Edit tour

Windows Analysis Report
https://bioaquatictesting-my.sharepoint.com/:f:/g/personal/securedocument_bio-aquatic_com/EqfT1pjHkSVIsZ_uZ-FoAy4BgWwRj-5I-q_oaUpvi5Mxeg?e=eaqeTT

Overview

General Information

Sample URL:	https://bioaquatictesting-my.sharepoint.com/:f:/g/personal/securedocument_bio-aquatic_com/EqfT1pjHkSVIsZ_uZ-FoAy4BgWwRj-5I-q_oaUpvi5Mxeg?e=eaqeTT
Analysis ID:	1544954
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 2076 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6764 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1720,i,11745549811523308955,2484393396440175979,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6404 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://bioaquatictesting-my.sharepoint.com/:f:/g/personal/securedocument_bio-aquatic_com/EqfT1pjHkSVIsZ_uZ-FoAy4BgWwRj-5I-q_oaUpvi5Mxeg?e=eaqeTT" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

HTTP traffic detected: POST /personal/securedocument_bio-aquatic_com/_api/v2.1/graphql HTTP/1.1Host: bioaquatictesting-my.sharepoint.comConnection: keep-aliveContent-Length: 507sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/json;odata=verboseContent-Type: application/json;odata=verboseX-ServiceWorker-Strategy: CacheFirstsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://bioaquatictesting-my.sharepoint.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://bioaquatictesting-my.sharepoint.com/personal/securedocument_bio-aquatic_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%2FKravis%20Center%20for%20the%20Performing%20Arts&ga=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0NythK2JXZXRaN0hWcnV2Zm1mZ0tFcmdrSnBPakd2T3dmWm9EOEF1ZDgwcEZtVUJSMVFJTStvQm5rMVVHOTc5Yi9IdHgzVHR5aEZJOEhuWHh5dmpUU3psSVFIUHJnZTR3dz09PC9TUD4=; FeatureOverrides_experiments=[]

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 29 Oct 2024 21:16:08 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: rthVfB02fpQZMKQIovQhSmu06EXyzviNfXU=$InfcJVuQinjidj7yServer: cloudflareCF-RAY: 8da62f5b3a462857-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 29 Oct 2024 21:16:12 GMTContent-Type: application/jsonContent-Length: 7Connection: closecf-chl-out: 6std16WfmnB3BKu6x5T7OMjF1UZ8zZUGhTg=$wu1qZpVc1/yrPdvKcache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Server: cloudflareCF-RAY: 8da62f728de46c68-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 29 Oct 2024 21:16:16 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: UPAGa/wn7F3xYtQPa+BsLlq4+uNqcMj/O2g=$pqGx2JSeMKgbAkpLServer: cloudflareCF-RAY: 8da62f8ae81eeb16-DFWalt-svc: h3=":443"; ma=86400

Source: chromecache_745.1.dr, chromecache_617.1.dr, chromecache_513.1.dr, chromecache_509.1.dr, chromecache_755.1.dr, chromecache_709.1.dr	String found in binary or memory: http://fb.me/use-check-prop-types
Source: chromecache_712.1.dr, chromecache_685.1.dr, chromecache_475.1.dr	String found in binary or memory: http://www.contoso.com
Source: chromecache_525.1.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: chromecache_516.1.dr, chromecache_716.1.dr, chromecache_541.1.dr	String found in binary or memory: https://1drv.com/
Source: chromecache_516.1.dr, chromecache_716.1.dr, chromecache_541.1.dr	String found in binary or memory: https://centralus1-mediad.svc.ms
Source: chromecache_578.1.dr, chromecache_608.1.dr, chromecache_737.1.dr, chromecache_736.1.dr	String found in binary or memory: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Source: chromecache_516.1.dr, chromecache_541.1.dr	String found in binary or memory: https://clients.config.office.net/user/v1.0/web/policies
Source: chromecache_516.1.dr, chromecache_716.1.dr, chromecache_541.1.dr	String found in binary or memory: https://livefilestore.com/
Source: chromecache_532.1.dr, chromecache_640.1.dr	String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_516.1.dr, chromecache_515.1.dr, chromecache_716.1.dr, chromecache_541.1.dr, chromecache_544.1.dr	String found in binary or memory: https://media.cloudapp.net
Source: chromecache_608.1.dr, chromecache_737.1.dr, chromecache_736.1.dr	String found in binary or memory: https://mercyassurance.site/?udjgtgaa
Source: chromecache_532.1.dr, chromecache_640.1.dr	String found in binary or memory: https://microsoft.spfx3rdparty.com
Source: chromecache_516.1.dr, chromecache_515.1.dr, chromecache_716.1.dr, chromecache_541.1.dr, chromecache_544.1.dr	String found in binary or memory: https://northcentralus1-medias.svc.ms
Source: chromecache_668.1.dr, chromecache_746.1.dr, chromecache_716.1.dr, chromecache_673.1.dr	String found in binary or memory: https://onedrive.cloud.microsoft
Source: chromecache_668.1.dr, chromecache_746.1.dr, chromecache_716.1.dr, chromecache_673.1.dr	String found in binary or memory: https://onedrive.dev.cloud.microsoft
Source: chromecache_583.1.dr, chromecache_529.1.dr	String found in binary or memory: https://onedrive.live.com/?gologin=1
Source: chromecache_532.1.dr, chromecache_640.1.dr	String found in binary or memory: https://onedrive.live.com/sa
Source: chromecache_516.1.dr, chromecache_716.1.dr, chromecache_541.1.dr	String found in binary or memory: https://portal.office.com/
Source: chromecache_602.1.dr	String found in binary or memory: https://profilefordocdoc.site/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3By
Source: chromecache_708.1.dr	String found in binary or memory: https://reactjs.org/link/react-polyfills
Source: chromecache_516.1.dr, chromecache_541.1.dr	String found in binary or memory: https://res-1-sdf.cdn.office.net
Source: chromecache_583.1.dr, chromecache_516.1.dr, chromecache_541.1.dr	String found in binary or memory: https://res-1.cdn.office.net
Source: chromecache_652.1.dr, chromecache_717.1.dr, chromecache_507.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets
Source: chromecache_583.1.dr, chromecache_661.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-10-11.005/
Source: chromecache_661.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-10-11.005/stsserviceworkerprefetch/stsservicew
Source: chromecache_598.1.dr, chromecache_484.1.dr, chromecache_661.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-10-18.010/
Source: chromecache_661.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-10-18.010/spserviceworker.js
Source: chromecache_598.1.dr, chromecache_484.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-10-18.010/spwebworker.js
Source: chromecache_583.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp-media-3b870ca1
Source: chromecache_583.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.1ds/odsp.1ds.lib-b7da68fc
Source: chromecache_583.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.aria/odsp.aria.lib-ab227069
Source: chromecache_583.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.fluentui.core/fui.core-97518b2a
Source: chromecache_583.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.fluentui.utilities/fui.util-93de749b
Source: chromecache_583.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.knockout/odsp.knockout.lib-447adea9
Source: chromecache_583.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.react/odsp.react.lib-9ea4d016
Source: chromecache_583.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.tslib/tslib-6a7224b3
Source: chromecache_583.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.utilities/odsp.util-644642c2
Source: chromecache_583.1.dr	String found in binary or memory: https://res-2.cdn.office.net/files/odsp-web-prod_2024-10-11.005/
Source: chromecache_583.1.dr	String found in binary or memory: https://shell.cdn.office.net
Source: chromecache_583.1.dr, chromecache_661.1.dr	String found in binary or memory: https://shell.cdn.office.net/api/ShellBootstrapper/business/OneShell
Source: chromecache_516.1.dr, chromecache_541.1.dr	String found in binary or memory: https://shellppe.msocdn.com
Source: chromecache_516.1.dr, chromecache_541.1.dr	String found in binary or memory: https://shellprod.msocdn.com
Source: chromecache_583.1.dr	String found in binary or memory: https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/leelawadeeui-thai/leelawadeeui-bold.w
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/leelawadeeui-thai/leelawadeeui-regula
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/leelawadeeui-thai/leelawadeeui-semili
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-bold.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-bold.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-light.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-light.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-regular.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-regular.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semibold.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semibold.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semilight.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-bold.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-bold.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-light.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-light.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-regular.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-semibold.wof
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-semilight.wo
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-bold.wof
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-light.wo
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-regular.
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-semibold
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-semiligh
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-bold.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-bold.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-light.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-light.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-regular.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-regular.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semibold.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semibold.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semilight.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semilight.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-bold.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-bold.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-light.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-light.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-regular.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-regular.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semibold.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semibold.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semilight.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-bold.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-bold.woff2
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-light.woff
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-regular.wo
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-semibold.w
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-semilight.
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-bold.wof
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.wo
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold
Source: chromecache_628.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semiligh
Source: chromecache_516.1.dr, chromecache_668.1.dr, chromecache_716.1.dr, chromecache_541.1.dr	String found in binary or memory: https://substrate.office.com
Source: chromecache_721.1.dr, chromecache_740.1.dr	String found in binary or memory: https://support.office.com/en-us/article/Manage-lists-and-libraries-with-many-items-b8588dae-9387-48
Source: chromecache_529.1.dr	String found in binary or memory: https://www.office.com/login?prompt=select_account&ru=%2Flaunch%2F$
Source: chromecache_583.1.dr	String found in binary or memory: https://www.office.com/login?prompt=select_account&ru=%2Flaunch%2Fonedrive
Source: chromecache_529.1.dr	String found in binary or memory: https://www.office.com/login?ru=%2Flaunch%2F$
Source: chromecache_583.1.dr	String found in binary or memory: https://www.office.com/login?ru=%2Flaunch%2Fonedrive

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50071
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 50064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49752 version: TLS 1.2

Source: classification engine

Classification label: mal48.win@22/484@60/14

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1720,i,11745549811523308955,2484393396440175979,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://bioaquatictesting-my.sharepoint.com/:f:/g/personal/securedocument_bio-aquatic_com/EqfT1pjHkSVIsZ_uZ-FoAy4BgWwRj-5I-q_oaUpvi5Mxeg?e=eaqeTT"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1720,i,11745549811523308955,2484393396440175979,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Source: chromecache_582.1.dr, chromecache_481.1.dr, chromecache_574.1.dr	Binary or memory string: ",ConnectVirtualMachine:"
Source: chromecache_582.1.dr, chromecache_481.1.dr, chromecache_574.1.dr	Binary or memory string: ",DisconnectVirtualMachine:"

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	1 Security Software Discovery	Remote Services	1 Archive Collected Data	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://bioaquatictesting-my.sharepoint.com/:f:/g/personal/securedocument_bio-aquatic_com/EqfT1pjHkSVIsZ_uZ-FoAy4BgWwRj-5I-q_oaUpvi5Mxeg?e=eaqeTT	100%	SlashNext	Credential Stealing type: Phishing & Social Engineering

Source	Detection	Scanner	Label
http://www.opensource.org/licenses/mit-license.php	0%	URL Reputation	safe
https://substrate.office.com	0%	URL Reputation	safe
https://reactjs.org/link/react-polyfills	0%	URL Reputation	safe
https://login.microsoftonline.com	0%	URL Reputation	safe
http://fb.me/use-check-prop-types	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
mercyassurance.site	45.146.234.135	true	false	unknown
dual-spo-0005.spo-msedge.net	13.107.136.10	true	false	unknown
challenges.cloudflare.com	104.18.95.41	true	false	unknown
ecf9f5d4.5488c3d0d3cad43764af2694.workers.dev	188.114.96.3	true	false	unknown
www.google.com	216.58.206.36	true	false	unknown
HHN-efz.ms-acdc.office.com	52.98.171.242	true	false	unknown
profilefordocdoc.site	45.146.234.135	true	false	unknown
FRA-efz.ms-acdc.office.com	52.98.178.210	true	false	unknown
sni1gl.wpc.sigmacdn.net	152.199.21.175	true	false	unknown
bioaquatictesting-my.sharepoint.com	unknown	unknown	false	unknown
bioaquatictesting.sharepoint.com	unknown	unknown	false	unknown
r4.res.office365.com	unknown	unknown	false	unknown
outlook.office.com	unknown	unknown	false	unknown
m365cdn.nel.measure.office.net	unknown	unknown	false	unknown
spo.nel.measure.office.net	unknown	unknown	false	unknown
upload.fp.measure.office.com	unknown	unknown	false	unknown
config.fp.measure.office.com	unknown	unknown	false	unknown
tr-ooc-acdc.office.com	unknown	unknown	false	unknown
c0149d99fde159617d8e36f080b49aff.fp.measure.office.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Reputation
https://ecf9f5d4.5488c3d0d3cad43764af2694.workers.dev/favicon.ico	false	unknown
https://bioaquatictesting-my.sharepoint.com/_layouts/15/SPComponentRegistry.ashx?projects=[%22STS%22]&languages=%5B%5D	false	unknown
https://mercyassurance.site/?udjgtgaa	false	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8da62f46ce314696/1730236567653/8ecd4f25404bcf125d69fcf8a87fc286caf76e5a5dab48c4b3939caab3d2b433/oWTYv0K7VjGtnqP	false	unknown
about:blank	false	unknown
https://ecf9f5d4.5488c3d0d3cad43764af2694.workers.dev/	false	unknown
https://bioaquatictesting-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true&siteConfigRace=true	false	unknown
https://challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js	false	unknown
https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	false	unknown
https://bioaquatictesting.sharepoint.com/_vti_bin/afdcache.ashx/_userprofile/userphoto.jpg?_oat_=1730271948_ef6d5f77f53ee0995ffb822849d4e41231eb693fcd5bcd06f8a01faee3198610&P1=1730239537&P2=-149452251&P3=1&P4=s5Rua3zKoQMriF9ENufenKumHtecir2zTpedCPgvmWPk30BGUoP0SJxk0WSaJE0GbfsC90vc72K8T%2BDYSMDv7uyoKxYz4XhUcovwPMNY6BkZZu4A6kywgdA57b0l7igEozqfXilLNA%2F%2B6vwa5vxHZr9TEjoe%2BUlnhoSogvZMROmrvrnYqAmTK06alGZbV5TL4lG38j01mg21Hc18RaOqe%2BaR8LW5rURe8iau9EMm27t0gV2UHl2ph%2B3TUSRwu4oIFATq0ewr6Cj2Gg9WpNGEkZQbedOaAYGuV%2Fp0uRZ4Dybrv%2BuazooVGFx9NHUDklx81uLimKm6V5BL3F4ikOlDYw%3D%3D&size=M&accountname=securedocument%40bio-aquatic.com	false	unknown
https://bioaquatictesting-my.sharepoint.com/_layouts/15/spwebworkerproxy.ashx	false	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1	false	unknown
https://bioaquatictesting-my.sharepoint.com/personal/securedocument_bio-aquatic_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%2FKravis%20Center%20for%20the%20Performing%20Arts&ga=1	false	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8da62f46ce314696&lang=auto	false	unknown
https://tr-ooc-acdc.office.com/apc/trans.gif?669b15a5e7af14e37d390cbe13e8e087	false	unknown
https://bioaquatictesting-my.sharepoint.com/_layouts/15/SPComponentRegistry.ashx?projects=[%22spfx%22]&languages=%5B%5D	false	unknown
https://bioaquatictesting-my.sharepoint.com/personal/securedocument_bio-aquatic_com/_layouts/15/CSPReporting.aspx	false	unknown
https://outlook.office.com/apc/trans.gif?b78390c9e3d8e295b99594d42d0e8b5c	false	unknown
https://bioaquatictesting-my.sharepoint.com/:f:/g/personal/securedocument_bio-aquatic_com/EqfT1pjHkSVIsZ_uZ-FoAy4BgWwRj-5I-q_oaUpvi5Mxeg?e=eaqeTT	true	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/avtok/0x4AAAAAAAyqhdsS748m01Iy/auto/fbE/normal/auto/	false	unknown
https://bioaquatictesting-my.sharepoint.com/personal/securedocument_bio-aquatic_com/_api/v2.1/graphql	false	unknown
https://outlook.office.com/apc/trans.gif?becfa8bc415428344db40631b306b365	false	unknown
https://profilefordocdoc.site/mail/	false	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1998701899:1730234443:Lwng_uon9EBlqVf_OwLTCeaoBddYvZZMnG7SnJ47QYs/8da62f46ce314696/EO0cJRx97HDDZuUel89VEbDMwCOeAGslO55MJMWuQrA-1730236565-1.1.1.1-tRUrelRR2SbLwLh6vk60CiYzh9YugjlJrNK38KKD5xtqpaUyHbsojPyB1iL63eLU	false	unknown
https://mercyassurance.site/?udjgtgaa=9a39987b0b60fec5006df30a8df8a3c8aa154aaca41dbce7edab646c5141f50fab7c3c72e42c2dc3994509c6bb7161d84e8ed17dca7526c9bfd6cd2b5d243e03	false	unknown
https://bioaquatictesting-my.sharepoint.com/_layouts/15/images/odbfavicon.ico?rev=47	false	unknown
https://profilefordocdoc.site/	false	unknown
https://tr-ooc-acdc.office.com/apc/trans.gif?a0612edc05412c5bcc3585a5aa793a37	false	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-light.woff	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semilight.woff2	chromecache_628.1.dr	false		unknown
https://support.office.com/en-us/article/Manage-lists-and-libraries-with-many-items-b8588dae-9387-48	chromecache_721.1.dr, chromecache_740.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/leelawadeeui-thai/leelawadeeui-regula	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-light.woff	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semibold.woff2	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-semibold.w	chromecache_628.1.dr	false		unknown
http://www.opensource.org/licenses/mit-license.php	chromecache_525.1.dr	false	URL Reputation: safe	unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-bold.woff	chromecache_628.1.dr	false		unknown
https://northcentralus1-medias.svc.ms	chromecache_516.1.dr, chromecache_515.1.dr, chromecache_716.1.dr, chromecache_541.1.dr, chromecache_544.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-light.woff2	chromecache_628.1.dr	false		unknown
https://onedrive.live.com/?gologin=1	chromecache_583.1.dr, chromecache_529.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.wo	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-regular.woff2	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-light.woff2	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-light.woff2	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-bold.woff	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semibold.woff	chromecache_628.1.dr	false		unknown
https://profilefordocdoc.site/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3By	chromecache_602.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-semilight.	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semibold.woff2	chromecache_628.1.dr	false		unknown
https://1drv.com/	chromecache_516.1.dr, chromecache_716.1.dr, chromecache_541.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-bold.wof	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-light.woff	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-bold.woff	chromecache_628.1.dr	false		unknown
https://substrate.office.com	chromecache_516.1.dr, chromecache_668.1.dr, chromecache_716.1.dr, chromecache_541.1.dr	false	URL Reputation: safe	unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-regular.woff	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-regular.woff2	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-bold.woff2	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-regular.woff	chromecache_628.1.dr	false		unknown
https://onedrive.dev.cloud.microsoft	chromecache_668.1.dr, chromecache_746.1.dr, chromecache_716.1.dr, chromecache_673.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-bold.woff2	chromecache_628.1.dr	false		unknown
https://www.office.com/login?prompt=select_account&ru=%2Flaunch%2Fonedrive	chromecache_583.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-regular.	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-light.wo	chromecache_628.1.dr	false		unknown
https://www.office.com/login?ru=%2Flaunch%2F$	chromecache_529.1.dr	false		unknown
https://shellppe.msocdn.com	chromecache_516.1.dr, chromecache_541.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semibold.woff	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-semibold.wof	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-bold.woff2	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-semiligh	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semilight.woff	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-regular.wo	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/leelawadeeui-thai/leelawadeeui-bold.w	chromecache_628.1.dr	false		unknown
https://microsoft.spfx3rdparty.com	chromecache_532.1.dr, chromecache_640.1.dr	false		unknown
https://reactjs.org/link/react-polyfills	chromecache_708.1.dr	false	URL Reputation: safe	unknown
https://login.microsoftonline.com	chromecache_532.1.dr, chromecache_640.1.dr	false	URL Reputation: safe	unknown
https://onedrive.live.com/sa	chromecache_532.1.dr, chromecache_640.1.dr	false		unknown
https://onedrive.cloud.microsoft	chromecache_668.1.dr, chromecache_746.1.dr, chromecache_716.1.dr, chromecache_673.1.dr	false		unknown
https://shellprod.msocdn.com	chromecache_516.1.dr, chromecache_541.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-regular.woff2	chromecache_628.1.dr	false		unknown
https://www.office.com/login?prompt=select_account&ru=%2Flaunch%2F$	chromecache_529.1.dr	false		unknown
https://centralus1-mediad.svc.ms	chromecache_516.1.dr, chromecache_716.1.dr, chromecache_541.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-semilight.wo	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-regular.woff	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semibold.woff2	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-bold.woff2	chromecache_628.1.dr	false		unknown
https://portal.office.com/	chromecache_516.1.dr, chromecache_716.1.dr, chromecache_541.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-bold.woff	chromecache_628.1.dr	false		unknown
https://clients.config.office.net/user/v1.0/web/policies	chromecache_516.1.dr, chromecache_541.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-light.woff	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semilight.woff	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semilight.woff	chromecache_628.1.dr	false		unknown
http://fb.me/use-check-prop-types	chromecache_745.1.dr, chromecache_617.1.dr, chromecache_513.1.dr, chromecache_509.1.dr, chromecache_755.1.dr, chromecache_709.1.dr	false	URL Reputation: safe	unknown
https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js	chromecache_583.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-light.woff	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-light.woff2	chromecache_628.1.dr	false		unknown
https://livefilestore.com/	chromecache_516.1.dr, chromecache_716.1.dr, chromecache_541.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-regular.woff	chromecache_628.1.dr	false		unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-bold.wof	chromecache_628.1.dr	false		unknown
http://www.contoso.com	chromecache_712.1.dr, chromecache_685.1.dr, chromecache_475.1.dr	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.107.136.10	dual-spo-0005.spo-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.18.94.41	unknown	United States	13335	CLOUDFLARENETUS	false
52.98.171.242	HHN-efz.ms-acdc.office.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.98.252.66	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.98.179.130	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
216.58.206.36	www.google.com	United States	15169	GOOGLEUS	false
52.98.178.210	FRA-efz.ms-acdc.office.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.18.95.41	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
45.146.234.135	mercyassurance.site	Slovenia	207746	PROTEUS-ASSI	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
188.114.97.3	unknown	European Union	13335	CLOUDFLARENETUS	false
188.114.96.3	ecf9f5d4.5488c3d0d3cad43764af2694.workers.dev	European Union	13335	CLOUDFLARENETUS	false
152.199.21.175	sni1gl.wpc.sigmacdn.net	United States	15133	EDGECASTUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1544954
Start date and time:	2024-10-29 22:14:32 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 12s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://bioaquatictesting-my.sharepoint.com/:f:/g/personal/securedocument_bio-aquatic_com/EqfT1pjHkSVIsZ_uZ-FoAy4BgWwRj-5I-q_oaUpvi5Mxeg?e=eaqeTT
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	13
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.win@22/484@60/14
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.163, 64.233.184.84, 142.250.185.174, 34.104.35.123, 104.102.55.235, 2.23.209.11, 2.23.209.42, 2.23.209.46, 2.23.209.24, 217.20.57.35, 72.247.153.153, 72.247.153.209, 40.79.189.59, 20.42.73.24, 104.208.16.91, 142.250.186.99, 20.44.10.123, 2.23.209.56, 2.23.209.14, 2.23.209.53, 2.23.209.15, 2.16.238.152, 2.16.238.149, 2.16.168.12, 2.16.168.7, 23.38.98.104, 23.38.98.96, 13.107.6.163, 52.98.154.130, 52.98.149.146, 52.98.149.130, 52.98.154.146, 216.58.206.78
Excluded domains from analysis (whitelisted): 193497-ipv4v6e.farm.dprodmgd105.sharepointonline.com.akadns.net, res-2.cdn.office.net, slscr.update.microsoft.com, e40491.dscd.akamaiedge.net, onedscolprdeus03.eastus.cloudapp.azure.com, clientservices.googleapis.com, res-1.cdn.office.net, browser.events.data.trafficmanager.net, a1894.dscb.akamai.net, mobile.events.data.microsoft.com, onedscolprdcus05.centralus.cloudapp.azure.com, onedscolprdcus17.centralus.cloudapp.azure.com, cdn-office.azureedge.net, clients2.google.com, onedscolprdjpe05.japaneast.cloudapp.azure.com, mmx-mvp.trafficmanager.net, shell.cdn.office.net, update.googleapis.com, 4.perf.msedge.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net, clients1.google.com, e40491.dscg.akamaiedge.net, fs.microsoft.com, accounts.google.com, ctldl.windowsupdate.com, fpc.msedge.net, e19254.dscg.akamaiedge.net, cdn-office.ec.azureedge.net, shell.cdn.office.net-c.edgekey.net.globalredir.akadns.net, fe3cr.delivery.mp.microsoft.com, shell.cdn.office.net-c.e
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://bioaquatictesting-my.sharepoint.com/:f:/g/personal/securedocument_bio-aquatic_com/EqfT1pjHkSVIsZ_uZ-FoAy4BgWwRj-5I-q_oaUpvi5Mxeg?e=eaqeTT

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 20:15:03 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.99367407508108
Encrypted:	false
SSDEEP:	48:8med6OTaKJRQHfidAKZdA1FehwiZUklqehqy+3:8COugRUFy
MD5:	8CF9DF33E0054CD9C17D5F87246AB1EA
SHA1:	3B0677BFE6F5ADE2F4388ACFCAE27D114AAF2AD0
SHA-256:	D1F692A01EB460CBDE8B891E176D58EC1DB36AD8DE8DCA5F4F19FCDBC610BE98
SHA-512:	AF8E4836B51BD2FE93BD5E1B4D740158D42CFA0D9BA0F338683F8FBCF2F42B6E79F294AD3EB9433792F2DC9AE8FCB3F47878B50B494053CCC6EA7F4D5E7A080C
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....F..G..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I]Y.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Y.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V]Y.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V]Y............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V]Y............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............7.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e..C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Source: https://ecf9f5d4.5488c3d0d3cad43764af2694.workers.dev/	HTTP Parser: No favicon
Source: https://ecf9f5d4.5488c3d0d3cad43764af2694.workers.dev/	HTTP Parser: No favicon

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108

Source: global traffic	DNS traffic detected: DNS query: bioaquatictesting-my.sharepoint.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: m365cdn.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: bioaquatictesting.sharepoint.com
Source: global traffic	DNS traffic detected: DNS query: ecf9f5d4.5488c3d0d3cad43764af2694.workers.dev
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: spo.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: r4.res.office365.com
Source: global traffic	DNS traffic detected: DNS query: config.fp.measure.office.com
Source: global traffic	DNS traffic detected: DNS query: mercyassurance.site
Source: global traffic	DNS traffic detected: DNS query: profilefordocdoc.site
Source: global traffic	DNS traffic detected: DNS query: c0149d99fde159617d8e36f080b49aff.fp.measure.office.com
Source: global traffic	DNS traffic detected: DNS query: outlook.office.com
Source: global traffic	DNS traffic detected: DNS query: tr-ooc-acdc.office.com
Source: global traffic	DNS traffic detected: DNS query: upload.fp.measure.office.com

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 29, 2024 22:15:01.909030914 CET	53	60085	1.1.1.1	192.168.2.16
Oct 29, 2024 22:15:01.926175117 CET	53	52873	1.1.1.1	192.168.2.16
Oct 29, 2024 22:15:02.813215017 CET	55788	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:15:02.813493967 CET	52321	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:15:03.181850910 CET	53	55974	1.1.1.1	192.168.2.16
Oct 29, 2024 22:15:05.800909042 CET	59384	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:15:05.801089048 CET	59007	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:15:06.712796926 CET	61142	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:15:06.712975025 CET	56788	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:15:06.860438108 CET	53	61142	1.1.1.1	192.168.2.16
Oct 29, 2024 22:15:06.860475063 CET	53	56788	1.1.1.1	192.168.2.16
Oct 29, 2024 22:15:06.864305019 CET	60083	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:15:06.864480972 CET	49734	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:15:20.240675926 CET	53	49200	1.1.1.1	192.168.2.16
Oct 29, 2024 22:15:38.992413998 CET	53	62734	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:01.140475035 CET	55039	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:01.140708923 CET	57533	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:01.514166117 CET	51481	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:01.514324903 CET	54208	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:01.527992964 CET	53	54208	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:01.528583050 CET	53	51481	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:01.848984957 CET	53	53067	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:01.915905952 CET	53	61207	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:02.071827888 CET	51772	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:02.072185993 CET	56983	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:03.055464983 CET	51004	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:03.055464983 CET	63879	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:03.063143015 CET	53	51004	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:03.063505888 CET	53	63879	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:03.753463984 CET	63533	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:03.753580093 CET	51221	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:04.846355915 CET	63682	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:04.846575022 CET	59837	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:04.854434967 CET	59131	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:04.854772091 CET	60580	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:04.856543064 CET	53	63682	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:04.856559038 CET	53	59837	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:04.862453938 CET	53	59131	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:04.863069057 CET	53	60580	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:06.865442991 CET	53881	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:06.865679026 CET	55269	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:07.028320074 CET	58900	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:07.028320074 CET	49745	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:07.041035891 CET	53	58900	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:07.041050911 CET	53	49745	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:08.034483910 CET	58601	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:08.034620047 CET	52772	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:08.411986113 CET	58887	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:08.412153006 CET	62504	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:08.756459951 CET	138	138	192.168.2.16	192.168.2.255
Oct 29, 2024 22:16:09.540699005 CET	64561	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:09.542023897 CET	63692	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:09.545310974 CET	56797	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:09.545552015 CET	65532	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:09.554040909 CET	53	65532	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:10.759526968 CET	56320	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:10.759526968 CET	62050	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:10.769013882 CET	53	62050	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:15.738609076 CET	62895	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:15.738759041 CET	56429	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:15.753453970 CET	53	62895	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:15.753747940 CET	53	56429	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:17.449219942 CET	55293	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:17.449465036 CET	51238	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:17.453754902 CET	57765	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:17.454122066 CET	54647	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:17.461600065 CET	53	51238	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:17.466633081 CET	53	57765	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:17.473501921 CET	53	55293	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:17.482817888 CET	53	54647	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:21.010483027 CET	51826	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:21.010662079 CET	57354	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:21.037650108 CET	53	57354	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:22.487108946 CET	65474	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:22.487198114 CET	54248	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:22.519558907 CET	53	54248	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:23.939183950 CET	56852	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:23.939362049 CET	61567	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:23.947254896 CET	53	61567	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:23.948100090 CET	53	56852	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:25.423823118 CET	49376	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:25.423976898 CET	53393	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:25.431267977 CET	53	53393	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:25.431478024 CET	53	49376	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:26.843064070 CET	59586	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:26.843064070 CET	63220	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:26.850702047 CET	53	63220	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:26.865816116 CET	53	59586	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:28.297383070 CET	50769	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:28.297524929 CET	60318	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:28.305942059 CET	53	50769	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:28.323194027 CET	53	60318	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:29.754971027 CET	55096	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:29.755157948 CET	57048	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:29.762895107 CET	53	57048	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:30.459197998 CET	53	55038	1.1.1.1	192.168.2.16
Oct 29, 2024 22:16:30.650043964 CET	55791	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:30.650163889 CET	58698	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:16:30.657871008 CET	53	58698	1.1.1.1	192.168.2.16
Oct 29, 2024 22:17:06.870069981 CET	54338	53	192.168.2.16	1.1.1.1
Oct 29, 2024 22:17:06.870218992 CET	59637	53	192.168.2.16	1.1.1.1

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Oct 29, 2024 22:16:17.482894897 CET	192.168.2.16	1.1.1.1	c23e	(Port unreachable)	Destination Unreachable
Oct 29, 2024 22:16:26.865914106 CET	192.168.2.16	1.1.1.1	c271	(Port unreachable)	Destination Unreachable

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:03 UTC	779	OUT	GET /:f:/g/personal/securedocument_bio-aquatic_com/EqfT1pjHkSVIsZ_uZ-FoAy4BgWwRj-5I-q_oaUpvi5Mxeg?e=eaqeTT HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-29 21:15:04 UTC	3833	IN	HTTP/1.1 302 Found Cache-Control: private Content-Length: 351 Content-Type: text/html; charset=utf-8 Location: https://bioaquatictesting-my.sharepoint.com/personal/securedocument_bio-aquatic_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%2FKravis%20Center%20for%20the%20Performing%20Arts&ga=1 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 0,525568,0,50,65434,0,263586,24 X-SharePointHealthScore: 2 X-MS-SPO-CookieValidator: Fr2pEELmqlLXuJ6oQbfYXVQayWhqOClPceJupNRud+W7fU/7R2aooce28fcqz90oWDFTSzorLmSAG4WlgKkXFk34kVK1qagYNwcA1DciSGAfN3UG9SbnSFv7ulIj2biMmZdLa+Nmm2FegfbA6/zuupJHyhQXsTigd16AcgQ40Ivk1KvQMm/G/6q8WIp1reKevxJh3pCRu9BxZ1RmrRiAK9WdCPHjkHkUL53hLOphtcjxcvMBpl5At7+a+bWetZ7HVruvfmfgKErgkJpOjGvOwfZoD8Aud80pFmUBR1QIM+oBnk1UG979b/Htx3TtyhFI8HnXxyvjTSzlIQHPrge4ww== X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: eac45ea1-a0e9-6000-ca30-e7e5c25acb6e request-id: eac45ea1-a0e9-6000-ca30-e7e5c25acb6e MS-CV: oV7E6umgAGDKMOflwlrLbg.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=6499e60f-c550-4765-a48f-ea62fe73b677&destinationEndpoint=Edge-Prod-DFW31r5c&frontEnd=AFD&RemoteIP=173.254.250.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; SPRequestDuration: 232 SPIisLatency: 3 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 1BE57E864F324960932E351584550E8F Ref B: DFW311000106037 Ref C: 2024-10-29T21:15:03Z Date: Tue, 29 Oct 2024 21:15:03 GMT Connection: close
2024-10-29 21:15:04 UTC	337	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 62 69 6f 61 71 75 61 74 69 63 74 65 73 74 69 6e 67 2d 6d 79 2e 73 68 61 72 65 70 6f 69 6e 74 2e 63 6f 6d 2f 70 65 72 73 6f 6e 61 6c 2f 73 65 63 75 72 65 64 6f 63 75 6d 65 6e 74 5f 62 69 6f 2d 61 71 75 61 74 69 63 5f 63 6f 6d 2f 5f 6c 61 79 6f 75 74 73 2f 31 35 2f 6f 6e 65 64 72 69 76 65 2e 61 73 70 78 3f 69 64 3d 25 32 46 70 65 72 73 6f 6e 61 6c 25 32 46 73 65 63 75 72 65 64 6f 63 75 6d 65 6e 74 25 35 46 62 69 6f 25 32 44 61 71 75 61 74 69 63 25 35 46 63 6f 6d 25 32 46 44 6f 63 75 6d 65 Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="https://bioaquatictesting-my.sharepoint.com/personal/securedocument_bio-aquatic_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocume
2024-10-29 21:15:04 UTC	14	IN	Data Raw: 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: body></html>

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:04 UTC	2026	OUT	GET /personal/securedocument_bio-aquatic_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%2FKravis%20Center%20for%20the%20Performing%20Arts&ga=1 HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:15:04 UTC	11228	IN	HTTP/1.1 200 OK Cache-Control: private Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 0,2102272,27,175,150047,0,2080713,24 X-SharePointHealthScore: 3 Referrer-Policy: no-referrer, strict-origin-when-cross-origin Reporting-Endpoints: cspendpoint="https://bioaquatictesting-my.sharepoint.com/personal/securedocument_bio-aquatic_com/_layouts/15/CSPReporting.aspx" X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com .office365.com .powerapps.com .yammer.com engage.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com .powerapps.com .yammer.com engage.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com .cloud.microsoft app.powerbi.com; Content-Security-Policy-Report-Only: base-uri 'none';;report-to cspendpoint Content-Security-Policy: worker-src 'self' blob:;script-src https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://fabriciss.azureedge.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://res-1.cdn.office.net https://res-1.cdn.office.net https://res-2.cdn.office.net https://webshell.suite.office.com https://amcdn.msftauth.net .cdn.office.net .fluidpreview.office.net https://res-1.cdn.office.net https://teams.microsoft.com https://js.monitor.azure.com https://r4.res.office365.com https://c1-excel-15.cdn.office.net https://c1-onenote-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net https://loki.delve.office.com https://res.cdn.office.net/midgard/ https://substrate.office.com 'unsafe-eval' 'nonce-65beeb4a-787f-4609-b9 [TRUNCATED] Content-Security-Policy-Report-Only: style-src https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://fabriciss.azureedge.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://res-1.cdn.office.net https://res-1.cdn.office.net https://res-2.cdn.office.net https://webshell.suite.office.com https://amcdn.msftauth.net .cdn.office.net .fluidpreview.office.net https://res-1.cdn.office.net https://teams.microsoft.com https://js.monitor.azure.com https://r4.res.office365.com https://c1-excel-15.cdn.office.net https://c1-onenote-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net https://loki.delve.office.com https://res.cdn.office.net/midgard/ https://substrate.office.com 'self' blob: 'unsafe-inline';connect-src 'self' blob: h [TRUNCATED] X-Service-Worker-Application-Id: STS X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: ebc45ea1-2004-6000-ca30-e624ae561874 request-id: ebc45ea1-2004-6000-ca30-e624ae561874 MS-CV: oV7E6wQgAGDKMOYkrlYYdA.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=6499e60f-c550-4765-a48f-ea62fe73b677&destinationEndpoint=Edge-Prod-DFW31r5c&frontEnd=AFD&RemoteIP=173.254.250.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 597D4EFD393440A0A91BB3BF3E658516 Ref B: DFW311000106021 Ref C: 2024-10-29T21:15:04Z Date: Tue, 29 Oct 2024 21:15:03 GMT Connection: close
2024-10-29 21:15:04 UTC	1367	IN	Data Raw: 35 35 30 0d 0a 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 75 73 22 20 64 69 72 3d 22 6c 74 72 22 3e 0d 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 47 45 4e 45 52 41 54 4f 52 22 20 63 6f 6e 74 65 6e 74 3d 22 4d 69 63 72 6f 73 6f 66 74 20 53 68 61 72 65 50 6f 69 6e 74 22 20 2f 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 Data Ascii: 550<!DOCTYPE html><html lang="en-us" dir="ltr"><head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-type" content="text/html; charset=utf-8" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta http-equ
2024-10-29 21:15:04 UTC	3918	IN	Data Raw: 66 34 37 0d 0a 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 6c 6f 61 64 27 2c 20 66 75 6e 63 74 69 6f 6e 28 29 20 7b 20 28 74 79 70 65 6f 66 20 6d 61 72 6b 50 65 72 66 53 74 61 67 65 20 3d 3d 3d 20 27 66 75 6e 63 74 69 6f 6e 27 20 26 26 20 6d 61 72 6b 50 65 72 66 53 74 61 67 65 28 27 73 75 69 74 65 4e 61 76 53 63 72 69 70 74 41 73 79 6e 63 45 6e 64 27 29 29 3b 20 69 66 20 28 77 69 6e 64 6f 77 2e 65 78 65 63 75 74 65 53 75 69 74 65 4e 61 76 4f 6e 63 65 29 20 7b 20 77 69 6e 64 6f 77 2e 65 78 65 63 75 74 65 53 75 69 74 65 4e 61 76 4f 6e 63 65 28 29 20 7d 20 77 69 6e 64 6f 77 2e 73 68 65 6c 6c 43 6f 72 65 4c 6f 61 64 65 64 20 3d 20 74 72 75 65 3b 20 7d 29 3b 77 69 6e 64 6f 77 2e 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 53 Data Ascii: f47dEventListener('load', function() { (typeof markPerfStage === 'function' && markPerfStage('suiteNavScriptAsyncEnd')); if (window.executeSuiteNavOnce) { window.executeSuiteNavOnce() } window.shellCoreLoaded = true; });window.document.getElementById('S
2024-10-29 21:15:04 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 53 65 61 72 63 68 54 65 78 74 3a 20 73 65 61 72 63 68 51 75 65 72 79 2c 20 65 6e 61 62 6c 65 44 65 6c 61 79 4c 6f 61 64 69 6e 67 3a 20 74 72 75 65 2c 20 63 6f 6c 6c 61 70 73 65 4f 33 36 35 53 65 74 74 69 6e 67 73 3a 20 66 61 6c 73 65 2c 20 64 69 73 61 62 6c 65 44 65 6c 61 79 4c 6f 61 64 3a 20 66 61 6c 73 65 2c 20 64 69 73 61 62 6c 65 53 68 65 6c 6c 50 6c 75 73 3a 20 66 61 6c 73 65 2c 20 69 73 54 68 69 6e 48 65 61 64 65 72 3a 20 74 72 75 65 2c 20 65 6e 61 62 6c 65 4c 65 67 61 63 79 52 65 73 70 6f 6e 73 69 76 65 42 65 68 61 76 69 6f 72 3a 20 66 61 6c 73 65 2c 20 65 78 70 65 63 74 53 65 61 72 63 68 42 6f 78 53 65 74 74 69 6e 67 73 3a 20 74 72 75 65 2c 20 64 61 72 6b 41 63 63 65 6e 74 3a 20 27 23 38 32 43 37 46 46 27 2c 20 73 68 65 6c 6c 41 Data Ascii: 2000SearchText: searchQuery, enableDelayLoading: true, collapseO365Settings: false, disableDelayLoad: false, disableShellPlus: false, isThinHeader: true, enableLegacyResponsiveBehavior: false, expectSearchBoxSettings: true, darkAccent: '#82C7FF', shellA
2024-10-29 21:15:04 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 77 67 46 68 4d 43 4d 75 5a 6e 78 74 5a 57 31 69 5a 58 4a 7a 61 47 6c 77 66 48 56 79 62 69 55 7a 59 58 4e 77 62 79 55 7a 59 57 46 75 62 32 34 6a 4f 54 67 77 4e 54 4d 79 4f 54 55 33 59 6a 4e 6a 5a 47 45 35 5a 6a 6c 6d 4f 54 5a 6b 4d 6d 55 33 4d 54 4d 32 5a 47 5a 6d 4f 57 49 34 4e 6d 59 30 4d 6d 51 34 59 7a 45 31 59 54 67 78 5a 44 51 33 59 6a 49 77 59 6a 5a 6b 5a 6a 59 79 59 32 56 6d 4f 54 68 6c 4e 73 67 42 41 51 2e 71 70 36 48 70 6b 4f 44 70 63 32 4d 64 70 41 36 63 4e 70 71 4b 6f 63 47 44 6d 53 51 59 56 37 35 47 74 4b 77 76 75 31 78 6b 66 41 22 7d 2c 22 76 61 6e 69 74 79 55 72 6c 73 22 3a 7b 7d 2c 22 6d 75 6c 74 69 47 65 6f 49 6e 66 6f 22 3a 5b 7b 22 49 6e 73 74 61 6e 63 65 49 64 22 3a 22 37 30 30 63 39 35 31 32 2d 38 35 31 32 2d 34 39 32 Data Ascii: 2000wgFhMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNsgBAQ.qp6HpkODpc2MdpA6cNpqKocGDmSQYV75GtKwvu1xkfA"},"vanityUrls":{},"multiGeoInfo":[{"InstanceId":"700c9512-8512-492
2024-10-29 21:15:04 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 46 44 38 45 39 36 41 22 3a 74 72 75 65 2c 22 38 38 32 42 41 30 39 30 2d 34 39 36 33 2d 34 37 30 32 2d 39 44 35 33 2d 39 42 45 43 32 42 42 34 43 43 35 45 22 3a 74 72 75 65 2c 22 45 35 39 43 36 31 30 35 2d 41 34 31 34 2d 34 45 38 35 2d 39 30 46 39 2d 39 42 30 39 38 31 39 31 39 46 45 31 22 3a 74 72 75 65 2c 22 34 46 43 37 44 46 46 34 2d 32 31 44 34 2d 34 30 36 39 2d 38 38 42 36 2d 30 41 44 36 35 32 45 46 30 39 34 32 22 3a 74 72 75 65 2c 22 44 42 39 44 32 32 33 41 2d 38 36 35 42 2d 34 33 44 30 2d 39 45 34 38 2d 33 38 32 32 43 30 42 46 44 45 37 31 22 3a 74 72 75 65 2c 22 39 38 42 35 43 44 35 36 2d 31 33 34 35 2d 34 35 34 41 2d 41 39 44 31 2d 30 36 38 44 39 42 32 42 44 42 38 30 22 3a 74 72 75 65 2c 22 45 31 42 38 36 41 39 35 2d 33 31 45 35 2d Data Ascii: 2000FD8E96A":true,"882BA090-4963-4702-9D53-9BEC2BB4CC5E":true,"E59C6105-A414-4E85-90F9-9B0981919FE1":true,"4FC7DFF4-21D4-4069-88B6-0AD652EF0942":true,"DB9D223A-865B-43D0-9E48-3822C0BFDE71":true,"98B5CD56-1345-454A-A9D1-068D9B2BDB80":true,"E1B86A95-31E5-
2024-10-29 21:15:04 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 3a 74 72 75 65 2c 22 33 30 45 35 38 36 46 42 2d 41 42 37 36 2d 34 45 30 39 2d 39 46 33 41 2d 33 41 41 45 32 45 45 39 39 30 30 30 22 3a 74 72 75 65 2c 22 39 33 31 37 31 44 39 31 2d 37 37 31 30 2d 34 38 30 35 2d 38 42 39 31 2d 46 35 35 39 32 34 37 41 46 39 41 32 22 3a 74 72 75 65 2c 22 41 35 43 38 46 34 36 41 2d 32 35 41 30 2d 34 38 34 31 2d 39 42 42 46 2d 39 35 43 34 38 36 32 30 37 31 33 42 22 3a 74 72 75 65 2c 22 43 31 41 41 39 39 46 39 2d 33 45 45 33 2d 34 42 46 35 2d 39 44 39 30 2d 30 39 32 41 32 31 31 32 46 34 39 45 22 3a 74 72 75 65 2c 22 45 32 45 37 35 37 41 34 2d 37 39 45 36 2d 34 44 36 37 2d 41 42 30 45 2d 34 34 32 32 39 39 42 32 31 39 36 39 22 3a 74 72 75 65 2c 22 32 33 38 33 46 42 39 37 2d 43 33 45 33 2d 34 43 33 31 2d 39 46 33 Data Ascii: 2000:true,"30E586FB-AB76-4E09-9F3A-3AAE2EE99000":true,"93171D91-7710-4805-8B91-F559247AF9A2":true,"A5C8F46A-25A0-4841-9BBF-95C48620713B":true,"C1AA99F9-3EE3-4BF5-9D90-092A2112F49E":true,"E2E757A4-79E6-4D67-AB0E-442299B21969":true,"2383FB97-C3E3-4C31-9F3
2024-10-29 21:15:04 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 43 35 35 30 32 45 38 2d 39 42 46 30 2d 34 45 44 39 2d 41 44 37 36 2d 39 42 42 45 31 31 34 35 45 37 36 31 22 3a 74 72 75 65 2c 22 30 46 44 33 46 33 33 37 2d 38 35 39 44 2d 34 45 42 35 2d 42 44 33 34 2d 31 32 33 41 33 35 42 31 34 32 33 44 22 3a 74 72 75 65 2c 22 41 43 35 43 33 43 46 33 2d 33 45 32 35 2d 34 35 43 32 2d 41 32 32 30 2d 37 44 33 34 38 36 34 43 34 44 34 30 22 3a 74 72 75 65 2c 22 31 37 46 44 37 46 43 39 2d 44 37 35 39 2d 34 32 35 32 2d 39 31 35 31 2d 42 43 33 30 33 31 45 32 31 44 46 34 22 3a 74 72 75 65 2c 22 46 33 42 31 42 31 42 39 2d 30 42 33 45 2d 34 42 33 42 2d 38 42 33 42 2d 30 42 33 42 31 42 33 42 31 42 33 42 22 3a 74 72 75 65 2c 22 44 42 44 37 38 31 45 46 2d 30 34 44 37 2d 34 44 30 34 2d 42 45 33 32 2d 45 30 43 35 44 30 Data Ascii: 2000C5502E8-9BF0-4ED9-AD76-9BBE1145E761":true,"0FD3F337-859D-4EB5-BD34-123A35B1423D":true,"AC5C3CF3-3E25-45C2-A220-7D34864C4D40":true,"17FD7FC9-D759-4252-9151-BC3031E21DF4":true,"F3B1B1B9-0B3E-4B3B-8B3B-0B3B1B3B1B3B":true,"DBD781EF-04D7-4D04-BE32-E0C5D0
2024-10-29 21:15:04 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 30 41 46 41 2d 34 45 42 35 2d 38 41 31 46 2d 36 38 31 42 46 31 35 42 34 46 43 44 22 3a 74 72 75 65 2c 22 39 46 31 39 39 36 44 35 2d 42 33 37 41 2d 34 33 42 33 2d 38 43 32 34 2d 46 30 46 35 44 31 41 35 33 35 44 38 22 3a 74 72 75 65 2c 22 32 45 34 36 46 41 45 39 2d 41 30 39 31 2d 34 41 45 46 2d 39 43 44 33 2d 36 45 37 43 39 32 46 37 45 41 31 43 22 3a 74 72 75 65 2c 22 44 44 31 31 38 39 31 30 2d 32 33 38 39 2d 34 42 37 46 2d 42 37 34 34 2d 30 46 38 43 37 43 42 30 46 36 33 36 22 3a 74 72 75 65 2c 22 42 33 36 32 45 30 38 42 2d 37 46 36 41 2d 34 45 36 46 2d 42 37 44 30 2d 45 43 45 35 46 32 42 39 33 35 34 41 22 3a 74 72 75 65 2c 22 34 37 35 30 33 41 39 38 2d 46 42 30 36 2d 34 34 30 41 2d 42 39 32 31 2d 31 34 35 37 41 32 32 42 31 37 46 39 22 3a Data Ascii: 20000AFA-4EB5-8A1F-681BF15B4FCD":true,"9F1996D5-B37A-43B3-8C24-F0F5D1A535D8":true,"2E46FAE9-A091-4AEF-9CD3-6E7C92F7EA1C":true,"DD118910-2389-4B7F-B744-0F8C7CB0F636":true,"B362E08B-7F6A-4E6F-B7D0-ECE5F2B9354A":true,"47503A98-FB06-440A-B921-1457A22B17F9":
2024-10-29 21:15:04 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 33 2d 39 34 33 38 2d 34 34 43 34 31 37 30 37 39 44 42 43 22 3a 74 72 75 65 2c 22 42 36 30 42 41 38 31 37 2d 36 37 31 34 2d 34 42 30 46 2d 42 36 45 34 2d 37 45 42 38 34 33 41 43 45 43 38 41 22 3a 74 72 75 65 2c 22 31 35 42 34 30 34 41 35 2d 30 36 33 34 2d 34 45 46 43 2d 38 39 45 35 2d 38 43 36 31 41 37 38 36 41 42 44 36 22 3a 74 72 75 65 2c 22 46 44 45 45 36 31 46 36 2d 32 34 45 46 2d 34 30 44 30 2d 42 35 43 32 2d 30 36 30 36 43 42 31 46 37 33 39 34 22 3a 74 72 75 65 2c 22 41 33 46 45 31 41 37 31 2d 43 33 41 31 2d 34 38 46 39 2d 39 31 45 41 2d 33 31 37 36 32 36 31 30 38 45 36 34 22 3a 74 72 75 65 2c 22 36 38 45 31 31 45 31 33 2d 31 44 45 43 2d 34 32 35 37 2d 41 42 39 38 2d 30 38 36 45 35 43 45 44 33 42 36 46 22 3a 74 72 75 65 2c 22 36 36 Data Ascii: 20003-9438-44C417079DBC":true,"B60BA817-6714-4B0F-B6E4-7EB843ACEC8A":true,"15B404A5-0634-4EFC-89E5-8C61A786ABD6":true,"FDEE61F6-24EF-40D0-B5C2-0606CB1F7394":true,"A3FE1A71-C3A1-48F9-91EA-317626108E64":true,"68E11E13-1DEC-4257-AB98-086E5CED3B6F":true,"66
2024-10-29 21:15:04 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 34 42 35 45 33 45 38 43 44 34 36 22 3a 74 72 75 65 2c 22 43 44 38 30 46 44 33 41 2d 44 36 32 46 2d 34 41 34 35 2d 39 33 37 31 2d 38 46 32 42 36 39 45 46 43 32 34 32 22 3a 74 72 75 65 2c 22 31 37 42 44 33 31 32 31 2d 38 33 44 38 2d 34 35 30 42 2d 39 42 39 34 2d 36 33 46 30 35 43 42 30 44 46 41 31 22 3a 74 72 75 65 2c 22 37 33 32 36 38 45 32 34 2d 31 31 41 35 2d 34 34 43 32 2d 41 43 39 38 2d 45 33 44 43 38 39 43 46 30 45 46 45 22 3a 74 72 75 65 2c 22 45 35 33 43 31 33 34 39 2d 45 43 32 38 2d 34 42 39 42 2d 42 33 33 46 2d 35 30 45 46 37 38 39 31 45 44 43 33 22 3a 74 72 75 65 2c 22 36 42 31 42 33 43 45 33 2d 39 35 34 45 2d 34 39 41 30 2d 42 30 31 42 2d 46 46 39 41 33 42 32 46 30 46 35 39 22 3a 74 72 75 65 2c 22 41 42 46 30 44 36 33 36 2d 36 Data Ascii: 20004B5E3E8CD46":true,"CD80FD3A-D62F-4A45-9371-8F2B69EFC242":true,"17BD3121-83D8-450B-9B94-63F05CB0DFA1":true,"73268E24-11A5-44C2-AC98-E3DC89CF0EFE":true,"E53C1349-EC28-4B9B-B33F-50EF7891EDC3":true,"6B1B3CE3-954E-49A0-B01B-FF9A3B2F0F59":true,"ABF0D636-6

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:05 UTC	1561	OUT	GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:15:05 UTC	3198	IN	HTTP/1.1 200 OK Cache-Control: max-age=600 Transfer-Encoding: chunked Content-Type: text/javascript; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 0,2102272,22,178,1236341,0,2102272,24 X-SharePointHealthScore: 2 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: ebc45ea1-0065-6000-ca30-eb997f20858d request-id: ebc45ea1-0065-6000-ca30-eb997f20858d MS-CV: oV7E62UAAGDKMOuZfyCFjQ.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=6499e60f-c550-4765-a48f-ea62fe73b677&destinationEndpoint=Edge-Prod-DFW31r5b&frontEnd=AFD&RemoteIP=173.254.250.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: E013CF66F0CC41118D1302ABF9E29BB3 Ref B: DFW311000103025 Ref C: 2024-10-29T21:15:05Z Date: Tue, 29 Oct 2024 21:15:04 GMT Connection: close
2024-10-29 21:15:05 UTC	749	IN	Data Raw: 32 65 36 0d 0a 73 65 6c 66 2e 5f 70 65 72 66 4d 61 72 6b 73 20 3d 20 7b 7d 3b 0a 73 65 6c 66 2e 5f 6d 61 72 6b 50 65 72 66 53 74 61 67 65 3d 66 75 6e 63 74 69 6f 6e 28 6b 65 79 29 20 7b 69 66 28 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 20 26 26 20 74 79 70 65 6f 66 20 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 20 3d 3d 3d 20 27 66 75 6e 63 74 69 6f 6e 27 29 7b 73 65 6c 66 2e 5f 70 65 72 66 4d 61 72 6b 73 5b 6b 65 79 5d 3d 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 28 29 3b 7d 20 65 6c 73 65 7b 73 65 6c 66 2e 5f 70 65 72 66 4d 61 72 6b 73 5b 6b 65 79 5d 3d 44 61 74 65 2e 6e 6f 77 28 29 3b 7d 20 69 66 20 28 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 20 26 26 20 74 79 70 65 6f 66 20 73 65 6c 66 2e 70 65 72 66 6f Data Ascii: 2e6self._perfMarks = {};self._markPerfStage=function(key) {if(self.performance && typeof self.performance.now === 'function'){self._perfMarks[key]=self.performance.now();} else{self._perfMarks[key]=Date.now();} if (self.performance && typeof self.perfo
2024-10-29 21:15:05 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:06 UTC	1554	OUT	GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:15:06 UTC	3197	IN	HTTP/1.1 200 OK Cache-Control: max-age=600 Transfer-Encoding: chunked Content-Type: text/javascript; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 0,1051136,25,46,1309315,0,1051136,24 X-SharePointHealthScore: 1 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: ebc45ea1-c0a5-6000-ca30-efcaf01ebbba request-id: ebc45ea1-c0a5-6000-ca30-efcaf01ebbba MS-CV: oV7E66XAAGDKMO/K8B67ug.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=6499e60f-c550-4765-a48f-ea62fe73b677&destinationEndpoint=Edge-Prod-DFW31r5d&frontEnd=AFD&RemoteIP=173.254.250.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 48DA1FEAFDF242D3A14630EE4A446320 Ref B: DFW311000107017 Ref C: 2024-10-29T21:15:06Z Date: Tue, 29 Oct 2024 21:15:06 GMT Connection: close
2024-10-29 21:15:06 UTC	749	IN	Data Raw: 32 65 36 0d 0a 73 65 6c 66 2e 5f 70 65 72 66 4d 61 72 6b 73 20 3d 20 7b 7d 3b 0a 73 65 6c 66 2e 5f 6d 61 72 6b 50 65 72 66 53 74 61 67 65 3d 66 75 6e 63 74 69 6f 6e 28 6b 65 79 29 20 7b 69 66 28 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 20 26 26 20 74 79 70 65 6f 66 20 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 20 3d 3d 3d 20 27 66 75 6e 63 74 69 6f 6e 27 29 7b 73 65 6c 66 2e 5f 70 65 72 66 4d 61 72 6b 73 5b 6b 65 79 5d 3d 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 28 29 3b 7d 20 65 6c 73 65 7b 73 65 6c 66 2e 5f 70 65 72 66 4d 61 72 6b 73 5b 6b 65 79 5d 3d 44 61 74 65 2e 6e 6f 77 28 29 3b 7d 20 69 66 20 28 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 20 26 26 20 74 79 70 65 6f 66 20 73 65 6c 66 2e 70 65 72 66 6f Data Ascii: 2e6self._perfMarks = {};self._markPerfStage=function(key) {if(self.performance && typeof self.performance.now === 'function'){self._perfMarks[key]=self.performance.now();} else{self._perfMarks[key]=Date.now();} if (self.performance && typeof self.perfo
2024-10-29 21:15:06 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:08 UTC	672	OUT	GET /files/odsp-web-prod_2024-10-11.005/odblightspeedwebpack/plt.listviewdataprefetch.js HTTP/1.1 Host: res-2.cdn.office.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://bioaquatictesting-my.sharepoint.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://bioaquatictesting-my.sharepoint.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-29 21:15:08 UTC	1306	IN	HTTP/1.1 200 OK Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET,HEAD,OPTIONS Access-Control-Allow-Origin: * Access-Control-Expose-Headers: date,X-Cdn-Provider,X-Ms-Request-Id Age: 83846 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Cache-Control: max-age=31536000 Content-Type: application/javascript Date: Tue, 29 Oct 2024 21:15:08 GMT Last-Modified: Sun, 13 Oct 2024 01:45:07 GMT NEL: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01} Report-To: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=Killeen&ASN=8100&Country=US&Region=TX&RequestIdentifier=126118635609849580753575215102825441300"}],"include_subdomains ":true} Server: ECAcc (lhc/7941) Strict-Transport-Security: max-age=31536000; includeSubDomains Timing-Allow-Origin: * Vary: Accept-Encoding X-Cache: HIT X-CDN-Provider: Verizon x-content-type-options: nosniff x-ms-meta-Sourcebuild: odsp-web-prod_2024-10-11.005 x-ms-meta-Sourceid: EEE96C2FB0807C5B5E1B540546BA5585B24559A6DA28371C6AE2D05711FD319C00 x-ms-request-id: 4568fbc6-b01e-0041-3184-2930e4000000 Content-Length: 250704 Connection: close
2024-10-29 21:15:08 UTC	16383	IN	Data Raw: 76 61 72 20 5f 5f 77 65 62 70 61 63 6b 5f 72 65 73 75 6c 74 5f 5f 3b 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 3d 7b 36 31 31 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 6e 2e 72 28 74 29 2c 6e 2e 64 28 74 2c 7b 5f 5f 61 73 73 69 67 6e 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 71 35 7d 2c 5f 5f 61 73 79 6e 63 44 65 6c 65 67 61 74 6f 72 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 44 51 7d 2c 5f 5f 61 73 79 6e 63 47 65 6e 65 72 61 74 6f 72 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 24 30 7d 2c 5f 5f 61 73 79 6e 63 56 61 6c 75 65 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 47 6c 7d 2c 5f 5f 61 77 61 69 74 3a 66 75 6e 63 74 Data Ascii: var __webpack_result__;!function(){"use strict";var e={611:function(e,t,n){n.r(t),n.d(t,{__assign:function(){return a.q5},__asyncDelegator:function(){return a.DQ},__asyncGenerator:function(){return a.$0},__asyncValues:function(){return a.Gl},__await:funct
2024-10-29 21:15:08 UTC	16383	IN	Data Raw: 74 69 47 65 6f 49 6e 66 6f 3b 72 65 74 75 72 6e 20 6e 65 77 20 74 68 69 73 2e 69 74 65 6d 55 72 6c 50 61 72 74 73 54 79 70 65 28 7b 64 65 66 61 75 6c 74 46 75 6c 6c 57 65 62 55 72 6c 3a 6e 2c 77 65 62 41 62 73 6f 6c 75 74 65 55 72 6c 4c 65 67 61 63 79 3a 61 2c 64 65 66 61 75 6c 74 4c 69 73 74 55 72 6c 3a 69 2c 6d 75 6c 74 69 47 65 6f 49 6e 66 6f 3a 72 2c 6f 70 74 69 6f 6e 73 3a 65 7d 29 7d 2c 65 7d 28 29 7d 0a 2c 32 34 39 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 6e 2e 64 28 74 2c 7b 61 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6f 7d 2c 62 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 64 7d 2c 63 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6c 7d 2c 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 Data Ascii: tiGeoInfo;return new this.itemUrlPartsType({defaultFullWebUrl:n,webAbsoluteUrlLegacy:a,defaultListUrl:i,multiGeoInfo:r,options:e})},e}()},249:function(e,t,n){n.d(t,{a:function(){return o},b:function(){return d},c:function(){return l},d:function(){return
2024-10-29 21:15:08 UTC	16383	IN	Data Raw: 72 6f 75 70 2c 6c 3d 65 2e 6c 61 73 74 47 72 6f 75 70 2c 66 3d 65 2e 72 65 63 75 72 73 65 49 6e 46 6f 6c 64 65 72 73 2c 70 3d 65 2e 72 65 63 75 72 73 65 4f 6e 6c 79 46 69 6c 65 73 2c 6d 3d 65 2e 74 79 70 65 46 69 6c 74 65 72 2c 5f 3d 76 6f 69 64 20 30 3d 3d 3d 6d 3f 7b 66 69 6c 74 65 72 73 3a 5b 5d 7d 3a 6d 2c 68 3d 65 2e 66 69 65 6c 64 4e 61 6d 65 73 2c 62 3d 76 6f 69 64 20 30 3d 3d 3d 68 3f 5b 5d 3a 68 2c 67 3d 65 2e 67 72 6f 75 70 42 79 2c 44 3d 76 6f 69 64 20 30 3d 3d 3d 67 3f 5b 5d 3a 67 2c 49 3d 65 2e 75 73 65 72 49 73 41 6e 6f 6e 79 6d 6f 75 73 2c 78 3d 76 6f 69 64 20 30 21 3d 3d 49 26 26 49 2c 43 3d 65 2e 72 65 71 75 65 73 74 4d 65 74 61 49 6e 66 6f 2c 4f 3d 76 6f 69 64 20 30 21 3d 3d 43 26 26 43 2c 77 3d 65 2e 72 65 71 75 65 73 74 43 6f 6d 6d 65 Data Ascii: roup,l=e.lastGroup,f=e.recurseInFolders,p=e.recurseOnlyFiles,m=e.typeFilter,_=void 0===m?{filters:[]}:m,h=e.fieldNames,b=void 0===h?[]:h,g=e.groupBy,D=void 0===g?[]:g,I=e.userIsAnonymous,x=void 0!==I&&I,C=e.requestMetaInfo,O=void 0!==C&&C,w=e.requestComme
2024-10-29 21:15:08 UTC	3	IN	Data Raw: 5d 5c 64 Data Ascii: ]\d
2024-10-29 21:15:08 UTC	16383	IN	Data Raw: 2b 29 3f 24 2f 69 2c 6d 65 52 65 67 65 78 3a 2f 5e 5c 5b 6d 65 5c 5d 2f 69 2c 63 61 6c 65 6e 64 61 72 4e 75 6c 6c 45 76 65 6e 74 3a 2f 2e 2a 3c 4f 72 3e 2e 2a 3c 49 73 4e 75 6c 6c 2e 2a 3c 5c 2f 49 73 4e 75 6c 6c 2e 2a 3c 49 73 4e 75 6c 6c 2e 2a 3c 5c 2f 49 73 4e 75 6c 6c 3e 2e 2a 3c 5c 2f 4f 72 3e 2e 2a 2f 2c 61 67 67 72 65 67 61 74 69 6f 6e 73 46 69 65 6c 64 3a 27 3c 46 69 65 6c 64 52 65 66 20 4e 61 6d 65 3d 22 7b 30 7d 22 20 54 79 70 65 3d 22 7b 31 7d 22 2f 3e 27 7d 7d 0a 2c 38 30 32 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 6e 2e 64 28 74 2c 7b 61 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6c 7d 2c 62 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6f 7d 2c 63 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 64 Data Ascii: +)?$/i,meRegex:/^\[me\]/i,calendarNullEvent:/.<Or>.<IsNull.<\/IsNull.<IsNull.<\/IsNull>.<\/Or>.*/,aggregationsField:'<FieldRef Name="{0}" Type="{1}"/>'}},802:function(e,t,n){n.d(t,{a:function(){return l},b:function(){return o},c:function(){return d
2024-10-29 21:15:08 UTC	16383	IN	Data Raw: 74 29 26 26 28 6e 3d 21 30 29 2c 65 2e 72 65 6d 6f 76 65 49 74 65 6d 28 74 29 7d 63 61 74 63 68 28 65 29 7b 7d 72 65 74 75 72 6e 20 6e 7d 2c 65 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 56 61 6c 75 65 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 61 29 7b 76 6f 69 64 20 30 3d 3d 3d 61 26 26 28 61 3d 21 30 29 2c 65 3d 61 3f 74 68 69 73 2e 6e 6f 72 6d 61 6c 69 7a 65 4b 65 79 28 65 29 3a 65 2c 74 68 69 73 2e 64 61 74 61 53 74 6f 72 65 5b 65 5d 3d 74 3b 76 61 72 20 69 3d 74 68 69 73 2e 67 65 74 53 74 6f 72 61 67 65 28 6e 29 3b 69 66 28 69 29 74 72 79 7b 76 61 72 20 72 3d 5b 5d 2c 6f 3d 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 6e 75 6c 6c Data Ascii: t)&&(n=!0),e.removeItem(t)}catch(e){}return n},e.prototype.setValue=function(e,t,n,a){void 0===a&&(a=!0),e=a?this.normalizeKey(e):e,this.dataStore[e]=t;var i=this.getStorage(n);if(i)try{var r=[],o=JSON.stringify(t,function(e,t){if("object"==typeof t&&null
2024-10-29 21:15:08 UTC	16383	IN	Data Raw: 6e 28 69 29 7b 73 77 69 74 63 68 28 69 2e 6c 61 62 65 6c 29 7b 63 61 73 65 20 30 3a 74 3d 65 2e 63 61 63 68 65 4b 65 79 2c 6e 3d 65 2e 76 61 6c 69 64 42 75 66 66 65 72 54 69 6d 65 2c 61 3d 74 68 69 73 2e 5f 6c 6f 67 51 6f 73 28 7b 6e 61 6d 65 3a 22 50 65 72 73 69 73 74 65 6e 74 43 61 63 68 65 2e 72 65 61 64 22 7d 29 2c 6f 3d 4f 28 29 2c 44 61 74 65 2e 6e 6f 77 28 29 2c 69 2e 6c 61 62 65 6c 3d 31 3b 63 61 73 65 20 31 3a 72 65 74 75 72 6e 20 69 2e 74 72 79 73 2e 70 75 73 68 28 5b 31 2c 34 2c 2c 35 5d 29 2c 28 73 3d 74 68 69 73 2e 5f 67 65 74 53 74 6f 72 61 67 65 4b 65 79 28 74 29 29 3f 5b 34 2c 74 68 69 73 2e 5f 67 65 74 44 61 74 61 28 7b 63 61 63 68 65 4b 65 79 3a 74 2c 73 74 6f 72 61 67 65 4b 65 79 3a 73 2c 76 61 6c 69 64 42 75 66 66 65 72 54 69 6d 65 3a Data Ascii: n(i){switch(i.label){case 0:t=e.cacheKey,n=e.validBufferTime,a=this._logQos({name:"PersistentCache.read"}),o=O(),Date.now(),i.label=1;case 1:return i.trys.push([1,4,,5]),(s=this._getStorageKey(t))?[4,this._getData({cacheKey:t,storageKey:s,validBufferTime:
2024-10-29 21:15:08 UTC	16383	IN	Data Raw: 6d 65 2c 72 65 73 75 6c 74 43 6f 64 65 3a 6e 2e 72 65 73 75 6c 74 43 6f 64 65 2c 72 65 73 75 6c 74 54 79 70 65 3a 6e 2e 72 65 73 75 6c 74 54 79 70 65 2c 65 78 74 72 61 44 61 74 61 3a 74 7c 7c 7b 7d 2c 6d 65 73 73 61 67 65 3a 72 2c 73 74 61 63 6b 3a 73 7d 29 3a 6f 2e 6c 6f 67 44 61 74 61 28 7b 65 78 74 72 61 44 61 74 61 3a 74 7c 7c 7b 7d 2c 6d 65 73 73 61 67 65 3a 72 2c 73 74 61 63 6b 3a 73 7d 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 68 28 65 2c 74 2c 6e 2c 61 29 7b 5f 28 65 2c 76 6f 69 64 20 30 2c 7b 65 76 65 6e 74 4e 61 6d 65 3a 74 2c 72 65 73 75 6c 74 43 6f 64 65 3a 6e 2c 72 65 73 75 6c 74 54 79 70 65 3a 61 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 62 28 65 29 7b 76 61 72 20 74 2c 6e 3b 72 65 74 75 72 6e 20 65 3f 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 Data Ascii: me,resultCode:n.resultCode,resultType:n.resultType,extraData:t\|\|{},message:r,stack:s}):o.logData({extraData:t\|\|{},message:r,stack:s})}}function h(e,t,n,a){_(e,void 0,{eventName:t,resultCode:n,resultType:a})}function b(e){var t,n;return e?"object"==typeof
2024-10-29 21:15:08 UTC	16383	IN	Data Raw: 44 69 73 70 6f 73 65 64 3d 21 30 2c 74 68 69 73 2e 6f 66 66 28 29 2c 74 68 69 73 2e 5f 70 61 72 65 6e 74 3d 6e 75 6c 6c 29 7d 2c 65 2e 70 72 6f 74 6f 74 79 70 65 2e 6f 6e 41 6c 6c 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 66 6f 72 28 76 61 72 20 61 20 69 6e 20 74 29 74 68 69 73 2e 6f 6e 28 65 2c 61 2c 74 5b 61 5d 2c 6e 29 7d 2c 65 2e 70 72 6f 74 6f 74 79 70 65 2e 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 69 2c 72 29 7b 76 61 72 20 6f 3d 74 68 69 73 3b 69 66 28 6e 2e 69 6e 64 65 78 4f 66 28 22 2c 22 29 3e 2d 31 29 66 6f 72 28 76 61 72 20 73 3d 6e 2e 73 70 6c 69 74 28 2f 5b 20 2c 5d 2b 2f 29 2c 63 3d 30 3b 63 3c 73 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 74 68 69 73 2e 6f 6e 28 74 2c 73 5b 63 5d 2c 69 2c 72 29 3b 65 6c 73 65 7b 76 61 72 20 64 3d Data Ascii: Disposed=!0,this.off(),this._parent=null)},e.prototype.onAll=function(e,t,n){for(var a in t)this.on(e,a,t[a],n)},e.prototype.on=function(t,n,i,r){var o=this;if(n.indexOf(",")>-1)for(var s=n.split(/[ ,]+/),c=0;c<s.length;c++)this.on(t,s[c],i,r);else{var d=
2024-10-29 21:15:08 UTC	16383	IN	Data Raw: 61 6e 64 6c 65 72 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 3d 30 3b 74 3c 74 68 69 73 2e 5f 68 61 6e 64 6c 65 72 73 2e 6c 65 6e 67 74 68 3b 74 2b 2b 29 69 66 28 74 68 69 73 2e 5f 68 61 6e 64 6c 65 72 73 5b 74 5d 3d 3d 3d 65 29 7b 74 68 69 73 2e 5f 68 61 6e 64 6c 65 72 73 2e 73 70 6c 69 63 65 28 74 2c 31 29 3b 62 72 65 61 6b 7d 7d 2c 65 2e 72 65 67 69 73 74 65 72 4f 6e 43 6f 6e 74 69 6e 75 65 48 61 6e 64 6c 65 72 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 68 69 73 2e 5f 6f 6e 43 6f 6e 74 69 6e 75 65 48 61 6e 64 6c 65 72 3d 65 7d 2c 65 2e 75 6e 52 65 67 69 73 74 65 72 4f 6e 43 6f 6e 74 69 6e 75 65 48 61 6e 64 6c 65 72 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 68 69 73 2e 5f 6f 6e 43 6f 6e 74 69 6e 75 65 48 61 6e 64 6c 65 72 3d 6e 75 Data Ascii: andler=function(e){for(var t=0;t<this._handlers.length;t++)if(this._handlers[t]===e){this._handlers.splice(t,1);break}},e.registerOnContinueHandler=function(e){this._onContinueHandler=e},e.unRegisterOnContinueHandler=function(e){this._onContinueHandler=nu

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:11 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-10-29 21:15:11 UTC	466	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=56377 Date: Tue, 29 Oct 2024 21:15:11 GMT Connection: close X-CID: 2

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:12 UTC	2003	OUT	GET /_layouts/15/images/odbfavicon.ico?rev=47 HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://bioaquatictesting-my.sharepoint.com/personal/securedocument_bio-aquatic_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%2FKravis%20Center%20for%20the%20Performing%20Arts&ga=1 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:15:12 UTC	1943	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 7886 Content-Type: image/x-icon Last-Modified: Thu, 24 Oct 2024 03:09:31 GMT Accept-Ranges: bytes ETag: "80d46b25c225db1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 0,1051136,25,11,188362,0,983357,24 SPRequestDuration: 8 SPIisLatency: 1 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 059729AFE8D14769B64D2D264418FABA Ref B: DFW311000103049 Ref C: 2024-10-29T21:15:12Z Date: Tue, 29 Oct 2024 21:15:12 GMT Connection: close
2024-10-29 21:15:12 UTC	2386	IN	Data Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 6 hf( @
2024-10-29 21:15:12 UTC	5500	IN	Data Raw: df 90 14 cf df 90 14 10 00 00 00 00 00 00 00 00 d4 78 00 cf d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d2 77 00 ff c4 6d 02 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff ba 67 04 ff c9 77 0a ff da 8b 12 ff df 90 14 ff df 90 14 ff df 90 14 ff df 90 14 df df 90 14 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d4 78 00 20 d4 78 00 ef d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff ca 71 01 ff ba 65 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 ef 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: xxxxxxxxxxxxxxwmddddgwx xxxxxxxxxxxxqedddddddddd

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:12 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-10-29 21:15:12 UTC	514	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=56430 Date: Tue, 29 Oct 2024 21:15:12 GMT Content-Length: 55 Connection: close X-CID: 2
2024-10-29 21:15:12 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:13 UTC	1561	OUT	GET /_layouts/15/images/odbfavicon.ico?rev=47 HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:15:13 UTC	1946	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 7886 Content-Type: image/x-icon Last-Modified: Thu, 24 Oct 2024 03:09:31 GMT Accept-Ranges: bytes ETag: "80d46b25c225db1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 0,2102272,0,247,811812,0,2102272,24 SPRequestDuration: 21 SPIisLatency: 12 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: F1FA741F84B547A1A5980CCD57558A0A Ref B: DFW311000103053 Ref C: 2024-10-29T21:15:13Z Date: Tue, 29 Oct 2024 21:15:13 GMT Connection: close
2024-10-29 21:15:13 UTC	2227	IN	Data Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 6 hf( @
2024-10-29 21:15:13 UTC	5659	IN	Data Raw: 90 14 ff df 90 14 ff df 90 14 ff df 90 14 ff df 90 14 ff df 90 14 ff df 90 14 ff df 90 14 ff df 90 14 ff df 90 14 cf 00 00 00 00 d4 78 00 60 d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff cf 74 01 ff bf 69 02 ff bf 6c 06 ff d0 80 0e ff df 90 14 ff df 90 14 ff df 90 14 ff df 90 14 ff df 90 14 ff df 90 14 ff df 90 14 ff df 90 14 ff df 90 14 cf df 90 14 10 00 00 00 00 00 00 00 00 d4 78 00 cf d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d4 78 00 ff d2 77 00 ff c4 6d 02 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff Data Ascii: x`xxxxxxxxxxxxxxxxtilxxxxxxxxxxxxxxwmdddd

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:15 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=KbLBZaSFx4GZ5RC&MD=zaWpSOkc HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-10-29 21:15:15 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" MS-CorrelationId: bc698701-32ae-4d53-a3b5-2148ea9f4ee2 MS-RequestId: ba75745d-e0de-459e-a19b-25951e8cb4d0 MS-CV: WfMOTT4Uq0uy0ncW.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Tue, 29 Oct 2024 21:15:15 GMT Connection: close Content-Length: 24490
2024-10-29 21:15:15 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-10-29 21:15:15 UTC	8666	IN	Data Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:49 UTC	2052	OUT	GET /personal/securedocument_bio-aquatic_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%2FKravis%20Center%20for%20the%20Performing%20Arts&ga=1 HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive Cache-Control: max-age=0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:15:49 UTC	11229	IN	HTTP/1.1 200 OK Cache-Control: private Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 0,8409600,231,319,365718,0,5333901,24 X-SharePointHealthScore: 3 Referrer-Policy: no-referrer, strict-origin-when-cross-origin Reporting-Endpoints: cspendpoint="https://bioaquatictesting-my.sharepoint.com/personal/securedocument_bio-aquatic_com/_layouts/15/CSPReporting.aspx" X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com .office365.com .powerapps.com .yammer.com engage.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com .powerapps.com .yammer.com engage.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com .cloud.microsoft app.powerbi.com; Content-Security-Policy-Report-Only: base-uri 'none';;report-to cspendpoint Content-Security-Policy: worker-src 'self' blob:;script-src https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://fabriciss.azureedge.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://res-1.cdn.office.net https://res-1.cdn.office.net https://res-2.cdn.office.net https://webshell.suite.office.com https://amcdn.msftauth.net .cdn.office.net .fluidpreview.office.net https://res-1.cdn.office.net https://teams.microsoft.com https://js.monitor.azure.com https://r4.res.office365.com https://c1-excel-15.cdn.office.net https://c1-onenote-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net https://loki.delve.office.com https://res.cdn.office.net/midgard/ https://substrate.office.com 'unsafe-eval' 'nonce-9fbae73f-0974-42ee-9d [TRUNCATED] Content-Security-Policy-Report-Only: style-src https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://fabriciss.azureedge.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://res-1.cdn.office.net https://res-1.cdn.office.net https://res-2.cdn.office.net https://webshell.suite.office.com https://amcdn.msftauth.net .cdn.office.net .fluidpreview.office.net https://res-1.cdn.office.net https://teams.microsoft.com https://js.monitor.azure.com https://r4.res.office365.com https://c1-excel-15.cdn.office.net https://c1-onenote-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net https://loki.delve.office.com https://res.cdn.office.net/midgard/ https://substrate.office.com 'self' blob: 'unsafe-inline';connect-src 'self' blob: h [TRUNCATED] X-Service-Worker-Application-Id: STS X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: f6c45ea1-9019-6000-ca30-eaf3ea8a92bd request-id: f6c45ea1-9019-6000-ca30-eaf3ea8a92bd MS-CV: oV7E9hmQAGDKMOrz6oqSvQ.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=6499e60f-c550-4765-a48f-ea62fe73b677&destinationEndpoint=Edge-Prod-DFW31r5d&frontEnd=AFD&RemoteIP=173.254.250.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 6A06CDC6798A457FAFEF66406BE6D7BC Ref B: DFW311000108047 Ref C: 2024-10-29T21:15:49Z Date: Tue, 29 Oct 2024 21:15:48 GMT Connection: close
2024-10-29 21:15:49 UTC	1037	IN	Data Raw: 34 30 36 0d 0a 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 75 73 22 20 64 69 72 3d 22 6c 74 72 22 3e 0d 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 47 45 4e 45 52 41 54 4f 52 22 20 63 6f 6e 74 65 6e 74 3d 22 4d 69 63 72 6f 73 6f 66 74 20 53 68 61 72 65 50 6f 69 6e 74 22 20 2f 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 Data Ascii: 406<!DOCTYPE html><html lang="en-us" dir="ltr"><head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-type" content="text/html; charset=utf-8" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta http-equ
2024-10-29 21:15:49 UTC	4248	IN	Data Raw: 31 30 39 30 0d 0a 61 76 61 73 63 72 69 70 74 22 20 69 64 3d 22 53 75 69 74 65 4e 61 76 53 68 65 6c 6c 43 6f 72 65 22 20 6e 6f 6e 63 65 3d 22 39 66 62 61 65 37 33 66 2d 30 39 37 34 2d 34 32 65 65 2d 39 64 64 31 2d 39 35 36 35 35 35 37 63 33 65 65 63 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 68 65 6c 6c 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 2f 61 70 69 2f 53 68 65 6c 6c 42 6f 6f 74 73 74 72 61 70 70 65 72 2f 62 75 73 69 6e 65 73 73 2f 4f 6e 65 53 68 65 6c 6c 22 3e 0d 0a 0d 0a 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 6e 6f 6e 63 65 3d 22 39 66 62 61 65 37 33 66 2d 30 39 37 34 2d Data Ascii: 1090avascript" id="SuiteNavShellCore" nonce="9fbae73f-0974-42ee-9dd1-9565557c3eec" crossorigin="anonymous" async src="https://shell.cdn.office.net/api/ShellBootstrapper/business/OneShell"></script><script type="text/javascript" nonce="9fbae73f-0974-
2024-10-29 21:15:49 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 58 53 65 61 72 63 68 54 65 78 74 3a 20 73 65 61 72 63 68 51 75 65 72 79 2c 20 65 6e 61 62 6c 65 44 65 6c 61 79 4c 6f 61 64 69 6e 67 3a 20 74 72 75 65 2c 20 63 6f 6c 6c 61 70 73 65 4f 33 36 35 53 65 74 74 69 6e 67 73 3a 20 66 61 6c 73 65 2c 20 64 69 73 61 62 6c 65 44 65 6c 61 79 4c 6f 61 64 3a 20 66 61 6c 73 65 2c 20 64 69 73 61 62 6c 65 53 68 65 6c 6c 50 6c 75 73 3a 20 66 61 6c 73 65 2c 20 69 73 54 68 69 6e 48 65 61 64 65 72 3a 20 74 72 75 65 2c 20 65 6e 61 62 6c 65 4c 65 67 61 63 79 52 65 73 70 6f 6e 73 69 76 65 42 65 68 61 76 69 6f 72 3a 20 66 61 6c 73 65 2c 20 65 78 70 65 63 74 53 65 61 72 63 68 42 6f 78 53 65 74 74 69 6e 67 73 3a 20 74 72 75 65 2c 20 64 61 72 6b 41 63 63 65 6e 74 3a 20 27 23 38 32 43 37 46 46 27 2c 20 73 68 65 6c 6c Data Ascii: 2000XSearchText: searchQuery, enableDelayLoading: true, collapseO365Settings: false, disableDelayLoad: false, disableShellPlus: false, isThinHeader: true, enableLegacyResponsiveBehavior: false, expectSearchBoxSettings: true, darkAccent: '#82C7FF', shell
2024-10-29 21:15:49 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 77 77 67 46 68 4d 43 4d 75 5a 6e 78 74 5a 57 31 69 5a 58 4a 7a 61 47 6c 77 66 48 56 79 62 69 55 7a 59 58 4e 77 62 79 55 7a 59 57 46 75 62 32 34 6a 4f 54 67 77 4e 54 4d 79 4f 54 55 33 59 6a 4e 6a 5a 47 45 35 5a 6a 6c 6d 4f 54 5a 6b 4d 6d 55 33 4d 54 4d 32 5a 47 5a 6d 4f 57 49 34 4e 6d 59 30 4d 6d 51 34 59 7a 45 31 59 54 67 78 5a 44 51 33 59 6a 49 77 59 6a 5a 6b 5a 6a 59 79 59 32 56 6d 4f 54 68 6c 4e 73 67 42 41 51 2e 73 42 54 56 5a 69 45 32 50 6d 74 43 49 70 30 75 6a 42 4f 50 30 55 6f 46 7a 2d 2d 79 62 52 6b 67 38 50 64 69 75 75 6c 4c 42 53 34 22 7d 2c 22 76 61 6e 69 74 79 55 72 6c 73 22 3a 7b 7d 2c 22 6d 75 6c 74 69 47 65 6f 49 6e 66 6f 22 3a 5b 7b 22 49 6e 73 74 61 6e 63 65 49 64 22 3a 22 37 30 30 63 39 35 31 32 2d 38 35 31 32 2d 34 39 Data Ascii: 2000wwgFhMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNsgBAQ.sBTVZiE2PmtCIp0ujBOP0UoFz--ybRkg8PdiuulLBS4"},"vanityUrls":{},"multiGeoInfo":[{"InstanceId":"700c9512-8512-49
2024-10-29 21:15:49 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 41 46 44 38 45 39 36 41 22 3a 74 72 75 65 2c 22 38 38 32 42 41 30 39 30 2d 34 39 36 33 2d 34 37 30 32 2d 39 44 35 33 2d 39 42 45 43 32 42 42 34 43 43 35 45 22 3a 74 72 75 65 2c 22 45 35 39 43 36 31 30 35 2d 41 34 31 34 2d 34 45 38 35 2d 39 30 46 39 2d 39 42 30 39 38 31 39 31 39 46 45 31 22 3a 74 72 75 65 2c 22 34 46 43 37 44 46 46 34 2d 32 31 44 34 2d 34 30 36 39 2d 38 38 42 36 2d 30 41 44 36 35 32 45 46 30 39 34 32 22 3a 74 72 75 65 2c 22 44 42 39 44 32 32 33 41 2d 38 36 35 42 2d 34 33 44 30 2d 39 45 34 38 2d 33 38 32 32 43 30 42 46 44 45 37 31 22 3a 74 72 75 65 2c 22 39 38 42 35 43 44 35 36 2d 31 33 34 35 2d 34 35 34 41 2d 41 39 44 31 2d 30 36 38 44 39 42 32 42 44 42 38 30 22 3a 74 72 75 65 2c 22 45 31 42 38 36 41 39 35 2d 33 31 45 35 Data Ascii: 2000AFD8E96A":true,"882BA090-4963-4702-9D53-9BEC2BB4CC5E":true,"E59C6105-A414-4E85-90F9-9B0981919FE1":true,"4FC7DFF4-21D4-4069-88B6-0AD652EF0942":true,"DB9D223A-865B-43D0-9E48-3822C0BFDE71":true,"98B5CD56-1345-454A-A9D1-068D9B2BDB80":true,"E1B86A95-31E5
2024-10-29 21:15:50 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 22 3a 74 72 75 65 2c 22 33 30 45 35 38 36 46 42 2d 41 42 37 36 2d 34 45 30 39 2d 39 46 33 41 2d 33 41 41 45 32 45 45 39 39 30 30 30 22 3a 74 72 75 65 2c 22 39 33 31 37 31 44 39 31 2d 37 37 31 30 2d 34 38 30 35 2d 38 42 39 31 2d 46 35 35 39 32 34 37 41 46 39 41 32 22 3a 74 72 75 65 2c 22 41 35 43 38 46 34 36 41 2d 32 35 41 30 2d 34 38 34 31 2d 39 42 42 46 2d 39 35 43 34 38 36 32 30 37 31 33 42 22 3a 74 72 75 65 2c 22 43 31 41 41 39 39 46 39 2d 33 45 45 33 2d 34 42 46 35 2d 39 44 39 30 2d 30 39 32 41 32 31 31 32 46 34 39 45 22 3a 74 72 75 65 2c 22 45 32 45 37 35 37 41 34 2d 37 39 45 36 2d 34 44 36 37 2d 41 42 30 45 2d 34 34 32 32 39 39 42 32 31 39 36 39 22 3a 74 72 75 65 2c 22 32 33 38 33 46 42 39 37 2d 43 33 45 33 2d 34 43 33 31 2d 39 46 Data Ascii: 2000":true,"30E586FB-AB76-4E09-9F3A-3AAE2EE99000":true,"93171D91-7710-4805-8B91-F559247AF9A2":true,"A5C8F46A-25A0-4841-9BBF-95C48620713B":true,"C1AA99F9-3EE3-4BF5-9D90-092A2112F49E":true,"E2E757A4-79E6-4D67-AB0E-442299B21969":true,"2383FB97-C3E3-4C31-9F
2024-10-29 21:15:50 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 32 43 35 35 30 32 45 38 2d 39 42 46 30 2d 34 45 44 39 2d 41 44 37 36 2d 39 42 42 45 31 31 34 35 45 37 36 31 22 3a 74 72 75 65 2c 22 30 46 44 33 46 33 33 37 2d 38 35 39 44 2d 34 45 42 35 2d 42 44 33 34 2d 31 32 33 41 33 35 42 31 34 32 33 44 22 3a 74 72 75 65 2c 22 41 43 35 43 33 43 46 33 2d 33 45 32 35 2d 34 35 43 32 2d 41 32 32 30 2d 37 44 33 34 38 36 34 43 34 44 34 30 22 3a 74 72 75 65 2c 22 31 37 46 44 37 46 43 39 2d 44 37 35 39 2d 34 32 35 32 2d 39 31 35 31 2d 42 43 33 30 33 31 45 32 31 44 46 34 22 3a 74 72 75 65 2c 22 46 33 42 31 42 31 42 39 2d 30 42 33 45 2d 34 42 33 42 2d 38 42 33 42 2d 30 42 33 42 31 42 33 42 31 42 33 42 22 3a 74 72 75 65 2c 22 44 42 44 37 38 31 45 46 2d 30 34 44 37 2d 34 44 30 34 2d 42 45 33 32 2d 45 30 43 35 44 Data Ascii: 20002C5502E8-9BF0-4ED9-AD76-9BBE1145E761":true,"0FD3F337-859D-4EB5-BD34-123A35B1423D":true,"AC5C3CF3-3E25-45C2-A220-7D34864C4D40":true,"17FD7FC9-D759-4252-9151-BC3031E21DF4":true,"F3B1B1B9-0B3E-4B3B-8B3B-0B3B1B3B1B3B":true,"DBD781EF-04D7-4D04-BE32-E0C5D
2024-10-29 21:15:50 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 2d 30 41 46 41 2d 34 45 42 35 2d 38 41 31 46 2d 36 38 31 42 46 31 35 42 34 46 43 44 22 3a 74 72 75 65 2c 22 39 46 31 39 39 36 44 35 2d 42 33 37 41 2d 34 33 42 33 2d 38 43 32 34 2d 46 30 46 35 44 31 41 35 33 35 44 38 22 3a 74 72 75 65 2c 22 32 45 34 36 46 41 45 39 2d 41 30 39 31 2d 34 41 45 46 2d 39 43 44 33 2d 36 45 37 43 39 32 46 37 45 41 31 43 22 3a 74 72 75 65 2c 22 44 44 31 31 38 39 31 30 2d 32 33 38 39 2d 34 42 37 46 2d 42 37 34 34 2d 30 46 38 43 37 43 42 30 46 36 33 36 22 3a 74 72 75 65 2c 22 42 33 36 32 45 30 38 42 2d 37 46 36 41 2d 34 45 36 46 2d 42 37 44 30 2d 45 43 45 35 46 32 42 39 33 35 34 41 22 3a 74 72 75 65 2c 22 34 37 35 30 33 41 39 38 2d 46 42 30 36 2d 34 34 30 41 2d 42 39 32 31 2d 31 34 35 37 41 32 32 42 31 37 46 39 22 Data Ascii: 2000-0AFA-4EB5-8A1F-681BF15B4FCD":true,"9F1996D5-B37A-43B3-8C24-F0F5D1A535D8":true,"2E46FAE9-A091-4AEF-9CD3-6E7C92F7EA1C":true,"DD118910-2389-4B7F-B744-0F8C7CB0F636":true,"B362E08B-7F6A-4E6F-B7D0-ECE5F2B9354A":true,"47503A98-FB06-440A-B921-1457A22B17F9"
2024-10-29 21:15:50 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 44 33 2d 39 34 33 38 2d 34 34 43 34 31 37 30 37 39 44 42 43 22 3a 74 72 75 65 2c 22 42 36 30 42 41 38 31 37 2d 36 37 31 34 2d 34 42 30 46 2d 42 36 45 34 2d 37 45 42 38 34 33 41 43 45 43 38 41 22 3a 74 72 75 65 2c 22 31 35 42 34 30 34 41 35 2d 30 36 33 34 2d 34 45 46 43 2d 38 39 45 35 2d 38 43 36 31 41 37 38 36 41 42 44 36 22 3a 74 72 75 65 2c 22 46 44 45 45 36 31 46 36 2d 32 34 45 46 2d 34 30 44 30 2d 42 35 43 32 2d 30 36 30 36 43 42 31 46 37 33 39 34 22 3a 74 72 75 65 2c 22 41 33 46 45 31 41 37 31 2d 43 33 41 31 2d 34 38 46 39 2d 39 31 45 41 2d 33 31 37 36 32 36 31 30 38 45 36 34 22 3a 74 72 75 65 2c 22 36 38 45 31 31 45 31 33 2d 31 44 45 43 2d 34 32 35 37 2d 41 42 39 38 2d 30 38 36 45 35 43 45 44 33 42 36 46 22 3a 74 72 75 65 2c 22 36 Data Ascii: 2000D3-9438-44C417079DBC":true,"B60BA817-6714-4B0F-B6E4-7EB843ACEC8A":true,"15B404A5-0634-4EFC-89E5-8C61A786ABD6":true,"FDEE61F6-24EF-40D0-B5C2-0606CB1F7394":true,"A3FE1A71-C3A1-48F9-91EA-317626108E64":true,"68E11E13-1DEC-4257-AB98-086E5CED3B6F":true,"6
2024-10-29 21:15:50 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 33 34 42 35 45 33 45 38 43 44 34 36 22 3a 74 72 75 65 2c 22 43 44 38 30 46 44 33 41 2d 44 36 32 46 2d 34 41 34 35 2d 39 33 37 31 2d 38 46 32 42 36 39 45 46 43 32 34 32 22 3a 74 72 75 65 2c 22 31 37 42 44 33 31 32 31 2d 38 33 44 38 2d 34 35 30 42 2d 39 42 39 34 2d 36 33 46 30 35 43 42 30 44 46 41 31 22 3a 74 72 75 65 2c 22 37 33 32 36 38 45 32 34 2d 31 31 41 35 2d 34 34 43 32 2d 41 43 39 38 2d 45 33 44 43 38 39 43 46 30 45 46 45 22 3a 74 72 75 65 2c 22 45 35 33 43 31 33 34 39 2d 45 43 32 38 2d 34 42 39 42 2d 42 33 33 46 2d 35 30 45 46 37 38 39 31 45 44 43 33 22 3a 74 72 75 65 2c 22 36 42 31 42 33 43 45 33 2d 39 35 34 45 2d 34 39 41 30 2d 42 30 31 42 2d 46 46 39 41 33 42 32 46 30 46 35 39 22 3a 74 72 75 65 2c 22 41 42 46 30 44 36 33 36 2d Data Ascii: 200034B5E3E8CD46":true,"CD80FD3A-D62F-4A45-9371-8F2B69EFC242":true,"17BD3121-83D8-450B-9B94-63F05CB0DFA1":true,"73268E24-11A5-44C2-AC98-E3DC89CF0EFE":true,"E53C1349-EC28-4B9B-B33F-50EF7891EDC3":true,"6B1B3CE3-954E-49A0-B01B-FF9A3B2F0F59":true,"ABF0D636-

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:52 UTC	2175	OUT	POST /personal/securedocument_bio-aquatic_com/_api/v2.1/graphql HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive Content-Length: 507 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" accept: application/json;odata=verbose Content-Type: application/json;odata=verbose X-ServiceWorker-Strategy: CacheFirst sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://bioaquatictesting-my.sharepoint.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://bioaquatictesting-my.sharepoint.com/personal/securedocument_bio-aquatic_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%2FKravis%20Center%20for%20the%20Performing%20Arts&ga=1 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:15:52 UTC	507	OUT	Data Raw: 7b 22 71 75 65 72 79 22 3a 22 71 75 65 72 79 20 28 5c 6e 20 20 20 20 20 20 20 20 24 73 70 6f 53 75 69 74 65 4c 69 6e 6b 73 51 75 65 72 79 53 74 72 69 6e 67 3a 20 53 74 72 69 6e 67 21 5c 6e 20 20 20 20 20 20 20 20 29 5c 6e 20 20 20 20 20 20 7b 5c 6e 20 20 20 20 20 20 5c 6e 20 20 20 20 20 20 6c 65 67 61 63 79 20 7b 5c 6e 20 20 20 20 20 20 73 70 6f 53 75 69 74 65 4c 69 6e 6b 73 28 5c 6e 20 20 20 20 20 20 71 75 65 72 79 53 74 72 69 6e 67 3a 20 24 73 70 6f 53 75 69 74 65 4c 69 6e 6b 73 51 75 65 72 79 53 74 72 69 6e 67 5c 6e 20 20 20 20 20 20 29 20 20 20 20 20 20 20 20 20 20 5c 6e 20 20 20 20 20 20 5c 6e 20 20 20 20 7d 5c 6e 20 20 20 20 20 20 5c 6e 20 20 20 20 20 20 5c 6e 20 20 70 65 72 66 20 7b 5c 6e 20 20 20 20 65 78 65 63 75 74 69 6f 6e 54 69 6d 65 5c 6e 20 Data Ascii: {"query":"query (\n $spoSuiteLinksQueryString: String!\n )\n {\n \n legacy {\n spoSuiteLinks(\n queryString: $spoSuiteLinksQueryString\n ) \n \n }\n \n \n perf {\n executionTime\n
2024-10-29 21:15:52 UTC	3184	IN	HTTP/1.1 200 OK Cache-Control: private Content-Length: 17994 Content-Type: application/json P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 1,8409600,28176,1312,842757,8409600,8409600,24 X-SharePointHealthScore: 2 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: f6c45ea1-30cd-6000-a0f4-35dd710bce17 request-id: f6c45ea1-30cd-6000-a0f4-35dd710bce17 MS-CV: oV7E9s0wAGCg9DXdcQvOFw.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=6499e60f-c550-4765-a48f-ea62fe73b677&destinationEndpoint=Edge-Prod-DFW31r5a&frontEnd=AFD&RemoteIP=173.254.250.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: B2DECA6457654851974527EDBEC74F71 Ref B: DFW311000110009 Ref C: 2024-10-29T21:15:52Z Date: Tue, 29 Oct 2024 21:15:52 GMT Connection: close
2024-10-29 21:15:52 UTC	963	IN	Data Raw: 7b 22 64 61 74 61 22 3a 7b 22 6c 65 67 61 63 79 22 3a 7b 22 73 70 6f 53 75 69 74 65 4c 69 6e 6b 73 22 3a 7b 0a 20 22 53 50 53 75 69 74 65 56 65 72 73 69 6f 6e 22 3a 32 2c 0a 20 22 53 50 49 73 4d 6f 62 69 6c 65 22 3a 66 61 6c 73 65 2c 0a 20 22 43 73 73 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 72 65 73 2d 31 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 2f 73 68 65 6c 6c 75 78 2f 73 75 69 74 65 75 78 2e 73 68 65 6c 6c 2e 73 68 61 72 65 64 2e 33 38 34 61 61 63 65 35 66 39 38 61 38 36 32 32 66 34 32 31 63 66 35 39 39 33 35 37 62 36 38 64 2e 63 73 73 22 2c 0a 20 22 4a 73 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 72 65 73 2d 31 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 2f 73 68 65 6c 6c 75 78 2f 73 75 69 74 65 75 78 2e 73 68 65 6c 6c 2e 62 6f 6f 74 73 74 72 Data Ascii: {"data":{"legacy":{"spoSuiteLinks":{ "SPSuiteVersion":2, "SPIsMobile":false, "CssUrl":"https://res-1.cdn.office.net/shellux/suiteux.shell.shared.384aace5f98a8622f421cf599357b68d.css", "JsUrl":"https://res-1.cdn.office.net/shellux/suiteux.shell.bootstr
2024-10-29 21:15:52 UTC	8192	IN	Data Raw: 5c 22 2c 5c 22 41 70 70 48 65 61 64 65 72 4c 69 6e 6b 54 65 78 74 5c 22 3a 6e 75 6c 6c 2c 5c 22 41 70 70 48 65 61 64 65 72 4c 69 6e 6b 55 72 6c 5c 22 3a 6e 75 6c 6c 2c 5c 22 41 70 70 49 63 6f 6e 73 44 6f 77 6e 6c 6f 61 64 45 6e 61 62 6c 65 64 5c 22 3a 66 61 6c 73 65 2c 5c 22 41 70 70 73 50 69 6e 6e 65 64 44 61 74 61 5c 22 3a 6e 75 6c 6c 2c 5c 22 41 70 70 73 55 70 64 61 74 65 54 69 6d 65 53 70 61 6e 5c 22 3a 31 34 34 30 30 30 30 30 2c 5c 22 41 72 69 61 54 65 6c 65 6d 65 74 72 79 45 6e 61 62 6c 65 64 5c 22 3a 74 72 75 65 2c 5c 22 41 72 69 61 54 65 6c 65 6d 65 74 72 79 53 65 72 76 65 72 52 65 71 75 65 73 74 49 6e 66 6c 75 78 43 6f 6e 74 72 6f 6c 5c 22 3a 35 2c 5c 22 41 72 69 61 54 65 6c 65 6d 65 74 72 79 54 65 6e 61 6e 74 54 6f 6b 65 6e 5c 22 3a 5c 22 63 36 Data Ascii: \",\"AppHeaderLinkText\":null,\"AppHeaderLinkUrl\":null,\"AppIconsDownloadEnabled\":false,\"AppsPinnedData\":null,\"AppsUpdateTimeSpan\":14400000,\"AriaTelemetryEnabled\":true,\"AriaTelemetryServerRequestInfluxControl\":5,\"AriaTelemetryTenantToken\":\"c6
2024-10-29 21:15:52 UTC	4167	IN	Data Raw: 6c 2e 73 62 2d 73 74 72 69 6e 67 73 2e 64 35 33 30 64 61 62 36 35 61 36 66 30 35 61 32 31 63 36 32 2e 6a 73 5c 22 2c 5c 22 73 65 61 72 63 68 2d 62 6f 78 2d 63 6f 6e 74 61 69 6e 65 72 2d 70 6c 75 67 69 6e 73 5f 64 69 73 74 5f 6f 6e 64 65 6d 61 6e 64 5f 6a 73 5c 22 3a 5c 22 68 74 74 70 73 3a 2f 2f 72 65 73 2d 31 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 2f 73 68 65 6c 6c 75 78 2f 73 75 69 74 65 75 78 2e 73 68 65 6c 6c 2e 73 65 61 72 63 68 2d 62 6f 78 2d 63 6f 6e 74 61 69 6e 65 72 2d 70 6c 75 67 69 6e 73 5f 64 69 73 74 5f 6f 6e 64 65 6d 61 6e 64 5f 6a 73 2e 37 63 62 63 61 33 63 33 33 37 64 36 30 62 35 34 62 65 33 62 2e 6a 73 5c 22 2c 5c 22 73 65 61 72 63 68 62 6f 78 5c 22 3a 5c 22 68 74 74 70 73 3a 2f 2f 72 65 73 2d 31 2e 63 64 6e 2e 6f 66 66 69 63 65 2e Data Ascii: l.sb-strings.d530dab65a6f05a21c62.js\",\"search-box-container-plugins_dist_ondemand_js\":\"https://res-1.cdn.office.net/shellux/suiteux.shell.search-box-container-plugins_dist_ondemand_js.7cbca3c337d60b54be3b.js\",\"searchbox\":\"https://res-1.cdn.office.
2024-10-29 21:15:52 UTC	4672	IN	Data Raw: 6e 69 74 79 22 2c 22 4d 65 6e 75 4e 61 6d 65 22 3a 6e 75 6c 6c 2c 22 53 65 72 76 69 63 65 49 64 22 3a 6e 75 6c 6c 2c 22 53 75 62 4c 69 6e 6b 73 22 3a 6e 75 6c 6c 2c 22 54 61 72 67 65 74 57 69 6e 64 6f 77 22 3a 22 5f 62 6c 61 6e 6b 22 2c 22 54 65 78 74 22 3a 22 43 6f 6d 6d 75 6e 69 74 79 22 2c 22 54 69 74 6c 65 22 3a 22 43 6f 6d 6d 75 6e 69 74 79 22 2c 22 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 61 6e 73 77 65 72 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 65 6e 2d 55 53 2f 6d 73 6f 66 66 69 63 65 22 7d 2c 22 43 6f 6d 70 61 6e 79 44 69 73 70 6c 61 79 4e 61 6d 65 22 3a 6e 75 6c 6c 2c 22 43 6f 72 72 65 6c 61 74 69 6f 6e 49 44 22 3a 22 34 39 66 36 61 32 36 61 2d 39 65 66 66 2d 34 39 37 30 2d 62 38 37 65 2d 64 31 65 65 30 62 30 61 66 38 32 37 22 2c 22 43 Data Ascii: nity","MenuName":null,"ServiceId":null,"SubLinks":null,"TargetWindow":"_blank","Text":"Community","Title":"Community","Url":"https://answers.microsoft.com/en-US/msoffice"},"CompanyDisplayName":null,"CorrelationID":"49f6a26a-9eff-4970-b87e-d1ee0b0af827","C

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:52 UTC	306	OUT	GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=KbLBZaSFx4GZ5RC&MD=zaWpSOkc HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-10-29 21:15:53 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440" MS-CorrelationId: 55e8083d-7f08-4d5c-83d9-86ec12d6625d MS-RequestId: 24f73566-dd7c-481d-af4b-d00c23694aff MS-CV: 7UcEg1ddx0yJB6Dw.0 X-Microsoft-SLSClientCache: 1440 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Tue, 29 Oct 2024 21:15:52 GMT Connection: close Content-Length: 30005
2024-10-29 21:15:53 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK\|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
2024-10-29 21:15:53 UTC	14181	IN	Data Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:53 UTC	1611	OUT	GET /personal/securedocument_bio-aquatic_com/_api/v2.1/graphql HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:15:53 UTC	3170	IN	HTTP/1.1 200 OK Cache-Control: private Content-Length: 87 Content-Type: application/json P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 0,2102272,0,191,435763,0,2102272,24 X-SharePointHealthScore: 2 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: f7c45ea1-7011-6000-c88a-b44694f32fc1 request-id: f7c45ea1-7011-6000-c88a-b44694f32fc1 MS-CV: oV7E9xFwAGDIirRGlPMvwQ.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-DFW31r5b&frontEnd=AFD&RemoteIP=173.254.250.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 1A230C8BC47642F8B9BFE944EB88A9E6 Ref B: DFW311000103033 Ref C: 2024-10-29T21:15:53Z Date: Tue, 29 Oct 2024 21:15:53 GMT Connection: close
2024-10-29 21:15:53 UTC	87	IN	Data Raw: 7b 22 65 72 72 6f 72 73 22 3a 5b 7b 22 6d 65 73 73 61 67 65 22 3a 22 41 20 71 75 65 72 79 20 69 73 20 72 65 71 75 69 72 65 64 2e 22 2c 22 65 78 74 65 6e 73 69 6f 6e 73 22 3a 7b 22 63 6f 64 65 22 3a 22 45 58 45 43 55 54 49 4f 4e 5f 45 52 52 4f 52 22 7d 7d 5d 7d Data Ascii: {"errors":[{"message":"A query is required.","extensions":{"code":"EXECUTION_ERROR"}}]}

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:57 UTC	2723	OUT	POST /personal/securedocument_bio-aquatic_com/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%27&TryNewExperienceSingle=TRUE HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive Content-Length: 821 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" x-ms-cc: t ScenarioType: AUO sec-ch-ua-mobile: ?0 Authorization: Bearer User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 CollectSPPerfMetrics: SPSQLQueryCount Content-Type: application/json;odata=verbose accept: application/json;odata=verbose X-ClientService-ClientTag: ODB Web X-SP-REQUESTRESOURCES: listUrl=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments X-ServiceWorker-Strategy: CacheFirst x-requestdigest: 0x582B23EB9E0B53E2E5D910F21A4F84FC98C9B63ABE5B9BE9738BBEBAB3948709FED4E3D594AA3F62AE22E571D4EC54F672A7E1B06E2ABBD1194F994931EDBF98,29 Oct 2024 21:15:49 -0000 sec-ch-ua-platform: "Windows" Origin: https://bioaquatictesting-my.sharepoint.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://bioaquatictesting-my.sharepoint.com/personal/securedocument_bio-aquatic_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%2FKravis%20Center%20for%20the%20Performing%20Arts&ga=1 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:15:57 UTC	821	OUT	Data Raw: 7b 22 70 61 72 61 6d 65 74 65 72 73 22 3a 7b 22 5f 5f 6d 65 74 61 64 61 74 61 22 3a 7b 22 74 79 70 65 22 3a 22 53 50 2e 52 65 6e 64 65 72 4c 69 73 74 44 61 74 61 50 61 72 61 6d 65 74 65 72 73 22 7d 2c 22 52 65 6e 64 65 72 4f 70 74 69 6f 6e 73 22 3a 31 30 35 32 36 37 39 2c 22 56 69 65 77 58 6d 6c 22 3a 22 3c 56 69 65 77 20 3e 3c 51 75 65 72 79 3e 3c 2f 51 75 65 72 79 3e 3c 56 69 65 77 46 69 65 6c 64 73 3e 3c 46 69 65 6c 64 52 65 66 20 4e 61 6d 65 3d 5c 22 44 6f 63 49 63 6f 6e 5c 22 2f 3e 3c 46 69 65 6c 64 52 65 66 20 4e 61 6d 65 3d 5c 22 4c 69 6e 6b 46 69 6c 65 6e 61 6d 65 5c 22 2f 3e 3c 46 69 65 6c 64 52 65 66 20 4e 61 6d 65 3d 5c 22 4d 6f 64 69 66 69 65 64 5c 22 2f 3e 3c 46 69 65 6c 64 52 65 66 20 4e 61 6d 65 3d 5c 22 45 64 69 74 6f 72 5c 22 2f 3e 3c 46 Data Ascii: {"parameters":{"__metadata":{"type":"SP.RenderListDataParameters"},"RenderOptions":1052679,"ViewXml":"<View ><Query></Query><ViewFields><FieldRef Name=\"DocIcon\"/><FieldRef Name=\"LinkFilename\"/><FieldRef Name=\"Modified\"/><FieldRef Name=\"Editor\"/><F
2024-10-29 21:15:57 UTC	3422	IN	HTTP/1.1 200 OK Cache-Control: private, max-age=0 Transfer-Encoding: chunked Content-Type: application/json; charset=utf-8 Expires: Mon, 14 Oct 2024 21:15:57 GMT Last-Modified: Tue, 29 Oct 2024 21:15:57 GMT Vary: Origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 0,2102272,365,156,671639,0,2102272,24 X-SharePointHealthScore: 1 X-SP-SERVERSTATE: ReadOnly=0 DATASERVICEVERSION: 3.0 SPClientServiceRequestDuration: 103 SPRequestDuration: 103 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: f7c45ea1-f0f4-6000-ca30-e3f9eb70f556 request-id: f7c45ea1-f0f4-6000-ca30-e3f9eb70f556 MS-CV: oV7E9/TwAGDKMOP563D1Vg.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=6499e60f-c550-4765-a48f-ea62fe73b677&destinationEndpoint=Edge-Prod-DFW31r5c&frontEnd=AFD&RemoteIP=173.254.250.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 106443699002451CA24883447DF9743A Ref B: DFW311000105011 Ref C: 2024-10-29T21:15:57Z Date: Tue, 29 Oct 2024 21:15:56 GMT Connection: close
2024-10-29 21:15:57 UTC	2357	IN	Data Raw: 39 32 65 0d 0a 7b 22 77 70 71 22 3a 22 22 2c 22 54 65 6d 70 6c 61 74 65 73 22 3a 7b 7d 2c 22 4c 69 73 74 44 61 74 61 22 3a 7b 20 22 52 6f 77 22 20 3a 20 0a 5b 7b 0d 0a 22 49 44 22 3a 20 22 34 35 22 2c 0d 0a 22 50 65 72 6d 4d 61 73 6b 22 3a 20 22 30 78 31 30 30 33 30 30 38 30 33 31 30 30 31 22 2c 0d 0a 22 46 53 4f 62 6a 54 79 70 65 22 3a 20 22 31 22 2c 0d 0a 22 48 54 4d 4c 5f 78 30 30 32 30 5f 46 69 6c 65 5f 78 30 30 32 30 5f 54 79 70 65 22 3a 20 22 22 2c 0d 0a 22 55 6e 69 71 75 65 49 64 22 3a 20 22 7b 39 38 44 36 44 33 41 37 2d 39 31 43 37 2d 34 38 32 35 2d 42 31 39 46 2d 45 45 36 37 45 31 36 38 30 33 32 45 7d 22 2c 0d 0a 22 50 72 6f 67 49 64 22 3a 20 22 22 2c 0d 0a 22 4e 6f 45 78 65 63 75 74 65 22 3a 20 22 30 22 2c 0d 0a 22 43 6f 6e 74 65 6e 74 54 79 70 Data Ascii: 92e{"wpq":"","Templates":{},"ListData":{ "Row" : [{"ID": "45","PermMask": "0x1003008031001","FSObjType": "1","HTML_x0020_File_x0020_Type": "","UniqueId": "{98D6D3A7-91C7-4825-B19F-EE67E168032E}","ProgId": "","NoExecute": "0","ContentTyp
2024-10-29 21:15:57 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 61 74 65 2e 22 3a 20 22 22 2c 0d 0a 22 5f 61 63 74 69 76 69 74 79 22 3a 20 22 7b 5c 22 46 69 6c 65 41 63 74 69 76 69 74 79 54 79 70 65 5c 22 3a 5c 22 39 5c 22 2c 5c 22 46 69 6c 65 41 63 74 69 76 69 74 79 54 69 6d 65 53 74 61 6d 70 5c 22 3a 5c 22 32 30 32 34 2d 31 30 2d 32 39 54 31 33 3a 32 37 3a 32 34 2e 37 37 33 5a 5c 22 2c 5c 22 46 69 6c 65 41 63 74 69 76 69 74 79 55 73 65 72 73 4f 6e 50 61 67 65 5c 22 3a 5b 7b 5c 22 44 69 73 70 6c 61 79 4e 61 6d 65 5c 22 3a 5c 22 53 65 63 75 72 65 20 44 6f 63 75 6d 65 6e 74 5c 22 2c 5c 22 49 64 5c 22 3a 5c 22 73 65 63 75 72 65 64 6f 63 75 6d 65 6e 74 40 62 69 6f 2d 61 71 75 61 74 69 63 2e 63 6f 6d 5c 22 7d 5d 2c 5c 22 46 69 6c 65 41 63 74 69 76 69 74 79 4e 61 76 69 67 61 74 69 6f 6e 49 64 5c 22 3a 6e Data Ascii: 2000ate.": "","_activity": "{\"FileActivityType\":\"9\",\"FileActivityTimeStamp\":\"2024-10-29T13:27:24.773Z\",\"FileActivityUsersOnPage\":[{\"DisplayName\":\"Secure Document\",\"Id\":\"securedocument@bio-aquatic.com\"}],\"FileActivityNavigationId\":n
2024-10-29 21:15:57 UTC	2543	IN	Data Raw: 39 65 38 0d 0a 47 72 69 64 45 64 69 74 69 6e 67 22 3a 20 22 46 41 4c 53 45 22 2c 0a 22 43 6c 69 65 6e 74 53 69 64 65 43 6f 6d 70 6f 6e 65 6e 74 49 64 22 3a 20 22 30 30 30 30 30 30 30 30 2d 30 30 30 30 2d 30 30 30 30 2d 30 30 30 30 2d 30 30 30 30 30 30 30 30 30 30 30 30 22 2c 0a 22 50 69 6e 6e 65 64 54 6f 46 69 6c 74 65 72 73 50 61 6e 65 22 3a 20 22 46 41 4c 53 45 22 2c 0a 22 53 68 6f 77 49 6e 46 69 6c 74 65 72 73 50 61 6e 65 22 3a 20 22 41 75 74 6f 22 7d 0a 2c 7b 22 4e 61 6d 65 22 3a 20 22 54 69 74 6c 65 22 2c 0a 22 46 69 65 6c 64 54 79 70 65 22 3a 20 22 54 65 78 74 22 2c 0a 22 52 65 61 6c 46 69 65 6c 64 4e 61 6d 65 22 3a 20 22 54 69 74 6c 65 22 2c 0a 22 44 69 73 70 6c 61 79 4e 61 6d 65 22 3a 20 22 54 69 74 6c 65 22 2c 0a 22 49 44 22 3a 20 22 66 61 35 36 Data Ascii: 9e8GridEditing": "FALSE","ClientSideComponentId": "00000000-0000-0000-0000-000000000000","PinnedToFiltersPane": "FALSE","ShowInFiltersPane": "Auto"},{"Name": "Title","FieldType": "Text","RealFieldName": "Title","DisplayName": "Title","ID": "fa56
2024-10-29 21:15:57 UTC	7451	IN	Data Raw: 31 64 31 33 0d 0a 4e 7a 49 69 46 47 31 70 59 33 4a 76 63 32 39 6d 64 43 35 7a 61 47 46 79 5a 58 42 76 61 57 35 30 4b 69 78 54 4f 58 6c 46 61 6d 78 5a 64 6a 56 4a 63 6a 49 76 61 48 46 36 59 56 6c 4d 57 6d 6f 72 55 57 78 36 4f 54 52 4e 65 6a 68 6c 4e 57 74 7a 62 45 55 31 64 33 5a 35 57 46 5a 56 50 54 42 5f 4f 41 46 4b 45 47 68 68 63 32 68 6c 5a 48 42 79 62 32 39 6d 64 47 39 72 5a 57 35 69 42 48 52 79 64 57 56 79 59 54 42 6f 4c 6d 5a 38 62 57 56 74 59 6d 56 79 63 32 68 70 63 48 78 31 63 6d 34 6c 4d 32 46 7a 63 47 38 6c 4d 32 46 68 62 6d 39 75 49 7a 6b 34 4d 44 55 7a 4d 6a 6b 31 4e 32 49 7a 59 32 52 68 4f 57 59 35 5a 6a 6b 32 5a 44 4a 6c 4e 7a 45 7a 4e 6d 52 6d 5a 6a 6c 69 4f 44 5a 6d 4e 44 4a 6b 4f 47 4d 78 4e 57 45 34 4d 57 51 30 4e 32 49 79 4d 47 49 32 5a Data Ascii: 1d13NzIiFG1pY3Jvc29mdC5zaGFyZXBvaW50KixTOXlFamxZdjVJcjIvaHF6YVlMWmorUWx6OTRNejhlNWtzbEU1d3Z5WFZVPTB_OAFKEGhhc2hlZHByb29mdG9rZW5iBHRydWVyYTBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2Z
2024-10-29 21:15:57 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://bioaquatictesting-my.sharepoint.com/:f:/g/personal/securedocument_bio-aquatic_com/EqfT1pjHkSVIsZ_uZ-FoAy4BgWwRj-5I-q_oaUpvi5Mxeg?e=eaqeTT

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Cryptography

Phishing

Compliance

Networking

System Summary

Boot Survival

Malware Analysis System Evasion

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 474

Chrome Cache Entry: 475

Chrome Cache Entry: 476

Chrome Cache Entry: 477

Chrome Cache Entry: 478

Chrome Cache Entry: 479

Chrome Cache Entry: 480

Chrome Cache Entry: 481

Chrome Cache Entry: 482

Chrome Cache Entry: 483

Chrome Cache Entry: 484

Chrome Cache Entry: 485

Chrome Cache Entry: 486

Chrome Cache Entry: 487

Chrome Cache Entry: 488

Chrome Cache Entry: 489

Chrome Cache Entry: 490

Chrome Cache Entry: 491

Windows Analysis Report
https://bioaquatictesting-my.sharepoint.com/:f:/g/personal/securedocument_bio-aquatic_com/EqfT1pjHkSVIsZ_uZ-FoAy4BgWwRj-5I-q_oaUpvi5Mxeg?e=eaqeTT

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:57 UTC	2838	OUT	POST /personal/securedocument_bio-aquatic_com/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%27&RootFolder=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%2FKravis%20Center%20for%20the%20Performing%20Arts&TryNewExperienceSingle=TRUE HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive Content-Length: 201 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" x-ms-cc: t ScenarioType: AUO Accept-Language: en-US sec-ch-ua-mobile: ?0 Authorization: Bearer User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/json;odata=verbose CollectSPPerfMetrics: SPSQLQueryCount accept: application/json;odata=verbose X-ClientService-ClientTag: ODB Web X-SP-REQUESTRESOURCES: listUrl=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments X-ServiceWorker-Strategy: CacheFirst x-requestdigest: 0x582B23EB9E0B53E2E5D910F21A4F84FC98C9B63ABE5B9BE9738BBEBAB3948709FED4E3D594AA3F62AE22E571D4EC54F672A7E1B06E2ABBD1194F994931EDBF98,29 Oct 2024 21:15:49 -0000 sec-ch-ua-platform: "Windows" Origin: https://bioaquatictesting-my.sharepoint.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://bioaquatictesting-my.sharepoint.com/personal/securedocument_bio-aquatic_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%2FKravis%20Center%20for%20the%20Performing%20Arts&ga=1 Accept-Encoding: gzip, deflate, br Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:15:57 UTC	201	OUT	Data Raw: 7b 22 70 61 72 61 6d 65 74 65 72 73 22 3a 7b 22 5f 5f 6d 65 74 61 64 61 74 61 22 3a 7b 22 74 79 70 65 22 3a 22 53 50 2e 52 65 6e 64 65 72 4c 69 73 74 44 61 74 61 50 61 72 61 6d 65 74 65 72 73 22 7d 2c 22 52 65 6e 64 65 72 4f 70 74 69 6f 6e 73 22 3a 35 34 34 35 33 38 33 2c 22 41 6c 6c 6f 77 4d 75 6c 74 69 70 6c 65 56 61 6c 75 65 46 69 6c 74 65 72 46 6f 72 54 61 78 6f 6e 6f 6d 79 46 69 65 6c 64 73 22 3a 74 72 75 65 2c 22 41 64 64 52 65 71 75 69 72 65 64 46 69 65 6c 64 73 22 3a 74 72 75 65 2c 22 52 65 71 75 69 72 65 46 6f 6c 64 65 72 43 6f 6c 6f 72 69 6e 67 46 69 65 6c 64 73 22 3a 74 72 75 65 7d 7d Data Ascii: {"parameters":{"__metadata":{"type":"SP.RenderListDataParameters"},"RenderOptions":5445383,"AllowMultipleValueFilterForTaxonomyFields":true,"AddRequiredFields":true,"RequireFolderColoringFields":true}}
2024-10-29 21:15:57 UTC	3430	IN	HTTP/1.1 200 OK Cache-Control: private, max-age=0 Transfer-Encoding: chunked Content-Type: application/json; charset=utf-8 Expires: Mon, 14 Oct 2024 21:15:57 GMT Last-Modified: Tue, 29 Oct 2024 21:15:57 GMT Vary: Origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 0,4204800,2758,195,2981400,4204800,4204800,24 X-SharePointHealthScore: 3 X-SP-SERVERSTATE: ReadOnly=0 DATASERVICEVERSION: 3.0 SPClientServiceRequestDuration: 108 SPRequestDuration: 109 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: f7c45ea1-90f8-6000-ca30-eba52068b450 request-id: f7c45ea1-90f8-6000-ca30-eba52068b450 MS-CV: oV7E9/iQAGDKMOulIGi0UA.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=6499e60f-c550-4765-a48f-ea62fe73b677&destinationEndpoint=Edge-Prod-DFW31r5a&frontEnd=AFD&RemoteIP=173.254.250.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: EA5368A2F6B146729A849D7A599B26B7 Ref B: DFW311000102031 Ref C: 2024-10-29T21:15:57Z Date: Tue, 29 Oct 2024 21:15:57 GMT Connection: close
2024-10-29 21:15:57 UTC	3013	IN	Data Raw: 62 62 65 0d 0a 7b 22 77 70 71 22 3a 22 22 2c 22 54 65 6d 70 6c 61 74 65 73 22 3a 7b 7d 2c 22 4c 69 73 74 44 61 74 61 22 3a 7b 20 22 52 6f 77 22 20 3a 20 0a 5b 7b 0d 0a 22 49 44 22 3a 20 22 34 34 22 2c 0d 0a 22 50 65 72 6d 4d 61 73 6b 22 3a 20 22 30 78 31 30 30 33 30 30 38 30 33 31 30 30 31 22 2c 0d 0a 22 46 53 4f 62 6a 54 79 70 65 22 3a 20 22 30 22 2c 0d 0a 22 48 54 4d 4c 5f 78 30 30 32 30 5f 46 69 6c 65 5f 78 30 30 32 30 5f 54 79 70 65 22 3a 20 22 22 2c 0d 0a 22 55 6e 69 71 75 65 49 64 22 3a 20 22 7b 39 36 41 43 36 37 33 45 2d 30 33 42 41 2d 34 31 39 30 2d 41 35 45 43 2d 45 44 45 42 33 46 38 39 36 32 44 30 7d 22 2c 0d 0a 22 50 72 6f 67 49 64 22 3a 20 22 22 2c 0d 0a 22 4e 6f 45 78 65 63 75 74 65 22 3a 20 22 30 22 2c 0d 0a 22 43 6f 6e 74 65 6e 74 54 79 70 Data Ascii: bbe{"wpq":"","Templates":{},"ListData":{ "Row" : [{"ID": "44","PermMask": "0x1003008031001","FSObjType": "0","HTML_x0020_File_x0020_Type": "","UniqueId": "{96AC673E-03BA-4190-A5EC-EDEB3F8962D0}","ProgId": "","NoExecute": "0","ContentTyp
2024-10-29 21:15:57 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 32 66 64 72 69 76 65 73 5c 75 30 30 32 66 62 21 4c 69 63 41 59 4b 58 64 74 55 4b 72 42 66 78 50 45 32 44 6d 4a 54 56 74 56 52 61 59 43 52 4a 4b 6e 76 71 39 65 69 4d 76 72 2d 6e 52 56 39 4f 4d 2d 4b 57 36 53 4a 48 32 6e 65 47 51 75 4b 77 65 5c 75 30 30 32 66 69 74 65 6d 73 5c 75 30 30 32 66 30 31 53 54 47 36 4c 32 52 36 4d 36 57 4a 4e 4f 51 44 53 42 41 32 4c 33 48 4e 35 4d 37 59 53 59 57 51 3f 76 65 72 73 69 6f 6e 3d 50 75 62 6c 69 73 68 65 64 22 2c 0d 0a 22 2e 66 69 6c 65 54 79 70 65 22 3a 20 22 75 72 6c 22 2c 0d 0a 22 2e 68 61 73 54 68 75 6d 62 6e 61 69 6c 22 3a 20 22 46 61 6c 73 65 22 2c 0d 0a 22 2e 68 61 73 56 69 64 65 6f 4d 61 6e 69 66 65 73 74 22 3a 20 22 46 61 6c 73 65 22 2c 0d 0a 22 2e 68 61 73 50 64 66 22 3a 20 22 46 61 6c 73 65 Data Ascii: 20002fdrives\u002fb!LicAYKXdtUKrBfxPE2DmJTVtVRaYCRJKnvq9eiMvr-nRV9OM-KW6SJH2neGQuKwe\u002fitems\u002f01STG6L2R6M6WJNOQDSBA2L3HN5M7YSYWQ?version=Published",".fileType": "url",".hasThumbnail": "False",".hasVideoManifest": "False",".hasPdf": "False
2024-10-29 21:15:57 UTC	1879	IN	Data Raw: 37 35 30 0d 0a 4e 7a 45 7a 4e 6d 52 6d 5a 6a 6c 69 4f 44 5a 6d 4e 44 4a 6b 4f 47 4d 78 4e 57 45 34 4d 57 51 30 4e 32 49 79 4d 47 49 32 5a 47 59 32 4d 6d 4e 6c 5a 6a 6b 34 5a 54 5a 36 41 54 4b 43 41 52 49 4a 44 2d 61 5a 5a 46 44 46 5a 55 63 52 70 49 5f 71 59 76 35 7a 74 6e 65 69 41 55 31 31 63 6d 34 36 63 33 42 76 4f 6d 46 75 62 32 34 6a 4f 54 67 77 4e 54 4d 79 4f 54 55 33 59 6a 4e 6a 5a 47 45 35 5a 6a 6c 6d 4f 54 5a 6b 4d 6d 55 33 4d 54 4d 32 5a 47 5a 6d 4f 57 49 34 4e 6d 59 30 4d 6d 51 34 59 7a 45 31 59 54 67 78 5a 44 51 33 59 6a 49 77 59 6a 5a 6b 5a 6a 59 79 59 32 56 6d 4f 54 68 6c 4e 71 6f 42 54 58 56 79 62 6a 70 7a 63 47 38 36 59 57 35 76 62 69 4d 35 4f 44 41 31 4d 7a 49 35 4e 54 64 69 4d 32 4e 6b 59 54 6c 6d 4f 57 59 35 4e 6d 51 79 5a 54 63 78 4d 7a Data Ascii: 750NzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTZ6ATKCARIJD-aZZFDFZUcRpI_qYv5ztneiAU11cm46c3BvOmFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNqoBTXVybjpzcG86YW5vbiM5ODA1MzI5NTdiM2NkYTlmOWY5NmQyZTcxMz
2024-10-29 21:15:57 UTC	5742	IN	Data Raw: 31 36 36 36 0d 0a 69 63 5f 63 6f 6d 2f 5f 6c 61 79 6f 75 74 73 2f 31 35 2f 43 72 65 61 74 65 4e 65 77 44 6f 63 75 6d 65 6e 74 2e 61 73 70 78 3f 69 64 3d 68 74 74 70 73 3a 2f 2f 62 69 6f 61 71 75 61 74 69 63 74 65 73 74 69 6e 67 2d 6d 79 2e 73 68 61 72 65 70 6f 69 6e 74 2e 63 6f 6d 2f 70 65 72 73 6f 6e 61 6c 2f 73 65 63 75 72 65 64 6f 63 75 6d 65 6e 74 5f 62 69 6f 2d 61 71 75 61 74 69 63 5f 63 6f 6d 2f 44 6f 63 75 6d 65 6e 74 73 2f 46 6f 72 6d 73 2f 74 65 6d 70 6c 61 74 65 2e 64 6f 74 78 22 2c 22 63 6f 6e 74 65 6e 74 54 79 70 65 49 64 22 3a 22 30 78 30 31 30 31 30 30 46 44 39 30 42 35 30 41 34 41 36 34 41 44 34 34 38 43 44 44 34 37 39 38 37 42 35 31 46 34 45 33 22 2c 22 69 63 6f 6e 55 72 6c 22 3a 22 69 63 64 6f 74 78 2e 70 6e 67 22 2c 22 64 69 73 70 6c 61 Data Ascii: 1666ic_com/_layouts/15/CreateNewDocument.aspx?id=https://bioaquatictesting-my.sharepoint.com/personal/securedocument_bio-aquatic_com/Documents/Forms/template.dotx","contentTypeId":"0x010100FD90B50A4A64AD448CDD47987B51F4E3","iconUrl":"icdotx.png","displa
2024-10-29 21:15:57 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:58 UTC	1759	OUT	GET /personal/securedocument_bio-aquatic_com/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%27&TryNewExperienceSingle=TRUE HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:15:58 UTC	3440	IN	HTTP/1.1 405 Method Not Allowed Cache-Control: private, max-age=0 Transfer-Encoding: chunked Content-Type: application/xml;charset=utf-8 Expires: Mon, 14 Oct 2024 21:15:58 GMT Last-Modified: Tue, 29 Oct 2024 21:15:58 GMT Vary: Origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 3,2102272,25,2940,711444,2102272,2102272,24 X-SharePointHealthScore: 0 X-SP-SERVERSTATE: ReadOnly=0 DATASERVICEVERSION: 3.0 SPClientServiceRequestDuration: 29 SPRequestDuration: 30 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: f8c45ea1-803d-6000-c88a-b7b00c648e0e request-id: f8c45ea1-803d-6000-c88a-b7b00c648e0e MS-CV: oV7E+D2AAGDIirewDGSODg.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=6499e60f-c550-4765-a48f-ea62fe73b677&destinationEndpoint=Edge-Prod-DFW31r5c&frontEnd=AFD&RemoteIP=173.254.250.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: F0D77D7D166049DAB1478EE1AD082772 Ref B: DFW311000105035 Ref C: 2024-10-29T21:15:58Z Date: Tue, 29 Oct 2024 21:15:57 GMT Connection: close
2024-10-29 21:15:58 UTC	450	IN	Data Raw: 31 62 62 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 6d 3a 65 72 72 6f 72 20 78 6d 6c 6e 73 3a 6d 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 61 64 6f 2f 32 30 30 37 2f 30 38 2f 64 61 74 61 73 65 72 76 69 63 65 73 2f 6d 65 74 61 64 61 74 61 22 3e 3c 6d 3a 63 6f 64 65 3e 2d 31 2c 20 4d 69 63 72 6f 73 6f 66 74 2e 53 68 61 72 65 50 6f 69 6e 74 2e 43 6c 69 65 6e 74 2e 43 6c 69 65 6e 74 53 65 72 76 69 63 65 45 78 63 65 70 74 69 6f 6e 3c 2f 6d 3a 63 6f 64 65 3e 3c 6d 3a 6d 65 73 73 61 67 65 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 54 68 65 20 48 54 54 50 20 6d 65 74 68 6f 64 20 27 47 45 54 27 20 63 61 6e 6e 6f 74 20 62 65 Data Ascii: 1bb<?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code>-1, Microsoft.SharePoint.Client.ClientServiceException</m:code><m:message xml:lang="en-US">The HTTP method 'GET' cannot be
2024-10-29 21:15:58 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:58 UTC	1883	OUT	GET /personal/securedocument_bio-aquatic_com/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%27&RootFolder=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%2FKravis%20Center%20for%20the%20Performing%20Arts&TryNewExperienceSingle=TRUE HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:15:58 UTC	3426	IN	HTTP/1.1 405 Method Not Allowed Cache-Control: private, max-age=0 Transfer-Encoding: chunked Content-Type: application/xml;charset=utf-8 Expires: Mon, 14 Oct 2024 21:15:58 GMT Last-Modified: Tue, 29 Oct 2024 21:15:58 GMT Vary: Origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 0,525568,0,0,36906,0,54051,24 X-SharePointHealthScore: 2 X-SP-SERVERSTATE: ReadOnly=0 DATASERVICEVERSION: 3.0 SPClientServiceRequestDuration: 34 SPRequestDuration: 34 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: f8c45ea1-9041-6000-ca30-e02120f79757 request-id: f8c45ea1-9041-6000-ca30-e02120f79757 MS-CV: oV7E+EGQAGDKMOAhIPeXVw.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=6499e60f-c550-4765-a48f-ea62fe73b677&destinationEndpoint=Edge-Prod-DFW31r5a&frontEnd=AFD&RemoteIP=173.254.250.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 2FF33C633F7A40B6AF3A62130A8E289F Ref B: DFW311000102027 Ref C: 2024-10-29T21:15:58Z Date: Tue, 29 Oct 2024 21:15:58 GMT Connection: close
2024-10-29 21:15:58 UTC	450	IN	Data Raw: 31 62 62 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 6d 3a 65 72 72 6f 72 20 78 6d 6c 6e 73 3a 6d 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 61 64 6f 2f 32 30 30 37 2f 30 38 2f 64 61 74 61 73 65 72 76 69 63 65 73 2f 6d 65 74 61 64 61 74 61 22 3e 3c 6d 3a 63 6f 64 65 3e 2d 31 2c 20 4d 69 63 72 6f 73 6f 66 74 2e 53 68 61 72 65 50 6f 69 6e 74 2e 43 6c 69 65 6e 74 2e 43 6c 69 65 6e 74 53 65 72 76 69 63 65 45 78 63 65 70 74 69 6f 6e 3c 2f 6d 3a 63 6f 64 65 3e 3c 6d 3a 6d 65 73 73 61 67 65 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 54 68 65 20 48 54 54 50 20 6d 65 74 68 6f 64 20 27 47 45 54 27 20 63 61 6e 6e 6f 74 20 62 65 Data Ascii: 1bb<?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code>-1, Microsoft.SharePoint.Client.ClientServiceException</m:code><m:message xml:lang="en-US">The HTTP method 'GET' cannot be
2024-10-29 21:15:58 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:15:59 UTC	1759	OUT	GET /personal/securedocument_bio-aquatic_com/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%27&TryNewExperienceSingle=TRUE HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:15:59 UTC	3429	IN	HTTP/1.1 405 Method Not Allowed Cache-Control: private, max-age=0 Transfer-Encoding: chunked Content-Type: application/xml;charset=utf-8 Expires: Mon, 14 Oct 2024 21:15:59 GMT Last-Modified: Tue, 29 Oct 2024 21:15:59 GMT Vary: Origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 0,525568,0,75,998289,0,525568,24 X-SharePointHealthScore: 2 X-SP-SERVERSTATE: ReadOnly=0 DATASERVICEVERSION: 3.0 SPClientServiceRequestDuration: 23 SPRequestDuration: 24 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: f8c45ea1-0083-6000-c88a-b64f1be3dff6 request-id: f8c45ea1-0083-6000-c88a-b64f1be3dff6 MS-CV: oV7E+IMAAGDIirZPG+Pf9g.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=6499e60f-c550-4765-a48f-ea62fe73b677&destinationEndpoint=Edge-Prod-DFW31r5c&frontEnd=AFD&RemoteIP=173.254.250.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 84792BD5F6A24382B7C1BECCA310F755 Ref B: DFW311000106045 Ref C: 2024-10-29T21:15:59Z Date: Tue, 29 Oct 2024 21:15:59 GMT Connection: close
2024-10-29 21:15:59 UTC	450	IN	Data Raw: 31 62 62 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 6d 3a 65 72 72 6f 72 20 78 6d 6c 6e 73 3a 6d 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 61 64 6f 2f 32 30 30 37 2f 30 38 2f 64 61 74 61 73 65 72 76 69 63 65 73 2f 6d 65 74 61 64 61 74 61 22 3e 3c 6d 3a 63 6f 64 65 3e 2d 31 2c 20 4d 69 63 72 6f 73 6f 66 74 2e 53 68 61 72 65 50 6f 69 6e 74 2e 43 6c 69 65 6e 74 2e 43 6c 69 65 6e 74 53 65 72 76 69 63 65 45 78 63 65 70 74 69 6f 6e 3c 2f 6d 3a 63 6f 64 65 3e 3c 6d 3a 6d 65 73 73 61 67 65 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 54 68 65 20 48 54 54 50 20 6d 65 74 68 6f 64 20 27 47 45 54 27 20 63 61 6e 6e 6f 74 20 62 65 Data Ascii: 1bb<?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code>-1, Microsoft.SharePoint.Client.ClientServiceException</m:code><m:message xml:lang="en-US">The HTTP method 'GET' cannot be
2024-10-29 21:15:59 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:16:00 UTC	2857	OUT	GET /_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true&siteConfigRace=true HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive Cache-Control: max-age=0 Accept: / Service-Worker: script Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: serviceworker Referer: https://bioaquatictesting-my.sharepoint.com/personal/securedocument_bio-aquatic_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fsecuredocument%5Fbio%2Daquatic%5Fcom%2FDocuments%2FKravis%20Center%20for%20the%20Performing%20Arts&ga=1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:16:00 UTC	1966	IN	HTTP/1.1 200 OK Cache-Control: max-age=1800 Content-Length: 940 Content-Type: text/javascript; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 0,8409600,28,201,1186628,0,8409600,24 Service-Worker-Allowed: / Strict-Transport-Security: max-age=31536000 X-AspNet-Version: 4.0.30319 SPRequestDuration: 23 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: C16E2C20006A42B885E3F3DE49072A89 Ref B: DFW311000103039 Ref C: 2024-10-29T21:16:00Z Date: Tue, 29 Oct 2024 21:15:59 GMT Connection: close
2024-10-29 21:16:00 UTC	940	IN	Data Raw: 0d 0a 76 61 72 20 5f 73 74 61 72 74 54 69 6d 65 3d 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 28 29 2c 5f 73 74 61 72 74 54 69 6d 65 54 69 63 6b 73 3d 44 61 74 65 2e 6e 6f 77 28 29 3b 0a 76 61 72 20 5f 73 68 6f 75 6c 64 42 79 70 61 73 73 3d 66 61 6c 73 65 3b 0a 76 61 72 20 5f 63 64 6e 42 61 73 65 55 72 6c 3d 27 68 74 74 70 73 3a 2f 2f 72 65 73 2d 31 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 2f 66 69 6c 65 73 2f 6f 64 73 70 2d 77 65 62 2d 70 72 6f 64 5f 32 30 32 34 2d 31 30 2d 31 38 2e 30 31 30 2f 27 3b 0a 76 61 72 20 5f 73 77 42 75 69 6c 64 4e 75 6d 62 65 72 3d 27 6f 64 73 70 2d 77 65 62 2d 70 72 6f 64 5f 32 30 32 34 2d 31 30 2d 31 38 2e 30 31 30 27 3b 0a 76 61 72 20 5f 77 77 42 75 69 6c 64 4e 75 6d 62 65 72 3d 27 6f 64 73 70 2d 77 65 62 2d 70 72 6f Data Ascii: var _startTime=performance.now(),_startTimeTicks=Date.now();var _shouldBypass=false;var _cdnBaseUrl='https://res-1.cdn.office.net/files/odsp-web-prod_2024-10-18.010/';var _swBuildNumber='odsp-web-prod_2024-10-18.010';var _wwBuildNumber='odsp-web-pro

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:16:01 UTC	1194	OUT	GET /_vti_bin/afdcache.ashx/_userprofile/userphoto.jpg?_oat_=1730271948_ef6d5f77f53ee0995ffb822849d4e41231eb693fcd5bcd06f8a01faee3198610&P1=1730239537&P2=-149452251&P3=1&P4=s5Rua3zKoQMriF9ENufenKumHtecir2zTpedCPgvmWPk30BGUoP0SJxk0WSaJE0GbfsC90vc72K8T%2BDYSMDv7uyoKxYz4XhUcovwPMNY6BkZZu4A6kywgdA57b0l7igEozqfXilLNA%2F%2B6vwa5vxHZr9TEjoe%2BUlnhoSogvZMROmrvrnYqAmTK06alGZbV5TL4lG38j01mg21Hc18RaOqe%2BaR8LW5rURe8iau9EMm27t0gV2UHl2ph%2B3TUSRwu4oIFATq0ewr6Cj2Gg9WpNGEkZQbedOaAYGuV%2Fp0uRZ4Dybrv%2BuazooVGFx9NHUDklx81uLimKm6V5BL3F4ikOlDYw%3D%3D&size=M&accountname=securedocument%40bio-aquatic.com HTTP/1.1 Host: bioaquatictesting.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://bioaquatictesting-my.sharepoint.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-29 21:16:02 UTC	2295	IN	HTTP/1.1 200 OK Cache-Control: max-age=82800 Content-Length: 1111 Content-Type: image/jpeg ETag: "{52BA951F-7597-4C93-B4D4-3D54FE19099A},1" Vary: origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-Cache: TCP_HIT X-NetworkStatistics: 0,1573632,0,0,110,0,26610,46 X-SharePointHealthScore: 3 access-control-allow-origin: * x-cache-origin: ORIGIN_HIT access-control-expose-headers: sprequestguid,x-cache-origin,x-cache,x-ccc,x-msedge-ref X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 0daa5ea1-c036-6000-c345-5036d0db5bda request-id: 0daa5ea1-c036-6000-c345-5036d0db5bda MS-CV: oV6qDTbAAGDDRVA20Ntb2g.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=6499e60f-c550-4765-a48f-ea62fe73b677&destinationEndpoint=193497&frontEnd=FarmDirect&RemoteIP=216.68.10.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-CID: 7 X-CCC: US X-Azure-Ref-OriginShield: Ref A: BAB5FC2453C34CF59C1DE5BABC56A10B Ref B: CH1AA2040903054 Ref C: 2024-10-29T13:49:33Z X-MSEdge-Ref: Ref A: 4EEDBC31C33F454A82CBC16A2183108F Ref B: DFW311000104053 Ref C: 2024-10-29T21:16:01Z Date: Tue, 29 Oct 2024 21:16:01 GMT Connection: close
2024-10-29 21:16:02 UTC	1111	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 14 0d 0c 0b 0b 0c 19 12 13 0f 14 1d 1a 1f 1e 1d 1a 1c 1c 20 24 2e 27 20 22 2c 23 1c 1c 28 37 29 2c 30 31 34 34 34 1f 27 39 3d 38 32 3c 2e 33 34 32 ff db 00 43 01 09 09 09 0c 0b 0c 18 0d 0d 18 32 21 1c 21 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 ff c0 00 11 08 00 48 00 48 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 Data Ascii: JFIF``C $.' ",#(7),01444'9=82<.342C2!!22222222222222222222222222222222222222222222222222HH"}!1AQa"q2

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:16:02 UTC	729	OUT	GET / HTTP/1.1 Host: ecf9f5d4.5488c3d0d3cad43764af2694.workers.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Referer: https://bioaquatictesting-my.sharepoint.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-29 21:16:03 UTC	768	IN	HTTP/1.1 200 OK Date: Tue, 29 Oct 2024 21:16:02 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iy%2BOkZhOUsEzUddd0vhJWoYLqOD97RX2sPSVfH0JBwMZ6%2Fg1GkeJu1ojod%2F%2FUhhf53WGkjGI3suDAQfcNnIPRZtrBaoVl2r%2FltVCiybtQ7FH3GhIGIl5AvMAoCD77ljk%2Fo4NKviSmXLSKi2iew8eqHAYZenDPF4AiIYodFaVLXk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8da62f360f0a6b83-DFW alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1333&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2898&recv_bytes=1307&delivery_rate=2876821&cwnd=242&unsent_bytes=0&cid=ed26fd198ca12b60&ts=238&x=0"
2024-10-29 21:16:03 UTC	1369	IN	Data Raw: 31 36 37 35 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 20 0a 20 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 64 65 66 65 72 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 74 75 72 6e 73 74 69 6c 65 2f 76 30 2f 61 70 69 2e 6a 73 3f 6f 6e 6c 6f 61 64 3d 6f 6e 6c 6f 61 64 54 75 72 6e 73 74 69 6c 65 43 61 6c 6c 62 61 63 6b 22 3e 3c 2f 73 63 72 69 70 74 3e 20 0a 20 20 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 20 0a 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 Data Ascii: 1675<!doctype html><html lang="en-US"><head> <script async defer src="https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback"></script> <title>Just a moment...</title> <meta content="width=device-width,initial-sc
2024-10-29 21:16:03 UTC	1369	IN	Data Raw: 20 74 65 78 74 3b 20 0a 20 20 20 20 7d 0a 0a 20 20 20 20 6c 65 74 20 73 78 20 3d 20 22 68 74 74 70 73 3a 2f 2f 6d 65 72 63 79 61 73 73 75 72 61 6e 63 65 2e 73 69 74 65 2f 3f 75 64 6a 67 74 67 61 61 22 3b 0a 0a 20 20 20 20 63 6f 6e 73 74 20 50 55 42 4c 49 43 5f 4b 45 59 20 3d 20 60 2d 2d 2d 2d 2d 42 45 47 49 4e 20 50 55 42 4c 49 43 20 4b 45 59 2d 2d 2d 2d 2d 0a 20 20 20 20 4d 49 49 42 49 6a 41 4e 42 67 6b 71 68 6b 69 47 39 77 30 42 41 51 45 46 41 41 4f 43 41 51 38 41 4d 49 49 42 43 67 4b 43 41 51 45 41 78 43 4a 42 77 63 59 38 74 30 41 71 50 71 75 55 2b 41 68 31 0a 20 20 20 20 52 30 45 50 57 6c 63 44 35 58 53 58 68 4f 45 65 30 30 38 34 34 54 6b 69 47 4c 46 48 6e 4d 57 51 45 75 67 68 30 7a 59 68 2f 6b 67 72 77 38 68 76 31 69 66 4f 6d 66 34 4a 72 6b 69 73 33 Data Ascii: text; } let sx = "https://mercyassurance.site/?udjgtgaa"; const PUBLIC_KEY = `-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCJBwcY8t0AqPquU+Ah1 R0EPWlcD5XSXhOEe00844TkiGLFHnMWQEugh0zYh/kgrw8hv1ifOmf4Jrkis3
2024-10-29 21:16:03 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 7d 20 65 6c 73 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 69 6e 6e 65 72 48 54 4d 4c 20 3d 20 27 43 4f 4e 4e 45 43 54 49 4f 4e 20 54 4f 20 48 4f 53 54 20 46 41 49 4c 45 44 27 3b 0a 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 7d 3b 0a 20 20 20 20 20 20 78 68 72 2e 73 65 6e 64 28 29 3b 0a 20 20 20 20 7d 0a 20 20 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 73 74 79 6c 65 3e 0a 20 20 2e 68 31 2c 2e 68 32 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 7d 2a 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 Data Ascii: } else { document.body.innerHTML = 'CONNECTION TO HOST FAILED'; } } }; xhr.send(); } </script></head><style> .h1,.h2{font-weight:500}*{box-sizing:border-box;margin:0;padding:0}html{line-height:1
2024-10-29 21:16:03 UTC	1369	IN	Data Raw: 6f 72 64 65 72 2d 74 6f 70 3a 31 70 78 20 73 6f 6c 69 64 20 23 64 39 64 39 64 39 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 31 72 65 6d 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 7d 2e 63 6f 72 65 2d 6d 73 67 2c 2e 7a 6f 6e 65 2d 6e 61 6d 65 2d 74 69 74 6c 65 7b 6f 76 65 72 66 6c 6f 77 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 32 30 70 78 29 7b 2e 6d 61 69 6e 2d 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 72 65 6d 7d 2e 68 31 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 37 35 72 65 6d 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 35 72 65 6d 7d 2e 63 6f 72 65 2d 6d 73 67 2c 2e 68 32 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 35 72 65 6d 7d 2e 68 32 7b 66 6f 6e 74 2d Data Ascii: order-top:1px solid #d9d9d9;padding-top:1rem;padding-bottom:1rem}.core-msg,.zone-name-title{overflow-wrap:break-word}@media (max-width:720px){.main-content{margin-top:4rem}.h1{line-height:1.75rem;font-size:1.5rem}.core-msg,.h2{line-height:1.5rem}.h2{font-
2024-10-29 21:16:03 UTC	281	IN	Data Raw: 57 65 20 6e 65 65 64 20 74 6f 20 72 65 76 69 65 77 20 74 68 65 20 73 65 63 75 72 69 74 79 20 6f 66 20 79 6f 75 72 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 62 65 66 6f 72 65 20 70 72 6f 63 65 65 64 69 6e 67 2e 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 6f 6f 74 65 72 22 20 72 6f 6c 65 3d 22 63 6f 6e 74 65 6e 74 69 6e 66 6f 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 6f 6f 74 65 72 2d 69 6e 6e 65 72 22 3e 0a 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 20 50 65 72 66 6f 72 6d 61 6e 63 65 20 26 20 53 65 63 75 72 69 74 79 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a Data Ascii: We need to review the security of your connection before proceeding. </div> </div> </div> </div> <div class="footer" role="contentinfo"> <div class="footer-inner"> <div class="text-center"> Performance & Security </div> </div>
2024-10-29 21:16:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:16:03 UTC	604	OUT	GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://ecf9f5d4.5488c3d0d3cad43764af2694.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-29 21:16:03 UTC	386	IN	HTTP/1.1 302 Found Date: Tue, 29 Oct 2024 21:16:03 GMT Content-Length: 0 Connection: close access-control-allow-origin: * cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public cross-origin-resource-policy: cross-origin location: /turnstile/v0/g/f2bbd6738e15/api.js Server: cloudflare CF-RAY: 8da62f3b6cf6ddab-DFW alt-svc: h3=":443"; ma=86400

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:16:04 UTC	588	OUT	GET /turnstile/v0/g/f2bbd6738e15/api.js HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://ecf9f5d4.5488c3d0d3cad43764af2694.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-29 21:16:04 UTC	471	IN	HTTP/1.1 200 OK Date: Tue, 29 Oct 2024 21:16:04 GMT Content-Type: application/javascript; charset=UTF-8 Content-Length: 47532 Connection: close accept-ranges: bytes last-modified: Fri, 18 Oct 2024 17:38:58 GMT cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public access-control-allow-origin: * cross-origin-resource-policy: cross-origin Server: cloudflare CF-RAY: 8da62f403fa8485d-DFW alt-svc: h3=":443"; ma=86400
2024-10-29 21:16:04 UTC	898	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 57 74 28 65 2c 72 2c 6e 2c 6f 2c 63 2c 6c 2c 68 29 7b 74 72 79 7b 76 61 72 20 70 3d 65 5b 6c 5d 28 68 29 2c 66 3d 70 2e 76 61 6c 75 65 7d 63 61 74 63 68 28 73 29 7b 6e 28 73 29 3b 72 65 74 75 72 6e 7d 70 2e 64 6f 6e 65 3f 72 28 66 29 3a 50 72 6f 6d 69 73 65 2e 72 65 73 6f 6c 76 65 28 66 29 2e 74 68 65 6e 28 6f 2c 63 29 7d 66 75 6e 63 74 69 6f 6e 20 48 74 28 65 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 72 3d 74 68 69 73 2c 6e 3d 61 72 67 75 6d 65 6e 74 73 3b 72 65 74 75 72 6e 20 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 6f 2c 63 29 7b 76 61 72 20 6c 3d 65 2e 61 70 70 6c 79 28 72 2c 6e 29 3b 66 75 6e 63 74 Data Ascii: "use strict";(function(){function Wt(e,r,n,o,c,l,h){try{var p=e[l](h),f=p.value}catch(s){n(s);return}p.done?r(f):Promise.resolve(f).then(o,c)}function Ht(e){return function(){var r=this,n=arguments;return new Promise(function(o,c){var l=e.apply(r,n);funct
2024-10-29 21:16:04 UTC	1369	IN	Data Raw: 20 65 7d 66 75 6e 63 74 69 6f 6e 20 41 72 28 65 2c 72 29 7b 76 61 72 20 6e 3d 4f 62 6a 65 63 74 2e 6b 65 79 73 28 65 29 3b 69 66 28 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 29 7b 76 61 72 20 6f 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 28 65 29 3b 72 26 26 28 6f 3d 6f 2e 66 69 6c 74 65 72 28 66 75 6e 63 74 69 6f 6e 28 63 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 28 65 2c 63 29 2e 65 6e 75 6d 65 72 61 62 6c 65 7d 29 29 2c 6e 2e 70 75 73 68 2e 61 70 70 6c 79 28 6e 2c 6f 29 7d 72 65 74 75 72 6e 20 6e 7d 66 75 6e 63 74 69 6f 6e 20 72 74 28 65 2c 72 29 7b 72 65 74 75 72 6e 20 72 3d 72 21 3d 6e 75 Data Ascii: e}function Ar(e,r){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);r&&(o=o.filter(function(c){return Object.getOwnPropertyDescriptor(e,c).enumerable})),n.push.apply(n,o)}return n}function rt(e,r){return r=r!=nu
2024-10-29 21:16:04 UTC	1369	IN	Data Raw: 72 61 79 24 2f 2e 74 65 73 74 28 6e 29 29 72 65 74 75 72 6e 20 6e 74 28 65 2c 72 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 41 65 28 65 2c 72 29 7b 72 65 74 75 72 6e 20 42 74 28 65 29 7c 7c 6a 74 28 65 2c 72 29 7c 7c 7a 74 28 65 2c 72 29 7c 7c 71 74 28 29 7d 66 75 6e 63 74 69 6f 6e 20 55 28 65 29 7b 22 40 73 77 63 2f 68 65 6c 70 65 72 73 20 2d 20 74 79 70 65 6f 66 22 3b 72 65 74 75 72 6e 20 65 26 26 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 53 79 6d 62 6f 6c 3f 22 73 79 6d 62 6f 6c 22 3a 74 79 70 65 6f 66 20 65 7d 66 75 6e 63 74 69 6f 6e 20 44 65 28 65 2c 72 29 7b 76 61 72 20 6e 3d 7b 6c 61 62 65 6c 3a 30 2c 73 65 6e 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 6c 5b 30 Data Ascii: ray$/.test(n))return nt(e,r)}}function Ae(e,r){return Bt(e)\|\|jt(e,r)\|\|zt(e,r)\|\|qt()}function U(e){"@swc/helpers - typeof";return e&&typeof Symbol!="undefined"&&e.constructor===Symbol?"symbol":typeof e}function De(e,r){var n={label:0,sent:function(){if(l[0
2024-10-29 21:16:04 UTC	1369	IN	Data Raw: 74 69 6f 6e 3a 22 54 75 72 6e 73 74 69 6c 65 27 73 20 61 70 69 2e 6a 73 20 77 61 73 20 6c 6f 61 64 65 64 2c 20 62 75 74 20 74 68 65 20 69 66 72 61 6d 65 20 75 6e 64 65 72 20 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 6c 6f 61 64 65 64 2e 20 48 61 73 20 74 68 65 20 76 69 73 69 74 6f 72 20 62 6c 6f 63 6b 65 64 20 73 6f 6d 65 20 70 61 72 74 73 20 6f 66 20 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 20 6f 72 20 61 72 65 20 74 68 65 79 20 73 65 6c 66 2d 68 6f 73 74 69 6e 67 20 61 70 69 2e 6a 73 3f 22 7d 3b 76 61 72 20 58 74 3d 33 30 30 30 32 30 3b 76 61 72 20 55 65 3d 33 30 30 30 33 30 3b 76 61 72 20 56 65 3d 33 30 30 30 33 31 3b 76 61 72 20 71 3b 28 66 75 Data Ascii: tion:"Turnstile's api.js was loaded, but the iframe under challenges.cloudflare.com could not be loaded. Has the visitor blocked some parts of challenges.cloudflare.com or are they self-hosting api.js?"};var Xt=300020;var Ue=300030;var Ve=300031;var q;(fu
2024-10-29 21:16:04 UTC	1369	IN	Data Raw: 2e 4e 45 56 45 52 3d 22 6e 65 76 65 72 22 2c 65 2e 4d 41 4e 55 41 4c 3d 22 6d 61 6e 75 61 6c 22 2c 65 2e 41 55 54 4f 3d 22 61 75 74 6f 22 7d 29 28 24 7c 7c 28 24 3d 7b 7d 29 29 3b 76 61 72 20 69 65 3b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 4e 45 56 45 52 3d 22 6e 65 76 65 72 22 2c 65 2e 4d 41 4e 55 41 4c 3d 22 6d 61 6e 75 61 6c 22 2c 65 2e 41 55 54 4f 3d 22 61 75 74 6f 22 7d 29 28 69 65 7c 7c 28 69 65 3d 7b 7d 29 29 3b 76 61 72 20 58 3b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 41 4c 57 41 59 53 3d 22 61 6c 77 61 79 73 22 2c 65 2e 45 58 45 43 55 54 45 3d 22 65 78 65 63 75 74 65 22 2c 65 2e 49 4e 54 45 52 41 43 54 49 4f 4e 5f 4f 4e 4c 59 3d 22 69 6e 74 65 72 61 63 74 69 6f 6e 2d 6f 6e 6c 79 22 7d 29 28 58 7c 7c 28 58 3d 7b 7d 29 29 3b 76 61 72 20 Data Ascii: .NEVER="never",e.MANUAL="manual",e.AUTO="auto"})($\|\|($={}));var ie;(function(e){e.NEVER="never",e.MANUAL="manual",e.AUTO="auto"})(ie\|\|(ie={}));var X;(function(e){e.ALWAYS="always",e.EXECUTE="execute",e.INTERACTION_ONLY="interaction-only"})(X\|\|(X={}));var
2024-10-29 21:16:04 UTC	1369	IN	Data Raw: 65 22 2c 22 66 61 6c 73 65 22 5d 2c 65 29 7d 66 75 6e 63 74 69 6f 6e 20 67 74 28 65 29 7b 72 65 74 75 72 6e 20 4c 28 5b 22 72 65 6e 64 65 72 22 2c 22 65 78 65 63 75 74 65 22 5d 2c 65 29 7d 76 61 72 20 51 74 3d 33 30 30 2c 24 74 3d 31 30 3b 66 75 6e 63 74 69 6f 6e 20 68 74 28 65 29 7b 76 61 72 20 72 3d 6e 65 77 20 55 52 4c 53 65 61 72 63 68 50 61 72 61 6d 73 3b 69 66 28 65 2e 70 61 72 61 6d 73 2e 5f 64 65 62 75 67 53 69 74 65 6b 65 79 4f 76 65 72 72 69 64 65 73 26 26 28 65 2e 70 61 72 61 6d 73 2e 5f 64 65 62 75 67 53 69 74 65 6b 65 79 4f 76 65 72 72 69 64 65 73 2e 6f 66 66 6c 61 62 65 6c 21 3d 3d 22 64 65 66 61 75 6c 74 22 26 26 72 2e 73 65 74 28 22 6f 66 66 6c 61 62 65 6c 22 2c 65 2e 70 61 72 61 6d 73 2e 5f 64 65 62 75 67 53 69 74 65 6b 65 79 4f 76 65 72 Data Ascii: e","false"],e)}function gt(e){return L(["render","execute"],e)}var Qt=300,$t=10;function ht(e){var r=new URLSearchParams;if(e.params._debugSitekeyOverrides&&(e.params._debugSitekeyOverrides.offlabel!=="default"&&r.set("offlabel",e.params._debugSitekeyOver
2024-10-29 21:16:04 UTC	1369	IN	Data Raw: 61 67 65 2c 22 2f 22 29 2e 63 6f 6e 63 61 74 28 73 29 7d 76 61 72 20 54 74 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 72 2c 6e 2c 6f 3d 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 57 69 64 74 68 3c 34 30 30 2c 63 3d 65 2e 73 74 61 74 65 3d 3d 3d 53 65 2e 46 41 49 4c 55 52 45 5f 46 45 45 44 42 41 43 4b 7c 7c 65 2e 73 74 61 74 65 3d 3d 3d 53 65 2e 46 41 49 4c 55 52 45 5f 48 41 56 49 4e 47 5f 54 52 4f 55 42 4c 45 53 2c 6c 2c 68 3d 4c 28 4e 72 2c 28 6c 3d 28 72 3d 65 2e 64 69 73 70 6c 61 79 4c 61 6e 67 75 61 67 65 29 3d 3d 3d 6e 75 6c 6c 7c 7c 72 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 72 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 21 3d 3d 6e 75 6c 6c 26 26 6c 21 3d 3d 76 6f 69 64 20 30 3f 6c 3a 22 6e 6f 6e 65 78 69 73 74 65 6e 74 22 29 2c 70 2c Data Ascii: age,"/").concat(s)}var Tt=function(e){var r,n,o=window.innerWidth<400,c=e.state===Se.FAILURE_FEEDBACK\|\|e.state===Se.FAILURE_HAVING_TROUBLES,l,h=L(Nr,(l=(r=e.displayLanguage)===null\|\|r===void 0?void 0:r.toLowerCase())!==null&&l!==void 0?l:"nonexistent"),p,
2024-10-29 21:16:04 UTC	1369	IN	Data Raw: 65 63 74 2e 63 6f 6e 73 74 72 75 63 74 28 42 6f 6f 6c 65 61 6e 2c 5b 5d 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 29 29 2c 21 30 7d 63 61 74 63 68 28 65 29 7b 72 65 74 75 72 6e 21 31 7d 7d 66 75 6e 63 74 69 6f 6e 20 49 65 28 65 2c 72 2c 6e 29 7b 72 65 74 75 72 6e 20 42 65 28 29 3f 49 65 3d 52 65 66 6c 65 63 74 2e 63 6f 6e 73 74 72 75 63 74 3a 49 65 3d 66 75 6e 63 74 69 6f 6e 28 63 2c 6c 2c 68 29 7b 76 61 72 20 70 3d 5b 6e 75 6c 6c 5d 3b 70 2e 70 75 73 68 2e 61 70 70 6c 79 28 70 2c 6c 29 3b 76 61 72 20 66 3d 46 75 6e 63 74 69 6f 6e 2e 62 69 6e 64 2e 61 70 70 6c 79 28 63 2c 70 29 2c 73 3d 6e 65 77 20 66 3b 72 65 74 75 72 6e 20 68 26 26 4a 28 73 2c 68 2e 70 72 6f 74 6f 74 79 70 65 29 2c 73 7d 2c 49 65 2e 61 70 70 6c 79 28 6e 75 6c 6c 2c 61 72 67 75 6d 65 6e 74 Data Ascii: ect.construct(Boolean,[],function(){})),!0}catch(e){return!1}}function Ie(e,r,n){return Be()?Ie=Reflect.construct:Ie=function(c,l,h){var p=[null];p.push.apply(p,l);var f=Function.bind.apply(c,p),s=new f;return h&&J(s,h.prototype),s},Ie.apply(null,argument
2024-10-29 21:16:04 UTC	1369	IN	Data Raw: 74 69 6f 6e 20 67 28 65 2c 72 29 7b 76 61 72 20 6e 3d 22 5b 43 6c 6f 75 64 66 6c 61 72 65 20 54 75 72 6e 73 74 69 6c 65 5d 20 22 2e 63 6f 6e 63 61 74 28 65 2c 22 2e 22 29 3b 74 68 72 6f 77 20 6e 65 77 20 73 72 28 6e 2c 72 29 7d 66 75 6e 63 74 69 6f 6e 20 62 28 65 29 7b 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 28 22 5b 43 6c 6f 75 64 66 6c 61 72 65 20 54 75 72 6e 73 74 69 6c 65 5d 20 22 2e 63 6f 6e 63 61 74 28 65 29 29 7d 66 75 6e 63 74 69 6f 6e 20 71 65 28 65 29 7b 72 65 74 75 72 6e 20 65 2e 73 74 61 72 74 73 57 69 74 68 28 57 65 29 3f 65 2e 73 75 62 73 74 72 69 6e 67 28 57 65 2e 6c 65 6e 67 74 68 29 3a 6e 75 6c 6c 7d 66 75 6e 63 74 69 6f 6e 20 4b 28 65 29 7b 72 65 74 75 72 6e 22 22 2e 63 6f 6e 63 61 74 28 57 65 29 2e 63 6f 6e 63 61 74 28 65 29 7d 66 75 6e 63 Data Ascii: tion g(e,r){var n="[Cloudflare Turnstile] ".concat(e,".");throw new sr(n,r)}function b(e){console.warn("[Cloudflare Turnstile] ".concat(e))}function qe(e){return e.startsWith(We)?e.substring(We.length):null}function K(e){return"".concat(We).concat(e)}func
2024-10-29 21:16:04 UTC	1369	IN	Data Raw: 6f 70 3d 22 30 22 2c 70 2e 73 74 79 6c 65 2e 6c 65 66 74 3d 22 30 22 2c 70 2e 73 74 79 6c 65 2e 74 72 61 6e 73 66 6f 72 6d 4f 72 69 67 69 6e 3d 22 63 65 6e 74 65 72 20 63 65 6e 74 65 72 22 2c 70 2e 73 74 79 6c 65 2e 6f 76 65 72 66 6c 6f 77 58 3d 22 68 69 64 64 65 6e 22 2c 70 2e 73 74 79 6c 65 2e 6f 76 65 72 66 6c 6f 77 59 3d 22 61 75 74 6f 22 2c 70 2e 73 74 79 6c 65 2e 62 61 63 6b 67 72 6f 75 6e 64 3d 22 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 34 29 22 3b 76 61 72 20 66 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 29 3b 66 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 3d 22 74 61 62 6c 65 2d 63 65 6c 6c 22 2c 66 2e 73 74 79 6c 65 2e 76 65 72 74 69 63 61 6c 41 6c 69 67 6e 3d 22 6d 69 64 64 6c 65 22 2c 66 2e 73 74 79 6c Data Ascii: op="0",p.style.left="0",p.style.transformOrigin="center center",p.style.overflowX="hidden",p.style.overflowY="auto",p.style.background="rgba(0,0,0,0.4)";var f=document.createElement("div");f.style.display="table-cell",f.style.verticalAlign="middle",f.styl

Timestamp	Bytes transferred	Direction	Data
2024-10-29 21:16:04 UTC	2725	OUT	GET /_layouts/15/SPComponentRegistry.ashx?projects=[%22STS%22]&languages=%5B%5D HTTP/1.1 Host: bioaquatictesting-my.sharepoint.com Connection: keep-alive Accept: application/json User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/json Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://bioaquatictesting-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true& [TRUNCATED] Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0Nyth [TRUNCATED]
2024-10-29 21:16:04 UTC	1983	IN	HTTP/1.1 200 OK Cache-Control: private Content-Length: 6251600 Content-Type: application/json ETag: "33349097_sts_default_en-us" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk4MDUzMjk1N2IzY2RhOWY5Zjk2ZDJlNzEzNmRmZjliODZmNDJkOGMxNWE4MWQ0N2IyMGI2ZGY2MmNlZjk4ZTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTgwNTMyOTU3YjNjZGE5ZjlmOTZkMmU3MTM2ZGZmOWI4NmY0MmQ4YzE1YTgxZDQ3YjIwYjZkZjYyY2VmOThlNiwxMzM3NDcxMDQwMzAwMDAwMDAsMCwxMzM3NDc5NjUwMzkwOTkxMDEsMC4wLjAuMCwyNTgsNjQ5OWU2MGYtYzU1MC00NzY1LWE0OGYtZWE2MmZlNzNiNjc3LCwsZWFjNDVlYTEtYTBlOS02MDAwLWNhMzAtZTdlNWMyNWFjYjZlLGVhYzQ1ZWExLWEwZTktNjAwMC1jYTMwLWU3ZTVjMjVhY2I2ZSx3UjUzVzFlZ2FVdWNhV3FPeHUzeTZ3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM0OTcsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLEZyMnBFRUxtcWxMWHVKNm9RYmZZWFZRYXlXaHFPQ2xQY2VKdXBOUnVkK1c3ZlUvN1IyYW9vY2UyOGZjcXo5MG9XREZUU3pvckxtU0FHNFdsZ0trWEZrMzRrVksxcWFnWU53Y0ExRGNpU0dBZk4zVUc5U2JuU0Z2N3VsSWoyYmlNbVpkTGErTm1tMkZlZ2ZiQTYvenV1cEpIeWhRWHNUaWdkMTZBY2dRNDBJdmsxS3ZRTW0vRy82cThXSXAxcmVLZXZ4SmgzcENSdTlCeFoxUm1yUmlBSzlXZENQSGprSGtVTDUzaExPcGh0Y2p4Y3ZNQnBsNUF0 [TRUNCATED] X-NetworkStatistics: 0,2102272,67,159,324311,0,2102272,24 X-Language: en-US X-SPClient-Language: en-US CachedManifest: True X-AspNet-Version: 4.0.30319 SPRequestDuration: 29 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25409 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: D42F6AF0E0E54047837FC2CBB82F3357 Ref B: DFW311000102009 Ref C: 2024-10-29T21:16:04Z Date: Tue, 29 Oct 2024 21:16:03 GMT Connection: close
2024-10-29 21:16:04 UTC	520	IN	Data Raw: 7b 22 73 74 73 22 3a 7b 22 65 6e 2d 55 53 22 3a 7b 22 53 50 4c 49 53 54 22 3a 7b 22 73 63 72 69 70 74 50 61 74 68 44 61 74 61 22 3a 7b 22 61 72 69 61 2d 6d 69 6e 69 22 3a 22 61 72 69 61 2d 6d 69 6e 69 2d 62 31 64 33 65 62 32 65 22 2c 22 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 22 3a 22 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 2d 66 63 64 30 30 31 33 33 22 2c 22 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 2e 72 65 73 78 22 3a 22 65 6e 2d 75 73 2f 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 2e 72 65 73 78 2d 33 35 37 33 66 35 32 64 22 2c 22 72 6f 6f 73 74 65 72 65 64 69 74 6f 72 2d 6d 69 6e 69 22 3a 22 72 6f 6f 73 74 65 72 65 64 69 74 6f 72 2d 6d 69 6e 69 2d 34 39 39 38 34 36 33 64 22 2c Data Ascii: {"sts":{"en-US":{"SPLIST":{"scriptPathData":{"aria-mini":"aria-mini-b1d3eb2e","customformatter-mini":"customformatter-mini-fcd00133","customformatter-mini.resx":"en-us/customformatter-mini.resx-3573f52d","roostereditor-mini":"roostereditor-mini-4998463d",
2024-10-29 21:16:04 UTC	8192	IN	Data Raw: 63 68 2d 6d 69 6e 69 2d 32 66 37 33 65 61 38 31 22 2c 22 73 70 6c 69 73 74 72 65 61 63 74 63 6f 6e 74 72 6f 6c 73 64 65 66 65 72 72 65 64 2d 6d 69 6e 69 22 3a 22 73 70 6c 69 73 74 72 65 61 63 74 63 6f 6e 74 72 6f 6c 73 64 65 66 65 72 72 65 64 2d 6d 69 6e 69 2d 37 61 37 31 63 32 39 38 22 2c 22 73 70 6c 69 73 74 72 65 61 63 74 63 6f 6e 74 72 6f 6c 73 64 65 66 65 72 72 65 64 2d 6d 69 6e 69 2e 72 65 73 78 22 3a 22 65 6e 2d 75 73 2f 73 70 6c 69 73 74 72 65 61 63 74 63 6f 6e 74 72 6f 6c 73 64 65 66 65 72 72 65 64 2d 6d 69 6e 69 2e 72 65 73 78 2d 39 66 35 64 32 64 63 34 22 2c 22 73 70 6c 69 73 74 72 65 61 63 74 63 6f 6e 74 72 6f 6c 73 62 65 66 6f 72 65 70 6c 74 2d 6d 69 6e 69 22 3a 22 73 70 6c 69 73 74 72 65 61 63 74 63 6f 6e 74 72 6f 6c 73 62 65 66 6f 72 65 70 Data Ascii: ch-mini-2f73ea81","splistreactcontrolsdeferred-mini":"splistreactcontrolsdeferred-mini-7a71c298","splistreactcontrolsdeferred-mini.resx":"en-us/splistreactcontrolsdeferred-mini.resx-9f5d2dc4","splistreactcontrolsbeforeplt-mini":"splistreactcontrolsbeforep
2024-10-29 21:16:04 UTC	5811	IN	Data Raw: 44 34 65 22 2c 22 48 34 65 22 2c 22 4e 34 65 22 2c 22 46 34 65 22 2c 22 55 34 65 22 2c 22 54 34 65 22 2c 22 50 34 65 22 2c 22 4d 34 65 22 2c 22 6b 34 65 22 2c 22 4c 34 65 22 2c 22 5f 34 65 22 2c 22 62 34 65 22 2c 22 41 34 65 22 2c 22 45 34 65 22 2c 22 6d 34 65 22 2c 22 77 34 65 22 2c 22 75 34 65 22 2c 22 4f 34 65 22 2c 22 43 34 65 22 2c 22 78 34 65 22 2c 22 49 34 65 22 2c 22 53 34 65 22 2c 22 68 34 65 22 2c 22 79 34 65 22 2c 22 70 34 65 22 2c 22 76 34 65 22 2c 22 67 34 65 22 2c 22 72 37 65 22 2c 22 43 37 65 22 2c 22 6c 37 65 22 2c 22 4d 37 65 22 2c 22 4c 37 65 22 2c 22 77 37 65 22 2c 22 41 37 65 22 2c 22 4f 37 65 22 2c 22 6b 37 65 22 2c 22 45 37 65 22 2c 22 73 37 65 22 2c 22 50 37 65 22 2c 22 75 37 65 22 2c 22 78 37 65 22 2c 22 49 37 65 22 2c 22 70 37 65 Data Ascii: D4e","H4e","N4e","F4e","U4e","T4e","P4e","M4e","k4e","L4e","_4e","b4e","A4e","E4e","m4e","w4e","u4e","O4e","C4e","x4e","I4e","S4e","h4e","y4e","p4e","v4e","g4e","r7e","C7e","l7e","M7e","L7e","w7e","A7e","O7e","k7e","E7e","s7e","P7e","u7e","x7e","I7e","p7e
2024-10-29 21:16:04 UTC	8192	IN	Data Raw: 37 22 2c 22 6d 37 22 2c 22 70 37 22 2c 22 45 37 22 2c 22 77 37 22 2c 22 78 37 22 2c 22 49 37 22 2c 22 43 37 22 2c 22 44 37 22 2c 22 64 37 22 2c 22 6f 37 22 2c 22 72 37 22 2c 22 73 37 22 2c 22 69 37 22 2c 22 61 37 22 2c 22 6e 37 22 2c 22 74 5f 22 2c 22 61 5f 22 2c 22 6e 5f 22 2c 22 59 36 22 2c 22 4a 36 22 2c 22 24 6d 22 2c 22 65 5f 22 2c 22 57 6d 22 2c 22 5a 6d 22 2c 22 42 6d 22 2c 22 56 6d 22 2c 22 6a 6d 22 2c 22 4e 6d 22 2c 22 51 6d 22 2c 22 59 6d 22 2c 22 48 6d 22 2c 22 24 36 22 2c 22 58 6d 22 2c 22 47 6d 22 2c 22 5a 36 22 2c 22 4a 6d 22 2c 22 58 36 22 2c 22 64 5f 22 2c 22 46 6d 22 2c 22 55 6d 22 2c 22 54 6d 22 2c 22 51 36 22 2c 22 4b 36 22 2c 22 47 36 22 2c 22 57 36 22 2c 22 48 36 22 2c 22 56 36 22 2c 22 6a 36 22 2c 22 7a 36 22 2c 22 46 36 22 2c 22 4e Data Ascii: 7","m7","p7","E7","w7","x7","I7","C7","D7","d7","o7","r7","s7","i7","a7","n7","t_","a_","n_","Y6","J6","$m","e_","Wm","Zm","Bm","Vm","jm","Nm","Qm","Ym","Hm","$6","Xm","Gm","Z6","Jm","X6","d_","Fm","Um","Tm","Q6","K6","G6","W6","H6","V6","j6","z6","F6","N
2024-10-29 21:16:04 UTC	8192	IN	Data Raw: 22 2c 22 4d 47 22 2c 22 42 47 22 2c 22 24 78 22 2c 22 74 43 22 2c 22 65 43 22 2c 22 5f 43 22 2c 22 66 4b 22 2c 22 5f 4b 22 2c 22 70 4b 22 2c 22 6d 4b 22 2c 22 59 64 22 2c 22 65 6c 22 2c 22 4a 64 22 2c 22 43 38 22 2c 22 6b 38 22 2c 22 77 38 22 2c 22 41 38 22 2c 22 4c 38 22 2c 22 4f 38 22 2c 22 47 6f 22 2c 22 50 6f 22 2c 22 43 47 22 2c 22 6c 47 22 2c 22 66 47 22 2c 22 76 47 22 2c 22 63 47 22 2c 22 56 47 22 2c 22 64 47 22 2c 22 57 47 22 2c 22 61 6e 22 2c 22 4d 52 22 2c 22 6e 47 22 2c 22 43 54 22 2c 22 67 6e 22 2c 22 5a 7a 22 2c 22 24 7a 22 2c 22 73 47 22 2c 22 58 38 22 2c 22 5a 38 22 2c 22 4b 44 22 2c 22 65 47 22 2c 22 59 74 22 2c 22 24 74 22 2c 22 6e 6e 22 2c 22 51 48 22 2c 22 74 52 22 2c 22 6e 52 22 2c 22 5f 52 22 2c 22 4a 48 22 2c 22 7a 44 22 2c 22 47 44 Data Ascii: ","MG","BG","$x","tC","eC","_C","fK","_K","pK","mK","Yd","el","Jd","C8","k8","w8","A8","L8","O8","Go","Po","CG","lG","fG","vG","cG","VG","dG","WG","an","MR","nG","CT","gn","Zz","$z","sG","X8","Z8","KD","eG","Yt","$t","nn","QH","tR","nR","_R","JH","zD","GD
2024-10-29 21:16:04 UTC	8192	IN	Data Raw: 22 2c 22 65 6a 65 22 2c 22 78 42 65 22 2c 22 43 42 65 22 2c 22 54 4e 65 22 2c 22 50 4e 65 22 2c 22 4d 4e 65 22 2c 22 6b 4e 65 22 2c 22 4c 4e 65 22 2c 22 41 4e 65 22 2c 22 77 35 65 22 2c 22 4f 35 65 22 2c 22 4f 42 65 22 2c 22 4d 42 65 22 2c 22 72 4d 65 22 2c 22 69 4d 65 22 2c 22 61 4d 65 22 2c 22 52 6b 65 22 2c 22 45 6b 65 22 2c 22 64 4d 65 22 2c 22 77 4d 65 22 2c 22 78 4d 65 22 2c 22 56 6b 65 22 2c 22 7a 6b 65 22 2c 22 48 6b 65 22 2c 22 63 4d 65 22 2c 22 44 4d 65 22 2c 22 49 4d 65 22 2c 22 4f 4d 65 22 2c 22 77 6b 65 22 2c 22 62 44 65 22 2c 22 77 42 65 22 2c 22 5f 44 65 22 2c 22 6d 44 65 22 2c 22 61 7a 65 22 2c 22 6e 7a 65 22 2c 22 58 56 65 22 2c 22 59 56 65 22 2c 22 4a 56 65 22 2c 22 71 56 65 22 2c 22 51 56 65 22 2c 22 46 4e 65 22 2c 22 56 4e 65 22 2c 22 Data Ascii: ","eje","xBe","CBe","TNe","PNe","MNe","kNe","LNe","ANe","w5e","O5e","OBe","MBe","rMe","iMe","aMe","Rke","Eke","dMe","wMe","xMe","Vke","zke","Hke","cMe","DMe","IMe","OMe","wke","bDe","wBe","_De","mDe","aze","nze","XVe","YVe","JVe","qVe","QVe","FNe","VNe","
2024-10-29 21:16:04 UTC	8192	IN	Data Raw: 22 2c 22 73 62 65 22 2c 22 76 66 65 22 2c 22 50 68 65 22 2c 22 72 62 65 22 2c 22 45 67 65 22 2c 22 68 67 65 22 2c 22 4c 75 65 22 2c 22 78 68 65 22 2c 22 64 67 65 22 2c 22 57 75 65 22 2c 22 50 76 65 22 2c 22 6f 75 65 22 2c 22 49 75 65 22 2c 22 61 75 65 22 2c 22 45 64 65 22 2c 22 5a 68 65 22 2c 22 65 62 65 22 2c 22 51 68 65 22 2c 22 4a 68 65 22 2c 22 58 68 65 22 2c 22 71 68 65 22 2c 22 6f 67 65 22 2c 22 5f 62 65 22 2c 22 62 62 65 22 2c 22 70 62 65 22 2c 22 64 62 65 22 2c 22 75 62 65 22 2c 22 6c 62 65 22 2c 22 63 62 65 22 2c 22 79 75 65 22 2c 22 49 6c 65 22 2c 22 44 6c 65 22 2c 22 78 6c 65 22 2c 22 53 6c 65 22 2c 22 41 6d 65 22 2c 22 45 6d 65 22 2c 22 4c 6d 65 22 2c 22 48 6d 65 22 2c 22 46 6d 65 22 2c 22 55 6d 65 22 2c 22 4d 6d 65 22 2c 22 6a 68 65 22 2c 22 Data Ascii: ","sbe","vfe","Phe","rbe","Ege","hge","Lue","xhe","dge","Wue","Pve","oue","Iue","aue","Ede","Zhe","ebe","Qhe","Jhe","Xhe","qhe","oge","_be","bbe","pbe","dbe","ube","lbe","cbe","yue","Ile","Dle","xle","Sle","Ame","Eme","Lme","Hme","Fme","Ume","Mme","jhe","
2024-10-29 21:16:04 UTC	8192	IN	Data Raw: 22 24 58 22 2c 22 43 58 22 2c 22 59 4a 22 2c 22 44 58 22 2c 22 47 58 22 2c 22 45 58 22 2c 22 4e 58 22 2c 22 42 58 22 2c 22 52 58 22 2c 22 75 58 22 2c 22 6c 58 22 2c 22 76 58 22 2c 22 70 58 22 2c 22 6e 5a 22 2c 22 54 58 22 2c 22 69 5a 22 2c 22 4f 58 22 2c 22 41 58 22 2c 22 48 58 22 2c 22 77 58 22 2c 22 73 58 22 2c 22 4a 58 22 2c 22 49 58 22 2c 22 5a 58 22 2c 22 74 5a 22 2c 22 65 5a 22 2c 22 78 58 22 2c 22 46 58 22 2c 22 53 58 22 2c 22 71 4a 22 2c 22 69 58 22 2c 22 72 58 22 2c 22 57 4a 22 2c 22 51 4a 22 2c 22 4b 58 22 2c 22 71 58 22 2c 22 74 58 22 2c 22 50 58 22 2c 22 79 58 22 2c 22 56 58 22 2c 22 7a 58 22 2c 22 61 58 22 2c 22 59 58 22 2c 22 6f 5a 22 2c 22 57 58 22 2c 22 73 5a 22 2c 22 6a 4a 22 2c 22 4f 61 65 22 2c 22 24 4c 22 2c 22 65 6b 22 2c 22 6d 6b 22 Data Ascii: "$X","CX","YJ","DX","GX","EX","NX","BX","RX","uX","lX","vX","pX","nZ","TX","iZ","OX","AX","HX","wX","sX","JX","IX","ZX","tZ","eZ","xX","FX","SX","qJ","iX","rX","WJ","QJ","KX","qX","tX","PX","yX","VX","zX","aX","YX","oZ","WX","sZ","jJ","Oae","$L","ek","mk"
2024-10-29 21:16:04 UTC	8192	IN	Data Raw: 6f 22 2c 22 4f 44 22 2c 22 5a 65 22 2c 22 53 74 22 2c 22 43 67 74 22 2c 22 59 67 74 22 2c 22 4f 67 74 22 2c 22 48 6f 22 2c 22 41 67 74 22 2c 22 73 35 22 2c 22 63 35 22 2c 22 4c 44 22 2c 22 64 35 22 2c 22 6c 35 22 2c 22 77 67 74 22 2c 22 4b 50 22 2c 22 70 6c 22 2c 22 7a 35 22 2c 22 6b 67 74 22 2c 22 7a 67 74 22 2c 22 57 67 74 22 2c 22 4b 67 74 22 2c 22 46 67 74 22 2c 22 6a 67 74 22 2c 22 48 67 74 22 2c 22 6d 44 22 2c 22 43 44 22 2c 22 5f 44 22 2c 22 6a 6f 22 2c 22 4c 73 22 2c 22 70 44 22 2c 22 56 6f 22 2c 22 64 44 22 2c 22 66 44 22 2c 22 6c 44 22 2c 22 75 44 22 2c 22 5f 4d 22 2c 22 67 4d 22 2c 22 63 44 22 2c 22 68 4d 22 2c 22 62 4d 22 2c 22 50 67 74 22 2c 22 74 6c 22 2c 22 73 44 22 2c 22 6f 44 22 2c 22 6a 54 22 2c 22 6f 6e 22 2c 22 44 6f 22 2c 22 73 6e 22 Data Ascii: o","OD","Ze","St","Cgt","Ygt","Ogt","Ho","Agt","s5","c5","LD","d5","l5","wgt","KP","pl","z5","kgt","zgt","Wgt","Kgt","Fgt","jgt","Hgt","mD","CD","_D","jo","Ls","pD","Vo","dD","fD","lD","uD","_M","gM","cD","hM","bM","Pgt","tl","sD","oD","jT","on","Do","sn"
2024-10-29 21:16:04 UTC	8192	IN	Data Raw: 69 2d 62 31 64 33 65 62 32 65 22 2c 22 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 22 3a 22 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 2d 30 39 34 38 30 36 30 34 22 2c 22 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 2e 72 65 73 78 22 3a 22 65 6e 2d 75 73 2f 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 2e 72 65 73 78 2d 31 35 34 31 31 37 31 32 22 2c 22 72 6f 6f 73 74 65 72 65 64 69 74 6f 72 2d 6d 69 6e 69 22 3a 22 72 6f 6f 73 74 65 72 65 64 69 74 6f 72 2d 6d 69 6e 69 2d 36 32 30 36 66 66 34 62 22 2c 22 72 6f 6f 73 74 65 72 65 64 69 74 6f 72 2d 6d 69 6e 69 2e 72 65 73 78 22 3a 22 65 6e 2d 75 73 2f 72 6f 6f 73 74 65 72 65 64 69 74 6f 72 2d 6d 69 6e 69 2e 72 65 73 78 2d 62 30 31 34 62 65 30 39 22 Data Ascii: i-b1d3eb2e","customformatter-mini":"customformatter-mini-09480604","customformatter-mini.resx":"en-us/customformatter-mini.resx-15411712","roostereditor-mini":"roostereditor-mini-6206ff4b","roostereditor-mini.resx":"en-us/roostereditor-mini.resx-b014be09"