h003981BBEE6D2307_App_Scripts/MicrosoftAjaxDS.js
                                                                          Preview:(function(){function getAugmentedNamespace(e){if(e.__esModule)return e;var t=e.default;if("function"==typeof t){var r=function e(){if(this instanceof e){var r=[null];return r.push.apply(r,arguments),new(Function.bind.apply(t,r))}return t.apply(this,arguments)};r.prototype=t.prototype}else r={};return Object.defineProperty(r,"__esModule",{value:!0}),Object.keys(e).forEach((function(t){var n=Object.getOwnPropertyDescriptor(e,t);Object.defineProperty(r,t,n.get?n:{enumerable:!0,get:function(){return e[t]}})})),r}var lib={},extendStatics=function(e,t){return extendStatics=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var r in t)Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r])},extendStatics(e,t)};function __extends(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function r(){this.constructor=e}extendStatics(e,t),e.prototype=null===t?Object.create(t):(r.

                                                                          Chrome Cache Entry: 310

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (634)
                                                                          Category:downloaded
                                                                          Size (bytes):4036337
                                                                          Entropy (8bit):5.6578892557708444
                                                                          Encrypted:false
                                                                          SSDEEP:49152:M7NdA/zsh1nNLzMAIKv0Ds8HB2QWJLj6RVpz/wl+aVhpUhwil2m5KdF4rXQXZ/mu:v1AA/WAc
                                                                          MD5:69025E5ED52B3E6310AA2CE4036E2854
                                                                          SHA1:E96554258EC420A418C8C728E49E0F5685D4584E
                                                                          SHA-256:5A16BE7D9C55762378C5D6FE54B601E4B749B43007BAB4ADC0F8FF7A4665D959
                                                                          SHA-512:A808AE02EB46B12C09C701F59123FBE77606F48178EC6CEF6C8C3AD67A348AC67C69515980BD8F6CB15432FF6C7035C2879B8BA68592346538ADF25225A1C703
                                                                          Malicious:false
                                                                          URL:https://s1-onenote-15.cdn.office.net/o/s/h5A16BE7D9C557623_App_Scripts/OneNoteDS.js
                                                                          Preview:/*. Microsoft Corporation. All rights reserved.. The buffer module from node.js, for the browser... @author Feross Aboukhadijeh <https://feross.org>. @license MIT. ieee754. BSD-3-Clause License. Feross Aboukhadijeh <https://feross.org/opensource> Copyright (c) Microsoft Corporation and contributors. All rights reserved.. Licensed under the MIT License..*/.'use strict';function ve(xa){var Ua=0;return function(){return Ua<xa.length?{done:!1,value:xa[Ua++]}:{done:!0}}}var $G="function"==typeof Object.defineProperties?Object.defineProperty:function(xa,Ua,N){if(xa==Array.prototype||xa==Object.prototype)return xa;xa[Ua]=N.value;return xa};.function qH(xa){xa=["object"==typeof globalThis&&globalThis,xa,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var Ua=0;Ua<xa.length;++Ua){var N=xa[Ua];if(N&&N.Math==Math)return N}throw Error("Cannot find global object");}var rH=qH(this);.function uH(xa,Ua){if(Ua)a:{var N=rH;xa=xa.split(".");for(var Da=0

                                                                          Chrome Cache Entry: 311

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Unicode text, UTF-8 text, with very long lines (56385)
                                                                          Category:downloaded
                                                                          Size (bytes):199325
                                                                          Entropy (8bit):5.092989631931542
                                                                          Encrypted:false
                                                                          SSDEEP:6144:55IoymwzWHXzZnoK5fMO6kvBoKrpQmK4Zbwmk29X9vvNCYzRtS:dwOoK5fMO6kvBoKrpQmK4Zbwmk29X9vS
                                                                          MD5:C57A832C4ECA2AEAADCC7A3BB856B078
                                                                          SHA1:5EAD46D4B35CA51C3EE88B23DC0231232E7DD937
                                                                          SHA-256:358193881BE0BB46667984ADBDDF0F0049EED56BA97D00DEECDEFA91D60B54DC
                                                                          SHA-512:AC209759C1D3B00CCAECA23355E4DE4BE8F6DDED2E356F60C597A2FD762D5840412B6B53773B863C33CEBD804957AAB72B21509256C6E80257B0FE400CEA1451
                                                                          Malicious:false
                                                                          URL:https://s1-onenote-15.cdn.office.net/o/s/h358193881BE0BB46_App_Scripts/1033/common-intl.min.js
                                                                          Preview:"use strict";var CommonStrings={qpsPloc_Name:"Pseudo",qpsPloca_Name:"Pseudo (Pseudo Asia)",qpsPlocm_Name:"Pseudo (Pseudo Mirrored)",afrikaans:"Afrikaans",albanian:"Albanian",alsatian:"Alsatian",amharic:"Amharic",arabic:"Arabic",arabic_Algeria:"Arabic (Algeria)",arabic_Bahrain:"Arabic (Bahrain)",arabic_Egypt:"Arabic (Egypt)",arabic_Iraq:"Arabic (Iraq)",arabic_Jordan:"Arabic (Jordan)",arabic_Kuwait:"Arabic (Kuwait)",arabic_Lebanon:"Arabic (Lebanon)",arabic_Libya:"Arabic (Libya)",arabic_Morocco:"Arabic (Morocco)",arabic_Oman:"Arabic (Oman)",arabic_Qatar:"Arabic (Qatar)",arabic_Saudi_Arabia:"Arabic (Saudi Arabia)",arabic_Syria:"Arabic (Syria)",arabic_Tunisia:"Arabic (Tunisia)",arabic_UAE:"Arabic (U.A.E.)",arabic_Yemen:"Arabic (Yemen)",armenian:"Armenian",assamese:"Assamese",azerbaijani:"Azerbaijani",azerbaijani_Cyrillic:"Azerbaijani (Cyrillic)",azerbaijani_Latin:"Azerbaijani (Latin)",bangla_Bangladesh:"Bangla (Bangladesh)",bangla_India:"Bangla (India)",bashkir:"Bashkir",basque:"Basque",bel

                                                                          Chrome Cache Entry: 312

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):175722
                                                                          Entropy (8bit):5.525258064743669
                                                                          Encrypted:false
                                                                          SSDEEP:3072:fvey2tNYuhrrb/xbI6sCnOQeMXbH/3Y3W8AhmKbAASiPRu/8vRlp91:nUNYCrDxbI6sUPeMXbHvNmKbFpL
                                                                          MD5:E84AC01580EAE7825AE4A6FE788C2180
                                                                          SHA1:47A6D41DA1E08B1451BA17804018D6F61D7E4ADC
                                                                          SHA-256:D2A2D8244F9305D4FC519DF36F72A6B0B9016785CADCADCA02435C439B964958
                                                                          SHA-512:D9F8765EB3260CEDE1EA915ACDF58F38CE4A0243382C98D97DAF27314D419B0343EBD7E591C01B942B5C86000327342E714423A7198AF7E74FFF7792362587D7
                                                                          Malicious:false
                                                                          URL:https://wise.gcc.cdn.office.net/wise/owl/owl.slim.b85bbf4e2366ca721a6f.js
                                                                          Preview:var Microsoft;!function(){"use strict";var t,e,n,o,i={68725:function(t,e,n){n.d(e,{h:function(){return s}});var o=n(66411),i=n(38217),r=n(80364),s=function(t){function e(){var e=null!==t&&t.apply(this,arguments)||this;return e.value=null,e.hasNext=!1,e.hasCompleted=!1,e}return o.C6(e,t),e.prototype.U=function(e){return this.hasError?(e.error(this.thrownError),r.y.EMPTY):this.hasCompleted&&this.hasNext?(e.next(this.value),e.complete(),r.y.EMPTY):t.prototype.U.call(this,e)},e.prototype.next=function(t){this.hasCompleted||(this.value=t,this.hasNext=!0)},e.prototype.error=function(e){this.hasCompleted||t.prototype.error.call(this,e)},e.prototype.complete=function(){this.hasCompleted=!0,this.hasNext&&t.prototype.next.call(this,this.value),t.prototype.complete.call(this)},e}(i.B7)},7443:function(t,e,n){n.d(e,{t:function(){return s}});var o=n(66411),i=n(38217),r=n(90256),s=function(t){function e(e){var n=t.call(this)||this;return n.N=e,n}return o.C6(e,t),Object.defineProperty(e.prototype,"val

                                                                          Chrome Cache Entry: 313

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (38319), with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):38319
                                                                          Entropy (8bit):4.894144984125977
                                                                          Encrypted:false
                                                                          SSDEEP:768:N4k0JvWptT2z2p9GmkNqJ3htY1xYhwn5n9O:CJOptT2Sp9v7htY1xYC5n9O
                                                                          MD5:51750E48816F1EC30133B634C2596216
                                                                          SHA1:ADCC6F7E3CE25657E15ACE3BF2F941D69D1A5575
                                                                          SHA-256:F9D844D7F9BC50FFDE02FF10BD265CD7682FA52C942DA4C989AD4AC6BBDF5094
                                                                          SHA-512:A91CB85B094F8B9F71B51E6CD2D18F4B24F6AAE61B32AB3021983D5C184A1AF77E45092608BE00DA667BAE5F44CE648232D21A0AC1EE2703A0115F7AB6B08626
                                                                          Malicious:false
                                                                          Preview:Type.registerNamespace("OneNoteIntl");OneNoteIntl.OneNoteStrings=function(){};OneNoteIntl.OneNoteStrings.registerClass("OneNoteIntl.OneNoteStrings");OneNoteIntl.OneNoteStrings.L_CloudFilesUploadSuccess="Successfully Uploaded : {0}";OneNoteIntl.OneNoteStrings.L_CloudFilesUploadFailed="Error Uploading : {0}";OneNoteIntl.OneNoteStrings.L_ContextMenuSmartLookup="Search";OneNoteIntl.OneNoteStrings.L_ContextMenuTextSmartLookup='Search "{0}"';OneNoteIntl.OneNoteStrings.L_BrowseVersions="Page Versions";OneNoteIntl.OneNoteStrings.L_Camera="Camera";OneNoteIntl.OneNoteStrings.L_CopyNotebook="Copy Notebook";OneNoteIntl.OneNoteStrings.L_HierarchySyncErrorMessage="The new experimental sync feature has experienced an error and your change may not be saved.";OneNoteIntl.OneNoteStrings.L_HierarchySyncErrorRefreshMessage="Please click here or refresh the webpage to resolve the issue.";OneNoteIntl.OneNoteStrings.L_CopyToCloudDescription="Edit and view this notebook on all your devices";OneNoteIntl.OneNot

                                                                          Chrome Cache Entry: 314

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (27024), with CRLF line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):27026
                                                                          Entropy (8bit):5.536845977615562
                                                                          Encrypted:false
                                                                          SSDEEP:384:ne7LRwe03wCS8V012RwlKzXicngH8I4qIZD3338z3YSzK1/0:ne756VnzZbI6Dn8z3YWd
                                                                          MD5:A230E20FEECBB758D7C13303A657EEDD
                                                                          SHA1:F12606CCE8600D9DFB5316610EE5177BA51B0CE9
                                                                          SHA-256:816A0F42A2BF473213A47BE1DDE62215811D54AF1151A1E9916DC215DF6EC776
                                                                          SHA-512:1C6F7288BEBAB71D8B6C7CE21D5F1FAA53C6710FAF1A0F611C0313E71BD5DB17A304E433686836AB2EEAE0E0ACBDDEAA2E1E82EDE54145520542C0361066FEE0
                                                                          Malicious:false
                                                                          URL:https://s1-onenote-15.cdn.office.net/o/s/h816A0F42A2BF4732_resources/1033/EditSurface.css
                                                                          Preview: FocusedContentControl*{margin:0;padding:0;}.EditingSurfaceBody{background-color:transparent;border:none;outline:none;}.EditingSurfaceBody,.EditingSurfaceBody *{-ms-touch-select:none;-webkit-user-select:text;-khtml-user-select:text;-moz-user-select:text;-ms-user-select:text;}.EditMode span.SpellingError,.EditingSurfaceBody span.SpellingError{background-image:url('data:image/gif;base64,R0lGODlhBQAEAJECAP////8AAAAAAAAAACH5BAEAAAIALAAAAAAFAAQAAAIIlGAXCCHrTCgAOw==');border-bottom:solid 1px transparent;}.EditMode span.DictationCorrection,.EditingSurfaceBody span.DictationCorrection{background-image:url("data:image/svg+xml;utf8,<svg xmlns='http://www.w3.org/2000/svg' width='3' height='4'><path d='M 0 0 L 5 5' stroke='gray' stroke-width='1px'/></svg>");border-bottom:solid 1px transparent;}.EditMode span.ContextualSpellingAndGrammarError,.EditingSurfaceBody span.ContextualSpellingAndGrammarError{background-image:url('data:image/gif;base64,R0lGODlhBQAEAPEDAABVzDNVzDNV/wAAACH5BAUAAAMALAAAAAAFAAQ

                                                                          Chrome Cache Entry: 315

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):78750
                                                                          Entropy (8bit):5.0607329606109674
                                                                          Encrypted:false
                                                                          SSDEEP:768:+pCmHr0AOKTnbhCxm6Mll0zBSMuEn047nNXcb7GLLWZWxWG6sS6bxiw:+pCydxgxmt98NXcb7GLLCmWsSExn
                                                                          MD5:144E3938BE11B62635FE0FBEDFB8F991
                                                                          SHA1:19F09E844E8D4C78EF77673943C15D07E02B5378
                                                                          SHA-256:D0A7EF0C9073A44AA8E4BD8782692273D08A1F386A032AD2AE5BA0141D7AB72B
                                                                          SHA-512:8C4574FACBAF44806A9F2EF978B3B1E310A1DE06AC4A7212AFC26F6D0D09C10E4DE9C0B8FE6C309FF8D3FF26C8A871B182EE4C08985CD410D15AF78E0E3EF542
                                                                          Malicious:false
                                                                          Preview:Type.registerNamespace("Box4Intl");Box4Intl.Box4Strings=function(){};Box4Intl.Box4Strings.registerClass("Box4Intl.Box4Strings");Box4Intl.Box4Strings.l_OutlineResizeAlt="Resize the Outline";Box4Intl.Box4Strings.l_NavigationPaneContentsLabel="Notebook Contents";Box4Intl.Box4Strings.l_UntitledPageText="Untitled Page";Box4Intl.Box4Strings.l_UntitledSection="Untitled Section";Box4Intl.Box4Strings.l_NotebookPagesSection="General Pages";Box4Intl.Box4Strings.l_ProtoButtonText="New Page";Box4Intl.Box4Strings.l_SectionGroupAltText="Section Group";Box4Intl.Box4Strings.l_SectionGroupArrowAltText="Navigate Up";Box4Intl.Box4Strings.l_DefaultUserName="Unknown User";Box4Intl.Box4Strings.l_UserInitialsDelimeter="; ";Box4Intl.Box4Strings.l_PageLoadingText="Loading...";Box4Intl.Box4Strings.l_OreoSpinnerText="Loading Page...";Box4Intl.Box4Strings.l_ConflictPage="Conflict Page";Box4Intl.Box4Strings.l_PageAccessibilityContext="Page {0}";Box4Intl.Box4Strings.l_PageWithSearchResultsAccessibilityContext="Page

                                                                          Chrome Cache Entry: 316

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (7230)
                                                                          Category:downloaded
                                                                          Size (bytes):7280
                                                                          Entropy (8bit):5.289025655086686
                                                                          Encrypted:false
                                                                          SSDEEP:96:QqVlV0+Zmn1xfhxmK1PisXxzuip6ouBEgqkVAW6f3ipFI0LP3hVUmVnPkWQmd5eY:hV0+Zmh1PbxqiPgDVAzi9hJtPk5OTR2S
                                                                          MD5:367CAF2F0365117B71F6B2C3F2611430
                                                                          SHA1:8FF3D9011B5E60561259448FD5B5987B98E96353
                                                                          SHA-256:E617224E4E9834026BECB6306D58D32262ADB1C338F1F6DD7FC7041E198239DD
                                                                          SHA-512:6CFEE99F6E2167C9E18DD6A4CF4BE3C6D259B7774FF12E192A663D15E1B337C027C8025188165D89D7FE1EA0F516A040CA3E24FD2212226534BD157F99303F66
                                                                          Malicious:false
                                                                          URL:https://s1-onenote-15.cdn.office.net/o/s/161800641008_App_Scripts/wp5/appResourceLoader.min.js
                                                                          Preview:var appResourceLoader;!function(){"use strict";var e,n,t,o,r={90651:function(e,n,t){t.r(n),t.d(n,{init:function(){return c.Ts},loadChunk:function(){return g},loadIntlBootResources:function(){return a}});var o=t(5989);let r,i=!1;function a(e){const n="onenote-ribbon-intl.min.js";return i||(r=(0,o.loadScript)(n,e.scriptBaseUrl.concat(n),void 0,5),i=!0),r}var c=t(72340);const u="appChrome",s="canvasAtMentions",l="loopLoadingManager",d="navigation",f="onenote-navpane-strings",p="onenote-ribbon-intl",h="onenote-whatsnew-strings",m="sharedComments",b="comment-pane-strings",v={[u]:{dependencies:[p]},[l]:{},[m]:{dependencies:[b]},[s]:{dependencies:[b]},[d]:{dependencies:[f,h]},[p]:{isLocalized:!0},"onenote-ribbon-sprite-lazy":{isLocalized:!0},"onenote-ribbon-intl-lazy":{isLocalized:!0},"onenote-intl-mlr-lazy":{isLocalized:!0},[f]:{isLocalized:!0},[h]:{isLocalized:!0},"onenote-ribbon-sprite":{isLocalized:!0},"onenote-mlr-sprite":{isLocalized:!0},"onenote-mlr-sprite-lazy":{isLocalized:!0},"tellm

                                                                          Chrome Cache Entry: 317

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:JSON data
                                                                          Category:dropped
                                                                          Size (bytes):72
                                                                          Entropy (8bit):4.241202481433726
                                                                          Encrypted:false
                                                                          SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                                                          MD5:9E576E34B18E986347909C29AE6A82C6
                                                                          SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                                          SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                                          SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                                          Malicious:false
                                                                          Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                                          Chrome Cache Entry: 318

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (634)
                                                                          Category:dropped
                                                                          Size (bytes):4036337
                                                                          Entropy (8bit):5.6578892557708444
                                                                          Encrypted:false
                                                                          SSDEEP:49152:M7NdA/zsh1nNLzMAIKv0Ds8HB2QWJLj6RVpz/wl+aVhpUhwil2m5KdF4rXQXZ/mu:v1AA/WAc
                                                                          MD5:69025E5ED52B3E6310AA2CE4036E2854
                                                                          SHA1:E96554258EC420A418C8C728E49E0F5685D4584E
                                                                          SHA-256:5A16BE7D9C55762378C5D6FE54B601E4B749B43007BAB4ADC0F8FF7A4665D959
                                                                          SHA-512:A808AE02EB46B12C09C701F59123FBE77606F48178EC6CEF6C8C3AD67A348AC67C69515980BD8F6CB15432FF6C7035C2879B8BA68592346538ADF25225A1C703
                                                                          Malicious:false
                                                                          Preview:/*. Microsoft Corporation. All rights reserved.. The buffer module from node.js, for the browser... @author Feross Aboukhadijeh <https://feross.org>. @license MIT. ieee754. BSD-3-Clause License. Feross Aboukhadijeh <https://feross.org/opensource> Copyright (c) Microsoft Corporation and contributors. All rights reserved.. Licensed under the MIT License..*/.'use strict';function ve(xa){var Ua=0;return function(){return Ua<xa.length?{done:!1,value:xa[Ua++]}:{done:!0}}}var $G="function"==typeof Object.defineProperties?Object.defineProperty:function(xa,Ua,N){if(xa==Array.prototype||xa==Object.prototype)return xa;xa[Ua]=N.value;return xa};.function qH(xa){xa=["object"==typeof globalThis&&globalThis,xa,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var Ua=0;Ua<xa.length;++Ua){var N=xa[Ua];if(N&&N.Math==Math)return N}throw Error("Cannot find global object");}var rH=qH(this);.function uH(xa,Ua){if(Ua)a:{var N=rH;xa=xa.split(".");for(var Da=0

                                                                          Chrome Cache Entry: 319

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):143258
                                                                          Entropy (8bit):5.368966424594526
                                                                          Encrypted:false
                                                                          SSDEEP:3072:dxcfl99UraEACfe6SNmGli0uuK1o9xDy9rhlk31uPvBrbVJ:dxcfl9c/ACwAa3hBmvV
                                                                          MD5:FDB1129E7AEFC89BF5633AFF6BA8CD4E
                                                                          SHA1:F09E2C83A6F892C7381E9306597E20DC5ED13EBA
                                                                          SHA-256:564A7E80B2F31CA9605E1B0E26FD913BE7761B095364533A7732CC02E4A010BD
                                                                          SHA-512:E10A66325FC748A1C796A824467494F61AED9F599A17C58D5E10D3E8FFFA98C45A68448B9F863FF39981909615769366F48CF9A7EB195EADDFBB22451DFA56E4
                                                                          Malicious:false
                                                                          URL:https://wise.gcc.cdn.office.net/wise/owl/onenote-boot.35885234f8e241512812.js
                                                                          Preview:var Microsoft="object"==typeof Microsoft?Microsoft:{};Microsoft.Office=Microsoft.Office||{},Microsoft.Office.OneNote=function(t){var e={};function i(s){if(e[s])return e[s].exports;var o=e[s]={i:s,l:!1,exports:{}};return t[s].call(o.exports,o,o.exports,i),o.l=!0,o.exports}return i.m=t,i.c=e,i.d=function(t,e,s){i.o(t,e)||Object.defineProperty(t,e,{enumerable:!0,get:s})},i.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},i.t=function(t,e){if(1&e&&(t=i(t)),8&e)return t;if(4&e&&"object"==typeof t&&t&&t.__esModule)return t;var s=Object.create(null);if(i.r(s),Object.defineProperty(s,"default",{enumerable:!0,value:t}),2&e&&"string"!=typeof t)for(var o in t)i.d(s,o,function(e){return t[e]}.bind(null,o));return s},i.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return i.d(e,"a",e),e},i.o=function(t,e){return Object.prototype.hasOwnPro

                                                                          Chrome Cache Entry: 320

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (31106), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):31106
                                                                          Entropy (8bit):5.183372295037654
                                                                          Encrypted:false
                                                                          SSDEEP:768:lWo0BHNt8EWDCPEN5DkvBouB8XHEDT95kdnkVv1owjH/7VXDneVh:lP0BHNuEWDCP39GsjpnIh
                                                                          MD5:0404EAE1FEC15D702E14F0C810A35C21
                                                                          SHA1:1D004F5E809634D981432903D5583C55A625E640
                                                                          SHA-256:4FD29AE096D0B83F323D13E0DFFC6E279D8E3818A377085C63D196B4B9149440
                                                                          SHA-512:8BEB433DD5861E153043EB293A936624F972EB9D3C790008A7BE0BEA2BC038239971982A0C4090D1DF6F622F92524E47B8BD22BF8B1C95367F1D9F457AFDECC7
                                                                          Malicious:false
                                                                          URL:https://res-2-gcc.cdn.office.net/files/odsp-web-prod_2024-08-09.009/require-0404eae1.js
                                                                          Preview:!(function(){if("PerformanceLongTaskTiming"in window){var e=window.__tti={e:[]};e.o=new PerformanceObserver((function(t){e.e=e.e.concat(t.getEntries())}));e.o.observe({entryTypes:["longtask"]})}})();!(function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports["es6-symbol"]=t():(e["es6-symbol"]=t(),e.Symbol=e.Symbol||e["es6-symbol"])})(window,(function(){return(function(e){var t={};function r(n){if(t[n])return t[n].exports;var i=t[n]={i:n,l:!1,exports:{}};return e[n].call(i.exports,i,i.exports,r),i.l=!0,i.exports}return r.m=e,r.c=t,r.d=function(e,t,n){r.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:n})},r.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.t=function(e,t){if(1&t&&(e=r(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e

                                                                          Chrome Cache Entry: 321

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Unicode text, UTF-8 text, with very long lines (56385)
                                                                          Category:dropped
                                                                          Size (bytes):199325
                                                                          Entropy (8bit):5.092989631931542
                                                                          Encrypted:false
                                                                          SSDEEP:6144:55IoymwzWHXzZnoK5fMO6kvBoKrpQmK4Zbwmk29X9vvNCYzRtS:dwOoK5fMO6kvBoKrpQmK4Zbwmk29X9vS
                                                                          MD5:C57A832C4ECA2AEAADCC7A3BB856B078
                                                                          SHA1:5EAD46D4B35CA51C3EE88B23DC0231232E7DD937
                                                                          SHA-256:358193881BE0BB46667984ADBDDF0F0049EED56BA97D00DEECDEFA91D60B54DC
                                                                          SHA-512:AC209759C1D3B00CCAECA23355E4DE4BE8F6DDED2E356F60C597A2FD762D5840412B6B53773B863C33CEBD804957AAB72B21509256C6E80257B0FE400CEA1451
                                                                          Malicious:false
                                                                          Preview:"use strict";var CommonStrings={qpsPloc_Name:"Pseudo",qpsPloca_Name:"Pseudo (Pseudo Asia)",qpsPlocm_Name:"Pseudo (Pseudo Mirrored)",afrikaans:"Afrikaans",albanian:"Albanian",alsatian:"Alsatian",amharic:"Amharic",arabic:"Arabic",arabic_Algeria:"Arabic (Algeria)",arabic_Bahrain:"Arabic (Bahrain)",arabic_Egypt:"Arabic (Egypt)",arabic_Iraq:"Arabic (Iraq)",arabic_Jordan:"Arabic (Jordan)",arabic_Kuwait:"Arabic (Kuwait)",arabic_Lebanon:"Arabic (Lebanon)",arabic_Libya:"Arabic (Libya)",arabic_Morocco:"Arabic (Morocco)",arabic_Oman:"Arabic (Oman)",arabic_Qatar:"Arabic (Qatar)",arabic_Saudi_Arabia:"Arabic (Saudi Arabia)",arabic_Syria:"Arabic (Syria)",arabic_Tunisia:"Arabic (Tunisia)",arabic_UAE:"Arabic (U.A.E.)",arabic_Yemen:"Arabic (Yemen)",armenian:"Armenian",assamese:"Assamese",azerbaijani:"Azerbaijani",azerbaijani_Cyrillic:"Azerbaijani (Cyrillic)",azerbaijani_Latin:"Azerbaijani (Latin)",bangla_Bangladesh:"Bangla (Bangladesh)",bangla_India:"Bangla (India)",bashkir:"Bashkir",basque:"Basque",bel

                                                                          Chrome Cache Entry: 322

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):78750
                                                                          Entropy (8bit):5.0607329606109674
                                                                          Encrypted:false
                                                                          SSDEEP:768:+pCmHr0AOKTnbhCxm6Mll0zBSMuEn047nNXcb7GLLWZWxWG6sS6bxiw:+pCydxgxmt98NXcb7GLLCmWsSExn
                                                                          MD5:144E3938BE11B62635FE0FBEDFB8F991
                                                                          SHA1:19F09E844E8D4C78EF77673943C15D07E02B5378
                                                                          SHA-256:D0A7EF0C9073A44AA8E4BD8782692273D08A1F386A032AD2AE5BA0141D7AB72B
                                                                          SHA-512:8C4574FACBAF44806A9F2EF978B3B1E310A1DE06AC4A7212AFC26F6D0D09C10E4DE9C0B8FE6C309FF8D3FF26C8A871B182EE4C08985CD410D15AF78E0E3EF542
                                                                          Malicious:false
                                                                          URL:https://s1-onenote-15.cdn.office.net/o/s/hD0A7EF0C9073A44A_App_Scripts/1033/Box4Intl.js
                                                                          Preview:Type.registerNamespace("Box4Intl");Box4Intl.Box4Strings=function(){};Box4Intl.Box4Strings.registerClass("Box4Intl.Box4Strings");Box4Intl.Box4Strings.l_OutlineResizeAlt="Resize the Outline";Box4Intl.Box4Strings.l_NavigationPaneContentsLabel="Notebook Contents";Box4Intl.Box4Strings.l_UntitledPageText="Untitled Page";Box4Intl.Box4Strings.l_UntitledSection="Untitled Section";Box4Intl.Box4Strings.l_NotebookPagesSection="General Pages";Box4Intl.Box4Strings.l_ProtoButtonText="New Page";Box4Intl.Box4Strings.l_SectionGroupAltText="Section Group";Box4Intl.Box4Strings.l_SectionGroupArrowAltText="Navigate Up";Box4Intl.Box4Strings.l_DefaultUserName="Unknown User";Box4Intl.Box4Strings.l_UserInitialsDelimeter="; ";Box4Intl.Box4Strings.l_PageLoadingText="Loading...";Box4Intl.Box4Strings.l_OreoSpinnerText="Loading Page...";Box4Intl.Box4Strings.l_ConflictPage="Conflict Page";Box4Intl.Box4Strings.l_PageAccessibilityContext="Page {0}";Box4Intl.Box4Strings.l_PageWithSearchResultsAccessibilityContext="Page

                                                                          Chrome Cache Entry: 323

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:gzip compressed data, from Unix, original size modulo 2^32 456599
                                                                          Category:dropped
                                                                          Size (bytes):140003
                                                                          Entropy (8bit):7.997374878298236
                                                                          Encrypted:true
                                                                          SSDEEP:3072:jJLmeOVeODPR/0Xr9FT/UCzp6473JKpIS8UmFet31F1pOcc4AcmG+JIwJy:jvOFDP2Bb64V6D1pxAcV4y
                                                                          MD5:D429AD96C5A35054CE3A27DDE2CC885F
                                                                          SHA1:4D41CF3460DEBF234CC260D620580D978FA8A42C
                                                                          SHA-256:581B9FA76F75273F788534B9497D6730F78A09657AA950319067A907F956CBB6
                                                                          SHA-512:C8B7CF8C1A43AF164B0DB820D1B891CE8135EAFFA9CC7AA32D28BEE90E5F1FF2306D09A89080A2D45446956B51A057DDF1A07C0649ABD8E48427989E6B3D9AC8
                                                                          Malicious:false
                                                                          Preview:............w.6.0...WH<su...%.M..I.d.o.&...^Y.....).jH.+...k.A.$%...|g..5..x?666....n.C.wR.3Q....,_Q.3.Y....S0..qv..d..c.k..2.{1..........W......!"o..4.0.d.f...<gB^.9_.q..\.0.b...<.L..?...].mV..OU. g4..._.3\6,.9..\...N.<........K, W..P",.I(.v>.E.."..9..{._..-..r.|i.......{...M7.Pi..vG.T_.....).......R.>p.&.f..][..|..9....".b.R.x>OX..T2.P...}]g...T..VI..D....|..c..s..J.lA7...S.Z6u......}a.uJ%.t.w....!.I.PIUB...5..J}.x>..M..\}..b...b]...o.......q....j.W{.v...F.....h...C...`.s..L...n.....=.G...BR..l.Q].z~klP.'r.....,...u..Hdz\...7..t'>....~..4..&{..M....=.....6..y.....t.4.-:....4..".....`w./.k.>.<....:..:j.:...X.....^tD&;..g...&.Y.......j."D[y..S..../f.L..$..Y....DQ(.b..`..@{X....r.s.....K_-...0%4_*$S.R&..f,^.89A. W;T.....vq.].....;........}.K.....Fj....p(..=n..S........i.R.z..bJg.M...."...z..`.....I.....u..zl.....C.Z6dh._S.....9.....5.6.|,....:e.......|./.E..r)...15C.yc.qF..O&22.H'.&t..u.e.:...%.2U.Z..."e.l]S.7...e..T.w..u.......G......~....i

                                                                          Chrome Cache Entry: 324

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (5949), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):5949
                                                                          Entropy (8bit):5.021760613857532
                                                                          Encrypted:false
                                                                          SSDEEP:96:Vq+J+ZRrxLuL7H9T4Mh+HsQ7qQYHq3l0e4QDhMWp:xJ+ZR07HNhhw7qQYHq3l0e4P8
                                                                          MD5:BBF6A2B6E77972F0718F99C86AE3FE92
                                                                          SHA1:806E8C002AE178B41819BEAFE123AE09202DF966
                                                                          SHA-256:78FF6158246E4FA25F994827F90ED69FEEF349AA57449CB404E35C3026BD4B8A
                                                                          SHA-512:4B4F58735190254E74ED9BAF547046642F622EE35414784A093356D28982A28A5D84E4CE71E476A88BC43583B6BB2D916B16A733D67D5B30E145DC2E4182BC8C
                                                                          Malicious:false
                                                                          URL:https://s1-onenote-15.cdn.office.net/o/s/h78FF6158246E4FA2_App_Scripts/CompatParentElementFix.js
                                                                          Preview:function __loadCompat(n){n.Debug=function(){};n.Debug._fail=function(n){throw new Error(n);};n.Debug.writeln=function(n){window.console&&window.console.debug(n)};n.__getNonTextNode=function(n){try{while(n&&n.nodeType!=1)n=n.parentNode}catch(t){n=null}return n}}function _loadSafariCompat(){Node.prototype.__defineGetter__("text",function(){return this.textContent});Node.prototype.__defineSetter__("text",function(n){this.textContent=n});Node.prototype.selectNodes=function(n){var t=this.ownerDocument;return selectNodes(t,n,this)};Node.prototype.selectSingleNode=function(n){var t=this.ownerDocument;return selectSingleNode(t,n,this)};Document.prototype.selectNodes=function(n){return selectNodes(this,n,this.documentElement)};Document.prototype.selectSingleNode=function(n){return selectSingleNode(this,n,this.documentElement)}}function _loadMozillaCompat(n){n.navigate=function(n){window.setTimeout('window.location = "'+n+'";',0)};var t=function(n,t){t._mozillaEventHandler=function(n){return win

                                                                          Chrome Cache Entry: 325

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):143258
                                                                          Entropy (8bit):5.368966424594526
                                                                          Encrypted:false
                                                                          SSDEEP:3072:dxcfl99UraEACfe6SNmGli0uuK1o9xDy9rhlk31uPvBrbVJ:dxcfl9c/ACwAa3hBmvV
                                                                          MD5:FDB1129E7AEFC89BF5633AFF6BA8CD4E
                                                                          SHA1:F09E2C83A6F892C7381E9306597E20DC5ED13EBA
                                                                          SHA-256:564A7E80B2F31CA9605E1B0E26FD913BE7761B095364533A7732CC02E4A010BD
                                                                          SHA-512:E10A66325FC748A1C796A824467494F61AED9F599A17C58D5E10D3E8FFFA98C45A68448B9F863FF39981909615769366F48CF9A7EB195EADDFBB22451DFA56E4
                                                                          Malicious:false
                                                                          Preview:var Microsoft="object"==typeof Microsoft?Microsoft:{};Microsoft.Office=Microsoft.Office||{},Microsoft.Office.OneNote=function(t){var e={};function i(s){if(e[s])return e[s].exports;var o=e[s]={i:s,l:!1,exports:{}};return t[s].call(o.exports,o,o.exports,i),o.l=!0,o.exports}return i.m=t,i.c=e,i.d=function(t,e,s){i.o(t,e)||Object.defineProperty(t,e,{enumerable:!0,get:s})},i.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},i.t=function(t,e){if(1&e&&(t=i(t)),8&e)return t;if(4&e&&"object"==typeof t&&t&&t.__esModule)return t;var s=Object.create(null);if(i.r(s),Object.defineProperty(s,"default",{enumerable:!0,value:t}),2&e&&"string"!=typeof t)for(var o in t)i.d(s,o,function(e){return t[e]}.bind(null,o));return s},i.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return i.d(e,"a",e),e},i.o=function(t,e){return Object.prototype.hasOwnPro

                                                                          Chrome Cache Entry: 326

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                          Category:downloaded
                                                                          Size (bytes):442047
                                                                          Entropy (8bit):5.31439550015042
                                                                          Encrypted:false
                                                                          SSDEEP:12288:5p8JjHqc4zxn+9xVpkL59tJjsgeRS37Fn9nr:Vnr
                                                                          MD5:367176F41BF359A7A69564D48B986E6E
                                                                          SHA1:4D5A6A891BD5F00FAF5355D801E52668664E39BD
                                                                          SHA-256:4C9F1ED88F357110E6045117F7060B1D284204DB1ABC0C4D46535E58643D63A7
                                                                          SHA-512:352031B67BB008414C3EBDE72A2D4D4F2F3188E99795A86B00FA6D35F33D7123FB71020795703252E8CA767B3B8E50DB189DB53A44A62F18A364C92C0BA5EDC6
                                                                          Malicious:false
                                                                          URL:https://s1-onenote-15.cdn.office.net/o/s/h4C9F1ED88F357110_resources/1033/OneNote.Refresh.css
                                                                          Preview:.headBrand{cursor:default;line-height:48px;font-size:22px;margin-left:20px;margin-right:20px;font-family:'SegoeUI-SemiLight-final','Segoe UI SemiLight','Segoe UI WPC Semilight','Segoe UI',Segoe,Tahoma,Helvetica,Arial,sans-serif;}.cui-topBar1-transistionalHeaderUI .headBrand{width:auto !important;height:24px !important;line-height:normal !important;padding-bottom:12px;padding-top:12px;display:inline-block;font-size:17px;font-family:inherit;margin-left:17px;margin-right:17px;font-family:'Segoe UI','Segoe UI Web',Arial,Verdana,sans-serif;}.cui-topBar1-transitionalReactHeaderUI .headBrand{width:auto !important;line-height:48px !important;padding:0 6px;display:inline-block;font-size:16px;font-weight:600;font-family:"Segoe UI","Segoe UI Web (West European)","Segoe UI",-apple-system,BlinkMacSystemFont,Roboto,"Helvetica Neue",sans-serif;}@font-face{font-family:"Segoe UI Web Light";font-style:normal;font-weight:normal;src:local("Segoe UI Light"),url('./segoeuil.woff') format('woff'),url('./sego

                                                                          Chrome Cache Entry: 327

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:Unicode text, UTF-8 text, with very long lines (1592)
                                                                          Category:dropped
                                                                          Size (bytes):6729
                                                                          Entropy (8bit):5.017081248596727
                                                                          Encrypted:false
                                                                          SSDEEP:192:f4oYSnScpAUV3POJeFpYWm9L4vRJWq2oeP1LPwGCnjKqAch:hF4qpdm9xXjPlPwhjlAch
                                                                          MD5:9F459A70528415ABEB166090BDB0EB08
                                                                          SHA1:436F5FF3F97954ACEF8B8BCA7ABBFA71E5AB91D2
                                                                          SHA-256:54FDAEB506B1BD9968E9D3EA365F2BC82B04E161E53EF9C68EDB4BB27E8FD324
                                                                          SHA-512:7E7F9EF76FB7C53E26293844DB0951A71AAAD192D118EFE561E72A529C862EB1A4DC15967C8F0656834F3388687FFDB129228194B5FEB707B3B6EE9054DE3117
                                                                          Malicious:false
                                                                          Preview:"use strict";(self.odspNextWebpackJsonp=self.odspNextWebpackJsonp||[]).push([["ondemand.resx"],{706:e=>{e.exports=JSON.parse('{"a":"EnvironmentType is invalid","b":"Invalid GUID string: \\u0022{0}\\u0022","f":"The value for \\u0022{0}\\u0022 is false","g":"The value for \\u0022{0}\\u0022 must not be null","h":"The value for \\u0022{0}\\u0022 must not be undefined","e":"The value for \\u0022{0}\\u0022 must not be an empty string","d":"The \\u0022{0}\\u0022 object cannot be used because it has been disposed.","c":"Invalid version string: \\u0022{0}\\u0022","j":"Cannot consume services because the scope is not finished yet","k":"Cannot consume services during ServiceScope autocreation","i":"The ServiceScope is already finished","l":"Cannot register service because the scope is already finished","m":"The service key \\u0022{0}\\u0022 has already been registered in this scope","o":"INNERERROR:","n":"CALLSTACK:","p":"LOGPROPERTIES:"}')}.,804:e=>{e.exports=JSON.parse('{"a":"A source with id \

                                                                          Chrome Cache Entry: 328

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (30497), with no line terminators
                                                                          Category:dropped
                                                                          Size (bytes):30497
                                                                          Entropy (8bit):5.0064253326064065
                                                                          Encrypted:false
                                                                          SSDEEP:384:NpM3QZmZwe3CDLqHOGRvCEWMYdd9KaAQnzkY65dv:NpM3QZbLqHO4XYdd9KvQnzkY65dv
                                                                          MD5:E55F3C2F2F2F2A339E4B0A08030E9803
                                                                          SHA1:729D608C534829E07F5DCDBBD75BBC031A9E9D9A
                                                                          SHA-256:40CBE329851D4261E0E4A3B3665FD1025747AAC3CBFD87689CF3F2689CACF4E9
                                                                          SHA-512:CB67A880ECAA6F59844F6604BB98A7E27AB64F639AC79BA683C164A2A809BFAF1D3B224CC50138846B8646EF05409820AEE490BA83D637145E16A78E67CF4847
                                                                          Malicious:false
                                                                          Preview:Type.registerNamespace("WoncaIntl");WoncaIntl.WoncaStrings=function(){};WoncaIntl.WoncaStrings.registerClass("WoncaIntl.WoncaStrings");WoncaIntl.WoncaStrings.L_RibbonLabel="Ribbon";WoncaIntl.WoncaStrings.L_TabHome="Home";WoncaIntl.WoncaStrings.L_TabInsert="Insert";WoncaIntl.WoncaStrings.L_TabWordDesign="Design";WoncaIntl.WoncaStrings.L_TabReferences="References";WoncaIntl.WoncaStrings.L_TabMailings="Mailings";WoncaIntl.WoncaStrings.L_TabReview="Review";WoncaIntl.WoncaStrings.L_TabView="View";WoncaIntl.WoncaStrings.L_TabDeveloper="Developer";WoncaIntl.WoncaStrings.L_TabAddIns="Add-ins";WoncaIntl.WoncaStrings.L_TabTableTools="Table Tools";WoncaIntl.WoncaStrings.L_TabLayout="Layout";WoncaIntl.WoncaStrings.L_TabPictureTools="Picture Tools";WoncaIntl.WoncaStrings.L_TabFormatPicture="Format";WoncaIntl.WoncaStrings.L_TabDesign="Design";WoncaIntl.WoncaStrings.L_TabHelp="Help";WoncaIntl.WoncaStrings.L_GroupUndoRedo="Undo";WoncaIntl.WoncaStrings.L_GroupClipboard="Clipboard";WoncaIntl.WoncaString

                                                                          Chrome Cache Entry: 329

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (65457)
                                                                          Category:downloaded
                                                                          Size (bytes):141166
                                                                          Entropy (8bit):5.3305714273848155
                                                                          Encrypted:false
                                                                          SSDEEP:1536:lrekafzVM8v4ZvE3DUJ/N0SoY+2d2j6Cha18suGEYE4yH/OqyOPGJH76ORJDJ:5ekl8v4ZvEQUSov2dqha1JefOz1RJt
                                                                          MD5:CF40E07C7BB771ED65050122E3FFA5E8
                                                                          SHA1:9C5FA3EEEE1341C7B78727D28185AE3842377F09
                                                                          SHA-256:F0493D84E9C36FD98B4EADECD3AC0F5974BE243F2E1FF897D66701840B0731A2
                                                                          SHA-512:9D45059CE8A95C07307FF958DE5B038E535E98A1FD81BFBA18BD01BBC2C99443E4F2BE43BB80FEF1C073959CCE982D863DB98055FB7C58D5B4F83EF1AB9796EF
                                                                          Malicious:false
                                                                          URL:https://res-2-gcc.cdn.office.net/files/sp-client/odsp.1ds/odsp.1ds.lib-f4331117.js
                                                                          Preview:/*! For license information please see odsp.1ds.lib-f4331117.js.LICENSE.txt */."use strict";(self.odspNextWebpackJsonp=self.odspNextWebpackJsonp||[]).push([["odsp.1ds.lib"],{"1ds-lib":function(e,t,n){n.r(t),n.d(t,{_InMemoryPropertyStorage:function(){return Ls},_OneDSLogger:function(){return As}});var a={};n.r(a),n.d(a,{optionalDiagnostic:function(){return fs},requiredDiagnostic:function(){return us},requiredService:function(){return ps}});var i=function(e,t){return i=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},i(e,t)};function r(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function n(){this.constructor=e}i(e,t),e.prototype=null===t?Object.create(t):(n.prototype=t.prototype,new n)}var o=function(){return o=Object.assign||function(e){for(var t,n=1,a=arguments.length;n<a;n++)for(var i i

                                                                          Chrome Cache Entry: 330

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (7230)
                                                                          Category:dropped
                                                                          Size (bytes):7280
                                                                          Entropy (8bit):5.289025655086686
                                                                          Encrypted:false
                                                                          SSDEEP:96:QqVlV0+Zmn1xfhxmK1PisXxzuip6ouBEgqkVAW6f3ipFI0LP3hVUmVnPkWQmd5eY:hV0+Zmh1PbxqiPgDVAzi9hJtPk5OTR2S
                                                                          MD5:367CAF2F0365117B71F6B2C3F2611430
                                                                          SHA1:8FF3D9011B5E60561259448FD5B5987B98E96353
                                                                          SHA-256:E617224E4E9834026BECB6306D58D32262ADB1C338F1F6DD7FC7041E198239DD
                                                                          SHA-512:6CFEE99F6E2167C9E18DD6A4CF4BE3C6D259B7774FF12E192A663D15E1B337C027C8025188165D89D7FE1EA0F516A040CA3E24FD2212226534BD157F99303F66
                                                                          Malicious:false
                                                                          Preview:var appResourceLoader;!function(){"use strict";var e,n,t,o,r={90651:function(e,n,t){t.r(n),t.d(n,{init:function(){return c.Ts},loadChunk:function(){return g},loadIntlBootResources:function(){return a}});var o=t(5989);let r,i=!1;function a(e){const n="onenote-ribbon-intl.min.js";return i||(r=(0,o.loadScript)(n,e.scriptBaseUrl.concat(n),void 0,5),i=!0),r}var c=t(72340);const u="appChrome",s="canvasAtMentions",l="loopLoadingManager",d="navigation",f="onenote-navpane-strings",p="onenote-ribbon-intl",h="onenote-whatsnew-strings",m="sharedComments",b="comment-pane-strings",v={[u]:{dependencies:[p]},[l]:{},[m]:{dependencies:[b]},[s]:{dependencies:[b]},[d]:{dependencies:[f,h]},[p]:{isLocalized:!0},"onenote-ribbon-sprite-lazy":{isLocalized:!0},"onenote-ribbon-intl-lazy":{isLocalized:!0},"onenote-intl-mlr-lazy":{isLocalized:!0},[f]:{isLocalized:!0},[h]:{isLocalized:!0},"onenote-ribbon-sprite":{isLocalized:!0},"onenote-mlr-sprite":{isLocalized:!0},"onenote-mlr-sprite-lazy":{isLocalized:!0},"tellm

                                                                          Chrome Cache Entry: 331

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
                                                                          Category:dropped
                                                                          Size (bytes):7886
                                                                          Entropy (8bit):3.675002721266739
                                                                          Encrypted:false
                                                                          SSDEEP:96:HOmS/+CtmE8mmmmm08mmmmmtf8mmmmmO8mmmmm+8mmmmmo8mmmmmo8mmmmmSC3on:AGHFk
                                                                          MD5:7A7A4890CAAA77025E1B33A6D6E474EE
                                                                          SHA1:DC735B99D9EF0C76B4A7AEAE8BAA4CBD9551BA77
                                                                          SHA-256:9E1DA5BF715135491519A188CAD977DB6CBA414071E2407B69D63221379D8802
                                                                          SHA-512:291692981A555857F95A3378B511E27B60154B95EA0BA0452B3A5536D9A63A16B00518066E4F4B60E6A73CBD2A7C46B99A18102EA5970989B9736E57A6474D30
                                                                          Malicious:false
                                                                          Preview:...... .... .....6......... ............... .h...f...(... ...@..... ..........................................................................................................................................................................................................................................................................................................................d...d...d...d...d...d...d...d...d...d...d...d...d...d...d...d...d....w...w...w...w...w...w...w..................................d...d...d...d...d...d...d...d...d...d...d...d...d...d...d...d...d....w...w...w...w...w...w...w..................................d...d...d...d...d...d...d...d...d...d...d...d...d...d...d...d...d....w...w...w...w...w...w...w..................................P...P...P...P...P...P...P...P...T...d...d...d...d...d...d...d...d....w...w...w...w...w...w...w..................................H...H...H...H...H...H...H...H...H...\...d...d...d...d...d...d...d....w...w...w...w...w...w...w...........

                                                                          Chrome Cache Entry: 332

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:ASCII text, with very long lines (63602)
                                                                          Category:dropped
                                                                          Size (bytes):130562
                                                                          Entropy (8bit):5.272399177246052
                                                                          Encrypted:false
                                                                          SSDEEP:1536:Wh8VvaIdNDxIQxI4QAQuBqCELdzQBy0uR6OndkP:Wh8VyIWLdcov4Ondw
                                                                          MD5:527D38A8499757692216AD44E57423CD
                                                                          SHA1:7E8A57695B633543E207A11410FD0464A8939DDE
                                                                          SHA-256:F2016FB6CCF9FB18D7C0828564415E3B47FAFD7845EED4E8F12404CBFD443802
                                                                          SHA-512:FBBA39F21C300AA578742367E5A8DFDB89CEFA3948F081EA0D48101C7B8AE951FD2C4894236A54D00B40511386F66080AC73EBE60FE5AEDFBFB98868F75684A7
                                                                          Malicious:false
                                                                          Preview:/*! For license information please see odsp.react.lib-361c9c69.js.LICENSE.txt */.(self.odspNextWebpackJsonp=self.odspNextWebpackJsonp||[]).push([["odsp.react.lib"],{react_312:function(e){"use strict";var t=Object.getOwnPropertySymbols,n=Object.prototype.hasOwnProperty,a=Object.prototype.propertyIsEnumerable;function i(e){if(null==e)throw new TypeError("Object.assign cannot be called with null or undefined");return Object(e)}e.exports=function(){try{if(!Object.assign)return!1;var e=new String("abc");if(e[5]="de","5"===Object.getOwnPropertyNames(e)[0])return!1;for(var t={},n=0;n<10;n++)t["_"+String.fromCharCode(n)]=n;if("0123456789"!==Object.getOwnPropertyNames(t).map(function(e){return t[e]}).join(""))return!1;var a={};return"abcdefghijklmnopqrst".split("").forEach(function(e){a[e]=e}),"abcdefghijklmnopqrst"===Object.keys(Object.assign({},a)).join("")}catch(e){return!1}}()?Object.assign:function(e,r){for(var o,s,c=i(e),d=1;d<arguments.length;d++){for(var l in o=Object(arguments[d]))n.ca

                                                                          Chrome Cache Entry: 333

                                                                          Download File
                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
                                                                          Category:downloaded
                                                                          Size (bytes):7886
                                                                          Entropy (8bit):3.675002721266739
                                                                          Encrypted:false
                                                                          SSDEEP:96:HOmS/+CtmE8mmmmm08mmmmmtf8mmmmmO8mmmmm+8mmmmmo8mmmmmo8mmmmmSC3on:AGHFk
                                                                          MD5:7A7A4890CAAA77025E1B33A6D6E474EE
                                                                          SHA1:DC735B99D9EF0C76B4A7AEAE8BAA4CBD9551BA77
                                                                          SHA-256:9E1DA5BF715135491519A188CAD977DB6CBA414071E2407B69D63221379D8802
                                                                          SHA-512:291692981A555857F95A3378B511E27B60154B95EA0BA0452B3A5536D9A63A16B00518066E4F4B60E6A73CBD2A7C46B99A18102EA5970989B9736E57A6474D30
                                                                          Malicious:false
                                                                          URL:https://s1-onenote-15.cdn.office.net/o/resources/1033/FavIcon_OneNote.ico
                                                                          Preview:...... .... .....6......... ............... .h...f...(... ...@..... ..........................................................................................................................................................................................................................................................................................................................d...d...d...d...d...d...d...d...d...d...d...d...d...d...d...d...d....w...w...w...w...w...w...w..................................d...d...d...d...d...d...d...d...d...d...d...d...d...d...d...d...d....w...w...w...w...w...w...w..................................d...d...d...d...d...d...d...d...d...d...d...d...d...d...d...d...d....w...w...w...w...w...w...w..................................P...P...P...P...P...P...P...P...T...d...d...d...d...d...d...d...d....w...w...w...w...w...w...w..................................H...H...H...H...H...H...H...H...H...\...d...d...d...d...d...d...d....w...w...w...w...w...w...w...........

                                                                          Static File Info

                                                                          General

                                                                          File type:PDF document, version 1.7, 1 pages
                                                                          Entropy (8bit):7.6224137457354075
                                                                          TrID:
                                                                          • Adobe Portable Document Format (5005/1) 100.00%
                                                                          File name:San Xavier District of the Tohono O#U2019odham Nation.pdf
                                                                          File size:50'244 bytes
                                                                          MD5:e04af1af7f451ca7e8d4fe6c13d2f9fe
                                                                          SHA1:aab9b37a10fc9291c28ef044624d4129e6728f92
                                                                          SHA256:51f056df8dfcde11515753ca915517ce4d76972e6979247d9e0b33c28f8c4afe
                                                                          SHA512:c0abf7dc1a406ed5bd7b154e4abccc72b63fdab3524454cf7d105e962d945eb01c36f80115444d2029229e23c5bdea623e96bc89bd85b438653abefeec934dac
                                                                          SSDEEP:768:y2IDmH9ygQS2zm/qU+28kcwfaSc0j2qVJjF+c/6Bd3/sI80Orph0axXdIVltNVG:rygQlUb8vaaSMCFq/LzcXd21s
                                                                          TLSH:FC33C10389091BC2952D86E87E436E99AF56674CE8C56DEF34AF4E833B507331C0E55E
                                                                          File Content Preview:%PDF-1.7..%......1 0 obj..<</Type/Catalog/Pages 2 0 R/Lang(en) /StructTreeRoot 12 0 R/MarkInfo<</Marked true>>/Metadata 26 0 R/ViewerPreferences 27 0 R>>..endobj..2 0 obj..<</Type/Pages/Count 1/Kids[ 3 0 R] >>..endobj..3 0 obj..<</Type/Page/Parent 2 0 R/A

                                                                          File Icon

                                                                          Icon Hash:62cc8caeb29e8ae0

                                                                          Static PDF Info

                                                                          General

                                                                          Header:%PDF-1.7
                                                                          Total Entropy:7.622414
                                                                          Total Bytes:50244
                                                                          Stream Entropy:7.625383
                                                                          Stream Bytes:46985
                                                                          Entropy outside Streams:5.425987
                                                                          Bytes outside Streams:3259
                                                                          Number of EOF found:2
                                                                          Bytes after EOF:
                                                                          NameCount
                                                                          obj17
                                                                          endobj17
                                                                          stream6
                                                                          endstream6
                                                                          xref2
                                                                          trailer2
                                                                          startxref2
                                                                          /Page1
                                                                          /Encrypt0
                                                                          /ObjStm1
                                                                          /URI2
                                                                          /JS0
                                                                          /JavaScript0
                                                                          /AA0
                                                                          /OpenAction0
                                                                          /AcroForm0
                                                                          /JBIG2Decode0
                                                                          /RichMedia0
                                                                          /Launch0
                                                                          /EmbeddedFile0
                                                                          IDDHASHMD5Preview
                                                                          696e8717169e9e4024617e4548f34da86aba13587d48bec5c

                                                                          Network Behavior

                                                                          Download Network PCAP: filteredfull

                                                                          Network Port Distribution

                                                                          • Total Packets: 358
                                                                          • 443 (HTTPS)
                                                                          • 53 (DNS)
                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                          Aug 27, 2024 20:57:21.906302929 CEST49673443192.168.2.523.1.237.91
                                                                          Aug 27, 2024 20:57:31.502783060 CEST49674443192.168.2.523.1.237.91
                                                                          Aug 27, 2024 20:57:31.533993006 CEST49675443192.168.2.523.1.237.91
                                                                          Aug 27, 2024 20:57:31.534240007 CEST49673443192.168.2.523.1.237.91
                                                                          Aug 27, 2024 20:57:33.266335964 CEST4434970323.1.237.91192.168.2.5
                                                                          Aug 27, 2024 20:57:33.266444921 CEST49703443192.168.2.523.1.237.91
                                                                          Aug 27, 2024 20:57:33.518598080 CEST49712443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:33.518636942 CEST44349712184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:33.518712044 CEST49712443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:33.520347118 CEST49712443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:33.520361900 CEST44349712184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:34.224698067 CEST44349712184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:34.224796057 CEST49712443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:34.228044033 CEST49712443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:34.228053093 CEST44349712184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:34.228290081 CEST44349712184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:34.274589062 CEST49712443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:34.320513010 CEST44349712184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:34.511616945 CEST44349712184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:34.511702061 CEST44349712184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:34.511771917 CEST49712443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:34.511929035 CEST49712443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:34.511948109 CEST44349712184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:34.511959076 CEST49712443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:34.511962891 CEST44349712184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:34.561850071 CEST49713443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:34.561887026 CEST44349713184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:34.561954975 CEST49713443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:34.564672947 CEST49713443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:34.564683914 CEST44349713184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:35.222889900 CEST44349713184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:35.222974062 CEST49713443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:35.226613045 CEST49713443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:35.226624966 CEST44349713184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:35.226874113 CEST44349713184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:35.230602026 CEST49713443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:35.272511005 CEST44349713184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:35.670249939 CEST44349713184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:35.670312881 CEST44349713184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:35.670490026 CEST49713443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:35.671384096 CEST49713443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:35.671400070 CEST44349713184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:35.671433926 CEST49713443192.168.2.5184.28.90.27
                                                                          Aug 27, 2024 20:57:35.671438932 CEST44349713184.28.90.27192.168.2.5
                                                                          Aug 27, 2024 20:57:40.360465050 CEST49716443192.168.2.5104.78.188.188
                                                                          Aug 27, 2024 20:57:40.360485077 CEST44349716104.78.188.188192.168.2.5
                                                                          Aug 27, 2024 20:57:40.360552073 CEST49716443192.168.2.5104.78.188.188
                                                                          Aug 27, 2024 20:57:40.360743046 CEST49716443192.168.2.5104.78.188.188
                                                                          Aug 27, 2024 20:57:40.360760927 CEST44349716104.78.188.188192.168.2.5
                                                                          Aug 27, 2024 20:57:41.063421965 CEST44349716104.78.188.188192.168.2.5
                                                                          Aug 27, 2024 20:57:41.063750029 CEST49716443192.168.2.5104.78.188.188
                                                                          Aug 27, 2024 20:57:41.063760042 CEST44349716104.78.188.188192.168.2.5
                                                                          Aug 27, 2024 20:57:41.064829111 CEST44349716104.78.188.188192.168.2.5
                                                                          Aug 27, 2024 20:57:41.064899921 CEST49716443192.168.2.5104.78.188.188
                                                                          Aug 27, 2024 20:57:41.067017078 CEST49716443192.168.2.5104.78.188.188
                                                                          Aug 27, 2024 20:57:41.067080975 CEST44349716104.78.188.188192.168.2.5
                                                                          Aug 27, 2024 20:57:41.067308903 CEST49716443192.168.2.5104.78.188.188
                                                                          Aug 27, 2024 20:57:41.067316055 CEST44349716104.78.188.188192.168.2.5
                                                                          Aug 27, 2024 20:57:41.119581938 CEST49716443192.168.2.5104.78.188.188
                                                                          Aug 27, 2024 20:57:41.213783979 CEST44349716104.78.188.188192.168.2.5
                                                                          Aug 27, 2024 20:57:41.214437962 CEST49716443192.168.2.5104.78.188.188
                                                                          Aug 27, 2024 20:57:41.214483976 CEST44349716104.78.188.188192.168.2.5
                                                                          Aug 27, 2024 20:57:41.214550018 CEST49716443192.168.2.5104.78.188.188
                                                                          Aug 27, 2024 20:57:41.916644096 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:41.916690111 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:41.916766882 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:41.917741060 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:41.917761087 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:42.636831045 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:42.641763926 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:42.644793987 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:42.644805908 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:42.645036936 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:42.685240984 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:43.384346962 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:43.428500891 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:43.644154072 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:43.644180059 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:43.644188881 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:43.644215107 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:43.644243002 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:43.644260883 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:43.644288063 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:43.644300938 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:43.644300938 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:43.644340992 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:43.645915031 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:43.645997047 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:43.646012068 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:43.646053076 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:44.474808931 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:44.474808931 CEST49718443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:57:44.474837065 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:44.474852085 CEST4434971813.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:57:53.927973032 CEST49724443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:53.928020954 CEST4434972452.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:53.928081036 CEST49724443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:53.929843903 CEST49724443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:53.929857969 CEST4434972452.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:55.806224108 CEST4434972452.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:55.808831930 CEST49724443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:55.808845997 CEST4434972452.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:55.810337067 CEST4434972452.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:55.810393095 CEST49724443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:55.811609983 CEST49724443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:55.811661959 CEST4434972452.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:55.811820984 CEST49724443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:55.852178097 CEST49724443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:55.852189064 CEST4434972452.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:55.899787903 CEST49724443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:56.655219078 CEST4434972452.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:56.655261040 CEST4434972452.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:56.655299902 CEST49724443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:56.655312061 CEST4434972452.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:56.655349016 CEST49724443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:56.655353069 CEST4434972452.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:56.655427933 CEST4434972452.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:56.655498981 CEST49724443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:56.656200886 CEST49724443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:56.656214952 CEST4434972452.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:56.659104109 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:56.659157038 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:56.659225941 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:56.659476995 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:56.659482956 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.482530117 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.483063936 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.483094931 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.483444929 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.483747005 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.483814955 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.484082937 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.484112978 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.811680079 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.811721087 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.811764002 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.811944962 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.811944962 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.811971903 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.865406990 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.897625923 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.897639990 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.897881031 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.897897005 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.898334026 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.898401022 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.898407936 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.899643898 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.899724007 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.899732113 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.901194096 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.901263952 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.901271105 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.902394056 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.902472973 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.902482033 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.950318098 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.985053062 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.985064983 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.985261917 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.985274076 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.986391068 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.986434937 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.986464024 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.986473083 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.986514091 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.987112045 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.987178087 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.987185001 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.988341093 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.988409042 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.988415956 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.989388943 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.989448071 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.989455938 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.990967035 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.991020918 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.991030931 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.991038084 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.991096020 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:57.991101980 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:57.991146088 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:58.071877956 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.072015047 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:58.072026014 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.072715044 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.072869062 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:58.072879076 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.073319912 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.073388100 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:58.073394060 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.075952053 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.076034069 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:58.076041937 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.077367067 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.077447891 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:58.077455997 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.078196049 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.078227997 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.078270912 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:58.078278065 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.078318119 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:58.078353882 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:58.078938007 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.079030991 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.079077959 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:58.079263926 CEST49729443192.168.2.552.107.243.70
                                                                          Aug 27, 2024 20:57:58.079279900 CEST4434972952.107.243.70192.168.2.5
                                                                          Aug 27, 2024 20:57:58.302890062 CEST49734443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:57:58.302949905 CEST44349734142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:57:58.303122044 CEST49734443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:57:58.303246021 CEST49734443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:57:58.303262949 CEST44349734142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:57:59.976619005 CEST44349734142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:57:59.994195938 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:57:59.994263887 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:57:59.994368076 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.028393030 CEST49734443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:58:00.068030119 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.068104982 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:00.068181992 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.078744888 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.078758955 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:00.079055071 CEST49734443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:58:00.079065084 CEST44349734142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:58:00.079426050 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.079435110 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:00.080152035 CEST44349734142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:58:00.080166101 CEST44349734142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:58:00.080209970 CEST49734443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:58:00.084884882 CEST49734443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:58:00.084995985 CEST44349734142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:58:00.126483917 CEST49734443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:58:00.126501083 CEST44349734142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:58:00.182774067 CEST49734443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:58:00.848685026 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:00.849107027 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.849142075 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:00.850200891 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:00.850291967 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.851464987 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.851531982 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:00.851751089 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.851758003 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:00.870937109 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:00.871335983 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.871366978 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:00.872411966 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:00.872493029 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.872802973 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.872855902 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:00.872956991 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.872962952 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:00.902446985 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.917705059 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:00.961941957 CEST5009153192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:58:00.969990015 CEST53500911.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:58:00.970675945 CEST5009153192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:58:00.970707893 CEST5009153192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:58:00.978672028 CEST53500911.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:58:01.434969902 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.435007095 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.435049057 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.435059071 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.435070992 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.435091019 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.435107946 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.435113907 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.435127974 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.435154915 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.436019897 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.436045885 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.436074972 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.436091900 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.436100960 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.436115980 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.436121941 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.436153889 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.436187029 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.443968058 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.443984985 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.444017887 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.444025040 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.444056988 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.444082022 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.444902897 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.444922924 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.444967985 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.444974899 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.445003986 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.445025921 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.453331947 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.453349113 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.453399897 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.453413963 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.453434944 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.453481913 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.454351902 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.454368114 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.454432011 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.454437971 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.454479933 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.458261967 CEST53500911.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:58:01.461296082 CEST5009153192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:58:01.478447914 CEST53500911.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:58:01.478451014 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.478472948 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.478518963 CEST5009153192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:58:01.478544950 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.478553057 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.478610039 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.479862928 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.479880095 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.480007887 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.480015039 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.480066061 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.480948925 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.480967045 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.481035948 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.481043100 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.481082916 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.484149933 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.484183073 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.484220028 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.484226942 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.484256029 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.484272957 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.487061977 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.487083912 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.487132072 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.487138987 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.487165928 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.487185955 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.489814043 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.489831924 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.489867926 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.489872932 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.489901066 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.489918947 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.505538940 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.505563021 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.505623102 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.505641937 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.505692959 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.527137995 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.527159929 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.527229071 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.527239084 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.527286053 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.558182955 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.558206081 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.558262110 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.558270931 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.558299065 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.558310986 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.559524059 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.559541941 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.559607029 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.559613943 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.559673071 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.560955048 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.560976028 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.561045885 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.561053038 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.561096907 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.575109005 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.575139999 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.575181007 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.575187922 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.575218916 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.575248957 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.575862885 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.575895071 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.575930119 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.575933933 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.575964928 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.575988054 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.575989962 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.576033115 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.576335907 CEST49737443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.576350927 CEST4434973720.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.595725060 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.595774889 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.595792055 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.595802069 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.595838070 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.596714973 CEST49738443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.596723080 CEST4434973820.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.658907890 CEST50093443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.658957005 CEST4435009320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:01.659034014 CEST50093443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.659264088 CEST50093443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:01.659281015 CEST4435009320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:02.507397890 CEST4435009320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:02.551392078 CEST50093443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:02.619904041 CEST50093443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:02.619920015 CEST4435009320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:02.620856047 CEST4435009320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:02.631803989 CEST50093443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:02.631911039 CEST4435009320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:02.678910017 CEST50093443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:05.118310928 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:05.118341923 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:05.118444920 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:05.119817972 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:05.119832993 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:05.920707941 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:05.920969009 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:05.920977116 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:05.921945095 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:05.922008991 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:05.923059940 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:05.923115015 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:05.923342943 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:05.923347950 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:05.965593100 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.379456043 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.379487038 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.379520893 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.379534960 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.379539967 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.379554987 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.379568100 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.379615068 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.379633904 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.435657024 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.435688019 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.435832977 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.435853958 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.435926914 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.473278046 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.473304033 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.473378897 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.473391056 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.473464012 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.532027006 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.532043934 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.532155037 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.532165051 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.532212019 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.535315037 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.535331964 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.535407066 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.535414934 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.535485029 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.538661003 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.538681984 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.538748026 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.538754940 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.538815022 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.837843895 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.837861061 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.837933064 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.837946892 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.837990046 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.839639902 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.839657068 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.839711905 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.839719057 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.839762926 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.841506958 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.841552973 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.841588020 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.841597080 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.841607094 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:06.841658115 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.841691017 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.842001915 CEST50114443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:06.842012882 CEST4435011420.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:07.161510944 CEST4435009320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:07.161556005 CEST4435009320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:07.162626982 CEST50093443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:07.229301929 CEST50093443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:07.229336023 CEST4435009320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:08.340627909 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:08.340666056 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:08.340734959 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:08.341690063 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:08.341705084 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:08.905659914 CEST44349734142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:58:08.905734062 CEST44349734142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:58:08.905790091 CEST49734443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:58:09.154397011 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.154655933 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.154666901 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.155654907 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.155720949 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.156013012 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.156068087 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.156177998 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.156183958 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.197787046 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.387305975 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.387331963 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.387372017 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.387387991 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.387401104 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.387413025 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.387439966 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.387454987 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.387486935 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.440331936 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.440357924 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.440423965 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.440448999 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.440496922 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.483130932 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.483145952 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.483249903 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.483268976 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.483319998 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.531721115 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.531783104 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.531805038 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.531829119 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.531845093 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.531874895 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.534811974 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.534827948 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.534895897 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.534926891 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.534980059 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.539822102 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.539869070 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.539906025 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.539933920 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.539951086 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.539975882 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.577224970 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.577239990 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.577307940 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.577330112 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.577372074 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.615449905 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.615468025 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.615551949 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.615581036 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.615631104 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.617415905 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.617464066 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.617505074 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.617505074 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.617547989 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.617953062 CEST50133443192.168.2.520.140.56.69
                                                                          Aug 27, 2024 20:58:09.617969990 CEST4435013320.140.56.69192.168.2.5
                                                                          Aug 27, 2024 20:58:09.668091059 CEST49734443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:58:09.668118954 CEST44349734142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:58:13.147145987 CEST49703443192.168.2.523.1.237.91
                                                                          Aug 27, 2024 20:58:13.147779942 CEST49703443192.168.2.523.1.237.91
                                                                          Aug 27, 2024 20:58:13.148468018 CEST50143443192.168.2.523.1.237.91
                                                                          Aug 27, 2024 20:58:13.148516893 CEST4435014323.1.237.91192.168.2.5
                                                                          Aug 27, 2024 20:58:13.148596048 CEST50143443192.168.2.523.1.237.91
                                                                          Aug 27, 2024 20:58:13.149017096 CEST50143443192.168.2.523.1.237.91
                                                                          Aug 27, 2024 20:58:13.149034023 CEST4435014323.1.237.91192.168.2.5
                                                                          Aug 27, 2024 20:58:13.152379990 CEST4434970323.1.237.91192.168.2.5
                                                                          Aug 27, 2024 20:58:13.153357029 CEST4434970323.1.237.91192.168.2.5
                                                                          Aug 27, 2024 20:58:13.762670994 CEST4435014323.1.237.91192.168.2.5
                                                                          Aug 27, 2024 20:58:13.762748957 CEST50143443192.168.2.523.1.237.91
                                                                          Aug 27, 2024 20:58:20.871025085 CEST50146443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:58:20.871062040 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:20.871232986 CEST50146443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:58:20.871593952 CEST50146443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:58:20.871608019 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:21.566561937 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:21.566755056 CEST50146443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:58:21.571486950 CEST50146443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:58:21.571501017 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:21.571784973 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:21.583528042 CEST50146443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:58:21.628494024 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:21.838042974 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:21.838068008 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:21.838083029 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:21.838212013 CEST50146443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:58:21.838228941 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:21.838277102 CEST50146443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:58:21.842092037 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:21.842138052 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:21.842184067 CEST50146443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:58:21.842191935 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:21.842205048 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:21.842221975 CEST50146443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:58:21.842240095 CEST50146443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:58:21.842714071 CEST50146443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:58:21.842725992 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:21.842755079 CEST50146443192.168.2.513.85.23.86
                                                                          Aug 27, 2024 20:58:21.842760086 CEST4435014613.85.23.86192.168.2.5
                                                                          Aug 27, 2024 20:58:32.915798903 CEST4435014323.1.237.91192.168.2.5
                                                                          Aug 27, 2024 20:58:32.915962934 CEST50143443192.168.2.523.1.237.91
                                                                          Aug 27, 2024 20:58:58.347373009 CEST50158443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:58:58.347410917 CEST44350158142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:58:58.347598076 CEST50158443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:58:58.348011971 CEST50158443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:58:58.348023891 CEST44350158142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:58:59.001758099 CEST44350158142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:58:59.002146006 CEST50158443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:58:59.002182007 CEST44350158142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:58:59.002531052 CEST44350158142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:58:59.002832890 CEST50158443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:58:59.002907038 CEST44350158142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:58:59.046035051 CEST50158443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:59:01.679395914 CEST5015953192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:01.684825897 CEST53501591.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:59:01.684921980 CEST5015953192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:01.685000896 CEST5015953192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:01.685020924 CEST5015953192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:01.690010071 CEST53501591.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:59:01.691107035 CEST53501591.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:59:02.155606985 CEST53501591.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:59:02.156220913 CEST5015953192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:02.161492109 CEST53501591.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:59:02.161596060 CEST5015953192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:08.916649103 CEST44350158142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:59:08.916723967 CEST44350158142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:59:08.916862965 CEST50158443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:59:10.141801119 CEST50158443192.168.2.5142.250.185.164
                                                                          Aug 27, 2024 20:59:10.141834974 CEST44350158142.250.185.164192.168.2.5
                                                                          Aug 27, 2024 20:59:58.412744045 CEST50170443192.168.2.5142.250.186.132
                                                                          Aug 27, 2024 20:59:58.412781000 CEST44350170142.250.186.132192.168.2.5
                                                                          Aug 27, 2024 20:59:58.412915945 CEST50170443192.168.2.5142.250.186.132
                                                                          Aug 27, 2024 20:59:58.413286924 CEST50170443192.168.2.5142.250.186.132
                                                                          Aug 27, 2024 20:59:58.413305998 CEST44350170142.250.186.132192.168.2.5
                                                                          Aug 27, 2024 20:59:59.051280975 CEST44350170142.250.186.132192.168.2.5
                                                                          Aug 27, 2024 20:59:59.051778078 CEST50170443192.168.2.5142.250.186.132
                                                                          Aug 27, 2024 20:59:59.051788092 CEST44350170142.250.186.132192.168.2.5
                                                                          Aug 27, 2024 20:59:59.052320004 CEST44350170142.250.186.132192.168.2.5
                                                                          Aug 27, 2024 20:59:59.052681923 CEST50170443192.168.2.5142.250.186.132
                                                                          Aug 27, 2024 20:59:59.052746058 CEST44350170142.250.186.132192.168.2.5
                                                                          Aug 27, 2024 20:59:59.105746031 CEST50170443192.168.2.5142.250.186.132
                                                                          Aug 27, 2024 21:00:08.964780092 CEST44350170142.250.186.132192.168.2.5
                                                                          Aug 27, 2024 21:00:08.964849949 CEST44350170142.250.186.132192.168.2.5
                                                                          Aug 27, 2024 21:00:08.964921951 CEST50170443192.168.2.5142.250.186.132
                                                                          Aug 27, 2024 21:00:10.134459972 CEST50170443192.168.2.5142.250.186.132
                                                                          Aug 27, 2024 21:00:10.134485960 CEST44350170142.250.186.132192.168.2.5
                                                                          Aug 27, 2024 21:00:33.074892044 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:33.074938059 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:33.075078011 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:33.075355053 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:33.075366020 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:33.952312946 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:33.952624083 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:33.952651978 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:33.952979088 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:33.953334093 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:33.953386068 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:33.953519106 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:33.996503115 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.629686117 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.629714012 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.629729033 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.629787922 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:34.629813910 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.629858971 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:34.655303001 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.655338049 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.655388117 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:34.655405045 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.655442953 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:34.655458927 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:34.720621109 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.720643044 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.720716000 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:34.720733881 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.720788956 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:34.745326042 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.745347023 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.745414972 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:34.745424986 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.745467901 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:34.746630907 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.746680021 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.746716022 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:34.746723890 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.746736050 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:34.746752977 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:34.746803045 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:34.747136116 CEST50175443192.168.2.520.141.12.34
                                                                          Aug 27, 2024 21:00:34.747152090 CEST4435017520.141.12.34192.168.2.5
                                                                          Aug 27, 2024 21:00:36.444418907 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:36.444463968 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:36.444580078 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:36.444873095 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:36.444888115 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:37.547094107 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:37.547415018 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:37.547429085 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:37.547764063 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:37.548085928 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:37.548142910 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:37.548227072 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:37.592504025 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:37.598284006 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.272068024 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.272098064 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.272138119 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.272156000 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.272173882 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.272191048 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.272205114 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.272241116 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.272277117 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.298711061 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.298733950 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.298783064 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.298791885 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.298837900 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.298837900 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.369857073 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.369889021 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.369987965 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.369997978 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.370038033 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.370049000 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.396092892 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.396119118 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.396214008 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.396214008 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.396222115 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.396857977 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.396899939 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.396922112 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.396929026 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.396945000 CEST4435017920.140.151.75192.168.2.5
                                                                          Aug 27, 2024 21:00:38.396960974 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.396960974 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.397001028 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.416616917 CEST50179443192.168.2.520.140.151.75
                                                                          Aug 27, 2024 21:00:38.416635990 CEST4435017920.140.151.75192.168.2.5
                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                          Aug 27, 2024 20:57:53.681799889 CEST5371553192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:57:53.681936979 CEST6085353192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:57:53.780936003 CEST53635801.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:57:53.781358004 CEST53493171.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:57:55.863356113 CEST53494491.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:57:58.292660952 CEST5715553192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:57:58.292932034 CEST5753653192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:57:58.301897049 CEST53571551.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:57:58.301913023 CEST53575361.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:57:58.520236969 CEST53522291.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:58:00.961445093 CEST53647531.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:58:01.643121004 CEST5814453192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:58:01.643265009 CEST4946353192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:58:01.665559053 CEST53494631.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:58:01.822829008 CEST5255153192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:58:01.823009014 CEST6533653192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:58:32.417428970 CEST5051753192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:58:32.417742968 CEST6236453192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:58:32.439389944 CEST53623641.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:58:53.508318901 CEST53552211.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:59:01.678874016 CEST53549731.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:59:01.825416088 CEST5220553192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:01.825901031 CEST5798153192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:01.827791929 CEST6211953192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:01.827964067 CEST5846353192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:01.828280926 CEST6257753192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:01.828422070 CEST5868053192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:02.781689882 CEST5676653192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:02.781824112 CEST5015053192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:58.404367924 CEST5576453192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:58.404544115 CEST6186553192.168.2.51.1.1.1
                                                                          Aug 27, 2024 20:59:58.411170006 CEST53557641.1.1.1192.168.2.5
                                                                          Aug 27, 2024 20:59:58.411396027 CEST53618651.1.1.1192.168.2.5
                                                                          Aug 27, 2024 21:00:02.970319986 CEST5380153192.168.2.51.1.1.1
                                                                          Aug 27, 2024 21:00:02.970917940 CEST4975553192.168.2.51.1.1.1
                                                                          Aug 27, 2024 21:00:32.049576044 CEST5208853192.168.2.51.1.1.1
                                                                          Aug 27, 2024 21:00:32.049959898 CEST6356053192.168.2.51.1.1.1
                                                                          Aug 27, 2024 21:00:32.771748066 CEST53635601.1.1.1192.168.2.5
                                                                          TimestampSource IPDest IPChecksumCodeType
                                                                          Aug 27, 2024 20:57:58.124574900 CEST192.168.2.51.1.1.1c283(Port unreachable)Destination Unreachable
                                                                          Aug 27, 2024 20:58:00.468868971 CEST192.168.2.51.1.1.1c2a4(Port unreachable)Destination Unreachable
                                                                          Aug 27, 2024 20:58:03.830136061 CEST192.168.2.51.1.1.1c285(Port unreachable)Destination Unreachable
                                                                          Aug 27, 2024 20:58:04.708780050 CEST192.168.2.51.1.1.1c285(Port unreachable)Destination Unreachable
                                                                          Aug 27, 2024 20:58:06.377238989 CEST192.168.2.51.1.1.1c2e6(Port unreachable)Destination Unreachable
                                                                          Aug 27, 2024 20:58:08.897598982 CEST192.168.2.51.1.1.1c2e7(Port unreachable)Destination Unreachable
                                                                          Aug 27, 2024 20:59:01.859405041 CEST192.168.2.51.1.1.1c28a(Port unreachable)Destination Unreachable
                                                                          Aug 27, 2024 21:00:34.016540051 CEST192.168.2.51.1.1.1c2e6(Port unreachable)Destination Unreachable
                                                                          Aug 27, 2024 21:00:36.761182070 CEST192.168.2.51.1.1.1c330(Port unreachable)Destination Unreachable
                                                                          Aug 27, 2024 21:00:37.889528990 CEST192.168.2.51.1.1.1c2e6(Port unreachable)Destination Unreachable

                                                                          DNS Queries

                                                                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                          Aug 27, 2024 20:57:53.681799889 CEST192.168.2.51.1.1.10xc429Standard query (0)baycitymi-my.sharepoint.comA (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.681936979 CEST192.168.2.51.1.1.10xcb7Standard query (0)baycitymi-my.sharepoint.com65IN (0x0001)false
                                                                          Aug 27, 2024 20:57:58.292660952 CEST192.168.2.51.1.1.10xd8eStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:58.292932034 CEST192.168.2.51.1.1.10x19f8Standard query (0)www.google.com65IN (0x0001)false
                                                                          Aug 27, 2024 20:58:01.643121004 CEST192.168.2.51.1.1.10xf03cStandard query (0)gbc-common.online.office.comA (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:01.643265009 CEST192.168.2.51.1.1.10xb291Standard query (0)gbc-common.online.office.com65IN (0x0001)false
                                                                          Aug 27, 2024 20:58:01.822829008 CEST192.168.2.51.1.1.10x876Standard query (0)m365cdn.nel.measure.office.netA (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:01.823009014 CEST192.168.2.51.1.1.10x547eStandard query (0)m365cdn.nel.measure.office.net65IN (0x0001)false
                                                                          Aug 27, 2024 20:58:32.417428970 CEST192.168.2.51.1.1.10x33b1Standard query (0)gbc-common.online.office.comA (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:32.417742968 CEST192.168.2.51.1.1.10xe90aStandard query (0)gbc-common.online.office.com65IN (0x0001)false
                                                                          Aug 27, 2024 20:59:01.825416088 CEST192.168.2.51.1.1.10x4aaaStandard query (0)onenoteonline.nel.measure.office.netA (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:01.825901031 CEST192.168.2.51.1.1.10x94e1Standard query (0)onenoteonline.nel.measure.office.net65IN (0x0001)false
                                                                          Aug 27, 2024 20:59:01.827791929 CEST192.168.2.51.1.1.10x50dStandard query (0)m365cdn.nel.measure.office.netA (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:01.827964067 CEST192.168.2.51.1.1.10xcddcStandard query (0)m365cdn.nel.measure.office.net65IN (0x0001)false
                                                                          Aug 27, 2024 20:59:01.828280926 CEST192.168.2.51.1.1.10xb320Standard query (0)onenoteonline.nel.measure.office.netA (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:01.828422070 CEST192.168.2.51.1.1.10x6b54Standard query (0)onenoteonline.nel.measure.office.net65IN (0x0001)false
                                                                          Aug 27, 2024 20:59:02.781689882 CEST192.168.2.51.1.1.10xf8b3Standard query (0)m365cdn.nel.measure.office.netA (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:02.781824112 CEST192.168.2.51.1.1.10x852fStandard query (0)m365cdn.nel.measure.office.net65IN (0x0001)false
                                                                          Aug 27, 2024 20:59:58.404367924 CEST192.168.2.51.1.1.10x8499Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:58.404544115 CEST192.168.2.51.1.1.10xa0cfStandard query (0)www.google.com65IN (0x0001)false
                                                                          Aug 27, 2024 21:00:02.970319986 CEST192.168.2.51.1.1.10x4769Standard query (0)m365cdn.nel.measure.office.netA (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:02.970917940 CEST192.168.2.51.1.1.10xcb4Standard query (0)m365cdn.nel.measure.office.net65IN (0x0001)false
                                                                          Aug 27, 2024 21:00:32.049576044 CEST192.168.2.51.1.1.10xc245Standard query (0)gbc-common.online.office.comA (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:32.049959898 CEST192.168.2.51.1.1.10xc153Standard query (0)gbc-common.online.office.com65IN (0x0001)false

                                                                          DNS Answers

                                                                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                          Aug 27, 2024 20:57:53.831085920 CEST1.1.1.1192.168.2.50xc429No error (0)baycitymi-my.sharepoint.combaycitymi.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.831085920 CEST1.1.1.1192.168.2.50xc429No error (0)baycitymi.sharepoint.com14259-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.831085920 CEST1.1.1.1192.168.2.50xc429No error (0)14259-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com192327-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.831085920 CEST1.1.1.1192.168.2.50xc429No error (0)192327-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com192327-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.831085920 CEST1.1.1.1192.168.2.50xc429No error (0)mira-ssc.tm-4.office.com52.107.243.70A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.831085920 CEST1.1.1.1192.168.2.50xc429No error (0)mira-ssc.tm-4.office.com52.107.243.75A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.831085920 CEST1.1.1.1192.168.2.50xc429No error (0)mira-ssc.tm-4.office.com52.107.243.199A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.831085920 CEST1.1.1.1192.168.2.50xc429No error (0)mira-ssc.tm-4.office.com52.107.243.192A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.831085920 CEST1.1.1.1192.168.2.50xc429No error (0)mira-ssc.tm-4.office.com52.107.243.77A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.831085920 CEST1.1.1.1192.168.2.50xc429No error (0)mira-ssc.tm-4.office.com52.107.243.198A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.831085920 CEST1.1.1.1192.168.2.50xc429No error (0)mira-ssc.tm-4.office.com52.107.243.76A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.831085920 CEST1.1.1.1192.168.2.50xc429No error (0)mira-ssc.tm-4.office.com52.107.243.81A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.834223986 CEST1.1.1.1192.168.2.50xcb7No error (0)baycitymi-my.sharepoint.combaycitymi.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.834223986 CEST1.1.1.1192.168.2.50xcb7No error (0)baycitymi.sharepoint.com14259-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.834223986 CEST1.1.1.1192.168.2.50xcb7No error (0)14259-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com192327-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:53.834223986 CEST1.1.1.1192.168.2.50xcb7No error (0)192327-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com192327-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:58.082184076 CEST1.1.1.1192.168.2.50x4d3dNo error (0)res-gcc.usgovtrafficmanager.netres-2-gcc.cdn.office.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:58.301897049 CEST1.1.1.1192.168.2.50xd8eNo error (0)www.google.com142.250.185.164A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:58.301913023 CEST1.1.1.1192.168.2.50x19f8No error (0)www.google.com65IN (0x0001)false
                                                                          Aug 27, 2024 20:57:59.971261978 CEST1.1.1.1192.168.2.50x48f7No error (0)res-gcc.usgovtrafficmanager.netres-1-gcc.cdn.office.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:59.971261978 CEST1.1.1.1192.168.2.50x48f7No error (0)res-1-gcc-cdn.azureedge.usres-1-gcc-cdn.afd.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:59.971261978 CEST1.1.1.1192.168.2.50x48f7No error (0)res-1-gcc-cdn.afd.azureedge.usafd.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:59.971261978 CEST1.1.1.1192.168.2.50x48f7No error (0)afd.msedge.azure.ust-0001.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:59.971261978 CEST1.1.1.1192.168.2.50x48f7No error (0)t-0001.msedge.azure.useafd-3p-profile.usgovtrafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:59.971261978 CEST1.1.1.1192.168.2.50x48f7No error (0)eafd-3p-profile.usgovtrafficmanager.neteafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:57:59.971261978 CEST1.1.1.1192.168.2.50x48f7No error (0)eafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.us20.140.56.69A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:00.468158007 CEST1.1.1.1192.168.2.50x9429No error (0)res-gcc.usgovtrafficmanager.netres-2-gcc.cdn.office.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:01.665559053 CEST1.1.1.1192.168.2.50xb291No error (0)gbc-common.online.office.comgbc-common.officeapplf.live.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:01.666655064 CEST1.1.1.1192.168.2.50xf03cNo error (0)gbc-common.online.office.comgbc-common.officeapplf.live.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:01.702960968 CEST1.1.1.1192.168.2.50x960bNo error (0)res-gcc.usgovtrafficmanager.netres-2-gcc.cdn.office.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:01.717430115 CEST1.1.1.1192.168.2.50x5840No error (0)res-gcc.usgovtrafficmanager.netres-2-gcc.cdn.office.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:01.834620953 CEST1.1.1.1192.168.2.50x547eNo error (0)m365cdn.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:01.836365938 CEST1.1.1.1192.168.2.50x876No error (0)m365cdn.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:04.701327085 CEST1.1.1.1192.168.2.50x5d0dNo error (0)res-1-gcc-cdn.azureedge.usres-1-gcc-cdn.afd.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:04.701327085 CEST1.1.1.1192.168.2.50x5d0dNo error (0)res-1-gcc-cdn.afd.azureedge.usafd.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:04.701327085 CEST1.1.1.1192.168.2.50x5d0dNo error (0)afd.msedge.azure.ust-0001.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:04.701327085 CEST1.1.1.1192.168.2.50x5d0dNo error (0)t-0001.msedge.azure.useafd-3p-profile.usgovtrafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:04.701327085 CEST1.1.1.1192.168.2.50x5d0dNo error (0)eafd-3p-profile.usgovtrafficmanager.neteafd-ffgov-snr9b2-roxy-default-sni.aksroxy.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:05.115298986 CEST1.1.1.1192.168.2.50x58edNo error (0)res-1-gcc-cdn.azureedge.usres-1-gcc-cdn.afd.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:05.115298986 CEST1.1.1.1192.168.2.50x58edNo error (0)res-1-gcc-cdn.afd.azureedge.usafd.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:05.115298986 CEST1.1.1.1192.168.2.50x58edNo error (0)afd.msedge.azure.ust-0001.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:05.115298986 CEST1.1.1.1192.168.2.50x58edNo error (0)t-0001.msedge.azure.useafd-3p-profile.usgovtrafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:05.115298986 CEST1.1.1.1192.168.2.50x58edNo error (0)eafd-3p-profile.usgovtrafficmanager.neteafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:05.115298986 CEST1.1.1.1192.168.2.50x58edNo error (0)eafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.us20.140.56.69A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:06.377160072 CEST1.1.1.1192.168.2.50x4021No error (0)res-1-gcc-cdn.azureedge.usres-1-gcc-cdn.afd.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:06.377160072 CEST1.1.1.1192.168.2.50x4021No error (0)res-1-gcc-cdn.afd.azureedge.usafd.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:06.377160072 CEST1.1.1.1192.168.2.50x4021No error (0)afd.msedge.azure.ust-0001.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:06.377160072 CEST1.1.1.1192.168.2.50x4021No error (0)t-0001.msedge.azure.useafd-3p-profile.usgovtrafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:06.377160072 CEST1.1.1.1192.168.2.50x4021No error (0)eafd-3p-profile.usgovtrafficmanager.neteafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:06.377160072 CEST1.1.1.1192.168.2.50x4021No error (0)eafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.us20.140.56.69A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:07.951622963 CEST1.1.1.1192.168.2.50xb3aaNo error (0)res-1-gcc-cdn.azureedge.usres-1-gcc-cdn.afd.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:07.951622963 CEST1.1.1.1192.168.2.50xb3aaNo error (0)res-1-gcc-cdn.afd.azureedge.usafd.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:07.951622963 CEST1.1.1.1192.168.2.50xb3aaNo error (0)afd.msedge.azure.ust-0001.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:07.951622963 CEST1.1.1.1192.168.2.50xb3aaNo error (0)t-0001.msedge.azure.useafd-3p-profile.usgovtrafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:07.951622963 CEST1.1.1.1192.168.2.50xb3aaNo error (0)eafd-3p-profile.usgovtrafficmanager.neteafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:08.340028048 CEST1.1.1.1192.168.2.50x8d7No error (0)res-1-gcc-cdn.azureedge.usres-1-gcc-cdn.afd.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:08.340028048 CEST1.1.1.1192.168.2.50x8d7No error (0)res-1-gcc-cdn.afd.azureedge.usafd.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:08.340028048 CEST1.1.1.1192.168.2.50x8d7No error (0)afd.msedge.azure.ust-0001.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:08.340028048 CEST1.1.1.1192.168.2.50x8d7No error (0)t-0001.msedge.azure.useafd-3p-profile.usgovtrafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:08.340028048 CEST1.1.1.1192.168.2.50x8d7No error (0)eafd-3p-profile.usgovtrafficmanager.neteafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:08.340028048 CEST1.1.1.1192.168.2.50x8d7No error (0)eafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.us20.140.56.69A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:08.897532940 CEST1.1.1.1192.168.2.50xcc3cNo error (0)res-1-gcc-cdn.azureedge.usres-1-gcc-cdn.afd.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:08.897532940 CEST1.1.1.1192.168.2.50xcc3cNo error (0)res-1-gcc-cdn.afd.azureedge.usafd.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:08.897532940 CEST1.1.1.1192.168.2.50xcc3cNo error (0)afd.msedge.azure.ust-0001.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:08.897532940 CEST1.1.1.1192.168.2.50xcc3cNo error (0)t-0001.msedge.azure.useafd-3p-profile.usgovtrafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:08.897532940 CEST1.1.1.1192.168.2.50xcc3cNo error (0)eafd-3p-profile.usgovtrafficmanager.neteafd-ffgov-phxr9b1-roxy-default-sni.aksroxy.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:08.897532940 CEST1.1.1.1192.168.2.50xcc3cNo error (0)eafd-ffgov-phxr9b1-roxy-default-sni.aksroxy.azureedge.us20.141.12.34A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:32.435261011 CEST1.1.1.1192.168.2.50x33b1No error (0)gbc-common.online.office.comgbc-common.officeapplf.live.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:58:32.439389944 CEST1.1.1.1192.168.2.50xe90aNo error (0)gbc-common.online.office.comgbc-common.officeapplf.live.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:01.836915970 CEST1.1.1.1192.168.2.50xcddcNo error (0)m365cdn.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:01.837052107 CEST1.1.1.1192.168.2.50x50dNo error (0)m365cdn.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:01.839389086 CEST1.1.1.1192.168.2.50x4aaaNo error (0)onenoteonline.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:01.839766026 CEST1.1.1.1192.168.2.50xb320No error (0)onenoteonline.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:01.850771904 CEST1.1.1.1192.168.2.50x6b54No error (0)onenoteonline.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:01.859291077 CEST1.1.1.1192.168.2.50x94e1No error (0)onenoteonline.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:02.795749903 CEST1.1.1.1192.168.2.50x852fNo error (0)m365cdn.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:02.796093941 CEST1.1.1.1192.168.2.50xf8b3No error (0)m365cdn.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:58.411170006 CEST1.1.1.1192.168.2.50x8499No error (0)www.google.com142.250.186.132A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 20:59:58.411396027 CEST1.1.1.1192.168.2.50xa0cfNo error (0)www.google.com65IN (0x0001)false
                                                                          Aug 27, 2024 21:00:02.985380888 CEST1.1.1.1192.168.2.50xcb4No error (0)m365cdn.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:02.986233950 CEST1.1.1.1192.168.2.50x4769No error (0)m365cdn.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:32.753326893 CEST1.1.1.1192.168.2.50x5cc9No error (0)res-1-gcc-cdn.azureedge.usres-1-gcc-cdn.afd.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:32.753326893 CEST1.1.1.1192.168.2.50x5cc9No error (0)res-1-gcc-cdn.afd.azureedge.usafd.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:32.753326893 CEST1.1.1.1192.168.2.50x5cc9No error (0)afd.msedge.azure.ust-0001.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:32.753326893 CEST1.1.1.1192.168.2.50x5cc9No error (0)t-0001.msedge.azure.useafd-3p-profile.usgovtrafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:32.753326893 CEST1.1.1.1192.168.2.50x5cc9No error (0)eafd-3p-profile.usgovtrafficmanager.neteafd-ffgov-bnr9b2-roxy-default-sni.aksroxy.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:32.771748066 CEST1.1.1.1192.168.2.50xc153No error (0)gbc-common.online.office.comgbc-common.officeapplf.live.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:32.783298969 CEST1.1.1.1192.168.2.50xc245No error (0)gbc-common.online.office.comgbc-common.officeapplf.live.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:33.074117899 CEST1.1.1.1192.168.2.50xcd63No error (0)res-1-gcc-cdn.azureedge.usres-1-gcc-cdn.afd.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:33.074117899 CEST1.1.1.1192.168.2.50xcd63No error (0)res-1-gcc-cdn.afd.azureedge.usafd.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:33.074117899 CEST1.1.1.1192.168.2.50xcd63No error (0)afd.msedge.azure.ust-0001.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:33.074117899 CEST1.1.1.1192.168.2.50xcd63No error (0)t-0001.msedge.azure.useafd-3p-profile.usgovtrafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:33.074117899 CEST1.1.1.1192.168.2.50xcd63No error (0)eafd-3p-profile.usgovtrafficmanager.neteafd-ffgov-phxr9b1-roxy-default-sni.aksroxy.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:33.074117899 CEST1.1.1.1192.168.2.50xcd63No error (0)eafd-ffgov-phxr9b1-roxy-default-sni.aksroxy.azureedge.us20.141.12.34A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:34.016448975 CEST1.1.1.1192.168.2.50x5c77No error (0)res-1-gcc-cdn.azureedge.usres-1-gcc-cdn.afd.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:34.016448975 CEST1.1.1.1192.168.2.50x5c77No error (0)res-1-gcc-cdn.afd.azureedge.usafd.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:34.016448975 CEST1.1.1.1192.168.2.50x5c77No error (0)afd.msedge.azure.ust-0001.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:34.016448975 CEST1.1.1.1192.168.2.50x5c77No error (0)t-0001.msedge.azure.useafd-3p-profile.usgovtrafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:34.016448975 CEST1.1.1.1192.168.2.50x5c77No error (0)eafd-3p-profile.usgovtrafficmanager.neteafd-ffgov-snr9b2-roxy-default-sni.aksroxy.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:34.016448975 CEST1.1.1.1192.168.2.50x5c77No error (0)eafd-ffgov-snr9b2-roxy-default-sni.aksroxy.azureedge.us20.140.151.75A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.397619009 CEST1.1.1.1192.168.2.50x6de6No error (0)res-1-gcc-cdn.azureedge.usres-1-gcc-cdn.afd.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.397619009 CEST1.1.1.1192.168.2.50x6de6No error (0)res-1-gcc-cdn.afd.azureedge.usafd.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.397619009 CEST1.1.1.1192.168.2.50x6de6No error (0)afd.msedge.azure.ust-0001.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.397619009 CEST1.1.1.1192.168.2.50x6de6No error (0)t-0001.msedge.azure.useafd-3p-profile.usgovtrafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.397619009 CEST1.1.1.1192.168.2.50x6de6No error (0)eafd-3p-profile.usgovtrafficmanager.neteafd-ffgov-phxr9b1-roxy-default-sni.aksroxy.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.443764925 CEST1.1.1.1192.168.2.50xdd9cNo error (0)res-1-gcc-cdn.azureedge.usres-1-gcc-cdn.afd.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.443764925 CEST1.1.1.1192.168.2.50xdd9cNo error (0)res-1-gcc-cdn.afd.azureedge.usafd.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.443764925 CEST1.1.1.1192.168.2.50xdd9cNo error (0)afd.msedge.azure.ust-0001.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.443764925 CEST1.1.1.1192.168.2.50xdd9cNo error (0)t-0001.msedge.azure.useafd-3p-profile.usgovtrafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.443764925 CEST1.1.1.1192.168.2.50xdd9cNo error (0)eafd-3p-profile.usgovtrafficmanager.neteafd-ffgov-snr9b2-roxy-default-sni.aksroxy.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.443764925 CEST1.1.1.1192.168.2.50xdd9cNo error (0)eafd-ffgov-snr9b2-roxy-default-sni.aksroxy.azureedge.us20.140.151.75A (IP address)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.761084080 CEST1.1.1.1192.168.2.50xfd9No error (0)res-1-gcc-cdn.azureedge.usres-1-gcc-cdn.afd.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.761084080 CEST1.1.1.1192.168.2.50xfd9No error (0)res-1-gcc-cdn.afd.azureedge.usafd.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.761084080 CEST1.1.1.1192.168.2.50xfd9No error (0)afd.msedge.azure.ust-0001.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.761084080 CEST1.1.1.1192.168.2.50xfd9No error (0)t-0001.msedge.azure.useafd-3p-profile.usgovtrafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:36.761084080 CEST1.1.1.1192.168.2.50xfd9No error (0)eafd-3p-profile.usgovtrafficmanager.neteafd-ffgov-phxr9b1-roxy-default-sni.aksroxy.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:37.889442921 CEST1.1.1.1192.168.2.50xbd0eNo error (0)res-1-gcc-cdn.azureedge.usres-1-gcc-cdn.afd.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:37.889442921 CEST1.1.1.1192.168.2.50xbd0eNo error (0)res-1-gcc-cdn.afd.azureedge.usafd.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:37.889442921 CEST1.1.1.1192.168.2.50xbd0eNo error (0)afd.msedge.azure.ust-0001.msedge.azure.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:37.889442921 CEST1.1.1.1192.168.2.50xbd0eNo error (0)t-0001.msedge.azure.useafd-3p-profile.usgovtrafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:37.889442921 CEST1.1.1.1192.168.2.50xbd0eNo error (0)eafd-3p-profile.usgovtrafficmanager.neteafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.usCNAME (Canonical name)IN (0x0001)false
                                                                          Aug 27, 2024 21:00:37.889442921 CEST1.1.1.1192.168.2.50xbd0eNo error (0)eafd-ffgov-snr9b1-roxy-default-sni.aksroxy.azureedge.us20.140.56.69A (IP address)IN (0x0001)false

                                                                          HTTP Request Dependency Graph

                                                                          • fs.microsoft.com
                                                                          • armmf.adobe.com
                                                                          • slscr.update.microsoft.com
                                                                          • baycitymi-my.sharepoint.com
                                                                          • https:
                                                                            • wise.gcc.cdn.office.net
                                                                            • res-1-gcc.cdn.office.net

                                                                          HTTPS Proxied Packets

                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                          0192.168.2.549712184.28.90.27443
                                                                          TimestampBytes transferredDirectionData
                                                                          2024-08-27 18:57:34 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                          Connection: Keep-Alive
                                                                          Accept: */*
                                                                          Accept-Encoding: identity
                                                                          User-Agent: Microsoft BITS/7.8
                                                                          Host: fs.microsoft.com
                                                                          2024-08-27 18:57:34 UTC466INHTTP/1.1 200 OK
                                                                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                          Content-Type: application/octet-stream
                                                                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                          Server: ECAcc (lpl/EF17)
                                                                          X-CID: 11
                                                                          X-Ms-ApiVersion: Distribute 1.2
                                                                          X-Ms-Region: prod-weu-z1
                                                                          Cache-Control: public, max-age=74572
                                                                          Date: Tue, 27 Aug 2024 18:57:34 GMT
                                                                          Connection: close
                                                                          X-CID: 2


                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                          1192.168.2.549713184.28.90.27443
                                                                          TimestampBytes transferredDirectionData
                                                                          2024-08-27 18:57:35 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                          Connection: Keep-Alive
                                                                          Accept: */*
                                                                          Accept-Encoding: identity
                                                                          If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                          Range: bytes=0-2147483646
                                                                          User-Agent: Microsoft BITS/7.8
                                                                          Host: fs.microsoft.com
                                                                          2024-08-27 18:57:35 UTC514INHTTP/1.1 200 OK
                                                                          ApiVersion: Distribute 1.1
                                                                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                          Content-Type: application/octet-stream
                                                                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                          Server: ECAcc (lpl/EF06)
                                                                          X-CID: 11
                                                                          X-Ms-ApiVersion: Distribute 1.2
                                                                          X-Ms-Region: prod-weu-z1
                                                                          Cache-Control: public, max-age=78485
                                                                          Date: Tue, 27 Aug 2024 18:57:35 GMT
                                                                          Content-Length: 55
                                                                          Connection: close
                                                                          X-CID: 2
                                                                          2024-08-27 18:57:35 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                          Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                          2192.168.2.549716104.78.188.1884437200C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          TimestampBytes transferredDirectionData
                                                                          2024-08-27 18:57:41 UTC475OUTGET /onboarding/smskillreader.txt HTTP/1.1
                                                                          Host: armmf.adobe.com
                                                                          Connection: keep-alive
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ReaderServices/23.6.20320 Chrome/105.0.0.0 Safari/537.36
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: empty
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          If-None-Match: "78-5faa31cce96da"
                                                                          If-Modified-Since: Mon, 01 May 2023 15:02:33 GMT
                                                                          2024-08-27 18:57:41 UTC198INHTTP/1.1 304 Not Modified
                                                                          Content-Type: text/plain; charset=UTF-8
                                                                          Last-Modified: Mon, 01 May 2023 15:02:33 GMT
                                                                          ETag: "78-5faa31cce96da"
                                                                          Date: Tue, 27 Aug 2024 18:57:41 GMT
                                                                          Connection: close


                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                          3192.168.2.54971813.85.23.86443
                                                                          TimestampBytes transferredDirectionData
                                                                          2024-08-27 18:57:43 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=8dzolmfARCn+Aww&MD=6lVLXk7B HTTP/1.1
                                                                          Connection: Keep-Alive
                                                                          Accept: */*
                                                                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                          Host: slscr.update.microsoft.com
                                                                          2024-08-27 18:57:43 UTC560INHTTP/1.1 200 OK
                                                                          Cache-Control: no-cache
                                                                          Pragma: no-cache
                                                                          Content-Type: application/octet-stream
                                                                          Expires: -1
                                                                          Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                          ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                          MS-CorrelationId: 802d1723-38ec-45fd-924f-481c3a93c623
                                                                          MS-RequestId: 8c6f3612-0864-4e2c-9611-11a777bfa4b6
                                                                          MS-CV: pwcBjthT8EO47muB.0
                                                                          X-Microsoft-SLSClientCache: 2880
                                                                          Content-Disposition: attachment; filename=environment.cab
                                                                          X-Content-Type-Options: nosniff
                                                                          Date: Tue, 27 Aug 2024 18:57:43 GMT
                                                                          Connection: close
                                                                          Content-Length: 24490
                                                                          2024-08-27 18:57:43 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                          Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                          2024-08-27 18:57:43 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                          Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                          4192.168.2.54972452.107.243.704438140C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          TimestampBytes transferredDirectionData
                                                                          2024-08-27 18:57:55 UTC761OUTGET /:o:/g/personal/avogel_baycitymi_gov/Elmi9pmfBD9FsxTL7-oQ2IoBeHOG7eWvLU9bAnRZwDCz7Q?e=tcLUbt HTTP/1.1
                                                                          Host: baycitymi-my.sharepoint.com
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                          sec-ch-ua-mobile: ?0
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Upgrade-Insecure-Requests: 1
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                          Sec-Fetch-Site: none
                                                                          Sec-Fetch-Mode: navigate
                                                                          Sec-Fetch-User: ?1
                                                                          Sec-Fetch-Dest: document
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          2024-08-27 18:57:56 UTC3929INHTTP/1.1 302
                                                                          Cache-Control: private
                                                                          Content-Length: 584
                                                                          Content-Type: text/html; charset=utf-8
                                                                          Location: https://baycitymi-my.sharepoint.com/personal/avogel_baycitymi_gov/_layouts/15/Doc.aspx?sourcedoc=%7B99f6a259-049f-453f-b314-cbefea10d88a%7D&action=default&slrid=08764aa1-8002-6000-4edd-0ec3c14769fb&originalPath=aHR0cHM6Ly9iYXljaXR5bWktbXkuc2hhcmVwb2ludC5jb20vOm86L2cvcGVyc29uYWwvYXZvZ2VsX2JheWNpdHltaV9nb3YvRWxtaTlwbWZCRDlGc3hUTDctb1EySW9CZUhPRzdlV3ZMVTliQW5SWndEQ3o3UT9ydGltZT02NUN2S2NyRzNFZw&CID=5e7c16d6-5e9c-424b-ad78-f90465cf4904&_SRM=0:G:111
                                                                          Server: Microsoft-IIS/10.0
                                                                          request-id: 894f16a8-d7b3-6be6-3293-a9d770961e08
                                                                          X-BackEndHttpStatus: 302
                                                                          P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                          Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzViMWNmMWY3YjBmYTE2ZGQzMGNmOTVmNjE1NmZhYTQyNzQyNTczOTIyMDNmODJlZDk3MGJkY2NiOGQ5ZWE4YzgsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNWIxY2YxZjdiMGZhMTZkZDMwY2Y5NWY2MTU2ZmFhNDI3NDI1NzM5MjIwM2Y4MmVkOTcwYmRjY2I4ZDllYThjOCwxMzM2OTI1ODk3NjAwMDAwMDAsMCwxMzM2OTM0NTA3NjQzNjQyMjAsMC4wLjAuMCwyNTgsZjhiOTkyZTctYzYwYy00MWE1LTk3ZGItNWJjOWNkMWE5ODU0LCwsMDg3NjRhYTEtODAwMi02MDAwLTRlZGQtMGVjM2MxNDc2OWZiLDA4NzY0YWExLTgwMDItNjAwMC00ZWRkLTBlYzNjMTQ3NjlmYixwTkVCZWQvM2pFZTVlNHFIY2kzTFl3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTIzMjcsLUg5ZzhtM01DREpWV2pVbHVlRmpFODRCdVpVLG5ab3dtNHhLQ1B0UWdGUTRYWlF6K015ZVgvS0o3dnVpQmEyU3FMSW1FdXNPOEZvL2JTZUZRVTJRU0NZcFZVTk9vU3Q5VVBQOHI3L2dCczJmaytQcTE4QkVZQ1FrNkV2RVFCaFlGMGcxcnIyVlhsNlN4bVFYbmVhcEFmb1pPem9VeGFwaFVrMFloUGFOYWduNEdRRnc5b243ZmVWK0FOUXVZa3BGdnVxUFhqa3FYY0VST1dmQXdRcUozWHRTY3BaSVNSSmEvS2ltdUVOYVFJdSt5QXJ2MHVqN1BTaEo5SXlHdEpZcDdFRFpvdzhyRXMzdVNPZk1T [TRUNCATED]
                                                                          x-networkstatistics: 0,525568,0,0,194,0,26280,88
                                                                          x-sharepointhealthscore: 3
                                                                          x-ms-spo-cookievalidator: nZowm4xKCPtQgFQ4XZQz+MyeX/KJ7vuiBa2SqLImEusO8Fo/bSeFQU2QSCYpVUNOoSt9UPP8r7/gBs2fk+Pq18BEYCQk6EvEQBhYF0g1rr2VXl6SxmQXneapAfoZOzoUxaphUk0YhPaNagn4GQFw9on7feV+ANQuYkpFvuqPXjkqXcEROWfAwQqJ3XtScpZISRJa/KimuENaQIu+yArv0uj7PShJ9IyGtJYp7EDZow8rEs3uSOfMSUQx93sz7TmrAKUQY0RwheqIfOh53Knsdl/UobyiT2CHmfpCTEmVtr7Q72pIAPY+QF3EIaliYrAZUEXdY8/zyGT2ugce3dLGTg==
                                                                          x-aspnet-version: 4.0.30319
                                                                          x-databoundary: NONE
                                                                          x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
                                                                          x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
                                                                          ms-cv: oUp2CAKAAGBO3Q7DwUdp+w.0
                                                                          strict-transport-security: max-age=31536000
                                                                          x-frame-options: SAMEORIGIN
                                                                          content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com *.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
                                                                          sprequestduration: 234
                                                                          spiislatency: 3
                                                                          microsoftsharepointteamservices: 16.0.0.25207
                                                                          x-content-type-options: nosniff
                                                                          x-ms-invokeapp: 1; RequireReadOnly
                                                                          X-Proxy-RoutingCorrectness: 1
                                                                          X-MSEdge-Ref: MIRA: 894f16a8-d7b3-6be6-3293-a9d770961e08 FR3P281CA0068 2024-08-27T18:57:55.971Z
                                                                          Alt-Svc: h3=":443";ma=2592000,h3-29=":443";ma=2592000
                                                                          SPRequestGuid: 08764aa1-8002-6000-4edd-0ec3c14769fb
                                                                          X-Proxy-BackendServerStatus: 302
                                                                          X-FirstHopCafeEFZ: HHN
                                                                          X-FEProxyInfo: FR3P281CA0068.DEUP281.PROD.OUTLOOK.COM
                                                                          X-FEEFZInfo: HHN
                                                                          X-Powered-By: ASP.NET
                                                                          X-FEServer: FR3P281CA0068
                                                                          Date: Tue, 27 Aug 2024 18:57:55 GMT
                                                                          Connection: close
                                                                          2024-08-27 18:57:56 UTC584INData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 61 79 63 69 74 79 6d 69 2d 6d 79 2e 73 68 61 72 65 70 6f 69 6e 74 2e 63 6f 6d 2f 70 65 72 73 6f 6e 61 6c 2f 61 76 6f 67 65 6c 5f 62 61 79 63 69 74 79 6d 69 5f 67 6f 76 2f 5f 6c 61 79 6f 75 74 73 2f 31 35 2f 44 6f 63 2e 61 73 70 78 3f 73 6f 75 72 63 65 64 6f 63 3d 25 37 42 39 39 66 36 61 32 35 39 2d 30 34 39 66 2d 34 35 33 66 2d 62 33 31 34 2d 63 62 65 66 65 61 31 30 64 38 38 61 25 37 44 26 61 6d 70 3b 61 63 74 69 6f 6e 3d 64 65 66 61 75 6c 74 26 61 6d 70 3b 73 6c 72 69 64 3d 30 38 37
                                                                          Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="https://baycitymi-my.sharepoint.com/personal/avogel_baycitymi_gov/_layouts/15/Doc.aspx?sourcedoc=%7B99f6a259-049f-453f-b314-cbefea10d88a%7D&amp;action=default&amp;slrid=087


                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                          5192.168.2.54972952.107.243.704438140C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          TimestampBytes transferredDirectionData
                                                                          2024-08-27 18:57:57 UTC2243OUTGET /personal/avogel_baycitymi_gov/_layouts/15/Doc.aspx?sourcedoc=%7B99f6a259-049f-453f-b314-cbefea10d88a%7D&action=default&slrid=08764aa1-8002-6000-4edd-0ec3c14769fb&originalPath=aHR0cHM6Ly9iYXljaXR5bWktbXkuc2hhcmVwb2ludC5jb20vOm86L2cvcGVyc29uYWwvYXZvZ2VsX2JheWNpdHltaV9nb3YvRWxtaTlwbWZCRDlGc3hUTDctb1EySW9CZUhPRzdlV3ZMVTliQW5SWndEQ3o3UT9ydGltZT02NUN2S2NyRzNFZw&CID=5e7c16d6-5e9c-424b-ad78-f90465cf4904&_SRM=0:G:111 HTTP/1.1
                                                                          Host: baycitymi-my.sharepoint.com
                                                                          Connection: keep-alive
                                                                          Upgrade-Insecure-Requests: 1
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                          Sec-Fetch-Site: none
                                                                          Sec-Fetch-Mode: navigate
                                                                          Sec-Fetch-User: ?1
                                                                          Sec-Fetch-Dest: document
                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                          sec-ch-ua-mobile: ?0
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzViMWNmMWY3YjBmYTE2ZGQzMGNmOTVmNjE1NmZhYTQyNzQyNTczOTIyMDNmODJlZDk3MGJkY2NiOGQ5ZWE4YzgsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNWIxY2YxZjdiMGZhMTZkZDMwY2Y5NWY2MTU2ZmFhNDI3NDI1NzM5MjIwM2Y4MmVkOTcwYmRjY2I4ZDllYThjOCwxMzM2OTI1ODk3NjAwMDAwMDAsMCwxMzM2OTM0NTA3NjQzNjQyMjAsMC4wLjAuMCwyNTgsZjhiOTkyZTctYzYwYy00MWE1LTk3ZGItNWJjOWNkMWE5ODU0LCwsMDg3NjRhYTEtODAwMi02MDAwLTRlZGQtMGVjM2MxNDc2OWZiLDA4NzY0YWExLTgwMDItNjAwMC00ZWRkLTBlYzNjMTQ3NjlmYixwTkVCZWQvM2pFZTVlNHFIY2kzTFl3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTIzMjcsLUg5ZzhtM01DREpWV2pVbHVlRmpFODRCdVpVLG5ab3dtNHhLQ1B0UWdGUTRYWlF6K015ZVgvS0o3dnVpQmEyU3FMSW1FdXNPOEZvL2JTZUZRVTJRU0NZcFZVTk9vU3Q5VVBQOHI3L2dCczJmaytQcTE4QkVZQ1FrNkV2RVFCaFlGMGcxcnIyVlhsNlN4bVFYbmVhcEFmb1pPem9VeGFwaFVrMFloUGFOYWduNEdRRnc5b243ZmVWK0FOUXVZa3BGdnVxUFhqa3FYY0VST1dmQXdRcUozWHRTY3BaSVNSSmEvS2ltdUVOYVFJdSt5QXJ2MHVqN1BTaEo5SXlHdEpZcDdFRFpvdzhyRXMzdVNPZk1TVVF4 [TRUNCATED]
                                                                          2024-08-27 18:57:57 UTC3224INHTTP/1.1 200 OK
                                                                          Cache-Control: no-cache, no-store
                                                                          Pragma: no-cache
                                                                          Transfer-Encoding: chunked
                                                                          Content-Type: text/html; charset=utf-8
                                                                          Expires: -1
                                                                          Server: Microsoft-IIS/10.0
                                                                          request-id: 713bd5e9-534b-96b9-8629-399b9489187b
                                                                          X-BackEndHttpStatus: 200
                                                                          P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                          Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzViMWNmMWY3YjBmYTE2ZGQzMGNmOTVmNjE1NmZhYTQyNzQyNTczOTIyMDNmODJlZDk3MGJkY2NiOGQ5ZWE4YzgsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNWIxY2YxZjdiMGZhMTZkZDMwY2Y5NWY2MTU2ZmFhNDI3NDI1NzM5MjIwM2Y4MmVkOTcwYmRjY2I4ZDllYThjOCwxMzM2OTI1ODk3NjAwMDAwMDAsMCwxMzM2OTM0NTA3NjQzNjQyMjAsMC4wLjAuMCwyNTgsZjhiOTkyZTctYzYwYy00MWE1LTk3ZGItNWJjOWNkMWE5ODU0LCwsMDg3NjRhYTEtODAwMi02MDAwLTRlZGQtMGVjM2MxNDc2OWZiLDA4NzY0YWExLTgwMDItNjAwMC00ZWRkLTBlYzNjMTQ3NjlmYixwTkVCZWQvM2pFZTVlNHFIY2kzTFl3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTIzMjcsLUg5ZzhtM01DREpWV2pVbHVlRmpFODRCdVpVLG5ab3dtNHhLQ1B0UWdGUTRYWlF6K015ZVgvS0o3dnVpQmEyU3FMSW1FdXNPOEZvL2JTZUZRVTJRU0NZcFZVTk9vU3Q5VVBQOHI3L2dCczJmaytQcTE4QkVZQ1FrNkV2RVFCaFlGMGcxcnIyVlhsNlN4bVFYbmVhcEFmb1pPem9VeGFwaFVrMFloUGFOYWduNEdRRnc5b243ZmVWK0FOUXVZa3BGdnVxUFhqa3FYY0VST1dmQXdRcUozWHRTY3BaSVNSSmEvS2ltdUVOYVFJdSt5QXJ2MHVqN1BTaEo5SXlHdEpZcDdFRFpvdzhyRXMzdVNPZk1T [TRUNCATED]
                                                                          x-networkstatistics: 0,525568,0,0,1546,0,29772,98
                                                                          x-sharepointhealthscore: 2
                                                                          referrer-policy: no-referrer, strict-origin-when-cross-origin
                                                                          server-timing: LT; desc=0, RS; desc=G, RD; dur=111
                                                                          x-aspnet-version: 4.0.30319
                                                                          x-databoundary: NONE
                                                                          x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
                                                                          x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
                                                                          ms-cv: oUp2CFdwAGBO3Qt2jn9CuA.0
                                                                          strict-transport-security: max-age=31536000
                                                                          x-frame-options: SAMEORIGIN
                                                                          content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com *.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
                                                                          microsoftsharepointteamservices: 16.0.0.25207
                                                                          x-content-type-options: nosniff
                                                                          x-ms-invokeapp: 1; RequireReadOnly
                                                                          X-Proxy-RoutingCorrectness: 1
                                                                          X-MSEdge-Ref: MIRA: 713bd5e9-534b-96b9-8629-399b9489187b FR3P281CA0068 2024-08-27T18:57:57.565Z
                                                                          Alt-Svc: h3=":443";ma=2592000,h3-29=":443";ma=2592000
                                                                          SPRequestGuid: 08764aa1-7057-6000-4edd-0b768e7f42b8
                                                                          X-Proxy-BackendServerStatus: 200
                                                                          X-FirstHopCafeEFZ: HHN
                                                                          X-FEProxyInfo: FR3P281CA0068.DEUP281.PROD.OUTLOOK.COM
                                                                          X-FEEFZInfo: HHN
                                                                          X-Powered-By: ASP.NET
                                                                          X-FEServer: FR3P281CA0068
                                                                          Date: Tue, 27 Aug 2024 18:57:57 GMT
                                                                          Connection: close
                                                                          2024-08-27 18:57:57 UTC8200INData Raw: 32 30 30 30 0d 0a 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 75 73 22 20 64 69 72 3d 22 6c 74 72 22 3e 0d 0a 09 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0d 0a 09 3c 6d 65 74 61 0d 0a 09 09 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 0d 0a 09 09 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e
                                                                          Data Ascii: 2000<!DOCTYPE html><html lang="en-us" dir="ltr"><head><meta http-equiv="X-UA-Compatible" content="IE=edge" /><metaname="viewport"content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=n
                                                                          2024-08-27 18:57:57 UTC8200INData Raw: 32 30 30 30 0d 0a 22 3a 22 68 74 74 70 73 3a 2f 2f 6c 6f 67 69 6e 2e 6d 69 63 72 6f 73 6f 66 74 6f 6e 6c 69 6e 65 2e 63 6f 6d 22 2c 22 61 61 64 54 65 6e 61 6e 74 49 64 22 3a 22 66 38 62 39 39 32 65 37 2d 63 36 30 63 2d 34 31 61 35 2d 39 37 64 62 2d 35 62 63 39 63 64 31 61 39 38 35 34 22 2c 22 69 73 53 50 4f 22 3a 74 72 75 65 2c 22 73 65 72 76 65 72 54 69 6d 65 22 3a 22 32 30 32 34 2d 30 38 2d 32 37 54 31 38 3a 35 37 3a 35 37 2e 36 35 35 32 35 31 34 5a 22 2c 22 45 78 70 46 65 61 74 75 72 65 73 22 3a 5b 2d 31 39 31 30 35 33 38 32 34 30 2c 31 30 37 39 33 31 31 31 30 35 2c 38 33 39 37 35 32 33 32 2c 36 33 38 35 32 35 34 36 38 2c 38 35 38 39 38 32 32 30 30 2c 2d 31 37 39 39 30 37 37 32 34 38 2c 38 30 32 36 39 33 31 34 2c 35 35 35 38 35 38 32 31 2c 32 37 33 32
                                                                          Data Ascii: 2000":"https://login.microsoftonline.com","aadTenantId":"f8b992e7-c60c-41a5-97db-5bc9cd1a9854","isSPO":true,"serverTime":"2024-08-27T18:57:57.6552514Z","ExpFeatures":[-1910538240,1079311105,83975232,638525468,858982200,-1799077248,80269314,55585821,2732
                                                                          2024-08-27 18:57:57 UTC8200INData Raw: 32 30 30 30 0d 0a 45 35 43 43 42 41 35 39 22 3a 31 2c 22 44 38 42 38 43 32 33 36 2d 42 36 42 41 2d 34 30 41 42 2d 41 30 46 41 2d 37 38 43 35 31 31 34 36 37 37 44 39 22 3a 31 2c 22 44 38 30 38 44 41 45 35 2d 32 38 37 43 2d 34 43 46 30 2d 42 36 44 37 2d 44 39 35 45 41 43 37 43 34 38 44 41 22 3a 31 2c 22 36 42 45 39 36 43 41 45 2d 38 34 45 34 2d 34 38 35 38 2d 39 31 32 35 2d 34 41 32 39 41 32 37 30 31 41 43 45 22 3a 31 2c 22 44 34 41 41 37 45 44 30 2d 31 30 35 30 2d 34 38 38 43 2d 42 33 46 39 2d 31 35 46 42 44 35 30 42 44 43 39 35 22 3a 31 2c 22 34 44 33 38 44 36 32 36 2d 33 32 38 42 2d 34 39 41 45 2d 39 34 32 41 2d 44 33 37 46 46 46 33 46 30 37 34 41 22 3a 31 2c 22 36 30 32 34 44 38 45 45 2d 38 33 41 39 2d 34 42 43 46 2d 39 34 43 30 2d 31 36 46 35 30 43 39
                                                                          Data Ascii: 2000E5CCBA59":1,"D8B8C236-B6BA-40AB-A0FA-78C5114677D9":1,"D808DAE5-287C-4CF0-B6D7-D95EAC7C48DA":1,"6BE96CAE-84E4-4858-9125-4A29A2701ACE":1,"D4AA7ED0-1050-488C-B3F9-15FBD50BDC95":1,"4D38D626-328B-49AE-942A-D37FFF3F074A":1,"6024D8EE-83A9-4BCF-94C0-16F50C9
                                                                          2024-08-27 18:57:57 UTC8200INData Raw: 32 30 30 30 0d 0a 46 45 39 2d 36 36 33 46 36 31 37 41 35 35 43 46 22 3a 31 2c 22 39 43 35 30 41 36 46 36 2d 32 34 38 37 2d 34 32 31 39 2d 38 44 36 31 2d 42 31 33 32 43 38 31 31 37 41 39 38 22 3a 31 2c 22 46 42 41 46 46 46 39 34 2d 38 33 46 46 2d 34 30 44 43 2d 41 33 33 32 2d 31 39 44 38 45 39 34 41 34 34 45 38 22 3a 31 2c 22 31 37 31 33 45 36 42 46 2d 36 33 37 32 2d 34 39 37 32 2d 39 43 36 31 2d 34 44 45 42 42 38 39 36 30 46 31 39 22 3a 31 2c 22 43 46 36 37 34 30 42 37 2d 42 39 41 36 2d 34 45 43 35 2d 42 44 31 36 2d 44 42 38 37 33 34 32 36 36 30 38 36 22 3a 31 2c 22 32 32 43 39 39 36 46 34 2d 30 30 32 37 2d 34 36 37 41 2d 41 30 46 37 2d 31 43 33 44 36 43 36 36 41 37 30 33 22 3a 31 2c 22 43 31 43 38 45 38 32 32 2d 38 42 39 42 2d 34 32 33 43 2d 39 35 35 31
                                                                          Data Ascii: 2000FE9-663F617A55CF":1,"9C50A6F6-2487-4219-8D61-B132C8117A98":1,"FBAFFF94-83FF-40DC-A332-19D8E94A44E8":1,"1713E6BF-6372-4972-9C61-4DEBB8960F19":1,"CF6740B7-B9A6-4EC5-BD16-DB8734266086":1,"22C996F4-0027-467A-A0F7-1C3D6C66A703":1,"C1C8E822-8B9B-423C-9551
                                                                          2024-08-27 18:57:57 UTC8200INData Raw: 32 30 30 30 0d 0a 30 2d 34 44 36 42 2d 39 39 35 43 2d 36 42 35 32 46 31 43 38 45 34 35 35 22 3a 31 2c 22 45 43 37 42 30 35 43 33 2d 41 34 42 33 2d 34 42 45 46 2d 42 33 46 39 2d 35 42 44 43 44 46 30 46 33 46 36 42 22 3a 31 2c 22 36 44 34 38 30 37 45 45 2d 34 32 38 31 2d 34 42 34 32 2d 39 30 36 32 2d 38 31 46 38 39 37 42 33 30 38 34 42 22 3a 31 2c 22 35 35 32 33 43 43 30 36 2d 31 36 43 43 2d 34 34 43 35 2d 41 33 43 43 2d 42 42 30 34 30 34 45 38 36 39 45 38 22 3a 31 2c 22 39 43 43 33 42 32 35 41 2d 38 38 38 34 2d 34 36 44 30 2d 39 31 35 31 2d 36 35 46 41 39 30 33 39 30 31 35 45 22 3a 31 2c 22 46 35 31 44 38 45 37 33 2d 38 30 37 30 2d 34 32 43 34 2d 41 46 33 34 2d 46 42 31 32 33 45 36 37 44 37 44 38 22 3a 31 2c 22 30 42 39 46 42 45 36 37 2d 39 33 36 41 2d 34
                                                                          Data Ascii: 20000-4D6B-995C-6B52F1C8E455":1,"EC7B05C3-A4B3-4BEF-B3F9-5BDCDF0F3F6B":1,"6D4807EE-4281-4B42-9062-81F897B3084B":1,"5523CC06-16CC-44C5-A3CC-BB0404E869E8":1,"9CC3B25A-8884-46D0-9151-65FA9039015E":1,"F51D8E73-8070-42C4-AF34-FB123E67D7D8":1,"0B9FBE67-936A-4
                                                                          2024-08-27 18:57:57 UTC8200INData Raw: 32 30 30 30 0d 0a 33 32 42 43 2d 30 33 33 34 2d 34 41 43 38 2d 38 35 34 35 2d 46 34 36 36 34 31 46 41 36 34 46 45 22 3a 31 2c 22 41 34 41 43 45 46 37 36 2d 33 38 42 30 2d 34 30 38 44 2d 42 45 43 37 2d 44 36 45 34 45 36 43 34 34 36 33 36 22 3a 31 2c 22 44 46 37 30 38 30 46 35 2d 37 32 45 33 2d 34 41 38 38 2d 41 38 44 35 2d 42 31 42 36 30 36 32 34 33 44 30 37 22 3a 31 2c 22 32 35 38 45 34 36 30 31 2d 39 41 39 39 2d 34 39 42 30 2d 42 36 35 41 2d 42 42 33 34 32 33 34 42 36 45 36 36 22 3a 31 2c 22 33 44 39 42 38 38 44 41 2d 34 45 30 43 2d 34 42 44 45 2d 39 30 35 34 2d 45 44 31 38 30 33 42 41 44 31 37 43 22 3a 31 2c 22 44 32 39 36 31 37 37 38 2d 43 38 45 37 2d 34 41 34 35 2d 38 35 35 32 2d 44 31 30 31 44 34 32 38 39 39 44 44 22 3a 31 2c 22 33 36 32 35 42 31 33
                                                                          Data Ascii: 200032BC-0334-4AC8-8545-F46641FA64FE":1,"A4ACEF76-38B0-408D-BEC7-D6E4E6C44636":1,"DF7080F5-72E3-4A88-A8D5-B1B606243D07":1,"258E4601-9A99-49B0-B65A-BB34234B6E66":1,"3D9B88DA-4E0C-4BDE-9054-ED1803BAD17C":1,"D2961778-C8E7-4A45-8552-D101D42899DD":1,"3625B13
                                                                          2024-08-27 18:57:57 UTC8200INData Raw: 32 30 30 30 0d 0a 3a 31 2c 22 35 41 43 35 33 34 35 46 2d 32 44 38 45 2d 34 38 35 35 2d 39 31 34 36 2d 46 46 46 31 41 30 32 32 31 39 32 39 22 3a 31 2c 22 34 44 30 42 46 32 33 41 2d 33 32 37 30 2d 34 34 43 42 2d 39 41 38 42 2d 30 38 34 45 30 41 33 36 41 42 42 41 22 3a 31 2c 22 38 44 32 45 44 32 32 32 2d 44 42 41 43 2d 34 43 38 32 2d 42 43 33 45 2d 32 34 42 34 44 35 39 30 37 46 31 30 22 3a 31 2c 22 45 33 36 43 35 38 37 34 2d 46 31 42 31 2d 34 31 30 35 2d 42 46 44 35 2d 44 36 44 43 35 36 30 34 41 34 42 32 22 3a 31 2c 22 35 41 43 30 32 33 43 39 2d 34 46 45 37 2d 34 37 42 34 2d 41 32 32 45 2d 32 44 38 34 45 35 35 31 32 43 31 33 22 3a 31 2c 22 44 37 46 46 44 44 44 36 2d 43 44 45 44 2d 34 44 45 32 2d 42 41 33 32 2d 42 36 42 33 31 31 44 36 46 39 33 36 22 3a 31 2c
                                                                          Data Ascii: 2000:1,"5AC5345F-2D8E-4855-9146-FFF1A0221929":1,"4D0BF23A-3270-44CB-9A8B-084E0A36ABBA":1,"8D2ED222-DBAC-4C82-BC3E-24B4D5907F10":1,"E36C5874-F1B1-4105-BFD5-D6DC5604A4B2":1,"5AC023C9-4FE7-47B4-A22E-2D84E5512C13":1,"D7FFDDD6-CDED-4DE2-BA32-B6B311D6F936":1,
                                                                          2024-08-27 18:57:57 UTC8200INData Raw: 32 30 30 30 0d 0a 38 42 43 32 36 38 32 22 3a 31 2c 22 38 43 37 31 44 41 31 33 2d 30 39 44 31 2d 34 39 46 39 2d 38 38 41 35 2d 44 32 41 42 41 39 42 41 35 37 37 37 22 3a 31 2c 22 42 39 39 30 39 44 36 37 2d 37 32 34 37 2d 34 32 42 30 2d 41 42 39 46 2d 31 44 36 37 34 36 38 32 35 30 43 37 22 3a 31 2c 22 41 45 30 37 44 39 46 33 2d 31 46 31 39 2d 34 41 43 41 2d 38 41 38 32 2d 43 39 42 38 43 44 41 45 45 45 38 37 22 3a 31 2c 22 38 39 35 41 38 33 30 38 2d 38 36 46 42 2d 34 41 43 37 2d 38 46 31 43 2d 37 34 44 46 31 46 30 31 34 45 33 32 22 3a 31 2c 22 30 35 43 42 39 37 34 46 2d 30 33 39 35 2d 34 33 38 37 2d 41 30 39 38 2d 44 45 43 43 34 39 43 39 42 36 34 39 22 3a 31 2c 22 46 39 30 30 33 33 35 39 2d 31 42 42 46 2d 34 33 38 41 2d 41 41 41 43 2d 36 45 44 46 39 31 31 41
                                                                          Data Ascii: 20008BC2682":1,"8C71DA13-09D1-49F9-88A5-D2ABA9BA5777":1,"B9909D67-7247-42B0-AB9F-1D67468250C7":1,"AE07D9F3-1F19-4ACA-8A82-C9B8CDAEEE87":1,"895A8308-86FB-4AC7-8F1C-74DF1F014E32":1,"05CB974F-0395-4387-A098-DECC49C9B649":1,"F9003359-1BBF-438A-AAAC-6EDF911A
                                                                          2024-08-27 18:57:57 UTC8200INData Raw: 32 30 30 30 0d 0a 45 31 2d 35 46 32 39 31 44 30 44 39 37 38 35 22 3a 31 2c 22 33 43 31 37 45 35 41 33 2d 44 42 45 43 2d 34 30 43 38 2d 42 41 43 44 2d 35 41 33 32 36 34 42 32 36 37 34 31 22 3a 31 2c 22 32 31 36 46 34 32 33 45 2d 37 33 46 34 2d 34 38 46 30 2d 41 39 30 35 2d 39 30 42 43 45 38 37 31 43 35 36 34 22 3a 31 2c 22 44 33 44 30 35 41 30 38 2d 37 45 30 34 2d 34 37 44 31 2d 39 44 38 41 2d 36 35 38 46 45 36 34 34 42 37 42 46 22 3a 31 2c 22 43 37 37 41 41 35 38 33 2d 33 45 30 41 2d 34 32 39 31 2d 41 46 34 42 2d 39 35 43 33 32 30 41 36 31 35 45 43 22 3a 31 2c 22 34 45 41 32 31 38 32 32 2d 36 44 45 34 2d 34 39 31 45 2d 41 39 38 44 2d 39 41 44 31 30 30 31 45 46 36 43 34 22 3a 31 2c 22 38 46 46 46 41 41 32 35 2d 34 33 42 38 2d 34 42 30 46 2d 39 44 44 37 2d
                                                                          Data Ascii: 2000E1-5F291D0D9785":1,"3C17E5A3-DBEC-40C8-BACD-5A3264B26741":1,"216F423E-73F4-48F0-A905-90BCE871C564":1,"D3D05A08-7E04-47D1-9D8A-658FE644B7BF":1,"C77AA583-3E0A-4291-AF4B-95C320A615EC":1,"4EA21822-6DE4-491E-A98D-9AD1001EF6C4":1,"8FFFAA25-43B8-4B0F-9DD7-
                                                                          2024-08-27 18:57:57 UTC8200INData Raw: 32 30 30 30 0d 0a 2d 34 36 46 39 2d 38 45 30 34 2d 34 45 43 31 33 30 45 44 42 43 45 43 22 3a 31 2c 22 43 34 38 39 37 45 45 37 2d 43 30 30 35 2d 34 43 35 43 2d 38 38 37 30 2d 45 46 42 37 35 33 44 35 44 39 31 42 22 3a 31 2c 22 36 42 33 35 37 45 38 38 2d 31 31 37 46 2d 34 46 44 36 2d 38 33 43 31 2d 33 32 43 35 44 35 32 46 42 42 41 35 22 3a 31 2c 22 43 35 43 39 45 45 34 43 2d 32 44 45 39 2d 34 32 42 41 2d 42 38 30 35 2d 42 39 36 34 39 35 44 44 38 34 39 36 22 3a 31 2c 22 32 36 30 39 36 37 42 38 2d 37 35 36 44 2d 34 38 31 42 2d 42 37 32 35 2d 43 30 38 35 43 46 34 44 46 45 32 38 22 3a 31 2c 22 37 33 32 36 38 45 32 34 2d 31 31 41 35 2d 34 34 43 32 2d 41 43 39 38 2d 45 33 44 43 38 39 43 46 30 45 46 45 22 3a 31 2c 22 34 34 30 32 42 33 36 46 2d 30 36 37 46 2d 34 32
                                                                          Data Ascii: 2000-46F9-8E04-4EC130EDBCEC":1,"C4897EE7-C005-4C5C-8870-EFB753D5D91B":1,"6B357E88-117F-4FD6-83C1-32C5D52FBBA5":1,"C5C9EE4C-2DE9-42BA-B805-B96495DD8496":1,"260967B8-756D-481B-B725-C085CF4DFE28":1,"73268E24-11A5-44C2-AC98-E3DC89CF0EFE":1,"4402B36F-067F-42


                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                          6192.168.2.54973820.140.56.694438140C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          TimestampBytes transferredDirectionData
                                                                          2024-08-27 18:58:00 UTC617OUTGET /wise/owl/owl.slim.b85bbf4e2366ca721a6f.js HTTP/1.1
                                                                          Host: wise.gcc.cdn.office.net
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                          Origin: https://baycitymi-my.sharepoint.com
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: */*
                                                                          Sec-Fetch-Site: cross-site
                                                                          Sec-Fetch-Mode: cors
                                                                          Sec-Fetch-Dest: script
                                                                          Referer: https://baycitymi-my.sharepoint.com/
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          2024-08-27 18:58:01 UTC1107INHTTP/1.1 200 OK
                                                                          Date: Tue, 27 Aug 2024 18:58:01 GMT
                                                                          Content-Type: application/javascript
                                                                          Content-Length: 175722
                                                                          Connection: close
                                                                          Vary: Accept-Encoding
                                                                          Vary: Accept-Encoding
                                                                          Cache-Control: public, max-age=31536000
                                                                          Last-Modified: Thu, 22 Aug 2024 20:45:25 GMT
                                                                          x-ms-request-id: 60b61bfc-b01e-006e-6fb3-f80f13000000
                                                                          x-azure-ref: 20240827T185800Z-16b9bbc45895kwx6e8hubbdzvs00000006e0000000004vaf
                                                                          x-fd-int-roxy-purgeid: 0
                                                                          X-Cache: TCP_MISS
                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                          Timing-Allow-Origin: *
                                                                          X-CDN-Provider: Azure
                                                                          X-Content-Type-Options: nosniff
                                                                          Access-Control-Allow-Origin: *
                                                                          Access-Control-Expose-Headers: date,X-Cdn-Provider,X-Ms-Request-Id
                                                                          Access-Control-Allow-Headers: *
                                                                          Access-Control-Allow-Methods: GET,HEAD,OPTIONS
                                                                          NEL: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
                                                                          Report-To: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AzureCDNGCC"}],"include_subdomains":true}
                                                                          Accept-Ranges: bytes
                                                                          2024-08-27 18:58:01 UTC15277INData Raw: 76 61 72 20 4d 69 63 72 6f 73 6f 66 74 3b 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 74 2c 65 2c 6e 2c 6f 2c 69 3d 7b 36 38 37 32 35 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 6e 2e 64 28 65 2c 7b 68 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 73 7d 7d 29 3b 76 61 72 20 6f 3d 6e 28 36 36 34 31 31 29 2c 69 3d 6e 28 33 38 32 31 37 29 2c 72 3d 6e 28 38 30 33 36 34 29 2c 73 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 76 61 72 20 65 3d 6e 75 6c 6c 21 3d 3d 74 26 26 74 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7c 7c 74 68 69 73 3b 72 65 74 75 72 6e 20 65 2e 76 61 6c 75 65 3d 6e 75 6c 6c 2c 65 2e 68 61 73 4e 65 78 74 3d 21 31 2c 65 2e 68 61
                                                                          Data Ascii: var Microsoft;!function(){"use strict";var t,e,n,o,i={68725:function(t,e,n){n.d(e,{h:function(){return s}});var o=n(66411),i=n(38217),r=n(80364),s=function(t){function e(){var e=null!==t&&t.apply(this,arguments)||this;return e.value=null,e.hasNext=!1,e.ha
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 2e 69 6e 64 65 78 2b 2b 3b 74 72 79 7b 65 3d 74 68 69 73 2e 70 72 6f 6a 65 63 74 28 74 2c 6e 29 7d 63 61 74 63 68 28 74 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 74 68 69 73 2e 64 65 73 74 69 6e 61 74 69 6f 6e 2e 65 72 72 6f 72 28 74 29 7d 74 68 69 73 2e 61 63 74 69 76 65 2b 2b 2c 74 68 69 73 2e 68 74 28 65 29 7d 2c 65 2e 70 72 6f 74 6f 74 79 70 65 2e 68 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 6e 65 77 20 73 2e 7a 41 28 74 68 69 73 29 2c 6e 3d 74 68 69 73 2e 64 65 73 74 69 6e 61 74 69 6f 6e 3b 6e 2e 61 64 64 28 65 29 3b 76 61 72 20 6f 3d 28 30 2c 73 2e 74 53 29 28 74 2c 65 29 3b 6f 21 3d 3d 65 26 26 6e 2e 61 64 64 28 6f 29 7d 2c 65 2e 70 72 6f 74 6f 74 79 70 65 2e 6e 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 68 61 73 43 6f
                                                                          Data Ascii: .index++;try{e=this.project(t,n)}catch(t){return void this.destination.error(t)}this.active++,this.ht(e)},e.prototype.ht=function(t){var e=new s.zA(this),n=this.destination;n.add(e);var o=(0,s.tS)(t,e);o!==e&&n.add(o)},e.prototype.nt=function(){this.hasCo
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 55 4d 42 45 52 7d 63 61 74 63 68 28 74 29 7b 72 65 74 75 72 6e 20 6f 2e 42 55 49 4c 44 5f 4e 55 4d 42 45 52 7d 7d 7d 2c 33 30 32 30 30 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 6e 2e 64 28 65 2c 7b 4f 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 69 7d 7d 29 3b 76 61 72 20 6f 3d 6e 28 34 30 35 36 30 29 3b 66 75 6e 63 74 69 6f 6e 20 69 28 29 7b 63 6f 6e 73 74 20 74 3d 6e 65 77 20 55 69 6e 74 38 41 72 72 61 79 28 33 31 29 2c 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 63 6f 6e 73 74 20 65 3d 7b 63 72 79 70 74 6f 3a 21 31 2c 70 65 72 66 4e 6f 77 3a 21 31 2c 65 78 63 65 70 74 69 6f 6e 73 3a 5b 5d 7d 2c 6e 3d 77 69 6e 64 6f 77 2e 63 72 79 70 74 6f 7c 7c 77 69 6e 64 6f 77 2e 6d 73 43 72 79 70 74 6f 3b 69 66 28 6e 29 7b 65 2e 63 72 79 70 74 6f
                                                                          Data Ascii: UMBER}catch(t){return o.BUILD_NUMBER}}},30200:function(t,e,n){n.d(e,{O:function(){return i}});var o=n(40560);function i(){const t=new Uint8Array(31),e=function(t){const e={crypto:!1,perfNow:!1,exceptions:[]},n=window.crypto||window.msCrypto;if(n){e.crypto
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 30 2c 74 68 69 73 2e 49 6e 3d 30 7d 2c 74 68 69 73 2e 70 6e 3d 28 29 3d 3e 7b 74 72 79 7b 69 66 28 74 68 69 73 2e 48 6e 3c 3d 30 29 72 65 74 75 72 6e 3b 63 6f 6e 73 74 20 74 3d 74 68 69 73 2e 52 6e 28 29 3b 74 68 69 73 2e 57 6e 28 74 2c 74 68 69 73 2e 5f 65 2c 74 68 69 73 2e 77 65 2e 45 65 29 2c 74 68 69 73 2e 46 6e 28 29 7d 63 61 74 63 68 28 74 29 7b 7d 7d 2c 74 68 69 73 2e 52 6e 3d 28 29 3d 3e 28 7b 64 3a 74 68 69 73 2e 67 65 2c 61 3a 74 68 69 73 2e 44 6e 28 29 2c 62 3a 74 68 69 73 2e 76 6e 2c 65 3a 74 68 69 73 2e 55 6e 2c 68 3a 74 68 69 73 2e 43 6e 2c 71 3a 74 68 69 73 2e 79 6e 2c 6b 3a 74 68 69 73 2e 41 6e 2c 6c 3a 74 68 69 73 2e 50 6e 2c 74 79 70 65 3a 22 68 5f 76 32 22 7d 29 2c 74 68 69 73 2e 44 6e 3d 28 29 3d 3e 74 68 69 73 2e 77 65 2e 48 65 26 26
                                                                          Data Ascii: 0,this.In=0},this.pn=()=>{try{if(this.Hn<=0)return;const t=this.Rn();this.Wn(t,this._e,this.we.Ee),this.Fn()}catch(t){}},this.Rn=()=>({d:this.ge,a:this.Dn(),b:this.vn,e:this.Un,h:this.Cn,q:this.yn,k:this.An,l:this.Pn,type:"h_v2"}),this.Dn=()=>this.we.He&&
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 2c 65 3f 2e 63 6f 6e 76 65 72 73 61 74 69 6f 6e 42 75 74 74 6f 6e 45 6e 61 62 6c 65 64 2c 6e 3f 2e 61 64 64 69 74 69 6f 6e 61 6c 41 70 70 6c 69 63 61 74 69 6f 6e 50 61 72 61 6d 65 74 65 72 73 29 2c 43 3d 28 30 2c 72 2e 75 5f 29 28 29 3b 6a 3f 2e 55 4c 53 2e 73 65 6e 64 54 72 61 63 65 54 61 67 28 35 37 36 35 37 38 35 38 33 2c 6f 2e 6e 2e 52 6f 2c 69 2e 6b 2e 49 6e 66 6f 2c 22 42 6f 6f 74 53 74 72 61 70 46 69 6c 65 3a 20 41 62 6f 75 74 20 74 6f 20 63 61 6c 6c 20 49 6e 69 74 69 61 6c 69 7a 65 57 6f 70 69 50 65 6e 64 69 6e 67 22 29 3b 63 6f 6e 73 74 20 55 3d 28 30 2c 66 2e 53 49 29 28 66 2e 64 54 2e 46 65 61 74 75 72 65 47 61 74 65 5f 4f 77 6c 50 6f 73 74 57 61 63 54 6f 6b 65 6e 46 6f 72 54 65 61 6d 73 48 6f 73 74 73 2c 65 3f 2e 66 65 61 74 75 72 65 47 61 74
                                                                          Data Ascii: ,e?.conversationButtonEnabled,n?.additionalApplicationParameters),C=(0,r.u_)();j?.ULS.sendTraceTag(576578583,o.n.Ro,i.k.Info,"BootStrapFile: About to call InitializeWopiPending");const U=(0,f.SI)(f.dT.FeatureGate_OwlPostWacTokenForTeamsHosts,e?.featureGat
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 66 61 75 6c 74 3a 22 76 69 65 77 22 3d 3d 3d 6f 7d 3a 7b 46 69 6c 65 4e 61 6d 65 3a 6e 2c 49 73 4e 65 77 46 69 6c 65 3a 21 30 2c 2e 2e 2e 74 26 26 7b 44 6f 63 55 6e 69 71 75 65 49 64 3a 74 7d 7d 7d 66 75 6e 63 74 69 6f 6e 20 77 28 74 29 7b 72 65 74 75 72 6e 7b 57 6f 70 69 53 72 63 3a 74 2e 77 6f 70 69 53 72 63 2c 41 63 63 65 73 73 54 6f 6b 65 6e 3a 74 2e 61 63 63 65 73 73 54 6f 6b 65 6e 2c 41 63 63 65 73 73 54 6f 6b 65 6e 45 78 70 69 72 79 3a 6e 65 77 20 44 61 74 65 28 70 61 72 73 65 49 6e 74 28 74 2e 61 63 63 65 73 73 54 6f 6b 65 6e 45 78 70 69 72 79 2c 31 30 29 29 2c 57 61 63 54 6f 6b 65 6e 3a 74 2e 77 61 63 54 6f 6b 65 6e 7d 7d 66 75 6e 63 74 69 6f 6e 20 67 28 74 29 7b 73 77 69 74 63 68 28 28 30 2c 63 2e 72 41 29 28 74 29 29 7b 63 61 73 65 20 63 2e 5f
                                                                          Data Ascii: fault:"view"===o}:{FileName:n,IsNewFile:!0,...t&&{DocUniqueId:t}}}function w(t){return{WopiSrc:t.wopiSrc,AccessToken:t.accessToken,AccessTokenExpiry:new Date(parseInt(t.accessTokenExpiry,10)),WacToken:t.wacToken}}function g(t){switch((0,c.rA)(t)){case c._
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 74 2e 4f 6e 4c 6f 61 64 54 69 6d 65 73 74 61 6d 70 3d 22 4f 6e 4c 6f 61 64 54 69 6d 65 73 74 61 6d 70 22 2c 74 2e 4f 6e 45 72 72 6f 72 54 69 6d 65 73 74 61 6d 70 3d 22 4f 6e 45 72 72 6f 72 54 69 6d 65 73 74 61 6d 70 22 2c 74 2e 4f 72 69 67 69 6e 61 6c 52 65 64 69 72 65 63 74 53 65 73 73 69 6f 6e 49 64 3d 22 4f 72 69 67 69 6e 61 6c 52 65 64 69 72 65 63 74 53 65 73 73 69 6f 6e 49 64 22 7d 28 69 7c 7c 28 69 3d 7b 7d 29 29 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 74 2e 50 72 69 6e 74 50 44 46 3d 22 50 72 69 6e 74 50 44 46 22 2c 74 2e 4f 74 68 65 72 3d 22 4f 74 68 65 72 22 7d 28 72 7c 7c 28 72 3d 7b 7d 29 29 7d 2c 32 33 36 34 34 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 6e 2e 64 28 65 2c 7b 24 43 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20
                                                                          Data Ascii: t.OnLoadTimestamp="OnLoadTimestamp",t.OnErrorTimestamp="OnErrorTimestamp",t.OriginalRedirectSessionId="OriginalRedirectSessionId"}(i||(i={})),function(t){t.PrintPDF="PrintPDF",t.Other="Other"}(r||(r={}))},23644:function(t,e,n){n.d(e,{$C:function(){return
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 63 6f 6e 73 74 7b 64 6f 63 75 6d 65 6e 74 52 65 62 6f 6f 74 48 61 6e 64 6c 65 72 3a 69 2c 72 65 6e 61 6d 65 48 61 6e 64 6c 65 72 3a 72 2c 73 65 73 73 69 6f 6e 52 65 66 72 65 73 68 49 6e 66 6f 48 61 6e 64 6c 65 72 3a 73 2c 73 68 61 72 65 48 61 6e 64 6c 65 72 3a 61 2c 75 73 65 72 41 63 63 65 73 73 48 61 6e 64 6c 65 72 3a 75 2c 75 73 65 72 41 63 74 69 76 69 74 79 48 61 6e 64 6c 65 72 3a 66 2c 63 72 65 61 74 65 4e 65 77 48 61 6e 64 6c 65 72 3a 68 2c 67 65 74 41 75 74 68 54 6f 6b 65 6e 48 61 6e 64 6c 65 72 3a 70 2c 73 65 6e 64 43 6f 6e 76 65 72 73 61 74 69 6f 6e 49 64 48 61 6e 64 6c 65 72 3a 6d 2c 63 6c 6f 73 65 54 65 61 6d 73 43 6f 6e 76 65 72 73 61 74 69 6f 6e 48 61 6e 64 6c 65 72 3a 77 2c 6e 61 76 69 67 61 74 65 42 61 63 6b 54 6f 48 6f 73 74 48 61 6e 64 6c
                                                                          Data Ascii: const{documentRebootHandler:i,renameHandler:r,sessionRefreshInfoHandler:s,shareHandler:a,userAccessHandler:u,userActivityHandler:f,createNewHandler:h,getAuthTokenHandler:p,sendConversationIdHandler:m,closeTeamsConversationHandler:w,navigateBackToHostHandl
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 52 65 62 6f 6f 74 3d 22 52 45 42 4f 4f 54 22 7d 28 6c 7c 7c 28 6c 3d 7b 7d 29 29 7d 2c 31 33 30 39 31 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 6e 2e 64 28 65 2c 7b 42 4b 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 42 7d 2c 59 33 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 63 76 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 78 7d 2c 67 70 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6a 7d 2c 67 76 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 4c 7d 2c 6a 57 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 55 7d 7d 29 3b 76 61 72 20 6f 3d 6e 28 34 35 31 31 38 29 2c 69 3d 6e 28 39 37 36 34 33 29 2c 72 3d 6e 28 32 32 34 37 35 29 2c 73 3d 6e 28 33 30 32 30 30 29 2c 61 3d 6e 28 37 31 34 37 32 29 2c
                                                                          Data Ascii: Reboot="REBOOT"}(l||(l={}))},13091:function(t,e,n){n.d(e,{BK:function(){return B},Y3:function(){},cv:function(){return x},gp:function(){return j},gv:function(){return L},jW:function(){return U}});var o=n(45118),i=n(97643),r=n(22475),s=n(30200),a=n(71472),
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 69 74 68 28 22 2f 74 65 73 74 22 29 2e 74 6f 53 74 72 69 6e 67 28 29 29 2c 28 30 2c 73 2e 50 71 29 28 29 3f 48 2e 61 64 64 51 6f 73 50 69 6c 6c 61 72 28 22 49 6e 74 65 72 72 75 70 74 69 6f 6e 73 22 29 3a 48 2e 61 64 64 51 6f 73 50 69 6c 6c 61 72 28 22 4f 70 65 6e 22 29 2c 48 3b 76 3f 2e 55 4c 53 2e 73 65 6e 64 54 72 61 63 65 54 61 67 28 35 30 37 33 34 30 30 36 34 2c 6f 2e 6e 2e 52 6f 2c 69 2e 6b 2e 57 61 72 6e 69 6e 67 2c 22 46 61 69 6c 65 64 20 74 6f 20 69 6e 69 74 69 61 6c 69 7a 65 20 68 65 61 6c 74 68 20 6c 6f 67 67 65 72 2e 22 29 7d 28 61 2c 6e 2c 74 2e 64 6f 63 75 6d 65 6e 74 42 6f 6f 74 49 6e 66 6f 2e 66 69 6c 65 54 79 70 65 2c 74 2e 64 6f 63 75 6d 65 6e 74 42 6f 6f 74 49 6e 66 6f 2e 75 69 43 75 6c 74 75 72 65 2c 74 2e 64 6f 63 75 6d 65 6e 74 42 6f
                                                                          Data Ascii: ith("/test").toString()),(0,s.Pq)()?H.addQosPillar("Interruptions"):H.addQosPillar("Open"),H;v?.ULS.sendTraceTag(507340064,o.n.Ro,i.k.Warning,"Failed to initialize health logger.")}(a,n,t.documentBootInfo.fileType,t.documentBootInfo.uiCulture,t.documentBo


                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                          7192.168.2.54973720.140.56.694438140C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          TimestampBytes transferredDirectionData
                                                                          2024-08-27 18:58:00 UTC621OUTGET /wise/owl/onenote-boot.35885234f8e241512812.js HTTP/1.1
                                                                          Host: wise.gcc.cdn.office.net
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                          Origin: https://baycitymi-my.sharepoint.com
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: */*
                                                                          Sec-Fetch-Site: cross-site
                                                                          Sec-Fetch-Mode: cors
                                                                          Sec-Fetch-Dest: script
                                                                          Referer: https://baycitymi-my.sharepoint.com/
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          2024-08-27 18:58:01 UTC1107INHTTP/1.1 200 OK
                                                                          Date: Tue, 27 Aug 2024 18:58:01 GMT
                                                                          Content-Type: application/javascript
                                                                          Content-Length: 143258
                                                                          Connection: close
                                                                          Vary: Accept-Encoding
                                                                          Vary: Accept-Encoding
                                                                          Cache-Control: public, max-age=31536000
                                                                          Last-Modified: Tue, 20 Aug 2024 00:47:13 GMT
                                                                          x-ms-request-id: 1afe10de-901e-009c-1fb3-f8dd87000000
                                                                          x-azure-ref: 20240827T185800Z-16b9bbc45892n8q5e3rpfxkw7w00000005qg000000000fyk
                                                                          x-fd-int-roxy-purgeid: 0
                                                                          X-Cache: TCP_MISS
                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                          Timing-Allow-Origin: *
                                                                          X-CDN-Provider: Azure
                                                                          X-Content-Type-Options: nosniff
                                                                          Access-Control-Allow-Origin: *
                                                                          Access-Control-Expose-Headers: date,X-Cdn-Provider,X-Ms-Request-Id
                                                                          Access-Control-Allow-Headers: *
                                                                          Access-Control-Allow-Methods: GET,HEAD,OPTIONS
                                                                          NEL: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
                                                                          Report-To: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AzureCDNGCC"}],"include_subdomains":true}
                                                                          Accept-Ranges: bytes
                                                                          2024-08-27 18:58:01 UTC15277INData Raw: 76 61 72 20 4d 69 63 72 6f 73 6f 66 74 3d 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 4d 69 63 72 6f 73 6f 66 74 3f 4d 69 63 72 6f 73 6f 66 74 3a 7b 7d 3b 4d 69 63 72 6f 73 6f 66 74 2e 4f 66 66 69 63 65 3d 4d 69 63 72 6f 73 6f 66 74 2e 4f 66 66 69 63 65 7c 7c 7b 7d 2c 4d 69 63 72 6f 73 6f 66 74 2e 4f 66 66 69 63 65 2e 4f 6e 65 4e 6f 74 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 69 28 73 29 7b 69 66 28 65 5b 73 5d 29 72 65 74 75 72 6e 20 65 5b 73 5d 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 6f 3d 65 5b 73 5d 3d 7b 69 3a 73 2c 6c 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 74 5b 73 5d 2e 63 61 6c 6c 28 6f 2e 65 78 70 6f 72 74 73 2c 6f 2c 6f 2e 65 78 70 6f 72 74 73 2c 69 29 2c
                                                                          Data Ascii: var Microsoft="object"==typeof Microsoft?Microsoft:{};Microsoft.Office=Microsoft.Office||{},Microsoft.Office.OneNote=function(t){var e={};function i(s){if(e[s])return e[s].exports;var o=e[s]={i:s,l:!1,exports:{}};return t[s].call(o.exports,o,o.exports,i),
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 42 2c 54 2e 45 72 72 6f 72 2c 60 46 65 74 63 68 20 73 65 74 74 69 6e 67 73 20 65 72 72 6f 72 2e 20 53 74 61 74 75 73 3a 20 24 7b 74 2e 73 74 61 74 75 73 7d 2c 20 63 75 72 45 72 72 6f 72 73 3a 20 24 7b 74 68 69 73 2e 72 69 7d 60 29 2c 74 68 69 73 2e 72 69 2b 3d 31 29 2c 74 68 69 73 2e 72 69 3e 37 29 72 65 74 75 72 6e 3b 6c 65 74 20 65 3d 74 68 69 73 2e 67 65 74 56 61 6c 75 65 28 6b 2e 6c 65 2c 33 65 35 29 3b 74 68 69 73 2e 72 69 3e 33 26 26 28 65 2b 3d 28 74 68 69 73 2e 72 69 2d 33 2b 31 29 2a 28 65 2f 32 29 29 2c 74 68 69 73 2e 65 69 3d 77 69 6e 64 6f 77 2e 73 65 74 54 69 6d 65 6f 75 74 28 74 68 69 73 2e 69 69 2c 65 29 7d 7d 2c 74 68 69 73 2e 64 69 3d 74 3d 3e 7b 22 72 65 71 75 65 73 74 49 64 6c 65 43 61 6c 6c 62 61 63 6b 22 69 6e 20 77 69 6e 64 6f 77 3f
                                                                          Data Ascii: B,T.Error,`Fetch settings error. Status: ${t.status}, curErrors: ${this.ri}`),this.ri+=1),this.ri>7)return;let e=this.getValue(k.le,3e5);this.ri>3&&(e+=(this.ri-3+1)*(e/2)),this.ei=window.setTimeout(this.ii,e)}},this.di=t=>{"requestIdleCallback"in window?
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 57 41 52 44 22 3b 62 72 65 61 6b 3b 63 61 73 65 20 32 35 35 3a 65 3d 22 52 45 53 45 52 56 45 44 22 7d 74 2e 68 6f 73 74 50 61 67 65 4e 61 76 69 67 61 74 69 6f 6e 54 79 70 65 3d 65 7d 7d 21 66 75 6e 63 74 69 6f 6e 28 74 29 7b 74 5b 74 2e 55 6e 6b 6e 6f 77 6e 3d 30 5d 3d 22 55 6e 6b 6e 6f 77 6e 22 2c 74 5b 74 2e 4e 6f 72 6d 61 6c 3d 31 5d 3d 22 4e 6f 72 6d 61 6c 22 2c 74 5b 74 2e 4d 69 6e 6f 72 3d 32 5d 3d 22 4d 69 6e 6f 72 22 2c 74 5b 74 2e 4d 65 64 69 75 6d 3d 33 5d 3d 22 4d 65 64 69 75 6d 22 2c 74 5b 74 2e 4d 61 6a 6f 72 3d 34 5d 3d 22 4d 61 6a 6f 72 22 2c 74 5b 74 2e 43 72 69 74 69 63 61 6c 3d 35 5d 3d 22 43 72 69 74 69 63 61 6c 22 7d 28 64 74 7c 7c 28 64 74 3d 7b 7d 29 29 3b 63 6c 61 73 73 20 75 74 7b 64 69 73 70 6f 73 65 28 29 7b 77 69 6e 64 6f 77 2e
                                                                          Data Ascii: WARD";break;case 255:e="RESERVED"}t.hostPageNavigationType=e}}!function(t){t[t.Unknown=0]="Unknown",t[t.Normal=1]="Normal",t[t.Minor=2]="Minor",t[t.Medium=3]="Medium",t[t.Major=4]="Major",t[t.Critical=5]="Critical"}(dt||(dt={}));class ut{dispose(){window.
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 73 65 6e 67 65 72 3a 69 2c 69 6e 6e 65 72 41 70 70 6c 69 63 61 74 69 6f 6e 46 72 61 6d 65 3a 73 2c 6f 6e 44 69 73 70 6f 73 65 64 3a 6f 2c 6f 6e 46 72 61 6d 65 52 65 6d 6f 76 65 64 3a 6e 2c 75 6e 6c 6f 61 64 54 69 6d 65 6f 75 74 49 6e 4d 73 3a 72 7c 7c 31 65 33 2c 66 6f 72 63 65 41 70 70 55 6e 6c 6f 61 64 3a 21 31 2c 64 69 73 70 6f 73 65 53 74 61 72 74 54 69 6d 65 3a 4f 28 29 2c 61 70 70 55 6e 6c 6f 61 64 54 69 6d 65 64 4f 75 74 3a 21 31 7d 3b 69 66 28 74 26 26 73 29 72 65 74 75 72 6e 20 52 74 3d 21 30 2c 61 2e 66 6f 72 63 65 41 70 70 55 6e 6c 6f 61 64 3d 21 30 2c 28 63 3d 61 29 2e 66 6f 72 63 65 41 70 70 55 6e 6c 6f 61 64 53 74 61 72 74 54 69 6d 65 3d 4f 28 29 2c 63 2e 6c 6f 67 67 65 72 2e 55 4c 53 2e 65 65 28 35 39 35 38 35 35 34 39 30 2c 5f 2e 42 2c 54
                                                                          Data Ascii: senger:i,innerApplicationFrame:s,onDisposed:o,onFrameRemoved:n,unloadTimeoutInMs:r||1e3,forceAppUnload:!1,disposeStartTime:O(),appUnloadTimedOut:!1};if(t&&s)return Rt=!0,a.forceAppUnload=!0,(c=a).forceAppUnloadStartTime=O(),c.logger.ULS.ee(595855490,_.B,T
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 4c 53 2e 65 65 28 35 39 35 37 32 34 31 37 38 2c 5f 2e 42 2c 54 2e 49 6e 66 6f 2c 22 42 6f 6f 74 5f 48 65 61 72 74 42 65 61 74 22 29 2c 52 28 29 3e 74 68 69 73 2e 65 61 26 26 28 74 68 69 73 2e 73 74 6f 70 28 29 2c 58 74 28 74 68 69 73 2e 63 69 29 2c 74 68 69 73 2e 6f 61 26 26 74 68 69 73 2e 6f 61 28 29 29 7d 2c 74 68 69 73 2e 74 61 2e 67 65 74 56 61 6c 75 65 28 6b 2e 70 65 2c 65 29 29 2c 74 68 69 73 2e 6e 61 2e 70 75 73 68 28 77 69 6e 64 6f 77 2e 73 65 74 54 69 6d 65 6f 75 74 28 58 74 2c 74 68 69 73 2e 74 61 2e 67 65 74 56 61 6c 75 65 28 6b 2e 68 65 2c 36 65 34 29 2c 74 68 69 73 2e 63 69 2c 31 29 29 2c 74 68 69 73 2e 6e 61 2e 70 75 73 68 28 77 69 6e 64 6f 77 2e 73 65 74 54 69 6d 65 6f 75 74 28 58 74 2c 74 68 69 73 2e 74 61 2e 67 65 74 56 61 6c 75 65 28 6b
                                                                          Data Ascii: LS.ee(595724178,_.B,T.Info,"Boot_HeartBeat"),R()>this.ea&&(this.stop(),Xt(this.ci),this.oa&&this.oa())},this.ta.getValue(k.pe,e)),this.na.push(window.setTimeout(Xt,this.ta.getValue(k.he,6e4),this.ci,1)),this.na.push(window.setTimeout(Xt,this.ta.getValue(k
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 74 68 69 73 2e 6a 72 3d 74 2e 42 6f 6f 74 28 29 2c 74 68 69 73 2e 75 63 28 74 68 69 73 2e 6a 72 29 7d 2c 74 68 69 73 2e 51 61 3d 74 3d 3e 7b 74 68 69 73 2e 58 61 3f 28 74 68 69 73 2e 63 69 2e 55 4c 53 2e 65 65 28 35 39 35 39 36 38 34 38 31 2c 5f 2e 42 2c 54 2e 57 61 72 6e 69 6e 67 2c 22 46 61 69 6c 20 63 61 6c 6c 65 64 20 61 6e 64 20 77 61 63 66 72 61 6d 65 20 69 73 20 61 62 6c 65 20 74 6f 20 61 63 63 65 70 74 20 70 6f 73 74 6d 65 73 73 61 67 65 73 22 29 2c 74 68 69 73 2e 6d 63 28 74 29 29 3a 28 74 68 69 73 2e 63 69 2e 55 4c 53 2e 65 65 28 35 39 35 39 36 38 34 38 32 2c 5f 2e 42 2c 54 2e 57 61 72 6e 69 6e 67 2c 22 46 61 69 6c 20 77 61 73 20 63 61 6c 6c 65 64 20 6f 6e 20 74 68 65 20 73 65 73 73 69 6f 6e 20 70 72 69 6f 72 20 74 6f 20 57 61 63 52 65 61 64 79
                                                                          Data Ascii: this.jr=t.Boot(),this.uc(this.jr)},this.Qa=t=>{this.Xa?(this.ci.ULS.ee(595968481,_.B,T.Warning,"Fail called and wacframe is able to accept postmessages"),this.mc(t)):(this.ci.ULS.ee(595968482,_.B,T.Warning,"Fail was called on the session prior to WacReady
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 63 6f 6e 73 74 20 73 3d 28 29 3d 3e 7b 69 2b 3d 31 2c 69 3d 3d 3d 74 2e 6c 65 6e 67 74 68 26 26 65 28 29 7d 3b 66 6f 72 28 63 6f 6e 73 74 20 65 20 6f 66 20 74 29 46 65 28 65 2c 73 29 7d 28 65 2c 74 29 7d 28 28 29 3d 3e 7b 72 65 2e 61 64 64 44 75 72 61 74 69 6f 6e 4d 65 74 72 69 63 28 72 65 2e 70 61 2c 72 65 2e 66 61 2c 28 6e 65 77 20 44 61 74 65 29 2e 67 65 74 54 69 6d 65 28 29 29 2c 61 26 26 61 2e 70 61 72 65 6e 74 4e 6f 64 65 26 26 28 63 2e 69 6e 6e 65 72 48 54 4d 4c 3d 72 2c 63 2e 63 68 69 6c 64 72 65 6e 26 26 63 2e 63 68 69 6c 64 72 65 6e 2e 6c 65 6e 67 74 68 3e 30 26 26 22 44 49 56 22 3d 3d 3d 63 2e 63 68 69 6c 64 72 65 6e 5b 30 5d 2e 74 61 67 4e 61 6d 65 26 26 63 2e 63 68 69 6c 64 72 65 6e 5b 30 5d 2e 63 6c 61 73 73 4c 69 73 74 2e 63 6f 6e 74 61 69
                                                                          Data Ascii: const s=()=>{i+=1,i===t.length&&e()};for(const e of t)Fe(e,s)}(e,t)}(()=>{re.addDurationMetric(re.pa,re.fa,(new Date).getTime()),a&&a.parentNode&&(c.innerHTML=r,c.children&&c.children.length>0&&"DIV"===c.children[0].tagName&&c.children[0].classList.contai
                                                                          2024-08-27 18:58:01 UTC16384INData Raw: 49 6e 66 6f 2e 64 69 73 61 62 6c 65 43 68 61 74 2c 43 6f 6f 6b 69 65 43 6f 6d 70 6c 69 61 6e 74 3a 74 2e 73 65 73 73 69 6f 6e 49 6e 66 6f 2e 63 6f 6f 6b 69 65 43 6f 6d 70 6c 69 61 6e 74 2c 53 65 73 73 69 6f 6e 43 6f 6e 74 65 78 74 3a 74 2e 73 65 73 73 69 6f 6e 49 6e 66 6f 2e 73 65 73 73 69 6f 6e 43 6f 6e 74 65 78 74 2c 57 64 50 61 72 61 6d 73 3a 74 2e 73 65 73 73 69 6f 6e 49 6e 66 6f 2e 57 64 50 61 72 61 6d 73 2c 48 69 67 68 43 6f 6e 74 72 61 73 74 4d 6f 64 65 3a 74 2e 73 65 73 73 69 6f 6e 49 6e 66 6f 2e 68 69 67 68 43 6f 6e 74 72 61 73 74 4d 6f 64 65 2c 53 75 70 70 6f 72 74 73 44 6f 63 52 65 62 6f 6f 74 3a 74 2e 73 65 73 73 69 6f 6e 49 6e 66 6f 2e 73 75 70 70 6f 72 74 73 44 6f 63 52 65 62 6f 6f 74 2c 53 75 70 70 6f 72 74 73 41 63 63 65 73 73 69 62 69 6c
                                                                          Data Ascii: Info.disableChat,CookieCompliant:t.sessionInfo.cookieCompliant,SessionContext:t.sessionInfo.sessionContext,WdParams:t.sessionInfo.WdParams,HighContrastMode:t.sessionInfo.highContrastMode,SupportsDocReboot:t.sessionInfo.supportsDocReboot,SupportsAccessibil
                                                                          2024-08-27 18:58:01 UTC13293INData Raw: 3b 69 66 28 69 73 4e 61 4e 28 6f 29 7c 7c 69 73 4e 61 4e 28 6e 29 7c 7c 28 65 2e 61 70 70 55 6e 6c 6f 61 64 4c 61 74 65 6e 63 79 3d 6e 2d 6f 29 2c 69 2e 73 65 72 76 65 72 54 69 6d 69 6e 67 73 29 7b 63 6f 6e 73 74 20 74 3d 69 2e 73 65 72 76 65 72 54 69 6d 69 6e 67 73 3b 66 6f 72 28 63 6f 6e 73 74 20 69 20 69 6e 20 74 29 65 5b 22 73 74 2d 22 2b 69 2e 74 6f 53 74 72 69 6e 67 28 29 5d 3d 74 5b 69 5d 7d 7d 74 2e 6c 6f 67 67 65 72 2e 55 4c 53 2e 65 65 28 35 39 32 35 32 34 38 32 32 2c 5f 2e 42 2c 54 2e 49 6e 66 6f 2c 22 41 70 70 20 64 69 73 70 6f 73 65 64 3a 20 22 2b 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 65 29 29 2c 74 2e 6c 6f 67 67 65 72 2e 55 4c 53 2e 66 6c 75 73 68 4f 6e 43 6c 6f 73 65 28 29 7d 28 69 2c 72 2c 74 29 2c 69 2e 63 6f 6e 74 61 69 6e 65 72
                                                                          Data Ascii: ;if(isNaN(o)||isNaN(n)||(e.appUnloadLatency=n-o),i.serverTimings){const t=i.serverTimings;for(const i in t)e["st-"+i.toString()]=t[i]}}t.logger.ULS.ee(592524822,_.B,T.Info,"App disposed: "+JSON.stringify(e)),t.logger.ULS.flushOnClose()}(i,r,t),i.container


                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                          8192.168.2.55011420.140.56.694438140C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          TimestampBytes transferredDirectionData
                                                                          2024-08-27 18:58:05 UTC650OUTGET /files/odsp-web-prod_2024-08-09.009/wacowlhostwebpack/wacowlhostwebpack.js HTTP/1.1
                                                                          Host: res-1-gcc.cdn.office.net
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                          Origin: https://baycitymi-my.sharepoint.com
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: */*
                                                                          Sec-Fetch-Site: cross-site
                                                                          Sec-Fetch-Mode: cors
                                                                          Sec-Fetch-Dest: script
                                                                          Referer: https://baycitymi-my.sharepoint.com/
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          2024-08-27 18:58:06 UTC1226INHTTP/1.1 200 OK
                                                                          Date: Tue, 27 Aug 2024 18:58:06 GMT
                                                                          Content-Type: application/javascript
                                                                          Content-Length: 140003
                                                                          Connection: close
                                                                          Cache-Control: public, max-age=31536000
                                                                          Content-Encoding: gzip
                                                                          Last-Modified: Wed, 14 Aug 2024 06:35:31 GMT
                                                                          x-ms-request-id: f895801d-a01e-009f-25b3-f8de80000000
                                                                          x-ms-meta-Sourcebuild: odsp-web-prod_2024-08-09.009
                                                                          x-ms-meta-Sourceid: 21F74D6C1FCBAE36D35F0F0E2CF1A5409FF0B1978FA3596FDE16DCECA9C6E62700
                                                                          x-azure-ref: 20240827T185806Z-16b9bbc4589vqdgx1c05ge980g00000007ng0000000013kr
                                                                          x-fd-int-roxy-purgeid: 0
                                                                          X-Cache: TCP_MISS
                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                          Timing-Allow-Origin: *
                                                                          X-CDN-Provider: Azure
                                                                          X-Content-Type-Options: nosniff
                                                                          Access-Control-Allow-Origin: *
                                                                          Access-Control-Expose-Headers: date,X-Cdn-Provider,X-Ms-Request-Id
                                                                          Access-Control-Allow-Headers: *
                                                                          Access-Control-Allow-Methods: GET,HEAD,OPTIONS
                                                                          NEL: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
                                                                          Report-To: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AzureCDNGCC"}],"include_subdomains":true}
                                                                          Accept-Ranges: bytes
                                                                          2024-08-27 18:58:06 UTC15158INData Raw: 1f 8b 08 00 00 00 00 00 00 03 e4 bd fb 77 db 36 b6 30 fa fb f7 57 48 3c 73 75 88 1a 92 25 e7 4d 05 d1 49 ec 64 9a 6f da 26 a7 ce b4 f7 5e 59 a3 05 93 90 8c 29 05 6a 48 c8 8e 2b e9 7f bf 6b e3 41 02 24 25 bb 9d ce 7c 67 ad db 35 13 8b 78 3f 36 36 36 f6 f3 f4 9b 6e e7 43 96 77 52 1e 33 51 b0 0e 17 8b 2c 5f 51 c9 33 d1 59 a7 8c 16 ac 53 30 d6 b9 a3 71 76 97 de 64 85 bc 63 d7 6b 1a ff 32 f8 7b 31 f8 ee e3 f9 fb 1f 2e df 0f e4 57 d9 f9 e6 f4 7f 85 21 22 6f b6 b7 34 ef 30 92 64 f1 66 c5 84 1c c4 9b 3c 67 42 5e c6 39 5f cb 71 c2 16 5c b0 30 c8 92 62 dd 17 ec ab 3c cd b3 4c 16 a7 3f d3 f8 d3 5d fa 6d 56 c8 00 4f 55 ee 20 67 34 96 83 94 5f 07 33 5c 36 2c c7 39 93 9b 5c e8 ae 82 0d 8c 4e e6 3c 96 c1 18 b2 05 99 86 0c 4b 2c 20 57 0c f2 50 22 2c 06 49 28 f1 76 3e a7
                                                                          Data Ascii: w60WH<su%MIdo&^Y)jH+kA$%|g5x?666nCwR3Q,_Q3YS0qvdck2{1.W!"o40df<gB^9_q\0b<L?]mVOU g4_3\6,9\N<K, WP",I(v>
                                                                          2024-08-27 18:58:06 UTC16384INData Raw: 83 6d f5 48 48 70 b0 af be 54 b4 33 9f 1a 0d f6 ca 73 f6 58 b8 ce 89 37 8a c3 e6 7b c6 0e e1 14 67 b8 70 b9 90 ef ff 18 a0 fc 64 fc 1b 98 b3 6a 5c fd f8 e1 e6 19 d0 57 2a 4c 79 89 bf c2 bb 10 c2 02 16 6b 16 f3 05 07 0e c5 f7 9b 54 72 88 78 9e 23 4c 9d 85 8a 82 e0 88 a4 92 3b 92 8c 57 cf e1 78 1c 12 7e 19 8b 2c 15 3d 0a 24 50 8e b7 60 50 03 b9 28 33 3e 26 d6 bf 30 2f 74 2a 30 a6 47 95 f0 cc 71 96 24 25 8d 0f 99 ef 02 13 b0 dc d9 93 93 f6 ae 60 c4 36 76 0e 73 3d bc 5b e3 37 6f c8 53 31 db 23 df 49 b0 9f 4b 38 e6 0f 86 cb aa cd cd ba 1c 71 67 eb e8 11 58 cb 54 a7 23 2c 09 b0 38 6b 01 e0 65 a5 6f 27 2b ad 69 01 6c 24 e0 b2 f1 d9 38 57 f6 14 14 c4 70 10 59 23 b7 83 0b 11 36 d3 85 62 fb 56 35 2b 88 f4 84 cd d6 2f 99 54 a2 a2 ef 59 51 d0 a5 d6 ad ba c6 95 18 41
                                                                          Data Ascii: mHHpT3sX7{gpdj\W*LykTrx#L;Wx~,=$P`P(3>&0/t*0Gq$%`6vs=[7oS1#IK8qgXT#,8keo'+il$8WpY#6bV5+/TYQA
                                                                          2024-08-27 18:58:06 UTC16384INData Raw: 7b 63 fb ce e8 83 ff 41 9d 17 be d3 4e d1 1b 38 6e 95 7d e5 fa fa dc 19 55 af 62 b6 15 cc 32 f0 34 0a e0 07 44 9f a1 4b a2 91 ef a0 04 e3 f0 2c f6 8b 02 27 60 4d e9 b8 a6 8c a6 19 fe 56 9f 4b b5 36 95 5c 51 25 8e e7 a3 88 78 7b 2a 7d 7f c7 7b a1 2a c6 55 33 11 91 41 b9 70 f6 fe 82 28 9d bd a8 a2 05 55 2e 72 f0 9a f2 1a 57 f6 65 a1 7f 26 a5 c4 e9 c3 3b 1f d4 15 64 51 1c e1 71 4a 4e 0e 1b 68 31 19 10 73 c5 b3 99 3d 57 54 67 cd 1e d7 9d b5 6d bf 5d 2d 98 f0 68 b9 19 32 a8 e0 aa 33 d7 52 d1 43 1f c7 a4 26 4b f6 10 97 7b df c0 6b 75 a5 4f 8f df 5d 79 00 9c cb 51 e5 fb d9 8c 10 b3 cd e2 a2 dc d9 b9 a3 e2 ca 30 b2 e4 f1 69 e9 f9 c0 9a 58 b9 4f 4b cc 1b 17 8d 8d 28 37 72 c0 80 4b b1 eb eb f3 c6 44 e2 46 89 bf b1 58 20 eb 14 04 dd ff d9 db ba 61 57 21 5e 8b ca 5b
                                                                          Data Ascii: {cAN8n}Ub24DK,'`MVK6\Q%x{*}{*U3Ap(U.rWe&;dQqJNh1s=WTgm]-h23RC&K{kuO]yQ0iXOK(7rKDFX aW!^[
                                                                          2024-08-27 18:58:06 UTC16384INData Raw: 33 dd 35 36 0b f3 0f ae aa 5a 77 cd 57 6b 40 31 9e de dc f4 f7 0b 50 5f 60 b6 43 2b 08 50 7c a7 a3 94 5d 77 72 63 75 67 68 83 4e 39 45 2d 00 fa 6a ad 6c b0 27 0a 12 c7 75 f0 41 0e 97 99 a7 0a 9a 2a cc d6 59 3f b8 b9 39 6b 03 42 05 be 2f db d3 9a 1c 89 f3 07 3f 74 60 0d b1 d3 e5 fb ba 28 32 da 58 11 1e 2e d0 d6 29 e5 be 01 5f 9f 52 b6 86 38 ac 31 f5 8d f3 84 6e f8 92 5b c6 ec 3b d6 92 12 c5 7c 35 09 b6 d7 80 e3 7b d6 80 df 76 96 77 4c be e0 e1 93 2f 80 d1 3f e9 54 c0 66 e4 3c 39 25 55 5e f4 7a 07 00 ee 6c 7e 0f f2 ec 49 92 31 03 2a d9 be b6 a7 d7 eb 4f 46 1d ef 6b a5 8f 82 0e 4a de 6c af 46 67 e8 35 88 5a 8f 47 ea 61 dc eb c5 6d 8a df 6a 00 7b cc ab 51 cc 6d 36 bf 1e c5 83 0d e4 13 3d 1e 61 4d 41 07 93 9b 9b 57 07 a3 d1 69 af 07 7f ce 6e 6e fa af 46 e7 7c
                                                                          Data Ascii: 356ZwWk@1P_`C+P|]wrcughN9E-jl'uA*Y?9kB/?t`(2X.)_R81n[;|5{vwL/?Tf<9%U^zl~I1*OFkJlFg5ZGamj{Qm6=aMAWinnF|
                                                                          2024-08-27 18:58:06 UTC16384INData Raw: 6e 91 d9 a6 2b 8f f6 de f4 2b 65 28 3f e3 9e 53 ff 9c 15 07 2f eb 5b e3 a3 35 55 2a 70 38 b0 86 c3 dc 1d 62 f9 ee 1c be 66 c6 a4 b9 b0 03 60 9d 29 29 3e 48 80 6e 94 11 fb 32 a5 65 58 24 4b 6e 61 1f 02 44 10 60 b1 09 f0 a2 48 16 e0 9e 42 fe 4c 77 3d 0f 88 44 ec 35 53 7d d0 c2 4f ab a1 fc 99 ea e9 21 70 b6 db 5f e0 b5 69 b8 70 56 d9 bc 86 97 aa 19 ba 75 d8 57 b4 a8 12 9e 3a 28 0c a7 a6 78 bf f1 8a c1 3f 44 f5 07 28 3e cf d3 20 44 8d 8d d6 6b 96 25 90 c2 e2 b8 f5 76 28 7f 66 87 81 1b db e0 d1 85 79 dc d8 2a b9 ae 6a b1 46 77 bf c1 07 4b 37 e1 38 d7 fe 00 af 3d dd d5 9d e6 f5 37 2b 52 d1 22 23 c5 95 28 94 6e 30 46 fd de 67 f8 16 18 c4 f0 9a 6f 75 d5 79 44 d3 35 6d 00 f0 ed 7c 1c ca 9f 39 9e e3 00 71 67 d7 5f 08 8f e7 39 9e ed 19 fb 5f 87 f2 67 44 f3 62 b0 51
                                                                          Data Ascii: n++e(?S/[5U*p8bf`))>Hn2eX$KnaD`HBLw=D5S}O!p_ipVuW:(x?D(> Dk%v(fy*jFwK78=7+R"#(n0FgouyD5m|9qg_9_gDbQ
                                                                          2024-08-27 18:58:06 UTC16384INData Raw: 98 3b b8 7a 0d 93 e3 83 b7 74 14 3e 4f 86 9a bf a1 26 e3 ea 75 2d 18 51 22 c8 ab 2a 3c 58 78 cd 13 51 b8 7a 27 0c 61 c5 dc da 61 cd dd d0 5f 7e 08 e2 39 f0 45 cf b5 00 20 81 01 ae be 10 1c 71 73 5b 93 c8 14 95 31 82 6b a7 81 35 f5 d1 53 f8 1a b0 1c dc 44 f5 d9 35 b0 09 b8 94 80 0a 25 a4 6b 4f 14 c6 a7 f2 53 75 91 35 95 9f 89 bb a3 30 b6 bc 7b 62 27 24 98 a2 9a e7 d1 9a bf 39 15 82 bf 50 5e 75 e0 d0 2c 67 e0 da 27 ba fe ca ad 02 af 57 85 85 a9 8a cf 94 7b 30 0a fc 52 1d 30 26 6b e6 0f d3 0d bf 43 4e 3f d2 80 f9 d3 32 54 80 9c 5c 3c c1 6e cc 4f 57 c1 25 d3 31 7f 46 56 80 b3 77 57 8e 3c 81 e6 67 74 68 37 27 16 63 fe 2c fa f3 73 5f 38 dc c0 39 99 3f 27 61 d0 12 00 e7 75 80 76 f8 e7 2f c8 0a 91 2d 34 98 bf a8 0e b9 d8 7a 00 9c 45 66 dc 23 c7 15 df 75 4a e2 f4
                                                                          Data Ascii: ;zt>O&u-Q"*<XxQz'aa_~9E qs[1k5SD5%kOSu50{b'$9P^u,g'W{0R0&kCN?2T\<nOW%1FVwW<gth7'c,s_89?'auv/-4zEf#uJ
                                                                          2024-08-27 18:58:06 UTC16384INData Raw: 71 cc 53 ca 13 a3 66 f3 b7 4b f3 23 28 9f 4d 2e 5e 2f cf 92 9a cf df af 4d 16 2f 53 4d 9f 1d 48 77 2c 00 f3 b8 c9 b9 69 30 c2 fc c3 f6 b0 bb 06 79 40 8a 6a 68 90 4b 4c b1 6c c5 b8 f7 34 6f b4 e0 84 4d fa 00 1b 8a db 28 01 52 25 ee af dc 28 0c 54 0f 49 95 e6 be 0f ee 2f 78 5a 4a a0 29 b0 5e 90 c9 b3 4f 79 c7 bb 2a 25 09 8b 36 b2 88 92 4d 80 ef 82 90 9e ff 26 67 f1 a7 30 4d 62 e0 e9 40 b2 5f 3c 91 73 2f bd c7 10 dd 0e ed ac c4 6f 4c c5 ad ce 12 d1 8a fb 65 a6 6a d8 02 47 7e 33 d8 b8 96 b2 c4 a1 55 cf b0 1d 8b bc cc 7e dd f8 11 dd 64 e5 1a 78 a2 fa ae 48 82 b7 5e 7b e9 47 0a 9d bf c7 1f e4 b5 17 87 2b 50 ad 40 0a fb 49 2e b8 af 09 73 de 7d c9 cc 94 ca 49 44 b8 fd c0 cd c1 7c 23 c1 63 ea 72 b3 94 98 3b f8 5e 56 4b 24 e0 34 84 79 1b fc 41 b8 fc d5 a1 9d 4f ec
                                                                          Data Ascii: qSfK#(M.^/M/SMHw,i0y@jhKLl4oM(R%(TI/xZJ)^Oy*%6M&g0Mb@_<s/oLejG~3U~dxH^{G+P@I.s}ID|#cr;^VK$4yAO
                                                                          2024-08-27 18:58:06 UTC16384INData Raw: 4e e5 23 d7 4d 3b 6c 27 ed 76 30 74 98 20 77 d4 6e 07 66 1e 98 26 36 d4 6e a7 2d 93 24 a2 9e 62 d7 e5 b5 db 1e 16 e2 5b cd 10 e6 ab a2 6e f5 d2 44 43 b1 a2 89 6b e2 03 a5 51 ec 1d 76 99 fa ed b6 8e 37 a2 34 91 8b 67 7a c6 b6 92 69 12 1f cf 13 9f ea be 3c 74 52 83 d8 80 24 2f 0a c9 57 09 53 a4 b6 ca cd 16 0d 42 c0 63 7c 65 b7 6b 2c 69 90 b4 ba 40 c1 90 5d 7c 1a 77 55 29 2d d5 c7 32 75 a5 ee 7a cd a4 18 44 47 d6 02 a8 9b 72 75 37 a5 b2 45 fe 68 c5 d2 a7 b6 b4 60 f8 28 86 a6 49 ec 5a e8 98 06 42 d1 53 4c fc 31 5b 2f 1d cb ac 48 e5 e6 63 b7 fe 21 2f 36 fe 6a 8d 3c 78 3c 17 2d ce d0 78 ad 22 4f a6 46 7e 45 af 21 de 9b a4 e2 18 0d 02 82 34 5a b6 76 04 11 da b5 20 10 04 39 ed 5a 28 bc 28 91 ed 92 08 f7 18 55 83 f6 7a bb dd 91 d4 77 52 c0 52 90 d2 e5 18 2e 5a 6a
                                                                          Data Ascii: N#M;l'v0t wnf&6n-$b[nDCkQv74gzi<tR$/WSBc|ek,i@]|wU)-2uzDGru7Eh`(IZBSL1[/Hc!/6j<x<-x"OF~E!4Zv 9Z((UzwRR.Zj
                                                                          2024-08-27 18:58:06 UTC10157INData Raw: cc 1f cd 6e fb 77 a2 1f 3a 4e d6 11 c4 3c 42 12 32 07 97 4e 01 d2 8f 39 ac ca 4b 33 0d e7 a1 35 45 0f 88 e2 ca e5 b4 4f 42 fa 5a f6 c3 fc 87 50 31 ed 72 85 b2 1d d1 f0 36 bf 3b ac b5 4b f8 81 8a b0 40 ad 04 96 ae 49 cb 32 35 0f cb 12 57 fc f6 0e 3c 68 90 94 b2 c3 e4 87 d4 f4 a2 21 bd 5a a6 b7 c9 dd 61 21 ea c9 dd 2c 78 bc 46 3e 98 c0 67 12 80 de cf 62 a2 ae 91 e0 bb 04 4e bc 5f 77 7e e5 08 92 1c bc 27 fa 81 f8 7d b3 c4 b6 f9 9c 00 1b 48 53 6a b9 ff 5c 92 21 d9 8b 07 f8 4b a9 6e ba 28 2e 13 60 bb fc 02 fc 97 cb 44 1f 35 dd ee d6 1f 61 f1 be f4 71 2b cf a6 db dd 2a d8 51 e8 56 9b 0b 79 e9 b7 17 e6 bf fe 09 78 d7 fc be ca 1c 87 d4 26 20 74 d6 75 b3 f9 19 0b bf 94 c7 41 5e b3 d1 37 cd 8a bf ef 34 2d 36 9c a6 85 79 9a 9e d6 5a f1 3d 87 69 f2 66 b2 a3 70 a3 a3
                                                                          Data Ascii: nw:N<B2N9K35EOBZP1r6;K@I25W<h!Za!,xF>gbN_w~'}HSj\!Kn(.`D5aq+*QVyx& tuA^74-6yZ=ifp


                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                          9192.168.2.55013320.140.56.694438140C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          TimestampBytes transferredDirectionData
                                                                          2024-08-27 18:58:09 UTC421OUTGET /files/odsp-web-prod_2024-08-09.009/wacowlhostwebpack/wacowlhostwebpack.js HTTP/1.1
                                                                          Host: res-1-gcc.cdn.office.net
                                                                          Connection: keep-alive
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                          Accept: */*
                                                                          Sec-Fetch-Site: none
                                                                          Sec-Fetch-Mode: cors
                                                                          Sec-Fetch-Dest: empty
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          2024-08-27 18:58:09 UTC1246INHTTP/1.1 200 OK
                                                                          Date: Tue, 27 Aug 2024 18:58:09 GMT
                                                                          Content-Type: application/javascript
                                                                          Content-Length: 140003
                                                                          Connection: close
                                                                          Cache-Control: public, max-age=31536000
                                                                          Content-Encoding: gzip
                                                                          Last-Modified: Wed, 14 Aug 2024 06:35:31 GMT
                                                                          x-ms-request-id: f895801d-a01e-009f-25b3-f8de80000000
                                                                          x-ms-meta-Sourcebuild: odsp-web-prod_2024-08-09.009
                                                                          x-ms-meta-Sourceid: 21F74D6C1FCBAE36D35F0F0E2CF1A5409FF0B1978FA3596FDE16DCECA9C6E62700
                                                                          x-azure-ref: 20240827T185809Z-16b9bbc45892n8q5e3rpfxkw7w00000005fg00000000544n
                                                                          x-fd-int-roxy-purgeid: 0
                                                                          X-Cache-Info: L1_T2
                                                                          X-Cache: TCP_HIT
                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                          Timing-Allow-Origin: *
                                                                          X-CDN-Provider: Azure
                                                                          X-Content-Type-Options: nosniff
                                                                          Access-Control-Allow-Origin: *
                                                                          Access-Control-Expose-Headers: date,X-Cdn-Provider,X-Ms-Request-Id
                                                                          Access-Control-Allow-Headers: *
                                                                          Access-Control-Allow-Methods: GET,HEAD,OPTIONS
                                                                          NEL: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
                                                                          Report-To: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AzureCDNGCC"}],"include_subdomains":true}
                                                                          Accept-Ranges: bytes
                                                                          2024-08-27 18:58:09 UTC15138INData Raw: 1f 8b 08 00 00 00 00 00 00 03 e4 bd fb 77 db 36 b6 30 fa fb f7 57 48 3c 73 75 88 1a 92 25 e7 4d 05 d1 49 ec 64 9a 6f da 26 a7 ce b4 f7 5e 59 a3 05 93 90 8c 29 05 6a 48 c8 8e 2b e9 7f bf 6b e3 41 02 24 25 bb 9d ce 7c 67 ad db 35 13 8b 78 3f 36 36 36 f6 f3 f4 9b 6e e7 43 96 77 52 1e 33 51 b0 0e 17 8b 2c 5f 51 c9 33 d1 59 a7 8c 16 ac 53 30 d6 b9 a3 71 76 97 de 64 85 bc 63 d7 6b 1a ff 32 f8 7b 31 f8 ee e3 f9 fb 1f 2e df 0f e4 57 d9 f9 e6 f4 7f 85 21 22 6f b6 b7 34 ef 30 92 64 f1 66 c5 84 1c c4 9b 3c 67 42 5e c6 39 5f cb 71 c2 16 5c b0 30 c8 92 62 dd 17 ec ab 3c cd b3 4c 16 a7 3f d3 f8 d3 5d fa 6d 56 c8 00 4f 55 ee 20 67 34 96 83 94 5f 07 33 5c 36 2c c7 39 93 9b 5c e8 ae 82 0d 8c 4e e6 3c 96 c1 18 b2 05 99 86 0c 4b 2c 20 57 0c f2 50 22 2c 06 49 28 f1 76 3e a7
                                                                          Data Ascii: w60WH<su%MIdo&^Y)jH+kA$%|g5x?666nCwR3Q,_Q3YS0qvdck2{1.W!"o40df<gB^9_q\0b<L?]mVOU g4_3\6,9\N<K, WP",I(v>
                                                                          2024-08-27 18:58:09 UTC16384INData Raw: 5e ef 74 89 bf 86 c1 c0 a1 a5 aa f5 2d fd 8c 6d 9c 37 70 8a 83 6d f5 48 48 70 b0 af be 54 b4 33 9f 1a 0d f6 ca 73 f6 58 b8 ce 89 37 8a c3 e6 7b c6 0e e1 14 67 b8 70 b9 90 ef ff 18 a0 fc 64 fc 1b 98 b3 6a 5c fd f8 e1 e6 19 d0 57 2a 4c 79 89 bf c2 bb 10 c2 02 16 6b 16 f3 05 07 0e c5 f7 9b 54 72 88 78 9e 23 4c 9d 85 8a 82 e0 88 a4 92 3b 92 8c 57 cf e1 78 1c 12 7e 19 8b 2c 15 3d 0a 24 50 8e b7 60 50 03 b9 28 33 3e 26 d6 bf 30 2f 74 2a 30 a6 47 95 f0 cc 71 96 24 25 8d 0f 99 ef 02 13 b0 dc d9 93 93 f6 ae 60 c4 36 76 0e 73 3d bc 5b e3 37 6f c8 53 31 db 23 df 49 b0 9f 4b 38 e6 0f 86 cb aa cd cd ba 1c 71 67 eb e8 11 58 cb 54 a7 23 2c 09 b0 38 6b 01 e0 65 a5 6f 27 2b ad 69 01 6c 24 e0 b2 f1 d9 38 57 f6 14 14 c4 70 10 59 23 b7 83 0b 11 36 d3 85 62 fb 56 35 2b 88 f4
                                                                          Data Ascii: ^t-m7pmHHpT3sX7{gpdj\W*LykTrx#L;Wx~,=$P`P(3>&0/t*0Gq$%`6vs=[7oS1#IK8qgXT#,8keo'+il$8WpY#6bV5+
                                                                          2024-08-27 18:58:09 UTC16384INData Raw: bd a4 53 14 11 90 65 76 e2 34 79 b8 f6 f3 af 39 ec 1f 43 df 7b 63 fb ce e8 83 ff 41 9d 17 be d3 4e d1 1b 38 6e 95 7d e5 fa fa dc 19 55 af 62 b6 15 cc 32 f0 34 0a e0 07 44 9f a1 4b a2 91 ef a0 04 e3 f0 2c f6 8b 02 27 60 4d e9 b8 a6 8c a6 19 fe 56 9f 4b b5 36 95 5c 51 25 8e e7 a3 88 78 7b 2a 7d 7f c7 7b a1 2a c6 55 33 11 91 41 b9 70 f6 fe 82 28 9d bd a8 a2 05 55 2e 72 f0 9a f2 1a 57 f6 65 a1 7f 26 a5 c4 e9 c3 3b 1f d4 15 64 51 1c e1 71 4a 4e 0e 1b 68 31 19 10 73 c5 b3 99 3d 57 54 67 cd 1e d7 9d b5 6d bf 5d 2d 98 f0 68 b9 19 32 a8 e0 aa 33 d7 52 d1 43 1f c7 a4 26 4b f6 10 97 7b df c0 6b 75 a5 4f 8f df 5d 79 00 9c cb 51 e5 fb d9 8c 10 b3 cd e2 a2 dc d9 b9 a3 e2 ca 30 b2 e4 f1 69 e9 f9 c0 9a 58 b9 4f 4b cc 1b 17 8d 8d 28 37 72 c0 80 4b b1 eb eb f3 c6 44 e2 46
                                                                          Data Ascii: Sev4y9C{cAN8n}Ub24DK,'`MVK6\Q%x{*}{*U3Ap(U.rWe&;dQqJNh1s=WTgm]-h23RC&K{kuO]yQ0iXOK(7rKDF
                                                                          2024-08-27 18:58:09 UTC16384INData Raw: df 1f ca c7 5c a7 08 cd 24 0b 65 7e 5f 45 21 1d 50 a5 bf 97 33 dd 35 36 0b f3 0f ae aa 5a 77 cd 57 6b 40 31 9e de dc f4 f7 0b 50 5f 60 b6 43 2b 08 50 7c a7 a3 94 5d 77 72 63 75 67 68 83 4e 39 45 2d 00 fa 6a ad 6c b0 27 0a 12 c7 75 f0 41 0e 97 99 a7 0a 9a 2a cc d6 59 3f b8 b9 39 6b 03 42 05 be 2f db d3 9a 1c 89 f3 07 3f 74 60 0d b1 d3 e5 fb ba 28 32 da 58 11 1e 2e d0 d6 29 e5 be 01 5f 9f 52 b6 86 38 ac 31 f5 8d f3 84 6e f8 92 5b c6 ec 3b d6 92 12 c5 7c 35 09 b6 d7 80 e3 7b d6 80 df 76 96 77 4c be e0 e1 93 2f 80 d1 3f e9 54 c0 66 e4 3c 39 25 55 5e f4 7a 07 00 ee 6c 7e 0f f2 ec 49 92 31 03 2a d9 be b6 a7 d7 eb 4f 46 1d ef 6b a5 8f 82 0e 4a de 6c af 46 67 e8 35 88 5a 8f 47 ea 61 dc eb c5 6d 8a df 6a 00 7b cc ab 51 cc 6d 36 bf 1e c5 83 0d e4 13 3d 1e 61 4d 41
                                                                          Data Ascii: \$e~_E!P356ZwWk@1P_`C+P|]wrcughN9E-jl'uA*Y?9kB/?t`(2X.)_R81n[;|5{vwL/?Tf<9%U^zl~I1*OFkJlFg5ZGamj{Qm6=aMA
                                                                          2024-08-27 18:58:09 UTC16384INData Raw: 7f e0 b7 85 82 6f 9f de c6 ad 64 ee 6d e3 e1 3f 54 2d 98 6f 6e 91 d9 a6 2b 8f f6 de f4 2b 65 28 3f e3 9e 53 ff 9c 15 07 2f eb 5b e3 a3 35 55 2a 70 38 b0 86 c3 dc 1d 62 f9 ee 1c be 66 c6 a4 b9 b0 03 60 9d 29 29 3e 48 80 6e 94 11 fb 32 a5 65 58 24 4b 6e 61 1f 02 44 10 60 b1 09 f0 a2 48 16 e0 9e 42 fe 4c 77 3d 0f 88 44 ec 35 53 7d d0 c2 4f ab a1 fc 99 ea e9 21 70 b6 db 5f e0 b5 69 b8 70 56 d9 bc 86 97 aa 19 ba 75 d8 57 b4 a8 12 9e 3a 28 0c a7 a6 78 bf f1 8a c1 3f 44 f5 07 28 3e cf d3 20 44 8d 8d d6 6b 96 25 90 c2 e2 b8 f5 76 28 7f 66 87 81 1b db e0 d1 85 79 dc d8 2a b9 ae 6a b1 46 77 bf c1 07 4b 37 e1 38 d7 fe 00 af 3d dd d5 9d e6 f5 37 2b 52 d1 22 23 c5 95 28 94 6e 30 46 fd de 67 f8 16 18 c4 f0 9a 6f 75 d5 79 44 d3 35 6d 00 f0 ed 7c 1c ca 9f 39 9e e3 00 71
                                                                          Data Ascii: odm?T-on++e(?S/[5U*p8bf`))>Hn2eX$KnaD`HBLw=D5S}O!p_ipVuW:(x?D(> Dk%v(fy*jFwK78=7+R"#(n0FgouyD5m|9q
                                                                          2024-08-27 18:58:09 UTC16384INData Raw: 44 b8 9f 5c bd a2 92 70 e3 55 c8 c1 d5 ab 3a 80 12 73 7b 98 98 3b b8 7a 0d 93 e3 83 b7 74 14 3e 4f 86 9a bf a1 26 e3 ea 75 2d 18 51 22 c8 ab 2a 3c 58 78 cd 13 51 b8 7a 27 0c 61 c5 dc da 61 cd dd d0 5f 7e 08 e2 39 f0 45 cf b5 00 20 81 01 ae be 10 1c 71 73 5b 93 c8 14 95 31 82 6b a7 81 35 f5 d1 53 f8 1a b0 1c dc 44 f5 d9 35 b0 09 b8 94 80 0a 25 a4 6b 4f 14 c6 a7 f2 53 75 91 35 95 9f 89 bb a3 30 b6 bc 7b 62 27 24 98 a2 9a e7 d1 9a bf 39 15 82 bf 50 5e 75 e0 d0 2c 67 e0 da 27 ba fe ca ad 02 af 57 85 85 a9 8a cf 94 7b 30 0a fc 52 1d 30 26 6b e6 0f d3 0d bf 43 4e 3f d2 80 f9 d3 32 54 80 9c 5c 3c c1 6e cc 4f 57 c1 25 d3 31 7f 46 56 80 b3 77 57 8e 3c 81 e6 67 74 68 37 27 16 63 fe 2c fa f3 73 5f 38 dc c0 39 99 3f 27 61 d0 12 00 e7 75 80 76 f8 e7 2f c8 0a 91 2d 34
                                                                          Data Ascii: D\pU:s{;zt>O&u-Q"*<XxQz'aa_~9E qs[1k5SD5%kOSu50{b'$9P^u,g'W{0R0&kCN?2T\<nOW%1FVwW<gth7'c,s_89?'auv/-4
                                                                          2024-08-27 18:58:09 UTC16384INData Raw: 80 43 c9 72 9a c7 bd a1 38 66 1c 98 84 c3 b5 ab 53 c2 4b 85 71 cc 53 ca 13 a3 66 f3 b7 4b f3 23 28 9f 4d 2e 5e 2f cf 92 9a cf df af 4d 16 2f 53 4d 9f 1d 48 77 2c 00 f3 b8 c9 b9 69 30 c2 fc c3 f6 b0 bb 06 79 40 8a 6a 68 90 4b 4c b1 6c c5 b8 f7 34 6f b4 e0 84 4d fa 00 1b 8a db 28 01 52 25 ee af dc 28 0c 54 0f 49 95 e6 be 0f ee 2f 78 5a 4a a0 29 b0 5e 90 c9 b3 4f 79 c7 bb 2a 25 09 8b 36 b2 88 92 4d 80 ef 82 90 9e ff 26 67 f1 a7 30 4d 62 e0 e9 40 b2 5f 3c 91 73 2f bd c7 10 dd 0e ed ac c4 6f 4c c5 ad ce 12 d1 8a fb 65 a6 6a d8 02 47 7e 33 d8 b8 96 b2 c4 a1 55 cf b0 1d 8b bc cc 7e dd f8 11 dd 64 e5 1a 78 a2 fa ae 48 82 b7 5e 7b e9 47 0a 9d bf c7 1f e4 b5 17 87 2b 50 ad 40 0a fb 49 2e b8 af 09 73 de 7d c9 cc 94 ca 49 44 b8 fd c0 cd c1 7c 23 c1 63 ea 72 b3 94 98
                                                                          Data Ascii: Cr8fSKqSfK#(M.^/M/SMHw,i0y@jhKLl4oM(R%(TI/xZJ)^Oy*%6M&g0Mb@_<s/oLejG~3U~dxH^{G+P@I.s}ID|#cr
                                                                          2024-08-27 18:58:09 UTC16384INData Raw: 35 0d 7f 68 a8 8c f7 31 14 17 07 07 ca 2a 15 ba 0a b9 e6 03 4e e5 23 d7 4d 3b 6c 27 ed 76 30 74 98 20 77 d4 6e 07 66 1e 98 26 36 d4 6e a7 2d 93 24 a2 9e 62 d7 e5 b5 db 1e 16 e2 5b cd 10 e6 ab a2 6e f5 d2 44 43 b1 a2 89 6b e2 03 a5 51 ec 1d 76 99 fa ed b6 8e 37 a2 34 91 8b 67 7a c6 b6 92 69 12 1f cf 13 9f ea be 3c 74 52 83 d8 80 24 2f 0a c9 57 09 53 a4 b6 ca cd 16 0d 42 c0 63 7c 65 b7 6b 2c 69 90 b4 ba 40 c1 90 5d 7c 1a 77 55 29 2d d5 c7 32 75 a5 ee 7a cd a4 18 44 47 d6 02 a8 9b 72 75 37 a5 b2 45 fe 68 c5 d2 a7 b6 b4 60 f8 28 86 a6 49 ec 5a e8 98 06 42 d1 53 4c fc 31 5b 2f 1d cb ac 48 e5 e6 63 b7 fe 21 2f 36 fe 6a 8d 3c 78 3c 17 2d ce d0 78 ad 22 4f a6 46 7e 45 af 21 de 9b a4 e2 18 0d 02 82 34 5a b6 76 04 11 da b5 20 10 04 39 ed 5a 28 bc 28 91 ed 92 08 f7
                                                                          Data Ascii: 5h1*N#M;l'v0t wnf&6n-$b[nDCkQv74gzi<tR$/WSBc|ek,i@]|wU)-2uzDGru7Eh`(IZBSL1[/Hc!/6j<x<-x"OF~E!4Zv 9Z((
                                                                          2024-08-27 18:58:09 UTC10177INData Raw: a3 76 21 45 43 58 1e 91 4c 32 67 7e ec 03 04 aa f8 1a 77 13 cc 1f cd 6e fb 77 a2 1f 3a 4e d6 11 c4 3c 42 12 32 07 97 4e 01 d2 8f 39 ac ca 4b 33 0d e7 a1 35 45 0f 88 e2 ca e5 b4 4f 42 fa 5a f6 c3 fc 87 50 31 ed 72 85 b2 1d d1 f0 36 bf 3b ac b5 4b f8 81 8a b0 40 ad 04 96 ae 49 cb 32 35 0f cb 12 57 fc f6 0e 3c 68 90 94 b2 c3 e4 87 d4 f4 a2 21 bd 5a a6 b7 c9 dd 61 21 ea c9 dd 2c 78 bc 46 3e 98 c0 67 12 80 de cf 62 a2 ae 91 e0 bb 04 4e bc 5f 77 7e e5 08 92 1c bc 27 fa 81 f8 7d b3 c4 b6 f9 9c 00 1b 48 53 6a b9 ff 5c 92 21 d9 8b 07 f8 4b a9 6e ba 28 2e 13 60 bb fc 02 fc 97 cb 44 1f 35 dd ee d6 1f 61 f1 be f4 71 2b cf a6 db dd 2a d8 51 e8 56 9b 0b 79 e9 b7 17 e6 bf fe 09 78 d7 fc be ca 1c 87 d4 26 20 74 d6 75 b3 f9 19 0b bf 94 c7 41 5e b3 d1 37 cd 8a bf ef 34 2d
                                                                          Data Ascii: v!ECXL2g~wnw:N<B2N9K35EOBZP1r6;K@I25W<h!Za!,xF>gbN_w~'}HSj\!Kn(.`D5aq+*QVyx& tuA^74-


                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                          10192.168.2.55014613.85.23.86443
                                                                          TimestampBytes transferredDirectionData
                                                                          2024-08-27 18:58:21 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=8dzolmfARCn+Aww&MD=6lVLXk7B HTTP/1.1
                                                                          Connection: Keep-Alive
                                                                          Accept: */*
                                                                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                          Host: slscr.update.microsoft.com
                                                                          2024-08-27 18:58:21 UTC560INHTTP/1.1 200 OK
                                                                          Cache-Control: no-cache
                                                                          Pragma: no-cache
                                                                          Content-Type: application/octet-stream
                                                                          Expires: -1
                                                                          Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                          ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                                                          MS-CorrelationId: cc4d86e4-e97d-478e-b9ef-d151fdd3365d
                                                                          MS-RequestId: b2dd58cc-ad4c-4547-97b0-b3b253170648
                                                                          MS-CV: Zn2MNoN9EkeYJU69.0
                                                                          X-Microsoft-SLSClientCache: 1440
                                                                          Content-Disposition: attachment; filename=environment.cab
                                                                          X-Content-Type-Options: nosniff
                                                                          Date: Tue, 27 Aug 2024 18:58:21 GMT
                                                                          Connection: close
                                                                          Content-Length: 30005
                                                                          2024-08-27 18:58:21 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                                                          Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                                                          2024-08-27 18:58:21 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                                                          Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                          11192.168.2.55017520.141.12.344438140C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          TimestampBytes transferredDirectionData
                                                                          2024-08-27 19:00:33 UTC635OUTGET /files/odsp-web-prod_2024-08-09.009/wacowlhostwebpack/13.js HTTP/1.1
                                                                          Host: res-1-gcc.cdn.office.net
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                          Origin: https://baycitymi-my.sharepoint.com
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: */*
                                                                          Sec-Fetch-Site: cross-site
                                                                          Sec-Fetch-Mode: cors
                                                                          Sec-Fetch-Dest: script
                                                                          Referer: https://baycitymi-my.sharepoint.com/
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          2024-08-27 19:00:34 UTC1225INHTTP/1.1 200 OK
                                                                          Date: Tue, 27 Aug 2024 19:00:34 GMT
                                                                          Content-Type: application/javascript
                                                                          Content-Length: 75709
                                                                          Connection: close
                                                                          Cache-Control: public, max-age=31536000
                                                                          Content-Encoding: gzip
                                                                          Last-Modified: Wed, 14 Aug 2024 06:35:28 GMT
                                                                          x-ms-request-id: 1d686a6c-001e-0033-7ab3-f8ff17000000
                                                                          x-ms-meta-Sourcebuild: odsp-web-prod_2024-08-09.009
                                                                          x-ms-meta-Sourceid: 8263F10C15BB3BA1B78E7D4A5DD43B52160A28A279DD4A9F4CD4E1DB815C498900
                                                                          x-azure-ref: 20240827T190034Z-164758fc766ltt9ldnr9bn1e9c00000009h0000000001dfy
                                                                          x-fd-int-roxy-purgeid: 0
                                                                          X-Cache: TCP_MISS
                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                          Timing-Allow-Origin: *
                                                                          X-CDN-Provider: Azure
                                                                          X-Content-Type-Options: nosniff
                                                                          Access-Control-Allow-Origin: *
                                                                          Access-Control-Expose-Headers: date,X-Cdn-Provider,X-Ms-Request-Id
                                                                          Access-Control-Allow-Headers: *
                                                                          Access-Control-Allow-Methods: GET,HEAD,OPTIONS
                                                                          NEL: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
                                                                          Report-To: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AzureCDNGCC"}],"include_subdomains":true}
                                                                          Accept-Ranges: bytes
                                                                          2024-08-27 19:00:34 UTC15159INData Raw: 1f 8b 08 00 00 00 00 00 00 03 cc bd 6b 73 db b6 d6 30 fa fd f9 15 12 4f 0f 37 b1 05 2b 92 6f 89 a9 20 9a c4 ce c5 69 12 a7 b6 d3 b4 55 b5 3d b0 08 49 68 68 50 21 21 5f 6a e9 bf 9f 59 0b 00 09 4a 72 92 be cf 9e 77 4e 26 63 91 00 08 82 c0 c2 c2 ba af 47 ff 6e 36 5e 65 79 23 95 23 a1 0a d1 90 6a 9c e5 57 5c cb 4c 35 66 a9 e0 85 68 14 42 34 ba 3b ed bf 8a f6 bb e3 c3 97 1f ce 5e b6 f5 ad 6e fc fb d1 ff 44 85 48 c7 ed 2c 29 66 1f c4 ad fe 2c 2e 67 7c f4 e5 6d 91 a9 19 7b b0 66 b1 18 0c 49 7b 36 2f a6 d1 60 d0 dd 19 d2 fb c7 dd 6e 1c 09 aa a9 22 ec d9 7d 30 87 37 ea 5c 8e 74 d0 bb e6 79 83 f7 54 3b 89 34 bd e7 71 44 d8 33 4e 2f f1 57 2e 09 1d cf d5 08 06 1a 09 72 2f 06 a2 7d 78 7a 7c 7e 7c f8 fc 1d eb 0e 59 e0 6e 02 0a 55 9f 9f 9f 7e 38 fe f0 9a 6d 0f 59 60 af
                                                                          Data Ascii: ks0O7+o iU=IhhP!!_jYJrwN&cGn6^ey##jW\L5fhB4;^nDH,)f,.g|m{fI{6/`n"}07\tyT;4qD3N/W.r/}xz|~|YnU~8mY`
                                                                          2024-08-27 19:00:34 UTC16384INData Raw: 9f e6 bd 56 2b ab d4 a0 19 9a 73 15 c4 05 f9 c4 3c 77 ed b1 b2 e1 e1 70 9f 63 f2 cb 7b cc af 67 82 5c af c8 6e 7d a2 6e 7f 97 06 27 4a 40 d8 e3 d2 ea a8 51 a1 fb bc b0 34 1e f5 ab b5 b8 6a dc c8 34 45 bb 83 4b d1 28 ac 1d 18 e6 3f 5d 71 87 06 2b 1e a0 f5 97 d2 c6 a7 2f 81 d7 a9 2d 3d a4 5b db 54 91 11 88 95 04 1f 47 d7 34 aa 3d 20 d5 cb e8 88 13 7a cb 99 a5 4c 8b c6 d5 bc d0 10 d1 ec 5a 26 c2 fb 90 c6 95 d0 d3 0c 92 2c 72 16 9c 1d fd 0c 56 13 85 86 6f 30 44 0b 84 65 6c b7 03 7a c2 d9 fd 86 b0 56 71 d7 63 0e 6e 78 dd 12 45 dc 34 32 5e 8b 35 f3 92 6f f6 c8 af 89 dc 0d 6b ad bd 58 d6 98 23 07 01 c7 66 78 7a fe c3 84 12 2d e8 08 f0 30 c5 63 8b 5e d1 0b 3a a5 97 f4 9a 9e d1 23 7a cc 3a f4 16 86 f1 9d 20 6a 87 91 0d a1 76 1c 86 cd 5b 13 ad 5e 58 19 3a 4a 5d f0
                                                                          Data Ascii: V+s<wpc{g\n}n'J@Q4j4EK(?]q+/-=[TG4= zLZ&,rVo0DelzVqcnxE42^5okX#fxz-0c^:#z: jv[^X:J]
                                                                          2024-08-27 19:00:34 UTC16384INData Raw: a7 f5 45 b7 a7 22 cd 0f 63 d3 48 6e 27 d4 d6 2d 87 74 0f b1 dc 50 19 2b 89 41 25 dd 03 c2 91 2b 71 9b b3 0f ac eb 39 4a a9 40 e1 2b 7f a0 6b 53 79 a1 83 07 ea 15 d9 87 3a e6 19 97 7d 72 3e 49 92 71 e8 c8 07 5c de 2a 42 58 68 82 85 41 3a 04 09 c3 f0 81 8e 7a 82 d4 a3 34 19 cf 47 54 b7 79 76 96 ee d5 62 e1 5e 99 45 0e c0 8d 77 4f 9d f5 d4 cd 01 cc 75 2a 78 26 1c e6 6c cf c7 91 88 47 42 93 5c 6e 27 30 bf a6 d3 d7 32 ea 5d 04 50 3f a1 b3 93 cc a2 69 92 3b 7d 17 84 18 ef 04 cf e7 a9 20 12 07 cc 04 aa 67 2a a9 d8 f8 ce be 56 b8 39 fb 46 7f 91 75 60 ea 44 1c 3a f4 97 52 4e d2 88 ca e1 03 a5 7d 10 b3 1c 92 e0 2f a5 7c 16 df 91 0d 81 54 f5 ec 30 17 4c 4b 76 f8 8c 9f 45 d3 28 27 74 2c f3 93 da 22 19 e6 5f 48 96 8a 63 2e 93 1a 26 0d 80 69 25 f1 05 c8 3d c7 3c 43 ce
                                                                          Data Ascii: E"cHn'-tP+A%+q9J@+kSy:}r>Iq\*BXhA:z4GTyvb^EwOu*x&lGB\n'02]P?i;} g*V9Fu`D:RN}/|T0LKvE('t,"_Hc.&i%=<C
                                                                          2024-08-27 19:00:34 UTC16384INData Raw: cb 5d 04 04 cd ab 84 a7 ed 74 67 c7 00 3b 12 bd 36 43 80 8b a2 a6 8a 15 04 ff c8 7c c0 48 74 a6 51 59 2b 20 24 75 3f f4 24 d2 a1 a4 e1 bb 6e 2e 42 6b b2 0e 72 a3 8e d8 5c 6e 87 ad 5f dd 58 db ed 5a ed 53 5e 0a 3f 1f 86 3b b5 7e af df 67 46 06 0c 57 b0 d7 dd ef 1e 40 8e 4b 10 e7 31 89 f5 eb 08 01 32 20 bb 85 e4 d7 cb a2 a0 59 35 bb 79 0b 53 92 66 93 0f f9 35 ff 88 93 f4 6f 32 a6 46 f7 12 9e 33 80 94 3f 4e 12 59 83 26 0a 46 69 ca 92 9e 81 b6 bf 67 fc 64 61 13 fa f4 00 4b 14 39 e8 d5 4b 66 15 70 19 b3 0e 7c 62 a9 e1 27 48 13 9a 30 7c a4 a9 3c 9c 59 90 fe e4 59 c6 42 fb 8d 5d 7e cd bd da 84 bb 6a 18 1f 97 d5 28 5f f2 eb 8f 0f 27 77 a4 a5 99 4a 12 3d 34 d2 ce c1 a4 e9 17 1a cd 80 05 ba 70 95 c2 1c af f3 b2 3a a1 63 5a 14 34 69 ce c5 4c a3 d4 77 01 96 e0 93 51
                                                                          Data Ascii: ]tg;6C|HtQY+ $u?$n.Bkr\n_XZS^?;~gFW@K12 Y5ySf5o2F3?NY&FigdaK9Kfp|b'H0|<YYB]~j(_'wJ=4p:cZ4iLwQ
                                                                          2024-08-27 19:00:34 UTC11398INData Raw: 3b 01 dd 51 df ce ab 0b f1 99 b5 c6 5c f4 53 90 1a f4 50 ee 56 85 3d 59 52 34 52 18 15 90 3c ec 91 32 2c 44 45 f9 ab 72 98 ef ec 90 74 67 27 88 ce d3 8b b0 38 cf 2f 04 4f 17 ad 1e 08 f7 97 8b a7 cb 38 0c 9f 80 18 e8 26 e7 ae 00 51 6c 7c 70 f0 9c 01 78 f7 f7 0f 2c 7f 6f fb fb cf 78 0c e0 c3 46 00 af 7c 51 57 b8 3c d2 e7 ff 96 0f 72 fd 96 43 0a 8e 95 b6 7a 24 0a b6 b7 63 66 c1 26 76 9c f4 06 c9 ef 13 2e 1b 6e f6 fe 1d 90 7e 30 90 2d 18 1a 82 37 66 cc 99 ad fe ba 0c 96 0b 21 77 ac 45 20 9d 76 e7 19 75 81 fc 9d 19 2b e0 70 ee 80 5d d5 43 f5 72 a9 91 98 b3 4c 9b a9 ef 1b 87 cb c9 48 5d b0 bb 74 05 97 33 0d 0a c9 b2 26 ed 71 65 d3 c3 cd 51 1e 6d ae 82 6b 5b 6d 4a 4f 7c 58 00 55 c1 c2 6d 53 45 ac c2 b1 66 2b 23 ec 6b 08 47 85 bf cb 27 9f 73 5e a7 47 3c 8f f4 70
                                                                          Data Ascii: ;Q\SPV=YR4R<2,DErtg'8/O8&Ql|px,oxF|QW<rCz$cf&v.n~0-7f!wE vu+p]CrLH]t3&qeQmk[mJO|XUmSEf+#kG's^G<p


                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                          12192.168.2.55017920.140.151.754438140C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          TimestampBytes transferredDirectionData
                                                                          2024-08-27 19:00:37 UTC406OUTGET /files/odsp-web-prod_2024-08-09.009/wacowlhostwebpack/13.js HTTP/1.1
                                                                          Host: res-1-gcc.cdn.office.net
                                                                          Connection: keep-alive
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                          Accept: */*
                                                                          Sec-Fetch-Site: none
                                                                          Sec-Fetch-Mode: cors
                                                                          Sec-Fetch-Dest: empty
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          2024-08-27 19:00:38 UTC1225INHTTP/1.1 200 OK
                                                                          Date: Tue, 27 Aug 2024 19:00:38 GMT
                                                                          Content-Type: application/javascript
                                                                          Content-Length: 75709
                                                                          Connection: close
                                                                          Cache-Control: public, max-age=31536000
                                                                          Content-Encoding: gzip
                                                                          Last-Modified: Wed, 14 Aug 2024 06:35:28 GMT
                                                                          x-ms-request-id: 612dc44f-d01e-0013-05b3-f893db000000
                                                                          x-ms-meta-Sourcebuild: odsp-web-prod_2024-08-09.009
                                                                          x-ms-meta-Sourceid: 8263F10C15BB3BA1B78E7D4A5DD43B52160A28A279DD4A9F4CD4E1DB815C498900
                                                                          x-azure-ref: 20240827T190037Z-178f7cc594dwp8xf54dcxcwncg0000000be0000000001ctb
                                                                          x-fd-int-roxy-purgeid: 0
                                                                          X-Cache: TCP_MISS
                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                          Timing-Allow-Origin: *
                                                                          X-CDN-Provider: Azure
                                                                          X-Content-Type-Options: nosniff
                                                                          Access-Control-Allow-Origin: *
                                                                          Access-Control-Expose-Headers: date,X-Cdn-Provider,X-Ms-Request-Id
                                                                          Access-Control-Allow-Headers: *
                                                                          Access-Control-Allow-Methods: GET,HEAD,OPTIONS
                                                                          NEL: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
                                                                          Report-To: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AzureCDNGCC"}],"include_subdomains":true}
                                                                          Accept-Ranges: bytes
                                                                          2024-08-27 19:00:38 UTC15159INData Raw: 1f 8b 08 00 00 00 00 00 00 03 cc bd 6b 73 db b6 d6 30 fa fd f9 15 12 4f 0f 37 b1 05 2b 92 6f 89 a9 20 9a c4 ce c5 69 12 a7 b6 d3 b4 55 b5 3d b0 08 49 68 68 50 21 21 5f 6a e9 bf 9f 59 0b 00 09 4a 72 92 be cf 9e 77 4e 26 63 91 00 08 82 c0 c2 c2 ba af 47 ff 6e 36 5e 65 79 23 95 23 a1 0a d1 90 6a 9c e5 57 5c cb 4c 35 66 a9 e0 85 68 14 42 34 ba 3b ed bf 8a f6 bb e3 c3 97 1f ce 5e b6 f5 ad 6e fc fb d1 ff 44 85 48 c7 ed 2c 29 66 1f c4 ad fe 2c 2e 67 7c f4 e5 6d 91 a9 19 7b b0 66 b1 18 0c 49 7b 36 2f a6 d1 60 d0 dd 19 d2 fb c7 dd 6e 1c 09 aa a9 22 ec d9 7d 30 87 37 ea 5c 8e 74 d0 bb e6 79 83 f7 54 3b 89 34 bd e7 71 44 d8 33 4e 2f f1 57 2e 09 1d cf d5 08 06 1a 09 72 2f 06 a2 7d 78 7a 7c 7e 7c f8 fc 1d eb 0e 59 e0 6e 02 0a 55 9f 9f 9f 7e 38 fe f0 9a 6d 0f 59 60 af
                                                                          Data Ascii: ks0O7+o iU=IhhP!!_jYJrwN&cGn6^ey##jW\L5fhB4;^nDH,)f,.g|m{fI{6/`n"}07\tyT;4qD3N/W.r/}xz|~|YnU~8mY`
                                                                          2024-08-27 19:00:38 UTC16384INData Raw: 9f e6 bd 56 2b ab d4 a0 19 9a 73 15 c4 05 f9 c4 3c 77 ed b1 b2 e1 e1 70 9f 63 f2 cb 7b cc af 67 82 5c af c8 6e 7d a2 6e 7f 97 06 27 4a 40 d8 e3 d2 ea a8 51 a1 fb bc b0 34 1e f5 ab b5 b8 6a dc c8 34 45 bb 83 4b d1 28 ac 1d 18 e6 3f 5d 71 87 06 2b 1e a0 f5 97 d2 c6 a7 2f 81 d7 a9 2d 3d a4 5b db 54 91 11 88 95 04 1f 47 d7 34 aa 3d 20 d5 cb e8 88 13 7a cb 99 a5 4c 8b c6 d5 bc d0 10 d1 ec 5a 26 c2 fb 90 c6 95 d0 d3 0c 92 2c 72 16 9c 1d fd 0c 56 13 85 86 6f 30 44 0b 84 65 6c b7 03 7a c2 d9 fd 86 b0 56 71 d7 63 0e 6e 78 dd 12 45 dc 34 32 5e 8b 35 f3 92 6f f6 c8 af 89 dc 0d 6b ad bd 58 d6 98 23 07 01 c7 66 78 7a fe c3 84 12 2d e8 08 f0 30 c5 63 8b 5e d1 0b 3a a5 97 f4 9a 9e d1 23 7a cc 3a f4 16 86 f1 9d 20 6a 87 91 0d a1 76 1c 86 cd 5b 13 ad 5e 58 19 3a 4a 5d f0
                                                                          Data Ascii: V+s<wpc{g\n}n'J@Q4j4EK(?]q+/-=[TG4= zLZ&,rVo0DelzVqcnxE42^5okX#fxz-0c^:#z: jv[^X:J]
                                                                          2024-08-27 19:00:38 UTC16384INData Raw: a7 f5 45 b7 a7 22 cd 0f 63 d3 48 6e 27 d4 d6 2d 87 74 0f b1 dc 50 19 2b 89 41 25 dd 03 c2 91 2b 71 9b b3 0f ac eb 39 4a a9 40 e1 2b 7f a0 6b 53 79 a1 83 07 ea 15 d9 87 3a e6 19 97 7d 72 3e 49 92 71 e8 c8 07 5c de 2a 42 58 68 82 85 41 3a 04 09 c3 f0 81 8e 7a 82 d4 a3 34 19 cf 47 54 b7 79 76 96 ee d5 62 e1 5e 99 45 0e c0 8d 77 4f 9d f5 d4 cd 01 cc 75 2a 78 26 1c e6 6c cf c7 91 88 47 42 93 5c 6e 27 30 bf a6 d3 d7 32 ea 5d 04 50 3f a1 b3 93 cc a2 69 92 3b 7d 17 84 18 ef 04 cf e7 a9 20 12 07 cc 04 aa 67 2a a9 d8 f8 ce be 56 b8 39 fb 46 7f 91 75 60 ea 44 1c 3a f4 97 52 4e d2 88 ca e1 03 a5 7d 10 b3 1c 92 e0 2f a5 7c 16 df 91 0d 81 54 f5 ec 30 17 4c 4b 76 f8 8c 9f 45 d3 28 27 74 2c f3 93 da 22 19 e6 5f 48 96 8a 63 2e 93 1a 26 0d 80 69 25 f1 05 c8 3d c7 3c 43 ce
                                                                          Data Ascii: E"cHn'-tP+A%+q9J@+kSy:}r>Iq\*BXhA:z4GTyvb^EwOu*x&lGB\n'02]P?i;} g*V9Fu`D:RN}/|T0LKvE('t,"_Hc.&i%=<C
                                                                          2024-08-27 19:00:38 UTC16384INData Raw: cb 5d 04 04 cd ab 84 a7 ed 74 67 c7 00 3b 12 bd 36 43 80 8b a2 a6 8a 15 04 ff c8 7c c0 48 74 a6 51 59 2b 20 24 75 3f f4 24 d2 a1 a4 e1 bb 6e 2e 42 6b b2 0e 72 a3 8e d8 5c 6e 87 ad 5f dd 58 db ed 5a ed 53 5e 0a 3f 1f 86 3b b5 7e af df 67 46 06 0c 57 b0 d7 dd ef 1e 40 8e 4b 10 e7 31 89 f5 eb 08 01 32 20 bb 85 e4 d7 cb a2 a0 59 35 bb 79 0b 53 92 66 93 0f f9 35 ff 88 93 f4 6f 32 a6 46 f7 12 9e 33 80 94 3f 4e 12 59 83 26 0a 46 69 ca 92 9e 81 b6 bf 67 fc 64 61 13 fa f4 00 4b 14 39 e8 d5 4b 66 15 70 19 b3 0e 7c 62 a9 e1 27 48 13 9a 30 7c a4 a9 3c 9c 59 90 fe e4 59 c6 42 fb 8d 5d 7e cd bd da 84 bb 6a 18 1f 97 d5 28 5f f2 eb 8f 0f 27 77 a4 a5 99 4a 12 3d 34 d2 ce c1 a4 e9 17 1a cd 80 05 ba 70 95 c2 1c af f3 b2 3a a1 63 5a 14 34 69 ce c5 4c a3 d4 77 01 96 e0 93 51
                                                                          Data Ascii: ]tg;6C|HtQY+ $u?$n.Bkr\n_XZS^?;~gFW@K12 Y5ySf5o2F3?NY&FigdaK9Kfp|b'H0|<YYB]~j(_'wJ=4p:cZ4iLwQ
                                                                          2024-08-27 19:00:38 UTC11398INData Raw: 3b 01 dd 51 df ce ab 0b f1 99 b5 c6 5c f4 53 90 1a f4 50 ee 56 85 3d 59 52 34 52 18 15 90 3c ec 91 32 2c 44 45 f9 ab 72 98 ef ec 90 74 67 27 88 ce d3 8b b0 38 cf 2f 04 4f 17 ad 1e 08 f7 97 8b a7 cb 38 0c 9f 80 18 e8 26 e7 ae 00 51 6c 7c 70 f0 9c 01 78 f7 f7 0f 2c 7f 6f fb fb cf 78 0c e0 c3 46 00 af 7c 51 57 b8 3c d2 e7 ff 96 0f 72 fd 96 43 0a 8e 95 b6 7a 24 0a b6 b7 63 66 c1 26 76 9c f4 06 c9 ef 13 2e 1b 6e f6 fe 1d 90 7e 30 90 2d 18 1a 82 37 66 cc 99 ad fe ba 0c 96 0b 21 77 ac 45 20 9d 76 e7 19 75 81 fc 9d 19 2b e0 70 ee 80 5d d5 43 f5 72 a9 91 98 b3 4c 9b a9 ef 1b 87 cb c9 48 5d b0 bb 74 05 97 33 0d 0a c9 b2 26 ed 71 65 d3 c3 cd 51 1e 6d ae 82 6b 5b 6d 4a 4f 7c 58 00 55 c1 c2 6d 53 45 ac c2 b1 66 2b 23 ec 6b 08 47 85 bf cb 27 9f 73 5e a7 47 3c 8f f4 70
                                                                          Data Ascii: ;Q\SPV=YR4R<2,DErtg'8/O8&Ql|px,oxF|QW<rCz$cf&v.n~0-7f!wE vu+p]CrLH]t3&qeQmk[mJO|XUmSEf+#kG's^G<p


                                                                          Statistics

                                                                          CPU Usage

                                                                          050100150200s020406080100

                                                                          Click to jump to process

                                                                          Memory Usage

                                                                          050100150200s0.0050100MB

                                                                          Click to jump to process

                                                                          High Level Behavior Distribution

                                                                          • File
                                                                          • Registry

                                                                          Click to dive into process behavior distribution

                                                                          Behavior

                                                                          Click to jump to process

                                                                          System Behavior

                                                                          General

                                                                          Target ID:0
                                                                          Start time:14:57:26
                                                                          Start date:27/08/2024
                                                                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                          Wow64 process (32bit):false
                                                                          Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\San Xavier District of the Tohono O#U2019odham Nation.pdf"
                                                                          Imagebase:0x7ff686a00000
                                                                          File size:5'641'176 bytes
                                                                          MD5 hash:24EAD1C46A47022347DC0F05F6EFBB8C
                                                                          Has elevated privileges:true
                                                                          Has administrator privileges:true
                                                                          Programmed in:C, C++ or other language
                                                                          Reputation:high
                                                                          Has exited:true
                                                                          Show Windows behavior

                                                                          File Activities

                                                                          Show Windows behavior

                                                                          Section Activities

                                                                          Show Windows behavior

                                                                          Registry Activities

                                                                          Show Windows behavior

                                                                          COM Activities

                                                                          Show Windows behavior

                                                                          Mutex Activities

                                                                          Show Windows behavior

                                                                          Process Activities

                                                                          Show Windows behavior

                                                                          Thread Activities

                                                                          Show Windows behavior

                                                                          Memory Activities

                                                                          Show Windows behavior

                                                                          System Activities

                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          Show Windows behavior

                                                                          Windows UI Activities

                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                                          General

                                                                          Target ID:2
                                                                          Start time:14:57:26
                                                                          Start date:27/08/2024
                                                                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          Wow64 process (32bit):false
                                                                          Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
                                                                          Imagebase:0x7ff6413e0000
                                                                          File size:3'581'912 bytes
                                                                          MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                                                          Has elevated privileges:true
                                                                          Has administrator privileges:true
                                                                          Programmed in:C, C++ or other language
                                                                          Reputation:high
                                                                          Has exited:true
                                                                          Show Windows behavior

                                                                          File Activities

                                                                          Show Windows behavior

                                                                          Section Activities

                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          Show Windows behavior

                                                                          Mutex Activities

                                                                          Show Windows behavior

                                                                          Process Activities

                                                                          Show Windows behavior

                                                                          Thread Activities

                                                                          Show Windows behavior

                                                                          Memory Activities

                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          Show Windows behavior

                                                                          Process Token Activities

                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                                          General

                                                                          Target ID:4
                                                                          Start time:14:57:27
                                                                          Start date:27/08/2024
                                                                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                          Wow64 process (32bit):false
                                                                          Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2080 --field-trial-handle=1584,i,2345941670000869250,4026492604822404281,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
                                                                          Imagebase:0x7ff6413e0000
                                                                          File size:3'581'912 bytes
                                                                          MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                                                          Has elevated privileges:true
                                                                          Has administrator privileges:true
                                                                          Programmed in:C, C++ or other language
                                                                          Reputation:high
                                                                          Has exited:true
                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          Show Windows behavior

                                                                          Section Activities

                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          Show Windows behavior

                                                                          Process Activities

                                                                          Show Windows behavior

                                                                          Thread Activities

                                                                          Show Windows behavior

                                                                          Memory Activities

                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                                          General

                                                                          Target ID:8
                                                                          Start time:14:57:51
                                                                          Start date:27/08/2024
                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          Wow64 process (32bit):false
                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://baycitymi-my.sharepoint.com/:o:/g/personal/avogel_baycitymi_gov/Elmi9pmfBD9FsxTL7-oQ2IoBeHOG7eWvLU9bAnRZwDCz7Q?e=tcLUbt"
                                                                          Imagebase:0x7ff715980000
                                                                          File size:3'242'272 bytes
                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                          Has elevated privileges:true
                                                                          Has administrator privileges:true
                                                                          Programmed in:C, C++ or other language
                                                                          Reputation:high
                                                                          Has exited:false
                                                                          Show Windows behavior

                                                                          File Activities

                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          Show Windows behavior

                                                                          Process Activities

                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          Show Windows behavior

                                                                          Memory Activities

                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          Show Windows behavior

                                                                          Process Token Activities


                                                                          General

                                                                          Target ID:9
                                                                          Start time:14:57:52
                                                                          Start date:27/08/2024
                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          Wow64 process (32bit):false
                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2008,i,17246115955249219125,14719809775228950345,262144 /prefetch:8
                                                                          Imagebase:0x7ff715980000
                                                                          File size:3'242'272 bytes
                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                          Has elevated privileges:true
                                                                          Has administrator privileges:true
                                                                          Programmed in:C, C++ or other language
                                                                          Reputation:high
                                                                          Has exited:false
                                                                          Show Windows behavior

                                                                          File Activities

                                                                          There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                          Show Windows behavior

                                                                          Memory Activities


                                                                          Disassembly

                                                                          No disassembly