Edit tour

Windows Analysis Report
https://protect-us.mimecast.com/s/sMiVC687o9CPGJB2XupfJF5g12L

Overview

General Information

Sample URL:	https://protect-us.mimecast.com/s/sMiVC687o9CPGJB2XupfJF5g12L
Analysis ID:	1544003
Infos:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

HTML body contains low number of good links

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 2620 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 5968 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1932,i,16414200054814140303,7306942213891831198,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 6632 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://protect-us.mimecast.com/s/sMiVC687o9CPGJB2XupfJF5g12L" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA#/login?message=eNpNj1FLwzAURv9Lnhdt0jRNh4hzFhS2sTHGQISQNnczW9PMJh0y8b-bTUWf78c5534gD3XfgdFoiPpyspvuFu91WQk6GY2dyJO1LR8eFbxcv_HOPIkTPy2N58vnXpTzer7a3JdryFQ6nRV0QdAAWfBebaFxbt8fgttDi4Zt3zQDFGyYOQ3RkyQ0LlUdzPFbPF4tR0U2YoxIxrgQTOSEy94H6CwhMu7lTVWJDDThuKqpwkxRgQsNCeZpURWpUpQU-jZiWw9Bw-bM5QUfoCN03rhYQS4JU9e3l19_4OeQrn79LdnKGkM0J0RmuTzqLMcklf_6aEIZSeKZ_gXiGIgzmjOe8pznEQlWmSbivLKqU8FY6-8OzrShcVZdge7R5xcUdXRf

HTTP Parser: Number of links: 0

Source: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA#/login?message=eNpNj1FLwzAURv9Lnhdt0jRNh4hzFhS2sTHGQISQNnczW9PMJh0y8b-bTUWf78c5534gD3XfgdFoiPpyspvuFu91WQk6GY2dyJO1LR8eFbxcv_HOPIkTPy2N58vnXpTzer7a3JdryFQ6nRV0QdAAWfBebaFxbt8fgttDi4Zt3zQDFGyYOQ3RkyQ0LlUdzPFbPF4tR0U2YoxIxrgQTOSEy94H6CwhMu7lTVWJDDThuKqpwkxRgQsNCeZpURWpUpQU-jZiWw9Bw-bM5QUfoCN03rhYQS4JU9e3l19_4OeQrn79LdnKGkM0J0RmuTzqLMcklf_6aEIZSeKZ_gXiGIgzmjOe8pznEQlWmSbivLKqU8FY6-8OzrShcVZdge7R5xcUdXRf	HTTP Parser: No <meta name="author".. found
Source: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA#/login?message=eNpNj1FLwzAURv9Lnhdt0jRNh4hzFhS2sTHGQISQNnczW9PMJh0y8b-bTUWf78c5534gD3XfgdFoiPpyspvuFu91WQk6GY2dyJO1LR8eFbxcv_HOPIkTPy2N58vnXpTzer7a3JdryFQ6nRV0QdAAWfBebaFxbt8fgttDi4Zt3zQDFGyYOQ3RkyQ0LlUdzPFbPF4tR0U2YoxIxrgQTOSEy94H6CwhMu7lTVWJDDThuKqpwkxRgQsNCeZpURWpUpQU-jZiWw9Bw-bM5QUfoCN03rhYQS4JU9e3l19_4OeQrn79LdnKGkM0J0RmuTzqLMcklf_6aEIZSeKZ_gXiGIgzmjOe8pznEQlWmSbivLKqU8FY6-8OzrShcVZdge7R5xcUdXRf	HTTP Parser: No <meta name="author".. found
Source: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA#/login?message=eNpNj1FLwzAURv9Lnhdt0jRNh4hzFhS2sTHGQISQNnczW9PMJh0y8b-bTUWf78c5534gD3XfgdFoiPpyspvuFu91WQk6GY2dyJO1LR8eFbxcv_HOPIkTPy2N58vnXpTzer7a3JdryFQ6nRV0QdAAWfBebaFxbt8fgttDi4Zt3zQDFGyYOQ3RkyQ0LlUdzPFbPF4tR0U2YoxIxrgQTOSEy94H6CwhMu7lTVWJDDThuKqpwkxRgQsNCeZpURWpUpQU-jZiWw9Bw-bM5QUfoCN03rhYQS4JU9e3l19_4OeQrn79LdnKGkM0J0RmuTzqLMcklf_6aEIZSeKZ_gXiGIgzmjOe8pznEQlWmSbivLKqU8FY6-8OzrShcVZdge7R5xcUdXRf	HTTP Parser: No <meta name="author".. found
Source: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA#/login?message=eNpNj1FLwzAURv9Lnhdt0jRNh4hzFhS2sTHGQISQNnczW9PMJh0y8b-bTUWf78c5534gD3XfgdFoiPpyspvuFu91WQk6GY2dyJO1LR8eFbxcv_HOPIkTPy2N58vnXpTzer7a3JdryFQ6nRV0QdAAWfBebaFxbt8fgttDi4Zt3zQDFGyYOQ3RkyQ0LlUdzPFbPF4tR0U2YoxIxrgQTOSEy94H6CwhMu7lTVWJDDThuKqpwkxRgQsNCeZpURWpUpQU-jZiWw9Bw-bM5QUfoCN03rhYQS4JU9e3l19_4OeQrn79LdnKGkM0J0RmuTzqLMcklf_6aEIZSeKZ_gXiGIgzmjOe8pznEQlWmSbivLKqU8FY6-8OzrShcVZdge7R5xcUdXRf	HTTP Parser: No <meta name="author".. found

Source: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA#/login?message=eNpNj1FLwzAURv9Lnhdt0jRNh4hzFhS2sTHGQISQNnczW9PMJh0y8b-bTUWf78c5534gD3XfgdFoiPpyspvuFu91WQk6GY2dyJO1LR8eFbxcv_HOPIkTPy2N58vnXpTzer7a3JdryFQ6nRV0QdAAWfBebaFxbt8fgttDi4Zt3zQDFGyYOQ3RkyQ0LlUdzPFbPF4tR0U2YoxIxrgQTOSEy94H6CwhMu7lTVWJDDThuKqpwkxRgQsNCeZpURWpUpQU-jZiWw9Bw-bM5QUfoCN03rhYQS4JU9e3l19_4OeQrn79LdnKGkM0J0RmuTzqLMcklf_6aEIZSeKZ_gXiGIgzmjOe8pznEQlWmSbivLKqU8FY6-8OzrShcVZdge7R5xcUdXRf	HTTP Parser: No <meta name="copyright".. found
Source: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA#/login?message=eNpNj1FLwzAURv9Lnhdt0jRNh4hzFhS2sTHGQISQNnczW9PMJh0y8b-bTUWf78c5534gD3XfgdFoiPpyspvuFu91WQk6GY2dyJO1LR8eFbxcv_HOPIkTPy2N58vnXpTzer7a3JdryFQ6nRV0QdAAWfBebaFxbt8fgttDi4Zt3zQDFGyYOQ3RkyQ0LlUdzPFbPF4tR0U2YoxIxrgQTOSEy94H6CwhMu7lTVWJDDThuKqpwkxRgQsNCeZpURWpUpQU-jZiWw9Bw-bM5QUfoCN03rhYQS4JU9e3l19_4OeQrn79LdnKGkM0J0RmuTzqLMcklf_6aEIZSeKZ_gXiGIgzmjOe8pznEQlWmSbivLKqU8FY6-8OzrShcVZdge7R5xcUdXRf	HTTP Parser: No <meta name="copyright".. found
Source: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA#/login?message=eNpNj1FLwzAURv9Lnhdt0jRNh4hzFhS2sTHGQISQNnczW9PMJh0y8b-bTUWf78c5534gD3XfgdFoiPpyspvuFu91WQk6GY2dyJO1LR8eFbxcv_HOPIkTPy2N58vnXpTzer7a3JdryFQ6nRV0QdAAWfBebaFxbt8fgttDi4Zt3zQDFGyYOQ3RkyQ0LlUdzPFbPF4tR0U2YoxIxrgQTOSEy94H6CwhMu7lTVWJDDThuKqpwkxRgQsNCeZpURWpUpQU-jZiWw9Bw-bM5QUfoCN03rhYQS4JU9e3l19_4OeQrn79LdnKGkM0J0RmuTzqLMcklf_6aEIZSeKZ_gXiGIgzmjOe8pznEQlWmSbivLKqU8FY6-8OzrShcVZdge7R5xcUdXRf	HTTP Parser: No <meta name="copyright".. found
Source: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA#/login?message=eNpNj1FLwzAURv9Lnhdt0jRNh4hzFhS2sTHGQISQNnczW9PMJh0y8b-bTUWf78c5534gD3XfgdFoiPpyspvuFu91WQk6GY2dyJO1LR8eFbxcv_HOPIkTPy2N58vnXpTzer7a3JdryFQ6nRV0QdAAWfBebaFxbt8fgttDi4Zt3zQDFGyYOQ3RkyQ0LlUdzPFbPF4tR0U2YoxIxrgQTOSEy94H6CwhMu7lTVWJDDThuKqpwkxRgQsNCeZpURWpUpQU-jZiWw9Bw-bM5QUfoCN03rhYQS4JU9e3l19_4OeQrn79LdnKGkM0J0RmuTzqLMcklf_6aEIZSeKZ_gXiGIgzmjOe8pznEQlWmSbivLKqU8FY6-8OzrShcVZdge7R5xcUdXRf	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.18:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.126.32.136:443 -> 192.168.2.18:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.23.209.177:443 -> 192.168.2.18:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.18:49784 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.32.136

Source: global traffic	HTTP traffic detected: GET /s/sMiVC687o9CPGJB2XupfJF5g12L HTTP/1.1Host: protect-us.mimecast.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/assets/entypo/font/entypo.css HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/assets/font-awesome/css/font-awesome.css HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/assets/mimecast-icons/css/mimecast-icons.css HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libs/galindo.js HTTP/1.1Host: static.srcspot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://secure-portal.login-us.mimecast.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libs/galindo.js HTTP/1.1Host: static.srcspot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/login/cache.4d1a22494c68b269520ec72ef3757433.login-lib.js HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/login/cache.1b1f06688bfbb8673528c177626fe897.login.js HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/login/cache.1b1f06688bfbb8673528c177626fe897.login.js HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /agent/static/0600cd7b-e6b2-4ba9-4249-ab1342c3631b/pendo.js HTTP/1.1Host: cdn.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://secure-portal.login-us.mimecast.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/login/cache.4d1a22494c68b269520ec72ef3757433.login-lib.js HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/login/assets/languages/en.json?ver=1.12.0 HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/login/app-version.jsp HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/assets/images/mimecast-logo.png HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/login/app-version.jsp HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/assets/images/mimecast-logo.png HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/login/assets/languages/en.json?ver=1.12.0 HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /agent/static/0600cd7b-e6b2-4ba9-4249-ab1342c3631b/pendo.js HTTP/1.1Host: cdn.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/ptm.gif/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?v=2.252.0_prod&ct=1730134096240&jzb=eJztlVmPo8gShf8LI82Tl2QzUFKp5Y0qYxuzemE0QizJYlYnCTa06r93ump6dJ_6dXSlfsuME3EIwfnEX98p3NeQeqEKiD1qRPmoujcQuTgtSJUWWECzHJBmDEuPqC5tUlwhNw3JgKut1dXBtdyq9heSbUbVHhCDFuVETDCum5fptIFBi-C4rhD28klexWk5bptJQdwDr8GToCqm7fSzPv0WY-_1a-BPnJWv7CRL5V45VrTcMuwwqH4r4EhmnVRc3KphqaEkQFeeyfYwHbRV5m60aqvuH2ayuq1jia9vkcJeZbyO4O4uh8IYBOogHdtH4YdWNNvkXVHvmlU6QI-LAiXbx7R4ul1RL-AenNG7wk9isND5CFrBxskX4LE2aWMZzv_4WvhbAZvGi-ErVGv1Ssu7-zC3jU7alUmIwdVQEy4Z5MRkGuv9Td-YuloGw0nS9koCetEf-5Z9igQx4HmWi1fsOYpDuUq1um_qrpVbiT7p2eztwoS9cqB3hghl_xF07vtB22SW1jMqL3blubYGiASPVULUy_qsNI5AD-fzU7SAvic_fCxGMcarlHMwO-gr-a2_HHTWyHod7HI7HDTZ12QOG8BmLtVj80Cxbh3MdS9x77PlPdm3Qm4dT8pqZSXt9lbfs4cR6426hE5tG6farnV7fHXS011a3Mf-ntftqFqqgEXJRTc5xZYgm9OSyx2gjkpB2oXl9i3bAwUYRWsNt90-yPLInXnrjWPCrePG5_RtEw_F9QDFeijXen4qTD_tdtubLcqX2Vg8DMhMgqMTxlAw-Edgh2cjIsmrUVU31Mv3nzF9Hn-V1Nwr45Z8P9IBS9c2qY8R5QVB1ZaYjJJL7SFY4vn_lkIPP_sZcUqDKQMYjvh0EDVpVT7LE4ZnJsAlm4RPty8Dy_M3ZI2yzfMRhb8uVNR120U5q-hbq3Y2dohPhLwCforAdM64n7O9wb9fYcgTsSFZIw_5lE1V3UbZJb5fs_WSvx8-5VsLy4DsBgjDPYbkRUiC9DH6l--88sJf8s3-5vs33_8XfD-j_DPAgBHFCf8fsUZ-if-wJs7Yj79_AJk_coE HTTP/1.1Host: app.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://secure-portal.login-us.mimecast.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/guide.js/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?id=12&jzb=eJx9kluvqkgQhf8Lk5yno3JV2MnOiYooCEhzEfWFcGkucrVpFHqy__txz0km8zRvVV-tVdVJr7-pZ9EXuEVqQn1QgbUz5VPgBm0XbSTPSVuDpn5SA6rewxzjrv9YLHoYDwjOuhbhsJpXbVY0s6Gf10UN47DH87itF8PiH774leHw84_hBy6bT25eFsqknVtGGViOEDMaVjhVuFshbh4t2Vooj9FdYEsDFsSSy0C12qNpjE4uP3aZJHSPVOPuCt6lUH8pyWpGxyaRzsNYR4mbLtXqWXd6LxcEhnwaa6WRMaL_uKNphSf6gg6aMM_oDRBS6MbqrdrQ485h7G2y_uvPg3_VsO_DDH5CszPvjKK_yNqzn5Le5Amm77aZ8zlRcoft3cMeqA4wm5j4kmVoOT2J0SxyPT9dibEgcHwmc5c0S5S2sLqp756DMkiMD8rl_somk3ZidFuESjTGz-BwstTStSbWFMRnc-lcAtEq5LQETQpYNvaZBsl67acbGIXKGGExzTCWC_6GOQJkZT9dT4CzywnQeuUlxFIiS-GxTXvstR3VEWXAPTm7SeIPy-0rN4ZV5Z59TZbdfDg-ulc52hnozS28dZ7td14HvNn9VvgvafOaRYYAvLTdmjSH8itweM2TIFcxUsCfIEDNStKT5rgvDVqj7XpwyUM34rJKg2W4U28OPN6C7FLs1YzU9xMUO9LsQOXXTlQ89ePDE5XrciaeCHLy-HxLMriyhTH2koudvpNXQxwmIQ6pj3-D-l0W_xPWKmyy4f2FbwVsAs-hvn5SYRy3Q4Pf1nfThQg2eP1f9D7xrWfFBUMvWJrl33ueEPVF23zjOSuwczroUJtQX1-_ARPgFLk&v=2.252.0_prod&ct=1730134096242 HTTP/1.1Host: app.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://secure-portal.login-us.mimecast.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/guide.gif/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1730134096243&v=2.252.0_prod HTTP/1.1Host: app.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://secure-portal.login-us.mimecast.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/assets/images/ccm_flavicon.ico HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdAAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/guide.gif/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1730134096243&v=2.252.0_prod HTTP/1.1Host: app.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/ptm.gif/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?v=2.252.0_prod&ct=1730134096240&jzb=eJztlVmPo8gShf8LI82Tl2QzUFKp5Y0qYxuzemE0QizJYlYnCTa06r93ump6dJ_6dXSlfsuME3EIwfnEX98p3NeQeqEKiD1qRPmoujcQuTgtSJUWWECzHJBmDEuPqC5tUlwhNw3JgKut1dXBtdyq9heSbUbVHhCDFuVETDCum5fptIFBi-C4rhD28klexWk5bptJQdwDr8GToCqm7fSzPv0WY-_1a-BPnJWv7CRL5V45VrTcMuwwqH4r4EhmnVRc3KphqaEkQFeeyfYwHbRV5m60aqvuH2ayuq1jia9vkcJeZbyO4O4uh8IYBOogHdtH4YdWNNvkXVHvmlU6QI-LAiXbx7R4ul1RL-AenNG7wk9isND5CFrBxskX4LE2aWMZzv_4WvhbAZvGi-ErVGv1Ssu7-zC3jU7alUmIwdVQEy4Z5MRkGuv9Td-YuloGw0nS9koCetEf-5Z9igQx4HmWi1fsOYpDuUq1um_qrpVbiT7p2eztwoS9cqB3hghl_xF07vtB22SW1jMqL3blubYGiASPVULUy_qsNI5AD-fzU7SAvic_fCxGMcarlHMwO-gr-a2_HHTWyHod7HI7HDTZ12QOG8BmLtVj80Cxbh3MdS9x77PlPdm3Qm4dT8pqZSXt9lbfs4cR6426hE5tG6farnV7fHXS011a3Mf-ntftqFqqgEXJRTc5xZYgm9OSyx2gjkpB2oXl9i3bAwUYRWsNt90-yPLInXnrjWPCrePG5_RtEw_F9QDFeijXen4qTD_tdtubLcqX2Vg8DMhMgqMTxlAw-Edgh2cjIsmrUVU31Mv3nzF9Hn-V1Nwr45Z8P9IBS9c2qY8R5QVB1ZaYjJJL7SFY4vn_lkIPP_sZcUqDKQMYjvh0EDVpVT7LE4ZnJsAlm4RPty8Dy_M3ZI2yzfMRhb8uVNR120U5q-hbq3Y2dohPhLwCforAdM64n7O9wb9fYcgTsSFZIw_5lE1V3UbZJb5fs_WSvx8-5VsLy4DsBgjDPYbkRUiC9DH6l--88sJf8s3-5vs33_8XfD-j_DPAgBHFCf8fsUZ-if-wJs7Yj79_AJk_coE HTTP/1.1Host: app.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/guide.js/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?id=12&jzb=eJx9kluvqkgQhf8Lk5yno3JV2MnOiYooCEhzEfWFcGkucrVpFHqy__txz0km8zRvVV-tVdVJr7-pZ9EXuEVqQn1QgbUz5VPgBm0XbSTPSVuDpn5SA6rewxzjrv9YLHoYDwjOuhbhsJpXbVY0s6Gf10UN47DH87itF8PiH774leHw84_hBy6bT25eFsqknVtGGViOEDMaVjhVuFshbh4t2Vooj9FdYEsDFsSSy0C12qNpjE4uP3aZJHSPVOPuCt6lUH8pyWpGxyaRzsNYR4mbLtXqWXd6LxcEhnwaa6WRMaL_uKNphSf6gg6aMM_oDRBS6MbqrdrQ485h7G2y_uvPg3_VsO_DDH5CszPvjKK_yNqzn5Le5Amm77aZ8zlRcoft3cMeqA4wm5j4kmVoOT2J0SxyPT9dibEgcHwmc5c0S5S2sLqp756DMkiMD8rl_somk3ZidFuESjTGz-BwstTStSbWFMRnc-lcAtEq5LQETQpYNvaZBsl67acbGIXKGGExzTCWC_6GOQJkZT9dT4CzywnQeuUlxFIiS-GxTXvstR3VEWXAPTm7SeIPy-0rN4ZV5Z59TZbdfDg-ulc52hnozS28dZ7td14HvNn9VvgvafOaRYYAvLTdmjSH8itweM2TIFcxUsCfIEDNStKT5rgvDVqj7XpwyUM34rJKg2W4U28OPN6C7FLs1YzU9xMUO9LsQOXXTlQ89ePDE5XrciaeCHLy-HxLMriyhTH2koudvpNXQxwmIQ6pj3-D-l0W_xPWKmyy4f2FbwVsAs-hvn5SYRy3Q4Pf1nfThQg2eP1f9D7xrWfFBUMvWJrl33ueEPVF23zjOSuwczroUJtQX1-_ARPgFLk&v=2.252.0_prod&ct=1730134096242 HTTP/1.1Host: app.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /u/assets/images/ccm_flavicon.ico HTTP/1.1Host: secure-portal.login-us.mimecast.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=625blHBBocdSL7D&MD=5nDxeLNw HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /client/config?cc=CH&setlang=en-CH HTTP/1.1X-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateAccept-Encoding: gzip, deflateX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-UserAgeClass: UnknownX-BM-Market: CHX-BM-DateFormat: dd/MM/yyyyX-Device-OSSKU: 48X-BM-DTZ: -240X-DeviceID: 01000A410900B03DX-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75X-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard TimeX-BM-Theme: 000000;0078d7X-Search-RPSToken: t%3DEwDoAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAQFNb5VyJSLhm3Tvu356Ps0ZCU%2BvIUDxXxYTv/R5hoE62bggRuycH9ZTMtSc8RhAAmBnskeYoen%2Bs4pNxi8fLp4y/2q/0KXSLl9YDW6ug9fFt9A3j8kh/GAPZi%2BM6rOZ5KX4mzlJsLik375/ZNsjvx0bf1RebnGT/RV1mQ1TAXWUB0qRTSNr5Hq7pyNtqTSAg50SGEgR2epO/aiQylxRxzrIErPeANz9ZXgWmH6%2B/NKvkdFfPw3KrnkAR8qUNs7BpQuJyuDPy3pENAjWoIJBhgEkx%2BDCpD6Kx2X4flhxq3s7n1mp%2BjACAGL0ZeSyowrZeH4clSbeOo7/6f2tF8U3bXMQZgAAEIfbxNIJIN85iiV1GQrbOdOwAQJnzaYVM3zF9SUYdyBaCLg%2Bv4YJm1F56tgjzqy99XxEgY2jvcRJ18lIzoSNcrMGrylsSMIzmQxxZSjgrJcPd2sHg0VFdkxSf70bcnIxfrGtRh9rcAUP%2BJd5cSEQD8Nm8h%2BI2gbahvkYhn/m8U/BB3V54LUHbAKqJ2ZyNlzhYJoE0574a0FvJTojSIJCZKRcQzJ6sncs47fKivPrqav5yE6ymc93BbKzG648QlDbjHdVAGdRG9Jr/8CeovGDFLSc/bL9w6njwYokQpCbwPiZUgNCz4Akk0rNu2%2BqnaXVrCI4eEUZNIj3i0I0%2B9phCVqXwm4JJMN31V0ECPo/%2BmAySA6IZiQ5xG8NtfrM28kryelbbbPN2iOeRnVGtxKA0gIN/Iyx8sM2kJ0jOmNNs0HKq/4KHSY1vqRZ9WTuOVovZ0aSwqvR%2BLMCWNAvJwJr%2BlOTqpiqFoOl%2BBhgW87ijc6erHUBpigihj%2BeJRpQKfsY2n3YRsct0YbdDYjPf5EojF5nEbl709Q1FqINLxQcrzTUgg6%2BEDIPsUBZD1Cj4ZIo0j7Av/GgwKNrCCzuSafJrtWoFNoB%26p%3DX-Agent-DeviceId: 01000A410900B03DX-BM-CBT: 1730134124User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045X-Device-isOptin: falseAccept-language: en-GB, en, en-USX-Device-Touch: falseX-Device-ClientSession: 31D016147A4547BE8D2E1D11755C8674X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIHost: www.bing.comConnection: Keep-AliveCookie: SRCHUID=V=2&GUID=B4BB39E5F80E411D94C438C0FA7ACF94&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&LUT=1707317051026&IPMH=6b344233&IPMID=1707317270835&HV=1707317277; ANON=A=680C1B1A649CBD64DD40EBFCFFFFFFFF; MUID=BC76BB0020D345C1A049A4820CB4C03C; MUIDB=BC76BB0020D345C1A049A4820CB4C03C
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=625blHBBocdSL7D&MD=5nDxeLNw HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com

Source: global traffic	DNS traffic detected: DNS query: protect-us.mimecast.com
Source: global traffic	DNS traffic detected: DNS query: secure-portal.login-us.mimecast.com
Source: global traffic	DNS traffic detected: DNS query: static.srcspot.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: cdn.pendo.io
Source: global traffic	DNS traffic detected: DNS query: app.pendo.io

Source: unknown

HTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 3592Host: login.live.com

Source: chromecache_165.1.dr	String found in binary or memory: http://daneden.me/animate
Source: chromecache_118.1.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_118.1.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_165.1.dr	String found in binary or memory: http://janstevens.github.io/angular-growl-2
Source: chromecache_165.1.dr	String found in binary or memory: http://opensource.org/licenses/MIT
Source: chromecache_165.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_165.1.dr	String found in binary or memory: http://www.mimecast.com/
Source: chromecache_165.1.dr	String found in binary or memory: http://www.mimecast.com/Customers/Support/Contact-support/
Source: chromecache_165.1.dr	String found in binary or memory: http://www.opensource.org/licenses/MIT
Source: chromecache_127.1.dr, chromecache_128.1.dr	String found in binary or memory: https://agent.pendo.io/licenses
Source: chromecache_127.1.dr, chromecache_128.1.dr	String found in binary or memory: https://api.feedback.us.pendo.io
Source: chromecache_145.1.dr, chromecache_123.1.dr	String found in binary or memory: https://app.dmarcanalyzer.com/register?utm_medium=pendo&utm_source=adcon&utm_campaign=7013l000001JNB
Source: chromecache_165.1.dr	String found in binary or memory: https://cdn.pendo.io/agent/static/
Source: chromecache_165.1.dr	String found in binary or memory: https://community.mimecast.com/community/knowledge-base/secure-messaging
Source: chromecache_165.1.dr	String found in binary or memory: https://community.mimecast.com/docs/DOC-1183
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/article/cybergraph-cybergraph-1-0-configuration-settings
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/article/cybergraph-cybergraph-2-0-configuration-settings
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/article/email-security-cloud-gateway-configuring-url-protection
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/article/email-security-cloud-gateway-continuity-guides
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/article/email-security-cloud-gateway-secure-messaging-getting-start
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/article/email-security-cloud-gateway-targeted-threat-protection-int
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/article/email-security-cloud-gateway-ttp-attachment-protect-configu
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/article/email-security-cloud-gateway-ttp-impersonation-protection-g
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/article/end-user-applications-large-file-send-getting-started
Source: chromecache_145.1.dr, chromecache_123.1.dr	String found in binary or memory: https://community.mimecast.com/s/education-free-courses?utm_medium=pendo&utm_source=adcon&utm_campai
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/knowledge-hub-api-and-integrations
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/knowledge-hub-awareness-training
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/knowledge-hub-brand-exploit-protect
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/knowledge-hub-case-review-application
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/knowledge-hub-dmarc-analyzer
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/knowledge-hub-email-security-cg
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/knowledge-hub-supervision
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/knowledge-hub-sync-and-recover
Source: chromecache_162.1.dr, chromecache_130.1.dr	String found in binary or memory: https://community.mimecast.com/s/knowledge-hub-web-security
Source: chromecache_145.1.dr, chromecache_123.1.dr	String found in binary or memory: https://community.mimecast.com/s/mimecast-education?utm_medium=pendo&utm_source=adcon&utm_campaign=7
Source: chromecache_127.1.dr, chromecache_128.1.dr	String found in binary or memory: https://feedback.us.pendo.io
Source: chromecache_165.1.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Open
Source: chromecache_142.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_142.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_142.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_142.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_142.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_142.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_142.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_142.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_142.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_142.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: chromecache_165.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_165.1.dr	String found in binary or memory: https://github.com/dbtek/angular-aside
Source: chromecache_165.1.dr	String found in binary or memory: https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css
Source: chromecache_165.1.dr	String found in binary or memory: https://github.com/mgcrea/angular-motion
Source: chromecache_165.1.dr	String found in binary or memory: https://github.com/nickpettit/glide
Source: chromecache_165.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_145.1.dr, chromecache_123.1.dr	String found in binary or memory: https://info.mimecast.com/AT-IEP-Demo.html?utm_medium=pendo&utm_source=adcon&utm_campaign=7013l00000
Source: chromecache_145.1.dr, chromecache_123.1.dr	String found in binary or memory: https://info.mimecast.com/Continuity-and-Recovery-Demo-.html?utm_medium=pendo&utm_source=adcon&utm_c
Source: chromecache_145.1.dr, chromecache_123.1.dr	String found in binary or memory: https://info.mimecast.com/Safe_Phish_Demo.html?utm_medium=pendo&utm_source=adcon&utm_campaign=7013l0
Source: chromecache_145.1.dr, chromecache_123.1.dr	String found in binary or memory: https://info.mimecast.com/SolutionFrameworkRequest?utm_medium=pendo&utm_source=adcon&utm_campaign=70
Source: chromecache_145.1.dr, chromecache_123.1.dr	String found in binary or memory: https://info.mimecast.com/Web-Security-Service.html?utm_medium=pendo&utm_source=adcon&utm_campaign=7
Source: chromecache_145.1.dr, chromecache_123.1.dr	String found in binary or memory: https://info.mimecast.com/security-awareness-remote-resources.html?utm_medium=pendo&utm_source=adcon
Source: chromecache_145.1.dr, chromecache_123.1.dr	String found in binary or memory: https://login-alpha.mimecast.com/administration/app/#/l/accountassessment
Source: chromecache_127.1.dr, chromecache_128.1.dr	String found in binary or memory: https://pendo-io-static.storage.googleapis.com/agent/static/0600cd7b-e6b2-4ba9-4249-ab1342c3631b/pen
Source: chromecache_127.1.dr, chromecache_128.1.dr	String found in binary or memory: https://pendo-static-5707797427912704.storage.googleapis.com
Source: chromecache_132.1.dr	String found in binary or memory: https://play.vidyard.com/LE2oaRu3qApZkgaw4JjwZM.jpg
Source: chromecache_132.1.dr	String found in binary or memory: https://play.vidyard.com/embed/v4.js
Source: chromecache_165.1.dr	String found in binary or memory: https://static.srcspot.com/libs/galindo.js
Source: chromecache_165.1.dr	String found in binary or memory: https://summernote.org
Source: chromecache_165.1.dr	String found in binary or memory: https://us-api.mimecast.com
Source: chromecache_145.1.dr, chromecache_123.1.dr	String found in binary or memory: https://www.mimecast.com/coronavirus/?utm_medium=pendo&utm_source=adcon&utm_campaign=7013l000001JNBI
Source: chromecache_145.1.dr, chromecache_123.1.dr	String found in binary or memory: https://www.mimecast.com/state-of-email-security/download-hub/?utm_medium=pendo&utm_source=adcon&utm

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49693
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701

Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.18:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.126.32.136:443 -> 192.168.2.18:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.23.209.177:443 -> 192.168.2.18:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.18:49784 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@17/107@20/10

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1932,i,16414200054814140303,7306942213891831198,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://protect-us.mimecast.com/s/sMiVC687o9CPGJB2XupfJF5g12L"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1932,i,16414200054814140303,7306942213891831198,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label
http://fontawesome.io	0%	URL Reputation	safe
http://daneden.me/animate	0%	URL Reputation	safe
http://opensource.org/licenses/MIT	0%	URL Reputation	safe
https://getbootstrap.com/)	0%	URL Reputation	safe
http://fontawesome.io/license	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
protect-us.mimecast.com	207.211.31.113	true	false	unknown
app.pendo.io	34.107.204.85	true	false	unknown
cdn.pendo.io	34.36.213.229	true	false	unknown
static.srcspot.com	35.190.8.230	true	false	unknown
www.google.com	142.250.185.228	true	false	unknown
secure-portal.login-us.mimecast.com	205.139.110.112	true	false	unknown

Contacted URLs

Name	Malicious	Reputation
https://app.pendo.io/data/ptm.gif/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?v=2.252.0_prod&ct=1730134096240&jzb=eJztlVmPo8gShf8LI82Tl2QzUFKp5Y0qYxuzemE0QizJYlYnCTa06r93ump6dJ_6dXSlfsuME3EIwfnEX98p3NeQeqEKiD1qRPmoujcQuTgtSJUWWECzHJBmDEuPqC5tUlwhNw3JgKut1dXBtdyq9heSbUbVHhCDFuVETDCum5fptIFBi-C4rhD28klexWk5bptJQdwDr8GToCqm7fSzPv0WY-_1a-BPnJWv7CRL5V45VrTcMuwwqH4r4EhmnVRc3KphqaEkQFeeyfYwHbRV5m60aqvuH2ayuq1jia9vkcJeZbyO4O4uh8IYBOogHdtH4YdWNNvkXVHvmlU6QI-LAiXbx7R4ul1RL-AenNG7wk9isND5CFrBxskX4LE2aWMZzv_4WvhbAZvGi-ErVGv1Ssu7-zC3jU7alUmIwdVQEy4Z5MRkGuv9Td-YuloGw0nS9koCetEf-5Z9igQx4HmWi1fsOYpDuUq1um_qrpVbiT7p2eztwoS9cqB3hghl_xF07vtB22SW1jMqL3blubYGiASPVULUy_qsNI5AD-fzU7SAvic_fCxGMcarlHMwO-gr-a2_HHTWyHod7HI7HDTZ12QOG8BmLtVj80Cxbh3MdS9x77PlPdm3Qm4dT8pqZSXt9lbfs4cR6426hE5tG6farnV7fHXS011a3Mf-ntftqFqqgEXJRTc5xZYgm9OSyx2gjkpB2oXl9i3bAwUYRWsNt90-yPLInXnrjWPCrePG5_RtEw_F9QDFeijXen4qTD_tdtubLcqX2Vg8DMhMgqMTxlAw-Edgh2cjIsmrUVU31Mv3nzF9Hn-V1Nwr45Z8P9IBS9c2qY8R5QVB1ZaYjJJL7SFY4vn_lkIPP_sZcUqDKQMYjvh0EDVpVT7LE4ZnJsAlm4RPty8Dy_M3ZI2yzfMRhb8uVNR120U5q-hbq3Y2dohPhLwCforAdM64n7O9wb9fYcgTsSFZIw_5lE1V3UbZJb5fs_WSvx8-5VsLy4DsBgjDPYbkRUiC9DH6l--88sJf8s3-5vs33_8XfD-j_DPAgBHFCf8fsUZ-if-wJs7Yj79_AJk_coE	false	unknown
https://secure-portal.login-us.mimecast.com/u/assets/entypo/font/entypo.css	false	unknown
https://protect-us.mimecast.com/s/sMiVC687o9CPGJB2XupfJF5g12L	false	unknown
https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA	false	unknown
https://secure-portal.login-us.mimecast.com/u/assets/font-awesome/css/font-awesome.css	false	unknown
https://secure-portal.login-us.mimecast.com/u/assets/images/ccm_flavicon.ico	false	unknown
https://app.pendo.io/data/guide.gif/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1730134096243&v=2.252.0_prod	false	unknown
https://cdn.pendo.io/agent/static/0600cd7b-e6b2-4ba9-4249-ab1342c3631b/pendo.js	false	unknown
https://secure-portal.login-us.mimecast.com/u/login/cache.4d1a22494c68b269520ec72ef3757433.login-lib.js	false	unknown
https://secure-portal.login-us.mimecast.com/u/login/app-version.jsp	false	unknown
https://secure-portal.login-us.mimecast.com/u/assets/mimecast-icons/css/mimecast-icons.css	false	unknown
https://secure-portal.login-us.mimecast.com/u/login/cache.1b1f06688bfbb8673528c177626fe897.login.js	false	unknown
https://secure-portal.login-us.mimecast.com/u/assets/images/mimecast-logo.png	false	unknown
https://secure-portal.login-us.mimecast.com/u/login/assets/languages/en.json?ver=1.12.0	false	unknown
https://static.srcspot.com/libs/galindo.js	false	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://app.dmarcanalyzer.com/register?utm_medium=pendo&utm_source=adcon&utm_campaign=7013l000001JNB	chromecache_145.1.dr, chromecache_123.1.dr	false		unknown
http://fontawesome.io	chromecache_118.1.dr	false	URL Reputation: safe	unknown
https://info.mimecast.com/Safe_Phish_Demo.html?utm_medium=pendo&utm_source=adcon&utm_campaign=7013l0	chromecache_145.1.dr, chromecache_123.1.dr	false		unknown
https://community.mimecast.com/s/knowledge-hub-case-review-application	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://info.mimecast.com/security-awareness-remote-resources.html?utm_medium=pendo&utm_source=adcon	chromecache_145.1.dr, chromecache_123.1.dr	false		unknown
https://login-alpha.mimecast.com/administration/app/#/l/accountassessment	chromecache_145.1.dr, chromecache_123.1.dr	false		unknown
https://summernote.org	chromecache_165.1.dr	false		unknown
http://www.mimecast.com/Customers/Support/Contact-support/	chromecache_165.1.dr	false		unknown
https://community.mimecast.com/s/article/email-security-cloud-gateway-configuring-url-protection	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://www.mimecast.com/coronavirus/?utm_medium=pendo&utm_source=adcon&utm_campaign=7013l000001JNBI	chromecache_145.1.dr, chromecache_123.1.dr	false		unknown
http://daneden.me/animate	chromecache_165.1.dr	false	URL Reputation: safe	unknown
https://community.mimecast.com/s/knowledge-hub-supervision	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://info.mimecast.com/AT-IEP-Demo.html?utm_medium=pendo&utm_source=adcon&utm_campaign=7013l00000	chromecache_145.1.dr, chromecache_123.1.dr	false		unknown
https://community.mimecast.com/s/knowledge-hub-awareness-training	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://community.mimecast.com/s/education-free-courses?utm_medium=pendo&utm_source=adcon&utm_campai	chromecache_145.1.dr, chromecache_123.1.dr	false		unknown
https://community.mimecast.com/s/article/email-security-cloud-gateway-ttp-impersonation-protection-g	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://community.mimecast.com/s/knowledge-hub-dmarc-analyzer	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://play.vidyard.com/embed/v4.js	chromecache_132.1.dr	false		unknown
https://info.mimecast.com/SolutionFrameworkRequest?utm_medium=pendo&utm_source=adcon&utm_campaign=70	chromecache_145.1.dr, chromecache_123.1.dr	false		unknown
https://community.mimecast.com/s/mimecast-education?utm_medium=pendo&utm_source=adcon&utm_campaign=7	chromecache_145.1.dr, chromecache_123.1.dr	false		unknown
https://community.mimecast.com/s/article/email-security-cloud-gateway-secure-messaging-getting-start	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://agent.pendo.io/licenses	chromecache_127.1.dr, chromecache_128.1.dr	false		unknown
https://github.com/nickpettit/glide	chromecache_165.1.dr	false		unknown
http://www.apache.org/licenses/LICENSE-2.0	chromecache_165.1.dr	false		unknown
https://community.mimecast.com/s/article/email-security-cloud-gateway-ttp-attachment-protect-configu	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://community.mimecast.com/s/article/end-user-applications-large-file-send-getting-started	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://community.mimecast.com/s/article/email-security-cloud-gateway-continuity-guides	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://community.mimecast.com/s/article/email-security-cloud-gateway-targeted-threat-protection-int	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://community.mimecast.com/s/knowledge-hub-sync-and-recover	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
http://opensource.org/licenses/MIT	chromecache_165.1.dr	false	URL Reputation: safe	unknown
http://www.mimecast.com/	chromecache_165.1.dr	false		unknown
https://github.com/dbtek/angular-aside	chromecache_165.1.dr	false		unknown
https://cdn.pendo.io/agent/static/	chromecache_165.1.dr	false		unknown
https://feedback.us.pendo.io	chromecache_127.1.dr, chromecache_128.1.dr	false		unknown
https://getbootstrap.com/)	chromecache_165.1.dr	false	URL Reputation: safe	unknown
https://community.mimecast.com/docs/DOC-1183	chromecache_165.1.dr	false		unknown
http://fontawesome.io/license	chromecache_118.1.dr	false	URL Reputation: safe	unknown
http://janstevens.github.io/angular-growl-2	chromecache_165.1.dr	false		unknown
https://community.mimecast.com/s/knowledge-hub-web-security	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://community.mimecast.com/community/knowledge-base/secure-messaging	chromecache_165.1.dr	false		unknown
https://us-api.mimecast.com	chromecache_165.1.dr	false		unknown
https://www.mimecast.com/state-of-email-security/download-hub/?utm_medium=pendo&utm_source=adcon&utm	chromecache_145.1.dr, chromecache_123.1.dr	false		unknown
http://www.opensource.org/licenses/MIT	chromecache_165.1.dr	false		unknown
https://community.mimecast.com/s/knowledge-hub-api-and-integrations	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://github.com/twbs/bootstrap/blob/master/LICENSE)	chromecache_165.1.dr	false		unknown
https://community.mimecast.com/s/knowledge-hub-email-security-cg	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css	chromecache_165.1.dr	false		unknown
https://api.feedback.us.pendo.io	chromecache_127.1.dr, chromecache_128.1.dr	false		unknown
https://info.mimecast.com/Web-Security-Service.html?utm_medium=pendo&utm_source=adcon&utm_campaign=7	chromecache_145.1.dr, chromecache_123.1.dr	false		unknown
https://info.mimecast.com/Continuity-and-Recovery-Demo-.html?utm_medium=pendo&utm_source=adcon&utm_c	chromecache_145.1.dr, chromecache_123.1.dr	false		unknown
https://community.mimecast.com/s/article/cybergraph-cybergraph-1-0-configuration-settings	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://community.mimecast.com/s/article/cybergraph-cybergraph-2-0-configuration-settings	chromecache_162.1.dr, chromecache_130.1.dr	false		unknown
https://play.vidyard.com/LE2oaRu3qApZkgaw4JjwZM.jpg	chromecache_132.1.dr	false		unknown
https://github.com/mgcrea/angular-motion	chromecache_165.1.dr	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
34.107.204.85	app.pendo.io	United States	15169	GOOGLEUS	false
142.250.185.228	www.google.com	United States	15169	GOOGLEUS	false
205.139.110.112	secure-portal.login-us.mimecast.com	United States	30031	MIMECAST-US	false
35.190.8.230	static.srcspot.com	United States	15169	GOOGLEUS	false
34.36.213.229	cdn.pendo.io	United States	2686	ATGS-MMD-ASUS	false
207.211.31.113	protect-us.mimecast.com	United States	14135	NAVISITE-EAST-2US	false
207.211.31.121	unknown	United States	14135	NAVISITE-EAST-2US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false

Private

IP
192.168.2.17
192.168.2.18

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1544003
Start date and time:	2024-10-28 17:47:32 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 41s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://protect-us.mimecast.com/s/sMiVC687o9CPGJB2XupfJF5g12L
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	17
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean1.win@17/107@20/10
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.18.3, 142.250.186.46, 142.251.168.84, 34.104.35.123, 142.250.185.138, 142.250.186.67, 172.217.18.106, 142.250.184.202, 142.250.184.234, 142.250.186.42, 142.250.185.74, 216.58.206.74, 142.250.186.170, 142.250.181.234, 172.217.16.202, 172.217.16.138, 142.250.186.106, 172.217.18.10, 216.58.212.138, 142.250.186.138, 142.250.186.74, 172.217.23.106, 142.250.185.155, 142.250.185.187, 142.250.185.219, 142.250.185.251, 216.58.206.59, 142.250.181.251, 142.250.186.59, 142.250.186.91, 172.217.16.155, 142.250.186.155, 142.250.184.219, 172.217.18.27, 142.250.186.123, 172.217.16.219, 142.250.186.187, 142.250.184.251, 199.232.210.172, 216.58.212.187, 216.58.206.91, 142.250.185.131, 142.250.186.110
Excluded domains from analysis (whitelisted): www.bing.com, clients1.google.com, fonts.googleapis.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, pendo-static-5707797427912704.storage.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, login.live.com, update.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://protect-us.mimecast.com/s/sMiVC687o9CPGJB2XupfJF5g12L

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 15:48:06 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	3.9717853981114524
Encrypted:	false
SSDEEP:	48:88C8dmT5+xVHGidAKZdA1rehwiZUklqehly+3:88QV+xUuy
MD5:	1BCF0A5F080822960C42F5E7091392C3
SHA1:	CE83360F55F5408013201BFB986A62D265588BBD
SHA-256:	9D3A5FA217DE0BB1EA012A91FE85D9219CBAEBCB8BF812E02CBC0389BFA2BE3C
SHA-512:	F6EF658A1C950E32B79AA49446F399B2C1A414F07C19B0C67C058184A717A95D55976B9A7F44796DFF166C62B6A75DDD04AEAF8F856411AA87EF7E32692614CB
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....un)Y)......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I\Y......B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V\Y......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V\Y......M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V\Y.............................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V\Y.......#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........T........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 28, 2024 17:48:05.085557938 CET	53	51102	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:05.186992884 CET	53	59003	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:05.974509954 CET	60907	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:05.974723101 CET	56190	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:06.067792892 CET	53	60907	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:06.069020987 CET	53	56190	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:06.425611973 CET	53	57457	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:07.254226923 CET	53269	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:07.254380941 CET	65475	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:07.276932001 CET	53	65475	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:07.347539902 CET	53	53269	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:08.619931936 CET	53	51560	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:09.842557907 CET	58583	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:09.842690945 CET	52292	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:09.851089954 CET	53	52292	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:09.851991892 CET	53	58583	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:09.918487072 CET	61493	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:09.918718100 CET	59272	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:09.926148891 CET	53	61493	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:09.926172972 CET	53	59272	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:11.002132893 CET	59623	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:11.002307892 CET	55249	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:11.010690928 CET	53	55249	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:11.010889053 CET	53	59623	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:13.344398022 CET	54212	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:13.344558954 CET	54685	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:13.437000036 CET	53	54685	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:13.437366962 CET	53	54212	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:15.145647049 CET	63206	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:15.145864010 CET	60124	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:15.153958082 CET	53	63206	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:15.154500008 CET	53	60124	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:16.480263948 CET	53	51078	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:17.520302057 CET	56238	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:17.520446062 CET	53023	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:17.529675007 CET	53	56238	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:17.530179024 CET	53	53023	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:17.562060118 CET	51796	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:17.562242985 CET	53783	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:17.570559978 CET	53	51796	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:17.613786936 CET	53	53783	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:18.393548965 CET	54843	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:18.393702984 CET	53820	53	192.168.2.18	1.1.1.1
Oct 28, 2024 17:48:18.401731014 CET	53	54843	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:18.417726040 CET	53	53820	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:18.808419943 CET	53	50148	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:19.997781992 CET	53	62823	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:23.322855949 CET	53	60012	1.1.1.1	192.168.2.18
Oct 28, 2024 17:48:42.059768915 CET	53	65143	1.1.1.1	192.168.2.18
Oct 28, 2024 17:49:05.093501091 CET	53	59576	1.1.1.1	192.168.2.18
Oct 28, 2024 17:49:05.108139992 CET	53	64623	1.1.1.1	192.168.2.18
Oct 28, 2024 17:49:09.871411085 CET	138	138	192.168.2.18	192.168.2.255
Oct 28, 2024 17:49:34.240631104 CET	53	65338	1.1.1.1	192.168.2.18

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Oct 28, 2024 17:48:17.613888025 CET	192.168.2.18	1.1.1.1	c24d	(Port unreachable)	Destination Unreachable
Oct 28, 2024 17:48:19.997921944 CET	192.168.2.18	1.1.1.1	c251	(Port unreachable)	Destination Unreachable

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:06 UTC	695	OUT	GET /s/sMiVC687o9CPGJB2XupfJF5g12L HTTP/1.1 Host: protect-us.mimecast.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:07 UTC	823	IN	HTTP/1.1 307 Temporary Redirect Date: Mon, 28 Oct 2024 16:48:07 GMT Content-Length: 0 Connection: close Location: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA#/login?message=eNpNj1FLwzAURv9Lnhdt0jRNh4hzFhS2sTHGQISQNnczW9PMJh0y8b-bTUWf78c5534gD3XfgdFoiPpyspvuFu91WQk6GY2dyJO1LR8eFbxcv_HOPIkTPy2N58vnXpTzer7a3JdryFQ6nRV0QdAAWfBebaFxbt8fgttDi4Zt3zQDFGyYOQ3RkyQ0LlUdzPFbPF4tR0U2YoxIxrgQTOSEy94H6CwhMu7lTVWJDDThuKqpwkxRgQsNCeZpURWpUpQU-jZiWw9Bw-bM5QUfoCN03rhYQS4JU9e3l19_4OeQrn79LdnKGkM0J0RmuTzqLMcklf_6aEIZSeKZ_gXiGIgzmjOe8pznEQlWmSbivLKqU8FY6-8OzrShcVZdge7R5xcUdXRf Cache-control: no-store Pragma: no-cache X-Robots-Tag: noindex, nofollow

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:08 UTC	855	OUT	GET /u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA HTTP/1.1 Host: secure-portal.login-us.mimecast.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:08 UTC	345	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 16:48:08 GMT Content-Type: text/html;charset=utf-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Vary: Accept-Encoding, User-Agent
2024-10-28 16:48:08 UTC	16039	IN	Data Raw: 33 65 64 35 0d 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 69 64 3d 22 6e 67 2d 61 70 70 22 20 6e 67 2d 61 70 70 3d 22 61 70 70 4c 6f 67 69 6e 22 20 6e 67 2d 63 6c 6f 61 6b 3d 22 22 20 63 6c 61 73 73 3d 22 6e 67 2d 63 6c 6f 61 6b 20 61 6e 69 6d 61 74 65 2d 6f 6e 2d 65 6e 74 65 72 2d 61 6c 74 22 20 6e 67 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 41 70 70 4c 6f 67 69 6e 43 6f 6e 74 72 6f 6c 6c 65 72 20 61 73 20 61 70 70 43 74 72 6c 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 Data Ascii: 3ed5<!DOCTYPE html><html lang="en" id="ng-app" ng-app="appLogin" ng-cloak="" class="ng-cloak animate-on-enter-alt" ng-controller="AppLoginController as appCtrl"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compati
2024-10-28 16:48:08 UTC	16384	IN	Data Raw: 2d 66 69 6c 65 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 65 32 30 32 22 3b 0a 7d 0a 2e 67 6c 79 70 68 69 63 6f 6e 2d 6f 70 65 6e 0d 0a 33 30 30 30 0d 0a 2d 66 69 6c 65 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 65 32 30 33 22 3b 0a 7d 0a 2e 67 6c 79 70 68 69 63 6f 6e 2d 6c 65 76 65 6c 2d 75 70 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 65 32 30 34 22 3b 0a 7d 0a 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 6f 70 79 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 65 32 30 35 22 3b 0a 7d 0a 2e 67 6c 79 70 68 69 63 6f 6e 2d 70 61 73 74 65 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 65 32 30 36 22 3b 0a 7d 0a 2e 67 6c 79 70 68 69 63 6f 6e 2d 61 Data Ascii: -file:before { content: "\e202";}.glyphicon-open3000-file:before { content: "\e203";}.glyphicon-level-up:before { content: "\e204";}.glyphicon-copy:before { content: "\e205";}.glyphicon-paste:before { content: "\e206";}.glyphicon-a
2024-10-28 16:48:08 UTC	16384	IN	Data Raw: 2d 73 6d 2d 37 2c 20 2e 63 6f 6c 2d 73 6d 2d 38 2c 20 2e 63 6f 6c 2d 73 6d 2d 39 2c 20 2e 63 6f 6c 2d 73 6d 2d 31 30 2c 20 2e 63 6f 6c 2d 73 6d 2d 31 31 2c 20 2e 63 6f 6c 2d 73 6d 2d 31 32 20 7b 0a 20 20 0d 0a 32 30 30 30 0d 0a 20 20 66 6c 6f 61 74 3a 20 6c 65 66 74 3b 0a 20 20 7d 0a 20 20 2e 63 6f 6c 2d 73 6d 2d 31 32 20 7b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 7d 0a 20 20 2e 63 6f 6c 2d 73 6d 2d 31 31 20 7b 0a 20 20 20 20 77 69 64 74 68 3a 20 39 31 2e 36 36 36 36 36 36 36 37 25 3b 0a 20 20 7d 0a 20 20 2e 63 6f 6c 2d 73 6d 2d 31 30 20 7b 0a 20 20 20 20 77 69 64 74 68 3a 20 38 33 2e 33 33 33 33 33 33 33 33 25 3b 0a 20 20 7d 0a 20 20 2e 63 6f 6c 2d 73 6d 2d 39 20 7b 0a 20 20 20 20 77 69 64 74 68 3a 20 37 35 25 3b 0a 20 20 7d 0a 20 20 Data Ascii: -sm-7, .col-sm-8, .col-sm-9, .col-sm-10, .col-sm-11, .col-sm-12 { 2000 float: left; } .col-sm-12 { width: 100%; } .col-sm-11 { width: 91.66666667%; } .col-sm-10 { width: 83.33333333%; } .col-sm-9 { width: 75%; }
2024-10-28 16:48:08 UTC	16384	IN	Data Raw: 74 61 62 6c 65 20 3e 20 74 68 65 61 64 20 3e 20 74 72 20 3e 20 74 68 2c 0a 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 20 3e 20 74 62 6f 64 79 20 3e 20 74 72 20 3e 20 74 68 2c 0a 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 20 3e 20 74 66 6f 6f 74 20 3e 20 74 72 20 3e 20 74 68 2c 0a 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 20 3e 20 74 68 65 61 64 20 3e 20 74 72 20 3e 20 74 64 2c 0a 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 20 3e 20 74 62 6f 64 79 20 3e 20 74 72 20 3e 20 74 64 2c 0a 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 20 3e 20 74 66 6f 6f 74 20 3e Data Ascii: table > thead > tr > th, .table-responsive > .table > tbody > tr > th, .table-responsive > .table > tfoot > tr > th, .table-responsive > .table > thead > tr > td, .table-responsive > .table > tbody > tr > td, .table-responsive > .table > tfoot >
2024-10-28 16:48:09 UTC	16384	IN	Data Raw: 20 20 2e 66 6f 72 6d 2d 69 6e 6c 69 6e 65 20 2e 63 68 65 63 6b 62 6f 78 20 6c 61 62 65 6c 20 7b 0a 20 20 20 20 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 30 3b 0a 20 20 7d 0a 20 20 2e 66 6f 72 6d 2d 69 6e 6c 69 6e 65 20 2e 72 61 64 69 6f 20 69 6e 70 75 74 5b 74 79 70 65 3d 22 0d 0a 33 30 30 30 0d 0a 72 61 64 69 6f 22 5d 2c 0a 20 20 2e 66 6f 72 6d 2d 69 6e 6c 69 6e 65 20 2e 63 68 65 63 6b 62 6f 78 20 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 30 3b 0a 20 20 7d 0a 20 20 2e 66 6f 72 6d 2d 69 6e 6c 69 6e 65 20 2e 68 61 73 2d 66 65 65 64 62 61 63 6b 20 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 2d 66 65 65 64 62 Data Ascii: .form-inline .checkbox label { padding-left: 0; } .form-inline .radio input[type="3000radio"], .form-inline .checkbox input[type="checkbox"] { position: relative; margin-left: 0; } .form-inline .has-feedback .form-control-feedb
2024-10-28 16:48:09 UTC	16384	IN	Data Raw: 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 2e 62 74 6e 2d 73 6d 2c 0a 2e 62 74 6e 2d 67 72 6f 75 70 2d 73 6d 20 3e 20 2e 62 74 6e 20 7b 0a 20 20 70 61 64 64 69 6e 67 3a 20 35 70 78 20 31 30 70 78 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 35 3b 0a 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 2e 62 74 6e 2d 78 73 2c 0a 2e 62 74 6e 2d 67 72 6f 75 70 2d 78 73 20 3e 20 2e 62 74 6e 20 7b 0a 20 20 70 61 64 64 69 6e 67 3a 20 31 70 78 20 35 70 78 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 35 3b 0a 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 36 70 78 3b 0a 7d 0a 2e 62 74 Data Ascii: order-radius: 6px;}.btn-sm,.btn-group-sm > .btn { padding: 5px 10px; font-size: 12px; line-height: 1.5; border-radius: 6px;}.btn-xs,.btn-group-xs > .btn { padding: 1px 5px; font-size: 12px; line-height: 1.5; border-radius: 6px;}.bt
2024-10-28 16:48:09 UTC	16384	IN	Data Raw: 0a 7d 0a 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 37 36 38 70 78 29 20 7b 0a 20 20 2e 6e 61 76 2d 74 61 62 73 2d 6a 75 73 74 69 66 69 65 64 20 3e 20 6c 69 20 3e 20 61 20 7b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 42 32 42 32 42 32 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 0d 0a 32 30 30 30 0d 0a 69 75 73 3a 20 36 70 78 20 36 70 78 20 30 20 30 3b 0a 20 20 7d 0a 20 20 2e 6e 61 76 2d 74 61 62 73 2d 6a 75 73 74 69 66 69 65 64 20 3e 20 2e 61 63 74 69 76 65 20 3e 20 61 2c 0a 20 20 2e 6e 61 76 2d 74 61 62 73 2d 6a 75 73 74 69 66 69 65 64 20 3e 20 2e 61 63 74 69 76 65 20 3e 20 61 3a 68 6f 76 65 72 2c 0a 20 20 2e 6e 61 76 2d 74 61 62 73 2d 6a 75 73 74 69 66 69 65 64 20 3e 20 2e 61 63 74 69 Data Ascii: }@media (min-width: 768px) { .nav-tabs-justified > li > a { border-bottom: 1px solid #B2B2B2; border-rad2000ius: 6px 6px 0 0; } .nav-tabs-justified > .active > a, .nav-tabs-justified > .active > a:hover, .nav-tabs-justified > .acti
2024-10-28 16:48:09 UTC	16384	IN	Data Raw: 23 66 66 66 3b 0a 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 3b 0a 7d 0a 2e 6c 61 62 65 6c 3a 65 6d 70 74 79 20 7b 0a 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 7d 0a 2e 62 74 6e 20 2e 6c 61 62 65 6c 20 7b 0a 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 74 6f 70 3a 20 2d 31 70 78 3b 0a 7d 0a 2e 6c 61 62 65 6c 2d 64 65 66 61 75 6c 74 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 37 30 37 30 37 30 3b 0a 7d 0a 2e 6c 61 62 65 6c 2d 64 65 66 61 75 6c 74 5b 68 72 65 66 5d 3a 68 6f 76 65 72 2c 0a 2e 6c 61 62 65 6c 2d 64 65 66 61 75 6c 74 5b 68 72 65 66 5d 3a 66 6f 63 75 73 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d Data Ascii: #fff; text-decoration: none; cursor: pointer;}.label:empty { display: none;}.btn .label { position: relative; top: -1px;}.label-default { background-color: #707070;}.label-default[href]:hover,.label-default[href]:focus { background-
2024-10-28 16:48:09 UTC	16384	IN	Data Raw: 72 6f 75 70 2d 69 74 65 6d 2d 73 75 63 63 65 73 73 3a 68 6f 76 65 72 2c 0a 61 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 73 75 63 63 65 73 73 3a 66 6f 63 75 73 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 33 63 37 36 33 64 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 64 30 65 39 63 36 3b 0a 7d 0a 61 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 73 75 63 63 65 73 73 2e 61 63 74 69 76 65 2c 0a 61 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 73 75 63 63 65 73 73 2e 61 63 74 69 76 65 3a 68 6f 76 65 72 2c 0a 61 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 73 75 63 63 65 73 73 2e 61 63 74 69 76 65 3a 66 6f 63 75 73 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f Data Ascii: roup-item-success:hover,a.list-group-item-success:focus { color: #3c763d; background-color: #d0e9c6;}a.list-group-item-success.active,a.list-group-item-success.active:hover,a.list-group-item-success.active:focus { color: #fff; background-colo
2024-10-28 16:48:09 UTC	16384	IN	Data Raw: 73 70 6f 6e 73 69 76 65 2c 0a 2e 70 61 6e 65 6c 20 3e 20 2e 74 61 62 6c 65 20 2b 20 2e 70 61 6e 65 6c 2d 62 6f 64 79 2c 0a 2e 70 61 6e 65 6c 20 3e 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 2b 20 2e 70 61 6e 65 6c 2d 62 6f 64 79 2c 0a 2e 6d 63 2d 73 65 6c 65 63 74 61 62 6c 65 2d 6c 69 73 74 2d 74 72 65 65 20 3e 20 2e 70 61 6e 65 6c 2d 62 6f 64 79 20 2b 20 2e 74 61 62 6c 65 2c 0a 2e 6d 63 2d 73 65 6c 65 63 74 61 62 6c 65 2d 6c 69 73 74 2d 74 72 65 65 20 3e 20 2e 70 61 6e 65 6c 2d 62 6f 64 79 20 2b 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 2c 0a 2e 6d 63 2d 73 65 6c 65 63 74 61 62 6c 65 2d 6c 69 73 74 2d 74 72 65 65 20 3e 20 2e 74 61 62 6c 65 20 2b 20 2e 70 61 6e 65 6c 2d 62 6f 64 79 2c 0a 2e 6d 63 2d 73 65 6c 65 63 74 61 62 6c 65 Data Ascii: sponsive,.panel > .table + .panel-body,.panel > .table-responsive + .panel-body,.mc-selectable-list-tree > .panel-body + .table,.mc-selectable-list-tree > .panel-body + .table-responsive,.mc-selectable-list-tree > .table + .panel-body,.mc-selectable

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:09 UTC	777	OUT	GET /u/assets/entypo/font/entypo.css HTTP/1.1 Host: secure-portal.login-us.mimecast.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:09 UTC	427	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 16:48:09 GMT Content-Type: text/css Content-Length: 17305 Connection: close Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Last-Modified: Sat, 26 Oct 1985 13:15:00 GMT ETag: W/"0q9xtsuFAcM0q9xwvL8tno" Accept-Ranges: bytes Vary: Accept-Encoding, User-Agent
2024-10-28 16:48:09 UTC	15957	IN	Data Raw: 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 65 6e 74 79 70 6f 27 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 27 65 6e 74 79 70 6f 2e 65 6f 74 3f 36 30 38 35 39 38 34 34 27 29 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 27 65 6e 74 79 70 6f 2e 65 6f 74 3f 36 30 38 35 39 38 34 34 23 69 65 66 69 78 27 29 20 66 6f 72 6d 61 74 28 27 65 6d 62 65 64 64 65 64 2d 6f 70 65 6e 74 79 70 65 27 29 2c 0a 20 20 20 20 20 20 20 75 72 6c 28 27 65 6e 74 79 70 6f 2e 77 6f 66 66 3f 36 30 38 35 39 38 34 34 27 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 27 29 2c 0a 20 20 20 20 20 20 20 75 72 6c 28 27 65 6e 74 79 70 6f 2e 74 74 66 3f 36 30 38 35 39 38 34 34 27 29 20 66 6f 72 6d 61 74 28 27 74 72 75 65 74 79 70 65 27 29 2c 0a 20 20 20 20 20 20 20 75 Data Ascii: @font-face { font-family: 'entypo'; src: url('entypo.eot?60859844'); src: url('entypo.eot?60859844#iefix') format('embedded-opentype'), url('entypo.woff?60859844') format('woff'), url('entypo.ttf?60859844') format('truetype'), u
2024-10-28 16:48:09 UTC	1348	IN	Data Raw: 69 72 3a 62 65 66 6f 72 65 20 7b 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 39 30 34 27 3b 20 7d 20 2f 2a 20 27 ee a4 84 27 20 2a 2f 0a 2e 69 63 6f 6e 2d 72 69 67 68 74 2d 64 69 72 3a 62 65 66 6f 72 65 20 7b 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 39 30 35 27 3b 20 7d 20 2f 2a 20 27 ee a4 85 27 20 2a 2f 0a 2e 69 63 6f 6e 2d 75 70 2d 64 69 72 3a 62 65 66 6f 72 65 20 7b 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 39 30 36 27 3b 20 7d 20 2f 2a 20 27 ee a4 86 27 20 2a 2f 0a 2e 69 63 6f 6e 2d 64 6f 77 6e 2d 62 6f 6c 64 3a 62 65 66 6f 72 65 20 7b 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 39 30 37 27 3b 20 7d 20 2f 2a 20 27 ee a4 87 27 20 2a 2f 0a 2e 69 63 6f 6e 2d 6c 65 66 74 2d 62 6f 6c 64 3a 62 65 66 6f 72 65 20 7b 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 39 30 38 27 3b 20 Data Ascii: ir:before { content: '\e904'; } /* '' /.icon-right-dir:before { content: '\e905'; } / '' /.icon-up-dir:before { content: '\e906'; } / '' /.icon-down-bold:before { content: '\e907'; } / '' */.icon-left-bold:before { content: '\e908';

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:09 UTC	788	OUT	GET /u/assets/font-awesome/css/font-awesome.css HTTP/1.1 Host: secure-portal.login-us.mimecast.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:09 UTC	427	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 16:48:09 GMT Content-Type: text/css Content-Length: 28747 Connection: close Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Last-Modified: Tue, 27 Jan 2015 18:59:08 GMT ETag: W/"m0fDjBkG6C0m0fCxzXEaAY" Accept-Ranges: bytes Vary: Accept-Encoding, User-Agent
2024-10-28 16:48:09 UTC	15957	IN	Data Raw: 2f 2a 21 0a 20 2a 20 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 34 2e 33 2e 30 20 62 79 20 40 64 61 76 65 67 61 6e 64 79 20 2d 20 68 74 74 70 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 69 6f 20 2d 20 40 66 6f 6e 74 61 77 65 73 6f 6d 65 0a 20 2a 20 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 69 6f 2f 6c 69 63 65 6e 73 65 20 28 46 6f 6e 74 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 53 53 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0a 20 2a 2f 0a 2f 2a 20 46 4f 4e 54 20 50 41 54 48 0a 20 2a 20 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 46 6f 6e 74 41 77 65 73 6f 6d 65 27 3b 0a Data Ascii: /! Font Awesome 4.3.0 by @davegandy - http://fontawesome.io - @fontawesome * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License) // FONT PATH * -------------------------- */@font-face { font-family: 'FontAwesome';
2024-10-28 16:48:09 UTC	12790	IN	Data Raw: 66 61 2d 74 65 72 6d 69 6e 61 6c 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 31 32 30 22 3b 0a 7d 0a 2e 66 61 2d 63 6f 64 65 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 31 32 31 22 3b 0a 7d 0a 2e 66 61 2d 6d 61 69 6c 2d 72 65 70 6c 79 2d 61 6c 6c 3a 62 65 66 6f 72 65 2c 0a 2e 66 61 2d 72 65 70 6c 79 2d 61 6c 6c 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 31 32 32 22 3b 0a 7d 0a 2e 66 61 2d 73 74 61 72 2d 68 61 6c 66 2d 65 6d 70 74 79 3a 62 65 66 6f 72 65 2c 0a 2e 66 61 2d 73 74 61 72 2d 68 61 6c 66 2d 66 75 6c 6c 3a 62 65 66 6f 72 65 2c 0a 2e 66 61 2d 73 74 61 72 2d 68 61 6c 66 2d 6f 3a 62 65 66 6f 72 65 20 7b 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 31 32 33 22 3b 0a Data Ascii: fa-terminal:before { content: "\f120";}.fa-code:before { content: "\f121";}.fa-mail-reply-all:before,.fa-reply-all:before { content: "\f122";}.fa-star-half-empty:before,.fa-star-half-full:before,.fa-star-half-o:before { content: "\f123";

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:09 UTC	792	OUT	GET /u/assets/mimecast-icons/css/mimecast-icons.css HTTP/1.1 Host: secure-portal.login-us.mimecast.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:09 UTC	426	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 16:48:09 GMT Content-Type: text/css Content-Length: 9828 Connection: close Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Last-Modified: Sat, 26 Oct 1985 13:15:00 GMT ETag: W/"uWZhTh1OrbsuWZhOiQ3f/8" Accept-Ranges: bytes Vary: Accept-Encoding, User-Agent
2024-10-28 16:48:09 UTC	9828	IN	Data Raw: 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 6d 69 6d 65 63 61 73 74 2d 69 63 6f 6e 73 27 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 2f 6d 69 6d 65 63 61 73 74 2d 69 63 6f 6e 73 2e 65 6f 74 3f 38 38 38 37 30 34 38 34 27 29 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 2f 6d 69 6d 65 63 61 73 74 2d 69 63 6f 6e 73 2e 65 6f 74 3f 38 38 38 37 30 34 38 34 23 69 65 66 69 78 27 29 20 66 6f 72 6d 61 74 28 27 65 6d 62 65 64 64 65 64 2d 6f 70 65 6e 74 79 70 65 27 29 2c 0a 20 20 20 20 20 20 20 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 2f 6d 69 6d 65 63 61 73 74 2d 69 63 6f 6e 73 2e 77 6f 66 66 32 3f 38 38 38 37 30 34 38 34 27 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 2c 0a 20 20 20 20 Data Ascii: @font-face { font-family: 'mimecast-icons'; src: url('../font/mimecast-icons.eot?88870484'); src: url('../font/mimecast-icons.eot?88870484#iefix') format('embedded-opentype'), url('../font/mimecast-icons.woff2?88870484') format('woff2'),

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:10 UTC	552	OUT	GET /libs/galindo.js HTTP/1.1 Host: static.srcspot.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://secure-portal.login-us.mimecast.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:10 UTC	791	IN	HTTP/1.1 200 OK x-goog-generation: 1713784659645084 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 45159 Content-Encoding: gzip x-goog-hash: crc32c=nLzygQ== x-goog-hash: md5=tCZOysAJGM6cOpenAEVWZg== x-goog-storage-class: STANDARD Accept-Ranges: bytes Content-Length: 45159 X-GUploader-UploadID: AHmUCY3anjLlt1hJDeWbMYJs1TmVyrp-7ae6IE5YMMYJso7SWVXlyHvtR9iaWCeRF6ZD4_Bqxx4 Server: UploadServer Date: Mon, 28 Oct 2024 16:35:17 GMT Expires: Mon, 28 Oct 2024 16:50:17 GMT Cache-Control: no-transform, public, max-age=900 Age: 773 Last-Modified: Mon, 22 Apr 2024 11:17:39 GMT ETag: "b4264ecac00918ce9c3a97a700455666" Content-Type: application/javascript Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-28 16:48:10 UTC	587	IN	Data Raw: 1f 8b 08 00 00 00 00 00 00 03 74 bd 6b 93 aa 5a ba 26 fa 57 f6 97 bd 67 ad ce 75 22 35 05 25 bb 7a 76 47 8a 77 54 10 4c 87 5a 51 d1 01 0c 10 44 44 11 11 dd b1 fb b7 9f f7 32 72 55 c7 89 38 1f aa d6 34 d3 84 c1 18 ef e5 79 de 1b b5 5f fe db ff 6e 35 9d ae d1 ea 7c 6a e1 ef 7f fc 12 2b 19 2e aa 24 74 8d 6c fa eb cf 5f c2 dd cb 71 5e ac fd 7d 0b 3e dd cc 22 14 bd 7b 79 16 f0 a1 59 ec a5 35 73 6e f8 ad 55 de 12 4e 13 ae 8c ec 0e 1f eb f9 28 b4 8d 6c 2e 56 26 7c 3a 1a d9 43 ac 3a 72 91 17 05 7e d7 96 72 9a 17 bd 22 c0 2b 8a ae 75 33 f3 e2 5b f4 2c fc a4 b5 3e ee 79 b6 7a f9 f0 61 14 cc 4f 7e 5e 38 f0 cf c7 ac fd 2d b4 65 b8 c2 fb 5e bd 22 ba 18 d9 28 cc b3 5c 74 4d 5a e4 4c 7a 1d 37 9c 7a d9 89 ae b9 0f a7 61 22 a7 66 c6 b7 d0 9d e2 f6 2e 17 f8 c7 26 ac 62 e0 Data Ascii: tkZ&Wgu"5%zvGwTLZQDD2rU84y_n5\|j+.$tl_q^}>"{yY5snUN(l.V&\|:C:r~r"+u3[,>yzaO~^8-e^"(\tMZLz7za"f.&b
2024-10-28 16:48:10 UTC	1378	IN	Data Raw: 4b 4a 2f 1b 7d d5 4f 92 34 f8 ca fe a8 a7 f8 34 8d 91 0d 85 66 e6 15 2f e2 12 2e b6 97 70 69 64 03 fc 93 59 eb 18 d2 b9 8b ee 38 af 8d ac 3e e0 fd ce 5e 51 0b fd 24 5d b3 a8 71 ad 5b ed 4b 68 89 1c e3 15 9e f5 28 f4 a4 7e 80 7f 16 20 0d 70 58 d3 82 1e b6 7b 7e 64 ad f8 1d bf d2 7a 0f a7 fb 79 9b 56 22 9c da cc da 43 da ba ae 26 6f 79 d6 13 7c 7e 5a 15 7a 46 51 09 b7 91 4b 5c a8 19 8d a4 67 16 11 6d 73 01 92 1c 34 c6 04 4f 6d 3f 78 e5 09 2d d2 79 97 5e bc 94 0b 23 fb a4 87 d1 a6 c2 b5 a5 d0 f0 98 9b fb 08 14 63 8b 22 73 2d eb d5 c1 2b 76 28 cf 28 c2 66 36 0d 7c 92 d1 ac 8f 62 0c e2 3e a0 15 6c d0 12 f8 0f 33 1b 93 fe c3 a6 6a ae 1c 7b 24 12 c3 e0 d3 0f cd a2 47 0b 6f ed af 66 f6 21 5c dc dd 6c 09 eb dc a7 33 5a 41 12 7e 9b d9 0c 17 e6 e0 1d 5e e2 35 4c cd Data Ascii: KJ/}O44f/.pidY8>^Q$]q[Kh(~ pX{~dzyV"C&oy\|~ZzFQK\gms4Om?x-y^#c"s-+v((f6\|b>l3j{$Gof!\l3ZA~^5L
2024-10-28 16:48:10 UTC	1378	IN	Data Raw: 24 67 f8 77 af 99 03 d6 f1 14 32 54 ed ea 56 36 bd c8 19 1b 97 8b b4 3e de d1 b6 92 2c af bc 4c 38 b3 d0 31 b2 2d 9e c9 f5 7e 43 e8 ed b2 d5 76 4e 00 6c 1f 01 6b 5b 12 82 51 3a a4 79 46 ba aa 25 e1 b4 5c a2 35 66 95 f8 f4 fb d7 4a 2a 0b 65 cf c0 de 0f 94 40 eb de ba ef 65 8b 21 3f de 08 ff e4 76 0a c9 3a f4 2c 1f 40 ed 9a ad e3 70 17 c4 80 35 43 b2 5d cf c3 78 17 1f c8 5e af 9e 2f d1 6b f0 e6 88 5c 1e 53 d3 05 90 2b 6d 3e 6d 6f 2c 56 4d e8 e4 59 f6 8b dc e6 18 dc e6 1b 49 82 ef b7 6d 34 1f 96 b2 e4 5f c2 d9 36 0c 6b 44 b7 fd 76 de 35 bc 21 97 20 9a 23 c5 98 e1 f7 ca 0f 6b 0d ba 48 14 45 9b df 5f a5 94 2b fc 92 ef 15 e6 a9 6d 1d 58 58 fb 7e 6d d0 01 38 1d 10 96 ec 8c b8 8e e0 65 73 ab 93 22 62 d1 71 11 89 0d 71 05 74 22 42 0b 46 61 2b 20 9d eb dd ef 77 03 Data Ascii: $gw2TV6>,L81-~CvNlk[Q:yF%\5fJ*e@e!?v:,@p5C]x^/k\S+m>mo,VMYIm4_6kDv5! #kHE_+mXX~m8es"bqqt"BFa+ w
2024-10-28 16:48:10 UTC	1378	IN	Data Raw: ec 80 99 d0 5f 69 f7 51 7c 9f a3 b9 01 28 67 c1 b9 76 f9 b8 46 a0 a3 f0 a9 56 8c 03 70 21 f8 b4 15 f2 2a 22 24 c3 76 12 ce 6f e5 90 7e d7 91 56 02 f2 09 16 87 96 ef 6c c0 d0 ef d8 d1 bd ee b0 da e9 f1 41 8f 32 d0 e1 8a 16 db e3 30 b6 cf 21 6d fc d0 c8 de e0 9e ef 2f d6 c5 bb 2f ec f4 83 83 5d 60 01 af 12 b0 f3 93 25 6d 1b 8d aa 8b 22 44 3a 9c 8f 0d 06 9e 96 e7 8b b5 d9 9f 32 73 3f f7 8e b3 9e 9c e2 c3 a5 6d ab 8a 2b fc db 63 d3 93 f6 d5 c4 07 7b 80 37 f3 76 5b e6 51 f5 b1 9c 6d 54 98 6d 15 6b a2 37 59 c1 f2 a2 87 99 29 de 09 0e d8 7a 2e 5e e8 fb 62 f0 de 40 4f 5b 0c c1 fb ed 4e 38 41 2f b6 6a b1 45 90 9e b5 47 c3 89 21 89 eb 2d 88 0b 25 91 ee 3d 87 ed 00 df 47 07 01 2e 71 de b9 00 69 e5 03 ec d9 e7 21 70 11 38 3b 3c 96 0f 58 8a 91 39 1c d7 49 f7 e9 e8 a9 Data Ascii: _iQ\|(gvFVp!*"$vo~VlA20!m//]`%m"D:2s?m+c{7v[QmTmk7Y)z.^b@O[N8A/jEG!-%=G.qi!p8;<X9I
2024-10-28 16:48:10 UTC	1378	IN	Data Raw: cb 18 aa d4 69 6f 20 83 dd 85 af 85 c7 91 6f b7 1b b5 e7 00 8b 3d f0 2f 2a 90 d2 8b 80 d4 0f fe ca 60 0c ae 97 28 c6 f0 f8 35 86 ad f3 99 65 f7 b4 bd b0 9f 67 05 92 dd eb 17 18 18 90 3c 76 a3 7d b0 1f 80 09 c1 73 72 a8 4f 7f 69 c1 bd e4 cc 59 94 a4 66 06 58 1c ef 04 0e 7a 01 5e a2 a7 82 56 7a ba 87 9f f7 15 ac 87 07 59 d6 18 49 e4 34 01 46 6f 3e 2a f4 be b4 2a 70 48 53 23 bb 5e 3d ca a0 e1 51 ac 25 25 1c 58 30 e7 ed 6c ef 32 a3 a8 63 6d fe 65 50 bc 33 01 40 d7 f7 0a 9b fd 21 dc b9 2d ba f3 1e c5 03 c3 3c 9b c3 c5 7e e2 67 6e 34 47 da b2 52 27 6d 57 78 e9 15 de 95 e4 b4 d9 cd 27 20 1b b5 3a 95 75 a7 0a 17 0a c1 6a 6b d4 89 e8 ca a6 01 fe ee 76 42 53 d9 66 09 91 b3 96 8b 21 7a d4 27 df f7 d2 64 c6 f4 b6 13 7a f5 cb 8b f1 66 e6 ed 1c a3 90 72 5e 4b c3 4c 8a Data Ascii: io o=/`(5eg<v}srOiYfXz^VzYI4Fo>*pHS#^=Q%%X0l2cmeP3@!-<~gn4GR'mWx' :ujkvBSf!z'dzfr^KL
2024-10-28 16:48:10 UTC	1378	IN	Data Raw: 43 4c db 36 83 11 46 3a 28 b5 59 4a bb 48 b7 5c 52 d0 41 2b 1a 63 c5 01 ed 3a a8 82 15 ee 63 94 12 df 02 70 36 4e 29 02 a9 8d bf af 26 91 0e 40 bf 18 cd 7b 47 24 c1 40 af 6b b7 87 46 76 33 d9 8d eb 63 a0 c1 0b 85 8a c0 e2 cc 9a 04 d3 0d 26 df 0c 80 ed 09 3f a2 e8 99 f7 2a f4 6e 6d fc 0d 32 b7 f5 4c a7 08 44 af 5d c7 e2 a2 84 c2 35 3c 2c 73 80 c7 42 67 31 2c 5b 2f c4 f3 53 5c e9 61 6c 1c c5 6a cf 4c 1f ec 2d c0 f7 d6 85 2d 1d d8 bc 0b aa d9 cc 50 89 e3 6b 0b 36 25 b4 72 ca c3 e5 b3 ad f0 0f ec 7d c7 16 15 55 b0 a8 06 6d a0 aa be 59 b2 e5 4c c1 07 15 0a c9 db e9 16 dd 1d 2c 83 01 90 99 0b 77 0f 92 53 60 00 3c cf c1 4b 6b 14 fd c0 8f 35 18 93 11 42 77 ae 17 73 ec 35 65 45 bd 8c b3 b7 fe 58 ac f4 2f 65 09 bb ed 89 df 94 28 6d 71 18 5d 87 3e ab dd f3 80 61 6c Data Ascii: CL6F:(YJH\RA+c:cp6N)&@{G$@kFv3c&?*nm2LD]5<,sBg1,[/S\aljL--Pk6%r}UmYL,wS`<Kk5Bws5eEX/e(mq]>al
2024-10-28 16:48:10 UTC	1378	IN	Data Raw: c3 74 dc 6d 65 78 7a 2b 16 5f 00 dc 58 1a 27 54 15 29 86 0c db 17 b4 f5 5c c5 13 ad 84 ed 38 9c 77 02 07 7e 37 fd fe 4f d8 6c 84 59 ac 03 95 80 f2 93 8a a6 f2 40 49 88 62 c8 3c b3 e1 b2 33 be ec 30 72 c3 a5 dc 12 29 05 d8 7e 33 e0 7e e4 6f 47 73 89 41 8f 16 6b 29 fa 82 35 90 0d 34 81 14 37 97 08 4f 9c 41 7e c1 a4 32 c6 47 8c c2 fb 97 43 48 aa 72 12 28 12 dd b3 1e 07 7a 60 5c f6 3d ee a1 ee bf 71 1c 5d 68 93 f0 39 de 33 6c 24 13 88 c5 b7 58 ae c7 56 e3 fa 10 76 ed 28 f2 00 4f 05 f8 7b 8d c1 0c 72 d4 b0 6f 00 7a 5f 2b 9f c3 a6 1b 00 f1 c7 26 a1 f3 df fb 22 2b a9 4a 2d 2f 9e 20 03 21 47 7d bb 69 d0 60 e6 87 b4 6e d4 ae c2 e5 64 8b 91 cb c3 d6 4e d0 d6 30 6f b2 2f 72 85 da 9d 2b 0b 8b 95 30 c0 7a b4 8e 22 c4 5a ab 2f ec b6 aa 8a 80 6d d5 84 bd c7 32 73 84 21 Data Ascii: tmexz+_X'T)\8w~7OlY@Ib<30r)~3~oGsAk)547OA~2GCHr(z`\=q]h93l$XVv(O{roz_+&"+J-/ !G}i`ndN0o/r+0z"Z/m2s!
2024-10-28 16:48:10 UTC	1378	IN	Data Raw: 73 95 97 dd ab 01 39 52 ce a7 96 b6 8b c9 29 22 80 e9 b2 d5 29 76 c4 45 88 7f ef 31 88 cb 3b d2 7a a7 04 a6 41 a9 94 67 7b 86 75 07 03 da c5 33 46 ad 01 9c 53 c8 19 1c 28 42 d1 17 05 69 01 39 76 80 dc 1e 08 97 48 4a bf 34 d8 1e 80 97 18 4c e7 93 fe 41 ac 8b 04 98 51 bd c5 83 ba 8f 07 2d 0c c9 71 02 c2 05 8e 9f 50 04 84 6a dd 1c 19 4e 80 9a 62 47 25 6d 3c d8 d8 c9 6d f9 c9 c5 c4 91 8d 4e 7f c5 59 f8 41 d3 20 64 d9 97 6c cf 29 67 6b 9f d9 29 03 76 8f 2e ad 9c c8 45 af fd 1c 96 2a ec 16 6c 7d 13 73 0b 94 30 4b c6 4e f7 18 b1 08 3b fd b3 18 b1 91 6b b6 71 86 59 7a 62 1d c9 dd 3b 1d 4a b6 c7 ef 60 90 da 73 36 6b ba 5f 88 55 1d 71 59 d8 00 68 bb e8 6e fb 3e 9f ba f6 06 c4 eb a3 4f f9 ff f9 52 4e fd 9c 53 eb 7b ac f2 4f 31 e8 45 7e 11 76 6c 3f f4 b2 46 81 5d 2d Data Ascii: s9R)")vE1;zAg{u3FS(Bi9vHJ4LAQ-qPjNbG%m<mNYA dl)gk)v.E*l}s0KN;kqYzb;J`s6k_UqYhn>ORNS{O1E~vl?F]-
2024-10-28 16:48:10 UTC	1378	IN	Data Raw: 66 ef 1c bc c9 63 8a 7d 31 e7 1f 76 eb 04 1e 82 c6 61 7b 8f 61 ec a7 ea 39 e9 69 67 58 e4 07 47 80 0f b1 2b 9d 89 49 91 42 80 36 df ad d9 4f 0a 08 7c 8d 35 9a af a9 de a5 37 6f 1d e5 e6 a7 a5 42 f3 d3 fc 47 6f 72 4c 43 ea ef 58 c4 48 69 56 a0 7c 53 2c 3d b5 5d 2e 89 39 48 7f 9f a9 30 bd 74 5b d4 e1 85 87 92 97 d1 fe 40 03 10 12 df bb d2 34 0b a2 b1 26 f8 3f 20 73 04 29 4e 71 e9 46 5b e6 8a 9b 70 16 76 70 38 00 03 62 03 bc be f6 17 83 d6 44 64 00 2a a0 3c 77 04 d2 50 60 43 85 cd 35 e1 da 60 40 65 f8 ec f5 b4 12 80 76 ca 9e f7 24 c4 d3 df a1 4c e4 46 71 38 4e 29 b9 00 9a 6a 63 fc dd 55 89 2f d7 e8 20 6a 01 24 4e 75 76 dd 0a b7 a7 46 e2 49 95 f3 a0 17 8f 62 57 b3 f7 4f 31 5c ad 8a 24 5e 13 4f c3 0e 23 42 cd 5f 0d 95 d3 ee 39 9c 01 9a fa 85 dd f6 2a e7 b1 32 Data Ascii: fc}1va{a9igXG+IB6O\|57oBGorLCXHiV\|S,=].9H0t[@4&? s)NqF[pvp8bDd<wP`C5`@ev$LFq8N)jcU/ j$NuvFIbWO1\$^O#B_92
2024-10-28 16:48:10 UTC	1378	IN	Data Raw: 18 e7 1a c0 85 53 09 52 8c 4b 6e 19 0e ce 41 19 33 a9 98 0c f2 dd 8c 39 6e 14 98 34 98 61 ce db 65 5f b1 d4 85 aa 26 1e 54 47 75 64 8f 5b 75 00 52 8c 39 22 0a 04 74 ec 15 59 72 a5 d8 51 dd 97 2b af e8 93 4f 1b 6e ad 13 06 6c 79 36 53 03 87 60 bd a8 08 4f 0e 4a c2 16 54 d7 00 a8 70 e6 33 11 77 c4 0e a8 92 64 53 99 62 ac c0 a5 c4 11 51 06 ed ba a4 ae 77 d5 82 08 0a da 34 38 e2 84 2a 0b b0 cd d0 f6 a7 5c 07 09 cc a8 3c 82 8e d0 25 fd 10 a5 d3 f5 a8 5b 4a f4 bc af a1 89 d1 4f 4d 69 ed b7 ac dd 13 3f ac 69 06 39 b8 1d ae 15 eb 11 f5 d0 8f 3f 5d 76 1d 0c e7 1e 50 17 3d ce 0b ba 72 5c 09 9e f4 44 79 64 03 13 d1 64 65 6f 60 df 03 a3 c8 ee dc 61 dd 01 d8 dc e6 d6 ab 4e 38 c7 74 a0 97 71 b0 b2 2f 27 4b d2 6b 3a 4b 47 22 f2 0c 31 29 49 24 22 eb 6c e4 f8 f6 c4 5b 80 Data Ascii: SRKnA39n4ae_&TGud[uR9"tYrQ+Only6S`OJTp3wdSbQw48*\<%[JOMi?i9?]vP=r\Dyddeo`aN8tq/'Kk:KG"1)I$"l[

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:11 UTC	357	OUT	GET /libs/galindo.js HTTP/1.1 Host: static.srcspot.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:11 UTC	791	IN	HTTP/1.1 200 OK x-goog-generation: 1713784659645084 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 45159 Content-Encoding: gzip x-goog-hash: crc32c=nLzygQ== x-goog-hash: md5=tCZOysAJGM6cOpenAEVWZg== x-goog-storage-class: STANDARD Accept-Ranges: bytes Content-Length: 45159 X-GUploader-UploadID: AHmUCY3anjLlt1hJDeWbMYJs1TmVyrp-7ae6IE5YMMYJso7SWVXlyHvtR9iaWCeRF6ZD4_Bqxx4 Server: UploadServer Date: Mon, 28 Oct 2024 16:35:17 GMT Expires: Mon, 28 Oct 2024 16:50:17 GMT Cache-Control: no-transform, public, max-age=900 Age: 774 Last-Modified: Mon, 22 Apr 2024 11:17:39 GMT ETag: "b4264ecac00918ce9c3a97a700455666" Content-Type: application/javascript Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-28 16:48:11 UTC	587	IN	Data Raw: 1f 8b 08 00 00 00 00 00 00 03 74 bd 6b 93 aa 5a ba 26 fa 57 f6 97 bd 67 ad ce 75 22 35 05 25 bb 7a 76 47 8a 77 54 10 4c 87 5a 51 d1 01 0c 10 44 44 11 11 dd b1 fb b7 9f f7 32 72 55 c7 89 38 1f aa d6 34 d3 84 c1 18 ef e5 79 de 1b b5 5f fe db ff 6e 35 9d ae d1 ea 7c 6a e1 ef 7f fc 12 2b 19 2e aa 24 74 8d 6c fa eb cf 5f c2 dd cb 71 5e ac fd 7d 0b 3e dd cc 22 14 bd 7b 79 16 f0 a1 59 ec a5 35 73 6e f8 ad 55 de 12 4e 13 ae 8c ec 0e 1f eb f9 28 b4 8d 6c 2e 56 26 7c 3a 1a d9 43 ac 3a 72 91 17 05 7e d7 96 72 9a 17 bd 22 c0 2b 8a ae 75 33 f3 e2 5b f4 2c fc a4 b5 3e ee 79 b6 7a f9 f0 61 14 cc 4f 7e 5e 38 f0 cf c7 ac fd 2d b4 65 b8 c2 fb 5e bd 22 ba 18 d9 28 cc b3 5c 74 4d 5a e4 4c 7a 1d 37 9c 7a d9 89 ae b9 0f a7 61 22 a7 66 c6 b7 d0 9d e2 f6 2e 17 f8 c7 26 ac 62 e0 Data Ascii: tkZ&Wgu"5%zvGwTLZQDD2rU84y_n5\|j+.$tl_q^}>"{yY5snUN(l.V&\|:C:r~r"+u3[,>yzaO~^8-e^"(\tMZLz7za"f.&b
2024-10-28 16:48:11 UTC	1378	IN	Data Raw: 4b 4a 2f 1b 7d d5 4f 92 34 f8 ca fe a8 a7 f8 34 8d 91 0d 85 66 e6 15 2f e2 12 2e b6 97 70 69 64 03 fc 93 59 eb 18 d2 b9 8b ee 38 af 8d ac 3e e0 fd ce 5e 51 0b fd 24 5d b3 a8 71 ad 5b ed 4b 68 89 1c e3 15 9e f5 28 f4 a4 7e 80 7f 16 20 0d 70 58 d3 82 1e b6 7b 7e 64 ad f8 1d bf d2 7a 0f a7 fb 79 9b 56 22 9c da cc da 43 da ba ae 26 6f 79 d6 13 7c 7e 5a 15 7a 46 51 09 b7 91 4b 5c a8 19 8d a4 67 16 11 6d 73 01 92 1c 34 c6 04 4f 6d 3f 78 e5 09 2d d2 79 97 5e bc 94 0b 23 fb a4 87 d1 a6 c2 b5 a5 d0 f0 98 9b fb 08 14 63 8b 22 73 2d eb d5 c1 2b 76 28 cf 28 c2 66 36 0d 7c 92 d1 ac 8f 62 0c e2 3e a0 15 6c d0 12 f8 0f 33 1b 93 fe c3 a6 6a ae 1c 7b 24 12 c3 e0 d3 0f cd a2 47 0b 6f ed af 66 f6 21 5c dc dd 6c 09 eb dc a7 33 5a 41 12 7e 9b d9 0c 17 e6 e0 1d 5e e2 35 4c cd Data Ascii: KJ/}O44f/.pidY8>^Q$]q[Kh(~ pX{~dzyV"C&oy\|~ZzFQK\gms4Om?x-y^#c"s-+v((f6\|b>l3j{$Gof!\l3ZA~^5L
2024-10-28 16:48:11 UTC	1378	IN	Data Raw: 24 67 f8 77 af 99 03 d6 f1 14 32 54 ed ea 56 36 bd c8 19 1b 97 8b b4 3e de d1 b6 92 2c af bc 4c 38 b3 d0 31 b2 2d 9e c9 f5 7e 43 e8 ed b2 d5 76 4e 00 6c 1f 01 6b 5b 12 82 51 3a a4 79 46 ba aa 25 e1 b4 5c a2 35 66 95 f8 f4 fb d7 4a 2a 0b 65 cf c0 de 0f 94 40 eb de ba ef 65 8b 21 3f de 08 ff e4 76 0a c9 3a f4 2c 1f 40 ed 9a ad e3 70 17 c4 80 35 43 b2 5d cf c3 78 17 1f c8 5e af 9e 2f d1 6b f0 e6 88 5c 1e 53 d3 05 90 2b 6d 3e 6d 6f 2c 56 4d e8 e4 59 f6 8b dc e6 18 dc e6 1b 49 82 ef b7 6d 34 1f 96 b2 e4 5f c2 d9 36 0c 6b 44 b7 fd 76 de 35 bc 21 97 20 9a 23 c5 98 e1 f7 ca 0f 6b 0d ba 48 14 45 9b df 5f a5 94 2b fc 92 ef 15 e6 a9 6d 1d 58 58 fb 7e 6d d0 01 38 1d 10 96 ec 8c b8 8e e0 65 73 ab 93 22 62 d1 71 11 89 0d 71 05 74 22 42 0b 46 61 2b 20 9d eb dd ef 77 03 Data Ascii: $gw2TV6>,L81-~CvNlk[Q:yF%\5fJ*e@e!?v:,@p5C]x^/k\S+m>mo,VMYIm4_6kDv5! #kHE_+mXX~m8es"bqqt"BFa+ w
2024-10-28 16:48:11 UTC	1378	IN	Data Raw: ec 80 99 d0 5f 69 f7 51 7c 9f a3 b9 01 28 67 c1 b9 76 f9 b8 46 a0 a3 f0 a9 56 8c 03 70 21 f8 b4 15 f2 2a 22 24 c3 76 12 ce 6f e5 90 7e d7 91 56 02 f2 09 16 87 96 ef 6c c0 d0 ef d8 d1 bd ee b0 da e9 f1 41 8f 32 d0 e1 8a 16 db e3 30 b6 cf 21 6d fc d0 c8 de e0 9e ef 2f d6 c5 bb 2f ec f4 83 83 5d 60 01 af 12 b0 f3 93 25 6d 1b 8d aa 8b 22 44 3a 9c 8f 0d 06 9e 96 e7 8b b5 d9 9f 32 73 3f f7 8e b3 9e 9c e2 c3 a5 6d ab 8a 2b fc db 63 d3 93 f6 d5 c4 07 7b 80 37 f3 76 5b e6 51 f5 b1 9c 6d 54 98 6d 15 6b a2 37 59 c1 f2 a2 87 99 29 de 09 0e d8 7a 2e 5e e8 fb 62 f0 de 40 4f 5b 0c c1 fb ed 4e 38 41 2f b6 6a b1 45 90 9e b5 47 c3 89 21 89 eb 2d 88 0b 25 91 ee 3d 87 ed 00 df 47 07 01 2e 71 de b9 00 69 e5 03 ec d9 e7 21 70 11 38 3b 3c 96 0f 58 8a 91 39 1c d7 49 f7 e9 e8 a9 Data Ascii: _iQ\|(gvFVp!*"$vo~VlA20!m//]`%m"D:2s?m+c{7v[QmTmk7Y)z.^b@O[N8A/jEG!-%=G.qi!p8;<X9I
2024-10-28 16:48:11 UTC	1378	IN	Data Raw: cb 18 aa d4 69 6f 20 83 dd 85 af 85 c7 91 6f b7 1b b5 e7 00 8b 3d f0 2f 2a 90 d2 8b 80 d4 0f fe ca 60 0c ae 97 28 c6 f0 f8 35 86 ad f3 99 65 f7 b4 bd b0 9f 67 05 92 dd eb 17 18 18 90 3c 76 a3 7d b0 1f 80 09 c1 73 72 a8 4f 7f 69 c1 bd e4 cc 59 94 a4 66 06 58 1c ef 04 0e 7a 01 5e a2 a7 82 56 7a ba 87 9f f7 15 ac 87 07 59 d6 18 49 e4 34 01 46 6f 3e 2a f4 be b4 2a 70 48 53 23 bb 5e 3d ca a0 e1 51 ac 25 25 1c 58 30 e7 ed 6c ef 32 a3 a8 63 6d fe 65 50 bc 33 01 40 d7 f7 0a 9b fd 21 dc b9 2d ba f3 1e c5 03 c3 3c 9b c3 c5 7e e2 67 6e 34 47 da b2 52 27 6d 57 78 e9 15 de 95 e4 b4 d9 cd 27 20 1b b5 3a 95 75 a7 0a 17 0a c1 6a 6b d4 89 e8 ca a6 01 fe ee 76 42 53 d9 66 09 91 b3 96 8b 21 7a d4 27 df f7 d2 64 c6 f4 b6 13 7a f5 cb 8b f1 66 e6 ed 1c a3 90 72 5e 4b c3 4c 8a Data Ascii: io o=/`(5eg<v}srOiYfXz^VzYI4Fo>*pHS#^=Q%%X0l2cmeP3@!-<~gn4GR'mWx' :ujkvBSf!z'dzfr^KL
2024-10-28 16:48:11 UTC	1378	IN	Data Raw: 43 4c db 36 83 11 46 3a 28 b5 59 4a bb 48 b7 5c 52 d0 41 2b 1a 63 c5 01 ed 3a a8 82 15 ee 63 94 12 df 02 70 36 4e 29 02 a9 8d bf af 26 91 0e 40 bf 18 cd 7b 47 24 c1 40 af 6b b7 87 46 76 33 d9 8d eb 63 a0 c1 0b 85 8a c0 e2 cc 9a 04 d3 0d 26 df 0c 80 ed 09 3f a2 e8 99 f7 2a f4 6e 6d fc 0d 32 b7 f5 4c a7 08 44 af 5d c7 e2 a2 84 c2 35 3c 2c 73 80 c7 42 67 31 2c 5b 2f c4 f3 53 5c e9 61 6c 1c c5 6a cf 4c 1f ec 2d c0 f7 d6 85 2d 1d d8 bc 0b aa d9 cc 50 89 e3 6b 0b 36 25 b4 72 ca c3 e5 b3 ad f0 0f ec 7d c7 16 15 55 b0 a8 06 6d a0 aa be 59 b2 e5 4c c1 07 15 0a c9 db e9 16 dd 1d 2c 83 01 90 99 0b 77 0f 92 53 60 00 3c cf c1 4b 6b 14 fd c0 8f 35 18 93 11 42 77 ae 17 73 ec 35 65 45 bd 8c b3 b7 fe 58 ac f4 2f 65 09 bb ed 89 df 94 28 6d 71 18 5d 87 3e ab dd f3 80 61 6c Data Ascii: CL6F:(YJH\RA+c:cp6N)&@{G$@kFv3c&?*nm2LD]5<,sBg1,[/S\aljL--Pk6%r}UmYL,wS`<Kk5Bws5eEX/e(mq]>al
2024-10-28 16:48:11 UTC	1378	IN	Data Raw: c3 74 dc 6d 65 78 7a 2b 16 5f 00 dc 58 1a 27 54 15 29 86 0c db 17 b4 f5 5c c5 13 ad 84 ed 38 9c 77 02 07 7e 37 fd fe 4f d8 6c 84 59 ac 03 95 80 f2 93 8a a6 f2 40 49 88 62 c8 3c b3 e1 b2 33 be ec 30 72 c3 a5 dc 12 29 05 d8 7e 33 e0 7e e4 6f 47 73 89 41 8f 16 6b 29 fa 82 35 90 0d 34 81 14 37 97 08 4f 9c 41 7e c1 a4 32 c6 47 8c c2 fb 97 43 48 aa 72 12 28 12 dd b3 1e 07 7a 60 5c f6 3d ee a1 ee bf 71 1c 5d 68 93 f0 39 de 33 6c 24 13 88 c5 b7 58 ae c7 56 e3 fa 10 76 ed 28 f2 00 4f 05 f8 7b 8d c1 0c 72 d4 b0 6f 00 7a 5f 2b 9f c3 a6 1b 00 f1 c7 26 a1 f3 df fb 22 2b a9 4a 2d 2f 9e 20 03 21 47 7d bb 69 d0 60 e6 87 b4 6e d4 ae c2 e5 64 8b 91 cb c3 d6 4e d0 d6 30 6f b2 2f 72 85 da 9d 2b 0b 8b 95 30 c0 7a b4 8e 22 c4 5a ab 2f ec b6 aa 8a 80 6d d5 84 bd c7 32 73 84 21 Data Ascii: tmexz+_X'T)\8w~7OlY@Ib<30r)~3~oGsAk)547OA~2GCHr(z`\=q]h93l$XVv(O{roz_+&"+J-/ !G}i`ndN0o/r+0z"Z/m2s!
2024-10-28 16:48:11 UTC	1378	IN	Data Raw: 73 95 97 dd ab 01 39 52 ce a7 96 b6 8b c9 29 22 80 e9 b2 d5 29 76 c4 45 88 7f ef 31 88 cb 3b d2 7a a7 04 a6 41 a9 94 67 7b 86 75 07 03 da c5 33 46 ad 01 9c 53 c8 19 1c 28 42 d1 17 05 69 01 39 76 80 dc 1e 08 97 48 4a bf 34 d8 1e 80 97 18 4c e7 93 fe 41 ac 8b 04 98 51 bd c5 83 ba 8f 07 2d 0c c9 71 02 c2 05 8e 9f 50 04 84 6a dd 1c 19 4e 80 9a 62 47 25 6d 3c d8 d8 c9 6d f9 c9 c5 c4 91 8d 4e 7f c5 59 f8 41 d3 20 64 d9 97 6c cf 29 67 6b 9f d9 29 03 76 8f 2e ad 9c c8 45 af fd 1c 96 2a ec 16 6c 7d 13 73 0b 94 30 4b c6 4e f7 18 b1 08 3b fd b3 18 b1 91 6b b6 71 86 59 7a 62 1d c9 dd 3b 1d 4a b6 c7 ef 60 90 da 73 36 6b ba 5f 88 55 1d 71 59 d8 00 68 bb e8 6e fb 3e 9f ba f6 06 c4 eb a3 4f f9 ff f9 52 4e fd 9c 53 eb 7b ac f2 4f 31 e8 45 7e 11 76 6c 3f f4 b2 46 81 5d 2d Data Ascii: s9R)")vE1;zAg{u3FS(Bi9vHJ4LAQ-qPjNbG%m<mNYA dl)gk)v.E*l}s0KN;kqYzb;J`s6k_UqYhn>ORNS{O1E~vl?F]-
2024-10-28 16:48:11 UTC	1378	IN	Data Raw: 66 ef 1c bc c9 63 8a 7d 31 e7 1f 76 eb 04 1e 82 c6 61 7b 8f 61 ec a7 ea 39 e9 69 67 58 e4 07 47 80 0f b1 2b 9d 89 49 91 42 80 36 df ad d9 4f 0a 08 7c 8d 35 9a af a9 de a5 37 6f 1d e5 e6 a7 a5 42 f3 d3 fc 47 6f 72 4c 43 ea ef 58 c4 48 69 56 a0 7c 53 2c 3d b5 5d 2e 89 39 48 7f 9f a9 30 bd 74 5b d4 e1 85 87 92 97 d1 fe 40 03 10 12 df bb d2 34 0b a2 b1 26 f8 3f 20 73 04 29 4e 71 e9 46 5b e6 8a 9b 70 16 76 70 38 00 03 62 03 bc be f6 17 83 d6 44 64 00 2a a0 3c 77 04 d2 50 60 43 85 cd 35 e1 da 60 40 65 f8 ec f5 b4 12 80 76 ca 9e f7 24 c4 d3 df a1 4c e4 46 71 38 4e 29 b9 00 9a 6a 63 fc dd 55 89 2f d7 e8 20 6a 01 24 4e 75 76 dd 0a b7 a7 46 e2 49 95 f3 a0 17 8f 62 57 b3 f7 4f 31 5c ad 8a 24 5e 13 4f c3 0e 23 42 cd 5f 0d 95 d3 ee 39 9c 01 9a fa 85 dd f6 2a e7 b1 32 Data Ascii: fc}1va{a9igXG+IB6O\|57oBGorLCXHiV\|S,=].9H0t[@4&? s)NqF[pvp8bDd<wP`C5`@ev$LFq8N)jcU/ j$NuvFIbWO1\$^O#B_92
2024-10-28 16:48:11 UTC	1378	IN	Data Raw: 18 e7 1a c0 85 53 09 52 8c 4b 6e 19 0e ce 41 19 33 a9 98 0c f2 dd 8c 39 6e 14 98 34 98 61 ce db 65 5f b1 d4 85 aa 26 1e 54 47 75 64 8f 5b 75 00 52 8c 39 22 0a 04 74 ec 15 59 72 a5 d8 51 dd 97 2b af e8 93 4f 1b 6e ad 13 06 6c 79 36 53 03 87 60 bd a8 08 4f 0e 4a c2 16 54 d7 00 a8 70 e6 33 11 77 c4 0e a8 92 64 53 99 62 ac c0 a5 c4 11 51 06 ed ba a4 ae 77 d5 82 08 0a da 34 38 e2 84 2a 0b b0 cd d0 f6 a7 5c 07 09 cc a8 3c 82 8e d0 25 fd 10 a5 d3 f5 a8 5b 4a f4 bc af a1 89 d1 4f 4d 69 ed b7 ac dd 13 3f ac 69 06 39 b8 1d ae 15 eb 11 f5 d0 8f 3f 5d 76 1d 0c e7 1e 50 17 3d ce 0b ba 72 5c 09 9e f4 44 79 64 03 13 d1 64 65 6f 60 df 03 a3 c8 ee dc 61 dd 01 d8 dc e6 d6 ab 4e 38 c7 74 a0 97 71 b0 b2 2f 27 4b d2 6b 3a 4b 47 22 f2 0c 31 29 49 24 22 eb 6c e4 f8 f6 c4 5b 80 Data Ascii: SRKnA39n4ae_&TGud[uR9"tYrQ+Only6S`OJTp3wdSbQw48*\<%[JOMi?i9?]vP=r\Dyddeo`aN8tq/'Kk:KG"1)I$"l[

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:12 UTC	791	OUT	GET /u/login/cache.4d1a22494c68b269520ec72ef3757433.login-lib.js HTTP/1.1 Host: secure-portal.login-us.mimecast.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:12 UTC	472	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 16:48:12 GMT Content-Type: application/javascript Content-Length: 866072 Connection: close Cache-Control: max-age=20160 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Last-Modified: Thu, 22 Aug 2024 16:43:12 GMT ETag: W/"aLNisJAfThcaLNjIerq+A8" Accept-Ranges: bytes Vary: Accept-Encoding, User-Agent
2024-10-28 16:48:12 UTC	15912	IN	Data Raw: 69 66 28 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 65 2e 64 6f 63 75 6d 65 6e 74 29 72 65 74 75 72 6e 20 74 28 65 29 3b 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 20 72 65 71 75 69 72 65 73 20 61 20 77 69 6e 64 6f 77 20 77 69 74 68 20 61 20 64 6f 63 75 6d 65 6e 74 22 29 7d 3a 74 28 65 29 7d 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 3f 77 Data Ascii: if(!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(e.document)return t(e);throw new Error("jQuery requires a window with a document")}:t(e)}("undefined"!=typeof window?w
2024-10-28 16:48:12 UTC	16384	IN	Data Raw: 28 61 5b 45 5d 3d 7b 7d 29 29 5b 61 2e 75 6e 69 71 75 65 49 44 5d 7c 7c 28 6f 5b 61 2e 75 6e 69 71 75 65 49 44 5d 3d 7b 7d 29 29 5b 68 5d 7c 7c 5b 5d 29 5b 30 5d 3d 3d 3d 5f 26 26 72 5b 31 5d 29 26 26 72 5b 32 5d 2c 61 3d 73 26 26 63 2e 63 68 69 6c 64 4e 6f 64 65 73 5b 73 5d 3b 61 3d 2b 2b 73 26 26 61 26 26 61 5b 6c 5d 7c 7c 28 66 3d 73 3d 30 29 7c 7c 75 2e 70 6f 70 28 29 3b 29 69 66 28 31 3d 3d 3d 61 2e 6e 6f 64 65 54 79 70 65 26 26 2b 2b 66 26 26 61 3d 3d 3d 65 29 7b 69 5b 68 5d 3d 5b 5f 2c 73 2c 66 5d 3b 62 72 65 61 6b 7d 7d 65 6c 73 65 20 69 66 28 21 31 3d 3d 3d 28 66 3d 70 3f 73 3d 28 72 3d 28 69 3d 28 6f 3d 28 61 3d 65 29 5b 45 5d 7c 7c 28 61 5b 45 5d 3d 7b 7d 29 29 5b 61 2e 75 6e 69 71 75 65 49 44 5d 7c 7c 28 6f 5b 61 2e 75 6e 69 71 75 65 49 44 5d Data Ascii: (a[E]={}))[a.uniqueID]\|\|(o[a.uniqueID]={}))[h]\|\|[])[0]===_&&r[1])&&r[2],a=s&&c.childNodes[s];a=++s&&a&&a[l]\|\|(f=s=0)\|\|u.pop();)if(1===a.nodeType&&++f&&a===e){i[h]=[_,s,f];break}}else if(!1===(f=p?s=(r=(i=(o=(a=e)[E]\|\|(a[E]={}))[a.uniqueID]\|\|(o[a.uniqueID]
2024-10-28 16:48:12 UTC	16384	IN	Data Raw: 6e 63 74 69 6f 6e 20 24 28 65 29 7b 72 65 74 75 72 6e 20 65 2e 72 65 70 6c 61 63 65 28 6c 65 2c 22 6d 73 2d 22 29 2e 72 65 70 6c 61 63 65 28 63 65 2c 64 65 29 7d 66 75 6e 63 74 69 6f 6e 20 76 28 65 29 7b 72 65 74 75 72 6e 20 31 3d 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 7c 7c 39 3d 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 7c 7c 21 2b 65 2e 6e 6f 64 65 54 79 70 65 7d 66 75 6e 63 74 69 6f 6e 20 70 65 28 29 7b 74 68 69 73 2e 65 78 70 61 6e 64 6f 3d 43 2e 65 78 70 61 6e 64 6f 2b 70 65 2e 75 69 64 2b 2b 7d 70 65 2e 75 69 64 3d 31 2c 70 65 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 63 61 63 68 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 5b 74 68 69 73 2e 65 78 70 61 6e 64 6f 5d 3b 72 65 74 75 72 6e 20 74 7c 7c 28 74 3d 7b 7d 2c 76 28 65 29 26 26 28 65 2e 6e Data Ascii: nction $(e){return e.replace(le,"ms-").replace(ce,de)}function v(e){return 1===e.nodeType\|\|9===e.nodeType\|\|!+e.nodeType}function pe(){this.expando=C.expando+pe.uid++}pe.uid=1,pe.prototype={cache:function(e){var t=e[this.expando];return t\|\|(t={},v(e)&&(e.n
2024-10-28 16:48:12 UTC	16384	IN	Data Raw: 3b 69 66 28 74 29 69 66 28 6e 29 66 6f 72 28 6f 3d 6f 7c 7c 41 28 65 29 2c 61 3d 61 7c 7c 41 28 63 29 2c 72 3d 30 2c 69 3d 6f 2e 6c 65 6e 67 74 68 3b 72 3c 69 3b 72 2b 2b 29 6a 65 28 6f 5b 72 5d 2c 61 5b 72 5d 29 3b 65 6c 73 65 20 6a 65 28 65 2c 63 29 3b 72 65 74 75 72 6e 20 30 3c 28 61 3d 41 28 63 2c 22 73 63 72 69 70 74 22 29 29 2e 6c 65 6e 67 74 68 26 26 78 65 28 61 2c 21 64 26 26 41 28 65 2c 22 73 63 72 69 70 74 22 29 29 2c 63 7d 2c 63 6c 65 61 6e 44 61 74 61 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 2c 6e 2c 72 2c 69 3d 43 2e 65 76 65 6e 74 2e 73 70 65 63 69 61 6c 2c 6f 3d 30 3b 76 6f 69 64 20 30 21 3d 3d 28 6e 3d 65 5b 6f 5d 29 3b 6f 2b 2b 29 69 66 28 76 28 6e 29 29 7b 69 66 28 74 3d 6e 5b 62 2e 65 78 70 61 6e 64 6f 5d 29 7b Data Ascii: ;if(t)if(n)for(o=o\|\|A(e),a=a\|\|A(c),r=0,i=o.length;r<i;r++)je(o[r],a[r]);else je(e,c);return 0<(a=A(c,"script")).length&&xe(a,!d&&A(e,"script")),c},cleanData:function(e){for(var t,n,r,i=C.event.special,o=0;void 0!==(n=e[o]);o++)if(v(n)){if(t=n[b.expando]){
2024-10-28 16:48:12 UTC	16384	IN	Data Raw: 6c 6c 3d 3d 3d 6e 3f 76 6f 69 64 20 43 2e 72 65 6d 6f 76 65 41 74 74 72 28 65 2c 74 29 3a 69 26 26 22 73 65 74 22 69 6e 20 69 26 26 76 6f 69 64 20 30 21 3d 3d 28 72 3d 69 2e 73 65 74 28 65 2c 6e 2c 74 29 29 3f 72 3a 28 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 74 2c 6e 2b 22 22 29 2c 6e 29 3a 21 28 69 26 26 22 67 65 74 22 69 6e 20 69 26 26 6e 75 6c 6c 21 3d 3d 28 72 3d 69 2e 67 65 74 28 65 2c 74 29 29 29 26 26 6e 75 6c 6c 3d 3d 28 72 3d 43 2e 66 69 6e 64 2e 61 74 74 72 28 65 2c 74 29 29 3f 76 6f 69 64 20 30 3a 72 29 7d 2c 61 74 74 72 48 6f 6f 6b 73 3a 7b 74 79 70 65 3a 7b 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3b 69 66 28 21 67 2e 72 61 64 69 6f 56 61 6c 75 65 26 26 22 72 61 64 69 6f 22 3d 3d 3d 74 26 26 75 28 65 2c 22 69 Data Ascii: ll===n?void C.removeAttr(e,t):i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:(e.setAttribute(t,n+""),n):!(i&&"get"in i&&null!==(r=i.get(e,t)))&&null==(r=C.find.attr(e,t))?void 0:r)},attrHooks:{type:{set:function(e,t){var n;if(!g.radioValue&&"radio"===t&&u(e,"i
2024-10-28 16:48:12 UTC	16384	IN	Data Raw: 22 6e 75 6d 62 65 72 22 21 3d 74 79 70 65 6f 66 20 72 2e 73 74 61 74 75 73 3f 74 28 30 2c 22 65 72 72 6f 72 22 29 3a 74 28 72 2e 73 74 61 74 75 73 2c 72 2e 73 74 61 74 75 73 54 65 78 74 29 3a 74 28 47 74 5b 72 2e 73 74 61 74 75 73 5d 7c 7c 72 2e 73 74 61 74 75 73 2c 72 2e 73 74 61 74 75 73 54 65 78 74 2c 22 74 65 78 74 22 21 3d 3d 28 72 2e 72 65 73 70 6f 6e 73 65 54 79 70 65 7c 7c 22 74 65 78 74 22 29 7c 7c 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 72 2e 72 65 73 70 6f 6e 73 65 54 65 78 74 3f 7b 62 69 6e 61 72 79 3a 72 2e 72 65 73 70 6f 6e 73 65 7d 3a 7b 74 65 78 74 3a 72 2e 72 65 73 70 6f 6e 73 65 54 65 78 74 7d 2c 72 2e 67 65 74 41 6c 6c 52 65 73 70 6f 6e 73 65 48 65 61 64 65 72 73 28 29 29 29 7d 7d 2c 72 2e 6f 6e 6c 6f 61 64 3d 6f 28 29 2c 61 Data Ascii: "number"!=typeof r.status?t(0,"error"):t(r.status,r.statusText):t(Gt[r.status]\|\|r.status,r.statusText,"text"!==(r.responseType\|\|"text")\|\|"string"!=typeof r.responseText?{binary:r.response}:{text:r.responseText},r.getAllResponseHeaders()))}},r.onload=o(),a
2024-10-28 16:48:12 UTC	16384	IN	Data Raw: 74 75 72 6e 2d 31 7d 2c 72 28 22 4d 22 2c 5b 22 4d 4d 22 2c 32 5d 2c 22 4d 6f 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6d 6f 6e 74 68 28 29 2b 31 7d 29 2c 72 28 22 4d 4d 4d 22 2c 30 2c 30 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6c 6f 63 61 6c 65 44 61 74 61 28 29 2e 6d 6f 6e 74 68 73 53 68 6f 72 74 28 74 68 69 73 2c 65 29 7d 29 2c 72 28 22 4d 4d 4d 4d 22 2c 30 2c 30 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6c 6f 63 61 6c 65 44 61 74 61 28 29 2e 6d 6f 6e 74 68 73 28 74 68 69 73 2c 65 29 7d 29 2c 79 28 22 4d 22 2c 6e 2c 67 29 2c 79 28 22 4d 4d 22 2c 6e 2c 74 29 2c 79 28 22 4d 4d 4d 22 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 2e Data Ascii: turn-1},r("M",["MM",2],"Mo",function(){return this.month()+1}),r("MMM",0,0,function(e){return this.localeData().monthsShort(this,e)}),r("MMMM",0,0,function(e){return this.localeData().months(this,e)}),y("M",n,g),y("MM",n,t),y("MMM",function(e,t){return t.
2024-10-28 16:48:12 UTC	16384	IN	Data Raw: 5b 22 2d 22 2c 30 2c 30 5d 29 5b 31 5d 2b 77 28 65 5b 32 5d 29 29 3f 30 3a 22 2b 22 3d 3d 3d 65 5b 30 5d 3f 74 3a 2d 74 7d 66 75 6e 63 74 69 6f 6e 20 42 74 28 65 2c 74 29 7b 76 61 72 20 6e 3b 72 65 74 75 72 6e 20 74 2e 5f 69 73 55 54 43 3f 28 74 3d 74 2e 63 6c 6f 6e 65 28 29 2c 6e 3d 28 63 28 65 29 7c 7c 6a 28 65 29 3f 65 3a 46 28 65 29 29 2e 76 61 6c 75 65 4f 66 28 29 2d 74 2e 76 61 6c 75 65 4f 66 28 29 2c 74 2e 5f 64 2e 73 65 74 54 69 6d 65 28 74 2e 5f 64 2e 76 61 6c 75 65 4f 66 28 29 2b 6e 29 2c 66 2e 75 70 64 61 74 65 4f 66 66 73 65 74 28 74 2c 21 31 29 2c 74 29 3a 46 28 65 29 2e 6c 6f 63 61 6c 28 29 7d 66 75 6e 63 74 69 6f 6e 20 55 74 28 65 29 7b 72 65 74 75 72 6e 2d 4d 61 74 68 2e 72 6f 75 6e 64 28 65 2e 5f 64 2e 67 65 74 54 69 6d 65 7a 6f 6e 65 4f Data Ascii: ["-",0,0])[1]+w(e[2]))?0:"+"===e[0]?t:-t}function Bt(e,t){var n;return t._isUTC?(t=t.clone(),n=(c(e)\|\|j(e)?e:F(e)).valueOf()-t.valueOf(),t._d.setTime(t._d.valueOf()+n),f.updateOffset(t,!1),t):F(e).local()}function Ut(e){return-Math.round(e._d.getTimezoneO
2024-10-28 16:48:13 UTC	16384	IN	Data Raw: 6e 75 6c 6c 3d 3d 3d 28 65 3d 6a 74 28 44 65 2c 65 29 29 29 72 65 74 75 72 6e 20 74 68 69 73 7d 65 6c 73 65 20 4d 61 74 68 2e 61 62 73 28 65 29 3c 31 36 26 26 21 6e 26 26 28 65 2a 3d 36 30 29 3b 72 65 74 75 72 6e 21 74 68 69 73 2e 5f 69 73 55 54 43 26 26 74 26 26 28 72 3d 55 74 28 74 68 69 73 29 29 2c 74 68 69 73 2e 5f 6f 66 66 73 65 74 3d 65 2c 74 68 69 73 2e 5f 69 73 55 54 43 3d 21 30 2c 6e 75 6c 6c 21 3d 72 26 26 74 68 69 73 2e 61 64 64 28 72 2c 22 6d 22 29 2c 69 21 3d 3d 65 26 26 28 21 74 7c 7c 74 68 69 73 2e 5f 63 68 61 6e 67 65 49 6e 50 72 6f 67 72 65 73 73 3f 47 74 28 74 68 69 73 2c 49 28 65 2d 69 2c 22 6d 22 29 2c 31 2c 21 31 29 3a 74 68 69 73 2e 5f 63 68 61 6e 67 65 49 6e 50 72 6f 67 72 65 73 73 7c 7c 28 74 68 69 73 2e 5f 63 68 61 6e 67 65 49 6e Data Ascii: null===(e=jt(De,e)))return this}else Math.abs(e)<16&&!n&&(e*=60);return!this._isUTC&&t&&(r=Ut(this)),this._offset=e,this._isUTC=!0,null!=r&&this.add(r,"m"),i!==e&&(!t\|\|this._changeInProgress?Gt(this,I(e-i,"m"),1,!1):this._changeInProgress\|\|(this._changeIn
2024-10-28 16:48:13 UTC	16384	IN	Data Raw: 54 69 6d 65 54 68 72 65 73 68 6f 6c 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 21 3d 3d 45 6e 5b 65 5d 26 26 28 76 6f 69 64 20 30 3d 3d 3d 74 3f 45 6e 5b 65 5d 3a 28 45 6e 5b 65 5d 3d 74 2c 22 73 22 3d 3d 3d 65 26 26 28 45 6e 2e 73 73 3d 74 2d 31 29 2c 21 30 29 29 7d 2c 66 2e 63 61 6c 65 6e 64 61 72 46 6f 72 6d 61 74 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 28 65 3d 65 2e 64 69 66 66 28 74 2c 22 64 61 79 73 22 2c 21 30 29 29 3c 2d 36 3f 22 73 61 6d 65 45 6c 73 65 22 3a 65 3c 2d 31 3f 22 6c 61 73 74 57 65 65 6b 22 3a 65 3c 30 3f 22 6c 61 73 74 44 61 79 22 3a 65 3c 31 3f 22 73 61 6d 65 44 61 79 22 3a 65 3c 32 3f 22 6e 65 78 74 44 61 79 22 3a 65 3c 37 3f 22 6e 65 78 74 57 65 65 6b 22 3a 22 73 Data Ascii: TimeThreshold=function(e,t){return void 0!==En[e]&&(void 0===t?En[e]:(En[e]=t,"s"===e&&(En.ss=t-1),!0))},f.calendarFormat=function(e,t){return(e=e.diff(t,"days",!0))<-6?"sameElse":e<-1?"lastWeek":e<0?"lastDay":e<1?"sameDay":e<2?"nextDay":e<7?"nextWeek":"s

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	1672
Entropy (8bit):	5.2130920840468065
Encrypted:	false
SSDEEP:	24:Dt4An1AoZ9AnnP49AnqQTsJbAnRpkoY+VYzjgtTeneofK5gP+eBBkZlB4BRJXP8q:D+A1As9AQ9AqQYJbAJEjaRjiTRBCZe
MD5:	D801E9936920D12430A41C6621827EDB
SHA1:	A2AB5AA117B8475F21908751E0EFF6D25D862EED
SHA-256:	5A2D85276F3BB00A21502841E1591699056969A7066B92A9ECEDF9820872DBF3
SHA-512:	5D6FF6CD6139FAE1F2FE6FF2BD2EDF053AB3C71738C5F11EF4BBEDA527ACD1F5BBDD92BFB0740DBB06DA9E776198C6F24456598B20367EE78C9DD74B7647F04E
Malicious:	false
Reputation:	low
Preview:	#pendo-g-HSnzFk61g0hDIbg3_i1hMHRvVR0 {. /* Style the links /. / Remove default bullets /. / Remove margins and padding from the parent ul /. / Style the caret/arrow /. / Style the caret/Text /. / Create the caret/arrow with a unicode, and style it /. / Rotate the caret/arrow icon when clicked on (using JavaScript) /. / Hide the nested list /. / Show the nested list when the user clicks on the caret/arrow (with JavaScript) */.}.#pendo-g-HSnzFk61g0hDIbg3_i1hMHRvVR0 .link {. position: relative;. width: auto;. float: none;. vertical-align: baseline;. display: block;. color: #1976d2;. font-weight: 400;. padding: 0px;. line-height: 0.5;. text-align: left;. margin: 20px;. font-size: 18px;. letter-spacing: 0px;. text-transform: none;. white-space: pre-wrap;.}.#pendo-g-HSnzFk61g0hDIbg3_i1hMHRvVR0 ul,.#pendo-g-HSnzFk61g0hDIbg3_i1hMHRvVR0 #myUL {. list-style-type: none;.}.#pendo-g-HSnzFk61g0hDIbg3_i1hMHRvVR0 #myUL {. margin: 0;. padding: 0px 0px 0px;.}.#

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	1672
Entropy (8bit):	5.212566910755069
Encrypted:	false
SSDEEP:	48:DeA1As9AQ9AqQYJbAVEjaRBa29JSl6sRj12Zy:bKX7qPkVmcBBSYkjZ
MD5:	AB66811282F00C53FF9ABD92A24E6655
SHA1:	349FB68EFF39DEFEE85AFAC1884E61DA8F1D0A61
SHA-256:	F65864633E442C4DEBDEEA61EAC07877311038061C4EB43964AF0910CB7387D1
SHA-512:	2B505F36401DECCCF72BD5C5F876606847F4E0E46307BB68BA3CE9D5EBCBD146C4831786109B6C19DFE832A046C9401222A4C539B760BE4447E0B540801D9E61
Malicious:	false
Reputation:	low
URL:	https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/EWuuX_o4U-xRldBOqT-LYFc69fQ@sn9p0ljv8dushqgktXFohVVCLNU/Imtq1OAS7QR5--1wWyrbg1YVU2c/NJ-2jv853v7oWvrBiE5h2o8dCmE.guide.css?sha256=9lhkYz5ELE3r3uph6sB4dzEQOAYcTrQ5ZK8JEMtzh9E
Preview:	#pendo-g-Imtq1OAS7QR5--1wWyrbg1YVU2c {. /* Style the links /. / Remove default bullets /. / Remove margins and padding from the parent ul /. / Style the caret/arrow /. / Style the caret/Text /. / Create the caret/arrow with a unicode, and style it /. / Rotate the caret/arrow icon when clicked on (using JavaScript) /. / Hide the nested list /. / Show the nested list when the user clicks on the caret/arrow (with JavaScript) */.}.#pendo-g-Imtq1OAS7QR5--1wWyrbg1YVU2c .link {. position: relative;. width: auto;. float: none;. vertical-align: baseline;. display: block;. color: #1976d2;. font-weight: 400;. padding: 0px;. line-height: 0.5;. text-align: left;. margin: 20px;. font-size: 18px;. letter-spacing: 0px;. text-transform: none;. white-space: pre-wrap;.}.#pendo-g-Imtq1OAS7QR5--1wWyrbg1YVU2c ul,.#pendo-g-Imtq1OAS7QR5--1wWyrbg1YVU2c #myUL {. list-style-type: none;.}.#pendo-g-Imtq1OAS7QR5--1wWyrbg1YVU2c #myUL {. margin: 0;. padding: 0px 0px 0px;.}.#

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:12 UTC	787	OUT	GET /u/login/cache.1b1f06688bfbb8673528c177626fe897.login.js HTTP/1.1 Host: secure-portal.login-us.mimecast.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:12 UTC	472	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 16:48:12 GMT Content-Type: application/javascript Content-Length: 208075 Connection: close Cache-Control: max-age=20160 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Last-Modified: Thu, 22 Aug 2024 16:43:12 GMT ETag: W/"5ibeFAQZbG85ibfhX7iwaQ" Accept-Ranges: bytes Vary: Accept-Encoding, User-Agent
2024-10-28 16:48:12 UTC	15912	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 61 6e 67 75 6c 61 72 2e 6d 6f 64 75 6c 65 28 22 6d 65 73 73 61 67 65 46 6f 72 6d 61 74 74 65 72 2e 64 69 72 65 63 74 69 76 65 22 2c 5b 5d 29 2e 64 69 72 65 63 74 69 76 65 28 22 6d 63 4d 65 73 73 61 67 65 46 6f 72 6d 61 74 74 65 72 22 2c 5b 22 24 74 72 61 6e 73 6c 61 74 65 22 2c 22 24 73 61 6e 69 74 69 7a 65 22 2c 22 24 69 6e 6a 65 63 74 6f 72 22 2c 22 24 77 69 6e 64 6f 77 22 2c 22 24 6c 6f 63 61 74 69 6f 6e 22 2c 66 75 6e 63 74 69 6f 6e 28 6e 2c 73 2c 6c 2c 6f 2c 69 29 7b 72 65 74 75 72 6e 7b 72 65 73 74 72 69 63 74 3a 22 41 22 2c 74 65 6d 70 6c 61 74 65 55 72 6c 3a 22 63 6f 6d 70 6f 6e 65 6e 74 73 2f 6d 65 73 73 61 67 65 2d 66 6f 72 6d 61 74 74 65 72 2f 6d 65 73 73 61 67 65 2d 66 6f 72 6d 61 74 74 65 72 2e 74 70 6c Data Ascii: "use strict";angular.module("messageFormatter.directive",[]).directive("mcMessageFormatter",["$translate","$sanitize","$injector","$window","$location",function(n,s,l,o,i){return{restrict:"A",templateUrl:"components/message-formatter/message-formatter.tpl
2024-10-28 16:48:12 UTC	16384	IN	Data Raw: 74 6f 72 22 3e 3c 2f 64 69 76 3e 5c 6e 5c 6e 20 20 20 20 3c 6c 61 62 65 6c 20 63 6c 61 73 73 3d 22 74 6f 2d 6c 61 62 65 6c 22 20 74 72 61 6e 73 6c 61 74 65 3d 22 44 41 54 45 5f 52 41 4e 47 45 5f 50 49 43 4b 45 52 5f 53 49 4d 50 4c 45 5f 4c 41 42 45 4c 5f 54 4f 22 3e 3c 2f 6c 61 62 65 6c 3e 5c 6e 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 2d 67 72 6f 75 70 20 65 6e 64 2d 64 61 74 65 22 3e 5c 6e 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 2d 64 61 74 65 72 61 6e 67 65 20 69 6e 70 75 74 2d 67 72 6f 75 70 22 3e 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 63 6c 61 73 73 3d 22 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 22 20 6e 61 6d 65 3d 22 65 6e 64 22 20 6e 67 Data Ascii: tor"></div>\n\n <label class="to-label" translate="DATE_RANGE_PICKER_SIMPLE_LABEL_TO"></label>\n <div class="input-group end-date">\n <div class="input-daterange input-group">\n <input type="text" class="form-control" name="end" ng
2024-10-28 16:48:12 UTC	16384	IN	Data Raw: 74 68 20 7c 7c 20 64 6f 6d 61 69 6e 73 4d 61 6e 61 67 65 72 42 75 6c 6b 41 64 64 43 74 72 6c 2e 62 75 6c 6b 44 6f 6d 61 69 6e 73 43 6f 6c 6c 65 63 74 69 6f 6e 2e 76 61 6c 69 64 2e 6c 65 6e 67 74 68 20 3e 20 35 30 22 20 6e 67 2d 69 66 3d 22 64 6f 6d 61 69 6e 73 4d 61 6e 61 67 65 72 42 75 6c 6b 41 64 64 43 74 72 6c 2e 73 65 63 6f 6e 64 53 74 65 70 22 3e 3c 2f 62 75 74 74 6f 6e 3e 5c 6e 3c 2f 64 69 76 3e 27 29 7d 5d 29 2c 61 6e 67 75 6c 61 72 2e 6d 6f 64 75 6c 65 28 22 63 6f 6d 70 6f 6e 65 6e 74 73 2f 64 6f 6d 61 69 6e 73 2d 6d 61 6e 61 67 65 72 2f 6d 6f 64 61 6c 2f 77 69 7a 61 72 64 2d 73 74 65 70 73 2f 77 69 7a 61 72 64 2d 73 74 65 70 2d 30 31 2e 74 70 6c 2e 68 74 6d 6c 22 2c 5b 5d 29 2e 72 75 6e 28 5b 22 24 74 65 6d 70 6c 61 74 65 43 61 63 68 65 22 2c 66 Data Ascii: th \|\| domainsManagerBulkAddCtrl.bulkDomainsCollection.valid.length > 50" ng-if="domainsManagerBulkAddCtrl.secondStep"></button>\n</div>')}]),angular.module("components/domains-manager/modal/wizard-steps/wizard-step-01.tpl.html",[]).run(["$templateCache",f
2024-10-28 16:48:12 UTC	16384	IN	Data Raw: 6f 6d 70 6f 6e 65 6e 74 73 2f 69 6e 2d 61 70 70 2d 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2f 69 6e 2d 61 70 70 2d 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2e 74 70 6c 2e 68 74 6d 6c 22 2c 27 3c 64 69 76 20 69 64 3d 22 69 6e 2d 61 70 70 2d 6e 6f 74 69 66 69 63 61 74 69 6f 6e 22 20 63 6c 61 73 73 3d 22 67 72 6f 77 6c 2d 63 6f 6e 74 61 69 6e 65 72 22 20 6e 67 2d 63 6c 61 73 73 3d 22 77 72 61 70 70 65 72 43 6c 61 73 73 65 73 28 29 22 3e 5c 6e 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2d 69 74 65 6d 22 20 6e 67 2d 72 65 70 65 61 74 3d 22 6d 65 73 73 61 67 65 20 69 6e 20 6d 65 73 73 61 67 65 73 22 20 6e 67 2d 63 6c 61 73 73 3d 22 6d 65 73 73 61 67 65 2e 73 65 76 65 72 69 74 79 22 3e 5c 6e 20 20 20 20 20 20 20 20 3c 64 69 76 20 Data Ascii: omponents/in-app-notification/in-app-notification.tpl.html",'<div id="in-app-notification" class="growl-container" ng-class="wrapperClasses()">\n <div class="notification-item" ng-repeat="message in messages" ng-class="message.severity">\n <div
2024-10-28 16:48:12 UTC	16384	IN	Data Raw: 22 32 32 22 20 6e 67 2d 69 66 3d 22 63 74 72 6c 2e 73 65 6c 65 63 74 69 6f 6e 4f 70 74 69 6f 6e 73 2e 6c 65 6e 67 74 68 3e 30 22 20 6e 67 2d 69 6e 63 6c 75 64 65 3d 22 5c 27 63 6f 6d 70 6f 6e 65 6e 74 73 2f 6c 69 73 74 2d 64 65 74 61 69 6c 2f 6c 69 73 74 2f 74 6f 6f 6c 62 61 72 2f 6c 69 73 74 2d 74 6f 6f 6c 62 61 72 2e 74 70 6c 2e 68 74 6d 6c 5c 27 22 3e 3c 2f 64 69 76 3e 5c 6e 5c 6e 20 20 20 20 20 20 20 20 5c 78 33 63 21 2d 2d 20 53 43 52 4f 4c 4c 41 42 4c 45 20 45 4d 41 49 4c 20 4c 49 53 54 2d 2d 5c 78 33 65 5c 6e 20 20 20 20 20 20 20 20 3c 64 69 76 20 6d 63 2d 63 65 6e 74 65 72 20 6e 67 2d 69 6e 63 6c 75 64 65 3d 22 5c 27 63 6f 6d 70 6f 6e 65 6e 74 73 2f 6c 69 73 74 2d 64 65 74 61 69 6c 2f 6c 69 73 74 2f 6c 69 73 74 2e 74 70 6c 2e 68 74 6d 6c 5c 27 22 Data Ascii: "22" ng-if="ctrl.selectionOptions.length>0" ng-include="\'components/list-detail/list/toolbar/list-toolbar.tpl.html\'"></div>\n\n \x3c!-- SCROLLABLE EMAIL LIST--\x3e\n <div mc-center ng-include="\'components/list-detail/list/list.tpl.html\'"
2024-10-28 16:48:12 UTC	16384	IN	Data Raw: 64 69 73 63 6c 61 69 6d 65 72 2f 64 69 73 63 6c 61 69 6d 65 72 2e 74 70 6c 2e 68 74 6d 6c 22 2c 5b 5d 29 2e 72 75 6e 28 5b 22 24 74 65 6d 70 6c 61 74 65 43 61 63 68 65 22 2c 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6e 2e 70 75 74 28 22 63 6f 6d 70 6f 6e 65 6e 74 73 2f 6c 6f 67 69 6e 2f 64 69 73 63 6c 61 69 6d 65 72 2f 64 69 73 63 6c 61 69 6d 65 72 2e 74 70 6c 2e 68 74 6d 6c 22 2c 27 5c 78 33 63 21 2d 2d 20 3c 68 34 20 63 6c 61 73 73 3d 22 6e 6f 2d 6d 61 72 67 69 6e 2d 74 6f 70 22 20 74 72 61 6e 73 6c 61 74 65 3d 22 7b 7b 61 70 70 43 74 72 6c 2e 63 75 72 72 65 6e 74 4c 6f 67 69 6e 43 6f 6e 66 2e 64 69 73 63 6c 61 69 6d 65 72 54 69 74 6c 65 7d 7d 22 20 6e 67 2d 69 66 3d 22 21 61 70 70 43 74 72 6c 2e 62 72 61 6e 64 69 6e 67 2e 64 69 73 63 6c 61 69 6d 65 72 54 69 Data Ascii: disclaimer/disclaimer.tpl.html",[]).run(["$templateCache",function(n){n.put("components/login/disclaimer/disclaimer.tpl.html",'\x3c!-- <h4 class="no-margin-top" translate="{{appCtrl.currentLoginConf.disclaimerTitle}}" ng-if="!appCtrl.branding.disclaimerTi
2024-10-28 16:48:12 UTC	16384	IN	Data Raw: 4c 5f 53 54 45 50 31 5f 44 45 53 43 22 3e 3c 2f 73 70 61 6e 3e 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 63 6c 61 73 73 3d 22 63 75 72 73 6f 72 2d 70 6f 69 6e 74 65 72 22 20 6e 67 2d 63 6c 69 63 6b 3d 22 69 73 43 6f 6c 6c 61 70 73 65 64 20 3d 20 21 69 73 43 6f 6c 6c 61 70 73 65 64 22 3e 3c 73 70 61 6e 20 74 72 61 6e 73 6c 61 74 65 3d 22 4f 54 50 5f 48 45 4c 50 5f 4d 4f 44 41 4c 5f 53 54 45 50 31 5f 44 45 53 43 5f 4c 49 4e 4b 22 3e 3c 2f 73 70 61 6e 3e 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 22 20 6e 67 2d 63 6c 61 73 73 3d 22 69 73 43 6f 6c 6c 61 70 73 65 64 20 3f 20 5c 27 66 61 2d 61 6e 67 6c 65 2d 75 70 5c 27 20 3a 20 5c 27 66 61 2d 61 6e 67 6c 65 2d 64 6f 77 6e 5c 27 22 3e 3c 2f 69 3e 3c 2f 61 3e 5c 6e 20 20 20 20 20 20 20 20 20 20 Data Ascii: L_STEP1_DESC"></span>\n <a class="cursor-pointer" ng-click="isCollapsed = !isCollapsed"><span translate="OTP_HELP_MODAL_STEP1_DESC_LINK"></span> <i class="fa" ng-class="isCollapsed ? \'fa-angle-up\' : \'fa-angle-down\'"></i></a>\n
2024-10-28 16:48:12 UTC	16384	IN	Data Raw: 64 69 76 20 6e 67 2d 69 66 3d 22 21 6d 6f 64 61 6c 41 63 63 6f 75 6e 74 53 75 70 70 6f 72 74 43 74 72 6c 2e 69 73 4c 6f 61 64 69 6e 67 22 20 63 6c 61 73 73 3d 22 6d 6f 64 61 6c 2d 62 6f 64 79 20 6d 63 2d 61 63 63 6f 75 6e 74 2d 73 75 70 70 6f 72 74 2d 73 65 72 76 69 63 65 22 3e 5c 6e 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 2d 66 6c 75 69 64 22 3e 5c 6e 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 3e 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 6d 64 2d 36 22 3e 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 74 61 62 6c 65 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 20 74 61 62 6c 65 2d 61 72 65 61 22 3e 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: div ng-if="!modalAccountSupportCtrl.isLoading" class="modal-body mc-account-support-service">\n <div class="container-fluid">\n <div class="row">\n <div class="col-md-6">\n <table class="table table-area">\n
2024-10-28 16:48:13 UTC	16384	IN	Data Raw: 6e 73 2e 6d 65 73 73 61 67 65 42 6f 78 49 63 6f 6e 43 6c 61 73 73 7d 7d 22 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 74 69 74 6c 65 3d 22 7b 7b 20 66 65 65 64 62 61 63 6b 43 74 72 6c 2e 69 6e 6c 69 6e 65 4e 6f 74 69 66 69 63 61 74 69 6f 6e 4f 70 74 69 6f 6e 73 2e 6d 65 73 73 61 67 65 42 6f 78 54 69 74 6c 65 20 7c 20 74 72 61 6e 73 6c 61 74 65 20 7d 7d 22 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 69 73 2d 76 69 73 69 62 6c 65 3d 22 66 65 65 64 62 61 63 6b 43 74 72 6c 2e 69 6e 6c 69 6e 65 4e 6f 74 69 66 69 63 61 74 69 6f 6e 4f 70 74 69 6f 6e 73 2e 6d 65 73 73 61 67 65 42 6f 78 56 69 73 69 62 69 6c 69 74 79 22 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 68 69 64 65 2d 63 6c 6f 73 65 2d 62 75 74 74 6f 6e 3d 22 66 65 65 64 62 61 63 6b 43 74 72 6c 2e 69 6e 6c 69 Data Ascii: ns.messageBoxIconClass}}"\n title="{{ feedbackCtrl.inlineNotificationOptions.messageBoxTitle \| translate }}"\n is-visible="feedbackCtrl.inlineNotificationOptions.messageBoxVisibility"\n hide-close-button="feedbackCtrl.inli
2024-10-28 16:48:13 UTC	16384	IN	Data Raw: 66 65 72 65 6e 63 65 73 28 29 22 20 64 61 74 61 2d 64 69 73 6d 69 73 73 3d 22 6d 6f 64 61 6c 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 3e 3c 2f 62 75 74 74 6f 6e 3e 5c 6e 20 20 20 20 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 62 74 6e 2d 64 65 66 61 75 6c 74 22 20 64 61 74 61 2d 64 69 73 6d 69 73 73 3d 22 6d 6f 64 61 6c 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 74 72 61 6e 73 6c 61 74 65 3d 22 24 49 31 38 4e 5f 43 4f 4d 4d 4f 4e 5f 42 54 4e 5f 43 41 4e 43 45 4c 22 20 6e 67 2d 63 6c 69 63 6b 3d 22 24 63 6c 6f 73 65 28 29 22 3e 3c 2f 62 75 74 74 6f 6e 3e 5c 6e 5c 6e 3c 2f 64 69 76 3e 5c 6e 27 29 7d 5d 29 2c 61 6e 67 75 6c 61 Data Ascii: ferences()" data-dismiss="modal" aria-hidden="true"></button>\n <button type="submit" class="btn btn-default" data-dismiss="modal" aria-hidden="true"\n translate="$I18N_COMMON_BTN_CANCEL" ng-click="$close()"></button>\n\n</div>\n')}]),angula

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:14 UTC	414	OUT	GET /u/login/cache.1b1f06688bfbb8673528c177626fe897.login.js HTTP/1.1 Host: secure-portal.login-us.mimecast.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:14 UTC	472	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 16:48:14 GMT Content-Type: application/javascript Content-Length: 208075 Connection: close Cache-Control: max-age=20160 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Last-Modified: Thu, 22 Aug 2024 16:43:12 GMT ETag: W/"UefhnJJE/VAUefgDei/UJs" Accept-Ranges: bytes Vary: Accept-Encoding, User-Agent
2024-10-28 16:48:14 UTC	15912	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 61 6e 67 75 6c 61 72 2e 6d 6f 64 75 6c 65 28 22 6d 65 73 73 61 67 65 46 6f 72 6d 61 74 74 65 72 2e 64 69 72 65 63 74 69 76 65 22 2c 5b 5d 29 2e 64 69 72 65 63 74 69 76 65 28 22 6d 63 4d 65 73 73 61 67 65 46 6f 72 6d 61 74 74 65 72 22 2c 5b 22 24 74 72 61 6e 73 6c 61 74 65 22 2c 22 24 73 61 6e 69 74 69 7a 65 22 2c 22 24 69 6e 6a 65 63 74 6f 72 22 2c 22 24 77 69 6e 64 6f 77 22 2c 22 24 6c 6f 63 61 74 69 6f 6e 22 2c 66 75 6e 63 74 69 6f 6e 28 6e 2c 73 2c 6c 2c 6f 2c 69 29 7b 72 65 74 75 72 6e 7b 72 65 73 74 72 69 63 74 3a 22 41 22 2c 74 65 6d 70 6c 61 74 65 55 72 6c 3a 22 63 6f 6d 70 6f 6e 65 6e 74 73 2f 6d 65 73 73 61 67 65 2d 66 6f 72 6d 61 74 74 65 72 2f 6d 65 73 73 61 67 65 2d 66 6f 72 6d 61 74 74 65 72 2e 74 70 6c Data Ascii: "use strict";angular.module("messageFormatter.directive",[]).directive("mcMessageFormatter",["$translate","$sanitize","$injector","$window","$location",function(n,s,l,o,i){return{restrict:"A",templateUrl:"components/message-formatter/message-formatter.tpl
2024-10-28 16:48:14 UTC	16384	IN	Data Raw: 74 6f 72 22 3e 3c 2f 64 69 76 3e 5c 6e 5c 6e 20 20 20 20 3c 6c 61 62 65 6c 20 63 6c 61 73 73 3d 22 74 6f 2d 6c 61 62 65 6c 22 20 74 72 61 6e 73 6c 61 74 65 3d 22 44 41 54 45 5f 52 41 4e 47 45 5f 50 49 43 4b 45 52 5f 53 49 4d 50 4c 45 5f 4c 41 42 45 4c 5f 54 4f 22 3e 3c 2f 6c 61 62 65 6c 3e 5c 6e 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 2d 67 72 6f 75 70 20 65 6e 64 2d 64 61 74 65 22 3e 5c 6e 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 2d 64 61 74 65 72 61 6e 67 65 20 69 6e 70 75 74 2d 67 72 6f 75 70 22 3e 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 63 6c 61 73 73 3d 22 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 22 20 6e 61 6d 65 3d 22 65 6e 64 22 20 6e 67 Data Ascii: tor"></div>\n\n <label class="to-label" translate="DATE_RANGE_PICKER_SIMPLE_LABEL_TO"></label>\n <div class="input-group end-date">\n <div class="input-daterange input-group">\n <input type="text" class="form-control" name="end" ng
2024-10-28 16:48:14 UTC	16384	IN	Data Raw: 74 68 20 7c 7c 20 64 6f 6d 61 69 6e 73 4d 61 6e 61 67 65 72 42 75 6c 6b 41 64 64 43 74 72 6c 2e 62 75 6c 6b 44 6f 6d 61 69 6e 73 43 6f 6c 6c 65 63 74 69 6f 6e 2e 76 61 6c 69 64 2e 6c 65 6e 67 74 68 20 3e 20 35 30 22 20 6e 67 2d 69 66 3d 22 64 6f 6d 61 69 6e 73 4d 61 6e 61 67 65 72 42 75 6c 6b 41 64 64 43 74 72 6c 2e 73 65 63 6f 6e 64 53 74 65 70 22 3e 3c 2f 62 75 74 74 6f 6e 3e 5c 6e 3c 2f 64 69 76 3e 27 29 7d 5d 29 2c 61 6e 67 75 6c 61 72 2e 6d 6f 64 75 6c 65 28 22 63 6f 6d 70 6f 6e 65 6e 74 73 2f 64 6f 6d 61 69 6e 73 2d 6d 61 6e 61 67 65 72 2f 6d 6f 64 61 6c 2f 77 69 7a 61 72 64 2d 73 74 65 70 73 2f 77 69 7a 61 72 64 2d 73 74 65 70 2d 30 31 2e 74 70 6c 2e 68 74 6d 6c 22 2c 5b 5d 29 2e 72 75 6e 28 5b 22 24 74 65 6d 70 6c 61 74 65 43 61 63 68 65 22 2c 66 Data Ascii: th \|\| domainsManagerBulkAddCtrl.bulkDomainsCollection.valid.length > 50" ng-if="domainsManagerBulkAddCtrl.secondStep"></button>\n</div>')}]),angular.module("components/domains-manager/modal/wizard-steps/wizard-step-01.tpl.html",[]).run(["$templateCache",f
2024-10-28 16:48:14 UTC	16384	IN	Data Raw: 6f 6d 70 6f 6e 65 6e 74 73 2f 69 6e 2d 61 70 70 2d 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2f 69 6e 2d 61 70 70 2d 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2e 74 70 6c 2e 68 74 6d 6c 22 2c 27 3c 64 69 76 20 69 64 3d 22 69 6e 2d 61 70 70 2d 6e 6f 74 69 66 69 63 61 74 69 6f 6e 22 20 63 6c 61 73 73 3d 22 67 72 6f 77 6c 2d 63 6f 6e 74 61 69 6e 65 72 22 20 6e 67 2d 63 6c 61 73 73 3d 22 77 72 61 70 70 65 72 43 6c 61 73 73 65 73 28 29 22 3e 5c 6e 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2d 69 74 65 6d 22 20 6e 67 2d 72 65 70 65 61 74 3d 22 6d 65 73 73 61 67 65 20 69 6e 20 6d 65 73 73 61 67 65 73 22 20 6e 67 2d 63 6c 61 73 73 3d 22 6d 65 73 73 61 67 65 2e 73 65 76 65 72 69 74 79 22 3e 5c 6e 20 20 20 20 20 20 20 20 3c 64 69 76 20 Data Ascii: omponents/in-app-notification/in-app-notification.tpl.html",'<div id="in-app-notification" class="growl-container" ng-class="wrapperClasses()">\n <div class="notification-item" ng-repeat="message in messages" ng-class="message.severity">\n <div
2024-10-28 16:48:14 UTC	16384	IN	Data Raw: 22 32 32 22 20 6e 67 2d 69 66 3d 22 63 74 72 6c 2e 73 65 6c 65 63 74 69 6f 6e 4f 70 74 69 6f 6e 73 2e 6c 65 6e 67 74 68 3e 30 22 20 6e 67 2d 69 6e 63 6c 75 64 65 3d 22 5c 27 63 6f 6d 70 6f 6e 65 6e 74 73 2f 6c 69 73 74 2d 64 65 74 61 69 6c 2f 6c 69 73 74 2f 74 6f 6f 6c 62 61 72 2f 6c 69 73 74 2d 74 6f 6f 6c 62 61 72 2e 74 70 6c 2e 68 74 6d 6c 5c 27 22 3e 3c 2f 64 69 76 3e 5c 6e 5c 6e 20 20 20 20 20 20 20 20 5c 78 33 63 21 2d 2d 20 53 43 52 4f 4c 4c 41 42 4c 45 20 45 4d 41 49 4c 20 4c 49 53 54 2d 2d 5c 78 33 65 5c 6e 20 20 20 20 20 20 20 20 3c 64 69 76 20 6d 63 2d 63 65 6e 74 65 72 20 6e 67 2d 69 6e 63 6c 75 64 65 3d 22 5c 27 63 6f 6d 70 6f 6e 65 6e 74 73 2f 6c 69 73 74 2d 64 65 74 61 69 6c 2f 6c 69 73 74 2f 6c 69 73 74 2e 74 70 6c 2e 68 74 6d 6c 5c 27 22 Data Ascii: "22" ng-if="ctrl.selectionOptions.length>0" ng-include="\'components/list-detail/list/toolbar/list-toolbar.tpl.html\'"></div>\n\n \x3c!-- SCROLLABLE EMAIL LIST--\x3e\n <div mc-center ng-include="\'components/list-detail/list/list.tpl.html\'"
2024-10-28 16:48:14 UTC	16384	IN	Data Raw: 64 69 73 63 6c 61 69 6d 65 72 2f 64 69 73 63 6c 61 69 6d 65 72 2e 74 70 6c 2e 68 74 6d 6c 22 2c 5b 5d 29 2e 72 75 6e 28 5b 22 24 74 65 6d 70 6c 61 74 65 43 61 63 68 65 22 2c 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6e 2e 70 75 74 28 22 63 6f 6d 70 6f 6e 65 6e 74 73 2f 6c 6f 67 69 6e 2f 64 69 73 63 6c 61 69 6d 65 72 2f 64 69 73 63 6c 61 69 6d 65 72 2e 74 70 6c 2e 68 74 6d 6c 22 2c 27 5c 78 33 63 21 2d 2d 20 3c 68 34 20 63 6c 61 73 73 3d 22 6e 6f 2d 6d 61 72 67 69 6e 2d 74 6f 70 22 20 74 72 61 6e 73 6c 61 74 65 3d 22 7b 7b 61 70 70 43 74 72 6c 2e 63 75 72 72 65 6e 74 4c 6f 67 69 6e 43 6f 6e 66 2e 64 69 73 63 6c 61 69 6d 65 72 54 69 74 6c 65 7d 7d 22 20 6e 67 2d 69 66 3d 22 21 61 70 70 43 74 72 6c 2e 62 72 61 6e 64 69 6e 67 2e 64 69 73 63 6c 61 69 6d 65 72 54 69 Data Ascii: disclaimer/disclaimer.tpl.html",[]).run(["$templateCache",function(n){n.put("components/login/disclaimer/disclaimer.tpl.html",'\x3c!-- <h4 class="no-margin-top" translate="{{appCtrl.currentLoginConf.disclaimerTitle}}" ng-if="!appCtrl.branding.disclaimerTi
2024-10-28 16:48:15 UTC	16384	IN	Data Raw: 4c 5f 53 54 45 50 31 5f 44 45 53 43 22 3e 3c 2f 73 70 61 6e 3e 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 63 6c 61 73 73 3d 22 63 75 72 73 6f 72 2d 70 6f 69 6e 74 65 72 22 20 6e 67 2d 63 6c 69 63 6b 3d 22 69 73 43 6f 6c 6c 61 70 73 65 64 20 3d 20 21 69 73 43 6f 6c 6c 61 70 73 65 64 22 3e 3c 73 70 61 6e 20 74 72 61 6e 73 6c 61 74 65 3d 22 4f 54 50 5f 48 45 4c 50 5f 4d 4f 44 41 4c 5f 53 54 45 50 31 5f 44 45 53 43 5f 4c 49 4e 4b 22 3e 3c 2f 73 70 61 6e 3e 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 22 20 6e 67 2d 63 6c 61 73 73 3d 22 69 73 43 6f 6c 6c 61 70 73 65 64 20 3f 20 5c 27 66 61 2d 61 6e 67 6c 65 2d 75 70 5c 27 20 3a 20 5c 27 66 61 2d 61 6e 67 6c 65 2d 64 6f 77 6e 5c 27 22 3e 3c 2f 69 3e 3c 2f 61 3e 5c 6e 20 20 20 20 20 20 20 20 20 20 Data Ascii: L_STEP1_DESC"></span>\n <a class="cursor-pointer" ng-click="isCollapsed = !isCollapsed"><span translate="OTP_HELP_MODAL_STEP1_DESC_LINK"></span> <i class="fa" ng-class="isCollapsed ? \'fa-angle-up\' : \'fa-angle-down\'"></i></a>\n
2024-10-28 16:48:15 UTC	16384	IN	Data Raw: 64 69 76 20 6e 67 2d 69 66 3d 22 21 6d 6f 64 61 6c 41 63 63 6f 75 6e 74 53 75 70 70 6f 72 74 43 74 72 6c 2e 69 73 4c 6f 61 64 69 6e 67 22 20 63 6c 61 73 73 3d 22 6d 6f 64 61 6c 2d 62 6f 64 79 20 6d 63 2d 61 63 63 6f 75 6e 74 2d 73 75 70 70 6f 72 74 2d 73 65 72 76 69 63 65 22 3e 5c 6e 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 2d 66 6c 75 69 64 22 3e 5c 6e 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 3e 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 6d 64 2d 36 22 3e 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 74 61 62 6c 65 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 20 74 61 62 6c 65 2d 61 72 65 61 22 3e 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: div ng-if="!modalAccountSupportCtrl.isLoading" class="modal-body mc-account-support-service">\n <div class="container-fluid">\n <div class="row">\n <div class="col-md-6">\n <table class="table table-area">\n
2024-10-28 16:48:15 UTC	16384	IN	Data Raw: 6e 73 2e 6d 65 73 73 61 67 65 42 6f 78 49 63 6f 6e 43 6c 61 73 73 7d 7d 22 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 74 69 74 6c 65 3d 22 7b 7b 20 66 65 65 64 62 61 63 6b 43 74 72 6c 2e 69 6e 6c 69 6e 65 4e 6f 74 69 66 69 63 61 74 69 6f 6e 4f 70 74 69 6f 6e 73 2e 6d 65 73 73 61 67 65 42 6f 78 54 69 74 6c 65 20 7c 20 74 72 61 6e 73 6c 61 74 65 20 7d 7d 22 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 69 73 2d 76 69 73 69 62 6c 65 3d 22 66 65 65 64 62 61 63 6b 43 74 72 6c 2e 69 6e 6c 69 6e 65 4e 6f 74 69 66 69 63 61 74 69 6f 6e 4f 70 74 69 6f 6e 73 2e 6d 65 73 73 61 67 65 42 6f 78 56 69 73 69 62 69 6c 69 74 79 22 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 68 69 64 65 2d 63 6c 6f 73 65 2d 62 75 74 74 6f 6e 3d 22 66 65 65 64 62 61 63 6b 43 74 72 6c 2e 69 6e 6c 69 Data Ascii: ns.messageBoxIconClass}}"\n title="{{ feedbackCtrl.inlineNotificationOptions.messageBoxTitle \| translate }}"\n is-visible="feedbackCtrl.inlineNotificationOptions.messageBoxVisibility"\n hide-close-button="feedbackCtrl.inli
2024-10-28 16:48:15 UTC	16384	IN	Data Raw: 66 65 72 65 6e 63 65 73 28 29 22 20 64 61 74 61 2d 64 69 73 6d 69 73 73 3d 22 6d 6f 64 61 6c 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 3e 3c 2f 62 75 74 74 6f 6e 3e 5c 6e 20 20 20 20 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 62 74 6e 2d 64 65 66 61 75 6c 74 22 20 64 61 74 61 2d 64 69 73 6d 69 73 73 3d 22 6d 6f 64 61 6c 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 74 72 61 6e 73 6c 61 74 65 3d 22 24 49 31 38 4e 5f 43 4f 4d 4d 4f 4e 5f 42 54 4e 5f 43 41 4e 43 45 4c 22 20 6e 67 2d 63 6c 69 63 6b 3d 22 24 63 6c 6f 73 65 28 29 22 3e 3c 2f 62 75 74 74 6f 6e 3e 5c 6e 5c 6e 3c 2f 64 69 76 3e 5c 6e 27 29 7d 5d 29 2c 61 6e 67 75 6c 61 Data Ascii: ferences()" data-dismiss="modal" aria-hidden="true"></button>\n <button type="submit" class="btn btn-default" data-dismiss="modal" aria-hidden="true"\n translate="$I18N_COMMON_BTN_CANCEL" ng-click="$close()"></button>\n\n</div>\n')}]),angula

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:15 UTC	589	OUT	GET /agent/static/0600cd7b-e6b2-4ba9-4249-ab1342c3631b/pendo.js HTTP/1.1 Host: cdn.pendo.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://secure-portal.login-us.mimecast.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:15 UTC	947	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 16:48:15 GMT Last-Modified: Thu, 24 Oct 2024 19:12:53 GMT ETag: W/"7085ba76362f56c3da4201beefb2f1d8" Vary: Accept-Encoding x-goog-generation: 1729797173876040 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 168830 Content-Type: application/javascript; charset=utf-8 x-goog-hash: crc32c=STvKFA== x-goog-hash: md5=cIW6djYvVsPaQgG+77Lx2A== x-goog-storage-class: STANDARD Access-Control-Allow-Origin: * Access-Control-Expose-Headers: * X-GUploader-Response-Body-Transformations: gunzipped Warning: 214 UploadServer gunzipped X-GUploader-UploadID: AHmUCY1fJyb1Uvui5biqex8eYNKFyqGSORXceZ7uBDYiEbVFujPAz0qge-NrZanaO8nL94ahrec Server: UploadServer Cache-Control: public,max-age=450 Strict-Transport-Security: max-age=63072000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close Transfer-Encoding: chunked
2024-10-28 16:48:15 UTC	431	IN	Data Raw: 61 35 33 0d 0a 2f 2f 20 50 65 6e 64 6f 20 41 67 65 6e 74 20 57 72 61 70 70 65 72 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 32 30 32 34 20 50 65 6e 64 6f 2e 69 6f 2c 20 49 6e 63 2e 0a 2f 2f 20 45 6e 76 69 72 6f 6e 6d 65 6e 74 3a 20 20 20 20 70 72 6f 64 75 63 74 69 6f 6e 0a 2f 2f 20 41 67 65 6e 74 20 56 65 72 73 69 6f 6e 3a 20 20 32 2e 32 35 32 2e 30 0a 2f 2f 20 49 6e 73 74 61 6c 6c 65 64 3a 20 20 20 20 20 20 32 30 32 34 2d 31 30 2d 32 34 54 31 39 3a 31 32 3a 35 30 5a 0a 28 66 75 6e 63 74 69 6f 6e 20 28 50 65 6e 64 6f 43 6f 6e 66 69 67 29 20 7b 0a 2f 2a 0a 40 6c 69 63 65 6e 73 65 20 68 74 74 70 73 3a 2f 2f 61 67 65 6e 74 2e 70 65 6e 64 6f 2e 69 6f 2f 6c 69 63 65 6e 73 65 73 0a 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 72 77 2c 6f 77 2c 61 77 29 7b 21 66 75 6e Data Ascii: a53// Pendo Agent Wrapper// Copyright 2024 Pendo.io, Inc.// Environment: production// Agent Version: 2.252.0// Installed: 2024-10-24T19:12:50Z(function (PendoConfig) {/@license https://agent.pendo.io/licenses/!function(rw,ow,aw){!fun
2024-10-28 16:48:15 UTC	1378	IN	Data Raw: 70 65 2e 74 6f 53 74 72 69 6e 67 2e 63 61 6c 6c 28 74 68 69 73 29 29 72 65 74 75 72 6e 20 54 2e 63 61 6c 6c 28 74 68 69 73 2c 65 2c 74 29 3b 76 61 72 20 6e 2c 69 3d 5b 5d 2c 72 3d 74 68 69 73 2e 6c 65 6e 67 74 68 2c 6f 3d 65 7c 7c 30 2c 61 3d 28 74 3c 30 3f 72 2b 74 3a 74 7c 7c 72 29 2d 28 6f 3d 30 3c 3d 6f 3f 6f 3a 72 2b 6f 29 3b 69 66 28 30 3c 61 29 69 66 28 69 3d 6e 65 77 20 41 72 72 61 79 28 61 29 2c 74 68 69 73 2e 63 68 61 72 41 74 29 66 6f 72 28 6e 3d 30 3b 6e 3c 61 3b 6e 2b 2b 29 69 5b 6e 5d 3d 74 68 69 73 2e 63 68 61 72 41 74 28 6f 2b 6e 29 3b 65 6c 73 65 20 66 6f 72 28 6e 3d 30 3b 6e 3c 61 3b 6e 2b 2b 29 69 5b 6e 5d 3d 74 68 69 73 5b 6f 2b 6e 5d 3b 72 65 74 75 72 6e 20 69 7d 7d 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 74 72 69 6d 7c 7c Data Ascii: pe.toString.call(this))return T.call(this,e,t);var n,i=[],r=this.length,o=e\|\|0,a=(t<0?r+t:t\|\|r)-(o=0<=o?o:r+o);if(0<a)if(i=new Array(a),this.charAt)for(n=0;n<a;n++)i[n]=this.charAt(o+n);else for(n=0;n<a;n++)i[n]=this[o+n];return i}}String.prototype.trim\|\|
2024-10-28 16:48:15 UTC	841	IN	Data Raw: 5b 5d 2c 61 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 6c 28 21 30 29 2e 75 70 64 61 74 65 28 65 29 5b 74 5d 28 29 7d 7d 2c 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 61 28 22 68 65 78 22 29 3b 28 74 3d 69 3f 63 28 74 29 3a 74 29 2e 63 72 65 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 6c 7d 2c 74 2e 75 70 64 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 2e 63 72 65 61 74 65 28 29 2e 75 70 64 61 74 65 28 65 29 7d 3b 66 6f 72 28 76 61 72 20 65 3d 30 3b 65 3c 72 2e 6c 65 6e 67 74 68 3b 2b 2b 65 29 7b 76 61 72 20 6e 3d 72 5b 65 5d 3b 74 5b 6e 5d 3d 61 28 6e 29 7d 72 65 74 75 72 6e 20 74 7d 2c 63 3d 66 Data Ascii: [],a=function(t){return function(e){return new l(!0).update(e)[t]()}},d=function(){var t=a("hex");(t=i?c(t):t).create=function(){return new l},t.update=function(e){return t.create().update(e)};for(var e=0;e<r.length;++e){var n=r[e];t[n]=a(n)}return t},c=f
2024-10-28 16:48:15 UTC	1378	IN	Data Raw: 38 30 30 30 0d 0a 3d 33 32 38 35 33 37 37 35 32 30 2c 74 68 69 73 2e 62 6c 6f 63 6b 3d 74 68 69 73 2e 73 74 61 72 74 3d 74 68 69 73 2e 62 79 74 65 73 3d 74 68 69 73 2e 68 42 79 74 65 73 3d 30 2c 74 68 69 73 2e 66 69 6e 61 6c 69 7a 65 64 3d 74 68 69 73 2e 68 61 73 68 65 64 3d 21 31 2c 74 68 69 73 2e 66 69 72 73 74 3d 21 30 7d 6c 2e 70 72 6f 74 6f 74 79 70 65 2e 75 70 64 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 74 68 69 73 2e 66 69 6e 61 6c 69 7a 65 64 29 7b 66 6f 72 28 76 61 72 20 74 2c 6e 2c 69 3d 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 2c 72 3d 30 2c 6f 3d 28 65 3d 69 26 26 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 73 2e 41 72 72 61 79 42 75 66 66 65 72 3f 6e 65 77 20 55 69 6e 74 38 41 72 72 61 79 28 65 29 3a 65 29 Data Ascii: 8000=3285377520,this.block=this.start=this.bytes=this.hBytes=0,this.finalized=this.hashed=!1,this.first=!0}l.prototype.update=function(e){if(!this.finalized){for(var t,n,i="string"!=typeof e,r=0,o=(e=i&&e.constructor===s.ArrayBuffer?new Uint8Array(e):e)
2024-10-28 16:48:15 UTC	1378	IN	Data Raw: 74 65 73 3c 3c 33 7c 74 68 69 73 2e 62 79 74 65 73 3e 3e 3e 32 39 2c 65 5b 31 35 5d 3d 74 68 69 73 2e 62 79 74 65 73 3c 3c 33 2c 74 68 69 73 2e 68 61 73 68 28 29 29 7d 2c 6c 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 68 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 65 2c 74 3d 74 68 69 73 2e 68 30 2c 6e 3d 74 68 69 73 2e 68 31 2c 69 3d 74 68 69 73 2e 68 32 2c 72 3d 74 68 69 73 2e 68 33 2c 6f 3d 74 68 69 73 2e 68 34 2c 61 3d 74 68 69 73 2e 62 6c 6f 63 6b 73 2c 73 3d 31 36 3b 73 3c 38 30 3b 2b 2b 73 29 65 3d 61 5b 73 2d 33 5d 5e 61 5b 73 2d 38 5d 5e 61 5b 73 2d 31 34 5d 5e 61 5b 73 2d 31 36 5d 2c 61 5b 73 5d 3d 65 3c 3c 31 7c 65 3e 3e 3e 33 31 3b 66 6f 72 28 73 3d 30 3b 73 3c 32 30 3b 73 2b 3d 35 29 74 3d 28 65 3d 28 6e 3d 28 65 3d 28 69 3d 28 Data Ascii: tes<<3\|this.bytes>>>29,e[15]=this.bytes<<3,this.hash())},l.prototype.hash=function(){for(var e,t=this.h0,n=this.h1,i=this.h2,r=this.h3,o=this.h4,a=this.blocks,s=16;s<80;++s)e=a[s-3]^a[s-8]^a[s-14]^a[s-16],a[s]=e<<1\|e>>>31;for(s=0;s<20;s+=5)t=(e=(n=(e=(i=(
2024-10-28 16:48:15 UTC	1378	IN	Data Raw: 34 39 37 35 31 34 2b 61 5b 73 2b 31 5d 3c 3c 30 29 3c 3c 35 7c 72 3e 3e 3e 32 37 29 2b 28 6f 5e 28 74 3d 74 3c 3c 33 30 7c 74 3e 3e 3e 32 29 5e 6e 29 2b 69 2d 38 39 39 34 39 37 35 31 34 2b 61 5b 73 2b 32 5d 3c 3c 30 29 3c 3c 35 7c 69 3e 3e 3e 32 37 29 2b 28 72 5e 28 6f 3d 6f 3c 3c 33 30 7c 6f 3e 3e 3e 32 29 5e 74 29 2b 6e 2d 38 39 39 34 39 37 35 31 34 2b 61 5b 73 2b 33 5d 3c 3c 30 29 3c 3c 35 7c 6e 3e 3e 3e 32 37 29 2b 28 69 5e 28 72 3d 72 3c 3c 33 30 7c 72 3e 3e 3e 32 29 5e 6f 29 2b 74 2d 38 39 39 34 39 37 35 31 34 2b 61 5b 73 2b 34 5d 3c 3c 30 2c 69 3d 69 3c 3c 33 30 7c 69 3e 3e 3e 32 3b 74 68 69 73 2e 68 30 3d 74 68 69 73 2e 68 30 2b 74 3c 3c 30 2c 74 68 69 73 2e 68 31 3d 74 68 69 73 2e 68 31 2b 6e 3c 3c 30 2c 74 68 69 73 2e 68 32 3d 74 68 69 73 2e 68 Data Ascii: 497514+a[s+1]<<0)<<5\|r>>>27)+(o^(t=t<<30\|t>>>2)^n)+i-899497514+a[s+2]<<0)<<5\|i>>>27)+(r^(o=o<<30\|o>>>2)^t)+n-899497514+a[s+3]<<0)<<5\|n>>>27)+(i^(r=r<<30\|r>>>2)^o)+t-899497514+a[s+4]<<0,i=i<<30\|i>>>2;this.h0=this.h0+t<<0,this.h1=this.h1+n<<0,this.h2=this.h
2024-10-28 16:48:15 UTC	1378	IN	Data Raw: 38 2c 74 68 69 73 2e 68 32 29 2c 74 2e 73 65 74 55 69 6e 74 33 32 28 31 32 2c 74 68 69 73 2e 68 33 29 2c 74 2e 73 65 74 55 69 6e 74 33 32 28 31 36 2c 74 68 69 73 2e 68 34 29 2c 65 7d 3b 76 61 72 20 66 3d 64 28 29 3b 65 3f 70 2e 65 78 70 6f 72 74 73 3d 66 3a 73 2e 73 68 61 31 3d 66 7d 28 29 7d 28 74 29 2c 74 2e 65 78 70 6f 72 74 73 29 2c 52 3d 65 28 69 29 2c 72 2c 6f 3d 7b 63 72 65 61 74 65 53 63 72 69 70 74 55 52 4c 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 7d 2c 63 72 65 61 74 65 48 54 4d 4c 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 7d 7d 3b 66 75 6e 63 74 69 6f 6e 20 78 65 28 65 29 7b 72 65 74 75 72 6e 20 72 7c 7c 28 72 3d 65 2e 74 72 75 73 74 65 64 54 79 70 65 73 50 6f 6c 69 63 79 7c 7c 28 72 77 2e 74 72 75 73 Data Ascii: 8,this.h2),t.setUint32(12,this.h3),t.setUint32(16,this.h4),e};var f=d();e?p.exports=f:s.sha1=f}()}(t),t.exports),R=e(i),r,o={createScriptURL:function(e){return e},createHTML:function(e){return e}};function xe(e){return r\|\|(r=e.trustedTypesPolicy\|\|(rw.trus
2024-10-28 16:48:15 UTC	1378	IN	Data Raw: 69 66 28 28 73 3d 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 73 3f 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 73 2b 22 24 22 29 3a 73 29 69 6e 73 74 61 6e 63 65 6f 66 20 52 65 67 45 78 70 26 26 73 2e 74 65 73 74 28 74 2e 68 6f 73 74 29 29 72 65 74 75 72 6e 21 30 7d 72 65 74 75 72 6e 21 31 7d 66 75 6e 63 74 69 6f 6e 20 7a 28 65 29 7b 72 65 74 75 72 6e 20 41 2e 75 69 6e 74 38 54 6f 42 61 73 65 36 34 28 52 2e 63 72 65 61 74 65 28 29 2e 75 70 64 61 74 65 28 65 29 2e 64 69 67 65 73 74 28 29 29 7d 66 75 6e 63 74 69 6f 6e 20 48 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 65 2e 73 74 61 67 69 6e 67 41 67 65 6e 74 55 72 6c 26 26 65 5b 4c 5d 7d 66 75 6e 63 74 69 6f 6e 20 6a 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 65 2e 73 74 61 67 69 6e 67 41 67 65 6e 74 Data Ascii: if((s="string"==typeof s?new RegExp("^"+s+"$"):s)instanceof RegExp&&s.test(t.host))return!0}return!1}function z(e){return A.uint8ToBase64(R.create().update(e).digest())}function H(e){return e&&e.stagingAgentUrl&&e[L]}function j(e){return e&&e.stagingAgent
2024-10-28 16:48:15 UTC	1378	IN	Data Raw: 6e 20 6e 7d 72 65 74 75 72 6e 20 67 65 28 65 5b 74 5d 2c 65 29 7d 28 72 77 29 2c 6d 65 3d 7b 65 78 70 6f 72 74 73 3a 7b 7d 7d 2c 76 65 3d 28 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3b 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 73 65 6c 66 26 26 73 65 6c 66 2e 73 65 6c 66 3d 3d 3d 73 65 6c 66 26 26 73 65 6c 66 7c 7c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 42 74 26 26 42 74 2e 67 6c 6f 62 61 6c 3d 3d 3d 42 74 26 26 42 74 7c 7c 46 75 6e 63 74 69 6f 6e 28 22 72 65 74 75 72 6e 20 74 68 69 73 22 29 28 29 7c 7c 7b 7d 2c 69 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2c 46 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2c 44 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 Data Ascii: n n}return ge(e[t],e)}(rw),me={exports:{}},ve=(!function(){var e;e=function(){var e="object"==typeof self&&self.self===self&&self\|\|"object"==typeof Bt&&Bt.global===Bt&&Bt\|\|Function("return this")()\|\|{},i=Array.prototype,F=Object.prototype,D="undefined"!=t
2024-10-28 16:48:15 UTC	1378	IN	Data Raw: 6f 72 22 29 2c 6e 65 3d 72 28 22 53 79 6d 62 6f 6c 22 29 2c 69 65 3d 72 28 22 41 72 72 61 79 42 75 66 66 65 72 22 29 2c 61 3d 72 28 22 46 75 6e 63 74 69 6f 6e 22 29 2c 65 3d 65 2e 64 6f 63 75 6d 65 6e 74 26 26 65 2e 64 6f 63 75 6d 65 6e 74 2e 63 68 69 6c 64 4e 6f 64 65 73 2c 66 3d 61 3d 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 2f 2e 2f 26 26 22 6f 62 6a 65 63 74 22 21 3d 74 79 70 65 6f 66 20 49 6e 74 38 41 72 72 61 79 26 26 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 65 3f 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 7c 7c 21 31 7d 3a 61 2c 65 3d 72 28 22 4f 62 6a 65 63 74 22 29 2c 72 65 3d 6e 26 26 65 28 6e 65 77 20 44 61 74 61 56 69 65 77 28 6e 65 77 20 41 72 Data Ascii: or"),ne=r("Symbol"),ie=r("ArrayBuffer"),a=r("Function"),e=e.document&&e.document.childNodes,f=a="function"!=typeof/./&&"object"!=typeof Int8Array&&"function"!=typeof e?function(e){return"function"==typeof e\|\|!1}:a,e=r("Object"),re=n&&e(new DataView(new Ar

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:15 UTC	418	OUT	GET /u/login/cache.4d1a22494c68b269520ec72ef3757433.login-lib.js HTTP/1.1 Host: secure-portal.login-us.mimecast.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:16 UTC	472	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 16:48:16 GMT Content-Type: application/javascript Content-Length: 866072 Connection: close Cache-Control: max-age=20160 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Last-Modified: Thu, 22 Aug 2024 16:43:12 GMT ETag: W/"zKPc/sTQCLMzKPdb74lvqs" Accept-Ranges: bytes Vary: Accept-Encoding, User-Agent
2024-10-28 16:48:16 UTC	15912	IN	Data Raw: 69 66 28 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 65 2e 64 6f 63 75 6d 65 6e 74 29 72 65 74 75 72 6e 20 74 28 65 29 3b 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 20 72 65 71 75 69 72 65 73 20 61 20 77 69 6e 64 6f 77 20 77 69 74 68 20 61 20 64 6f 63 75 6d 65 6e 74 22 29 7d 3a 74 28 65 29 7d 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 3f 77 Data Ascii: if(!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(e.document)return t(e);throw new Error("jQuery requires a window with a document")}:t(e)}("undefined"!=typeof window?w
2024-10-28 16:48:16 UTC	16384	IN	Data Raw: 28 61 5b 45 5d 3d 7b 7d 29 29 5b 61 2e 75 6e 69 71 75 65 49 44 5d 7c 7c 28 6f 5b 61 2e 75 6e 69 71 75 65 49 44 5d 3d 7b 7d 29 29 5b 68 5d 7c 7c 5b 5d 29 5b 30 5d 3d 3d 3d 5f 26 26 72 5b 31 5d 29 26 26 72 5b 32 5d 2c 61 3d 73 26 26 63 2e 63 68 69 6c 64 4e 6f 64 65 73 5b 73 5d 3b 61 3d 2b 2b 73 26 26 61 26 26 61 5b 6c 5d 7c 7c 28 66 3d 73 3d 30 29 7c 7c 75 2e 70 6f 70 28 29 3b 29 69 66 28 31 3d 3d 3d 61 2e 6e 6f 64 65 54 79 70 65 26 26 2b 2b 66 26 26 61 3d 3d 3d 65 29 7b 69 5b 68 5d 3d 5b 5f 2c 73 2c 66 5d 3b 62 72 65 61 6b 7d 7d 65 6c 73 65 20 69 66 28 21 31 3d 3d 3d 28 66 3d 70 3f 73 3d 28 72 3d 28 69 3d 28 6f 3d 28 61 3d 65 29 5b 45 5d 7c 7c 28 61 5b 45 5d 3d 7b 7d 29 29 5b 61 2e 75 6e 69 71 75 65 49 44 5d 7c 7c 28 6f 5b 61 2e 75 6e 69 71 75 65 49 44 5d Data Ascii: (a[E]={}))[a.uniqueID]\|\|(o[a.uniqueID]={}))[h]\|\|[])[0]===_&&r[1])&&r[2],a=s&&c.childNodes[s];a=++s&&a&&a[l]\|\|(f=s=0)\|\|u.pop();)if(1===a.nodeType&&++f&&a===e){i[h]=[_,s,f];break}}else if(!1===(f=p?s=(r=(i=(o=(a=e)[E]\|\|(a[E]={}))[a.uniqueID]\|\|(o[a.uniqueID]
2024-10-28 16:48:16 UTC	16384	IN	Data Raw: 6e 63 74 69 6f 6e 20 24 28 65 29 7b 72 65 74 75 72 6e 20 65 2e 72 65 70 6c 61 63 65 28 6c 65 2c 22 6d 73 2d 22 29 2e 72 65 70 6c 61 63 65 28 63 65 2c 64 65 29 7d 66 75 6e 63 74 69 6f 6e 20 76 28 65 29 7b 72 65 74 75 72 6e 20 31 3d 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 7c 7c 39 3d 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 7c 7c 21 2b 65 2e 6e 6f 64 65 54 79 70 65 7d 66 75 6e 63 74 69 6f 6e 20 70 65 28 29 7b 74 68 69 73 2e 65 78 70 61 6e 64 6f 3d 43 2e 65 78 70 61 6e 64 6f 2b 70 65 2e 75 69 64 2b 2b 7d 70 65 2e 75 69 64 3d 31 2c 70 65 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 63 61 63 68 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 5b 74 68 69 73 2e 65 78 70 61 6e 64 6f 5d 3b 72 65 74 75 72 6e 20 74 7c 7c 28 74 3d 7b 7d 2c 76 28 65 29 26 26 28 65 2e 6e Data Ascii: nction $(e){return e.replace(le,"ms-").replace(ce,de)}function v(e){return 1===e.nodeType\|\|9===e.nodeType\|\|!+e.nodeType}function pe(){this.expando=C.expando+pe.uid++}pe.uid=1,pe.prototype={cache:function(e){var t=e[this.expando];return t\|\|(t={},v(e)&&(e.n
2024-10-28 16:48:16 UTC	16384	IN	Data Raw: 3b 69 66 28 74 29 69 66 28 6e 29 66 6f 72 28 6f 3d 6f 7c 7c 41 28 65 29 2c 61 3d 61 7c 7c 41 28 63 29 2c 72 3d 30 2c 69 3d 6f 2e 6c 65 6e 67 74 68 3b 72 3c 69 3b 72 2b 2b 29 6a 65 28 6f 5b 72 5d 2c 61 5b 72 5d 29 3b 65 6c 73 65 20 6a 65 28 65 2c 63 29 3b 72 65 74 75 72 6e 20 30 3c 28 61 3d 41 28 63 2c 22 73 63 72 69 70 74 22 29 29 2e 6c 65 6e 67 74 68 26 26 78 65 28 61 2c 21 64 26 26 41 28 65 2c 22 73 63 72 69 70 74 22 29 29 2c 63 7d 2c 63 6c 65 61 6e 44 61 74 61 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 2c 6e 2c 72 2c 69 3d 43 2e 65 76 65 6e 74 2e 73 70 65 63 69 61 6c 2c 6f 3d 30 3b 76 6f 69 64 20 30 21 3d 3d 28 6e 3d 65 5b 6f 5d 29 3b 6f 2b 2b 29 69 66 28 76 28 6e 29 29 7b 69 66 28 74 3d 6e 5b 62 2e 65 78 70 61 6e 64 6f 5d 29 7b Data Ascii: ;if(t)if(n)for(o=o\|\|A(e),a=a\|\|A(c),r=0,i=o.length;r<i;r++)je(o[r],a[r]);else je(e,c);return 0<(a=A(c,"script")).length&&xe(a,!d&&A(e,"script")),c},cleanData:function(e){for(var t,n,r,i=C.event.special,o=0;void 0!==(n=e[o]);o++)if(v(n)){if(t=n[b.expando]){
2024-10-28 16:48:16 UTC	16384	IN	Data Raw: 6c 6c 3d 3d 3d 6e 3f 76 6f 69 64 20 43 2e 72 65 6d 6f 76 65 41 74 74 72 28 65 2c 74 29 3a 69 26 26 22 73 65 74 22 69 6e 20 69 26 26 76 6f 69 64 20 30 21 3d 3d 28 72 3d 69 2e 73 65 74 28 65 2c 6e 2c 74 29 29 3f 72 3a 28 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 74 2c 6e 2b 22 22 29 2c 6e 29 3a 21 28 69 26 26 22 67 65 74 22 69 6e 20 69 26 26 6e 75 6c 6c 21 3d 3d 28 72 3d 69 2e 67 65 74 28 65 2c 74 29 29 29 26 26 6e 75 6c 6c 3d 3d 28 72 3d 43 2e 66 69 6e 64 2e 61 74 74 72 28 65 2c 74 29 29 3f 76 6f 69 64 20 30 3a 72 29 7d 2c 61 74 74 72 48 6f 6f 6b 73 3a 7b 74 79 70 65 3a 7b 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3b 69 66 28 21 67 2e 72 61 64 69 6f 56 61 6c 75 65 26 26 22 72 61 64 69 6f 22 3d 3d 3d 74 26 26 75 28 65 2c 22 69 Data Ascii: ll===n?void C.removeAttr(e,t):i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:(e.setAttribute(t,n+""),n):!(i&&"get"in i&&null!==(r=i.get(e,t)))&&null==(r=C.find.attr(e,t))?void 0:r)},attrHooks:{type:{set:function(e,t){var n;if(!g.radioValue&&"radio"===t&&u(e,"i
2024-10-28 16:48:16 UTC	16384	IN	Data Raw: 22 6e 75 6d 62 65 72 22 21 3d 74 79 70 65 6f 66 20 72 2e 73 74 61 74 75 73 3f 74 28 30 2c 22 65 72 72 6f 72 22 29 3a 74 28 72 2e 73 74 61 74 75 73 2c 72 2e 73 74 61 74 75 73 54 65 78 74 29 3a 74 28 47 74 5b 72 2e 73 74 61 74 75 73 5d 7c 7c 72 2e 73 74 61 74 75 73 2c 72 2e 73 74 61 74 75 73 54 65 78 74 2c 22 74 65 78 74 22 21 3d 3d 28 72 2e 72 65 73 70 6f 6e 73 65 54 79 70 65 7c 7c 22 74 65 78 74 22 29 7c 7c 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 72 2e 72 65 73 70 6f 6e 73 65 54 65 78 74 3f 7b 62 69 6e 61 72 79 3a 72 2e 72 65 73 70 6f 6e 73 65 7d 3a 7b 74 65 78 74 3a 72 2e 72 65 73 70 6f 6e 73 65 54 65 78 74 7d 2c 72 2e 67 65 74 41 6c 6c 52 65 73 70 6f 6e 73 65 48 65 61 64 65 72 73 28 29 29 29 7d 7d 2c 72 2e 6f 6e 6c 6f 61 64 3d 6f 28 29 2c 61 Data Ascii: "number"!=typeof r.status?t(0,"error"):t(r.status,r.statusText):t(Gt[r.status]\|\|r.status,r.statusText,"text"!==(r.responseType\|\|"text")\|\|"string"!=typeof r.responseText?{binary:r.response}:{text:r.responseText},r.getAllResponseHeaders()))}},r.onload=o(),a
2024-10-28 16:48:16 UTC	16384	IN	Data Raw: 74 75 72 6e 2d 31 7d 2c 72 28 22 4d 22 2c 5b 22 4d 4d 22 2c 32 5d 2c 22 4d 6f 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6d 6f 6e 74 68 28 29 2b 31 7d 29 2c 72 28 22 4d 4d 4d 22 2c 30 2c 30 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6c 6f 63 61 6c 65 44 61 74 61 28 29 2e 6d 6f 6e 74 68 73 53 68 6f 72 74 28 74 68 69 73 2c 65 29 7d 29 2c 72 28 22 4d 4d 4d 4d 22 2c 30 2c 30 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6c 6f 63 61 6c 65 44 61 74 61 28 29 2e 6d 6f 6e 74 68 73 28 74 68 69 73 2c 65 29 7d 29 2c 79 28 22 4d 22 2c 6e 2c 67 29 2c 79 28 22 4d 4d 22 2c 6e 2c 74 29 2c 79 28 22 4d 4d 4d 22 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 2e Data Ascii: turn-1},r("M",["MM",2],"Mo",function(){return this.month()+1}),r("MMM",0,0,function(e){return this.localeData().monthsShort(this,e)}),r("MMMM",0,0,function(e){return this.localeData().months(this,e)}),y("M",n,g),y("MM",n,t),y("MMM",function(e,t){return t.
2024-10-28 16:48:16 UTC	16384	IN	Data Raw: 5b 22 2d 22 2c 30 2c 30 5d 29 5b 31 5d 2b 77 28 65 5b 32 5d 29 29 3f 30 3a 22 2b 22 3d 3d 3d 65 5b 30 5d 3f 74 3a 2d 74 7d 66 75 6e 63 74 69 6f 6e 20 42 74 28 65 2c 74 29 7b 76 61 72 20 6e 3b 72 65 74 75 72 6e 20 74 2e 5f 69 73 55 54 43 3f 28 74 3d 74 2e 63 6c 6f 6e 65 28 29 2c 6e 3d 28 63 28 65 29 7c 7c 6a 28 65 29 3f 65 3a 46 28 65 29 29 2e 76 61 6c 75 65 4f 66 28 29 2d 74 2e 76 61 6c 75 65 4f 66 28 29 2c 74 2e 5f 64 2e 73 65 74 54 69 6d 65 28 74 2e 5f 64 2e 76 61 6c 75 65 4f 66 28 29 2b 6e 29 2c 66 2e 75 70 64 61 74 65 4f 66 66 73 65 74 28 74 2c 21 31 29 2c 74 29 3a 46 28 65 29 2e 6c 6f 63 61 6c 28 29 7d 66 75 6e 63 74 69 6f 6e 20 55 74 28 65 29 7b 72 65 74 75 72 6e 2d 4d 61 74 68 2e 72 6f 75 6e 64 28 65 2e 5f 64 2e 67 65 74 54 69 6d 65 7a 6f 6e 65 4f Data Ascii: ["-",0,0])[1]+w(e[2]))?0:"+"===e[0]?t:-t}function Bt(e,t){var n;return t._isUTC?(t=t.clone(),n=(c(e)\|\|j(e)?e:F(e)).valueOf()-t.valueOf(),t._d.setTime(t._d.valueOf()+n),f.updateOffset(t,!1),t):F(e).local()}function Ut(e){return-Math.round(e._d.getTimezoneO
2024-10-28 16:48:16 UTC	16384	IN	Data Raw: 6e 75 6c 6c 3d 3d 3d 28 65 3d 6a 74 28 44 65 2c 65 29 29 29 72 65 74 75 72 6e 20 74 68 69 73 7d 65 6c 73 65 20 4d 61 74 68 2e 61 62 73 28 65 29 3c 31 36 26 26 21 6e 26 26 28 65 2a 3d 36 30 29 3b 72 65 74 75 72 6e 21 74 68 69 73 2e 5f 69 73 55 54 43 26 26 74 26 26 28 72 3d 55 74 28 74 68 69 73 29 29 2c 74 68 69 73 2e 5f 6f 66 66 73 65 74 3d 65 2c 74 68 69 73 2e 5f 69 73 55 54 43 3d 21 30 2c 6e 75 6c 6c 21 3d 72 26 26 74 68 69 73 2e 61 64 64 28 72 2c 22 6d 22 29 2c 69 21 3d 3d 65 26 26 28 21 74 7c 7c 74 68 69 73 2e 5f 63 68 61 6e 67 65 49 6e 50 72 6f 67 72 65 73 73 3f 47 74 28 74 68 69 73 2c 49 28 65 2d 69 2c 22 6d 22 29 2c 31 2c 21 31 29 3a 74 68 69 73 2e 5f 63 68 61 6e 67 65 49 6e 50 72 6f 67 72 65 73 73 7c 7c 28 74 68 69 73 2e 5f 63 68 61 6e 67 65 49 6e Data Ascii: null===(e=jt(De,e)))return this}else Math.abs(e)<16&&!n&&(e*=60);return!this._isUTC&&t&&(r=Ut(this)),this._offset=e,this._isUTC=!0,null!=r&&this.add(r,"m"),i!==e&&(!t\|\|this._changeInProgress?Gt(this,I(e-i,"m"),1,!1):this._changeInProgress\|\|(this._changeIn
2024-10-28 16:48:16 UTC	16384	IN	Data Raw: 54 69 6d 65 54 68 72 65 73 68 6f 6c 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 21 3d 3d 45 6e 5b 65 5d 26 26 28 76 6f 69 64 20 30 3d 3d 3d 74 3f 45 6e 5b 65 5d 3a 28 45 6e 5b 65 5d 3d 74 2c 22 73 22 3d 3d 3d 65 26 26 28 45 6e 2e 73 73 3d 74 2d 31 29 2c 21 30 29 29 7d 2c 66 2e 63 61 6c 65 6e 64 61 72 46 6f 72 6d 61 74 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 28 65 3d 65 2e 64 69 66 66 28 74 2c 22 64 61 79 73 22 2c 21 30 29 29 3c 2d 36 3f 22 73 61 6d 65 45 6c 73 65 22 3a 65 3c 2d 31 3f 22 6c 61 73 74 57 65 65 6b 22 3a 65 3c 30 3f 22 6c 61 73 74 44 61 79 22 3a 65 3c 31 3f 22 73 61 6d 65 44 61 79 22 3a 65 3c 32 3f 22 6e 65 78 74 44 61 79 22 3a 65 3c 37 3f 22 6e 65 78 74 57 65 65 6b 22 3a 22 73 Data Ascii: TimeThreshold=function(e,t){return void 0!==En[e]&&(void 0===t?En[e]:(En[e]=t,"s"===e&&(En.ss=t-1),!0))},f.calendarFormat=function(e,t){return(e=e.diff(t,"days",!0))<-6?"sameElse":e<-1?"lastWeek":e<0?"lastDay":e<1?"sameDay":e<2?"nextDay":e<7?"nextWeek":"s

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:16 UTC	801	OUT	GET /u/login/assets/languages/en.json?ver=1.12.0 HTTP/1.1 Host: secure-portal.login-us.mimecast.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: application/json, text/plain, / sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:16 UTC	435	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 16:48:16 GMT Content-Type: application/json Content-Length: 19102 Connection: close Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Last-Modified: Thu, 22 Aug 2024 16:43:12 GMT ETag: W/"Ij4NOY7lFkoIj4MqPQd3dQ" Accept-Ranges: bytes Vary: Accept-Encoding, User-Agent
2024-10-28 16:48:16 UTC	15949	IN	Data Raw: 7b 0a 09 22 24 49 31 38 4e 5f 53 50 49 4e 4e 45 52 5f 4c 4f 41 44 49 4e 47 22 3a 20 22 4c 6f 61 64 69 6e 67 2e 2e 2e 22 2c 0a 09 22 50 57 44 5f 52 55 4c 45 53 5f 43 48 45 43 4b 45 52 5f 4c 4f 57 45 52 5f 43 41 53 45 22 3a 20 22 49 6e 63 6c 75 64 65 20 61 74 20 6c 65 61 73 74 20 6f 6e 65 20 6c 6f 77 65 72 63 61 73 65 20 63 68 61 72 61 63 74 65 72 20 28 61 2d 7a 29 22 2c 0a 09 22 50 57 44 5f 52 55 4c 45 53 5f 43 48 45 43 4b 45 52 5f 4d 49 4e 5f 43 48 52 5f 41 46 54 45 52 22 3a 20 22 63 68 61 72 61 63 74 65 72 73 22 2c 0a 09 22 50 57 44 5f 52 55 4c 45 53 5f 43 48 45 43 4b 45 52 5f 4d 49 4e 5f 43 48 52 5f 42 45 46 4f 52 45 22 3a 20 22 4d 69 6e 69 6d 75 6d 22 2c 0a 09 22 50 57 44 5f 52 55 4c 45 53 5f 43 48 45 43 4b 45 52 5f 4e 55 4d 42 45 52 22 3a 20 22 49 6e Data Ascii: {"$I18N_SPINNER_LOADING": "Loading...","PWD_RULES_CHECKER_LOWER_CASE": "Include at least one lowercase character (a-z)","PWD_RULES_CHECKER_MIN_CHR_AFTER": "characters","PWD_RULES_CHECKER_MIN_CHR_BEFORE": "Minimum","PWD_RULES_CHECKER_NUMBER": "In
2024-10-28 16:48:16 UTC	3153	IN	Data Raw: 5f 52 45 56 49 45 57 45 52 22 3a 20 22 43 61 73 65 20 52 65 76 69 65 77 22 2c 0a 09 22 44 49 53 43 4c 41 49 4d 45 52 5f 42 4f 44 59 5f 52 45 56 49 45 57 45 52 22 3a 20 22 43 61 73 65 20 52 65 76 69 65 77 20 65 6e 61 62 6c 65 73 20 73 65 63 75 72 65 20 61 6e 64 20 63 6f 6d 70 61 72 74 6d 65 6e 74 61 6c 69 7a 65 64 20 61 63 63 65 73 73 20 74 6f 20 64 61 74 61 20 66 6f 72 20 65 44 69 73 63 6f 76 65 72 79 2c 20 63 6f 6d 70 6c 69 61 6e 63 65 2c 20 61 6e 64 20 6f 74 68 65 72 20 69 6e 76 65 73 74 69 67 61 74 69 76 65 20 70 75 72 70 6f 73 65 73 2e 20 52 65 76 69 65 77 65 72 73 20 63 61 6e 20 6d 61 72 6b 20 63 61 73 65 20 6d 65 73 73 61 67 65 73 20 61 63 63 6f 72 64 69 6e 67 20 74 6f 20 72 65 6c 65 76 61 6e 63 65 20 61 6e 64 20 70 72 69 76 69 6c 65 67 65 20 74 6f Data Ascii: _REVIEWER": "Case Review","DISCLAIMER_BODY_REVIEWER": "Case Review enables secure and compartmentalized access to data for eDiscovery, compliance, and other investigative purposes. Reviewers can mark case messages according to relevance and privilege to

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:16 UTC	781	OUT	GET /u/login/app-version.jsp HTTP/1.1 Host: secure-portal.login-us.mimecast.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: application/json, text/plain, / sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:16 UTC	409	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 16:48:16 GMT Content-Type: text/html;charset=utf-8 Content-Length: 6 Connection: close Cache-Control: private, max-age=0, no-cache, no-store Pragma: no-cache Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Vary: Accept-Encoding, User-Agent
2024-10-28 16:48:16 UTC	6	IN	Data Raw: 31 2e 31 32 2e 30 Data Ascii: 1.12.0

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:16 UTC	825	OUT	GET /u/assets/images/mimecast-logo.png HTTP/1.1 Host: secure-portal.login-us.mimecast.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:16 UTC	392	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 16:48:16 GMT Content-Type: image/png Content-Length: 1868 Connection: close Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Last-Modified: Thu, 22 Aug 2024 16:40:24 GMT ETag: W/"ll0s0FGQlssll0tQStlYUc" Accept-Ranges: bytes
2024-10-28 16:48:16 UTC	1868	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 34 00 00 00 78 08 06 00 00 00 7c 6c 0e 3c 00 00 00 09 70 48 59 73 00 00 0b 12 00 00 0b 12 01 d2 dd 7e fc 00 00 06 fe 49 44 41 54 78 9c ed dd ff 6d db 46 18 c6 71 a6 c8 ff 52 27 b0 32 81 d4 09 a4 4e 50 67 02 b3 13 d4 99 c0 ca 04 55 26 b0 32 41 e5 09 2a 4f 50 7a 82 d2 1b d0 13 b0 60 f1 b2 20 54 4b 7c 8f ba 23 8f 2f bf 1f 40 68 50 24 d4 e9 8e 7c c4 fb c1 d3 87 b2 2c 13 00 b0 e0 07 5a 11 80 15 04 1a 00 33 08 34 00 66 10 68 00 cc 20 d0 00 98 41 a0 01 30 83 40 03 60 06 81 06 c0 0c 02 0d 80 19 04 1a 00 33 08 34 00 66 10 68 00 cc 20 d0 00 98 41 a0 01 30 83 40 03 60 06 81 06 c0 0c 02 0d 80 19 04 1a 00 33 08 34 00 66 10 68 00 cc 20 d0 00 98 41 a0 01 30 83 40 03 60 06 81 06 c0 0c 02 0d 80 19 04 1a 00 33 08 34 Data Ascii: PNGIHDR4x\|l<pHYs~IDATxmFqR'2NPgU&2A*OPz` TK\|#/@hP$\|,Z34fh A0@`34fh A0@`34fh A0@`34

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:17 UTC	382	OUT	GET /u/login/app-version.jsp HTTP/1.1 Host: secure-portal.login-us.mimecast.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:17 UTC	409	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 16:48:17 GMT Content-Type: text/html;charset=utf-8 Content-Length: 6 Connection: close Cache-Control: private, max-age=0, no-cache, no-store Pragma: no-cache Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Vary: Accept-Encoding, User-Agent
2024-10-28 16:48:17 UTC	6	IN	Data Raw: 31 2e 31 32 2e 30 Data Ascii: 1.12.0

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:18 UTC	394	OUT	GET /agent/static/0600cd7b-e6b2-4ba9-4249-ab1342c3631b/pendo.js HTTP/1.1 Host: cdn.pendo.io Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:18 UTC	955	IN	HTTP/1.1 200 OK x-goog-generation: 1729797173876040 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 168830 x-goog-hash: crc32c=STvKFA== x-goog-hash: md5=cIW6djYvVsPaQgG+77Lx2A== x-goog-storage-class: STANDARD Access-Control-Allow-Origin: * Access-Control-Expose-Headers: * X-GUploader-Response-Body-Transformations: gunzipped Warning: 214 UploadServer gunzipped X-GUploader-UploadID: AHmUCY1fJyb1Uvui5biqex8eYNKFyqGSORXceZ7uBDYiEbVFujPAz0qge-NrZanaO8nL94ahrec Server: UploadServer Date: Mon, 28 Oct 2024 16:48:15 GMT Last-Modified: Thu, 24 Oct 2024 19:12:53 GMT ETag: W/"7085ba76362f56c3da4201beefb2f1d8" Content-Type: application/javascript; charset=utf-8 Vary: Accept-Encoding Age: 3 Cache-Control: public,max-age=450 Strict-Transport-Security: max-age=63072000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close Transfer-Encoding: chunked
2024-10-28 16:48:18 UTC	423	IN	Data Raw: 38 30 30 30 0d 0a 2f 2f 20 50 65 6e 64 6f 20 41 67 65 6e 74 20 57 72 61 70 70 65 72 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 32 30 32 34 20 50 65 6e 64 6f 2e 69 6f 2c 20 49 6e 63 2e 0a 2f 2f 20 45 6e 76 69 72 6f 6e 6d 65 6e 74 3a 20 20 20 20 70 72 6f 64 75 63 74 69 6f 6e 0a 2f 2f 20 41 67 65 6e 74 20 56 65 72 73 69 6f 6e 3a 20 20 32 2e 32 35 32 2e 30 0a 2f 2f 20 49 6e 73 74 61 6c 6c 65 64 3a 20 20 20 20 20 20 32 30 32 34 2d 31 30 2d 32 34 54 31 39 3a 31 32 3a 35 30 5a 0a 28 66 75 6e 63 74 69 6f 6e 20 28 50 65 6e 64 6f 43 6f 6e 66 69 67 29 20 7b 0a 2f 2a 0a 40 6c 69 63 65 6e 73 65 20 68 74 74 70 73 3a 2f 2f 61 67 65 6e 74 2e 70 65 6e 64 6f 2e 69 6f 2f 6c 69 63 65 6e 73 65 73 0a 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 72 77 2c 6f 77 2c 61 77 29 7b 21 66 75 Data Ascii: 8000// Pendo Agent Wrapper// Copyright 2024 Pendo.io, Inc.// Environment: production// Agent Version: 2.252.0// Installed: 2024-10-24T19:12:50Z(function (PendoConfig) {/@license https://agent.pendo.io/licenses/!function(rw,ow,aw){!fu
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 74 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 2e 63 61 6c 6c 28 74 68 69 73 29 29 72 65 74 75 72 6e 20 54 2e 63 61 6c 6c 28 74 68 69 73 2c 65 2c 74 29 3b 76 61 72 20 6e 2c 69 3d 5b 5d 2c 72 3d 74 68 69 73 2e 6c 65 6e 67 74 68 2c 6f 3d 65 7c 7c 30 2c 61 3d 28 74 3c 30 3f 72 2b 74 3a 74 7c 7c 72 29 2d 28 6f 3d 30 3c 3d 6f 3f 6f 3a 72 2b 6f 29 3b 69 66 28 30 3c 61 29 69 66 28 69 3d 6e 65 77 20 41 72 72 61 79 28 61 29 2c 74 68 69 73 2e 63 68 61 72 41 74 29 66 6f 72 28 6e 3d 30 3b 6e 3c 61 3b 6e 2b 2b 29 69 5b 6e 5d 3d 74 68 69 73 2e 63 68 61 72 41 74 28 6f 2b 6e 29 3b 65 6c 73 65 20 66 6f 72 28 6e 3d 30 3b 6e 3c 61 3b 6e 2b 2b 29 69 5b 6e 5d 3d 74 68 69 73 5b 6f 2b 6e 5d 3b 72 65 74 75 72 6e 20 69 7d 7d 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 Data Ascii: t.prototype.toString.call(this))return T.call(this,e,t);var n,i=[],r=this.length,o=e\|\|0,a=(t<0?r+t:t\|\|r)-(o=0<=o?o:r+o);if(0<a)if(i=new Array(a),this.charAt)for(n=0;n<a;n++)i[n]=this.charAt(o+n);else for(n=0;n<a;n++)i[n]=this[o+n];return i}}String.prototy
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 66 66 65 72 22 5d 2c 74 3d 5b 5d 2c 61 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 6c 28 21 30 29 2e 75 70 64 61 74 65 28 65 29 5b 74 5d 28 29 7d 7d 2c 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 61 28 22 68 65 78 22 29 3b 28 74 3d 69 3f 63 28 74 29 3a 74 29 2e 63 72 65 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 6c 7d 2c 74 2e 75 70 64 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 2e 63 72 65 61 74 65 28 29 2e 75 70 64 61 74 65 28 65 29 7d 3b 66 6f 72 28 76 61 72 20 65 3d 30 3b 65 3c 72 2e 6c 65 6e 67 74 68 3b 2b 2b 65 29 7b 76 61 72 20 6e 3d 72 5b 65 5d 3b 74 5b 6e 5d 3d 61 28 6e 29 7d 72 65 74 75 Data Ascii: ffer"],t=[],a=function(t){return function(e){return new l(!0).update(e)[t]()}},d=function(){var t=a("hex");(t=i?c(t):t).create=function(){return new l},t.update=function(e){return t.create().update(e)};for(var e=0;e<r.length;++e){var n=r[e];t[n]=a(n)}retu
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 3c 31 32 38 3f 61 5b 6e 3e 3e 32 5d 7c 3d 74 3c 3c 75 5b 33 26 6e 2b 2b 5d 3a 28 74 3c 32 30 34 38 3f 61 5b 6e 3e 3e 32 5d 7c 3d 28 31 39 32 7c 74 3e 3e 36 29 3c 3c 75 5b 33 26 6e 2b 2b 5d 3a 28 74 3c 35 35 32 39 36 7c 7c 35 37 33 34 34 3c 3d 74 3f 61 5b 6e 3e 3e 32 5d 7c 3d 28 32 32 34 7c 74 3e 3e 31 32 29 3c 3c 75 5b 33 26 6e 2b 2b 5d 3a 28 74 3d 36 35 35 33 36 2b 28 28 31 30 32 33 26 74 29 3c 3c 31 30 7c 31 30 32 33 26 65 2e 63 68 61 72 43 6f 64 65 41 74 28 2b 2b 72 29 29 2c 61 5b 6e 3e 3e 32 5d 7c 3d 28 32 34 30 7c 74 3e 3e 31 38 29 3c 3c 75 5b 33 26 6e 2b 2b 5d 2c 61 5b 6e 3e 3e 32 5d 7c 3d 28 31 32 38 7c 74 3e 3e 31 32 26 36 33 29 3c 3c 75 5b 33 26 6e 2b 2b 5d 29 2c 61 5b 6e 3e 3e 32 5d 7c 3d 28 31 32 38 7c 74 3e 3e 36 26 36 33 29 3c 3c 75 5b 33 26 Data Ascii: <128?a[n>>2]\|=t<<u[3&n++]:(t<2048?a[n>>2]\|=(192\|t>>6)<<u[3&n++]:(t<55296\|\|57344<=t?a[n>>2]\|=(224\|t>>12)<<u[3&n++]:(t=65536+((1023&t)<<10\|1023&e.charCodeAt(++r)),a[n>>2]\|=(240\|t>>18)<<u[3&n++],a[n>>2]\|=(128\|t>>12&63)<<u[3&n++]),a[n>>2]\|=(128\|t>>6&63)<<u[3&
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 38 35 30 30 32 34 39 2b 61 5b 73 2b 34 5d 3c 3c 30 2c 69 3d 69 3c 3c 33 30 7c 69 3e 3e 3e 32 3b 66 6f 72 28 3b 73 3c 34 30 3b 73 2b 3d 35 29 74 3d 28 65 3d 28 6e 3d 28 65 3d 28 69 3d 28 65 3d 28 72 3d 28 65 3d 28 6f 3d 28 65 3d 74 3c 3c 35 7c 74 3e 3e 3e 32 37 29 2b 28 6e 5e 69 5e 72 29 2b 6f 2b 31 38 35 39 37 37 35 33 39 33 2b 61 5b 73 5d 3c 3c 30 29 3c 3c 35 7c 6f 3e 3e 3e 32 37 29 2b 28 74 5e 28 6e 3d 6e 3c 3c 33 30 7c 6e 3e 3e 3e 32 29 5e 69 29 2b 72 2b 31 38 35 39 37 37 35 33 39 33 2b 61 5b 73 2b 31 5d 3c 3c 30 29 3c 3c 35 7c 72 3e 3e 3e 32 37 29 2b 28 6f 5e 28 74 3d 74 3c 3c 33 30 7c 74 3e 3e 3e 32 29 5e 6e 29 2b 69 2b 31 38 35 39 37 37 35 33 39 33 2b 61 5b 73 2b 32 5d 3c 3c 30 29 3c 3c 35 7c 69 3e 3e 3e 32 37 29 2b 28 72 5e 28 6f 3d 6f 3c 3c 33 30 Data Ascii: 8500249+a[s+4]<<0,i=i<<30\|i>>>2;for(;s<40;s+=5)t=(e=(n=(e=(i=(e=(r=(e=(o=(e=t<<5\|t>>>27)+(n^i^r)+o+1859775393+a[s]<<0)<<5\|o>>>27)+(t^(n=n<<30\|n>>>2)^i)+r+1859775393+a[s+1]<<0)<<5\|r>>>27)+(o^(t=t<<30\|t>>>2)^n)+i+1859775393+a[s+2]<<0)<<5\|i>>>27)+(r^(o=o<<30
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 5b 74 3e 3e 31 36 26 31 35 5d 2b 6f 5b 74 3e 3e 31 32 26 31 35 5d 2b 6f 5b 74 3e 3e 38 26 31 35 5d 2b 6f 5b 74 3e 3e 34 26 31 35 5d 2b 6f 5b 31 35 26 74 5d 2b 6f 5b 6e 3e 3e 32 38 26 31 35 5d 2b 6f 5b 6e 3e 3e 32 34 26 31 35 5d 2b 6f 5b 6e 3e 3e 32 30 26 31 35 5d 2b 6f 5b 6e 3e 3e 31 36 26 31 35 5d 2b 6f 5b 6e 3e 3e 31 32 26 31 35 5d 2b 6f 5b 6e 3e 3e 38 26 31 35 5d 2b 6f 5b 6e 3e 3e 34 26 31 35 5d 2b 6f 5b 31 35 26 6e 5d 2b 6f 5b 69 3e 3e 32 38 26 31 35 5d 2b 6f 5b 69 3e 3e 32 34 26 31 35 5d 2b 6f 5b 69 3e 3e 32 30 26 31 35 5d 2b 6f 5b 69 3e 3e 31 36 26 31 35 5d 2b 6f 5b 69 3e 3e 31 32 26 31 35 5d 2b 6f 5b 69 3e 3e 38 26 31 35 5d 2b 6f 5b 69 3e 3e 34 26 31 35 5d 2b 6f 5b 31 35 26 69 5d 2b 6f 5b 72 3e 3e 32 38 26 31 35 5d 2b 6f 5b 72 3e 3e 32 34 26 31 35 Data Ascii: [t>>16&15]+o[t>>12&15]+o[t>>8&15]+o[t>>4&15]+o[15&t]+o[n>>28&15]+o[n>>24&15]+o[n>>20&15]+o[n>>16&15]+o[n>>12&15]+o[n>>8&15]+o[n>>4&15]+o[15&n]+o[i>>28&15]+o[i>>24&15]+o[i>>20&15]+o[i>>16&15]+o[i>>12&15]+o[i>>8&15]+o[i>>4&15]+o[15&i]+o[r>>28&15]+o[r>>24&15
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 67 22 3d 3d 3d 65 2e 65 6e 76 69 72 6f 6e 6d 65 6e 74 4e 61 6d 65 7d 66 75 6e 63 74 69 6f 6e 20 4d 28 65 29 7b 72 65 74 75 72 6e 21 65 2e 75 6e 6d 69 6e 69 66 69 65 64 7d 66 75 6e 63 74 69 6f 6e 20 50 28 65 29 7b 72 65 74 75 72 6e 22 65 78 74 65 6e 73 69 6f 6e 22 3d 3d 3d 65 2e 69 6e 73 74 61 6c 6c 54 79 70 65 7d 66 75 6e 63 74 69 6f 6e 20 46 28 65 29 7b 72 65 74 75 72 6e 21 50 28 65 29 26 26 21 4e 28 65 29 26 26 42 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 44 28 65 2c 74 29 7b 72 65 74 75 72 6e 21 50 28 65 29 26 26 4d 28 65 29 26 26 74 7d 66 75 6e 63 74 69 6f 6e 20 47 28 65 29 7b 76 6f 69 64 20 30 3d 3d 3d 65 26 26 28 65 3d 5b 5d 29 3b 66 6f 72 28 76 61 72 20 74 3d 2f 5e 68 74 74 70 73 3a 5c 2f 5c 2f 5b 5c 77 5c 2d 2e 5d 2a 63 64 6e 5b 5c 77 5c 2d 2e 5d 2a Data Ascii: g"===e.environmentName}function M(e){return!e.unminified}function P(e){return"extension"===e.installType}function F(e){return!P(e)&&!N(e)&&B(e)}function D(e,t){return!P(e)&&M(e)&&t}function G(e){void 0===e&&(e=[]);for(var t=/^https:\/\/[\w\-.]cdn[\w\-.]
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 61 72 20 74 3d 57 2c 6e 3d 30 2c 69 3d 74 2e 6c 65 6e 67 74 68 3b 6e 3c 69 3b 2b 2b 6e 29 71 28 74 5b 6e 5d 2c 65 29 7d 66 75 6e 63 74 69 6f 6e 20 56 28 65 2c 74 2c 6e 29 7b 69 66 28 46 28 65 29 29 7b 65 3d 55 28 65 2c 21 30 2c 6e 29 3b 69 66 28 65 29 72 65 74 75 72 6e 20 4a 28 74 29 2c 63 65 28 65 2c 74 29 2c 21 30 7d 72 65 74 75 72 6e 21 31 7d 66 75 6e 63 74 69 6f 6e 20 75 65 28 65 2c 74 2c 6e 29 7b 69 66 28 44 28 65 2c 6e 29 29 7b 65 3d 55 28 65 2c 21 31 2c 6e 29 3b 69 66 28 65 29 72 65 74 75 72 6e 20 4a 28 74 29 2c 63 65 28 65 2c 74 29 2c 21 30 7d 72 65 74 75 72 6e 21 31 7d 66 75 6e 63 74 69 6f 6e 20 64 65 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 20 56 28 65 2c 74 2c 6e 29 7c 7c 75 65 28 65 2c 74 2c 6e 29 7d 66 75 6e 63 74 69 6f 6e 20 63 65 28 65 2c Data Ascii: ar t=W,n=0,i=t.length;n<i;++n)q(t[n],e)}function V(e,t,n){if(F(e)){e=U(e,!0,n);if(e)return J(t),ce(e,t),!0}return!1}function ue(e,t,n){if(D(e,n)){e=U(e,!1,n);if(e)return J(t),ce(e,t),!0}return!1}function de(e,t,n){return V(e,t,n)\|\|ue(e,t,n)}function ce(e,
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 2c 71 3d 21 7b 74 6f 53 74 72 69 6e 67 3a 6e 75 6c 6c 7d 2e 70 72 6f 70 65 72 74 79 49 73 45 6e 75 6d 65 72 61 62 6c 65 28 22 74 6f 53 74 72 69 6e 67 22 29 2c 4a 3d 5b 22 76 61 6c 75 65 4f 66 22 2c 22 69 73 50 72 6f 74 6f 74 79 70 65 4f 66 22 2c 22 74 6f 53 74 72 69 6e 67 22 2c 22 70 72 6f 70 65 72 74 79 49 73 45 6e 75 6d 65 72 61 62 6c 65 22 2c 22 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 22 2c 22 74 6f 4c 6f 63 61 6c 65 53 74 72 69 6e 67 22 5d 2c 56 3d 4d 61 74 68 2e 70 6f 77 28 32 2c 35 33 29 2d 31 3b 66 75 6e 63 74 69 6f 6e 20 63 28 72 2c 6f 29 7b 72 65 74 75 72 6e 20 6f 3d 6e 75 6c 6c 3d 3d 6f 3f 72 2e 6c 65 6e 67 74 68 2d 31 3a 2b 6f 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 65 3d 4d 61 74 68 2e 6d 61 78 28 61 72 67 75 6d 65 6e 74 Data Ascii: ,q=!{toString:null}.propertyIsEnumerable("toString"),J=["valueOf","isPrototypeOf","toString","propertyIsEnumerable","hasOwnProperty","toLocaleString"],V=Math.pow(2,53)-1;function c(r,o){return o=null==o?r.length-1:+o,function(){for(var e=Math.max(argument
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 65 65 22 29 7d 29 7d 28 29 2c 6f 65 29 3b 66 75 6e 63 74 69 6f 6e 20 73 65 28 65 29 7b 72 65 74 75 72 6e 20 58 28 65 29 26 26 57 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 75 65 28 65 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 7d 66 75 6e 63 74 69 6f 6e 20 64 65 28 74 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 3d 74 28 65 29 3b 72 65 74 75 72 6e 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 30 3c 3d 65 26 26 65 3c 3d 56 7d 7d 66 75 6e 63 74 69 6f 6e 20 63 65 28 74 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 3f 76 6f 69 64 20 30 3a 65 5b 74 5d 7d 7d 76 61 72 20 6d 3d 63 65 28 22 62 79 74 65 4c 65 6e 67 74 68 22 29 2c 6c Data Ascii: ee")})}(),oe);function se(e){return X(e)&&W(e)}function ue(e){return function(){return e}}function de(t){return function(e){e=t(e);return"number"==typeof e&&0<=e&&e<=V}}function ce(t){return function(e){return null==e?void 0:e[t]}}var m=ce("byteLength"),l

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:18 UTC	1752	OUT	GET /data/ptm.gif/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?v=2.252.0_prod&ct=1730134096240&jzb=eJztlVmPo8gShf8LI82Tl2QzUFKp5Y0qYxuzemE0QizJYlYnCTa06r93ump6dJ_6dXSlfsuME3EIwfnEX98p3NeQeqEKiD1qRPmoujcQuTgtSJUWWECzHJBmDEuPqC5tUlwhNw3JgKut1dXBtdyq9heSbUbVHhCDFuVETDCum5fptIFBi-C4rhD28klexWk5bptJQdwDr8GToCqm7fSzPv0WY-_1a-BPnJWv7CRL5V45VrTcMuwwqH4r4EhmnVRc3KphqaEkQFeeyfYwHbRV5m60aqvuH2ayuq1jia9vkcJeZbyO4O4uh8IYBOogHdtH4YdWNNvkXVHvmlU6QI-LAiXbx7R4ul1RL-AenNG7wk9isND5CFrBxskX4LE2aWMZzv_4WvhbAZvGi-ErVGv1Ssu7-zC3jU7alUmIwdVQEy4Z5MRkGuv9Td-YuloGw0nS9koCetEf-5Z9igQx4HmWi1fsOYpDuUq1um_qrpVbiT7p2eztwoS9cqB3hghl_xF07vtB22SW1jMqL3blubYGiASPVULUy_qsNI5AD-fzU7SAvic_fCxGMcarlHMwO-gr-a2_HHTWyHod7HI7HDTZ12QOG8BmLtVj80Cxbh3MdS9x77PlPdm3Qm4dT8pqZSXt9lbfs4cR6426hE5tG6farnV7fHXS011a3Mf-ntftqFqqgEXJRTc5xZYgm9OSyx2gjkpB2oXl9i3bAwUYRWsNt90-yPLInXnrjWPCrePG5_RtEw_F9QDFeijXen4qTD_tdtubLcqX2Vg8DMhMgqMTxlAw-Edgh2cjIsmrUVU31Mv3nzF9Hn-V1Nwr45Z8P9IBS9c2qY8R5QVB1ZaYjJJL7SFY4vn_lkIPP_sZcUqDKQMYjvh0EDVpVT7LE4ZnJsAlm4RPty8Dy_M3ZI2yzfMRhb8uVNR120U5q-hbq [TRUNCATED] Host: app.pendo.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://secure-portal.login-us.mimecast.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:18 UTC	488	IN	HTTP/1.1 200 OK access-control-allow-credentials: false access-control-allow-headers: * access-control-allow-methods: GET,POST access-control-allow-origin: * access-control-max-age: 600 cache-control: no-store content-type: image/gif x-content-type-options: nosniff date: Mon, 28 Oct 2024 16:48:18 GMT Content-Length: 42 x-envoy-upstream-service-time: 168 server: istio-envoy Via: 1.1 google Strict-Transport-Security: max-age=63072000 Alt-Svc: clear Connection: close
2024-10-28 16:48:18 UTC	42	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b Data Ascii: GIF89a!,D;

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://protect-us.mimecast.com/s/sMiVC687o9CPGJB2XupfJF5g12L

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Windows Analysis Report
https://protect-us.mimecast.com/s/sMiVC687o9CPGJB2XupfJF5g12L

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:18 UTC	1483	OUT	GET /data/guide.js/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?id=12&jzb=eJx9kluvqkgQhf8Lk5yno3JV2MnOiYooCEhzEfWFcGkucrVpFHqy__txz0km8zRvVV-tVdVJr7-pZ9EXuEVqQn1QgbUz5VPgBm0XbSTPSVuDpn5SA6rewxzjrv9YLHoYDwjOuhbhsJpXbVY0s6Gf10UN47DH87itF8PiH774leHw84_hBy6bT25eFsqknVtGGViOEDMaVjhVuFshbh4t2Vooj9FdYEsDFsSSy0C12qNpjE4uP3aZJHSPVOPuCt6lUH8pyWpGxyaRzsNYR4mbLtXqWXd6LxcEhnwaa6WRMaL_uKNphSf6gg6aMM_oDRBS6MbqrdrQ485h7G2y_uvPg3_VsO_DDH5CszPvjKK_yNqzn5Le5Amm77aZ8zlRcoft3cMeqA4wm5j4kmVoOT2J0SxyPT9dibEgcHwmc5c0S5S2sLqp756DMkiMD8rl_somk3ZidFuESjTGz-BwstTStSbWFMRnc-lcAtEq5LQETQpYNvaZBsl67acbGIXKGGExzTCWC_6GOQJkZT9dT4CzywnQeuUlxFIiS-GxTXvstR3VEWXAPTm7SeIPy-0rN4ZV5Z59TZbdfDg-ulc52hnozS28dZ7td14HvNn9VvgvafOaRYYAvLTdmjSH8itweM2TIFcxUsCfIEDNStKT5rgvDVqj7XpwyUM34rJKg2W4U28OPN6C7FLs1YzU9xMUO9LsQOXXTlQ89ePDE5XrciaeCHLy-HxLMriyhTH2koudvpNXQxwmIQ6pj3-D-l0W_xPWKmyy4f2FbwVsAs-hvn5SYRy3Q4Pf1nfThQg2eP1f9D7xrWfFBUMvWJrl33ueEPVF23zjOSuwczroUJtQX1-_ARPgFLk&v=2.252.0_prod&ct=1730134096242 HTTP/1.1 Host: app.pendo.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://secure-portal.login-us.mimecast.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:18 UTC	508	IN	HTTP/1.1 200 OK access-control-allow-credentials: false access-control-allow-headers: * access-control-allow-methods: GET,POST access-control-allow-origin: * access-control-max-age: 600 cache-control: no-store content-type: application/javascript x-content-type-options: nosniff date: Mon, 28 Oct 2024 16:48:18 GMT x-envoy-upstream-service-time: 34 server: istio-envoy Via: 1.1 google Strict-Transport-Security: max-age=63072000 Alt-Svc: clear Connection: close Transfer-Encoding: chunked
2024-10-28 16:48:18 UTC	870	IN	Data Raw: 65 35 66 0d 0a 70 65 6e 64 6f 2e 67 75 69 64 65 73 50 61 79 6c 6f 61 64 28 7b 22 67 75 69 64 65 73 22 3a 5b 7b 22 63 72 65 61 74 65 64 42 79 55 73 65 72 22 3a 7b 22 69 64 22 3a 22 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 22 2c 22 66 69 72 73 74 22 3a 22 22 2c 22 6c 61 73 74 22 3a 22 22 2c 22 72 6f 6c 65 22 3a 30 2c 22 75 73 65 72 54 79 70 65 22 3a 22 22 2c 22 68 61 73 4c 6f 67 67 65 64 49 6e 22 3a 66 61 6c 73 65 7d 2c 22 63 72 65 61 74 65 64 41 74 22 3a 31 36 32 30 33 37 37 39 37 34 36 30 34 2c 22 6c 61 73 74 55 70 64 61 74 65 64 42 79 55 73 65 72 22 3a 7b 22 69 64 22 3a 22 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 22 2c 22 66 69 72 73 74 22 3a 22 22 2c 22 6c 61 73 74 22 3a 22 22 2c 22 72 6f 6c 65 22 3a 30 2c 22 75 73 65 72 54 79 70 65 22 3a 22 22 2c 22 Data Ascii: e5fpendo.guidesPayload({"guides":[{"createdByUser":{"id":"","username":"","first":"","last":"","role":0,"userType":"","hasLoggedIn":false},"createdAt":1620377974604,"lastUpdatedByUser":{"id":"","username":"","first":"","last":"","role":0,"userType":"","
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 31 2e 34 36 22 2c 22 74 79 70 65 22 3a 22 62 75 69 6c 64 69 6e 67 2d 62 6c 6f 63 6b 22 7d 2c 22 61 75 64 69 65 6e 63 65 22 3a 5b 7b 22 73 6f 75 72 63 65 22 3a 7b 22 76 69 73 69 74 6f 72 73 22 3a 6e 75 6c 6c 7d 7d 2c 7b 22 65 76 61 6c 22 3a 7b 22 61 63 63 6f 75 6e 74 49 64 22 3a 22 6d 65 74 61 64 61 74 61 2e 61 75 74 6f 2e 61 63 63 6f 75 6e 74 69 64 73 22 7d 7d 2c 7b 22 75 6e 77 69 6e 64 22 3a 7b 22 66 69 65 6c 64 22 3a 22 61 63 63 6f 75 6e 74 49 64 22 2c 22 6b 65 65 70 45 6d 70 74 79 22 3a 74 72 75 65 7d 7d 2c 7b 22 73 65 6c 65 63 74 22 3a 7b 22 76 69 73 69 74 6f 72 49 64 22 3a 22 76 69 73 69 74 6f 72 49 64 22 7d 7d 5d 2c 22 61 75 64 69 65 6e 63 65 55 69 48 69 6e 74 22 3a 7b 22 66 69 6c 74 65 72 73 22 3a 5b 7b 22 6b 69 6e 64 22 3a 22 76 69 73 69 74 6f 72 Data Ascii: 1.46","type":"building-block"},"audience":[{"source":{"visitors":null}},{"eval":{"accountId":"metadata.auto.accountids"}},{"unwind":{"field":"accountId","keepEmpty":true}},{"select":{"visitorId":"visitorId"}}],"audienceUiHint":{"filters":[{"kind":"visitor
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 30 34 2e 73 74 6f 72 61 67 65 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 67 75 69 64 65 2d 63 6f 6e 74 65 6e 74 2f 46 6f 55 79 30 48 5a 5a 62 42 73 6f 37 49 6b 6c 47 43 69 72 4b 62 66 4c 48 77 67 2f 77 65 65 4b 5f 58 78 38 79 50 4f 78 37 7a 4c 70 38 7a 52 51 5f 66 61 53 5f 41 34 2f 78 4d 4b 41 72 77 78 72 4f 62 48 66 45 49 57 4b 79 55 52 6b 57 59 42 5a 74 4d 4d 2e 64 6f 6d 2e 6a 73 6f 6e 70 3f 73 68 61 32 35 36 3d 55 4a 36 6c 39 41 51 2d 4a 62 43 34 6e 6a 68 68 30 62 57 46 41 32 43 53 4a 6f 30 41 32 49 4b 59 44 47 4e 45 55 35 6a 55 74 53 59 22 2c 22 72 61 6e 6b 22 3a 31 30 30 30 30 30 30 30 2c 22 61 64 76 61 6e 63 65 4d 65 74 68 6f 64 22 3a 22 62 75 74 74 6f 6e 22 2c 22 61 74 74 72 69 62 75 74 65 73 22 3a 7b 22 62 6c 6f 63 6b 4f 75 74 55 49 22 3a 7b Data Ascii: 04.storage.googleapis.com/guide-content/FoUy0HZZbBso7IklGCirKbfLHwg/weeK_Xx8yPOx7zLp8zRQ_faS_A4/xMKArwxrObHfEIWKyURkWYBZtMM.dom.jsonp?sha256=UJ6l9AQ-JbC4njhh0bWFA2CSJo0A2IKYDGNEU5jUtSY","rank":10000000,"advanceMethod":"button","attributes":{"blockOutUI":{
2024-10-28 16:48:18 UTC	60	IN	Data Raw: 65 67 6d 65 6e 74 49 64 22 3a 22 65 76 65 72 79 6f 6e 65 22 7d 5d 7d 2c 22 61 75 74 68 6f 72 65 64 4c 61 6e 67 75 61 67 65 22 3a 22 65 6e 2d 55 53 22 2c 22 72 65 63 75 72 72 0d 0a Data Ascii: egmentId":"everyone"}]},"authoredLanguage":"en-US","recurr
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 38 30 30 30 0d 0a 65 6e 63 65 22 3a 30 2c 22 72 65 63 75 72 72 65 6e 63 65 45 6c 69 67 69 62 69 6c 69 74 79 57 69 6e 64 6f 77 22 3a 30 2c 22 72 65 73 65 74 41 74 22 3a 30 2c 22 70 75 62 6c 69 73 68 65 64 41 74 22 3a 31 36 33 32 37 34 30 36 33 33 32 34 31 2c 22 70 75 62 6c 69 73 68 65 64 45 76 65 72 22 3a 66 61 6c 73 65 2c 22 63 75 72 72 65 6e 74 46 69 72 73 74 45 6c 69 67 69 62 6c 65 54 6f 42 65 53 65 65 6e 41 74 22 3a 31 36 33 37 31 36 38 37 31 34 35 33 33 2c 22 69 73 54 6f 70 4c 65 76 65 6c 22 3a 66 61 6c 73 65 2c 22 69 73 4d 6f 64 75 6c 65 22 3a 66 61 6c 73 65 2c 22 65 64 69 74 6f 72 54 79 70 65 22 3a 22 65 6e 67 61 67 65 55 49 22 2c 22 64 65 70 65 6e 64 65 6e 74 4d 65 74 61 64 61 74 61 22 3a 5b 5d 2c 22 61 75 74 6f 43 72 65 61 74 65 46 65 65 64 62 61 Data Ascii: 8000ence":0,"recurrenceEligibilityWindow":0,"resetAt":0,"publishedAt":1632740633241,"publishedEver":false,"currentFirstEligibleToBeSeenAt":1637168714533,"isTopLevel":false,"isModule":false,"editorType":"engageUI","dependentMetadata":[],"autoCreateFeedba
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 3a 30 7d 2c 7b 22 63 72 65 61 74 65 64 42 79 55 73 65 72 22 3a 7b 22 69 64 22 3a 22 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 22 2c 22 66 69 72 73 74 22 3a 22 22 2c 22 6c 61 73 74 22 3a 22 22 2c 22 72 6f 6c 65 22 3a 30 2c 22 75 73 65 72 54 79 70 65 22 3a 22 22 2c 22 68 61 73 4c 6f 67 67 65 64 49 6e 22 3a 66 61 6c 73 65 7d 2c 22 63 72 65 61 74 65 64 41 74 22 3a 31 37 30 33 30 39 36 31 33 33 36 33 38 2c 22 6c 61 73 74 55 70 64 61 74 65 64 42 79 55 73 65 72 22 3a 7b 22 69 64 22 3a 22 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 22 2c 22 66 69 72 73 74 22 3a 22 22 2c 22 6c 61 73 74 22 3a 22 22 2c 22 72 6f 6c 65 22 3a 30 2c 22 75 73 65 72 54 79 70 65 22 3a 22 22 2c 22 68 61 73 4c 6f 67 67 65 64 49 6e 22 3a 66 61 6c 73 65 7d 2c 22 6c 61 73 74 55 70 64 61 74 65 64 Data Ascii: :0},{"createdByUser":{"id":"","username":"","first":"","last":"","role":0,"userType":"","hasLoggedIn":false},"createdAt":1703096133638,"lastUpdatedByUser":{"id":"","username":"","first":"","last":"","role":0,"userType":"","hasLoggedIn":false},"lastUpdated
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 3b 5b 5e 23 5d 2a 29 3f 28 3f 3a 5c 5c 3f 5b 5e 23 5d 2a 29 3f 23 28 3f 3a 5c 5c 21 29 3f 2f 61 64 6d 69 6e 69 73 74 72 61 74 69 6f 6e 2d 64 61 73 68 62 6f 61 72 64 28 3f 3a 3b 5b 5e 23 5d 2a 29 3f 28 3f 3a 5c 5c 3f 5b 5e 23 5d 2a 29 3f 24 7c 5e 68 74 74 70 73 3f 3a 2f 2f 5b 5e 2f 5d 2a 2f 61 64 6d 69 6e 2f 3f 28 3f 3a 3b 5b 5e 23 5d 2a 29 3f 28 3f 3a 5c 5c 3f 5b 5e 23 5d 2a 29 3f 23 28 3f 3a 5c 5c 21 29 3f 2f 61 64 6d 69 6e 69 73 74 72 61 74 69 6f 6e 2d 64 61 73 68 62 6f 61 72 64 28 3f 3a 3b 5b 5e 23 5d 2a 29 3f 28 3f 3a 5c 5c 3f 5b 5e 23 5d 2a 29 3f 24 7c 5e 68 74 74 70 73 3f 3a 2f 2f 5b 5e 2f 5d 2a 2f 61 64 6d 69 6e 2f 3f 28 3f 3a 3b 5b 5e 23 5d 2a 29 3f 28 3f 3a 5c 5c 3f 5b 5e 23 5d 2a 29 3f 23 61 64 6d 69 6e 69 73 74 72 61 74 69 6f 6e 2d 64 61 73 68 Data Ascii: ;[^#])?(?:\\?[^#])?#(?:\\!)?/administration-dashboard(?:;[^#])?(?:\\?[^#])?$\|^https?://[^/]/admin/?(?:;[^#])?(?:\\?[^#])?#(?:\\!)?/administration-dashboard(?:;[^#])?(?:\\?[^#])?$\|^https?://[^/]/admin/?(?:;[^#])?(?:\\?[^#])?#administration-dash
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 22 61 64 76 61 6e 63 65 4d 65 74 68 6f 64 22 3a 22 62 75 74 74 6f 6e 22 2c 22 61 74 74 72 69 62 75 74 65 73 22 3a 7b 22 61 64 76 61 6e 63 65 41 63 74 69 6f 6e 73 22 3a 6e 75 6c 6c 2c 22 62 6c 6f 63 6b 4f 75 74 55 49 22 3a 7b 22 61 64 64 69 74 69 6f 6e 61 6c 45 6c 65 6d 65 6e 74 73 22 3a 22 22 2c 22 65 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 70 61 64 64 69 6e 67 22 3a 7b 22 62 6f 74 74 6f 6d 22 3a 30 2c 22 6c 65 66 74 22 3a 30 2c 22 72 69 67 68 74 22 3a 30 2c 22 74 6f 70 22 3a 30 7d 7d 2c 22 65 6c 65 6d 65 6e 74 53 65 6c 65 63 74 69 6f 6e 54 79 70 65 22 3a 22 73 75 67 67 65 73 74 65 64 22 2c 22 69 73 41 75 74 6f 46 6f 63 75 73 22 3a 74 72 75 65 2c 22 6c 61 79 6f 75 74 44 69 72 22 3a 22 72 69 67 68 74 22 2c 22 74 68 65 6d 65 49 64 22 3a 22 6e 79 52 4e Data Ascii: "advanceMethod":"button","attributes":{"advanceActions":null,"blockOutUI":{"additionalElements":"","enabled":false,"padding":{"bottom":0,"left":0,"right":0,"top":0}},"elementSelectionType":"suggested","isAutoFocus":true,"layoutDir":"right","themeId":"nyRN
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 35 36 3d 37 6e 68 35 50 53 4e 48 71 53 79 6c 68 72 73 4e 71 4d 30 55 33 37 75 73 4f 72 35 76 33 53 31 6d 33 49 38 55 6f 6f 47 59 6d 49 38 22 2c 22 72 61 6e 6b 22 3a 32 2c 22 61 64 76 61 6e 63 65 4d 65 74 68 6f 64 22 3a 22 22 2c 22 61 74 74 72 69 62 75 74 65 73 22 3a 7b 22 62 6c 6f 63 6b 4f 75 74 55 49 22 3a 7b 22 61 64 64 69 74 69 6f 6e 61 6c 45 6c 65 6d 65 6e 74 73 22 3a 22 22 2c 22 65 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 70 61 64 64 69 6e 67 22 3a 7b 22 62 6f 74 74 6f 6d 22 3a 30 2c 22 6c 65 66 74 22 3a 30 2c 22 72 69 67 68 74 22 3a 30 2c 22 74 6f 70 22 3a 30 7d 7d 2c 22 65 6c 65 6d 65 6e 74 53 65 6c 65 63 74 69 6f 6e 54 79 70 65 22 3a 22 73 75 67 67 65 73 74 65 64 22 2c 22 69 73 41 75 74 6f 46 6f 63 75 73 22 3a 74 72 75 65 2c 22 6c 61 79 6f 75 Data Ascii: 56=7nh5PSNHqSylhrsNqM0U37usOr5v3S1m3I8UooGYmI8","rank":2,"advanceMethod":"","attributes":{"blockOutUI":{"additionalElements":"","enabled":false,"padding":{"bottom":0,"left":0,"right":0,"top":0}},"elementSelectionType":"suggested","isAutoFocus":true,"layou
2024-10-28 16:48:18 UTC	1378	IN	Data Raw: 22 3a 7b 22 61 64 64 69 74 69 6f 6e 61 6c 45 6c 65 6d 65 6e 74 73 22 3a 22 22 2c 22 65 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 70 61 64 64 69 6e 67 22 3a 7b 22 62 6f 74 74 6f 6d 22 3a 30 2c 22 6c 65 66 74 22 3a 30 2c 22 72 69 67 68 74 22 3a 30 2c 22 74 6f 70 22 3a 30 7d 7d 2c 22 65 6c 65 6d 65 6e 74 53 65 6c 65 63 74 69 6f 6e 54 79 70 65 22 3a 22 73 75 67 67 65 73 74 65 64 22 2c 22 69 73 41 75 74 6f 46 6f 63 75 73 22 3a 74 72 75 65 2c 22 6c 61 79 6f 75 74 44 69 72 22 3a 22 72 69 67 68 74 22 2c 22 74 68 65 6d 65 49 64 22 3a 22 6e 79 52 4e 49 30 62 64 51 64 54 5f 37 53 71 6c 4b 77 2d 68 59 51 72 4e 43 49 30 22 7d 2c 22 6c 61 73 74 55 70 64 61 74 65 64 41 74 22 3a 31 37 30 36 32 37 37 39 31 37 37 31 36 2c 22 72 65 73 65 74 41 74 22 3a 31 37 30 36 36 32 Data Ascii: ":{"additionalElements":"","enabled":false,"padding":{"bottom":0,"left":0,"right":0,"top":0}},"elementSelectionType":"suggested","isAutoFocus":true,"layoutDir":"right","themeId":"nyRNI0bdQdT_7SqlKw-hYQrNCI0"},"lastUpdatedAt":1706277917716,"resetAt":170662

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:18 UTC	707	OUT	GET /data/guide.gif/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1730134096243&v=2.252.0_prod HTTP/1.1 Host: app.pendo.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://secure-portal.login-us.mimecast.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:18 UTC	486	IN	HTTP/1.1 200 OK access-control-allow-credentials: false access-control-allow-headers: * access-control-allow-methods: GET,POST access-control-allow-origin: * access-control-max-age: 600 cache-control: no-store content-type: image/gif x-content-type-options: nosniff date: Mon, 28 Oct 2024 16:48:18 GMT Content-Length: 42 x-envoy-upstream-service-time: 9 server: istio-envoy Via: 1.1 google Strict-Transport-Security: max-age=63072000 Alt-Svc: clear Connection: close
2024-10-28 16:48:18 UTC	42	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b Data Ascii: GIF89a!,D;

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:18 UTC	824	OUT	GET /u/assets/images/ccm_flavicon.ico HTTP/1.1 Host: secure-portal.login-us.mimecast.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://secure-portal.login-us.mimecast.com/u/login/?gta=secure&tkn=3.kiFyJVo1Fu23zzNbu7tfF3Zi8BqozCPrhcrj52kMeizPDk_IPoKNMxShDqEg95pqfJ3jFtEfeLwFd7-0cNz9VuxmbdTf6IlvmpLsDizea4fcJkMg18Wqjry7ty0XrHJ5.g0BQ5feTcIZlB0xES1RCdA Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:18 UTC	395	IN	HTTP/1.1 200 OK Date: Mon, 28 Oct 2024 16:48:18 GMT Content-Type: image/x-icon Content-Length: 1150 Connection: close Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Last-Modified: Thu, 22 Aug 2024 16:40:24 GMT ETag: W/"mDBjdQPM46kmDBi5Hk5Fxc" Accept-Ranges: bytes
2024-10-28 16:48:18 UTC	1150	IN	Data Raw: 00 00 01 00 01 00 10 10 00 00 01 00 20 00 68 04 00 00 16 00 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 40 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 79 6b 57 f3 7c 6b 57 ff 7c 6b 57 ff 7c 6b 57 ff 7c 6b 57 ff 7c 6b 57 f0 7c Data Ascii: h( @ykW\|kW\|kW\|kW\|kW\|kW\|

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:19 UTC	452	OUT	GET /data/guide.gif/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1730134096243&v=2.252.0_prod HTTP/1.1 Host: app.pendo.io Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:19 UTC	486	IN	HTTP/1.1 200 OK access-control-allow-credentials: false access-control-allow-headers: * access-control-allow-methods: GET,POST access-control-allow-origin: * access-control-max-age: 600 cache-control: no-store content-type: image/gif x-content-type-options: nosniff date: Mon, 28 Oct 2024 16:48:19 GMT Content-Length: 42 x-envoy-upstream-service-time: 4 server: istio-envoy Via: 1.1 google Strict-Transport-Security: max-age=63072000 Alt-Svc: clear Connection: close
2024-10-28 16:48:19 UTC	42	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b Data Ascii: GIF89a!,D;

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:19 UTC	1497	OUT	GET /data/ptm.gif/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?v=2.252.0_prod&ct=1730134096240&jzb=eJztlVmPo8gShf8LI82Tl2QzUFKp5Y0qYxuzemE0QizJYlYnCTa06r93ump6dJ_6dXSlfsuME3EIwfnEX98p3NeQeqEKiD1qRPmoujcQuTgtSJUWWECzHJBmDEuPqC5tUlwhNw3JgKut1dXBtdyq9heSbUbVHhCDFuVETDCum5fptIFBi-C4rhD28klexWk5bptJQdwDr8GToCqm7fSzPv0WY-_1a-BPnJWv7CRL5V45VrTcMuwwqH4r4EhmnVRc3KphqaEkQFeeyfYwHbRV5m60aqvuH2ayuq1jia9vkcJeZbyO4O4uh8IYBOogHdtH4YdWNNvkXVHvmlU6QI-LAiXbx7R4ul1RL-AenNG7wk9isND5CFrBxskX4LE2aWMZzv_4WvhbAZvGi-ErVGv1Ssu7-zC3jU7alUmIwdVQEy4Z5MRkGuv9Td-YuloGw0nS9koCetEf-5Z9igQx4HmWi1fsOYpDuUq1um_qrpVbiT7p2eztwoS9cqB3hghl_xF07vtB22SW1jMqL3blubYGiASPVULUy_qsNI5AD-fzU7SAvic_fCxGMcarlHMwO-gr-a2_HHTWyHod7HI7HDTZ12QOG8BmLtVj80Cxbh3MdS9x77PlPdm3Qm4dT8pqZSXt9lbfs4cR6426hE5tG6farnV7fHXS011a3Mf-ntftqFqqgEXJRTc5xZYgm9OSyx2gjkpB2oXl9i3bAwUYRWsNt90-yPLInXnrjWPCrePG5_RtEw_F9QDFeijXen4qTD_tdtubLcqX2Vg8DMhMgqMTxlAw-Edgh2cjIsmrUVU31Mv3nzF9Hn-V1Nwr45Z8P9IBS9c2qY8R5QVB1ZaYjJJL7SFY4vn_lkIPP_sZcUqDKQMYjvh0EDVpVT7LE4ZnJsAlm4RPty8Dy_M3ZI2yzfMRhb8uVNR120U5q-hbq [TRUNCATED] Host: app.pendo.io Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:19 UTC	487	IN	HTTP/1.1 200 OK access-control-allow-credentials: false access-control-allow-headers: * access-control-allow-methods: GET,POST access-control-allow-origin: * access-control-max-age: 600 cache-control: no-store content-type: image/gif x-content-type-options: nosniff date: Mon, 28 Oct 2024 16:48:19 GMT Content-Length: 42 x-envoy-upstream-service-time: 33 server: istio-envoy Via: 1.1 google Strict-Transport-Security: max-age=63072000 Alt-Svc: clear Connection: close
2024-10-28 16:48:19 UTC	42	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b Data Ascii: GIF89a!,D;

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:19 UTC	1288	OUT	GET /data/guide.js/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?id=12&jzb=eJx9kluvqkgQhf8Lk5yno3JV2MnOiYooCEhzEfWFcGkucrVpFHqy__txz0km8zRvVV-tVdVJr7-pZ9EXuEVqQn1QgbUz5VPgBm0XbSTPSVuDpn5SA6rewxzjrv9YLHoYDwjOuhbhsJpXbVY0s6Gf10UN47DH87itF8PiH774leHw84_hBy6bT25eFsqknVtGGViOEDMaVjhVuFshbh4t2Vooj9FdYEsDFsSSy0C12qNpjE4uP3aZJHSPVOPuCt6lUH8pyWpGxyaRzsNYR4mbLtXqWXd6LxcEhnwaa6WRMaL_uKNphSf6gg6aMM_oDRBS6MbqrdrQ485h7G2y_uvPg3_VsO_DDH5CszPvjKK_yNqzn5Le5Amm77aZ8zlRcoft3cMeqA4wm5j4kmVoOT2J0SxyPT9dibEgcHwmc5c0S5S2sLqp756DMkiMD8rl_somk3ZidFuESjTGz-BwstTStSbWFMRnc-lcAtEq5LQETQpYNvaZBsl67acbGIXKGGExzTCWC_6GOQJkZT9dT4CzywnQeuUlxFIiS-GxTXvstR3VEWXAPTm7SeIPy-0rN4ZV5Z59TZbdfDg-ulc52hnozS28dZ7td14HvNn9VvgvafOaRYYAvLTdmjSH8itweM2TIFcxUsCfIEDNStKT5rgvDVqj7XpwyUM34rJKg2W4U28OPN6C7FLs1YzU9xMUO9LsQOXXTlQ89ePDE5XrciaeCHLy-HxLMriyhTH2koudvpNXQxwmIQ6pj3-D-l0W_xPWKmyy4f2FbwVsAs-hvn5SYRy3Q4Pf1nfThQg2eP1f9D7xrWfFBUMvWJrl33ueEPVF23zjOSuwczroUJtQX1-_ARPgFLk&v=2.252.0_prod&ct=1730134096242 HTTP/1.1 Host: app.pendo.io Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-28 16:48:19 UTC	508	IN	HTTP/1.1 200 OK access-control-allow-credentials: false access-control-allow-headers: * access-control-allow-methods: GET,POST access-control-allow-origin: * access-control-max-age: 600 cache-control: no-store content-type: application/javascript x-content-type-options: nosniff date: Mon, 28 Oct 2024 16:48:19 GMT x-envoy-upstream-service-time: 27 server: istio-envoy Via: 1.1 google Strict-Transport-Security: max-age=63072000 Alt-Svc: clear Connection: close Transfer-Encoding: chunked
2024-10-28 16:48:19 UTC	870	IN	Data Raw: 65 35 66 0d 0a 70 65 6e 64 6f 2e 67 75 69 64 65 73 50 61 79 6c 6f 61 64 28 7b 22 67 75 69 64 65 73 22 3a 5b 7b 22 63 72 65 61 74 65 64 42 79 55 73 65 72 22 3a 7b 22 69 64 22 3a 22 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 22 2c 22 66 69 72 73 74 22 3a 22 22 2c 22 6c 61 73 74 22 3a 22 22 2c 22 72 6f 6c 65 22 3a 30 2c 22 75 73 65 72 54 79 70 65 22 3a 22 22 2c 22 68 61 73 4c 6f 67 67 65 64 49 6e 22 3a 66 61 6c 73 65 7d 2c 22 63 72 65 61 74 65 64 41 74 22 3a 31 36 32 30 33 37 37 39 37 34 36 30 34 2c 22 6c 61 73 74 55 70 64 61 74 65 64 42 79 55 73 65 72 22 3a 7b 22 69 64 22 3a 22 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 22 2c 22 66 69 72 73 74 22 3a 22 22 2c 22 6c 61 73 74 22 3a 22 22 2c 22 72 6f 6c 65 22 3a 30 2c 22 75 73 65 72 54 79 70 65 22 3a 22 22 2c 22 Data Ascii: e5fpendo.guidesPayload({"guides":[{"createdByUser":{"id":"","username":"","first":"","last":"","role":0,"userType":"","hasLoggedIn":false},"createdAt":1620377974604,"lastUpdatedByUser":{"id":"","username":"","first":"","last":"","role":0,"userType":"","
2024-10-28 16:48:19 UTC	1378	IN	Data Raw: 31 2e 34 36 22 2c 22 74 79 70 65 22 3a 22 62 75 69 6c 64 69 6e 67 2d 62 6c 6f 63 6b 22 7d 2c 22 61 75 64 69 65 6e 63 65 22 3a 5b 7b 22 73 6f 75 72 63 65 22 3a 7b 22 76 69 73 69 74 6f 72 73 22 3a 6e 75 6c 6c 7d 7d 2c 7b 22 65 76 61 6c 22 3a 7b 22 61 63 63 6f 75 6e 74 49 64 22 3a 22 6d 65 74 61 64 61 74 61 2e 61 75 74 6f 2e 61 63 63 6f 75 6e 74 69 64 73 22 7d 7d 2c 7b 22 75 6e 77 69 6e 64 22 3a 7b 22 66 69 65 6c 64 22 3a 22 61 63 63 6f 75 6e 74 49 64 22 2c 22 6b 65 65 70 45 6d 70 74 79 22 3a 74 72 75 65 7d 7d 2c 7b 22 73 65 6c 65 63 74 22 3a 7b 22 76 69 73 69 74 6f 72 49 64 22 3a 22 76 69 73 69 74 6f 72 49 64 22 7d 7d 5d 2c 22 61 75 64 69 65 6e 63 65 55 69 48 69 6e 74 22 3a 7b 22 66 69 6c 74 65 72 73 22 3a 5b 7b 22 6b 69 6e 64 22 3a 22 76 69 73 69 74 6f 72 Data Ascii: 1.46","type":"building-block"},"audience":[{"source":{"visitors":null}},{"eval":{"accountId":"metadata.auto.accountids"}},{"unwind":{"field":"accountId","keepEmpty":true}},{"select":{"visitorId":"visitorId"}}],"audienceUiHint":{"filters":[{"kind":"visitor
2024-10-28 16:48:19 UTC	1378	IN	Data Raw: 30 34 2e 73 74 6f 72 61 67 65 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 67 75 69 64 65 2d 63 6f 6e 74 65 6e 74 2f 46 6f 55 79 30 48 5a 5a 62 42 73 6f 37 49 6b 6c 47 43 69 72 4b 62 66 4c 48 77 67 2f 77 65 65 4b 5f 58 78 38 79 50 4f 78 37 7a 4c 70 38 7a 52 51 5f 66 61 53 5f 41 34 2f 78 4d 4b 41 72 77 78 72 4f 62 48 66 45 49 57 4b 79 55 52 6b 57 59 42 5a 74 4d 4d 2e 64 6f 6d 2e 6a 73 6f 6e 70 3f 73 68 61 32 35 36 3d 55 4a 36 6c 39 41 51 2d 4a 62 43 34 6e 6a 68 68 30 62 57 46 41 32 43 53 4a 6f 30 41 32 49 4b 59 44 47 4e 45 55 35 6a 55 74 53 59 22 2c 22 72 61 6e 6b 22 3a 31 30 30 30 30 30 30 30 2c 22 61 64 76 61 6e 63 65 4d 65 74 68 6f 64 22 3a 22 62 75 74 74 6f 6e 22 2c 22 61 74 74 72 69 62 75 74 65 73 22 3a 7b 22 62 6c 6f 63 6b 4f 75 74 55 49 22 3a 7b Data Ascii: 04.storage.googleapis.com/guide-content/FoUy0HZZbBso7IklGCirKbfLHwg/weeK_Xx8yPOx7zLp8zRQ_faS_A4/xMKArwxrObHfEIWKyURkWYBZtMM.dom.jsonp?sha256=UJ6l9AQ-JbC4njhh0bWFA2CSJo0A2IKYDGNEU5jUtSY","rank":10000000,"advanceMethod":"button","attributes":{"blockOutUI":{
2024-10-28 16:48:19 UTC	60	IN	Data Raw: 65 67 6d 65 6e 74 49 64 22 3a 22 65 76 65 72 79 6f 6e 65 22 7d 5d 7d 2c 22 61 75 74 68 6f 72 65 64 4c 61 6e 67 75 61 67 65 22 3a 22 65 6e 2d 55 53 22 2c 22 72 65 63 75 72 72 0d 0a Data Ascii: egmentId":"everyone"}]},"authoredLanguage":"en-US","recurr
2024-10-28 16:48:19 UTC	1378	IN	Data Raw: 38 30 30 30 0d 0a 65 6e 63 65 22 3a 30 2c 22 72 65 63 75 72 72 65 6e 63 65 45 6c 69 67 69 62 69 6c 69 74 79 57 69 6e 64 6f 77 22 3a 30 2c 22 72 65 73 65 74 41 74 22 3a 30 2c 22 70 75 62 6c 69 73 68 65 64 41 74 22 3a 31 36 33 32 37 34 30 36 33 33 32 34 31 2c 22 70 75 62 6c 69 73 68 65 64 45 76 65 72 22 3a 66 61 6c 73 65 2c 22 63 75 72 72 65 6e 74 46 69 72 73 74 45 6c 69 67 69 62 6c 65 54 6f 42 65 53 65 65 6e 41 74 22 3a 31 36 33 37 31 36 38 37 31 34 35 33 33 2c 22 69 73 54 6f 70 4c 65 76 65 6c 22 3a 66 61 6c 73 65 2c 22 69 73 4d 6f 64 75 6c 65 22 3a 66 61 6c 73 65 2c 22 65 64 69 74 6f 72 54 79 70 65 22 3a 22 65 6e 67 61 67 65 55 49 22 2c 22 64 65 70 65 6e 64 65 6e 74 4d 65 74 61 64 61 74 61 22 3a 5b 5d 2c 22 61 75 74 6f 43 72 65 61 74 65 46 65 65 64 62 61 Data Ascii: 8000ence":0,"recurrenceEligibilityWindow":0,"resetAt":0,"publishedAt":1632740633241,"publishedEver":false,"currentFirstEligibleToBeSeenAt":1637168714533,"isTopLevel":false,"isModule":false,"editorType":"engageUI","dependentMetadata":[],"autoCreateFeedba
2024-10-28 16:48:19 UTC	1378	IN	Data Raw: 3a 30 7d 2c 7b 22 63 72 65 61 74 65 64 42 79 55 73 65 72 22 3a 7b 22 69 64 22 3a 22 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 22 2c 22 66 69 72 73 74 22 3a 22 22 2c 22 6c 61 73 74 22 3a 22 22 2c 22 72 6f 6c 65 22 3a 30 2c 22 75 73 65 72 54 79 70 65 22 3a 22 22 2c 22 68 61 73 4c 6f 67 67 65 64 49 6e 22 3a 66 61 6c 73 65 7d 2c 22 63 72 65 61 74 65 64 41 74 22 3a 31 37 30 33 30 39 36 31 33 33 36 33 38 2c 22 6c 61 73 74 55 70 64 61 74 65 64 42 79 55 73 65 72 22 3a 7b 22 69 64 22 3a 22 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 22 2c 22 66 69 72 73 74 22 3a 22 22 2c 22 6c 61 73 74 22 3a 22 22 2c 22 72 6f 6c 65 22 3a 30 2c 22 75 73 65 72 54 79 70 65 22 3a 22 22 2c 22 68 61 73 4c 6f 67 67 65 64 49 6e 22 3a 66 61 6c 73 65 7d 2c 22 6c 61 73 74 55 70 64 61 74 65 64 Data Ascii: :0},{"createdByUser":{"id":"","username":"","first":"","last":"","role":0,"userType":"","hasLoggedIn":false},"createdAt":1703096133638,"lastUpdatedByUser":{"id":"","username":"","first":"","last":"","role":0,"userType":"","hasLoggedIn":false},"lastUpdated
2024-10-28 16:48:19 UTC	1378	IN	Data Raw: 3b 5b 5e 23 5d 2a 29 3f 28 3f 3a 5c 5c 3f 5b 5e 23 5d 2a 29 3f 23 28 3f 3a 5c 5c 21 29 3f 2f 61 64 6d 69 6e 69 73 74 72 61 74 69 6f 6e 2d 64 61 73 68 62 6f 61 72 64 28 3f 3a 3b 5b 5e 23 5d 2a 29 3f 28 3f 3a 5c 5c 3f 5b 5e 23 5d 2a 29 3f 24 7c 5e 68 74 74 70 73 3f 3a 2f 2f 5b 5e 2f 5d 2a 2f 61 64 6d 69 6e 2f 3f 28 3f 3a 3b 5b 5e 23 5d 2a 29 3f 28 3f 3a 5c 5c 3f 5b 5e 23 5d 2a 29 3f 23 28 3f 3a 5c 5c 21 29 3f 2f 61 64 6d 69 6e 69 73 74 72 61 74 69 6f 6e 2d 64 61 73 68 62 6f 61 72 64 28 3f 3a 3b 5b 5e 23 5d 2a 29 3f 28 3f 3a 5c 5c 3f 5b 5e 23 5d 2a 29 3f 24 7c 5e 68 74 74 70 73 3f 3a 2f 2f 5b 5e 2f 5d 2a 2f 61 64 6d 69 6e 2f 3f 28 3f 3a 3b 5b 5e 23 5d 2a 29 3f 28 3f 3a 5c 5c 3f 5b 5e 23 5d 2a 29 3f 23 61 64 6d 69 6e 69 73 74 72 61 74 69 6f 6e 2d 64 61 73 68 Data Ascii: ;[^#])?(?:\\?[^#])?#(?:\\!)?/administration-dashboard(?:;[^#])?(?:\\?[^#])?$\|^https?://[^/]/admin/?(?:;[^#])?(?:\\?[^#])?#(?:\\!)?/administration-dashboard(?:;[^#])?(?:\\?[^#])?$\|^https?://[^/]/admin/?(?:;[^#])?(?:\\?[^#])?#administration-dash
2024-10-28 16:48:19 UTC	1378	IN	Data Raw: 22 61 64 76 61 6e 63 65 4d 65 74 68 6f 64 22 3a 22 62 75 74 74 6f 6e 22 2c 22 61 74 74 72 69 62 75 74 65 73 22 3a 7b 22 61 64 76 61 6e 63 65 41 63 74 69 6f 6e 73 22 3a 6e 75 6c 6c 2c 22 62 6c 6f 63 6b 4f 75 74 55 49 22 3a 7b 22 61 64 64 69 74 69 6f 6e 61 6c 45 6c 65 6d 65 6e 74 73 22 3a 22 22 2c 22 65 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 70 61 64 64 69 6e 67 22 3a 7b 22 62 6f 74 74 6f 6d 22 3a 30 2c 22 6c 65 66 74 22 3a 30 2c 22 72 69 67 68 74 22 3a 30 2c 22 74 6f 70 22 3a 30 7d 7d 2c 22 65 6c 65 6d 65 6e 74 53 65 6c 65 63 74 69 6f 6e 54 79 70 65 22 3a 22 73 75 67 67 65 73 74 65 64 22 2c 22 69 73 41 75 74 6f 46 6f 63 75 73 22 3a 74 72 75 65 2c 22 6c 61 79 6f 75 74 44 69 72 22 3a 22 72 69 67 68 74 22 2c 22 74 68 65 6d 65 49 64 22 3a 22 6e 79 52 4e Data Ascii: "advanceMethod":"button","attributes":{"advanceActions":null,"blockOutUI":{"additionalElements":"","enabled":false,"padding":{"bottom":0,"left":0,"right":0,"top":0}},"elementSelectionType":"suggested","isAutoFocus":true,"layoutDir":"right","themeId":"nyRN
2024-10-28 16:48:19 UTC	1378	IN	Data Raw: 35 36 3d 37 6e 68 35 50 53 4e 48 71 53 79 6c 68 72 73 4e 71 4d 30 55 33 37 75 73 4f 72 35 76 33 53 31 6d 33 49 38 55 6f 6f 47 59 6d 49 38 22 2c 22 72 61 6e 6b 22 3a 32 2c 22 61 64 76 61 6e 63 65 4d 65 74 68 6f 64 22 3a 22 22 2c 22 61 74 74 72 69 62 75 74 65 73 22 3a 7b 22 62 6c 6f 63 6b 4f 75 74 55 49 22 3a 7b 22 61 64 64 69 74 69 6f 6e 61 6c 45 6c 65 6d 65 6e 74 73 22 3a 22 22 2c 22 65 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 70 61 64 64 69 6e 67 22 3a 7b 22 62 6f 74 74 6f 6d 22 3a 30 2c 22 6c 65 66 74 22 3a 30 2c 22 72 69 67 68 74 22 3a 30 2c 22 74 6f 70 22 3a 30 7d 7d 2c 22 65 6c 65 6d 65 6e 74 53 65 6c 65 63 74 69 6f 6e 54 79 70 65 22 3a 22 73 75 67 67 65 73 74 65 64 22 2c 22 69 73 41 75 74 6f 46 6f 63 75 73 22 3a 74 72 75 65 2c 22 6c 61 79 6f 75 Data Ascii: 56=7nh5PSNHqSylhrsNqM0U37usOr5v3S1m3I8UooGYmI8","rank":2,"advanceMethod":"","attributes":{"blockOutUI":{"additionalElements":"","enabled":false,"padding":{"bottom":0,"left":0,"right":0,"top":0}},"elementSelectionType":"suggested","isAutoFocus":true,"layou
2024-10-28 16:48:19 UTC	1378	IN	Data Raw: 22 3a 7b 22 61 64 64 69 74 69 6f 6e 61 6c 45 6c 65 6d 65 6e 74 73 22 3a 22 22 2c 22 65 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 70 61 64 64 69 6e 67 22 3a 7b 22 62 6f 74 74 6f 6d 22 3a 30 2c 22 6c 65 66 74 22 3a 30 2c 22 72 69 67 68 74 22 3a 30 2c 22 74 6f 70 22 3a 30 7d 7d 2c 22 65 6c 65 6d 65 6e 74 53 65 6c 65 63 74 69 6f 6e 54 79 70 65 22 3a 22 73 75 67 67 65 73 74 65 64 22 2c 22 69 73 41 75 74 6f 46 6f 63 75 73 22 3a 74 72 75 65 2c 22 6c 61 79 6f 75 74 44 69 72 22 3a 22 72 69 67 68 74 22 2c 22 74 68 65 6d 65 49 64 22 3a 22 6e 79 52 4e 49 30 62 64 51 64 54 5f 37 53 71 6c 4b 77 2d 68 59 51 72 4e 43 49 30 22 7d 2c 22 6c 61 73 74 55 70 64 61 74 65 64 41 74 22 3a 31 37 30 36 32 37 37 39 31 37 37 31 36 2c 22 72 65 73 65 74 41 74 22 3a 31 37 30 36 36 32 Data Ascii: ":{"additionalElements":"","enabled":false,"padding":{"bottom":0,"left":0,"right":0,"top":0}},"elementSelectionType":"suggested","isAutoFocus":true,"layoutDir":"right","themeId":"nyRNI0bdQdT_7SqlKw-hYQrNCI0"},"lastUpdatedAt":1706277917716,"resetAt":170662

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:19 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=625blHBBocdSL7D&MD=5nDxeLNw HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-10-28 16:48:19 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" MS-CorrelationId: b937ca6a-f5ec-4388-a211-337076aed88e MS-RequestId: e16949cc-cac6-40c6-8e2f-d04b70f7c655 MS-CV: nveL32qSrUyKq09/.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Mon, 28 Oct 2024 16:48:18 GMT Connection: close Content-Length: 24490
2024-10-28 16:48:19 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-10-28 16:48:19 UTC	8666	IN	Data Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:47 UTC	422	OUT	POST /RST2.srf HTTP/1.0 Connection: Keep-Alive Content-Type: application/soap+xml Accept: / User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68}) Content-Length: 3592 Host: login.live.com
2024-10-28 16:48:47 UTC	3592	OUT	Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
2024-10-28 16:48:47 UTC	569	IN	HTTP/1.1 200 OK Cache-Control: no-store, no-cache Pragma: no-cache Content-Type: application/soap+xml; charset=utf-8 Expires: Mon, 28 Oct 2024 16:47:47 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: C539_SN1 x-ms-request-id: ed8629f7-d3d0-4326-a96a-22e25bc23e27 PPServer: PPV: 30 H: SN1PEPF0002F0A5 V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Date: Mon, 28 Oct 2024 16:48:47 GMT Connection: close Content-Length: 11392
2024-10-28 16:48:47 UTC	11392	IN	Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:49 UTC	422	OUT	POST /RST2.srf HTTP/1.0 Connection: Keep-Alive Content-Type: application/soap+xml Accept: / User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68}) Content-Length: 4775 Host: login.live.com
2024-10-28 16:48:49 UTC	4775	OUT	Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
2024-10-28 16:48:49 UTC	569	IN	HTTP/1.1 200 OK Cache-Control: no-store, no-cache Pragma: no-cache Content-Type: application/soap+xml; charset=utf-8 Expires: Mon, 28 Oct 2024 16:47:49 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: C539_BL2 x-ms-request-id: ddad25bc-6fae-4600-8187-7263809017d1 PPServer: PPV: 30 H: BL02EPF0001D8C3 V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Date: Mon, 28 Oct 2024 16:48:48 GMT Connection: close Content-Length: 11412
2024-10-28 16:48:49 UTC	11412	IN	Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200

Timestamp	Bytes transferred	Direction	Data
2024-10-28 16:48:50 UTC	422	OUT	POST /RST2.srf HTTP/1.0 Connection: Keep-Alive Content-Type: application/soap+xml Accept: / User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68}) Content-Length: 4828 Host: login.live.com
2024-10-28 16:48:50 UTC	4828	OUT	Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
2024-10-28 16:48:51 UTC	569	IN	HTTP/1.1 200 OK Cache-Control: no-store, no-cache Pragma: no-cache Content-Type: application/soap+xml; charset=utf-8 Expires: Mon, 28 Oct 2024 16:47:51 GMT P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: C539_SN1 x-ms-request-id: 353110e8-778d-480f-84b0-feca0afac0a9 PPServer: PPV: 30 H: SN1PEPF0002F963 V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Date: Mon, 28 Oct 2024 16:48:50 GMT Connection: close Content-Length: 11197
2024-10-28 16:48:51 UTC	11197	IN	Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200