Windows Analysis Report
https://tulsaretina-my.sharepoint.com/:f:/g/personal/dmiller_retinatulsa_com/ElBi9GQATzFLspsGNnE3XgEB-vtfzVVycqutPd6xXmtipQ?e=lATAVo

Overview

General Information

Sample URL: https://tulsaretina-my.sharepoint.com/:f:/g/personal/dmiller_retinatulsa_com/ElBi9GQATzFLspsGNnE3XgEB-vtfzVVycqutPd6xXmtipQ?e=lATAVo
Analysis ID: 1541695
Infos:

Detection

Score: 20
Range: 0 - 100
Whitelisted: false
Confidence: 80%

Signatures

AI detected landing page (webpage, office document or email)
Drops files with a non-matching file extension (content does not match file extension)

Classification

Source: https://pub-9f53cea87696450fa8d4f3211668f531.r2.dev/0nedrivefax.html HTTP Parser: No favicon
Source: https://pub-9f53cea87696450fa8d4f3211668f531.r2.dev/0nedrivefax.html HTTP Parser: No favicon
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49758 version: TLS 1.2
Source: unknown HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:49791 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:50024 version: TLS 1.2
Source: unknown HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:50062 version: TLS 1.2
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: global traffic HTTP traffic detected: GET /:f:/g/personal/dmiller_retinatulsa_com/ElBi9GQATzFLspsGNnE3XgEB-vtfzVVycqutPd6xXmtipQ?e=lATAVo HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /personal/dmiller_retinatulsa_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fdmiller%5Fretinatulsa%5Fcom%2FDocuments%2FAlliance%20Technical%20Group&ga=1 HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E3NGFhNWNkZTY0MjBiNTY4MWFhNWM5Nzc5OTYxZjkwZTM5NTU0YzkxNzQyMWQ2MTg4ZTFlMDI2MjUwYjZhM2IsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYiwxMzM3NDI5MTI1MDAwMDAwMDAsMCwxMzM3NDM3NzM1MDQ1MDczNjUsMC4wLjAuMCwyNTgsYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkLCwsMmUzNTVkYTEtNzA4Ni02MDAwLWNhNjktNDQzYjE0N2NjYWUzLDJlMzU1ZGExLTcwODYtNjAwMC1jYTY5LTQ0M2IxNDdjY2FlMyx2SDVjaHBvQjFFMjNkL3Qzb2ZzaStnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTI1OTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFAwTXJDV0tqSU1yZEh0VGZZeHI3a0ZKL2x4cEp0WWIrSVFJWU1kbEN4R3ZTY2Fad3Q5Ky81Vkd4YnZhU2llV2N4UitEU1VURWh0RDVUUElUZ0UzVXF0Y1g4ZUZqVlNRenJiT2tMTWVLSXA1eE91OWV3WW5KNGtYU1crMUdIeW9YYUV2NHp3NFRTa3hEZm5aMTEyck9WZXRiNXJUU2wzWkVjc1J5RWZiWm11dHpYSmdFcHhGMVRxVENhaXBFVEhOVUFLY2NmYXNQaEx0SHVSNzl3d0pGWlNmSUJSYjZZQmNzeldwbmdqalpQZUJrOXBqREtwc1YrbHhmMlV4V2k1TlEzenVvSlF4akNrMTlkakJrbzdCZ2pzSVRwQWlQWUlHUXk3eEloaG9nOVIxVkRnY3hRTjA2RG5VU2pza3BjalRjNVJYVWdmM0w3OWcwVVREWnVJcnZ3Zz09PC9TUD4=
Source: global traffic HTTP traffic detected: GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E3NGFhNWNkZTY0MjBiNTY4MWFhNWM5Nzc5OTYxZjkwZTM5NTU0YzkxNzQyMWQ2MTg4ZTFlMDI2MjUwYjZhM2IsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYiwxMzM3NDI5MTI1MDAwMDAwMDAsMCwxMzM3NDM3NzM1MDQ1MDczNjUsMC4wLjAuMCwyNTgsYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkLCwsMmUzNTVkYTEtNzA4Ni02MDAwLWNhNjktNDQzYjE0N2NjYWUzLDJlMzU1ZGExLTcwODYtNjAwMC1jYTY5LTQ0M2IxNDdjY2FlMyx2SDVjaHBvQjFFMjNkL3Qzb2ZzaStnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTI1OTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFAwTXJDV0tqSU1yZEh0VGZZeHI3a0ZKL2x4cEp0WWIrSVFJWU1kbEN4R3ZTY2Fad3Q5Ky81Vkd4YnZhU2llV2N4UitEU1VURWh0RDVUUElUZ0UzVXF0Y1g4ZUZqVlNRenJiT2tMTWVLSXA1eE91OWV3WW5KNGtYU1crMUdIeW9YYUV2NHp3NFRTa3hEZm5aMTEyck9WZXRiNXJUU2wzWkVjc1J5RWZiWm11dHpYSmdFcHhGMVRxVENhaXBFVEhOVUFLY2NmYXNQaEx0SHVSNzl3d0pGWlNmSUJSYjZZQmNzeldwbmdqalpQZUJrOXBqREtwc1YrbHhmMlV4V2k1TlEzenVvSlF4akNrMTlkakJrbzdCZ2pzSVRwQWlQWUlHUXk3eEloaG9nOVIxVkRnY3hRTjA2RG5VU2pza3BjalRjNVJYVWdmM0w3OWcwVVREWnVJcnZ3Zz09PC9TUD4=
Source: global traffic HTTP traffic detected: GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E3NGFhNWNkZTY0MjBiNTY4MWFhNWM5Nzc5OTYxZjkwZTM5NTU0YzkxNzQyMWQ2MTg4ZTFlMDI2MjUwYjZhM2IsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYiwxMzM3NDI5MTI1MDAwMDAwMDAsMCwxMzM3NDM3NzM1MDQ1MDczNjUsMC4wLjAuMCwyNTgsYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkLCwsMmUzNTVkYTEtNzA4Ni02MDAwLWNhNjktNDQzYjE0N2NjYWUzLDJlMzU1ZGExLTcwODYtNjAwMC1jYTY5LTQ0M2IxNDdjY2FlMyx2SDVjaHBvQjFFMjNkL3Qzb2ZzaStnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTI1OTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFAwTXJDV0tqSU1yZEh0VGZZeHI3a0ZKL2x4cEp0WWIrSVFJWU1kbEN4R3ZTY2Fad3Q5Ky81Vkd4YnZhU2llV2N4UitEU1VURWh0RDVUUElUZ0UzVXF0Y1g4ZUZqVlNRenJiT2tMTWVLSXA1eE91OWV3WW5KNGtYU1crMUdIeW9YYUV2NHp3NFRTa3hEZm5aMTEyck9WZXRiNXJUU2wzWkVjc1J5RWZiWm11dHpYSmdFcHhGMVRxVENhaXBFVEhOVUFLY2NmYXNQaEx0SHVSNzl3d0pGWlNmSUJSYjZZQmNzeldwbmdqalpQZUJrOXBqREtwc1YrbHhmMlV4V2k1TlEzenVvSlF4akNrMTlkakJrbzdCZ2pzSVRwQWlQWUlHUXk3eEloaG9nOVIxVkRnY3hRTjA2RG5VU2pza3BjalRjNVJYVWdmM0w3OWcwVVREWnVJcnZ3Zz09PC9TUD4=
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /personal/dmiller_retinatulsa_com/_api/v2.1/graphql HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E3NGFhNWNkZTY0MjBiNTY4MWFhNWM5Nzc5OTYxZjkwZTM5NTU0YzkxNzQyMWQ2MTg4ZTFlMDI2MjUwYjZhM2IsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYiwxMzM3NDI5MTI1MDAwMDAwMDAsMCwxMzM3NDM3NzM1MDQ1MDczNjUsMC4wLjAuMCwyNTgsYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkLCwsMmUzNTVkYTEtNzA4Ni02MDAwLWNhNjktNDQzYjE0N2NjYWUzLDJlMzU1ZGExLTcwODYtNjAwMC1jYTY5LTQ0M2IxNDdjY2FlMyx2SDVjaHBvQjFFMjNkL3Qzb2ZzaStnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTI1OTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFAwTXJDV0tqSU1yZEh0VGZZeHI3a0ZKL2x4cEp0WWIrSVFJWU1kbEN4R3ZTY2Fad3Q5Ky81Vkd4YnZhU2llV2N4UitEU1VURWh0RDVUUElUZ0UzVXF0Y1g4ZUZqVlNRenJiT2tMTWVLSXA1eE91OWV3WW5KNGtYU1crMUdIeW9YYUV2NHp3NFRTa3hEZm5aMTEyck9WZXRiNXJUU2wzWkVjc1J5RWZiWm11dHpYSmdFcHhGMVRxVENhaXBFVEhOVUFLY2NmYXNQaEx0SHVSNzl3d0pGWlNmSUJSYjZZQmNzeldwbmdqalpQZUJrOXBqREtwc1YrbHhmMlV4V2k1TlEzenVvSlF4akNrMTlkakJrbzdCZ2pzSVRwQWlQWUlHUXk3eEloaG9nOVIxVkRnY3hRTjA2RG5VU2pza3BjalRjNVJYVWdmM0w3OWcwVVREWnVJcnZ3Zz09PC9TUD4=
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=1cHwVDBHAk1kLhC&MD=R6MXt3om HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /_layouts/15/images/odbfavicon.ico?rev=47 HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://tulsaretina-my.sharepoint.com/personal/dmiller_retinatulsa_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fdmiller%5Fretinatulsa%5Fcom%2FDocuments%2FAlliance%20Technical%20Group&ga=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E3NGFhNWNkZTY0MjBiNTY4MWFhNWM5Nzc5OTYxZjkwZTM5NTU0YzkxNzQyMWQ2MTg4ZTFlMDI2MjUwYjZhM2IsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYiwxMzM3NDI5MTI1MDAwMDAwMDAsMCwxMzM3NDM3NzM1MDQ1MDczNjUsMC4wLjAuMCwyNTgsYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkLCwsMmUzNTVkYTEtNzA4Ni02MDAwLWNhNjktNDQzYjE0N2NjYWUzLDJlMzU1ZGExLTcwODYtNjAwMC1jYTY5LTQ0M2IxNDdjY2FlMyx2SDVjaHBvQjFFMjNkL3Qzb2ZzaStnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTI1OTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFAwTXJDV0tqSU1yZEh0VGZZeHI3a0ZKL2x4cEp0WWIrSVFJWU1kbEN4R3ZTY2Fad3Q5Ky81Vkd4YnZhU2llV2N4UitEU1VURWh0RDVUUElUZ0UzVXF0Y1g4ZUZqVlNRenJiT2tMTWVLSXA1eE91OWV3WW5KNGtYU1crMUdIeW9YYUV2NHp3NFRTa3hEZm5aMTEyck9WZXRiNXJUU2wzWkVjc1J5RWZiWm11dHpYSmdFcHhGMVRxVENhaXBFVEhOVUFLY2NmYXNQaEx0SHVSNzl3d0pGWlNmSUJSYjZZQmNzeldwbmdqalpQZUJrOXBqREtwc1YrbHhmMlV4V2k1TlEzenVvSlF4akNrMTlkakJrbzdCZ2pzSVRwQWlQWUlHUXk3eEloaG9nOVIxVkRnY3hRTjA2RG5VU2pza3BjalRjNVJYVWdmM0w3OWcwVVREWnVJcnZ3Zz09PC9TUD4=; FeatureOverrides_experiments=[]
Source: global traffic HTTP traffic detected: GET /_layouts/15/images/odbfavicon.ico?rev=47 HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E3NGFhNWNkZTY0MjBiNTY4MWFhNWM5Nzc5OTYxZjkwZTM5NTU0YzkxNzQyMWQ2MTg4ZTFlMDI2MjUwYjZhM2IsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYiwxMzM3NDI5MTI1MDAwMDAwMDAsMCwxMzM3NDM3NzM1MDQ1MDczNjUsMC4wLjAuMCwyNTgsYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkLCwsMmUzNTVkYTEtNzA4Ni02MDAwLWNhNjktNDQzYjE0N2NjYWUzLDJlMzU1ZGExLTcwODYtNjAwMC1jYTY5LTQ0M2IxNDdjY2FlMyx2SDVjaHBvQjFFMjNkL3Qzb2ZzaStnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTI1OTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFAwTXJDV0tqSU1yZEh0VGZZeHI3a0ZKL2x4cEp0WWIrSVFJWU1kbEN4R3ZTY2Fad3Q5Ky81Vkd4YnZhU2llV2N4UitEU1VURWh0RDVUUElUZ0UzVXF0Y1g4ZUZqVlNRenJiT2tMTWVLSXA1eE91OWV3WW5KNGtYU1crMUdIeW9YYUV2NHp3NFRTa3hEZm5aMTEyck9WZXRiNXJUU2wzWkVjc1J5RWZiWm11dHpYSmdFcHhGMVRxVENhaXBFVEhOVUFLY2NmYXNQaEx0SHVSNzl3d0pGWlNmSUJSYjZZQmNzeldwbmdqalpQZUJrOXBqREtwc1YrbHhmMlV4V2k1TlEzenVvSlF4akNrMTlkakJrbzdCZ2pzSVRwQWlQWUlHUXk3eEloaG9nOVIxVkRnY3hRTjA2RG5VU2pza3BjalRjNVJYVWdmM0w3OWcwVVREWnVJcnZ3Zz09PC9TUD4=; FeatureOverrides_experiments=[]
Source: global traffic HTTP traffic detected: GET /personal/dmiller_retinatulsa_com/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fdmiller%5Fretinatulsa%5Fcom%2FDocuments%27&TryNewExperienceSingle=TRUE HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E3NGFhNWNkZTY0MjBiNTY4MWFhNWM5Nzc5OTYxZjkwZTM5NTU0YzkxNzQyMWQ2MTg4ZTFlMDI2MjUwYjZhM2IsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYiwxMzM3NDI5MTI1MDAwMDAwMDAsMCwxMzM3NDM3NzM1MDQ1MDczNjUsMC4wLjAuMCwyNTgsYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkLCwsMmUzNTVkYTEtNzA4Ni02MDAwLWNhNjktNDQzYjE0N2NjYWUzLDJlMzU1ZGExLTcwODYtNjAwMC1jYTY5LTQ0M2IxNDdjY2FlMyx2SDVjaHBvQjFFMjNkL3Qzb2ZzaStnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTI1OTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFAwTXJDV0tqSU1yZEh0VGZZeHI3a0ZKL2x4cEp0WWIrSVFJWU1kbEN4R3ZTY2Fad3Q5Ky81Vkd4YnZhU2llV2N4UitEU1VURWh0RDVUUElUZ0UzVXF0Y1g4ZUZqVlNRenJiT2tMTWVLSXA1eE91OWV3WW5KNGtYU1crMUdIeW9YYUV2NHp3NFRTa3hEZm5aMTEyck9WZXRiNXJUU2wzWkVjc1J5RWZiWm11dHpYSmdFcHhGMVRxVENhaXBFVEhOVUFLY2NmYXNQaEx0SHVSNzl3d0pGWlNmSUJSYjZZQmNzeldwbmdqalpQZUJrOXBqREtwc1YrbHhmMlV4V2k1TlEzenVvSlF4akNrMTlkakJrbzdCZ2pzSVRwQWlQWUlHUXk3eEloaG9nOVIxVkRnY3hRTjA2RG5VU2pza3BjalRjNVJYVWdmM0w3OWcwVVREWnVJcnZ3Zz09PC9TUD4=; FeatureOverrides_experiments=[]
Source: global traffic HTTP traffic detected: GET /personal/dmiller_retinatulsa_com/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fdmiller%5Fretinatulsa%5Fcom%2FDocuments%27&RootFolder=%2Fpersonal%2Fdmiller%5Fretinatulsa%5Fcom%2FDocuments%2FAlliance%20Technical%20Group&TryNewExperienceSingle=TRUE HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E3NGFhNWNkZTY0MjBiNTY4MWFhNWM5Nzc5OTYxZjkwZTM5NTU0YzkxNzQyMWQ2MTg4ZTFlMDI2MjUwYjZhM2IsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYiwxMzM3NDI5MTI1MDAwMDAwMDAsMCwxMzM3NDM3NzM1MDQ1MDczNjUsMC4wLjAuMCwyNTgsYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkLCwsMmUzNTVkYTEtNzA4Ni02MDAwLWNhNjktNDQzYjE0N2NjYWUzLDJlMzU1ZGExLTcwODYtNjAwMC1jYTY5LTQ0M2IxNDdjY2FlMyx2SDVjaHBvQjFFMjNkL3Qzb2ZzaStnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTI1OTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFAwTXJDV0tqSU1yZEh0VGZZeHI3a0ZKL2x4cEp0WWIrSVFJWU1kbEN4R3ZTY2Fad3Q5Ky81Vkd4YnZhU2llV2N4UitEU1VURWh0RDVUUElUZ0UzVXF0Y1g4ZUZqVlNRenJiT2tMTWVLSXA1eE91OWV3WW5KNGtYU1crMUdIeW9YYUV2NHp3NFRTa3hEZm5aMTEyck9WZXRiNXJUU2wzWkVjc1J5RWZiWm11dHpYSmdFcHhGMVRxVENhaXBFVEhOVUFLY2NmYXNQaEx0SHVSNzl3d0pGWlNmSUJSYjZZQmNzeldwbmdqalpQZUJrOXBqREtwc1YrbHhmMlV4V2k1TlEzenVvSlF4akNrMTlkakJrbzdCZ2pzSVRwQWlQWUlHUXk3eEloaG9nOVIxVkRnY3hRTjA2RG5VU2pza3BjalRjNVJYVWdmM0w3OWcwVVREWnVJcnZ3Zz09PC9TUD4=; FeatureOverrides_experiments=[]
Source: global traffic HTTP traffic detected: GET /personal/dmiller_retinatulsa_com/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fdmiller%5Fretinatulsa%5Fcom%2FDocuments%27&TryNewExperienceSingle=TRUE HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E3NGFhNWNkZTY0MjBiNTY4MWFhNWM5Nzc5OTYxZjkwZTM5NTU0YzkxNzQyMWQ2MTg4ZTFlMDI2MjUwYjZhM2IsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYiwxMzM3NDI5MTI1MDAwMDAwMDAsMCwxMzM3NDM3NzM1MDQ1MDczNjUsMC4wLjAuMCwyNTgsYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkLCwsMmUzNTVkYTEtNzA4Ni02MDAwLWNhNjktNDQzYjE0N2NjYWUzLDJlMzU1ZGExLTcwODYtNjAwMC1jYTY5LTQ0M2IxNDdjY2FlMyx2SDVjaHBvQjFFMjNkL3Qzb2ZzaStnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTI1OTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFAwTXJDV0tqSU1yZEh0VGZZeHI3a0ZKL2x4cEp0WWIrSVFJWU1kbEN4R3ZTY2Fad3Q5Ky81Vkd4YnZhU2llV2N4UitEU1VURWh0RDVUUElUZ0UzVXF0Y1g4ZUZqVlNRenJiT2tMTWVLSXA1eE91OWV3WW5KNGtYU1crMUdIeW9YYUV2NHp3NFRTa3hEZm5aMTEyck9WZXRiNXJUU2wzWkVjc1J5RWZiWm11dHpYSmdFcHhGMVRxVENhaXBFVEhOVUFLY2NmYXNQaEx0SHVSNzl3d0pGWlNmSUJSYjZZQmNzeldwbmdqalpQZUJrOXBqREtwc1YrbHhmMlV4V2k1TlEzenVvSlF4akNrMTlkakJrbzdCZ2pzSVRwQWlQWUlHUXk3eEloaG9nOVIxVkRnY3hRTjA2RG5VU2pza3BjalRjNVJYVWdmM0w3OWcwVVREWnVJcnZ3Zz09PC9TUD4=; FeatureOverrides_experiments=[]
Source: global traffic HTTP traffic detected: GET /_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-aliveCache-Control: max-age=0Accept: */*Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://tulsaretina-my.sharepoint.com/personal/dmiller_retinatulsa_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fdmiller%5Fretinatulsa%5Fcom%2FDocuments%2FAlliance%20Technical%20Group&ga=1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E3NGFhNWNkZTY0MjBiNTY4MWFhNWM5Nzc5OTYxZjkwZTM5NTU0YzkxNzQyMWQ2MTg4ZTFlMDI2MjUwYjZhM2IsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYiwxMzM3NDI5MTI1MDAwMDAwMDAsMCwxMzM3NDM3NzM1MDQ1MDczNjUsMC4wLjAuMCwyNTgsYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkLCwsMmUzNTVkYTEtNzA4Ni02MDAwLWNhNjktNDQzYjE0N2NjYWUzLDJlMzU1ZGExLTcwODYtNjAwMC1jYTY5LTQ0M2IxNDdjY2FlMyx2SDVjaHBvQjFFMjNkL3Qzb2ZzaStnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTI1OTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFAwTXJDV0tqSU1yZEh0VGZZeHI3a0ZKL2x4cEp0WWIrSVFJWU1kbEN4R3ZTY2Fad3Q5Ky81Vkd4YnZhU2llV2N4UitEU1VURWh0RDVUUElUZ0UzVXF0Y1g4ZUZqVlNRenJiT2tMTWVLSXA1eE91OWV3WW5KNGtYU1crMUdIeW9YYUV2NHp3NFRTa3hEZm5aMTEyck9WZXRiNXJUU2wzWkVjc1J5RWZiWm11dHpYSmdFcHhGMVRxVENhaXBFVEhOVUFLY2NmYXNQaEx0SHVSNzl3d0pGWlNmSUJSYjZZQmNzeldwbmdqalpQZUJrOXBqREtwc1YrbHhmMlV4V2k1TlEzenVvSlF4akNrMTlkakJrbzdCZ2pzSVRwQWlQWUlHUXk3eEloaG9nOVIxVkRnY3hRTjA2RG5VU2pza3BjalRjNVJYVWdmM0w3OWcwVVREWnVJcnZ3Zz09PC9TUD4=; FeatureOverrides_experiments=[]
Source: global traffic HTTP traffic detected: GET /_vti_bin/afdcache.ashx/_userprofile/userphoto.jpg?_oat_=1729894253_994b437c72ac238a29cf6298df49691bfddb3d28855bc3ab7ba7c2aadb09432e&P1=1729820047&P2=-149452251&P3=1&P4=SERj8f6czRe23%2FyK8y1WtVcK%2BxgQJqTJN9uPFaiIiwuvXrZ05ht6YFq%2Bq9ntUGNN5Y0yJmsova7UHt%2FbzaTPGQsk%2FZR%2BZZjhI6zm%2FImQzOvCDIZBFs%2BOtBweRss7W09XPSKspJ38EJSksFeP9%2FBZILOeHLNZX7onIF4h6ZoPVHfQYvp0VOPG6z9v9tFOybN3tHHNJ9U8wR%2BcgTgBFmK1QjE0hIEDFoGmiPEdefSHs0T1YGkrgB6JNboF9rf92qJ%2FbPST54HQrX8xX%2BNuc75JPxcR74rr%2Fm6TZsGKGtaG6pwAML9tLVoHyjLccYy3ZSJPyzRN6bYFPeJevgaahOCKTA%3D%3D&size=M&accountname=dmiller%40retinatulsa.com HTTP/1.1Host: tulsaretina.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://tulsaretina-my.sharepoint.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /_vti_bin/afdcache.ashx/_userprofile/userphoto.jpg?_oat_=1729894253_994b437c72ac238a29cf6298df49691bfddb3d28855bc3ab7ba7c2aadb09432e&P1=1729820047&P2=-149452251&P3=1&P4=SERj8f6czRe23%2FyK8y1WtVcK%2BxgQJqTJN9uPFaiIiwuvXrZ05ht6YFq%2Bq9ntUGNN5Y0yJmsova7UHt%2FbzaTPGQsk%2FZR%2BZZjhI6zm%2FImQzOvCDIZBFs%2BOtBweRss7W09XPSKspJ38EJSksFeP9%2FBZILOeHLNZX7onIF4h6ZoPVHfQYvp0VOPG6z9v9tFOybN3tHHNJ9U8wR%2BcgTgBFmK1QjE0hIEDFoGmiPEdefSHs0T1YGkrgB6JNboF9rf92qJ%2FbPST54HQrX8xX%2BNuc75JPxcR74rr%2Fm6TZsGKGtaG6pwAML9tLVoHyjLccYy3ZSJPyzRN6bYFPeJevgaahOCKTA%3D%3D&size=M&accountname=dmiller%40retinatulsa.com HTTP/1.1Host: tulsaretina.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /_layouts/15/SPComponentRegistry.ashx?projects=[%22STS%22]&languages=%5B%5D HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-aliveAccept: application/jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tulsaretina-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E3NGFhNWNkZTY0MjBiNTY4MWFhNWM5Nzc5OTYxZjkwZTM5NTU0YzkxNzQyMWQ2MTg4ZTFlMDI2MjUwYjZhM2IsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYiwxMzM3NDI5MTI1MDAwMDAwMDAsMCwxMzM3NDM3NzM1MDQ1MDczNjUsMC4wLjAuMCwyNTgsYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkLCwsMmUzNTVkYTEtNzA4Ni02MDAwLWNhNjktNDQzYjE0N2NjYWUzLDJlMzU1ZGExLTcwODYtNjAwMC1jYTY5LTQ0M2IxNDdjY2FlMyx2SDVjaHBvQjFFMjNkL3Qzb2ZzaStnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTI1OTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFAwTXJDV0tqSU1yZEh0VGZZeHI3a0ZKL2x4cEp0WWIrSVFJWU1kbEN4R3ZTY2Fad3Q5Ky81Vkd4YnZhU2llV2N4UitEU1VURWh0RDVUUElUZ0UzVXF0Y1g4ZUZqVlNRenJiT2tMTWVLSXA1eE91OWV3WW5KNGtYU1crMUdIeW9YYUV2NHp3NFRTa3hEZm5aMTEyck9WZXRiNXJUU2wzWkVjc1J5RWZiWm11dHpYSmdFcHhGMVRxVENhaXBFVEhOVUFLY2NmYXNQaEx0SHVSNzl3d0pGWlNmSUJSYjZZQmNzeldwbmdqalpQZUJrOXBqREtwc1YrbHhmMlV4V2k1TlEzenVvSlF4akNrMTlkakJrbzdCZ2pzSVRwQWlQWUlHUXk3eEloaG9nOVIxVkRnY3hRTjA2RG5VU2pza3BjalRjNVJYVWdmM0w3OWcwVVREWnVJcnZ3Zz09PC9TUD4=; FeatureOverrides_experiments=[]
Source: global traffic HTTP traffic detected: GET /_layouts/15/SPComponentRegistry.ashx?projects=[%22spfx%22]&languages=%5B%5D HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-aliveAccept: application/jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tulsaretina-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=trueAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E3NGFhNWNkZTY0MjBiNTY4MWFhNWM5Nzc5OTYxZjkwZTM5NTU0YzkxNzQyMWQ2MTg4ZTFlMDI2MjUwYjZhM2IsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYiwxMzM3NDI5MTI1MDAwMDAwMDAsMCwxMzM3NDM3NzM1MDQ1MDczNjUsMC4wLjAuMCwyNTgsYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkLCwsMmUzNTVkYTEtNzA4Ni02MDAwLWNhNjktNDQzYjE0N2NjYWUzLDJlMzU1ZGExLTcwODYtNjAwMC1jYTY5LTQ0M2IxNDdjY2FlMyx2SDVjaHBvQjFFMjNkL3Qzb2ZzaStnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTI1OTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFAwTXJDV0tqSU1yZEh0VGZZeHI3a0ZKL2x4cEp0WWIrSVFJWU1kbEN4R3ZTY2Fad3Q5Ky81Vkd4YnZhU2llV2N4UitEU1VURWh0RDVUUElUZ0UzVXF0Y1g4ZUZqVlNRenJiT2tMTWVLSXA1eE91OWV3WW5KNGtYU1crMUdIeW9YYUV2NHp3NFRTa3hEZm5aMTEyck9WZXRiNXJUU2wzWkVjc1J5RWZiWm11dHpYSmdFcHhGMVRxVENhaXBFVEhOVUFLY2NmYXNQaEx0SHVSNzl3d0pGWlNmSUJSYjZZQmNzeldwbmdqalpQZUJrOXBqREtwc1YrbHhmMlV4V2k1TlEzenVvSlF4akNrMTlkakJrbzdCZ2pzSVRwQWlQWUlHUXk3eEloaG9nOVIxVkRnY3hRTjA2RG5VU2pza3BjalRjNVJYVWdmM0w3OWcwVVREWnVJcnZ3Zz09PC9TUD4=; FeatureOverrides_experiments=[]
Source: global traffic HTTP traffic detected: GET /transform/passthrough?provider=spo&inputFormat=pdf&cs=fFNQTw&docid=https%3A%2F%2Ftulsaretina-my.sharepoint.com%3A443%2F_api%2Fv2.0%2Fdrives%2Fb!h4j4iUDNXEuFPMK0-0z9aCHPmB2P-4dGnR9RE0Al3DBYvuPEXpqZQZTK034LdXeL%2Fitems%2F01KCJQRXVEQLHFGCGZ6NAJ6K6VDCUS7CXI%3Fversion%3DPublished&access_token=v1.eyJzaXRlaWQiOiI4OWY4ODg4Ny1jZDQwLTRiNWMtODUzYy1jMmI0ZmI0Y2ZkNjgiLCJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvdHVsc2FyZXRpbmEtbXkuc2hhcmVwb2ludC5jb21AYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkIiwiZXhwIjoiMTcyOTgzNjAwMCJ9.CiMKCXNoYXJpbmdpZBIWdkg1Y2hwb0IxRTIzZC90M29mc2krZwoICgNzdHASAXQKCgoEc25pZBICMzMSBAjquAIaDjE3My4yNTQuMjUwLjgxIhRtaWNyb3NvZnQuc2hhcmVwb2ludCosZm15ZnJmK3VNUVg0eXF3andyUGRnR0FTbjNvSk5TVDRLRXBZS21mK3NFQT0weTgBShBoYXNoZWRwcm9vZnRva2VuYgR0cnVlcmEwaC5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiNhNzRhYTVjZGU2NDIwYjU2ODFhYTVjOTc3OTk2MWY5MGUzOTU1NGM5MTc0MjFkNjE4OGUxZTAyNjI1MGI2YTNiegEwwgFhMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYg.CTzoPGt6i07hxshHxV5IyW5X1CpF1dmbvBKGOwdRxV0&cTag=%22c%3A%7B53CE82A4-D908-40F3-9F2B-D518A92F8AE8%7D%2C1%22 HTTP/1.1Host: eastus1-mediap.svc.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://tulsaretina-my.sharepoint.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tulsaretina-my.sharepoint.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /transform/passthrough?provider=spo&inputFormat=pdf&cs=fFNQTw&docid=https%3A%2F%2Ftulsaretina-my.sharepoint.com%3A443%2F_api%2Fv2.0%2Fdrives%2Fb!h4j4iUDNXEuFPMK0-0z9aCHPmB2P-4dGnR9RE0Al3DBYvuPEXpqZQZTK034LdXeL%2Fitems%2F01KCJQRXVEQLHFGCGZ6NAJ6K6VDCUS7CXI%3Fversion%3DPublished&access_token=v1.eyJzaXRlaWQiOiI4OWY4ODg4Ny1jZDQwLTRiNWMtODUzYy1jMmI0ZmI0Y2ZkNjgiLCJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvdHVsc2FyZXRpbmEtbXkuc2hhcmVwb2ludC5jb21AYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkIiwiZXhwIjoiMTcyOTgzNjAwMCJ9.CiMKCXNoYXJpbmdpZBIWdkg1Y2hwb0IxRTIzZC90M29mc2krZwoICgNzdHASAXQKCgoEc25pZBICMzMSBAjquAIaDjE3My4yNTQuMjUwLjgxIhRtaWNyb3NvZnQuc2hhcmVwb2ludCosZm15ZnJmK3VNUVg0eXF3andyUGRnR0FTbjNvSk5TVDRLRXBZS21mK3NFQT0weTgBShBoYXNoZWRwcm9vZnRva2VuYgR0cnVlcmEwaC5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiNhNzRhYTVjZGU2NDIwYjU2ODFhYTVjOTc3OTk2MWY5MGUzOTU1NGM5MTc0MjFkNjE4OGUxZTAyNjI1MGI2YTNiegEwwgFhMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYg.CTzoPGt6i07hxshHxV5IyW5X1CpF1dmbvBKGOwdRxV0&cTag=%22c%3A%7B53CE82A4-D908-40F3-9F2B-D518A92F8AE8%7D%2C1%22 HTTP/1.1Host: eastus1-mediap.svc.msConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /transform/thumbnail?provider=spo&inputFormat=pdf&cs=fFNQTw&docid=https%3A%2F%2Ftulsaretina-my.sharepoint.com%3A443%2F_api%2Fv2.0%2Fdrives%2Fb!h4j4iUDNXEuFPMK0-0z9aCHPmB2P-4dGnR9RE0Al3DBYvuPEXpqZQZTK034LdXeL%2Fitems%2F01KCJQRXVEQLHFGCGZ6NAJ6K6VDCUS7CXI%3Fversion%3DPublished&access_token=v1.eyJzaXRlaWQiOiI4OWY4ODg4Ny1jZDQwLTRiNWMtODUzYy1jMmI0ZmI0Y2ZkNjgiLCJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvdHVsc2FyZXRpbmEtbXkuc2hhcmVwb2ludC5jb21AYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkIiwiZXhwIjoiMTcyOTgzNjAwMCJ9.CiMKCXNoYXJpbmdpZBIWdkg1Y2hwb0IxRTIzZC90M29mc2krZwoICgNzdHASAXQKCgoEc25pZBICMzMSBAjquAIaDjE3My4yNTQuMjUwLjgxIhRtaWNyb3NvZnQuc2hhcmVwb2ludCosZm15ZnJmK3VNUVg0eXF3andyUGRnR0FTbjNvSk5TVDRLRXBZS21mK3NFQT0weTgBShBoYXNoZWRwcm9vZnRva2VuYgR0cnVlcmEwaC5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiNhNzRhYTVjZGU2NDIwYjU2ODFhYTVjOTc3OTk2MWY5MGUzOTU1NGM5MTc0MjFkNjE4OGUxZTAyNjI1MGI2YTNiegEwwgFhMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYg.CTzoPGt6i07hxshHxV5IyW5X1CpF1dmbvBKGOwdRxV0&cTag=%22c%3A%7B53CE82A4-D908-40F3-9F2B-D518A92F8AE8%7D%2C1%22&encodeFailures=1&width=1024&height=1024&srcWidth=&srcHeight= HTTP/1.1Host: eastus1-mediap.svc.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://tulsaretina-my.sharepoint.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tulsaretina-my.sharepoint.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /transform/thumbnail?provider=spo&inputFormat=pdf&cs=fFNQTw&docid=https%3A%2F%2Ftulsaretina-my.sharepoint.com%3A443%2F_api%2Fv2.0%2Fdrives%2Fb!h4j4iUDNXEuFPMK0-0z9aCHPmB2P-4dGnR9RE0Al3DBYvuPEXpqZQZTK034LdXeL%2Fitems%2F01KCJQRXVEQLHFGCGZ6NAJ6K6VDCUS7CXI%3Fversion%3DPublished&access_token=v1.eyJzaXRlaWQiOiI4OWY4ODg4Ny1jZDQwLTRiNWMtODUzYy1jMmI0ZmI0Y2ZkNjgiLCJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvdHVsc2FyZXRpbmEtbXkuc2hhcmVwb2ludC5jb21AYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkIiwiZXhwIjoiMTcyOTgzNjAwMCJ9.CiMKCXNoYXJpbmdpZBIWdkg1Y2hwb0IxRTIzZC90M29mc2krZwoICgNzdHASAXQKCgoEc25pZBICMzMSBAjquAIaDjE3My4yNTQuMjUwLjgxIhRtaWNyb3NvZnQuc2hhcmVwb2ludCosZm15ZnJmK3VNUVg0eXF3andyUGRnR0FTbjNvSk5TVDRLRXBZS21mK3NFQT0weTgBShBoYXNoZWRwcm9vZnRva2VuYgR0cnVlcmEwaC5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiNhNzRhYTVjZGU2NDIwYjU2ODFhYTVjOTc3OTk2MWY5MGUzOTU1NGM5MTc0MjFkNjE4OGUxZTAyNjI1MGI2YTNiegEwwgFhMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYg.CTzoPGt6i07hxshHxV5IyW5X1CpF1dmbvBKGOwdRxV0&cTag=%22c%3A%7B53CE82A4-D908-40F3-9F2B-D518A92F8AE8%7D%2C1%22&encodeFailures=1&width=1024&height=1024&srcWidth=&srcHeight= HTTP/1.1Host: eastus1-mediap.svc.msConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /0nedrivefax.html HTTP/1.1Host: pub-9f53cea87696450fa8d4f3211668f531.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pub-9f53cea87696450fa8d4f3211668f531.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-9f53cea87696450fa8d4f3211668f531.r2.dev/0nedrivefax.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: botCheck=1
Source: global traffic HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=1cHwVDBHAk1kLhC&MD=R6MXt3om HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /apc/trans.gif?fa5368ac33f45170016606d506ad6bb7 HTTP/1.1Host: tr-ofc-afdwac.office.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://tulsaretina-my.sharepoint.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tulsaretina-my.sharepoint.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /apc/trans.gif?fcb4daba4c26dd79f2cd32bbb743c39e HTTP/1.1Host: tr-ofc-afdwac.office.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://tulsaretina-my.sharepoint.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tulsaretina-my.sharepoint.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /apc/trans.gif?fa5368ac33f45170016606d506ad6bb7 HTTP/1.1Host: tr-ofc-afdwac.office.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /apc/trans.gif?fcb4daba4c26dd79f2cd32bbb743c39e HTTP/1.1Host: tr-ofc-afdwac.office.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /apc/trans.gif?cb61d68587244411fc17b8850e35bbe3 HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://tulsaretina-my.sharepoint.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tulsaretina-my.sharepoint.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /apc/trans.gif?fe193a6eedf44cf4c3a0931e2e0f10b9 HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://tulsaretina-my.sharepoint.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tulsaretina-my.sharepoint.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /apc/trans.gif?cb61d68587244411fc17b8850e35bbe3 HTTP/1.1Host: outlook.office365.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /apc/trans.gif?fe193a6eedf44cf4c3a0931e2e0f10b9 HTTP/1.1Host: outlook.office365.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /personal/dmiller_retinatulsa_com/_layouts/15/AccessDenied.aspx?correlation=40355da1%2D308d%2D6000%2D947f%2D6cb084de4f4b HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E3NGFhNWNkZTY0MjBiNTY4MWFhNWM5Nzc5OTYxZjkwZTM5NTU0YzkxNzQyMWQ2MTg4ZTFlMDI2MjUwYjZhM2IsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYiwxMzM3NDI5MTI1MDAwMDAwMDAsMCwxMzM3NDM3NzM1MDQ1MDczNjUsMC4wLjAuMCwyNTgsYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkLCwsMmUzNTVkYTEtNzA4Ni02MDAwLWNhNjktNDQzYjE0N2NjYWUzLDJlMzU1ZGExLTcwODYtNjAwMC1jYTY5LTQ0M2IxNDdjY2FlMyx2SDVjaHBvQjFFMjNkL3Qzb2ZzaStnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTI1OTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFAwTXJDV0tqSU1yZEh0VGZZeHI3a0ZKL2x4cEp0WWIrSVFJWU1kbEN4R3ZTY2Fad3Q5Ky81Vkd4YnZhU2llV2N4UitEU1VURWh0RDVUUElUZ0UzVXF0Y1g4ZUZqVlNRenJiT2tMTWVLSXA1eE91OWV3WW5KNGtYU1crMUdIeW9YYUV2NHp3NFRTa3hEZm5aMTEyck9WZXRiNXJUU2wzWkVjc1J5RWZiWm11dHpYSmdFcHhGMVRxVENhaXBFVEhOVUFLY2NmYXNQaEx0SHVSNzl3d0pGWlNmSUJSYjZZQmNzeldwbmdqalpQZUJrOXBqREtwc1YrbHhmMlV4V2k1TlEzenVvSlF4akNrMTlkakJrbzdCZ2pzSVRwQWlQWUlHUXk3eEloaG9nOVIxVkRnY3hRTjA2RG5VU2pza3BjalRjNVJYVWdmM0w3OWcwVVREWnVJcnZ3Zz09PC9TUD4=; FeatureOverrides_experiments=[]; ai_session=8Wsjl4jyU9mYbi8OGEGqFV|1729817380696|1729817380696; MSFPC=GUID=4b56652e46704a8eb1d13e9183c993d2&HASH=4b56&LV=202410&V=4&LU=1729817385489
Source: global traffic HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic DNS traffic detected: DNS query: tulsaretina-my.sharepoint.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: m365cdn.nel.measure.office.net
Source: global traffic DNS traffic detected: DNS query: tulsaretina.sharepoint.com
Source: global traffic DNS traffic detected: DNS query: eastus1-mediap.svc.ms
Source: global traffic DNS traffic detected: DNS query: r4.res.office365.com
Source: global traffic DNS traffic detected: DNS query: config.fp.measure.office.com
Source: global traffic DNS traffic detected: DNS query: pub-9f53cea87696450fa8d4f3211668f531.r2.dev
Source: global traffic DNS traffic detected: DNS query: 5d9bcc5d9b00a201ed399a4752c9dd23.fp.measure.office.com
Source: global traffic DNS traffic detected: DNS query: sportsfacilitles.com
Source: global traffic DNS traffic detected: DNS query: tr-ofc-afdwac.office.com
Source: global traffic DNS traffic detected: DNS query: outlook.office365.com
Source: global traffic DNS traffic detected: DNS query: upload.fp.measure.office.com
Source: global traffic DNS traffic detected: DNS query: spo.nel.measure.office.net
Source: unknown HTTP traffic detected: POST /personal/dmiller_retinatulsa_com/_api/v2.1/graphql HTTP/1.1Host: tulsaretina-my.sharepoint.comConnection: keep-aliveContent-Length: 507sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/json;odata=verboseContent-Type: application/json;odata=verboseX-ServiceWorker-Strategy: CacheFirstsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://tulsaretina-my.sharepoint.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tulsaretina-my.sharepoint.com/personal/dmiller_retinatulsa_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fdmiller%5Fretinatulsa%5Fcom%2FDocuments%2FAlliance%20Technical%20Group&ga=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E3NGFhNWNkZTY0MjBiNTY4MWFhNWM5Nzc5OTYxZjkwZTM5NTU0YzkxNzQyMWQ2MTg4ZTFlMDI2MjUwYjZhM2IsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTc0YWE1Y2RlNjQyMGI1NjgxYWE1Yzk3Nzk5NjFmOTBlMzk1NTRjOTE3NDIxZDYxODhlMWUwMjYyNTBiNmEzYiwxMzM3NDI5MTI1MDAwMDAwMDAsMCwxMzM3NDM3NzM1MDQ1MDczNjUsMC4wLjAuMCwyNTgsYTA1YmQ5MTQtZTczMy00OTk2LWFmOTMtY2Q1ZGI1NWIwZmNkLCwsMmUzNTVkYTEtNzA4Ni02MDAwLWNhNjktNDQzYjE0N2NjYWUzLDJlMzU1ZGExLTcwODYtNjAwMC1jYTY5LTQ0M2IxNDdjY2FlMyx2SDVjaHBvQjFFMjNkL3Qzb2ZzaStnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTI1OTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFAwTXJDV0tqSU1yZEh0VGZZeHI3a0ZKL2x4cEp0WWIrSVFJWU1kbEN4R3ZTY2Fad3Q5Ky81Vkd4YnZhU2llV2N4UitEU1VURWh0RDVUUElUZ0UzVXF0Y1g4ZUZqVlNRenJiT2tMTWVLSXA1eE91OWV3WW5KNGtYU1crMUdIeW9YYUV2NHp3NFRTa3hEZm5aMTEyck9WZXRiNXJUU2wzWkVjc1J5RWZiWm11dHpYSmdFcHhGMVRxVENhaXBFVEhOVUFLY2NmYXNQaEx0SHVSNzl3d0pGWlNmSUJSYjZZQmNzeldwbmdqalpQZUJrOXBqREtwc1YrbHhmMlV4V2k1TlEzenVvSlF4akNrMTlkakJrbzdCZ2pzSVRwQWlQWUlHUXk3eEloaG9nOVIxVkRnY3hRTjA2RG5VU2pza3BjalRjNVJYVWdmM0w3OWcwVVREWnVJcnZ3Zz09PC9TUD4=
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 25 Oct 2024 00:50:00 GMTContent-Type: text/htmlContent-Length: 27150Connection: closeServer: cloudflareCF-RAY: 8d7e35c30edf6b39-DFW
Source: chromecache_713.2.dr, chromecache_729.2.dr, chromecache_435.2.dr, chromecache_673.2.dr, chromecache_714.2.dr, chromecache_449.2.dr String found in binary or memory: http://fb.me/use-check-prop-types
Source: chromecache_411.2.dr, chromecache_658.2.dr String found in binary or memory: http://www.contoso.com
Source: chromecache_466.2.dr String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: chromecache_663.2.dr String found in binary or memory: http://www.unicode.org/copyright.html
Source: chromecache_485.2.dr, chromecache_456.2.dr String found in binary or memory: https://1drv.com/
Source: chromecache_577.2.dr String found in binary or memory: https://amazon.com/
Source: chromecache_485.2.dr, chromecache_456.2.dr String found in binary or memory: https://centralus1-mediad.svc.ms
Source: chromecache_485.2.dr, chromecache_456.2.dr String found in binary or memory: https://clients.config.office.net/user/v1.0/web/policies
Source: chromecache_500.2.dr String found in binary or memory: https://developers.cloudflare.com/r2/data-access/public-buckets/
Source: chromecache_730.2.dr, chromecache_465.2.dr String found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
Source: chromecache_485.2.dr, chromecache_456.2.dr String found in binary or memory: https://livefilestore.com/
Source: chromecache_472.2.dr, chromecache_598.2.dr String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_572.2.dr, chromecache_485.2.dr, chromecache_488.2.dr, chromecache_533.2.dr, chromecache_456.2.dr, chromecache_455.2.dr String found in binary or memory: https://media.cloudapp.net
Source: chromecache_472.2.dr, chromecache_598.2.dr String found in binary or memory: https://microsoft.spfx3rdparty.com
Source: chromecache_572.2.dr, chromecache_533.2.dr, chromecache_493.2.dr, chromecache_687.2.dr String found in binary or memory: https://my.microsoftpersonalcontent.com
Source: chromecache_572.2.dr, chromecache_485.2.dr, chromecache_488.2.dr, chromecache_533.2.dr, chromecache_456.2.dr, chromecache_455.2.dr String found in binary or memory: https://northcentralus1-medias.svc.ms
Source: chromecache_721.2.dr, chromecache_636.2.dr String found in binary or memory: https://onedrive.cloud.microsoft
Source: chromecache_721.2.dr, chromecache_636.2.dr String found in binary or memory: https://onedrive.dev.cloud.microsoft
Source: chromecache_551.2.dr, chromecache_569.2.dr String found in binary or memory: https://onedrive.live.com/?gologin=1
Source: chromecache_472.2.dr, chromecache_598.2.dr String found in binary or memory: https://onedrive.live.com/sa
Source: chromecache_485.2.dr, chromecache_456.2.dr String found in binary or memory: https://portal.office.com/
Source: chromecache_692.2.dr, chromecache_720.2.dr String found in binary or memory: https://pub-9f53cea87696450fa8d4f3211668f531.r2.dev/0nedrivefax.html)
Source: chromecache_449.2.dr String found in binary or memory: https://reactjs.org/link/react-polyfills
Source: chromecache_485.2.dr, chromecache_456.2.dr String found in binary or memory: https://res-1-sdf.cdn.office.net
Source: chromecache_485.2.dr, chromecache_551.2.dr, chromecache_456.2.dr String found in binary or memory: https://res-1.cdn.office.net
Source: chromecache_551.2.dr, chromecache_477.2.dr String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-10-11.005/
Source: chromecache_477.2.dr String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-10-11.005/stsserviceworkerprefetch/stsservicew
Source: chromecache_410.2.dr, chromecache_564.2.dr, chromecache_477.2.dr String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-10-11.008/
Source: chromecache_477.2.dr String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-10-11.008/spserviceworker.js
Source: chromecache_410.2.dr, chromecache_564.2.dr String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-10-11.008/spwebworker.js
Source: chromecache_551.2.dr String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp-media-3b870ca1
Source: chromecache_551.2.dr String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.1ds/odsp.1ds.lib-b7da68fc
Source: chromecache_551.2.dr String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.aria/odsp.aria.lib-ab227069
Source: chromecache_551.2.dr String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.fluentui.core/fui.core-97518b2a
Source: chromecache_551.2.dr String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.fluentui.utilities/fui.util-93de749b
Source: chromecache_551.2.dr String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.knockout/odsp.knockout.lib-447adea9
Source: chromecache_551.2.dr String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.react/odsp.react.lib-9ea4d016
Source: chromecache_551.2.dr String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.tslib/tslib-6a7224b3
Source: chromecache_551.2.dr String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.utilities/odsp.util-644642c2
Source: chromecache_551.2.dr String found in binary or memory: https://res-2.cdn.office.net/files/odsp-web-prod_2024-10-11.005/
Source: chromecache_551.2.dr String found in binary or memory: https://shell.cdn.office.net
Source: chromecache_551.2.dr, chromecache_477.2.dr String found in binary or memory: https://shell.cdn.office.net/api/ShellBootstrapper/business/OneShell
Source: chromecache_485.2.dr, chromecache_456.2.dr String found in binary or memory: https://shellppe.msocdn.com
Source: chromecache_485.2.dr, chromecache_456.2.dr String found in binary or memory: https://shellprod.msocdn.com
Source: chromecache_551.2.dr String found in binary or memory: https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js
Source: chromecache_577.2.dr String found in binary or memory: https://sportsfacilitles.com/200/#
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/leelawadeeui-thai/leelawadeeui-bold.w
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/leelawadeeui-thai/leelawadeeui-regula
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/leelawadeeui-thai/leelawadeeui-semili
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-bold.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-bold.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-light.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-light.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-regular.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-regular.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semibold.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semibold.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semilight.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-bold.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-bold.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-light.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-light.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-regular.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-semibold.wof
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-semilight.wo
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-bold.wof
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-light.wo
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-regular.
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-semibold
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-semiligh
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-bold.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-bold.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-light.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-light.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-regular.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-regular.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semibold.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semibold.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semilight.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semilight.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-bold.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-bold.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-light.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-light.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-regular.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-regular.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semibold.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semibold.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semilight.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-bold.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-bold.woff2
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-light.woff
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-regular.wo
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-semibold.w
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-semilight.
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-bold.wof
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.wo
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold
Source: chromecache_576.2.dr String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semiligh
Source: chromecache_485.2.dr, chromecache_456.2.dr String found in binary or memory: https://substrate.office.com
Source: chromecache_487.2.dr, chromecache_696.2.dr, chromecache_716.2.dr, chromecache_565.2.dr String found in binary or memory: https://support.office.com/en-us/article/Manage-lists-and-libraries-with-many-items-b8588dae-9387-48
Source: chromecache_500.2.dr String found in binary or memory: https://www.cloudflare.com/favicon.ico
Source: chromecache_569.2.dr String found in binary or memory: https://www.office.com/login?prompt=select_account&ru=%2Flaunch%2F$
Source: chromecache_551.2.dr String found in binary or memory: https://www.office.com/login?prompt=select_account&ru=%2Flaunch%2Fonedrive
Source: chromecache_569.2.dr String found in binary or memory: https://www.office.com/login?ru=%2Flaunch%2F$
Source: chromecache_551.2.dr String found in binary or memory: https://www.office.com/login?ru=%2Flaunch%2Fonedrive
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown Network traffic detected: HTTP traffic on port 50131 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50211 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50234 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50257 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown Network traffic detected: HTTP traffic on port 50314 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown Network traffic detected: HTTP traffic on port 50165 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50222 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50074 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50325 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50107 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50268 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown Network traffic detected: HTTP traffic on port 50120 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown Network traffic detected: HTTP traffic on port 50189 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50130 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50096 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50073 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50303 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown Network traffic detected: HTTP traffic on port 50326 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50062 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50280 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50142 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50178 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown Network traffic detected: HTTP traffic on port 50210 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50235 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50187 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50221 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50049 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50324 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50293 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50270 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown Network traffic detected: HTTP traffic on port 50209 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50282 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50247 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50155 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50176 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50258 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50313 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50166 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50281 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown Network traffic detected: HTTP traffic on port 50143 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50208 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50050 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50110 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50259 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50236 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown Network traffic detected: HTTP traffic on port 50188 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50220 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50109 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50072 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50132 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50199 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown Network traffic detected: HTTP traffic on port 50277 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50215
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50218
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50219
Source: unknown Network traffic detected: HTTP traffic on port 50174 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50151 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50210
Source: unknown Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50202 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50211
Source: unknown Network traffic detected: HTTP traffic on port 50094 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50214
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50213
Source: unknown Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50305 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50106
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50227
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50105
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50229
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50228
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50100
Source: unknown Network traffic detected: HTTP traffic on port 50186 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50221
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50220
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50222
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50104
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50224
Source: unknown Network traffic detected: HTTP traffic on port 50289 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50162 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50197 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50237
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50239
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50230
Source: unknown Network traffic detected: HTTP traffic on port 50317 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50110
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50231
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50113
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50234
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50236
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50235
Source: unknown Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50288 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50175 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50213 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50037 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50249
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50248
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50129
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50120
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50124
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50245
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50244
Source: unknown Network traffic detected: HTTP traffic on port 50224 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50247
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50125
Source: unknown Network traffic detected: HTTP traffic on port 50266 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50306 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50105 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50164 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50244 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50315 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50106 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50129 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50184 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50267 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50303
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50306
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50305
Source: unknown Network traffic detected: HTTP traffic on port 50117 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50173 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50308
Source: unknown Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50307
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50309
Source: unknown Network traffic detected: HTTP traffic on port 50152 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50070 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50201 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50300
Source: unknown Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50141 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50315
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50314
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50317
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50316
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50319
Source: unknown Network traffic detected: HTTP traffic on port 50279 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50200 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50313
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50312
Source: unknown Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50163 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50140 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50326
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50325
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50207
Source: unknown Network traffic detected: HTTP traffic on port 50196 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50206
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50327
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50209
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50208
Source: unknown Network traffic detected: HTTP traffic on port 50245 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50316 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50320
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50201
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50322
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50200
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50321
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50203
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50324
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50202
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50323
Source: unknown Network traffic detected: HTTP traffic on port 50290 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50185 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50327 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50175
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50296
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50174
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50295
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50298
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50176
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50297
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50179
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50178
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50299
Source: unknown Network traffic detected: HTTP traffic on port 50319 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50180
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50182
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50184
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50062
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50183
Source: unknown Network traffic detected: HTTP traffic on port 50125 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50320 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50251 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50148 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50274 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50186
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50185
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown Network traffic detected: HTTP traffic on port 50113 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50188
Source: unknown Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50187
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50189
Source: unknown Network traffic detected: HTTP traffic on port 50183 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50191
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50190
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50193
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50071
Source: unknown Network traffic detected: HTTP traffic on port 50159 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50192
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50195
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50073
Source: unknown Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50308 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50227 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50195 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50275 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50172 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50197
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50196
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50199
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50297 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50089
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50088
Source: unknown Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50136 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50193 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50259
Source: unknown Network traffic detected: HTTP traffic on port 50149 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50131
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50130
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50251
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50133
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50132
Source: unknown Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50135
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50134
Source: unknown Network traffic detected: HTTP traffic on port 50078 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50258
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50136
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50257
Source: unknown Network traffic detected: HTTP traffic on port 50161 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50140
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50261
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50260
Source: unknown Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50215 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50230 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50149
Source: unknown Network traffic detected: HTTP traffic on port 50299 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50142
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50141
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50262
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50265
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50143
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50146
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50267
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50145
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50266
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50148
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50268
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50270
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50151
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50272
Source: unknown Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50298 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50274
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50152
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50155
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50276
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50275
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50157
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50156
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50277
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50159
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50158
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50279
Source: unknown Network traffic detected: HTTP traffic on port 50182 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50265 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50281
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50280
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50162
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50283
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50161
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50282
Source: unknown Network traffic detected: HTTP traffic on port 50104 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50066 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50307 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50089 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50203 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50276 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50171 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50164
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50285
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50163
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50166
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50287
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50165
Source: unknown Network traffic detected: HTTP traffic on port 50115 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50289
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50167
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50288
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50290
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50050
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50171
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50173
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50294
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50172
Source: unknown Network traffic detected: HTTP traffic on port 50287 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50293
Source: unknown Network traffic detected: HTTP traffic on port 50044 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50214 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50231 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50145 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50122 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50042 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50260 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50283 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50248 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50180 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50219 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50300 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50134 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50237 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50088 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50133 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50099 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50156 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50272 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50100 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50312 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50249 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50167 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50192 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50054 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50207 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50323 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50294 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50065 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50218 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50229 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50296 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50097
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50099
Source: unknown Network traffic detected: HTTP traffic on port 50112 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50206 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50158 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50135 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50052 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50309 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50087 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50064 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50123 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50190 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50261 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50321 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50285 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown Network traffic detected: HTTP traffic on port 50086 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50063 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50124 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50191 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50262 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50179 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50322 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50295 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50228 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50146 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50097 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50157 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50239 -> 443
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49758 version: TLS 1.2
Source: unknown HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:49791 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:50024 version: TLS 1.2
Source: unknown HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:50062 version: TLS 1.2
Source: classification engine Classification label: sus20.win@19/501@56/9
Source: chromecache_720.2.dr Initial sample: https://pub-9f53cea87696450fa8d4f3211668f531.r2.dev/0nedrivefax.html
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=2044,i,2214216025922011460,6580258473650715008,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://tulsaretina-my.sharepoint.com/:f:/g/personal/dmiller_retinatulsa_com/ElBi9GQATzFLspsGNnE3XgEB-vtfzVVycqutPd6xXmtipQ?e=lATAVo"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=2044,i,2214216025922011460,6580258473650715008,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected

Persistence and Installation Behavior
barindex
AI detected landing page (webpage, office document or email)
Source: https://pub-9f53cea87696450fa8d4f3211668f531.r2.dev/0nedrivefax.html LLM: Page contains button: 'VIEW DOCUMENT' Source: '3.5.pages.csv'
Drops files with a non-matching file extension (content does not match file extension)
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: Chrome Cache Entry: 692 Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: Chrome Cache Entry: 720
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: Chrome Cache Entry: 720 Jump to dropped file
Source: chromecache_422.2.dr, chromecache_516.2.dr, chromecache_527.2.dr Binary or memory string: ",ConnectVirtualMachine:"
Source: chromecache_422.2.dr, chromecache_516.2.dr, chromecache_527.2.dr Binary or memory string: ",DisconnectVirtualMachine:"
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1541695 URL: https://tulsaretina-my.shar... Startdate: 25/10/2024 Architecture: WINDOWS Score: 20 15 sportsfacilitles.com 2->15 17 m365cdn.nel.measure.office.net 2->17 29 AI detected landing page (webpage, office document or email) 2->29 7 chrome.exe 1 2->7         started        10 chrome.exe 2->10         started        signatures3 process4 dnsIp5 19 192.168.2.4, 138, 443, 49723 unknown unknown 7->19 21 239.255.255.250 unknown Reserved 7->21 12 chrome.exe 7->12         started        process6 dnsIp7 23 dual-spo-0005.spo-msedge.net 13.107.136.10, 443, 49735, 49736 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 12->23 25 FRA-efz.ms-acdc.office.com 40.99.149.146, 443, 50114, 50130 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 12->25 27 22 other IPs or domains 12->27
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
13.107.136.10
 dual-spo-0005.spo-msedge.net United States
8068 MICROSOFT-CORP-MSN-AS-BLOCKUS false
162.159.140.237
 pub-9f53cea87696450fa8d4f3211668f531.r2.dev United States
13335 CLOUDFLARENETUS false
40.99.149.146
 FRA-efz.ms-acdc.office.com United States
8075 MICROSOFT-CORP-MSN-AS-BLOCKUS false
52.108.9.12
 unknown United States
8075 MICROSOFT-CORP-MSN-AS-BLOCKUS false
52.98.179.66
 ooc-g2.tm-4.office.com United States
8075 MICROSOFT-CORP-MSN-AS-BLOCKUS false
172.217.18.4
 www.google.com United States
15169 GOOGLEUS false
52.108.8.12
 wac-0003.wac-msedge.net United States
8075 MICROSOFT-CORP-MSN-AS-BLOCKUS false
239.255.255.250
 unknown Reserved
unknown unknown false

Private

IP
192.168.2.4

Contacted Domains

Name IP Active
wac-0003.wac-msedge.net 52.108.8.12 true
ooc-g2.tm-4.office.com 52.98.179.66 true
dual-spo-0005.spo-msedge.net 13.107.136.10 true
pub-9f53cea87696450fa8d4f3211668f531.r2.dev 162.159.140.237 true
s-part-0017.t-0009.t-msedge.net 13.107.246.45 true
www.google.com 172.217.18.4 true
FRA-efz.ms-acdc.office.com 40.99.149.146 true
fp2e7a.wpc.phicdn.net 192.229.221.95 true
r4.res.office365.com unknown unknown
tr-ofc-afdwac.office.com unknown unknown
m365cdn.nel.measure.office.net unknown unknown
outlook.office365.com unknown unknown
spo.nel.measure.office.net unknown unknown
5d9bcc5d9b00a201ed399a4752c9dd23.fp.measure.office.com unknown unknown
upload.fp.measure.office.com unknown unknown
config.fp.measure.office.com unknown unknown
sportsfacilitles.com unknown unknown
tulsaretina.sharepoint.com unknown unknown
tulsaretina-my.sharepoint.com unknown unknown
eastus1-mediap.svc.ms unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://tr-ofc-afdwac.office.com/apc/trans.gif?fcb4daba4c26dd79f2cd32bbb743c39e false
    		unknown
    https://tulsaretina-my.sharepoint.com/personal/dmiller_retinatulsa_com/_layouts/15/CSPReporting.aspx false
      		unknown
      https://tulsaretina-my.sharepoint.com/_layouts/15/spwebworkerproxy.ashx false
        		unknown
        https://pub-9f53cea87696450fa8d4f3211668f531.r2.dev/0nedrivefax.html true
          		unknown
          https://tulsaretina-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true false
            		unknown
            https://tulsaretina-my.sharepoint.com/_layouts/15/SPComponentRegistry.ashx?projects=[%22STS%22]&languages=%5B%5D false
              		unknown
              https://tulsaretina-my.sharepoint.com/personal/dmiller_retinatulsa_com/_api/v2.1/graphql false
                		unknown
                https://tulsaretina-my.sharepoint.com/personal/dmiller_retinatulsa_com/_layouts/15/onedrive.aspx?ga=1&id=%2Fpersonal%2Fdmiller%5Fretinatulsa%5Fcom%2FDocuments%2FAlliance%20Technical%20Group%2FAlliance%20Technical%20Group%2Epdf&parent=%2Fpersonal%2Fdmiller%5Fretinatulsa%5Fcom%2FDocuments%2FAlliance%20Technical%20Group false
                  		unknown
                  https://tulsaretina-my.sharepoint.com/personal/dmiller_retinatulsa_com/_api/SP.OAuth.Token/Acquire() false
                    		unknown
                    https://tulsaretina-my.sharepoint.com/personal/dmiller_retinatulsa_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fdmiller%5Fretinatulsa%5Fcom%2FDocuments%2FAlliance%20Technical%20Group&ga=1 false
                      		unknown
                      https://tulsaretina-my.sharepoint.com/_layouts/15/SPComponentRegistry.ashx?projects=[%22spfx%22]&languages=%5B%5D false
                        		unknown
                        https://tulsaretina-my.sharepoint.com/:f:/g/personal/dmiller_retinatulsa_com/ElBi9GQATzFLspsGNnE3XgEB-vtfzVVycqutPd6xXmtipQ?e=lATAVo false
                          		unknown
                          https://pub-9f53cea87696450fa8d4f3211668f531.r2.dev/favicon.ico false
                            		unknown
                            https://outlook.office365.com/apc/trans.gif?cb61d68587244411fc17b8850e35bbe3 false
                              		unknown
                              https://outlook.office365.com/apc/trans.gif?fe193a6eedf44cf4c3a0931e2e0f10b9 false
                                		unknown
                                https://tr-ofc-afdwac.office.com/apc/trans.gif?fa5368ac33f45170016606d506ad6bb7 false
                                  		unknown
                                  https://tulsaretina-my.sharepoint.com/_layouts/15/images/odbfavicon.ico?rev=47 false
                                    		unknown
                                    https://tulsaretina-my.sharepoint.com/personal/dmiller_retinatulsa_com/_layouts/15/AccessDenied.aspx?correlation=40355da1%2D308d%2D6000%2D947f%2D6cb084de4f4b false
                                      		unknown