Edit tour

Windows Analysis Report
https://mailustabucaedu-my.sharepoint.com/:u:/g/personal/stella_pabon_ustabuca_edu_co/EWCk8BqICKBBrExz32n-PvYBCVoLK4PToNCGKPT0vElGYg?e=w0tQWE

Overview

General Information

Sample URL:	https://mailustabucaedu-my.sharepoint.com/:u:/g/personal/stella_pabon_ustabuca_edu_co/EWCk8BqICKBBrExz32n-PvYBCVoLK4PToNCGKPT0vElGYg?e=w0tQWE
Analysis ID:	1576369
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Downloads suspicious files via Chrome

Suspicious execution chain found

Drops PE files

Drops files with a non-matching file extension (content does not match file extension)

PE file does not import any functions

Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 6844 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 7040 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1964,i,11543372623872466336,13927027499985870791,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4980 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4372 --field-trial-handle=1964,i,11543372623872466336,13927027499985870791,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5464 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://mailustabucaedu-my.sharepoint.com/:u:/g/personal/stella_pabon_ustabuca_edu_co/EWCk8BqICKBBrExz32n-PvYBCVoLK4PToNCGKPT0vElGYg?e=w0tQWE" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

rundll32.exe (PID: 7336 cmdline: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding MD5: EF3179D498793BF4234F708D3BE28633)

cleanup

HTTP traffic detected: POST /personal/stella_pabon_ustabuca_edu_co/_api/SP.OAuth.Token/Acquire() HTTP/1.1Host: mailustabucaedu-my.sharepoint.comConnection: keep-aliveContent-Length: 42sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Odata-Version: 4.0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json;odata=verboseCollectSPPerfMetrics: SPSQLQueryCountAccept: application/json;odata.metadata=minimalx-requestdigest: 0xE73424B9D439A2243771B2A71C69245C396EC8073BB54F74E46EFEE93639CC3A180B317F728260854F36BC6503E9342051CA6EAFDA73A1639332D3D8F8C1EBBA,16 Dec 2024 21:18:06 -0000sec-ch-ua-platform: "Windows"Origin: https://mailustabucaedu-my.sharepoint.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe&parent=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip&ga=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1heHVSSHg4SHlPZkR1YUN1K1AzNkVLdk5pK1BBNm1yNDdCTkc2bHh0REQ2d3NVZEcrU3VOZEhZRW1YWmJTeDV6bVdWY2doUm9ObkQrdnVzRWlYaDlvLzVuUk9PTWMyTWdNUDY4S3pMREJaRGVoLzRjYWNWRXFrSGN1ekE9PTwvU1A+; FeatureOverrides_experiments=[]; MicrosoftApplicationsTelemetryDeviceId=e71d8a45-ab6e-42d7-893c-af4c91599be5; ai_session=e0DyyxtBFGEE84w3EBke3h|1734383895633|1734383895655

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenCache-Control: no-cache, no-storePragma: no-cacheContent-Length: 59Content-Type: application/jsonExpires: -1P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1heHVSSHg4SHlPZkR1YUN1K1AzNkVLdk5pK1BBNm1yNDdCTkc2bHh0REQ2d3NVZEcrU3VOZEhZRW1YWmJTeDV6bVdWY2doUm9ObkQrdnVzRWlYaDlvLzVuUk9PTWMyTWdNUDY4S3pMREJaRGVoLzRjYWNWRXFrSGN1ekE9PTwvU1A+; path=/; SameSite=None; secure; HttpOnlyX-NetworkStatistics: 0,1051136,7,15,2107626,0,1051136,7X-SharePointHealthScore: 0X-VroomVersion: 2.0X-DataBoundary: NONEX-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/SPRequestGuid: 2f386ea1-e0ae-0000-5d95-34c9088b5170request-id: 2f386ea1-e0ae-0000-5d95-34c9088b5170MS-CV: oW44L67gAABdlTTJCItRcA.0Alt-Svc: h3=":443";ma=86400Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-EWR31r5d&frontEnd=AFD&RemoteIP=8.46.123.0"}]}NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}Strict-Transport-Security: max-age=31536000X-FRAME-OPTIONS: SAMEORIGINContent-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com;SPRequestDuration: 61SPIisLatency: 3X-Powered-By: ASP.NETMicrosoftSharePointTea
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenCache-Control: no-cache, no-storePragma: no-cacheContent-Length: 59Content-Type: application/jsonExpires: -1P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1heHVSSHg4SHlPZkR1YUN1K1AzNkVLdk5pK1BBNm1yNDdCTkc2bHh0REQ2d3NVZEcrU3VOZEhZRW1YWmJTeDV6bVdWY2doUm9ObkQrdnVzRWlYaDlvLzVuUk9PTWMyTWdNUDY4S3pMREJaRGVoLzRjYWNWRXFrSGN1ekE9PTwvU1A+; path=/; SameSite=None; secure; HttpOnlyX-NetworkStatistics: 0,1051136,6,6,2861773,0,624206,6X-SharePointHealthScore: 2X-VroomVersion: 2.0X-DataBoundary: NONEX-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/SPRequestGuid: 35386ea1-b0cf-0000-5773-0aa73dc3aa7crequest-id: 35386ea1-b0cf-0000-5773-0aa73dc3aa7cMS-CV: oW44Nc+wAABXcwqnPcOqfA.0Alt-Svc: h3=":443";ma=86400Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]}NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}Strict-Transport-Security: max-age=31536000X-FRAME-OPTIONS: SAMEORIGINContent-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com;SPRequestDuration: 49SPIisLatency: 1X-Powered-By: ASP.NETMicrosoftSharePointTeamS

Source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
Source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: Unconfirmed 949493.crdownload.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0
Source: chromecache_727.1.dr, chromecache_999.1.dr, chromecache_611.1.dr, chromecache_912.1.dr, chromecache_622.1.dr, chromecache_661.1.dr	String found in binary or memory: http://fb.me/use-check-prop-types
Source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr	String found in binary or memory: http://ocsp.digicert.com0
Source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr	String found in binary or memory: http://ocsp.digicert.com0A
Source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr	String found in binary or memory: http://ocsp.digicert.com0C
Source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr	String found in binary or memory: http://ocsp.digicert.com0X
Source: chromecache_750.1.dr, chromecache_614.1.dr	String found in binary or memory: http://www.contoso.com
Source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr	String found in binary or memory: http://www.digicert.com/CPS0
Source: chromecache_651.1.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: chromecache_967.1.dr, chromecache_746.1.dr, chromecache_674.1.dr, chromecache_785.1.dr	String found in binary or memory: https://1drv.com/
Source: chromecache_967.1.dr, chromecache_746.1.dr, chromecache_674.1.dr, chromecache_785.1.dr	String found in binary or memory: https://centralus1-mediad.svc.ms
Source: chromecache_967.1.dr, chromecache_746.1.dr	String found in binary or memory: https://clients.config.office.net/user/v1.0/web/policies
Source: chromecache_868.1.dr, chromecache_687.1.dr	String found in binary or memory: https://floodgatesurveyschema.svc.cloud.microsoft/be998278-ae33-41a3-a032-f8020d1a9379/0777467b-557e
Source: chromecache_891.1.dr, chromecache_955.1.dr, chromecache_853.1.dr, chromecache_837.1.dr	String found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
Source: chromecache_967.1.dr, chromecache_746.1.dr, chromecache_674.1.dr, chromecache_785.1.dr	String found in binary or memory: https://livefilestore.com/
Source: chromecache_979.1.dr, chromecache_738.1.dr, chromecache_1007.1.dr, chromecache_629.1.dr	String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_834.1.dr	String found in binary or memory: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co
Source: chromecache_834.1.dr	String found in binary or memory: https://mailustabucaedu-my.sharepoint.com:443/_api/v2.0/drives/b
Source: chromecache_722.1.dr, chromecache_719.1.dr	String found in binary or memory: https://make.powerautomate.com
Source: chromecache_722.1.dr, chromecache_719.1.dr	String found in binary or memory: https://make.preprod.powerautomate.com
Source: chromecache_722.1.dr, chromecache_719.1.dr	String found in binary or memory: https://make.test.powerautomate.com
Source: chromecache_967.1.dr, chromecache_746.1.dr, chromecache_617.1.dr, chromecache_674.1.dr, chromecache_567.1.dr, chromecache_785.1.dr, chromecache_638.1.dr, chromecache_855.1.dr	String found in binary or memory: https://media.cloudapp.net
Source: chromecache_979.1.dr, chromecache_738.1.dr, chromecache_1007.1.dr, chromecache_629.1.dr	String found in binary or memory: https://microsoft.spfx3rdparty.com
Source: chromecache_567.1.dr, chromecache_996.1.dr, chromecache_741.1.dr	String found in binary or memory: https://my.microsoftpersonalcontent.com
Source: chromecache_967.1.dr, chromecache_746.1.dr, chromecache_617.1.dr, chromecache_674.1.dr, chromecache_567.1.dr, chromecache_785.1.dr, chromecache_638.1.dr, chromecache_855.1.dr	String found in binary or memory: https://northcentralus1-medias.svc.ms
Source: chromecache_975.1.dr, chromecache_686.1.dr	String found in binary or memory: https://onedrive.cloud.microsoft
Source: chromecache_975.1.dr, chromecache_686.1.dr	String found in binary or memory: https://onedrive.dev.cloud.microsoft
Source: chromecache_834.1.dr, chromecache_932.1.dr, chromecache_545.1.dr	String found in binary or memory: https://onedrive.live.com/?gologin=1
Source: chromecache_979.1.dr, chromecache_738.1.dr, chromecache_1007.1.dr, chromecache_629.1.dr	String found in binary or memory: https://onedrive.live.com/_layouts/15/odcauth.aspx
Source: chromecache_562.1.dr, chromecache_922.1.dr, chromecache_996.1.dr, chromecache_741.1.dr	String found in binary or memory: https://outlook.office.com/search
Source: chromecache_967.1.dr, chromecache_746.1.dr	String found in binary or memory: https://portal.office.com/
Source: chromecache_725.1.dr	String found in binary or memory: https://reactjs.org/link/react-polyfills
Source: chromecache_967.1.dr, chromecache_746.1.dr	String found in binary or memory: https://res-1-sdf.cdn.office.net
Source: chromecache_967.1.dr, chromecache_834.1.dr, chromecache_746.1.dr, chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net
Source: chromecache_609.1.dr, chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/odblightspeedwebpack/15.js
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/odblightspeedwebpack/150.js
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/odblightspeedwebpack/30.js
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/odblightspeedwebpack/36.js
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/odblightspeedwebpack/38.js
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/odblightspeedwebpack/403.js
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/odblightspeedwebpack/53.js
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/odblightspeedwebpack/56.js
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/odblightspeedwebpack/78.js
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/odblightspeedwebpack/es/initial.resx
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/odblightspeedwebpack/es/ondemand.res
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/odblightspeedwebpack/odblightspeedwe
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/odblightspeedwebpack/plt.listviewdat
Source: chromecache_609.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-11-29.005/stsserviceworkerprefetch/stsservicew
Source: chromecache_834.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.004/
Source: chromecache_834.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.004/oneuplightspeedwebpack/es/initial.re
Source: chromecache_834.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.004/oneuplightspeedwebpack/oneuplightspe
Source: chromecache_834.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.004/oneuplightspeedwebpack/plt.items-vie
Source: chromecache_834.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.004/oneuplightspeedwebpack/plt.odsp-comm
Source: chromecache_834.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.004/oneuplightspeedwebpack/plt.office-ui
Source: chromecache_603.1.dr, chromecache_616.1.dr, chromecache_609.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.007/
Source: chromecache_609.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.007/spserviceworker.js
Source: chromecache_603.1.dr, chromecache_616.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.007/spwebworker.js
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp-media-53e88b74
Source: chromecache_834.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp-media-e3b50469
Source: chromecache_834.1.dr, chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.1ds/odsp.1ds.lib-9f75f7e2
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.aria/odsp.aria.lib-ab227069
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.fluentui.core/fui.core-b73b533d
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.fluentui.core/fui.core-b73b533d.js
Source: chromecache_834.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.fluentui.core/fui.core-fb899173
Source: chromecache_834.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.fluentui.core/fui.core-fb899173.js
Source: chromecache_834.1.dr, chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.fluentui.utilities/fui.util-93de749b
Source: chromecache_834.1.dr, chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.fluentui.utilities/fui.util-93de749b.js
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.knockout/odsp.knockout.lib-447adea9
Source: chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.knockout/odsp.knockout.lib-447adea9.js
Source: chromecache_834.1.dr, chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.react/odsp.react.lib-9ea4d016
Source: chromecache_834.1.dr, chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.react/odsp.react.lib-9ea4d016.js
Source: chromecache_834.1.dr, chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.tslib/tslib-6a7224b3
Source: chromecache_834.1.dr, chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.tslib/tslib-6a7224b3.js
Source: chromecache_834.1.dr, chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.utilities/odsp.util-90e28871
Source: chromecache_834.1.dr, chromecache_545.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/sp-client/odsp.utilities/odsp.util-90e28871.js
Source: chromecache_545.1.dr	String found in binary or memory: https://res-2.cdn.office.net/files/odsp-web-prod_2024-11-29.005/
Source: chromecache_834.1.dr	String found in binary or memory: https://res-2.cdn.office.net/files/odsp-web-prod_2024-12-06.004/
Source: chromecache_780.1.dr	String found in binary or memory: https://res.cdn.office.net/admincenter/admin-main/2024.12.9.1/
Source: chromecache_780.1.dr	String found in binary or memory: https://res.cdn.office.net/admincenter/admin-main/2024.12.9.1/floodgate.es.bundle.js
Source: chromecache_834.1.dr, chromecache_545.1.dr	String found in binary or memory: https://shell.cdn.office.net
Source: chromecache_545.1.dr	String found in binary or memory: https://shell.cdn.office.net/api/ShellBootstrapper/business/OneShell
Source: chromecache_967.1.dr, chromecache_746.1.dr	String found in binary or memory: https://shellppe.msocdn.com
Source: chromecache_967.1.dr, chromecache_746.1.dr	String found in binary or memory: https://shellprod.msocdn.com
Source: chromecache_834.1.dr, chromecache_545.1.dr	String found in binary or memory: https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/leelawadeeui-thai/leelawadeeui-bold.w
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/leelawadeeui-thai/leelawadeeui-regula
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/leelawadeeui-thai/leelawadeeui-semili
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-bold.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-bold.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-light.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-light.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-regular.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-regular.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semibold.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semibold.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semilight.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-bold.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-bold.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-light.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-light.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-regular.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-semibold.wof
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-semilight.wo
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-bold.wof
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-light.wo
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-regular.
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-semibold
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-semiligh
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-bold.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-bold.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-light.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-light.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-regular.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-regular.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semibold.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semibold.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semilight.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semilight.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-bold.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-bold.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-light.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-light.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-regular.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-regular.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semibold.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semibold.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semilight.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-bold.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-bold.woff2
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-light.woff
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-regular.wo
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-semibold.w
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-semilight.
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-bold.wof
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.wo
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold
Source: chromecache_806.1.dr	String found in binary or memory: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semiligh
Source: chromecache_967.1.dr, chromecache_746.1.dr	String found in binary or memory: https://substrate.office.com
Source: chromecache_583.1.dr, chromecache_721.1.dr, chromecache_688.1.dr, chromecache_922.1.dr, chromecache_996.1.dr, chromecache_555.1.dr	String found in binary or memory: https://support.office.com/en-us/article/Manage-lists-and-libraries-with-many-items-b8588dae-9387-48
Source: chromecache_932.1.dr	String found in binary or memory: https://www.office.com/login?prompt=select_account&ru=%2Flaunch%2F$
Source: chromecache_545.1.dr	String found in binary or memory: https://www.office.com/login?prompt=select_account&ru=%2Flaunch%2Fonedrive
Source: chromecache_932.1.dr	String found in binary or memory: https://www.office.com/login?ru=%2Flaunch%2F$
Source: chromecache_834.1.dr, chromecache_545.1.dr	String found in binary or memory: https://www.office.com/login?ru=%2Flaunch%2Fonedrive

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50225 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50299
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50229
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50225
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50308 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 50120 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 50291 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 50100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50120
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50246
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50323 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 50229 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50308
Source: unknown	Network traffic detected: HTTP traffic on port 50299 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 50029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 50104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50323
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50291
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866

System Summary

Downloads suspicious files via Chrome

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File dump: C:\Users\user\Downloads\AnyDesk.exe.zip (copy)			Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File dump: C:\Users\user\Downloads\AnyDesk.exe (1).zip (copy)			Jump to dropped file

Source: Unconfirmed 949493.crdownload.0.dr	Static PE information: No import functions for PE file found
Source: chromecache_989.1.dr	Static PE information: No import functions for PE file found

Source: classification engine

Classification label: mal48.expl.win@23/757@40/8

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: C:\Windows\System32\rundll32.exe

WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Family,VirtualizationFirmwareEnabled FROM Win32_Processor

Source: C:\Windows\System32\rundll32.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown

Process created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1964,i,11543372623872466336,13927027499985870791,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://mailustabucaedu-my.sharepoint.com/:u:/g/personal/stella_pabon_ustabuca_edu_co/EWCk8BqICKBBrExz32n-PvYBCVoLK4PToNCGKPT0vElGYg?e=w0tQWE"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4372 --field-trial-handle=1964,i,11543372623872466336,13927027499985870791,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1964,i,11543372623872466336,13927027499985870791,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4372 --field-trial-handle=1964,i,11543372623872466336,13927027499985870791,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source:	Binary string: C:\Buildbot\ad-windows-32\build\release\app-32\win_loader\AnyDesk.pdb source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr
Source:	Binary string: C:\Buildbot\ad-windows-32\build\release\app-32\win_loader\AnyDesk.pdb: source: chromecache_989.1.dr, Unconfirmed 949493.crdownload.0.dr

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\Downloads\1549404d-188e-455a-9048-dc28113dbe04.tmp	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 989	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\Downloads\Unconfirmed 949493.crdownload	Jump to dropped file

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 989
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 989			Jump to dropped file

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Source: C:\Windows\System32\rundll32.exe

Process information set: NOOPENFILEERRORBOX

Jump to behavior

Source: C:\Windows\System32\rundll32.exe

WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Family,VirtualizationFirmwareEnabled FROM Win32_Processor

Source: chromecache_586.1.dr, chromecache_683.1.dr, chromecache_938.1.dr, chromecache_724.1.dr	Binary or memory string: "}};(0,i.fF)(n,t)}function O(e,t){void 0===e&&(e="");var n={style:{MozOsxFontSmoothing:"grayscale",WebkitFontSmoothing:"antialiased",fontStyle:"normal",fontWeight:"normal",speak:"none"},fontFace:{fontFamily:'"FabricMDL2Icons-21"',src:"url('".concat(e,"odsp-next-icons-21-f9e5f519.woff') format('woff')")},icons:{DisconnectVirtualMachine:"
Source: chromecache_586.1.dr, chromecache_683.1.dr, chromecache_938.1.dr, chromecache_724.1.dr, chromecache_666.1.dr	Binary or memory string: ",ConnectVirtualMachine:"
Source: chromecache_666.1.dr	Binary or memory string: ",DisconnectVirtualMachine:"

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	11 Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	11 Masquerading	OS Credential Dumping	11 Security Software Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	1 Exploitation for Client Execution	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Virtualization/Sandbox Evasion	LSASS Memory	1 Virtualization/Sandbox Evasion	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	1 Rundll32	Security Account Manager	2 System Information Discovery	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	1 Process Injection	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://mailustabucaedu-my.sharepoint.com/:u:/g/personal/stella_pabon_ustabuca_edu_co/EWCk8BqICKBBrExz32n-PvYBCVoLK4PToNCGKPT0vElGYg?e=w0tQWE	0%	Avira URL Cloud	safe

Dropped Files

Source	Detection	Scanner	Label	Link
C:\Users\user\Downloads\Unconfirmed 949493.crdownload	0%	ReversingLabs
Chrome Cache Entry: 989	0%	ReversingLabs

Source	Detection	Scanner	Label
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co	0%	Avira URL Cloud	safe
https://mailustabucaedu-my.sharepoint.com/_layouts/15/images/odbfavicon.ico?rev=47	0%	Avira URL Cloud	safe
about:blank	0%	Avira URL Cloud	safe
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/AccessDenied.aspx?correlation=3d386ea1%2D10a6%2D0000%2D51c1%2D3bdcfd419794	0%	Avira URL Cloud	safe
https://onedrive.dev.cloud.microsoft	0%	Avira URL Cloud	safe
https://northcentralus1-medias.svc.ms	0%	Avira URL Cloud	safe
https://make.test.powerautomate.com	0%	Avira URL Cloud	safe
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/CSPReporting.aspx	0%	Avira URL Cloud	safe
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_api/v2.0/sites/root/lists/74463084-87e5-4e57-b11b-9820afa05836/subscriptions/socketIo?listItemIds=	0%	Avira URL Cloud	safe
https://mailustabucaedu-my.sharepoint.com/_layouts/15/SPComponentRegistry.ashx?projects=[%22STS%22]&languages=%5B%5D	0%	Avira URL Cloud	safe
https://mailustabucaedu-my.sharepoint.com/_layouts/15/spwebworkerproxy.ashx	0%	Avira URL Cloud	safe
https://shellppe.msocdn.com	0%	Avira URL Cloud	safe
https://onedrive.cloud.microsoft	0%	Avira URL Cloud	safe
https://centralus1-mediad.svc.ms	0%	Avira URL Cloud	safe
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_api/v2.1/graphql	0%	Avira URL Cloud	safe
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_api/SP.OAuth.Token/Acquire()	0%	Avira URL Cloud	safe
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_api/v2.0/sites/root/lists/%7B74463084-87e5-4e57-b11b-9820afa05836%7D/subscriptions/socketIo?listItemIds=	0%	Avira URL Cloud	safe
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_api/sp.FavoriteItemCollection.GetFavoriteItems?top=500	0%	Avira URL Cloud	safe
https://mailustabucaedu-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&spartanOneDriveWireframe=true&streamViewServerLoad=true&streamInlineScript=true&siteConfigRace=true&listhandler=v2	0%	Avira URL Cloud	safe
https://6cb6ca53f05ef938d4d281237ebac2e0.fp.measure.office.com/apc/trans.gif?6add196020864bc47bc8b8d2856f59cf	0%	Avira URL Cloud	safe
https://make.preprod.powerautomate.com	0%	Avira URL Cloud	safe
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/download.aspx?UniqueId=1af0a460%2D0888%2D41a0%2Dac4c%2D73df69fe3ef6	0%	Avira URL Cloud	safe
https://6cb6ca53f05ef938d4d281237ebac2e0.fp.measure.office.com/apc/trans.gif?c23bab43ca6d8db1da66c313c1ca830f	0%	Avira URL Cloud	safe
https://mailustabucaedu-my.sharepoint.com:443/_api/v2.0/drives/b	0%	Avira URL Cloud	safe
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_api/v2.0/sites/%7Bc34dbdef-40e8-4638-b217-6db2cdf8fd5b%7D/lists/%7B74463084-87e5-4e57-b11b-9820afa05836%7D/items/delta?token=latest	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
svc.ms-acdc-teams.office.com	52.123.243.11	true	false	high
ooc-g2.tm-4.office.com	52.98.61.34	true	false	high
dual-spo-0005.spo-msedge.net	13.107.136.10	true	false	high
www.google.com	142.250.181.68	true	false	high
mira-ofc.tm-4.office.com	52.110.18.199	true	false	high
6cb6ca53f05ef938d4d281237ebac2e0.fp.measure.office.com	unknown	unknown	false	unknown
r4.res.office365.com	unknown	unknown	false	high
mailustabucaedu-my.sharepoint.com	unknown	unknown	false	high
tr-ofc-mira.office.com	unknown	unknown	false	high
upload.fp.measure.office.com	unknown	unknown	false	high
config.fp.measure.office.com	unknown	unknown	false	high
eastus1-mediap.svc.ms	unknown	unknown	false	high
m365cdn.nel.measure.office.net	unknown	unknown	false	high
spo.nel.measure.office.net	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://tr-ofc-mira.office.com/apc/trans.gif?e045961b48458e4a68f1a08ee2882336	false		high
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_api/v2.0/sites/root/lists/74463084-87e5-4e57-b11b-9820afa05836/subscriptions/socketIo?listItemIds=	false	Avira URL Cloud: safe	unknown
about:blank	false	Avira URL Cloud: safe	unknown
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip&ga=1	false		unknown
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/CSPReporting.aspx	false	Avira URL Cloud: safe	unknown
https://mailustabucaedu-my.sharepoint.com/_layouts/15/images/odbfavicon.ico?rev=47	false	Avira URL Cloud: safe	unknown
https://eastus1-mediap.svc.ms/transform/zip?cs=fFNQTw	false		high
https://tr-ofc-mira.office.com/apc/trans.gif?f63fe6ad9bdbc5b49637c2cf83b3f823	false		high
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/AccessDenied.aspx?correlation=3d386ea1%2D10a6%2D0000%2D51c1%2D3bdcfd419794	false	Avira URL Cloud: safe	unknown
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe&parent=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip&ga=1	false		unknown
https://mailustabucaedu-my.sharepoint.com/_layouts/15/SPComponentRegistry.ashx?projects=[%22STS%22]&languages=%5B%5D	false	Avira URL Cloud: safe	unknown
https://mailustabucaedu-my.sharepoint.com/_layouts/15/spwebworkerproxy.ashx	false	Avira URL Cloud: safe	unknown
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_api/v2.1/graphql	false	Avira URL Cloud: safe	unknown
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?ga=1&id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe	false		unknown
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_api/sp.FavoriteItemCollection.GetFavoriteItems?top=500	false	Avira URL Cloud: safe	unknown
https://mailustabucaedu-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&spartanOneDriveWireframe=true&streamViewServerLoad=true&streamInlineScript=true&siteConfigRace=true&listhandler=v2	false	Avira URL Cloud: safe	unknown
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_api/SP.OAuth.Token/Acquire()	false	Avira URL Cloud: safe	unknown
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_api/v2.0/sites/root/lists/%7B74463084-87e5-4e57-b11b-9820afa05836%7D/subscriptions/socketIo?listItemIds=	false	Avira URL Cloud: safe	unknown
https://6cb6ca53f05ef938d4d281237ebac2e0.fp.measure.office.com/apc/trans.gif?6add196020864bc47bc8b8d2856f59cf	false	Avira URL Cloud: safe	unknown
https://6cb6ca53f05ef938d4d281237ebac2e0.fp.measure.office.com/apc/trans.gif?c23bab43ca6d8db1da66c313c1ca830f	false	Avira URL Cloud: safe	unknown
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/download.aspx?UniqueId=1af0a460%2D0888%2D41a0%2Dac4c%2D73df69fe3ef6	false	Avira URL Cloud: safe	unknown
https://mailustabucaedu-my.sharepoint.com/:u:/g/personal/stella_pabon_ustabuca_edu_co/EWCk8BqICKBBrExz32n-PvYBCVoLK4PToNCGKPT0vElGYg?e=w0tQWE	false		unknown
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_api/v2.0/sites/%7Bc34dbdef-40e8-4638-b217-6db2cdf8fd5b%7D/lists/%7B74463084-87e5-4e57-b11b-9820afa05836%7D/items/delta?token=latest	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co	chromecache_834.1.dr	false	Avira URL Cloud: safe	unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-light.woff	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semilight.woff2	chromecache_806.1.dr	false		high
https://support.office.com/en-us/article/Manage-lists-and-libraries-with-many-items-b8588dae-9387-48	chromecache_583.1.dr, chromecache_721.1.dr, chromecache_688.1.dr, chromecache_922.1.dr, chromecache_996.1.dr, chromecache_555.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/leelawadeeui-thai/leelawadeeui-regula	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-light.woff	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semibold.woff2	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-semibold.w	chromecache_806.1.dr	false		high
https://floodgatesurveyschema.svc.cloud.microsoft/be998278-ae33-41a3-a032-f8020d1a9379/0777467b-557e	chromecache_868.1.dr, chromecache_687.1.dr	false		high
http://www.opensource.org/licenses/mit-license.php	chromecache_651.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-bold.woff	chromecache_806.1.dr	false		high
https://northcentralus1-medias.svc.ms	chromecache_967.1.dr, chromecache_746.1.dr, chromecache_617.1.dr, chromecache_674.1.dr, chromecache_567.1.dr, chromecache_785.1.dr, chromecache_638.1.dr, chromecache_855.1.dr	false	Avira URL Cloud: safe	unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-light.woff2	chromecache_806.1.dr	false		high
https://onedrive.live.com/?gologin=1	chromecache_834.1.dr, chromecache_932.1.dr, chromecache_545.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.wo	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-regular.woff2	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-light.woff2	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-light.woff2	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-bold.woff	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semibold.woff	chromecache_806.1.dr	false		high
https://my.microsoftpersonalcontent.com	chromecache_567.1.dr, chromecache_996.1.dr, chromecache_741.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-semilight.	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semibold.woff2	chromecache_806.1.dr	false		high
https://make.test.powerautomate.com	chromecache_722.1.dr, chromecache_719.1.dr	false	Avira URL Cloud: safe	unknown
https://1drv.com/	chromecache_967.1.dr, chromecache_746.1.dr, chromecache_674.1.dr, chromecache_785.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-bold.wof	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-light.woff	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-bold.woff	chromecache_806.1.dr	false		high
https://substrate.office.com	chromecache_967.1.dr, chromecache_746.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-regular.woff	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-regular.woff2	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-bold.woff2	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-regular.woff	chromecache_806.1.dr	false		high
https://onedrive.dev.cloud.microsoft	chromecache_975.1.dr, chromecache_686.1.dr	false	Avira URL Cloud: safe	unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-bold.woff2	chromecache_806.1.dr	false		high
https://www.office.com/login?prompt=select_account&ru=%2Flaunch%2Fonedrive	chromecache_545.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-regular.	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-light.wo	chromecache_806.1.dr	false		high
https://outlook.office.com/search	chromecache_562.1.dr, chromecache_922.1.dr, chromecache_996.1.dr, chromecache_741.1.dr	false		high
https://www.office.com/login?ru=%2Flaunch%2F$	chromecache_932.1.dr	false		high
https://shellppe.msocdn.com	chromecache_967.1.dr, chromecache_746.1.dr	false	Avira URL Cloud: safe	unknown
https://make.powerautomate.com	chromecache_722.1.dr, chromecache_719.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semibold.woff	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-semibold.wof	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-bold.woff2	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-easteuropean/segoeui-semiligh	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-semilight.woff	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-regular.wo	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/leelawadeeui-thai/leelawadeeui-bold.w	chromecache_806.1.dr	false		high
https://microsoft.spfx3rdparty.com	chromecache_979.1.dr, chromecache_738.1.dr, chromecache_1007.1.dr, chromecache_629.1.dr	false		high
https://onedrive.live.com/_layouts/15/odcauth.aspx	chromecache_979.1.dr, chromecache_738.1.dr, chromecache_1007.1.dr, chromecache_629.1.dr	false		high
https://reactjs.org/link/react-polyfills	chromecache_725.1.dr	false		high
https://login.microsoftonline.com	chromecache_979.1.dr, chromecache_738.1.dr, chromecache_1007.1.dr, chromecache_629.1.dr	false		high
https://onedrive.cloud.microsoft	chromecache_975.1.dr, chromecache_686.1.dr	false	Avira URL Cloud: safe	unknown
https://shellprod.msocdn.com	chromecache_967.1.dr, chromecache_746.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-regular.woff2	chromecache_806.1.dr	false		high
https://www.office.com/login?prompt=select_account&ru=%2Flaunch%2F$	chromecache_932.1.dr	false		high
https://centralus1-mediad.svc.ms	chromecache_967.1.dr, chromecache_746.1.dr, chromecache_674.1.dr, chromecache_785.1.dr	false	Avira URL Cloud: safe	unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-cyrillic/segoeui-semilight.wo	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-regular.woff	chromecache_806.1.dr	false		high
https://make.preprod.powerautomate.com	chromecache_722.1.dr, chromecache_719.1.dr	false	Avira URL Cloud: safe	unknown
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semibold.woff2	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-vietnamese/segoeui-bold.woff2	chromecache_806.1.dr	false		high
https://portal.office.com/	chromecache_967.1.dr, chromecache_746.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-bold.woff	chromecache_806.1.dr	false		high
https://clients.config.office.net/user/v1.0/web/policies	chromecache_967.1.dr, chromecache_746.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-light.woff	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-semilight.woff	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-arabic/segoeui-semilight.woff	chromecache_806.1.dr	false		high
http://fb.me/use-check-prop-types	chromecache_727.1.dr, chromecache_999.1.dr, chromecache_611.1.dr, chromecache_912.1.dr, chromecache_622.1.dr, chromecache_661.1.dr	false		high
https://mailustabucaedu-my.sharepoint.com:443/_api/v2.0/drives/b	chromecache_834.1.dr	false	Avira URL Cloud: safe	unknown
https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js	chromecache_834.1.dr, chromecache_545.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-light.woff	chromecache_806.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-hebrew/segoeui-light.woff2	chromecache_806.1.dr	false		high
https://livefilestore.com/	chromecache_967.1.dr, chromecache_746.1.dr, chromecache_674.1.dr, chromecache_785.1.dr	false		high
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-greek/segoeui-regular.woff	chromecache_806.1.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.107.138.10	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.136.10	dual-spo-0005.spo-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.181.68	www.google.com	United States	15169	GOOGLEUS	false
52.98.61.50	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.98.61.34	ooc-g2.tm-4.office.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.110.18.199	mira-ofc.tm-4.office.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1576369
Start date and time:	2024-12-16 22:17:31 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 5m 9s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://mailustabucaedu-my.sharepoint.com/:u:/g/personal/stella_pabon_ustabuca_edu_co/EWCk8BqICKBBrExz32n-PvYBCVoLK4PToNCGKPT0vElGYg?e=w0tQWE
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	15
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.expl.win@23/757@40/8
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.21.35, 172.217.19.238, 64.233.162.84, 172.217.17.46, 104.121.26.245, 95.100.135.104, 95.100.135.49, 95.100.135.75, 95.100.135.72, 95.100.135.10, 95.100.135.98, 95.100.135.50, 95.100.135.51, 95.100.135.8, 216.58.208.234, 52.168.117.175, 23.32.238.168, 23.32.238.209, 52.168.112.67, 172.217.17.42, 142.250.181.106, 172.217.19.234, 172.217.17.74, 172.217.19.10, 172.217.19.202, 142.250.181.138, 142.250.181.74, 142.250.181.10, 20.42.73.26, 52.113.194.132, 20.42.73.28, 95.100.135.65, 13.107.6.163, 172.217.17.35, 95.100.135.121, 13.89.179.8, 13.107.42.16, 13.107.6.156, 104.126.36.248, 104.126.37.9, 104.126.37.202, 104.126.36.27, 23.218.208.109, 4.175.87.197, 52.123.243.11
Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, res-1.cdn.office.net, browser.events.data.trafficmanager.net, mobile.events.data.microsoft.com, clients2.google.com, config-edge-skype.l-0007.l-msedge.net, shell.cdn.office.net, onedscolprdeus09.eastus.cloudapp.azure.com, update.googleapis.com, l-0007.l-msedge.net, ecs.office.com, e40491.dscg.akamaiedge.net, fs.microsoft.com, content-autofill.googleapis.com, portal-office365-com.b-0004.b-msedge.net, e19254.dscg.akamaiedge.net, onedscolprdeus19.eastus.cloudapp.azure.com, s-0005-office.config.skype.com, shell.cdn.office.net-c.edgekey.net.globalredir.akadns.net, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, res-prod.trafficmanager.net, owamail.public.cdn.office.net.edgekey.net, s-0005.s-msedge.net, translate.googleapis.com, onedscolprdeus04.eastus.cloudapp.azure.com, owamail.public.cdn.office.net.edgekey.net.globalredir.akadns.net, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net, ecs.offi
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://mailustabucaedu-my.sharepoint.com/:u:/g/personal/stella_pabon_ustabuca_edu_co/EWCk8BqICKBBrExz32n-PvYBCVoLK4PToNCGKPT0vElGYg?e=w0tQWE

Input	Output
URL: https://mailustabucaedu-my.sharepoint.com Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": true, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": false, "third_party_hosting": false }
URL: https://mailustabucaedu-my.sharepoint.com
URL: https://mailustabucaedu-my.sharepoint.com/personal... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be a performance measurement utility, which is a common and legitimate practice. It uses the `window.performance.now()` or `Date.now()` methods to record timestamps for various performance stages, and optionally calls `window.performance.mark()` to create performance marks. This functionality is typically used for monitoring and optimizing web application performance, and does not exhibit any high-risk behaviors." }
if(!spfxPerfMarks){var spfxPerfMarks = {};} var markPerfStage=function(key) {if(window.performance && typeof window.performance.now === 'function'){spfxPerfMarks[key]=window.performance.now();} else{spfxPerfMarks[key]=Date.now();} if (window.performance && typeof window.performance.mark === 'function') {window.performance.mark(key);}};
URL: https://mailustabucaedu-my.sharepoint.com/personal... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a configuration object for SharePoint, containing various properties related to the user's context and environment. While it includes some potentially sensitive information like access tokens, the overall behavior seems to be related to legitimate SharePoint functionality and does not exhibit any high-risk indicators. The script is likely used for internal SharePoint operations and does not pose a significant security risk." }
var _spPageContextInfo={"ListCountLimit":0,"FieldCountLimit":0,"ClientPrefetchBehavior":0,"IsConsumerListsPaidUser":false,"IsConsumerFilesPaidUser":false,"siteDisabled":false,"isCommonDomainRequestContext":false,"webServerRelativeUrl":"/personal/stella_pabon_ustabuca_edu_co","webServerRelativeUrlLegacy":"","webAbsoluteUrl":"https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co","webAbsoluteUrlLegacy":"","viewId":"","webPropertyFlags2":0,"listId":"{74463084-87e5-4e57-b11b-9820afa05836}","listTemplateId":"","listPermsMask":{"High":48,"Low":134287360},"listUrl":"/personal/stella_pabon_ustabuca_edu_co/Documents","listUrlLegacy":"","listTitle":"Documentos","listBaseTemplate":700,"listBaseType":1,"listForceCheckout":false,"draftVersionVisibilityType":0,"thirdPartyReplyUrisUpdated":false,"ariaCollectorUrl":"https://browser.pipe.aria.microsoft.com/Collector/3.0/","secureBrokerDomainName":"securebroker.sharepointonline.com","oneDsCollectorUrl":"https://mobile.events.data.microsoft.com/OneCollector/1.0/","driveInfo":{".accessToken":"access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvbWFpbHVzdGFidWNhZWR1LW15LnNoYXJlcG9pbnQuY29tQGY1N2E1OTQ5LTM3MzgtNDFlZi1hODZlLTAwNDkwYzA4Y2NiNSIsImlzcyI6IjAwMDAwMDAzLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCIsIm5iZiI6MTczNDM4MzkwMywiZXhwIjoxNzM0NDA1NTAzLCJpc2xvb3BiYWNrIjoiVHJ1ZSIsIm5hbWVpZCI6IjAjLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzkiLCJuaWkiOiJtaWNyb3NvZnQuc2hhcmVwb2ludCIsImlzdXNlciI6InRydWUiLCJjYWNoZWtleSI6IjBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzkiLCJ0dCI6IjAiLCJ1c2VQZXJzaXN0ZW50Q29va2llIjoiMiJ9.H3bSuQ-uUSX9jztj-mhV5PiwGLHbCeigFjwpgmTKNzU\u0026prooftoken=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6InVYZWhRSlBsZVZqTkNiYWtVaEdENkl5RlFRayJ9.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDBAKiIsImlzcyI6IjAwMDAwMDAzLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMEAqIiwibmJmIjoiMTczNDMxNTg3MiIsImV4cCI6IjE3MzQ5MjA2NzIiLCJwcmYiOiJMN1JVbnJpRVIvOGc4TWdRdTRha21EYjJVWnYzRXMzRXVyOHQ5K0ZQSHRMK0tQczZFckh1ZzBXeGpVdkVsY2VVQitCZHNlUjNVUFBHa2NQSUl6Q1VoS3VjcnNlMnk2MHhyK2pWU1E2dGNKYWRNd294V1cwOExxMWhDamVEQlVzZHp2a0tyM1BiTk1ZQnVqb2NIY1FXeUdWUlo0NHBCYzZCZzN1d2lzN1d3c0VKeDlBbVRSSEZKUXFIeXpnYmc0aXN4c2pDWEZmNzI3eXRPUWVNYXoveUZvWGdOOXpyek5HMU01VTc4c0tEcTJLYkIvYXdOdzJhWExUZGRuU0JxVmM5UjhTY3lycFB3aUJRQkVKNkxadmxxZlZHRk1oYzZzNTlDRVlBeWtELzluR0JUMlRUbkZYdW9IZHJTQ2hEcjZQdHFscHBnMjIzVWY5Y1BMZWtqd0FxQ2c9PSIsImlzdXNlciI6InRydWUiLCJmaWQiOiIyMDE0MTAifQ.ZT6Za2raL6PZ3cYOx_ZAqvfIfsgNAC_6FR6R7kngto4BMACWKUu3LVMJ_zgbQkCIKDZ8aSxRLuvPX4WrQONuYwWOlxM1AFSv20vyoN3koXWfURA9ZqsnQ_5sETYmLkexy-0ijZrY5xdeyNC7Ss_-K4PSWmylhYUrWqdouiLvNvIi9zlWNJCjF5h_nHss7ofKloC1fu19L6QONQ4JcfEyb4l4kZpkEeVXXkY7DxBNPbnJK_TIbGGLCNuGOVPmwV0KmtD_CkR1HzaUj-OCN6RBrFvfwRkrF0zIOTb-t-JMnWG2t6v0wvKNYLdNPX_sqv1mM0pBDmfKBOwPwRYA-KAZrA",".driveUrl":"https://mailustabucaedu-my.sharepoint.com/_api/v2.0/drives/b!771Nw-hAOEayF22yzfj9W7h_l4qL2F5BhrInUw8hAguEMEZ05YdXTrEbmCCvoFg2",".driveAccessToken":"access_token=v1.eyJzaXRlaWQiOiJjMzRkYmRlZi00MGU4LTQ2MzgtYjIxNy02ZGIyY2RmOGZkNWIiLCJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvbWFpbHVzdGFidWNhZWR1LW15LnNoYXJlcG9pbnQuY29tQGY1N2E1OTQ5LTM3MzgtNDFlZi1hODZlLTAwNDkwYzA4Y2NiNSIsImV4cCI6IjE3MzQ0MDU1MDMifQ.CiMKCXNoYXJpbmdpZBIWallmTjVEMUU1a3VxeWhJVEVzUEk0QQoJCgRzbmlkEgE5EgsIsszly6aIzz0QBRoMOC40Ni4xMjMuMTg5IhRtaWNyb3NvZnQuc2hhcmVwb2ludCosdXlaL1pJTUhvSjEra2N2dngyaTdweWFwM2tUbmV6NUlIMkJPS0VMOUF2bz0wfTgBQhChbjgvr1AAAF2VNk8h_MnGShBoYXNoZWRwcm9vZnRva2VuYgR0cnVlcmEwaC5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiM2OWNiZTQ3YTc2NzQ0ZjM3Nzk5ZjkzMTdmZmJlYzRiYTllZjEwYTdiNWJkOTVlNTlhNjhlMzJmMmQ1MDNmY2M5egEwwgFhMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOcgBAQ.vFzT1PgwZkmrKEDU--NJQ2D6g-PgeFinbHRLa816KSs",".driveAccessTokenV21"
URL: https://mailustabucaedu-my.sharepoint.com/personal... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a configuration object for SharePoint, containing various properties related to the user's context and environment. While it includes some potentially sensitive information like access tokens, the overall behavior seems to be related to legitimate SharePoint functionality and does not exhibit any high-risk indicators. The script is likely used for internal SharePoint operations and does not pose a significant security risk." }
var _spPageContextInfo={"ListCountLimit":0,"FieldCountLimit":0,"ClientPrefetchBehavior":0,"IsConsumerListsPaidUser":false,"IsConsumerFilesPaidUser":false,"siteDisabled":false,"isCommonDomainRequestContext":false,"webServerRelativeUrl":"/personal/stella_pabon_ustabuca_edu_co","webServerRelativeUrlLegacy":"","webAbsoluteUrl":"https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co","webAbsoluteUrlLegacy":"","viewId":"","webPropertyFlags2":0,"listId":"{74463084-87e5-4e57-b11b-9820afa05836}","listTemplateId":"","listPermsMask":{"High":48,"Low":134287360},"listUrl":"/personal/stella_pabon_ustabuca_edu_co/Documents","listUrlLegacy":"","listTitle":"Documentos","listBaseTemplate":700,"listBaseType":1,"listForceCheckout":false,"draftVersionVisibilityType":0,"thirdPartyReplyUrisUpdated":false,"ariaCollectorUrl":"https://browser.pipe.aria.microsoft.com/Collector/3.0/","secureBrokerDomainName":"securebroker.sharepointonline.com","oneDsCollectorUrl":"https://mobile.events.data.microsoft.com/OneCollector/1.0/","driveInfo":{".accessToken":"access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvbWFpbHVzdGFidWNhZWR1LW15LnNoYXJlcG9pbnQuY29tQGY1N2E1OTQ5LTM3MzgtNDFlZi1hODZlLTAwNDkwYzA4Y2NiNSIsImlzcyI6IjAwMDAwMDAzLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCIsIm5iZiI6MTczNDM4Mzg4NiwiZXhwIjoxNzM0NDA1NDg2LCJpc2xvb3BiYWNrIjoiVHJ1ZSIsIm5hbWVpZCI6IjAjLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzkiLCJuaWkiOiJtaWNyb3NvZnQuc2hhcmVwb2ludCIsImlzdXNlciI6InRydWUiLCJjYWNoZWtleSI6IjBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzkiLCJ0dCI6IjAiLCJ1c2VQZXJzaXN0ZW50Q29va2llIjoiMiJ9.MWMsBKRznrrKerjovnRQ0sUMiackGzPZ-8hBRhbRfJw\u0026prooftoken=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6InVYZWhRSlBsZVZqTkNiYWtVaEdENkl5RlFRayJ9.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDBAKiIsImlzcyI6IjAwMDAwMDAzLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMEAqIiwibmJmIjoiMTczNDMxOTYwMCIsImV4cCI6IjE3MzQ5MjQ0MDAiLCJwcmYiOiJESG9IdHFuMTF2ME1ocko4ZkFUTHZXSXJhYlZ3QWplSk9nY0VGQXhNamZGUFBjRFRyNkpDc2JSbGVhZjhtT1Y4TU0yakYvc2d5ZEdRVUNmSjBhNERtOGJXTm9QNHM4Y0xhUGt6RU1OV0dNM09NMTFUZGNXRWtwUldOL3lFb0JRTE1yZG1PSjFxYnpBRVpHT3JEV0xKZ3FFcjlCMjJRN29FUmVLbGkwdTBmYVUyWkRRNmFBZWhLd3kvMTJjVGppOWJPaGl3ck5qV1ArUUtQbWlKYmJZQkJQckdPcE1nME5yYU5vT1JWL0t5cnFINjdlanBzazdZaTJrWmNkcG1TNmh3Vk5ZdVZzWUVRN2dWYTZrNElWZnM5RTI4ckJDSytydjNhdjZyUHFtbXpSK3pFa05BSnV6cTNrK3R0WVhPY0FaSHdaVkN4YVlXbkRGbHJGYXNOcWwzYVE9PSIsImlzdXNlciI6InRydWUiLCJmaWQiOiIyMDE0MTAifQ.LUxE7WHEVucitVTAikhxqG24bpx7QIOk4fqITPyTsjP2AHlPNWjBtr1lYAs7MP-_pLgnSgqsKaNpdSMCqcMpkLOKsc6g9yAm_elRwlz27NDjli_VzV92TkWIqCngauXXcM5sVJ_FsG3AqEF60Glbaw6yejTS3kvwje_YSpANPDzOAdVsLuWr1N-_oLTVLWn_ugNj92G3S1hsFOlne7hPKT-LHpiKcWO_i8L2MygYIsaMXxPBNd4j1AB4WbZdowFocE2WpZIg3pjBmtULDi_Hbr5cPzEeaO1YEhFpp--LJdDNIwoM6iRrDsFfsrHA-E6fPNhyxnLHDBmI0KCA-q1ZVg",".driveUrl":"https://mailustabucaedu-my.sharepoint.com/_api/v2.0/drives/b!771Nw-hAOEayF22yzfj9W7h_l4qL2F5BhrInUw8hAguEMEZ05YdXTrEbmCCvoFg2",".driveAccessToken":"access_token=v1.eyJzaXRlaWQiOiJjMzRkYmRlZi00MGU4LTQ2MzgtYjIxNy02ZGIyY2RmOGZkNWIiLCJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvbWFpbHVzdGFidWNhZWR1LW15LnNoYXJlcG9pbnQuY29tQGY1N2E1OTQ5LTM3MzgtNDFlZi1hODZlLTAwNDkwYzA4Y2NiNSIsImV4cCI6IjE3MzQ0MDU0ODYifQ.CiMKCXNoYXJpbmdpZBIWallmTjVEMUU1a3VxeWhJVEVzUEk0QQoJCgRzbmlkEgE5EgsIqvbvqqWIzz0QBRoMOC40Ni4xMjMuMTg5IhRtaWNyb3NvZnQuc2hhcmVwb2ludCosdXlaL1pJTUhvSjEra2N2dngyaTdweWFwM2tUbmV6NUlIMkJPS0VMOUF2bz0wfTgBQhChbjgrkLAAAFHBNtcWX1t9ShBoYXNoZWRwcm9vZnRva2VuYgR0cnVlcmEwaC5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiM2OWNiZTQ3YTc2NzQ0ZjM3Nzk5ZjkzMTdmZmJlYzRiYTllZjEwYTdiNWJkOTVlNTlhNjhlMzJmMmQ1MDNmY2M5egEwwgFhMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOcgBAQ.FKpmTj119B14WosFx3UvJLtzEUh9rWPmElXFm1WEFgc",".driveAccessTokenV21"
URL: https://mailustabucaedu-my.sharepoint.com/personal... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be a fallback mechanism for loading a critical script for the Office 365 suite navigation. It listens for the 'load' and 'error' events on the 'SuiteNavShellCore' element, and if an error occurs, it dynamically creates a new script element and appends it to the document head. This behavior is likely a legitimate part of the Office 365 application and does not demonstrate any high-risk indicators. The script is interacting with known, trusted domains (e.g., 'shell.cdn.office.net') and is not exhibiting any suspicious or malicious activities." }
window.document.getElementById('SuiteNavShellCore').addEventListener('load', function() { (typeof markPerfStage === 'function' && markPerfStage('suiteNavScriptAsyncEnd')); if (window.executeSuiteNavOnce) { window.executeSuiteNavOnce() } window.shellCoreLoaded = true; });window.document.getElementById('SuiteNavShellCore').addEventListener('error', function() { var scriptElem = document.getElementById('SuiteNavShellCore'); scriptElem.parentNode.removeChild(scriptElem); var newScript = document.createElement('script'); newScript.setAttribute('type', 'text/javascript'); newScript.setAttribute('id', 'SuiteNavShellCore'); newScript.setAttribute('src', 'https://shell.cdn.office.net/api/ShellBootstrapper/business/OneShell'); newScript.setAttribute('crossorigin', 'anonymous'); newScript.async = true; newScript.addEventListener('load', function() { (typeof markPerfStage === 'function' && markPerfStage('suiteNavScriptAsyncEnd')); if (window.executeSuiteNavOnce) { window.executeSuiteNavOnce() } window.shellCoreLoaded = true; }); newScript.addEventListener('error', function() { window.o365ShellScriptLoadError = arguments[0]; (typeof markPerfStage === 'function' && markPerfStage('suiteNavScriptError')); if (window.executeSuiteNavOnce) { window.executeSuiteNavOnce() } window.shellCoreLoadError = true; }); document.head.appendChild(newScript); });
URL: https://mailustabucaedu-my.sharepoint.com/personal... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be related to rendering the Office 365 suite navigation, which is a legitimate functionality. It sets up several Promise objects to handle the loading and rendering of the suite navigation, and it also defines some theme data for the navigation. While it uses some dynamic code execution techniques, such as creating a new `Promise` object, this is a common practice in modern JavaScript development and does not necessarily indicate malicious intent. The script does not exhibit any high-risk behaviors, such as data exfiltration or redirects to suspicious domains. Overall, this script seems to be part of a legitimate Office 365 application and poses a low risk." }
window.o365ShellLoadPromiseResolve = undefined; window.o365ShellLoadPromiseReject = undefined; window.o365ShellRenderPromiseResolve = undefined; window.o365ShellRenderPromiseReject = undefined; window.o365ShellPostRenderPromiseResolve = undefined; window.o365ShellPostRenderPromiseReject = undefined; window.o365ShellLoadPromise = new Promise(function (loadResolve, loadReject) { window.o365ShellLoadPromiseResolve = loadResolve, window.o365ShellLoadPromiseReject = loadReject }); window.o365ShellRenderPromise = new Promise(function (renderResolve, renderReject) { window.o365ShellRenderPromiseResolve = renderResolve, window.o365ShellRenderPromiseReject = renderReject }); window.o365ShellPostRenderPromise = new Promise(function (prResolve,prReject) { window.o365ShellPostRenderPromiseResolve = prResolve, window.o365ShellPostRenderPromiseReject = prReject });var executeSuiteNav = function () {var suiteNavPlaceholder = document.createElement('div');suiteNavPlaceholder.id = 'SuiteNavPlaceholder';suiteNavPlaceholder.style = "min-height: 48px";document.body.insertBefore(suiteNavPlaceholder, document.body.firstChild);if (window.o365ShellScriptLoadError) {o365ShellLoadPromiseReject(window.o365ShellScriptLoadError);o365ShellRenderPromiseReject(new Error('SuiteNavLoadError'));o365ShellPostRenderPromiseReject(new Error('SuiteNavLoadError'));return; }o365ShellLoadPromiseResolve();var themeData = { Primary: 'transparent', AppName: '#424242', DefaultText: '#424242', DefaultBackground: 'transparent', HoverText: '#0F6CBD', HoverBackground: '#EBEBEB', SelectedText: '#0F6CBD', SelectedBackground: '#E0E0E0', PressedText: '#115EA3', PressedBackground: '#D6D6D6', SearchBoxBackgroundActive: '#FFFFFF', SearchBoxBackgroundInactive: '#FFFFFF' };var searchQueryViewParam = window.location.search.substring(1).split('&').filter(function (s) { return s.indexOf('q=')===0; })[0]; var searchQuery = searchQueryViewParam ? decodeURIComponent(searchQueryViewParam.substring(2)) : ''; (typeof markPerfStage === 'function' && markPerfStage('suiteNavRenderAsyncStart'));O365Shell.RenderAsync({top: 'SuiteNavPlaceholder', layout: 'Mouse', enableSearchUX: false, initialSearchUXVisibility: false, initialSearchUXPlaceholderText: 'Buscar', initia
URL: https://mailustabucaedu-my.sharepoint.com/personal... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a legitimate implementation of the Office 365 Shell, which is a common component used in Microsoft Office web applications. The code sets up several promises related to the shell's loading and rendering, and it configures the shell's appearance and behavior. While the code uses some dynamic techniques like `Promise` and `window` variables, these are common practices in modern JavaScript development and do not indicate any inherent security risks. The script seems to be focused on rendering the Office 365 suite navigation, which is a standard functionality. Overall, the code exhibits low-risk indicators and appears to be a benign implementation of a well-known Microsoft component." }
window.o365ShellLoadPromiseResolve = undefined; window.o365ShellLoadPromiseReject = undefined; window.o365ShellRenderPromiseResolve = undefined; window.o365ShellRenderPromiseReject = undefined; window.o365ShellPostRenderPromiseResolve = undefined; window.o365ShellPostRenderPromiseReject = undefined; window.o365ShellLoadPromise = new Promise(function (loadResolve, loadReject) { window.o365ShellLoadPromiseResolve = loadResolve, window.o365ShellLoadPromiseReject = loadReject }); window.o365ShellRenderPromise = new Promise(function (renderResolve, renderReject) { window.o365ShellRenderPromiseResolve = renderResolve, window.o365ShellRenderPromiseReject = renderReject }); window.o365ShellPostRenderPromise = new Promise(function (prResolve,prReject) { window.o365ShellPostRenderPromiseResolve = prResolve, window.o365ShellPostRenderPromiseReject = prReject });var executeSuiteNav = function () {var suiteNavPlaceholder = document.createElement('div');suiteNavPlaceholder.id = 'SuiteNavPlaceholder';suiteNavPlaceholder.style = "min-height: 48px";document.body.insertBefore(suiteNavPlaceholder, document.body.firstChild);if (window.o365ShellScriptLoadError) {o365ShellLoadPromiseReject(window.o365ShellScriptLoadError);o365ShellRenderPromiseReject(new Error('SuiteNavLoadError'));o365ShellPostRenderPromiseReject(new Error('SuiteNavLoadError'));return; }o365ShellLoadPromiseResolve();var themeData = { Primary: 'transparent', AppName: '#424242', DefaultText: '#424242', DefaultBackground: 'transparent', HoverText: '#0F6CBD', HoverBackground: '#EBEBEB', SelectedText: '#0F6CBD', SelectedBackground: '#E0E0E0', PressedText: '#115EA3', PressedBackground: '#D6D6D6', SearchBoxBackgroundActive: '#FFFFFF', SearchBoxBackgroundInactive: '#FFFFFF' };var searchQueryViewParam = window.location.search.substring(1).split('&').filter(function (s) { return s.indexOf('q=')===0; })[0]; var searchQuery = searchQueryViewParam ? decodeURIComponent(searchQueryViewParam.substring(2)) : ''; (typeof markPerfStage === 'function' && markPerfStage('suiteNavRenderAsyncStart'));O365Shell.RenderAsync({top: 'SuiteNavPlaceholder', layout: 'Mouse', enableSearchUX: false, initialSearchUXVisibility: false, initialSearchUXPlaceholderText: 'Buscar', initialSearchUXSearchText: searchQuery, enableDelayLoading: true, collapseO365Settings: false, disableDelayLoad: false, disableShellPlus: false, isThinHeader: true, enableLegacyResponsiveBehavior: false, expectSearchBoxSettings: true, darkAccent: '#82C7FF', shellAuthProviderConfig: { type: 'webAadWithMsaProxy', login_Hint: 'urn:spo:anon#69cbe47a76744f37799f9317ffbec4ba9ef10a7b5bd95e59a68e32f2d503fcc9', appSignInUrl: 'https://www.office.com/login?prompt=select_account&ru=%2Flaunch%2Fonedrive', appSignOutUrl: 'https:\u002f\u002fmailustabucaedu-my.sharepoint.com\u002fpersonal\u002fstella_pabon_ustabuca_edu_co/_layouts/15/SignOut.aspx', appSwitchUrl: 'https://www.office.com/login?prompt=select_account&ru=%2Flaunch%2Fonedrive', appSwitchToUrl: function(params) { var n = params && params.nextAccount; if(!n) { return ''; } return (!n.type \|\| n.type.toLowerCase() === 'aad' ? 'https://www.office.com/login?ru=%2Flaunch%2Fonedrive' : 'https://onedrive.live.com/?gologin=1') + (n.memberName ? '&login_hint=' + encodeURIComponent(n.memberName) : ''); }, aad: { appId: '00000003-0000-0ff1-ce00-000000000000', wreply: 'https:\u002f\u002fmailustabucaedu-my.sharepoint.com\u002f_forms\u002fdefault.aspx' }, msa: { siteId:'250206', wreply: 'https:\u002f\u002fmailustabucaedu-my.sharepoint.com\u002f_forms\u002fdefault.aspx' } }, shellDataOverrides: {AccountSwitchingEnabled: true,DisableMASTPopup: true,RoundedCornersSearchBoxEnabled: true, }, supportShyHeaderMode: true, shyHeaderActivationHeight:480, initialRenderData: {
URL: https://mailustabucaedu-my.sharepoint.com/personal... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be a legitimate function that executes a suite navigation feature once, with checks to ensure it is not executed multiple times or in certain specific scenarios. The script does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or redirects to suspicious domains. The script is primarily focused on managing the execution of the suite navigation functionality, which is a common and expected behavior in web applications. While the script uses some legacy practices like `window.location.search.substring(1).split('&')`, these are low-risk indicators and do not raise significant security concerns. Overall, the script seems to be part of a larger application and does not demonstrate any malicious intent or high-risk activities." }
window.executeSuiteNavOnce = function () { if (!window.hasSuiteNavExecuted && !!window.O365Shell) { (typeof markPerfStage === 'function' && markPerfStage('executeSuiteNavOnceStart')); var params = window.location.search.substring(1).split('&') \|\| []; var shouldExecuteSuiteNav = true; shouldExecuteSuiteNav &= params.indexOf('p=2') === -1; shouldExecuteSuiteNav &= params.indexOf('p=12') === -1; shouldExecuteSuiteNav &= params.indexOf('cl=true') === -1; shouldExecuteSuiteNav &= params.filter(function (x) { return x.indexOf('parent') === 0; }).length === 0 \|\| params.indexOf('p=5') !== -1; try { shouldExecuteSuiteNav &= window.parent === window \|\| window.parent.g_enableSuiteNavInIframe === true; } catch(err) { shouldExecuteSuiteNav = false; } if (shouldExecuteSuiteNav) { executeSuiteNav(); window.hasSuiteNavExecuted = true; } (typeof markPerfStage === 'function' && markPerfStage('executeSuiteNavOnceEnd')); window.isSuiteNavDisabled = !window.hasSuiteNavExecuted; } } executeSuiteNavOnce();
URL: https://mailustabucaedu-my.sharepoint.com/personal... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a configuration object for the 'FabricConfig' and '__odsp_culture' variables. It also includes a set of SRI (Subresource Integrity) hashes for various resources. While the snippet contains some potentially sensitive information, such as the culture setting and SRI hashes, there are no clear indicators of high-risk behaviors like dynamic code execution, data exfiltration, or malicious redirects. The script seems to be related to a legitimate web application or framework, and the observed behaviors are consistent with typical configuration and resource management tasks. Therefore, the overall risk score is assessed as low." }
var g_responseEnd = new Date().getTime();window.performance && performance.mark('EUPL.W3CResponseEnd');window['FabricConfig'] = { fontBaseUrl: ''};window['__odsp_culture'] = 'es';window['__odspSriHashes'] = {"0":"sha256-VMwr0YOO7PLF8xJ+nA9JYkWs45sZpe1vTnzDaRAWyz0=","1":"sha256-JClbcvMa8qwvGmgYVp9AT1RzKYns5UQp4s3JqlsJBxw=","2":"sha256-Kyco/DmXedlIohdFf6ML1l62Ttepdis2Z5XXRKhwMOA=","3":"sha256-eFp1vFunfGFlMmKIN34YNaRusYWRL1SiaJhWf9uivHU=","4":"sha256-2vWIp7aP9NGQiBrMsO3j3wSc+cxT4wbF3jhGkt2nDs4=","5":"sha256-wCJIZYBFtImmLb05uvpYELaXybwrhpv78vazHp5Gfsc=","6":"sha256-37P/DyEUuxrvUpbcZGxiQiUAZlWGtyf1bNjiUSHkoUE=","7":"sha256-4rj/q2L3TIXtC2KsWZ50xW+raLxB5RUgGsnvkpwMpgQ=","8":"sha256-gy20r3mtjYnOZisXfSnJxqCTBbxXuG674VnnK4o5mtY=","9":"sha256-hiiCFiyrjEwXwqICiAPZMLe68dYQ0C7V6XUTCX84Uoc=","10":"sha256-t95DBXh2fE9NeoZfZANZx5ZCCkZh5bYaSp/I5xplDao=","11":"sha256-SeiqZtQSu5r91vVHKGcBoLo8VWgl6ts+WS4PZ07rpYQ=","12":"sha256-zWJp1WjpeHd8aemvncfd82kxl/82tFFPKqBVPAefEZg=","13":"sha256-PjvtaAjiu71t9So7i2+8bZiqu51+Mf7scbc9WRgquQc=","14":"sha256-aMpJ9Xsj8G97qdWbu4IQYI1NdHHwrGiTi61DgO/92Sk=","15":"sha256-ItNKrHW2G88NJE5xt5MdjLZii0KFey87S9W2kX8GaOs=","16":"sha256-vkyK2J8vSEjGIL6yhiZicyzDo+f3sSym8esc7emhn0I=","17":"sha256-W+336/FhnBZxNaHuguVjQBS+M8I4CfuUFIYQouOqQbU=","18":"sha256-Ff4EdOrhbnfySkF+S89zpDOOqDuxh86+tsA6mqoW20I=","19":"sha256-I1oYYpy4Q1HthISdICiL2SBgTLbsC7rQjKYInDzQBBQ=","20":"sha256-iL/2p4lkFW1bJ8BZ9HODRj0MVjWtA7YT1O1mIx3FNrA=","21":"sha256-0imh24rrcETnn8qGEmNfIwvx3N0DR1mRBW/UvokaJI4=","22":"sha256-SA5A7fAFBKLTam4brBTFvXlHIo4+QGIcUtZN+BIYBT8=","23":"sha256-qdmv89NaDipMf+e0/uhRMxur0QO8icn2KCEP9aK7R4c=","24":"sha256-bl62KQas6BEkBAdE/+Zww+ysw0+s9Ixra5fzu4alugY=","25":"sha256-CN0fzCjhZQuuE9vJnHo4KKMhL4Ep2RFJQzz86rISNvg=","26":"sha256-jjixr2hO42UNdTST3a+kB/7mBGyeJwedGXTmq2Vum6Y=","27":"sha256-fH8FecjMnV18p83jfqmKye7MJbj66+AOCGDPf1fkSAs=","28":"sha256-+IhAWmf/dDqeRHFF4i1CuGUyO1v/tfmbFdIaRnTO0gc=","29":"sha256-vavDhHWd7W/WR6Gmitck0FLYt4eMn3VXgFuHfL9I/60=","30":"sha256-B8uIyMUzHqWhYwmeBkqLnBQI/obPCHIzSqmUOaonOh4=","31":"sha256-LVqUIwp/56K8Xf5lgruW+xDfGXt3YICUeyhLR6Hd8+Y=","32":"sha256-1BSzP/8xja1rXWO/mZQeeeYJoNnoiVeXGHqMNYVyjQU=","33":"sha256-4xvqkqQ42+Vde7ACtapj8kaGfyLr+RL0Xu0opnofJn0=","34":"sha256-I0iQkfG0Z2cek9cCGmLSH9IzHUvyIiGVJ7vEGevxC1U=","35":"sha256-a/kZY1nvl6ZeyzM+4U9y+nacaiPHPduzdLzyBoMZK44=","36":"sha256-88iPIChI4+yyyQiXMXRjXmSlWs0re/99WmoNCJWRGoU=","37":"sha256-2V5DDnGweDmGW8mohihtgOk1xoCa3sabUuSk2Z3C9g4=","38":"sha256-aHPQjK81Lr/a1PgKyFcDoryEptXOdNitoBaZvFNqivY=","39":"sha256-+sPQnkb6lXpreg5vfhkX0ayDDYGdy1R5tAWstsQTgfo=","40":"sha256-RD6n3s+PPGlQDIPX+oK7q6Ot2QKv9BN+VVKL7YJAFVM=","41":"sha256-IMk8yQqduMklZS3s1ofsXJx2KPLfx78G54iNGL93zlM=","42":"sha256-Lz6CacBdEYzbKSnr1HCvqNBHHSnPCds/pd6mW4LBHUo=","43":"sha256-Oh/xpwhNvpxJURj7rTX6HeGLY9tRVJ9/aERINiue/ZY=","44":"sha256-EPb5TKYlwFGCvdN3L72rnC4aDikej8O4WIpQZy6vaUE=","45":"sha256-6K0kxJHHyu1in0U+jwHbEQ6swGE9xPnEdW2Dh6T4lNw=","46":"sha256-DSQ6i7DL6kwrh4wgStC/+gL8suY5kcMnWxq10YQkDII=","47":"sha256-5M0K1dl8Qf+e8qrq2vJwL0N21fgOfCn5HxIMGyDiNgU=","48":"sha256-fyYdcl4z8xRPXooLzh5v6Zl881iRXdeu0+880u0JiHc=","49":"sha256-+J8+lXMpSBbiqvg9D6cglvNV3LAe0gX2hzKKPkM88Kk=","50":"sha256-yx8u3kJheSv6k4xB5Iz8gFEeqS1atGgDsrOtIAffENU=","51":"sha256-uT0Tmv9hSk4udQ7L8qRrsH9M8Zi7BWfmwL7ekcBfkco=","52":"sha256-+aAW7xLYDLgGqd2/r0FDtYPSN6dr7GBW1FMiK5fj484=","53":"sha256-NLcrJSvCeCCL1/jvQlxXex371dDQxWHGV4IIb8oR4rk=","54":"sha256-YiYAat6WBoXGaPVGdm7r5oFaWLlqe2Kr3NDzyCUfKg4=","55":"sha256-VDkvMQCaYvCPUNsVaKqP7ocSOiT2rVnw/T5cfY+Eabg=","56":"sha256-EZvJuaXER2Y4FaOpm4k4uhhpiIB0Z4tQxRH4s3bxyEc=","57":"sha256-Y8iASJQV54TJQFy7OySvJWQbEU93cSdziQaJShhbz+Y=","58":"sha256-0i+gOlqIpgl7qSRS3/Q7wzKL4+v0izRw4SkjnANuWrc=","59":"sha256-9ekGo63aSFlwGMUDVRd++nRhCoW4aMmD/Ix3au5WcoM=","60":"sha256-TWclcI7xUfrVaNRA0JMkscxJ3ZyblKPnhA0BqIudw9c=","61":"sha256-MRWX15G0yBo/uPmnLH/wmJo7hjoakjklt4kTMJbkLDw=","62":"sha256-NLYKAijPWbkxa7OuOuG1FCWdIht6JtKS3IBVJ8mHrn8=","63":"sha256-3StmDhCmQivVrn3s40aZnvhk24zPbSpHuFupUCRVfCE=","64":"sha256-8LW6dWquLEXLJ6v
URL: https://mailustabucaedu-my.sharepoint.com/personal... Model: Joe Sandbox AI	{ "risk_score": 4, "reasoning": "The script demonstrates some moderate-risk behaviors, such as dynamic code execution and external data transmission, but it appears to be part of a legitimate web worker implementation. The script fetches and evaluates a web worker script, which is a common practice. However, the use of `eval` and the lack of transparency around the fetched script's contents warrant further review to ensure there are no malicious intentions." }
(function(global) { try { (typeof markPerfStage === 'function' && markPerfStage('spWorkerInit')); const code = "self._messageEvents = []; self.onmessage = function(evt) {self._messageEvents.push(evt);}; fetch(self.location.origin + '/_layouts/15/spwebworkerproxy.ashx').then(function(rsp) {if (rsp.ok) {return rsp.text();} else {return Promise.reject({msg: 'Failed to fetch web worker script.', status: rsp.status, statusText: rsp.statusText});}}).then(function(txt) {try {eval(txt);} catch(evalErr){return Promise.reject({msg: 'Failed to eval: ' + evalErr.toString()});}}).catch(function(err) {setTimeout(function() {throw new Error(JSON.stringify(err));});});"; const blob = new Blob([code], { type: 'text/javascript' }); const blobObjUrl = URL.createObjectURL(blob); global.__spWorker = new Worker(blobObjUrl, {name: 'SP Worker'}); global.__spWorker.addEventListener('message', function(ev) { if (ev.data === 'SPWebWorker started.') { (typeof markPerfStage === 'function' && markPerfStage('spWorkerStarted')); global.__spWorkerStarted = true; URL.revokeObjectURL(blobObjUrl); } }); global.__spWorker.onerror = function(er) { if (er.message.includes('Failed to fetch web worker script') \|\| er.message.includes('Failed to eval') \|\| er.message.includes('Failed to execute')) { global.__spWorkerStarted = false; global.__spWorkerError = er.message; global.__spWorker.terminate(); delete global.__spWorker; URL.revokeObjectURL(blobObjUrl); } }; } catch(e) {}})(self);
URL: https://mailustabucaedu-my.sharepoint.com/personal... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be related to rendering the Office 365 suite navigation, which is a legitimate functionality. It sets up some Promise-based variables and functions to handle the loading and rendering of the suite navigation. While it uses some dynamic code execution techniques, such as creating new DOM elements and manipulating the URL parameters, these are common practices for rendering a user interface and do not seem to have any malicious intent. The script also respects the user's search query and applies a predefined theme, which are typical behaviors for a navigation component. Overall, this script appears to be a benign implementation of a common web application feature." }
window.o365ShellLoadPromiseResolve = undefined; window.o365ShellLoadPromiseReject = undefined; window.o365ShellRenderPromiseResolve = undefined; window.o365ShellRenderPromiseReject = undefined; window.o365ShellPostRenderPromiseResolve = undefined; window.o365ShellPostRenderPromiseReject = undefined; window.o365ShellLoadPromise = new Promise(function (loadResolve, loadReject) { window.o365ShellLoadPromiseResolve = loadResolve, window.o365ShellLoadPromiseReject = loadReject }); window.o365ShellRenderPromise = new Promise(function (renderResolve, renderReject) { window.o365ShellRenderPromiseResolve = renderResolve, window.o365ShellRenderPromiseReject = renderReject }); window.o365ShellPostRenderPromise = new Promise(function (prResolve,prReject) { window.o365ShellPostRenderPromiseResolve = prResolve, window.o365ShellPostRenderPromiseReject = prReject });var executeSuiteNav = function () {var suiteNavPlaceholder = document.createElement('div');suiteNavPlaceholder.id = 'SuiteNavPlaceholder';suiteNavPlaceholder.style = "min-height: 48px";document.body.insertBefore(suiteNavPlaceholder, document.body.firstChild);if (window.o365ShellScriptLoadError) {o365ShellLoadPromiseReject(window.o365ShellScriptLoadError);o365ShellRenderPromiseReject(new Error('SuiteNavLoadError'));o365ShellPostRenderPromiseReject(new Error('SuiteNavLoadError'));return; }o365ShellLoadPromiseResolve();var themeData = { Primary: 'transparent', AppName: '#424242', DefaultText: '#424242', DefaultBackground: 'transparent', HoverText: '#0F6CBD', HoverBackground: '#EBEBEB', SelectedText: '#0F6CBD', SelectedBackground: '#E0E0E0', PressedText: '#115EA3', PressedBackground: '#D6D6D6', SearchBoxBackgroundActive: '#FFFFFF', SearchBoxBackgroundInactive: '#FFFFFF' };var searchQueryViewParam = window.location.search.substring(1).split('&').filter(function (s) { return s.indexOf('q=')===0; })[0]; var searchQuery = searchQueryViewParam ? decodeURIComponent(searchQueryViewParam.substring(2)) : ''; (typeof markPerfStage === 'function' && markPerfStage('suiteNavRenderAsyncStart'));O365Shell.RenderAsync({top: 'SuiteNavPlaceholder', layout: 'Mouse', enableSearchUX: false, initialSearchUXVisibility: false, initialSearchUXPlaceholderText: 'Buscar', initialSearchUXSearchText: searchQuer

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Dec 16 20:18:03 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.9884302485021363
Encrypted:	false
SSDEEP:	48:8PdzT7LEHgidAKZdA1FehwiZUklqehjy+3:8BDPoy
MD5:	88874F66ABFCD0A69AA54DE37AAA9032
SHA1:	2C41E5532B592615A84A7955D3E7AE8CD7F777E4
SHA-256:	EE67948A99FA2AFCE02F0B56AA05801BE539808D2BBC5EACEDDB2BC9352D0AB6
SHA-512:	2D0368B18AA41B3E3405396BF9C1CA30AEBDC9F182EF1EAE1311C5A1CCE6CD2064D9A5A439F79B81A3B2F2D9689F27F1A5AB6A50F6D75F71161CF6B4531DF7E2
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....~A..O..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y5.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.YA.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.YA.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.YA............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.YB............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............@.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Source: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?ga=1&id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe	HTTP Parser: No favicon
Source: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?ga=1&id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe	HTTP Parser: No favicon
Source: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?ga=1&id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe	HTTP Parser: No favicon

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.177.147
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.177.147
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.177.147
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.177.147
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	DNS traffic detected: DNS query: mailustabucaedu-my.sharepoint.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: spo.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: r4.res.office365.com
Source: global traffic	DNS traffic detected: DNS query: config.fp.measure.office.com
Source: global traffic	DNS traffic detected: DNS query: 6cb6ca53f05ef938d4d281237ebac2e0.fp.measure.office.com
Source: global traffic	DNS traffic detected: DNS query: m365cdn.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: tr-ofc-mira.office.com
Source: global traffic	DNS traffic detected: DNS query: upload.fp.measure.office.com
Source: global traffic	DNS traffic detected: DNS query: eastus1-mediap.svc.ms

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Dec 16, 2024 22:18:02.682710886 CET	53	56476	1.1.1.1	192.168.2.16
Dec 16, 2024 22:18:02.684577942 CET	53	53600	1.1.1.1	192.168.2.16
Dec 16, 2024 22:18:03.306983948 CET	62494	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:03.307177067 CET	57970	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:05.431957960 CET	53	60262	1.1.1.1	192.168.2.16
Dec 16, 2024 22:18:07.182266951 CET	51141	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:07.182410002 CET	52976	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:07.320689917 CET	53	52976	1.1.1.1	192.168.2.16
Dec 16, 2024 22:18:07.321868896 CET	53	51141	1.1.1.1	192.168.2.16
Dec 16, 2024 22:18:08.043035984 CET	53	49866	1.1.1.1	192.168.2.16
Dec 16, 2024 22:18:18.372649908 CET	53534	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:18.372858047 CET	56317	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:22.347948074 CET	53	57301	1.1.1.1	192.168.2.16
Dec 16, 2024 22:18:24.921967983 CET	62361	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:24.922276974 CET	51441	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:36.248130083 CET	53	53114	1.1.1.1	192.168.2.16
Dec 16, 2024 22:18:41.385687113 CET	53	60860	1.1.1.1	192.168.2.16
Dec 16, 2024 22:18:53.273911953 CET	59766	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:53.274063110 CET	55340	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:55.665159941 CET	65097	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:55.665411949 CET	57094	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:55.668495893 CET	64878	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:55.668657064 CET	53736	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:55.807329893 CET	53	53736	1.1.1.1	192.168.2.16
Dec 16, 2024 22:18:57.785861969 CET	59476	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:57.785999060 CET	51839	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:18:57.924041033 CET	53	51839	1.1.1.1	192.168.2.16
Dec 16, 2024 22:18:59.023250103 CET	138	138	192.168.2.16	192.168.2.255
Dec 16, 2024 22:19:02.458693981 CET	53	63463	1.1.1.1	192.168.2.16
Dec 16, 2024 22:19:04.227011919 CET	53	50620	1.1.1.1	192.168.2.16
Dec 16, 2024 22:19:07.797027111 CET	64153	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:07.797350883 CET	60018	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:08.121185064 CET	53	60018	1.1.1.1	192.168.2.16
Dec 16, 2024 22:19:08.277534962 CET	53	64153	1.1.1.1	192.168.2.16
Dec 16, 2024 22:19:11.058032990 CET	57143	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:11.058186054 CET	52646	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:11.196093082 CET	53	52646	1.1.1.1	192.168.2.16
Dec 16, 2024 22:19:11.196268082 CET	53	57143	1.1.1.1	192.168.2.16
Dec 16, 2024 22:19:18.374248028 CET	62444	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:18.374393940 CET	51206	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:18.374886036 CET	54742	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:18.374995947 CET	52344	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:18.375503063 CET	54950	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:18.375616074 CET	51615	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:19.044066906 CET	62161	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:19.044195890 CET	63892	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:19.277110100 CET	53	62161	1.1.1.1	192.168.2.16
Dec 16, 2024 22:19:19.337378979 CET	53	63892	1.1.1.1	192.168.2.16
Dec 16, 2024 22:19:20.300664902 CET	51221	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:20.300844908 CET	59149	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:22.114147902 CET	52543	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:22.114283085 CET	52682	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:22.251461029 CET	53	52682	1.1.1.1	192.168.2.16
Dec 16, 2024 22:19:22.253190041 CET	53	52543	1.1.1.1	192.168.2.16
Dec 16, 2024 22:19:24.871407032 CET	51074	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:24.871546030 CET	53298	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:25.189640999 CET	53	53298	1.1.1.1	192.168.2.16
Dec 16, 2024 22:19:27.009377956 CET	56924	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:27.009520054 CET	62518	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:27.147547960 CET	53	62518	1.1.1.1	192.168.2.16
Dec 16, 2024 22:19:34.157285929 CET	53	58301	1.1.1.1	192.168.2.16
Dec 16, 2024 22:19:47.915257931 CET	55751	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:47.915385962 CET	63747	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:58.332983971 CET	55446	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:58.333117962 CET	56079	53	192.168.2.16	1.1.1.1
Dec 16, 2024 22:19:58.560887098 CET	53	55446	1.1.1.1	192.168.2.16
Dec 16, 2024 22:19:58.645503044 CET	53	56079	1.1.1.1	192.168.2.16

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Dec 16, 2024 22:18:53.642635107 CET	192.168.2.16	1.1.1.1	c286	(Port unreachable)	Destination Unreachable
Dec 16, 2024 22:19:19.337450981 CET	192.168.2.16	1.1.1.1	c267	(Port unreachable)	Destination Unreachable
Dec 16, 2024 22:19:25.189726114 CET	192.168.2.16	1.1.1.1	c237	(Port unreachable)	Destination Unreachable
Dec 16, 2024 22:19:58.645631075 CET	192.168.2.16	1.1.1.1	c25d	(Port unreachable)	Destination Unreachable
Dec 16, 2024 22:20:02.292287111 CET	192.168.2.16	1.1.1.1	c327	(Port unreachable)	Destination Unreachable

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:05 UTC	775	OUT	GET /:u:/g/personal/stella_pabon_ustabuca_edu_co/EWCk8BqICKBBrExz32n-PvYBCVoLK4PToNCGKPT0vElGYg?e=w0tQWE HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-12-16 21:18:06 UTC	3913	IN	HTTP/1.1 302 Found Cache-Control: private Content-Length: 399 Content-Type: text/html; charset=utf-8 Location: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe&parent=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip&ga=1 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,1051136,0,13,6794629,0,1051136,6 X-SharePointHealthScore: 3 X-MS-SPO-CookieValidator: kFPtx/1YKK1EpSRbTlkhEUNUlxpq4bPEaP22IC1Gl5dLrW/KPI3ZMWLy7Y3P6Sth8M59WJceO3ZVfCiWNEV487QZKVU/vSCIJf3lYqidbglXX4/8pWX+xmcyuVKBzQg54S6ZHX2KubV08x7TdK9zeTMkEnB+7hUjrTyMHIch++4P8S+i3j6YYh9QZ7LEABta7/LEcNuLHNFpF32Dhk0u5tH3tTmaxuRHx8HyOfDuaCu+P36EKvNi+PA6mr47BNG6lxtDD6wsUdG+SuNdHYEmXZbSx5zmWVcghRoNnD+vusEiXh9o/5nROOMc2MgMP68KzLDBZDeh/4cacVEqkHcuzA== X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 2b386ea1-d063-0000-51c1-316e7213417e request-id: 2b386ea1-d063-0000-51c1-316e7213417e MS-CV: oW44K2PQAABRwTFuchNBfg.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5d&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; SPRequestDuration: 227 SPIisLatency: 4 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: A4AA7F1F24114C03A7BA14FA287F79E0 Ref B: EWR311000108021 Ref C: 2024-12-16T21:18:05Z Date: Mon, 16 Dec 2024 21:18:05 GMT Connection: close
2024-12-16 21:18:06 UTC	257	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6d 61 69 6c 75 73 74 61 62 75 63 61 65 64 75 2d 6d 79 2e 73 68 61 72 65 70 6f 69 6e 74 2e 63 6f 6d 2f 70 65 72 73 6f 6e 61 6c 2f 73 74 65 6c 6c 61 5f 70 61 62 6f 6e 5f 75 73 74 61 62 75 63 61 5f 65 64 75 5f 63 6f 2f 5f 6c 61 79 6f 75 74 73 2f 31 35 2f 6f 6e 65 64 72 69 76 65 2e 61 73 70 78 3f 69 64 3d 25 32 46 70 65 72 73 6f 6e 61 6c 25 32 46 73 74 65 6c 6c 61 25 35 46 70 61 62 6f 6e 25 35 46 75 73 74 61 62 75 63 61 25 35 46 65 64 75 25 35 46 63 6f 25 32 46 44 6f 63 75 6d 65 6e 74 73 25 Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:06 UTC	2106	OUT	GET /personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe&parent=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip&ga=1 HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:06 UTC	11206	IN	HTTP/1.1 200 OK Cache-Control: private Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 2,2102272,13284,1025,3330305,1714923,1714923,7 X-SharePointHealthScore: 2 Referrer-Policy: no-referrer, strict-origin-when-cross-origin Reporting-Endpoints: cspendpoint="https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/CSPReporting.aspx" X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com .office365.com .powerapps.com .yammer.com engage.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com .powerapps.com .yammer.com engage.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com .cloud.microsoft app.powerbi.com; Content-Security-Policy-Report-Only: base-uri 'none';;report-to cspendpoint Content-Security-Policy: worker-src 'self' blob:;script-src https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://fabriciss.azureedge.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://res-1.cdn.office.net https://res-1.cdn.office.net https://res-2.cdn.office.net https://webshell.suite.office.com https://amcdn.msftauth.net .cdn.office.net .fluidpreview.office.net https://res-1.cdn.office.net https://teams.microsoft.com https://js.monitor.azure.com https://r4.res.office365.com https://c1-excel-15.cdn.office.net https://c1-onenote-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net https://loki.delve.office.com https://res.cdn.office.net/midgard/ https://substrate.office.com 'unsafe-eval' 'nonce-37bdac55-058e-406a-88 [TRUNCATED] Content-Security-Policy-Report-Only: style-src https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://fabriciss.azureedge.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://res-1.cdn.office.net https://res-1.cdn.office.net https://res-2.cdn.office.net https://webshell.suite.office.com https://amcdn.msftauth.net .cdn.office.net .fluidpreview.office.net https://res-1.cdn.office.net https://teams.microsoft.com https://js.monitor.azure.com https://r4.res.office365.com https://c1-excel-15.cdn.office.net https://c1-onenote-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net https://loki.delve.office.com https://res.cdn.office.net/midgard/ https://substrate.office.com 'self' blob: 'unsafe-inline';connect-src 'self' blob: h [TRUNCATED] X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 2b386ea1-b090-0000-51c1-36d7165f5b7d request-id: 2b386ea1-b090-0000-51c1-36d7165f5b7d MS-CV: oW44K5CwAABRwTbXFl9bfQ.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 9CF00D4D87C542DAB5A209B20F9128C0 Ref B: EWR311000104019 Ref C: 2024-12-16T21:18:06Z Date: Mon, 16 Dec 2024 21:18:06 GMT Connection: close
2024-12-16 21:18:06 UTC	3185	IN	Data Raw: 63 36 61 0d 0a 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 2d 65 73 22 20 64 69 72 3d 22 6c 74 72 22 3e 0d 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 47 45 4e 45 52 41 54 4f 52 22 20 63 6f 6e 74 65 6e 74 3d 22 4d 69 63 72 6f 73 6f 66 74 20 53 68 61 72 65 50 6f 69 6e 74 22 20 2f 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 Data Ascii: c6a<!DOCTYPE html><html lang="es-es" dir="ltr"><head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-type" content="text/html; charset=utf-8" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta http-equ
2024-12-16 21:18:06 UTC	2122	IN	Data Raw: 38 34 33 0d 0a 6c 6f 61 64 52 65 73 6f 6c 76 65 2c 20 77 69 6e 64 6f 77 2e 6f 33 36 35 53 68 65 6c 6c 4c 6f 61 64 50 72 6f 6d 69 73 65 52 65 6a 65 63 74 20 3d 20 6c 6f 61 64 52 65 6a 65 63 74 20 7d 29 3b 20 77 69 6e 64 6f 77 2e 6f 33 36 35 53 68 65 6c 6c 52 65 6e 64 65 72 50 72 6f 6d 69 73 65 20 3d 20 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 20 28 72 65 6e 64 65 72 52 65 73 6f 6c 76 65 2c 20 72 65 6e 64 65 72 52 65 6a 65 63 74 29 20 7b 20 77 69 6e 64 6f 77 2e 6f 33 36 35 53 68 65 6c 6c 52 65 6e 64 65 72 50 72 6f 6d 69 73 65 52 65 73 6f 6c 76 65 20 3d 20 72 65 6e 64 65 72 52 65 73 6f 6c 76 65 2c 20 77 69 6e 64 6f 77 2e 6f 33 36 35 53 68 65 6c 6c 52 65 6e 64 65 72 50 72 6f 6d 69 73 65 52 65 6a 65 63 74 20 3d 20 72 65 6e 64 65 72 52 65 6a Data Ascii: 843loadResolve, window.o365ShellLoadPromiseReject = loadReject }); window.o365ShellRenderPromise = new Promise(function (renderResolve, renderReject) { window.o365ShellRenderPromiseResolve = renderResolve, window.o365ShellRenderPromiseReject = renderRej
2024-12-16 21:18:07 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 79 2c 20 65 6e 61 62 6c 65 44 65 6c 61 79 4c 6f 61 64 69 6e 67 3a 20 74 72 75 65 2c 20 63 6f 6c 6c 61 70 73 65 4f 33 36 35 53 65 74 74 69 6e 67 73 3a 20 66 61 6c 73 65 2c 20 64 69 73 61 62 6c 65 44 65 6c 61 79 4c 6f 61 64 3a 20 66 61 6c 73 65 2c 20 64 69 73 61 62 6c 65 53 68 65 6c 6c 50 6c 75 73 3a 20 66 61 6c 73 65 2c 20 69 73 54 68 69 6e 48 65 61 64 65 72 3a 20 74 72 75 65 2c 20 65 6e 61 62 6c 65 4c 65 67 61 63 79 52 65 73 70 6f 6e 73 69 76 65 42 65 68 61 76 69 6f 72 3a 20 66 61 6c 73 65 2c 20 65 78 70 65 63 74 53 65 61 72 63 68 42 6f 78 53 65 74 74 69 6e 67 73 3a 20 74 72 75 65 2c 20 64 61 72 6b 41 63 63 65 6e 74 3a 20 27 23 38 32 43 37 46 46 27 2c 20 73 68 65 6c 6c 41 75 74 68 50 72 6f 76 69 64 65 72 43 6f 6e 66 69 67 3a 20 7b 20 74 Data Ascii: 2000y, enableDelayLoading: true, collapseO365Settings: false, disableDelayLoad: false, disableShellPlus: false, isThinHeader: true, enableLegacyResponsiveBehavior: false, expectSearchBoxSettings: true, darkAccent: '#82C7FF', shellAuthProviderConfig: { t
2024-12-16 21:18:07 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 45 78 70 65 72 69 65 6e 63 65 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 62 6c 6f 63 6b 44 6f 77 6e 6c 6f 61 64 46 69 6c 65 54 79 70 65 50 6f 6c 69 63 79 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 61 75 74 68 43 6f 6e 74 65 78 74 4c 69 6d 69 74 65 64 41 63 63 65 73 73 45 78 70 65 72 69 65 6e 63 65 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 64 69 73 61 62 6c 65 42 61 63 6b 54 6f 43 6c 61 73 73 69 63 22 3a 66 61 6c 73 65 2c 22 69 73 4f 41 75 74 68 22 3a 66 61 6c 73 65 2c 22 69 73 4c 6f 63 61 74 69 6f 6e 73 65 72 76 69 63 65 41 76 61 69 6c 61 62 6c 65 22 3a 74 72 75 65 2c 22 62 6c 6f 63 6b 44 6f 77 6e 6c 6f 61 64 73 45 78 70 65 72 69 65 6e 63 65 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 69 64 6c 65 53 65 73 73 69 6f 6e Data Ascii: 2000ExperienceEnabled":false,"blockDownloadFileTypePolicyEnabled":false,"authContextLimitedAccessExperienceEnabled":false,"disableBackToClassic":false,"isOAuth":false,"isLocationserviceAvailable":true,"blockDownloadsExperienceEnabled":false,"idleSession
2024-12-16 21:18:07 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 74 72 75 65 2c 22 35 31 35 41 34 33 44 43 2d 38 33 41 36 2d 34 35 37 39 2d 39 43 38 38 2d 42 39 37 31 44 39 36 44 36 42 46 46 22 3a 74 72 75 65 2c 22 38 31 41 31 45 35 42 43 2d 45 37 38 32 2d 34 45 41 35 2d 38 30 42 39 2d 46 45 34 35 32 46 42 36 31 41 44 43 22 3a 74 72 75 65 2c 22 43 39 41 31 35 38 30 30 2d 33 42 41 30 2d 34 33 39 43 2d 38 33 30 44 2d 37 39 41 35 38 44 35 30 33 35 38 34 22 3a 74 72 75 65 2c 22 42 43 39 38 30 39 33 37 2d 45 46 35 34 2d 34 32 30 42 2d 39 43 41 34 2d 35 30 38 33 41 35 37 32 41 44 37 41 22 3a 74 72 75 65 2c 22 38 39 31 41 39 46 44 33 2d 33 32 42 44 2d 34 34 31 44 2d 41 39 42 39 2d 34 45 42 32 32 35 37 39 43 39 44 44 22 3a 74 72 75 65 2c 22 44 32 41 43 35 32 36 35 2d 39 33 37 30 2d 34 44 44 38 2d 41 33 36 43 Data Ascii: 2000true,"515A43DC-83A6-4579-9C88-B971D96D6BFF":true,"81A1E5BC-E782-4EA5-80B9-FE452FB61ADC":true,"C9A15800-3BA0-439C-830D-79A58D503584":true,"BC980937-EF54-420B-9CA4-5083A572AD7A":true,"891A9FD3-32BD-441D-A9B9-4EB22579C9DD":true,"D2AC5265-9370-4DD8-A36C
2024-12-16 21:18:07 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 34 39 41 42 31 43 2d 39 30 31 42 2d 34 31 39 36 2d 39 38 43 32 2d 34 30 39 38 32 33 34 32 44 34 38 34 22 3a 74 72 75 65 2c 22 42 41 36 41 31 45 33 39 2d 30 43 39 30 2d 34 36 38 45 2d 42 38 37 43 2d 43 44 36 43 45 38 43 31 33 44 32 34 22 3a 74 72 75 65 2c 22 31 33 33 32 32 38 41 30 2d 34 42 32 46 2d 34 32 34 31 2d 38 38 45 37 2d 43 45 33 32 35 33 36 32 32 43 39 46 22 3a 74 72 75 65 2c 22 39 41 46 34 39 32 41 38 2d 30 42 42 41 2d 34 45 35 46 2d 41 36 44 45 2d 34 35 31 35 43 30 44 44 46 45 41 45 22 3a 74 72 75 65 2c 22 39 33 31 37 31 44 39 31 2d 37 37 31 30 2d 34 38 30 35 2d 38 42 39 31 2d 46 35 35 39 32 34 37 41 46 39 41 32 22 3a 74 72 75 65 2c 22 41 35 43 38 46 34 36 41 2d 32 35 41 30 2d 34 38 34 31 2d 39 42 42 46 2d 39 35 43 34 38 36 32 Data Ascii: 200049AB1C-901B-4196-98C2-40982342D484":true,"BA6A1E39-0C90-468E-B87C-CD6CE8C13D24":true,"133228A0-4B2F-4241-88E7-CE3253622C9F":true,"9AF492A8-0BBA-4E5F-A6DE-4515C0DDFEAE":true,"93171D91-7710-4805-8B91-F559247AF9A2":true,"A5C8F46A-25A0-4841-9BBF-95C4862
2024-12-16 21:18:07 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 45 30 39 2d 34 33 31 39 2d 39 38 37 42 2d 34 32 41 46 36 45 33 46 41 46 41 34 22 3a 74 72 75 65 2c 22 35 33 43 45 39 37 31 39 2d 41 33 30 37 2d 34 34 43 46 2d 41 46 36 43 2d 36 31 30 44 38 44 34 31 34 35 34 39 22 3a 74 72 75 65 2c 22 34 34 42 33 32 45 36 46 2d 45 39 30 32 2d 34 34 36 43 2d 38 39 34 38 2d 44 41 45 38 44 31 36 31 33 39 43 43 22 3a 74 72 75 65 2c 22 39 34 30 43 42 46 30 41 2d 37 33 37 44 2d 34 31 36 42 2d 38 45 46 35 2d 42 33 32 31 34 37 34 35 46 33 46 36 22 3a 74 72 75 65 2c 22 38 36 31 33 35 42 45 46 2d 31 38 42 38 2d 34 45 41 38 2d 41 31 34 39 2d 41 41 35 45 32 44 45 43 41 39 35 42 22 3a 74 72 75 65 2c 22 30 31 43 31 46 30 38 36 2d 35 42 42 42 2d 34 30 33 42 2d 39 43 39 43 2d 32 36 39 44 41 35 31 44 44 38 36 34 22 3a 74 Data Ascii: 2000E09-4319-987B-42AF6E3FAFA4":true,"53CE9719-A307-44CF-AF6C-610D8D414549":true,"44B32E6F-E902-446C-8948-DAE8D16139CC":true,"940CBF0A-737D-416B-8EF5-B3214745F3F6":true,"86135BEF-18B8-4EA8-A149-AA5E2DECA95B":true,"01C1F086-5BBB-403B-9C9C-269DA51DD864":t
2024-12-16 21:18:07 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 2d 38 42 34 44 2d 42 35 42 37 35 32 39 44 39 38 38 30 22 3a 74 72 75 65 2c 22 46 34 42 33 42 31 42 39 2d 34 42 33 45 2d 34 42 33 44 2d 38 42 33 43 2d 30 42 33 46 34 41 32 42 33 46 37 42 22 3a 74 72 75 65 2c 22 37 33 33 44 41 32 42 44 2d 46 33 34 44 2d 34 39 37 39 2d 38 43 37 42 2d 44 46 37 33 34 32 32 39 31 32 36 37 22 3a 74 72 75 65 2c 22 31 39 38 36 46 31 32 42 2d 42 41 35 30 2d 34 41 36 46 2d 38 36 37 39 2d 41 32 41 30 31 31 44 43 33 43 37 39 22 3a 74 72 75 65 2c 22 44 45 36 43 33 31 43 33 2d 35 36 41 43 2d 34 34 46 46 2d 41 36 37 37 2d 41 43 43 30 37 45 30 38 39 46 44 41 22 3a 74 72 75 65 2c 22 43 41 34 44 32 31 43 45 2d 30 32 36 34 2d 34 36 32 44 2d 39 45 46 33 2d 42 32 39 39 31 41 30 33 39 30 43 31 22 3a 74 72 75 65 2c 22 35 42 31 Data Ascii: 2000-8B4D-B5B7529D9880":true,"F4B3B1B9-4B3E-4B3D-8B3C-0B3F4A2B3F7B":true,"733DA2BD-F34D-4979-8C7B-DF7342291267":true,"1986F12B-BA50-4A6F-8679-A2A011DC3C79":true,"DE6C31C3-56AC-44FF-A677-ACC07E089FDA":true,"CA4D21CE-0264-462D-9EF3-B2991A0390C1":true,"5B1
2024-12-16 21:18:07 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 34 34 34 36 38 33 35 37 35 44 22 3a 74 72 75 65 2c 22 42 46 38 43 45 37 34 30 2d 34 30 34 42 2d 34 30 45 42 2d 42 37 41 32 2d 44 36 37 44 31 33 33 32 38 43 30 45 22 3a 74 72 75 65 2c 22 35 43 43 38 32 44 46 38 2d 36 30 43 39 2d 34 39 38 36 2d 39 33 35 43 2d 33 44 46 31 41 33 39 35 38 30 44 32 22 3a 74 72 75 65 2c 22 46 38 38 36 31 46 46 43 2d 38 33 36 31 2d 34 38 30 35 2d 42 38 44 32 2d 38 35 36 31 33 38 42 38 32 44 43 39 22 3a 74 72 75 65 2c 22 45 46 44 36 45 39 34 37 2d 45 36 42 38 2d 34 44 31 31 2d 38 36 36 32 2d 35 39 30 46 41 42 35 42 39 33 31 36 22 3a 74 72 75 65 2c 22 42 33 33 31 36 32 34 30 2d 43 41 38 31 2d 34 32 31 30 2d 39 41 37 34 2d 30 42 35 43 30 39 32 44 43 35 30 36 22 3a 74 72 75 65 2c 22 46 33 35 31 35 34 43 36 2d 43 32 Data Ascii: 2000444683575D":true,"BF8CE740-404B-40EB-B7A2-D67D13328C0E":true,"5CC82DF8-60C9-4986-935C-3DF1A39580D2":true,"F8861FFC-8361-4805-B8D2-856138B82DC9":true,"EFD6E947-E6B8-4D11-8662-590FAB5B9316":true,"B3316240-CA81-4210-9A74-0B5C092DC506":true,"F35154C6-C2
2024-12-16 21:18:07 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 42 34 22 3a 74 72 75 65 2c 22 32 33 46 34 43 32 37 38 2d 38 38 42 32 2d 34 38 42 38 2d 39 36 46 39 2d 30 44 41 36 38 39 36 33 36 33 37 32 22 3a 74 72 75 65 2c 22 30 43 39 32 46 42 35 30 2d 37 45 42 36 2d 34 31 43 39 2d 39 41 38 46 2d 45 31 35 38 32 34 33 37 35 42 33 31 22 3a 74 72 75 65 2c 22 41 34 34 45 44 46 37 42 2d 44 45 46 43 2d 34 46 45 31 2d 42 33 41 43 2d 41 37 43 45 41 30 44 42 43 44 42 35 22 3a 74 72 75 65 2c 22 33 39 34 30 45 30 43 44 2d 35 42 38 35 2d 34 41 45 36 2d 41 33 41 46 2d 41 41 30 44 45 30 35 41 44 30 41 39 22 3a 74 72 75 65 2c 22 43 34 43 42 44 42 44 36 2d 46 45 43 39 2d 34 38 44 44 2d 38 35 34 32 2d 36 33 33 37 36 44 39 36 36 39 31 45 22 3a 74 72 75 65 2c 22 44 45 39 35 30 41 30 41 2d 38 41 36 37 2d 34 31 43 30 2d Data Ascii: 2000B4":true,"23F4C278-88B2-48B8-96F9-0DA689636372":true,"0C92FB50-7EB6-41C9-9A8F-E15824375B31":true,"A44EDF7B-DEFC-4FE1-B3AC-A7CEA0DBCDB5":true,"3940E0CD-5B85-4AE6-A3AF-AA0DE05AD0A9":true,"C4CBDBD6-FEC9-48DD-8542-63376D96691E":true,"DE950A0A-8A67-41C0-

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:17 UTC	2430	OUT	GET /personal/stella_pabon_ustabuca_edu_co/_api/sp.FavoriteItemCollection.GetFavoriteItems?top=500 HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 Authorization: Bearer User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/json;odata=verbose CollectSPPerfMetrics: SPSQLQueryCount accept: application/json;odata=verbose x-requestdigest: 0xE73424B9D439A2243771B2A71C69245C396EC8073BB54F74E46EFEE93639CC3A180B317F728260854F36BC6503E9342051CA6EAFDA73A1639332D3D8F8C1EBBA,16 Dec 2024 21:18:06 -0000 Caller: ODBWeb sec-ch-ua-platform: "Windows" Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe&parent=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip&ga=1 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:18 UTC	3479	IN	HTTP/1.1 500 Internal Server Error Cache-Control: private, max-age=0 Transfer-Encoding: chunked Content-Type: application/json;odata=verbose;charset=utf-8 Expires: Sun, 01 Dec 2024 21:18:18 GMT Last-Modified: Mon, 16 Dec 2024 21:18:18 GMT Vary: Origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,525568,0,0,4068988,0,525568,6 X-SharePointHealthScore: 0 X-SP-SERVERSTATE: ReadOnly=0 DATASERVICEVERSION: 3.0 SPClientServiceRequestDuration: 10 SPRequestDuration: 11 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 2e386ea1-1064-0000-51c1-328b4e986d39 request-id: 2e386ea1-1064-0000-51c1-328b4e986d39 MS-CV: oW44LmQQAABRwTKLTphtOQ.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5c&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 442DE5AEB9364CF39A88309AED521A03 Ref B: EWR311000105045 Ref C: 2024-12-16T21:18:18Z Date: Mon, 16 Dec 2024 21:18:17 GMT Connection: close
2024-12-16 21:18:18 UTC	341	IN	Data Raw: 31 34 65 0d 0a 7b 22 65 72 72 6f 72 22 3a 7b 22 63 6f 64 65 22 3a 22 2d 31 2c 20 53 79 73 74 65 6d 2e 4e 6f 74 53 75 70 70 6f 72 74 65 64 45 78 63 65 70 74 69 6f 6e 22 2c 22 6d 65 73 73 61 67 65 22 3a 7b 22 6c 61 6e 67 22 3a 22 65 73 2d 45 53 22 2c 22 76 61 6c 75 65 22 3a 22 4e 6f 74 20 73 75 70 70 6f 72 74 65 64 20 66 6f 72 20 63 75 72 72 65 6e 74 20 75 73 65 72 3a 20 4c 6f 67 69 6e 4e 61 6d 65 3a 20 69 3a 30 23 2e 66 7c 6d 65 6d 62 65 72 73 68 69 70 7c 75 72 6e 25 33 61 73 70 6f 25 33 61 61 6e 6f 6e 23 36 39 63 62 65 34 37 61 37 36 37 34 34 66 33 37 37 39 39 66 39 33 31 37 66 66 62 65 63 34 62 61 39 65 66 31 30 61 37 62 35 62 64 39 35 65 35 39 61 36 38 65 33 32 66 32 64 35 30 33 66 63 63 39 2c 20 49 73 45 6d 61 69 6c 41 75 74 68 65 6e 74 69 63 61 74 69 Data Ascii: 14e{"error":{"code":"-1, System.NotSupportedException","message":{"lang":"es-ES","value":"Not supported for current user: LoginName: i:0#.f\|membership\|urn%3aspo%3aanon#69cbe47a76744f37799f9317ffbec4ba9ef10a7b5bd95e59a68e32f2d503fcc9, IsEmailAuthenticati
2024-12-16 21:18:18 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:19 UTC	2606	OUT	POST /personal/stella_pabon_ustabuca_edu_co/_api/SP.OAuth.Token/Acquire() HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive Content-Length: 42 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Odata-Version: 4.0 sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/json;odata=verbose CollectSPPerfMetrics: SPSQLQueryCount Accept: application/json;odata.metadata=minimal x-requestdigest: 0xE73424B9D439A2243771B2A71C69245C396EC8073BB54F74E46EFEE93639CC3A180B317F728260854F36BC6503E9342051CA6EAFDA73A1639332D3D8F8C1EBBA,16 Dec 2024 21:18:06 -0000 sec-ch-ua-platform: "Windows" Origin: https://mailustabucaedu-my.sharepoint.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe&parent=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip&ga=1 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:19 UTC	42	OUT	Data Raw: 7b 22 72 65 73 6f 75 72 63 65 22 3a 22 68 74 74 70 73 3a 2f 2f 67 72 61 70 68 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 22 7d Data Ascii: {"resource":"https://graph.microsoft.com"}
2024-12-16 21:18:20 UTC	3694	IN	HTTP/1.1 400 Bad Request Cache-Control: private, max-age=0 Transfer-Encoding: chunked Content-Type: application/json;odata.metadata=minimal;odata.streaming=true;IEEE754Compatible=false;charset=utf-8 Expires: Sun, 01 Dec 2024 21:18:20 GMT Last-Modified: Mon, 16 Dec 2024 21:18:20 GMT Vary: Origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,525568,0,54,228830,0,296058,7 X-SharePointHealthScore: 0 X-SP-SERVERSTATE: ReadOnly=0 ODATA-VERSION: 4.0 SPClientServiceRequestDuration: 12 SPRequestDuration: 13 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 2e386ea1-30e7-0000-5773-05a0fb48c851 request-id: 2e386ea1-30e7-0000-5773-05a0fb48c851 MS-CV: oW44LucwAABXcwWg+0jIUQ.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} X-RequestDigest: 0xF4502B267C799CF8B77B44B607A0DF116DB9FE4BE34F432876BBEFA683904EDD7B9299A654554D8989C8B6DB6ECD1418AE81E6F0DE92434A3D51142FBCDFF5D7,16 Dec 2024 21:18:20 -0000 Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 57FC6949E77C48478959A136DE283EBC Ref B: EWR311000104045 Ref C: 2024-12-16T21:18:20Z Date: Mon, 16 Dec 2024 21:18:19 GMT Connection: close
2024-12-16 21:18:20 UTC	62	IN	Data Raw: 33 38 0d 0a 7b 22 65 72 72 6f 72 22 3a 7b 22 63 6f 64 65 22 3a 22 31 30 30 31 32 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 55 6e 73 75 70 70 6f 72 74 65 64 20 75 73 65 72 2e 22 7d 7d 0d 0a Data Ascii: 38{"error":{"code":"10012","message":"Unsupported user."}}
2024-12-16 21:18:20 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:20 UTC	3101	OUT	GET /_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&spartanOneDriveWireframe=true&streamViewServerLoad=true&streamInlineScript=true&siteConfigRace=true&listhandler=v2 HT [TRUNCATED] Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive Cache-Control: max-age=0 Accept: / Service-Worker: script Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: serviceworker Referer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe&parent=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip&ga=1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:20 UTC	1999	IN	HTTP/1.1 200 OK Cache-Control: max-age=1800 Content-Length: 897 Content-Type: text/javascript; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,1051136,0,7,10792763,0,1051136,7 Service-Worker-Allowed: / Strict-Transport-Security: max-age=31536000 X-AspNet-Version: 4.0.30319 SPRequestDuration: 20 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 9046D9F775AC478E8232163F8581B260 Ref B: EWR311000107045 Ref C: 2024-12-16T21:18:20Z Date: Mon, 16 Dec 2024 21:18:20 GMT Connection: close
2024-12-16 21:18:20 UTC	266	IN	Data Raw: 0d 0a 76 61 72 20 5f 73 74 61 72 74 54 69 6d 65 3d 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 28 29 2c 5f 73 74 61 72 74 54 69 6d 65 54 69 63 6b 73 3d 44 61 74 65 2e 6e 6f 77 28 29 3b 0a 76 61 72 20 5f 73 68 6f 75 6c 64 42 79 70 61 73 73 3d 66 61 6c 73 65 3b 0a 76 61 72 20 5f 63 64 6e 42 61 73 65 55 72 6c 3d 27 68 74 74 70 73 3a 2f 2f 72 65 73 2d 31 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 2f 66 69 6c 65 73 2f 6f 64 73 70 2d 77 65 62 2d 70 72 6f 64 5f 32 30 32 34 2d 31 32 2d 30 36 2e 30 30 37 2f 27 3b 0a 76 61 72 20 5f 73 77 42 75 69 6c 64 4e 75 6d 62 65 72 3d 27 6f 64 73 70 2d 77 65 62 2d 70 72 6f 64 5f 32 30 32 34 2d 31 32 2d 30 36 2e 30 30 37 27 3b 0a 76 61 72 20 5f 77 77 42 75 69 6c 64 4e 75 6d 62 65 72 3d 27 6f 64 73 70 2d 77 65 62 2d 70 72 6f Data Ascii: var _startTime=performance.now(),_startTimeTicks=Date.now();var _shouldBypass=false;var _cdnBaseUrl='https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.007/';var _swBuildNumber='odsp-web-prod_2024-12-06.007';var _wwBuildNumber='odsp-web-pro
2024-12-16 21:18:20 UTC	631	IN	Data Raw: 36 2e 30 30 37 27 3b 0a 76 61 72 20 5f 6f 6e 65 53 68 65 6c 6c 55 72 6c 3d 27 68 74 74 70 73 3a 2f 2f 73 68 65 6c 6c 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 2f 61 70 69 2f 53 68 65 6c 6c 42 6f 6f 74 73 74 72 61 70 70 65 72 2f 62 75 73 69 6e 65 73 73 2f 4f 6e 65 53 68 65 6c 6c 27 3b 0a 76 61 72 20 5f 77 77 4b 69 6c 6c 53 77 69 74 63 68 65 73 3d 7b 7d 3b 0a 76 61 72 20 5f 6b 69 6c 6c 53 77 69 74 63 68 65 73 3d 7b 22 32 45 43 41 36 43 38 42 2d 45 32 32 44 2d 34 41 35 39 2d 39 38 39 35 2d 37 33 44 33 45 35 38 30 30 30 37 39 22 3a 74 72 75 65 2c 22 43 46 38 46 41 42 31 41 2d 38 37 39 34 2d 34 33 42 45 2d 39 36 31 30 2d 39 42 36 44 32 38 35 46 43 32 44 46 22 3a 74 72 75 65 2c 22 38 44 33 46 37 32 42 33 2d 35 41 39 41 2d 34 39 41 34 2d 41 41 44 45 2d 36 34 Data Ascii: 6.007';var _oneShellUrl='https://shell.cdn.office.net/api/ShellBootstrapper/business/OneShell';var _wwKillSwitches={};var _killSwitches={"2ECA6C8B-E22D-4A59-9895-73D3E5800079":true,"CF8FAB1A-8794-43BE-9610-9B6D285FC2DF":true,"8D3F72B3-5A9A-49A4-AADE-64

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:23 UTC	2475	OUT	GET /personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?ga=1&id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Referer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe&parent=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip&ga=1 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:23 UTC	11237	IN	HTTP/1.1 200 OK Cache-Control: private Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 6,525568,0,5012,2126306,525568,525568,7 X-SharePointHealthScore: 3 Referrer-Policy: no-referrer, strict-origin-when-cross-origin Reporting-Endpoints: cspendpoint="https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/CSPReporting.aspx" X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com .office365.com .powerapps.com .yammer.com engage.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com .powerapps.com .yammer.com engage.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com .cloud.microsoft app.powerbi.com; Content-Security-Policy-Report-Only: base-uri 'none';;report-to cspendpoint Content-Security-Policy: worker-src 'self' blob:;script-src https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://fabriciss.azureedge.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://res-1.cdn.office.net https://res-1.cdn.office.net https://res-2.cdn.office.net https://webshell.suite.office.com https://amcdn.msftauth.net .cdn.office.net .fluidpreview.office.net https://res-1.cdn.office.net https://teams.microsoft.com https://js.monitor.azure.com https://r4.res.office365.com https://c1-excel-15.cdn.office.net https://c1-onenote-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net https://loki.delve.office.com https://res.cdn.office.net/midgard/ https://substrate.office.com 'unsafe-eval' 'nonce-226be07c-f973-4b70-bd [TRUNCATED] Content-Security-Policy-Report-Only: style-src https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://fabriciss.azureedge.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://res-1.cdn.office.net https://res-1.cdn.office.net https://res-2.cdn.office.net https://webshell.suite.office.com https://amcdn.msftauth.net .cdn.office.net .fluidpreview.office.net https://res-1.cdn.office.net https://teams.microsoft.com https://js.monitor.azure.com https://r4.res.office365.com https://c1-excel-15.cdn.office.net https://c1-onenote-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net https://loki.delve.office.com https://res.cdn.office.net/midgard/ https://substrate.office.com 'self' blob: 'unsafe-inline';connect-src 'self' blob: h [TRUNCATED] X-Service-Worker-Application-Id: STS X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 2f386ea1-50af-0000-5d95-364f21fcc9c6 request-id: 2f386ea1-50af-0000-5d95-364f21fcc9c6 MS-CV: oW44L69QAABdlTZPIfzJxg.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 6FBE1188F90E4E059861B372F5B90FD2 Ref B: EWR311000104029 Ref C: 2024-12-16T21:18:23Z Date: Mon, 16 Dec 2024 21:18:23 GMT Connection: close
2024-12-16 21:18:23 UTC	3635	IN	Data Raw: 65 32 63 0d 0a 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 2d 65 73 22 20 64 69 72 3d 22 6c 74 72 22 3e 0d 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 47 45 4e 45 52 41 54 4f 52 22 20 63 6f 6e 74 65 6e 74 3d 22 4d 69 63 72 6f 73 6f 66 74 20 53 68 61 72 65 50 6f 69 6e 74 22 20 2f 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 Data Ascii: e2c<!DOCTYPE html><html lang="es-es" dir="ltr"><head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-type" content="text/html; charset=utf-8" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta http-equ
2024-12-16 21:18:23 UTC	1641	IN	Data Raw: 36 36 32 0d 0a 65 78 65 63 75 74 65 53 75 69 74 65 4e 61 76 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 76 61 72 20 73 75 69 74 65 4e 61 76 50 6c 61 63 65 68 6f 6c 64 65 72 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 64 69 76 27 29 3b 73 75 69 74 65 4e 61 76 50 6c 61 63 65 68 6f 6c 64 65 72 2e 69 64 20 3d 20 27 53 75 69 74 65 4e 61 76 50 6c 61 63 65 68 6f 6c 64 65 72 27 3b 73 75 69 74 65 4e 61 76 50 6c 61 63 65 68 6f 6c 64 65 72 2e 73 74 79 6c 65 20 3d 20 22 6d 69 6e 2d 68 65 69 67 68 74 3a 20 34 38 70 78 22 3b 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 69 6e 73 65 72 74 42 65 66 6f 72 65 28 73 75 69 74 65 4e 61 76 50 6c 61 63 65 68 6f 6c 64 65 72 2c 20 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 66 69 72 73 74 43 68 Data Ascii: 662executeSuiteNav = function () {var suiteNavPlaceholder = document.createElement('div');suiteNavPlaceholder.id = 'SuiteNavPlaceholder';suiteNavPlaceholder.style = "min-height: 48px";document.body.insertBefore(suiteNavPlaceholder, document.body.firstCh
2024-12-16 21:18:23 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 6c 53 65 61 72 63 68 55 58 53 65 61 72 63 68 54 65 78 74 3a 20 73 65 61 72 63 68 51 75 65 72 79 2c 20 65 6e 61 62 6c 65 44 65 6c 61 79 4c 6f 61 64 69 6e 67 3a 20 74 72 75 65 2c 20 63 6f 6c 6c 61 70 73 65 4f 33 36 35 53 65 74 74 69 6e 67 73 3a 20 66 61 6c 73 65 2c 20 64 69 73 61 62 6c 65 44 65 6c 61 79 4c 6f 61 64 3a 20 66 61 6c 73 65 2c 20 64 69 73 61 62 6c 65 53 68 65 6c 6c 50 6c 75 73 3a 20 66 61 6c 73 65 2c 20 69 73 54 68 69 6e 48 65 61 64 65 72 3a 20 74 72 75 65 2c 20 65 6e 61 62 6c 65 4c 65 67 61 63 79 52 65 73 70 6f 6e 73 69 76 65 42 65 68 61 76 69 6f 72 3a 20 66 61 6c 73 65 2c 20 65 78 70 65 63 74 53 65 61 72 63 68 42 6f 78 53 65 74 74 69 6e 67 73 3a 20 74 72 75 65 2c 20 64 61 72 6b 41 63 63 65 6e 74 3a 20 27 23 38 32 43 37 46 46 Data Ascii: 2000lSearchUXSearchText: searchQuery, enableDelayLoading: true, collapseO365Settings: false, disableDelayLoad: false, disableShellPlus: false, isThinHeader: true, enableLegacyResponsiveBehavior: false, expectSearchBoxSettings: true, darkAccent: '#82C7FF
2024-12-16 21:18:24 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 56 79 63 32 68 70 63 48 78 31 63 6d 34 6c 4d 32 46 7a 63 47 38 6c 4d 32 46 68 62 6d 39 75 49 7a 59 35 59 32 4a 6c 4e 44 64 68 4e 7a 59 33 4e 44 52 6d 4d 7a 63 33 4f 54 6c 6d 4f 54 4d 78 4e 32 5a 6d 59 6d 56 6a 4e 47 4a 68 4f 57 56 6d 4d 54 42 68 4e 32 49 31 59 6d 51 35 4e 57 55 31 4f 57 45 32 4f 47 55 7a 4d 6d 59 79 5a 44 55 77 4d 32 5a 6a 59 7a 6e 49 41 51 45 2e 70 51 33 39 43 75 45 32 6f 42 65 64 39 46 75 6a 6e 62 44 6d 34 4a 5f 6c 44 63 33 65 79 67 2d 79 58 68 34 38 67 41 6c 70 65 63 6f 22 7d 2c 22 76 61 6e 69 74 79 55 72 6c 73 22 3a 7b 7d 2c 22 6d 75 6c 74 69 47 65 6f 49 6e 66 6f 22 3a 5b 7b 22 49 6e 73 74 61 6e 63 65 49 64 22 3a 22 66 66 63 64 36 36 61 65 2d 65 33 37 33 2d 34 66 62 31 2d 39 63 38 34 2d 33 39 32 30 65 38 36 33 31 39 Data Ascii: 2000Vyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYznIAQE.pQ39CuE2oBed9FujnbDm4J_lDc3eyg-yXh48gAlpeco"},"vanityUrls":{},"multiGeoInfo":[{"InstanceId":"ffcd66ae-e373-4fb1-9c84-3920e86319
2024-12-16 21:18:24 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 33 42 38 43 32 38 2d 46 43 39 45 2d 34 37 37 45 2d 38 33 41 37 2d 31 30 46 37 41 39 45 36 34 39 44 32 22 3a 74 72 75 65 2c 22 38 44 44 33 35 43 39 39 2d 41 31 39 34 2d 34 30 45 41 2d 41 42 30 43 2d 30 43 36 39 44 39 43 39 34 41 38 36 22 3a 74 72 75 65 2c 22 44 43 44 38 46 32 42 31 2d 35 36 30 31 2d 34 37 37 37 2d 42 37 31 34 2d 38 37 46 44 37 35 32 34 41 31 42 30 22 3a 74 72 75 65 2c 22 38 38 30 30 41 41 36 32 2d 36 46 46 36 2d 34 38 39 39 2d 39 45 45 39 2d 37 38 41 46 35 31 42 35 44 39 32 30 22 3a 74 72 75 65 2c 22 36 42 36 39 32 45 39 43 2d 37 41 31 44 2d 34 32 32 46 2d 38 38 33 37 2d 43 34 35 31 46 46 41 36 32 38 30 45 22 3a 74 72 75 65 2c 22 43 31 37 44 39 41 35 42 2d 44 46 38 32 2d 34 32 34 36 2d 42 39 42 45 2d 32 45 45 45 37 34 38 Data Ascii: 20003B8C28-FC9E-477E-83A7-10F7A9E649D2":true,"8DD35C99-A194-40EA-AB0C-0C69D9C94A86":true,"DCD8F2B1-5601-4777-B714-87FD7524A1B0":true,"8800AA62-6FF6-4899-9EE9-78AF51B5D920":true,"6B692E9C-7A1D-422F-8837-C451FFA6280E":true,"C17D9A5B-DF82-4246-B9BE-2EEE748
2024-12-16 21:18:24 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 31 46 46 2d 34 33 45 33 2d 39 31 34 41 2d 38 39 45 37 30 41 37 46 46 45 42 30 22 3a 74 72 75 65 2c 22 35 42 35 46 32 41 44 30 2d 37 45 43 32 2d 34 32 46 38 2d 39 33 45 44 2d 30 44 36 34 36 33 34 35 43 30 36 39 22 3a 74 72 75 65 2c 22 43 32 38 34 35 36 34 31 2d 35 35 43 45 2d 34 42 42 38 2d 39 44 35 36 2d 33 41 41 34 41 36 32 44 46 34 35 43 22 3a 74 72 75 65 2c 22 37 44 34 36 36 35 41 33 2d 33 30 36 35 2d 34 31 43 42 2d 38 44 33 45 2d 45 32 36 39 39 44 30 34 30 30 37 31 22 3a 74 72 75 65 2c 22 31 35 38 43 41 43 35 43 2d 37 30 30 35 2d 34 41 41 41 2d 38 43 31 41 2d 36 38 36 35 33 41 34 31 32 37 36 45 22 3a 74 72 75 65 2c 22 45 44 30 39 33 45 34 31 2d 36 32 32 43 2d 34 39 41 30 2d 41 38 39 36 2d 36 35 46 43 31 37 32 32 43 44 33 38 22 3a 74 Data Ascii: 20001FF-43E3-914A-89E70A7FFEB0":true,"5B5F2AD0-7EC2-42F8-93ED-0D646345C069":true,"C2845641-55CE-4BB8-9D56-3AA4A62DF45C":true,"7D4665A3-3065-41CB-8D3E-E2699D040071":true,"158CAC5C-7005-4AAA-8C1A-68653A41276E":true,"ED093E41-622C-49A0-A896-65FC1722CD38":t
2024-12-16 21:18:24 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 2d 42 34 36 44 2d 42 41 41 35 30 35 31 32 45 31 42 30 22 3a 74 72 75 65 2c 22 42 37 34 34 44 32 37 44 2d 31 34 34 38 2d 34 42 30 37 2d 41 45 36 37 2d 44 35 34 36 33 32 35 42 38 39 43 34 22 3a 74 72 75 65 2c 22 32 42 44 44 34 37 44 31 2d 46 39 45 42 2d 34 31 30 39 2d 41 36 45 31 2d 41 37 35 37 44 30 44 33 44 32 46 43 22 3a 74 72 75 65 2c 22 46 41 33 34 31 46 43 42 2d 32 45 44 37 2d 34 34 32 45 2d 39 33 30 38 2d 36 33 38 32 41 30 46 34 45 38 44 36 22 3a 74 72 75 65 2c 22 31 38 46 37 30 41 35 41 2d 35 32 41 42 2d 34 41 34 35 2d 42 37 42 32 2d 31 46 37 46 46 39 43 46 41 38 35 36 22 3a 74 72 75 65 2c 22 33 41 39 38 37 30 37 46 2d 35 39 42 43 2d 34 42 38 41 2d 41 38 38 35 2d 43 37 33 36 46 31 34 31 31 30 35 33 22 3a 74 72 75 65 2c 22 32 42 43 Data Ascii: 2000-B46D-BAA50512E1B0":true,"B744D27D-1448-4B07-AE67-D546325B89C4":true,"2BDD47D1-F9EB-4109-A6E1-A757D0D3D2FC":true,"FA341FCB-2ED7-442E-9308-6382A0F4E8D6":true,"18F70A5A-52AB-4A45-B7B2-1F7FF9CFA856":true,"3A98707F-59BC-4B8A-A885-C736F1411053":true,"2BC
2024-12-16 21:18:24 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 32 34 35 33 33 46 34 44 39 36 22 3a 74 72 75 65 2c 22 44 41 44 37 36 42 36 46 2d 43 34 30 44 2d 34 35 38 38 2d 38 44 43 37 2d 31 34 33 43 36 43 37 41 31 36 44 45 22 3a 74 72 75 65 2c 22 46 39 46 35 35 35 42 37 2d 31 45 35 34 2d 34 31 46 35 2d 39 39 30 41 2d 31 39 38 42 30 44 31 32 33 30 41 34 22 3a 74 72 75 65 2c 22 43 34 39 32 35 46 45 32 2d 32 36 39 31 2d 34 32 32 38 2d 42 45 32 35 2d 33 41 31 35 30 30 41 34 33 42 35 41 22 3a 74 72 75 65 2c 22 38 34 34 39 30 35 36 44 2d 37 43 45 45 2d 34 32 38 43 2d 41 37 35 42 2d 39 36 34 34 32 43 43 43 36 35 37 36 22 3a 74 72 75 65 2c 22 36 44 31 46 42 45 45 39 2d 44 34 35 32 2d 34 31 43 43 2d 39 34 36 45 2d 43 38 35 46 35 35 42 36 35 32 34 32 22 3a 74 72 75 65 2c 22 39 38 46 39 31 44 38 32 2d 36 35 Data Ascii: 200024533F4D96":true,"DAD76B6F-C40D-4588-8DC7-143C6C7A16DE":true,"F9F555B7-1E54-41F5-990A-198B0D1230A4":true,"C4925FE2-2691-4228-BE25-3A1500A43B5A":true,"8449056D-7CEE-428C-A75B-96442CCC6576":true,"6D1FBEE9-D452-41CC-946E-C85F55B65242":true,"98F91D82-65
2024-12-16 21:18:24 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 36 39 22 3a 74 72 75 65 2c 22 43 43 38 41 30 43 35 46 2d 33 36 41 33 2d 34 43 42 44 2d 39 41 34 33 2d 45 37 43 39 36 41 46 34 39 30 36 37 22 3a 74 72 75 65 2c 22 42 43 39 37 36 45 30 42 2d 39 30 39 33 2d 34 30 43 33 2d 38 31 43 37 2d 46 37 39 42 42 38 31 42 36 30 30 32 22 3a 74 72 75 65 2c 22 30 30 43 39 34 46 32 30 2d 31 37 41 45 2d 34 31 30 43 2d 41 36 30 30 2d 41 39 31 46 42 43 43 31 31 35 43 44 22 3a 74 72 75 65 2c 22 34 30 35 45 36 30 30 30 2d 39 37 39 42 2d 34 45 38 35 2d 42 39 31 45 2d 41 41 42 30 31 32 38 34 30 30 37 36 22 3a 74 72 75 65 2c 22 33 36 37 45 35 43 35 39 2d 35 38 34 35 2d 34 36 36 41 2d 38 33 39 30 2d 33 33 30 41 37 39 45 34 33 31 30 36 22 3a 74 72 75 65 2c 22 36 36 33 46 32 39 36 35 2d 42 34 33 32 2d 34 34 46 43 2d Data Ascii: 200069":true,"CC8A0C5F-36A3-4CBD-9A43-E7C96AF49067":true,"BC976E0B-9093-40C3-81C7-F79BB81B6002":true,"00C94F20-17AE-410C-A600-A91FBCC115CD":true,"405E6000-979B-4E85-B91E-AAB012840076":true,"367E5C59-5845-466A-8390-330A79E43106":true,"663F2965-B432-44FC-
2024-12-16 21:18:24 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 2c 22 38 30 37 43 34 32 39 32 2d 39 43 39 45 2d 34 33 41 32 2d 38 43 33 30 2d 45 46 32 36 34 34 35 41 31 36 43 46 22 3a 74 72 75 65 2c 22 37 36 39 43 30 46 37 30 2d 32 34 43 41 2d 34 37 36 42 2d 39 45 35 46 2d 38 44 42 39 39 34 33 34 33 32 45 36 22 3a 74 72 75 65 2c 22 44 45 38 46 38 37 30 33 2d 36 42 41 33 2d 34 33 42 37 2d 41 38 45 43 2d 32 30 32 39 32 38 34 36 32 46 36 41 22 3a 74 72 75 65 2c 22 30 34 31 45 34 34 37 35 2d 30 36 33 39 2d 34 35 38 34 2d 38 38 39 33 2d 31 35 42 30 35 44 32 43 43 43 38 42 22 3a 74 72 75 65 2c 22 42 43 33 43 31 30 32 30 2d 31 36 37 31 2d 34 41 38 32 2d 42 34 42 36 2d 42 36 31 45 33 45 32 38 35 46 44 34 22 3a 74 72 75 65 2c 22 39 44 44 45 44 33 32 31 2d 30 43 38 38 2d 31 31 45 45 2d 39 38 35 43 2d 45 30 34 Data Ascii: 2000,"807C4292-9C9E-43A2-8C30-EF26445A16CF":true,"769C0F70-24CA-476B-9E5F-8DB9943432E6":true,"DE8F8703-6BA3-43B7-A8EC-202928462F6A":true,"041E4475-0639-4584-8893-15B05D2CCC8B":true,"BC3C1020-1671-4A82-B4B6-B61E3E285FD4":true,"9DDED321-0C88-11EE-985C-E04

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:23 UTC	2292	OUT	GET /personal/stella_pabon_ustabuca_edu_co/_api/v2.0/sites/root/lists/74463084-87e5-4e57-b11b-9820afa05836/subscriptions/socketIo?listItemIds= HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Content-Type: application/json;odata=verbose Prefer: NotificationSession sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: empty Referer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe&parent=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip&ga=1 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:23 UTC	3283	IN	HTTP/1.1 403 Forbidden Cache-Control: no-cache, no-store Pragma: no-cache Content-Length: 59 Content-Type: application/json Expires: -1 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,1051136,7,15,2107626,0,1051136,7 X-SharePointHealthScore: 0 X-VroomVersion: 2.0 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 2f386ea1-e0ae-0000-5d95-34c9088b5170 request-id: 2f386ea1-e0ae-0000-5d95-34c9088b5170 MS-CV: oW44L67gAABdlTTJCItRcA.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-EWR31r5d&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; SPRequestDuration: 61 SPIisLatency: 3 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 16EF4C627DD140D785FE42093A0602A8 Ref B: EWR311000107019 Ref C: 2024-12-16T21:18:23Z Date: Mon, 16 Dec 2024 21:18:22 GMT Connection: close
2024-12-16 21:18:23 UTC	59	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 7b 22 63 6f 64 65 22 3a 22 61 63 63 65 73 73 44 65 6e 69 65 64 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 41 63 63 65 73 73 20 64 65 6e 69 65 64 22 7d 7d Data Ascii: {"error":{"code":"accessDenied","message":"Access denied"}}

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:24 UTC	2177	OUT	GET /_layouts/15/images/odbfavicon.ico?rev=47 HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe&parent=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip&ga=1 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:24 UTC	1976	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 7886 Content-Type: image/x-icon Last-Modified: Fri, 13 Dec 2024 04:03:24 GMT Accept-Ranges: bytes ETag: "8a92bcf4134ddb1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,525568,0,0,2445634,0,525568,7 SPRequestDuration: 8 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 2DE29EDE5A55476CB7CC03C83970530B Ref B: EWR311000103019 Ref C: 2024-12-16T21:18:24Z Date: Mon, 16 Dec 2024 21:18:23 GMT Connection: close
2024-12-16 21:18:24 UTC	3261	IN	Data Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 6 hf( @
2024-12-16 21:18:24 UTC	4625	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 64 03 10 b8 64 03 80 b8 64 03 ef b8 64 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 ff b8 64 03 bf b8 64 03 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 64 03 40 b8 64 03 80 b8 64 03 80 b8 64 03 80 b8 64 03 80 b8 64 03 60 b8 64 03 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: dddddddddddd@d@ddddd`d

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:26 UTC	1777	OUT	GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:26 UTC	3228	IN	HTTP/1.1 200 OK Cache-Control: max-age=600 Transfer-Encoding: chunked Content-Type: text/javascript; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,1051136,5,14,2358961,0,1051136,6 X-SharePointHealthScore: 3 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 30386ea1-1062-0000-51c1-305b6393198b request-id: 30386ea1-1062-0000-51c1-305b6393198b MS-CV: oW44MGIQAABRwTBbY5MZiw.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5d&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: B2611DD9151C4833B51323FB73FE030A Ref B: EWR311000108047 Ref C: 2024-12-16T21:18:26Z Date: Mon, 16 Dec 2024 21:18:26 GMT Connection: close
2024-12-16 21:18:26 UTC	706	IN	Data Raw: 32 62 62 0d 0a 73 65 6c 66 2e 5f 70 65 72 66 4d 61 72 6b 73 20 3d 20 7b 7d 3b 0a 73 65 6c 66 2e 5f 6d 61 72 6b 50 65 72 66 53 74 61 67 65 3d 66 75 6e 63 74 69 6f 6e 28 6b 65 79 29 20 7b 69 66 28 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 20 26 26 20 74 79 70 65 6f 66 20 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 20 3d 3d 3d 20 27 66 75 6e 63 74 69 6f 6e 27 29 7b 73 65 6c 66 2e 5f 70 65 72 66 4d 61 72 6b 73 5b 6b 65 79 5d 3d 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 28 29 3b 7d 20 65 6c 73 65 7b 73 65 6c 66 2e 5f 70 65 72 66 4d 61 72 6b 73 5b 6b 65 79 5d 3d 44 61 74 65 2e 6e 6f 77 28 29 3b 7d 20 69 66 20 28 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 20 26 26 20 74 79 70 65 6f 66 20 73 65 6c 66 2e 70 65 72 66 6f Data Ascii: 2bbself._perfMarks = {};self._markPerfStage=function(key) {if(self.performance && typeof self.performance.now === 'function'){self._perfMarks[key]=self.performance.now();} else{self._perfMarks[key]=Date.now();} if (self.performance && typeof self.perfo
2024-12-16 21:18:26 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:28 UTC	1770	OUT	GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:28 UTC	3235	IN	HTTP/1.1 200 OK Cache-Control: max-age=600 Transfer-Encoding: chunked Content-Type: text/javascript; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 1,1051136,27,72,2352115,1051136,1051136,6 X-SharePointHealthScore: 0 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 30386ea1-b0e0-0000-51c1-314eaf27b1c1 request-id: 30386ea1-b0e0-0000-51c1-314eaf27b1c1 MS-CV: oW44MOCwAABRwTFOryexwQ.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 81E5C1635A7D4471BC50CC47963FA129 Ref B: EWR311000103047 Ref C: 2024-12-16T21:18:28Z Date: Mon, 16 Dec 2024 21:18:28 GMT Connection: close
2024-12-16 21:18:28 UTC	706	IN	Data Raw: 32 62 62 0d 0a 73 65 6c 66 2e 5f 70 65 72 66 4d 61 72 6b 73 20 3d 20 7b 7d 3b 0a 73 65 6c 66 2e 5f 6d 61 72 6b 50 65 72 66 53 74 61 67 65 3d 66 75 6e 63 74 69 6f 6e 28 6b 65 79 29 20 7b 69 66 28 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 20 26 26 20 74 79 70 65 6f 66 20 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 20 3d 3d 3d 20 27 66 75 6e 63 74 69 6f 6e 27 29 7b 73 65 6c 66 2e 5f 70 65 72 66 4d 61 72 6b 73 5b 6b 65 79 5d 3d 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6e 6f 77 28 29 3b 7d 20 65 6c 73 65 7b 73 65 6c 66 2e 5f 70 65 72 66 4d 61 72 6b 73 5b 6b 65 79 5d 3d 44 61 74 65 2e 6e 6f 77 28 29 3b 7d 20 69 66 20 28 73 65 6c 66 2e 70 65 72 66 6f 72 6d 61 6e 63 65 20 26 26 20 74 79 70 65 6f 66 20 73 65 6c 66 2e 70 65 72 66 6f Data Ascii: 2bbself._perfMarks = {};self._markPerfStage=function(key) {if(self.performance && typeof self.performance.now === 'function'){self._perfMarks[key]=self.performance.now();} else{self._perfMarks[key]=Date.now();} if (self.performance && typeof self.perfo
2024-12-16 21:18:28 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:28 UTC	2932	OUT	GET /_layouts/15/SPComponentRegistry.ashx?projects=[%22STS%22]&languages=%5B%5D HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive Accept: application/json User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/json Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://mailustabucaedu-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&spartanOneDriveWireframe=true&streamViewServerLoad=true&streamInlineScr [TRUNCATED] Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:29 UTC	2049	IN	HTTP/1.1 200 OK Cache-Control: private Content-Length: 6514043 Content-Type: application/json ETag: "5625413_sts_default_en-us" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,4204800,22,100,1803964,0,3454205,7 X-Language: en-US X-STSClient-Language: en-US X-SPClient-Language: en-US CachedManifest: False X-AspNet-Version: 4.0.30319 SPRequestDuration: 209 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: D1F06480AD07479EBBFC04585469B273 Ref B: EWR311000104017 Ref C: 2024-12-16T21:18:28Z Date: Mon, 16 Dec 2024 21:18:28 GMT Connection: close
2024-12-16 21:18:29 UTC	2121	IN	Data Raw: 7b 22 73 74 73 22 3a 7b 22 65 6e 2d 55 53 22 3a 7b 22 53 50 4c 49 53 54 22 3a 7b 22 73 63 72 69 70 74 50 61 74 68 44 61 74 61 22 3a 7b 22 61 72 69 61 2d 6d 69 6e 69 22 3a 22 61 72 69 61 2d 6d 69 6e 69 2d 62 31 64 33 65 62 32 65 22 2c 22 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 22 3a 22 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 2d 66 63 64 30 30 31 33 33 22 2c 22 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 2e 72 65 73 78 22 3a 22 65 6e 2d 75 73 2f 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 2e 72 65 73 78 2d 33 35 37 33 66 35 32 64 22 2c 22 72 6f 6f 73 74 65 72 65 64 69 74 6f 72 2d 6d 69 6e 69 22 3a 22 72 6f 6f 73 74 65 72 65 64 69 74 6f 72 2d 6d 69 6e 69 2d 34 39 39 38 34 36 33 64 22 2c Data Ascii: {"sts":{"en-US":{"SPLIST":{"scriptPathData":{"aria-mini":"aria-mini-b1d3eb2e","customformatter-mini":"customformatter-mini-fcd00133","customformatter-mini.resx":"en-us/customformatter-mini.resx-3573f52d","roostereditor-mini":"roostereditor-mini-4998463d",
2024-12-16 21:18:29 UTC	8192	IN	Data Raw: 6c 69 73 74 74 65 78 74 66 69 6c 65 65 64 69 74 6f 72 2d 6d 69 6e 69 22 3a 22 73 70 6c 69 73 74 74 65 78 74 66 69 6c 65 65 64 69 74 6f 72 2d 6d 69 6e 69 2d 63 66 38 63 64 31 39 33 22 2c 22 73 70 6c 69 73 74 74 65 78 74 66 69 6c 65 65 64 69 74 6f 72 2d 6d 69 6e 69 2e 72 65 73 78 22 3a 22 65 6e 2d 75 73 2f 73 70 6c 69 73 74 74 65 78 74 66 69 6c 65 65 64 69 74 6f 72 2d 6d 69 6e 69 2e 72 65 73 78 2d 65 64 62 63 39 35 38 31 22 2c 22 73 70 6c 69 73 74 66 69 6c 65 72 65 71 75 65 73 74 70 61 67 65 2d 6d 69 6e 69 22 3a 22 73 70 6c 69 73 74 66 69 6c 65 72 65 71 75 65 73 74 70 61 67 65 2d 6d 69 6e 69 2d 61 62 34 33 61 36 36 63 22 2c 22 73 70 6c 69 73 74 66 69 6c 65 72 65 71 75 65 73 74 70 61 67 65 2d 6d 69 6e 69 2e 72 65 73 78 22 3a 22 65 6e 2d 75 73 2f 73 70 6c 69 Data Ascii: listtextfileeditor-mini":"splisttextfileeditor-mini-cf8cd193","splisttextfileeditor-mini.resx":"en-us/splisttextfileeditor-mini.resx-edbc9581","splistfilerequestpage-mini":"splistfilerequestpage-mini-ab43a66c","splistfilerequestpage-mini.resx":"en-us/spli
2024-12-16 21:18:29 UTC	4144	IN	Data Raw: 22 2c 22 56 70 74 22 2c 22 73 62 74 22 2c 22 6f 5f 74 22 2c 22 75 5f 74 22 2c 22 64 5f 74 22 2c 22 72 5f 74 22 2c 22 73 5f 74 22 2c 22 69 5f 74 22 2c 22 72 67 74 22 2c 22 4b 70 74 22 2c 22 48 70 74 22 2c 22 52 70 74 22 2c 22 42 70 74 22 2c 22 4e 70 74 22 2c 22 6a 70 74 22 2c 22 46 70 74 22 2c 22 57 70 74 22 2c 22 5a 70 74 22 2c 22 58 70 74 22 2c 22 4a 70 74 22 2c 22 51 70 74 22 2c 22 59 70 74 22 2c 22 71 70 74 22 2c 22 44 68 74 22 2c 22 75 68 74 22 2c 22 4f 68 74 22 2c 22 67 68 74 22 2c 22 64 68 74 22 2c 22 62 68 74 22 2c 22 79 68 74 22 2c 22 76 68 74 22 2c 22 63 62 74 22 2c 22 67 62 74 22 2c 22 64 62 74 22 2c 22 6c 62 74 22 2c 22 75 62 74 22 2c 22 74 5f 74 22 2c 22 6e 5f 74 22 2c 22 62 62 74 22 2c 22 76 62 74 22 2c 22 68 62 74 22 2c 22 79 62 74 22 2c 22 Data Ascii: ","Vpt","sbt","o_t","u_t","d_t","r_t","s_t","i_t","rgt","Kpt","Hpt","Rpt","Bpt","Npt","jpt","Fpt","Wpt","Zpt","Xpt","Jpt","Qpt","Ypt","qpt","Dht","uht","Oht","ght","dht","bht","yht","vht","cbt","gbt","dbt","lbt","ubt","t_t","n_t","bbt","vbt","hbt","ybt","
2024-12-16 21:18:29 UTC	8192	IN	Data Raw: 4e 37 22 2c 22 52 37 22 2c 22 55 37 22 2c 22 54 37 22 2c 22 46 37 22 2c 22 50 37 22 2c 22 4d 37 22 2c 22 41 37 22 2c 22 67 37 22 2c 22 6c 37 22 2c 22 66 37 22 2c 22 4c 37 22 2c 22 72 62 22 2c 22 62 37 22 2c 22 6d 37 22 2c 22 70 37 22 2c 22 45 37 22 2c 22 77 37 22 2c 22 78 37 22 2c 22 49 37 22 2c 22 43 37 22 2c 22 44 37 22 2c 22 64 37 22 2c 22 6f 37 22 2c 22 72 37 22 2c 22 73 37 22 2c 22 69 37 22 2c 22 61 37 22 2c 22 6e 37 22 2c 22 74 5f 22 2c 22 61 5f 22 2c 22 6e 5f 22 2c 22 59 36 22 2c 22 4a 36 22 2c 22 24 6d 22 2c 22 65 5f 22 2c 22 57 6d 22 2c 22 5a 6d 22 2c 22 42 6d 22 2c 22 56 6d 22 2c 22 6a 6d 22 2c 22 4e 6d 22 2c 22 51 6d 22 2c 22 59 6d 22 2c 22 48 6d 22 2c 22 24 36 22 2c 22 58 6d 22 2c 22 47 6d 22 2c 22 5a 36 22 2c 22 4a 6d 22 2c 22 58 36 22 2c 22 Data Ascii: N7","R7","U7","T7","F7","P7","M7","A7","g7","l7","f7","L7","rb","b7","m7","p7","E7","w7","x7","I7","C7","D7","d7","o7","r7","s7","i7","a7","n7","t_","a_","n_","Y6","J6","$m","e_","Wm","Zm","Bm","Vm","jm","Nm","Qm","Ym","Hm","$6","Xm","Gm","Z6","Jm","X6","
2024-12-16 21:18:29 UTC	8192	IN	Data Raw: 48 22 2c 22 53 47 22 2c 22 48 6a 22 2c 22 42 38 22 2c 22 59 38 22 2c 22 6a 38 22 2c 22 56 38 22 2c 22 51 38 22 2c 22 6a 47 22 2c 22 45 46 22 2c 22 69 47 22 2c 22 50 47 22 2c 22 41 47 22 2c 22 4c 47 22 2c 22 4d 47 22 2c 22 42 47 22 2c 22 24 78 22 2c 22 74 43 22 2c 22 65 43 22 2c 22 5f 43 22 2c 22 66 4b 22 2c 22 5f 4b 22 2c 22 70 4b 22 2c 22 6d 4b 22 2c 22 59 64 22 2c 22 65 6c 22 2c 22 4a 64 22 2c 22 43 38 22 2c 22 6b 38 22 2c 22 77 38 22 2c 22 41 38 22 2c 22 4c 38 22 2c 22 4f 38 22 2c 22 47 6f 22 2c 22 50 6f 22 2c 22 43 47 22 2c 22 6c 47 22 2c 22 66 47 22 2c 22 76 47 22 2c 22 63 47 22 2c 22 56 47 22 2c 22 64 47 22 2c 22 57 47 22 2c 22 61 6e 22 2c 22 4d 52 22 2c 22 6e 47 22 2c 22 43 54 22 2c 22 67 6e 22 2c 22 5a 7a 22 2c 22 24 7a 22 2c 22 73 47 22 2c 22 58 Data Ascii: H","SG","Hj","B8","Y8","j8","V8","Q8","jG","EF","iG","PG","AG","LG","MG","BG","$x","tC","eC","_C","fK","_K","pK","mK","Yd","el","Jd","C8","k8","w8","A8","L8","O8","Go","Po","CG","lG","fG","vG","cG","VG","dG","WG","an","MR","nG","CT","gn","Zz","$z","sG","X
2024-12-16 21:18:29 UTC	8192	IN	Data Raw: 22 2c 22 79 57 65 22 2c 22 45 51 65 22 2c 22 6d 52 65 22 2c 22 5f 52 65 22 2c 22 62 55 65 22 2c 22 67 46 65 22 2c 22 45 4e 65 22 2c 22 43 35 65 22 2c 22 70 44 65 22 2c 22 53 4d 65 22 2c 22 6c 4d 65 22 2c 22 65 6a 65 22 2c 22 78 42 65 22 2c 22 43 42 65 22 2c 22 54 4e 65 22 2c 22 50 4e 65 22 2c 22 4d 4e 65 22 2c 22 6b 4e 65 22 2c 22 4c 4e 65 22 2c 22 41 4e 65 22 2c 22 77 35 65 22 2c 22 4f 35 65 22 2c 22 4f 42 65 22 2c 22 4d 42 65 22 2c 22 72 4d 65 22 2c 22 69 4d 65 22 2c 22 61 4d 65 22 2c 22 52 6b 65 22 2c 22 45 6b 65 22 2c 22 64 4d 65 22 2c 22 77 4d 65 22 2c 22 78 4d 65 22 2c 22 56 6b 65 22 2c 22 7a 6b 65 22 2c 22 48 6b 65 22 2c 22 63 4d 65 22 2c 22 44 4d 65 22 2c 22 49 4d 65 22 2c 22 4f 4d 65 22 2c 22 77 6b 65 22 2c 22 62 44 65 22 2c 22 77 42 65 22 2c 22 Data Ascii: ","yWe","EQe","mRe","_Re","bUe","gFe","ENe","C5e","pDe","SMe","lMe","eje","xBe","CBe","TNe","PNe","MNe","kNe","LNe","ANe","w5e","O5e","OBe","MBe","rMe","iMe","aMe","Rke","Eke","dMe","wMe","xMe","Vke","zke","Hke","cMe","DMe","IMe","OMe","wke","bDe","wBe","
2024-12-16 21:18:29 UTC	8192	IN	Data Raw: 22 2c 22 6a 66 65 22 2c 22 42 66 65 22 2c 22 7a 66 65 22 2c 22 56 66 65 22 2c 22 6e 6d 65 22 2c 22 59 33 65 22 2c 22 47 33 65 22 2c 22 4b 33 65 22 2c 22 51 33 65 22 2c 22 48 33 65 22 2c 22 58 33 65 22 2c 22 73 62 65 22 2c 22 76 66 65 22 2c 22 50 68 65 22 2c 22 72 62 65 22 2c 22 45 67 65 22 2c 22 68 67 65 22 2c 22 4c 75 65 22 2c 22 78 68 65 22 2c 22 64 67 65 22 2c 22 57 75 65 22 2c 22 50 76 65 22 2c 22 6f 75 65 22 2c 22 49 75 65 22 2c 22 61 75 65 22 2c 22 45 64 65 22 2c 22 5a 68 65 22 2c 22 65 62 65 22 2c 22 51 68 65 22 2c 22 4a 68 65 22 2c 22 58 68 65 22 2c 22 71 68 65 22 2c 22 6f 67 65 22 2c 22 5f 62 65 22 2c 22 62 62 65 22 2c 22 70 62 65 22 2c 22 64 62 65 22 2c 22 75 62 65 22 2c 22 6c 62 65 22 2c 22 63 62 65 22 2c 22 79 75 65 22 2c 22 49 6c 65 22 2c 22 Data Ascii: ","jfe","Bfe","zfe","Vfe","nme","Y3e","G3e","K3e","Q3e","H3e","X3e","sbe","vfe","Phe","rbe","Ege","hge","Lue","xhe","dge","Wue","Pve","oue","Iue","aue","Ede","Zhe","ebe","Qhe","Jhe","Xhe","qhe","oge","_be","bbe","pbe","dbe","ube","lbe","cbe","yue","Ile","
2024-12-16 21:18:29 UTC	8192	IN	Data Raw: 2c 22 67 58 22 2c 22 68 58 22 2c 22 62 58 22 2c 22 6e 58 22 2c 22 51 58 22 2c 22 4b 4a 22 2c 22 24 4a 22 2c 22 5a 4a 22 2c 22 63 58 22 2c 22 4a 4a 22 2c 22 6f 58 22 2c 22 66 58 22 2c 22 58 58 22 2c 22 24 58 22 2c 22 43 58 22 2c 22 59 4a 22 2c 22 44 58 22 2c 22 47 58 22 2c 22 45 58 22 2c 22 4e 58 22 2c 22 42 58 22 2c 22 52 58 22 2c 22 75 58 22 2c 22 6c 58 22 2c 22 76 58 22 2c 22 70 58 22 2c 22 6e 5a 22 2c 22 54 58 22 2c 22 69 5a 22 2c 22 4f 58 22 2c 22 41 58 22 2c 22 48 58 22 2c 22 77 58 22 2c 22 73 58 22 2c 22 4a 58 22 2c 22 49 58 22 2c 22 5a 58 22 2c 22 74 5a 22 2c 22 65 5a 22 2c 22 78 58 22 2c 22 46 58 22 2c 22 53 58 22 2c 22 71 4a 22 2c 22 69 58 22 2c 22 72 58 22 2c 22 57 4a 22 2c 22 51 4a 22 2c 22 4b 58 22 2c 22 71 58 22 2c 22 74 58 22 2c 22 50 58 22 Data Ascii: ,"gX","hX","bX","nX","QX","KJ","$J","ZJ","cX","JJ","oX","fX","XX","$X","CX","YJ","DX","GX","EX","NX","BX","RX","uX","lX","vX","pX","nZ","TX","iZ","OX","AX","HX","wX","sX","JX","IX","ZX","tZ","eZ","xX","FX","SX","qJ","iX","rX","WJ","QJ","KX","qX","tX","PX"
2024-12-16 21:18:29 UTC	8192	IN	Data Raw: 22 2c 22 54 43 22 2c 22 77 43 22 2c 22 4d 43 22 2c 22 41 43 22 2c 22 6b 43 22 2c 22 45 43 22 2c 22 4c 43 22 2c 22 4e 67 74 22 2c 22 61 64 22 2c 22 5f 67 74 22 2c 22 66 35 22 2c 22 58 65 22 2c 22 42 6f 22 2c 22 4f 44 22 2c 22 5a 65 22 2c 22 53 74 22 2c 22 43 67 74 22 2c 22 59 67 74 22 2c 22 4f 67 74 22 2c 22 48 6f 22 2c 22 41 67 74 22 2c 22 73 35 22 2c 22 63 35 22 2c 22 4c 44 22 2c 22 64 35 22 2c 22 6c 35 22 2c 22 77 67 74 22 2c 22 4b 50 22 2c 22 70 6c 22 2c 22 7a 35 22 2c 22 6b 67 74 22 2c 22 7a 67 74 22 2c 22 57 67 74 22 2c 22 4b 67 74 22 2c 22 46 67 74 22 2c 22 6a 67 74 22 2c 22 48 67 74 22 2c 22 6d 44 22 2c 22 43 44 22 2c 22 5f 44 22 2c 22 6a 6f 22 2c 22 4c 73 22 2c 22 70 44 22 2c 22 56 6f 22 2c 22 64 44 22 2c 22 66 44 22 2c 22 6c 44 22 2c 22 75 44 22 Data Ascii: ","TC","wC","MC","AC","kC","EC","LC","Ngt","ad","_gt","f5","Xe","Bo","OD","Ze","St","Cgt","Ygt","Ogt","Ho","Agt","s5","c5","LD","d5","l5","wgt","KP","pl","z5","kgt","zgt","Wgt","Kgt","Fgt","jgt","Hgt","mD","CD","_D","jo","Ls","pD","Vo","dD","fD","lD","uD"
2024-12-16 21:18:29 UTC	8192	IN	Data Raw: 6c 6c 7d 2c 22 53 50 4c 49 53 54 46 4f 52 49 54 45 4d 53 53 43 4f 50 45 22 3a 7b 22 73 63 72 69 70 74 50 61 74 68 44 61 74 61 22 3a 7b 22 61 72 69 61 2d 6d 69 6e 69 22 3a 22 61 72 69 61 2d 6d 69 6e 69 2d 62 31 64 33 65 62 32 65 22 2c 22 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 22 3a 22 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 2d 30 39 34 38 30 36 30 34 22 2c 22 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 2e 72 65 73 78 22 3a 22 65 6e 2d 75 73 2f 63 75 73 74 6f 6d 66 6f 72 6d 61 74 74 65 72 2d 6d 69 6e 69 2e 72 65 73 78 2d 31 35 34 31 31 37 31 32 22 2c 22 72 6f 6f 73 74 65 72 65 64 69 74 6f 72 2d 6d 69 6e 69 22 3a 22 72 6f 6f 73 74 65 72 65 64 69 74 6f 72 2d 6d 69 6e 69 2d 36 32 30 36 66 66 34 62 22 2c Data Ascii: ll},"SPLISTFORITEMSSCOPE":{"scriptPathData":{"aria-mini":"aria-mini-b1d3eb2e","customformatter-mini":"customformatter-mini-09480604","customformatter-mini.resx":"en-us/customformatter-mini.resx-15411712","roostereditor-mini":"roostereditor-mini-6206ff4b",

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:29 UTC	2322	OUT	POST /personal/stella_pabon_ustabuca_edu_co/_api/v2.1/graphql HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive Content-Length: 507 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" accept: application/json;odata=verbose Content-Type: application/json;odata=verbose X-ServiceWorker-Strategy: CacheFirst sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://mailustabucaedu-my.sharepoint.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?ga=1&id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:29 UTC	507	OUT	Data Raw: 7b 22 71 75 65 72 79 22 3a 22 71 75 65 72 79 20 28 5c 6e 20 20 20 20 20 20 20 20 24 73 70 6f 53 75 69 74 65 4c 69 6e 6b 73 51 75 65 72 79 53 74 72 69 6e 67 3a 20 53 74 72 69 6e 67 21 5c 6e 20 20 20 20 20 20 20 20 29 5c 6e 20 20 20 20 20 20 7b 5c 6e 20 20 20 20 20 20 5c 6e 20 20 20 20 20 20 6c 65 67 61 63 79 20 7b 5c 6e 20 20 20 20 20 20 73 70 6f 53 75 69 74 65 4c 69 6e 6b 73 28 5c 6e 20 20 20 20 20 20 71 75 65 72 79 53 74 72 69 6e 67 3a 20 24 73 70 6f 53 75 69 74 65 4c 69 6e 6b 73 51 75 65 72 79 53 74 72 69 6e 67 5c 6e 20 20 20 20 20 20 29 20 20 20 20 20 20 20 20 20 20 5c 6e 20 20 20 20 20 20 5c 6e 20 20 20 20 7d 5c 6e 20 20 20 20 20 20 5c 6e 20 20 20 20 20 20 5c 6e 20 20 70 65 72 66 20 7b 5c 6e 20 20 20 20 65 78 65 63 75 74 69 6f 6e 54 69 6d 65 5c 6e 20 Data Ascii: {"query":"query (\n $spoSuiteLinksQueryString: String!\n )\n {\n \n legacy {\n spoSuiteLinks(\n queryString: $spoSuiteLinksQueryString\n ) \n \n }\n \n \n perf {\n executionTime\n
2024-12-16 21:18:29 UTC	3199	IN	HTTP/1.1 200 OK Cache-Control: private Content-Length: 25942 Content-Type: application/json P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,525568,0,0,50461,0,70045,7 X-SharePointHealthScore: 3 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 31386ea1-4017-0000-51c1-3761f6216c05 request-id: 31386ea1-4017-0000-51c1-3761f6216c05 MS-CV: oW44MRdAAABRwTdh9iFsBQ.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5c&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 6AAB6F059C034AFB8F6D6EFEED25A9F2 Ref B: EWR311000106045 Ref C: 2024-12-16T21:18:29Z Date: Mon, 16 Dec 2024 21:18:28 GMT Connection: close
2024-12-16 21:18:29 UTC	3364	IN	Data Raw: 7b 22 64 61 74 61 22 3a 7b 22 6c 65 67 61 63 79 22 3a 7b 22 73 70 6f 53 75 69 74 65 4c 69 6e 6b 73 22 3a 7b 0a 20 22 53 50 53 75 69 74 65 56 65 72 73 69 6f 6e 22 3a 32 2c 0a 20 22 53 50 49 73 4d 6f 62 69 6c 65 22 3a 66 61 6c 73 65 2c 0a 20 22 43 73 73 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 72 65 73 2d 31 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 2f 73 68 65 6c 6c 75 78 2f 73 75 69 74 65 75 78 2e 73 68 65 6c 6c 2e 73 68 61 72 65 64 2e 33 38 34 61 61 63 65 35 66 39 38 61 38 36 32 32 66 34 32 31 63 66 35 39 39 33 35 37 62 36 38 64 2e 63 73 73 22 2c 0a 20 22 4a 73 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 72 65 73 2d 31 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 2f 73 68 65 6c 6c 75 78 2f 73 75 69 74 65 75 78 2e 73 68 65 6c 6c 2e 62 6f 6f 74 73 74 72 Data Ascii: {"data":{"legacy":{"spoSuiteLinks":{ "SPSuiteVersion":2, "SPIsMobile":false, "CssUrl":"https://res-1.cdn.office.net/shellux/suiteux.shell.shared.384aace5f98a8622f421cf599357b68d.css", "JsUrl":"https://res-1.cdn.office.net/shellux/suiteux.shell.bootstr
2024-12-16 21:18:29 UTC	8192	IN	Data Raw: 44 69 73 61 62 6c 65 64 5c 22 3a 66 61 6c 73 65 2c 5c 22 4d 6f 72 65 41 70 70 44 61 74 61 41 76 61 69 6c 61 62 6c 65 5c 22 3a 66 61 6c 73 65 2c 5c 22 4d 6f 72 65 44 6f 63 73 55 72 6c 5c 22 3a 5c 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 6d 69 63 72 6f 73 6f 66 74 33 36 35 2e 63 6f 6d 2f 6d 79 63 6f 6e 74 65 6e 74 3f 61 75 74 68 3d 32 26 68 6f 6d 65 3d 31 26 73 65 63 74 69 6f 6e 3d 72 65 63 65 6e 74 64 6f 63 73 5c 22 2c 5c 22 4d 72 75 4f 61 75 74 68 45 6e 64 70 6f 69 6e 74 55 72 6c 5c 22 3a 5c 22 68 74 74 70 73 3a 2f 2f 6f 63 77 73 2e 6f 66 66 69 63 65 61 70 70 73 2e 6c 69 76 65 2e 63 6f 6d 2f 6f 63 73 2f 64 6f 63 73 2f 72 65 63 65 6e 74 5c 22 2c 5c 22 4d 72 75 4f 61 75 74 68 52 65 73 6f 75 72 63 65 55 72 6c 5c 22 3a 5c 22 68 74 74 70 73 3a 2f 2f 61 70 69 2e Data Ascii: Disabled\":false,\"MoreAppDataAvailable\":false,\"MoreDocsUrl\":\"https://www.microsoft365.com/mycontent?auth=2&home=1&section=recentdocs\",\"MruOauthEndpointUrl\":\"https://ocws.officeapps.live.com/ocs/docs/recent\",\"MruOauthResourceUrl\":\"https://api.
2024-12-16 21:18:29 UTC	1751	IN	Data Raw: 6f 33 36 35 69 63 6f 6e 73 5f 77 6f 66 66 5c 22 3a 5c 22 68 74 74 70 73 3a 2f 2f 72 65 73 2d 31 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 2f 73 68 65 6c 6c 75 78 2f 6f 33 36 35 69 63 6f 6e 73 2e 77 6f 66 66 5c 22 2c 5c 22 6f 33 36 35 73 68 61 72 65 64 5f 63 73 73 5c 22 3a 5c 22 68 74 74 70 73 3a 2f 2f 72 65 73 2d 31 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 2f 73 68 65 6c 6c 75 78 2f 6f 33 36 35 73 68 61 72 65 64 2e 63 73 73 5c 22 2c 5c 22 6f 33 36 35 73 68 61 72 65 64 5f 6a 73 5c 22 3a 5c 22 68 74 74 70 73 3a 2f 2f 72 65 73 2d 31 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 2f 73 68 65 6c 6c 75 78 2f 6f 33 36 35 73 68 61 72 65 64 2e 6a 73 5c 22 2c 5c 22 6f 33 36 35 73 68 61 72 65 64 63 6c 75 73 74 65 72 65 64 69 6d 61 67 65 5f 70 6e 67 5c 22 3a 5c Data Ascii: o365icons_woff\":\"https://res-1.cdn.office.net/shellux/o365icons.woff\",\"o365shared_css\":\"https://res-1.cdn.office.net/shellux/o365shared.css\",\"o365shared_js\":\"https://res-1.cdn.office.net/shellux/o365shared.js\",\"o365sharedclusteredimage_png\":\
2024-12-16 21:18:29 UTC	8192	IN	Data Raw: 68 61 72 65 70 6f 69 6e 74 5c 22 7d 22 2c 22 43 6f 6d 6d 75 6e 69 74 79 4c 69 6e 6b 22 3a 7b 22 42 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 22 3a 6e 75 6c 6c 2c 22 42 72 61 6e 64 42 61 72 54 65 78 74 22 3a 6e 75 6c 6c 2c 22 46 6f 6e 74 49 63 6f 6e 43 73 73 22 3a 6e 75 6c 6c 2c 22 49 64 22 3a 22 53 68 65 6c 6c 43 6f 6d 6d 75 6e 69 74 79 22 2c 22 4d 65 6e 75 4e 61 6d 65 22 3a 6e 75 6c 6c 2c 22 53 65 72 76 69 63 65 49 64 22 3a 6e 75 6c 6c 2c 22 53 75 62 4c 69 6e 6b 73 22 3a 6e 75 6c 6c 2c 22 54 61 72 67 65 74 57 69 6e 64 6f 77 22 3a 22 5f 62 6c 61 6e 6b 22 2c 22 54 65 78 74 22 3a 22 43 6f 6d 6d 75 6e 69 74 79 22 2c 22 54 69 74 6c 65 22 3a 22 43 6f 6d 6d 75 6e 69 74 79 22 2c 22 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 61 6e 73 77 65 72 73 2e 6d 69 63 72 6f Data Ascii: harepoint\"}","CommunityLink":{"BackgroundColor":null,"BrandBarText":null,"FontIconCss":null,"Id":"ShellCommunity","MenuName":null,"ServiceId":null,"SubLinks":null,"TargetWindow":"_blank","Text":"Community","Title":"Community","Url":"https://answers.micro
2024-12-16 21:18:29 UTC	4443	IN	Data Raw: 61 66 48 4f 51 31 72 48 45 36 65 78 72 71 77 6c 6c 4a 78 50 52 31 4b 64 76 46 32 6d 43 41 5a 2f 72 67 72 75 64 49 55 55 79 4a 67 56 6f 35 2b 38 63 63 4b 73 65 4f 47 56 62 4d 6a 7a 65 44 58 78 45 43 59 66 4e 64 4e 72 76 58 73 4a 75 70 6d 36 54 55 43 34 4b 72 78 2b 77 71 55 79 73 79 32 65 37 4d 50 36 66 2f 30 44 72 4e 4f 71 6b 63 52 73 68 37 62 6a 51 50 50 42 5a 45 79 62 30 34 71 37 68 36 56 67 53 39 4d 2f 63 4e 4e 50 78 73 6c 43 34 58 4b 35 35 49 4e 54 65 58 6d 35 4c 44 41 35 55 36 66 67 74 75 51 42 6d 4e 35 2f 41 42 62 63 65 52 71 70 4c 63 43 5a 5a 73 6a 66 6a 42 54 64 76 46 47 4f 7a 31 4b 49 61 36 31 4c 68 67 37 30 78 74 46 45 39 55 4b 65 2f 4a 32 46 79 76 43 57 76 77 7a 55 4d 41 49 72 75 6d 43 48 63 46 71 4f 38 31 2f 51 55 6a 35 77 4b 6c 4a 44 52 52 4a Data Ascii: afHOQ1rHE6exrqwllJxPR1KdvF2mCAZ/rgrudIUUyJgVo5+8ccKseOGVbMjzeDXxECYfNdNrvXsJupm6TUC4Krx+wqUysy2e7MP6f/0DrNOqkcRsh7bjQPPBZEyb04q7h6VgS9M/cNNPxslC4XK55INTeXm5LDA5U6fgtuQBmN5/ABbceRqpLcCZZsjfjBTdvFGOz1KIa61Lhg70xtFE9UKe/J2FyvCWvwzUMAIrumCHcFqO81/QUj5wKlJDRRJ

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:31 UTC	1792	OUT	GET /personal/stella_pabon_ustabuca_edu_co/_api/v2.1/graphql HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:31 UTC	3200	IN	HTTP/1.1 200 OK Cache-Control: private Content-Length: 87 Content-Type: application/json P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,525568,0,21,2132439,0,363973,7 X-SharePointHealthScore: 3 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 31386ea1-d0ab-0000-51c1-35906aa5a2e7 request-id: 31386ea1-d0ab-0000-51c1-35906aa5a2e7 MS-CV: oW44MavQAABRwTWQaqWi5w.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 0183C2B003A147019B73DA4AB7A7A6DB Ref B: EWR311000104035 Ref C: 2024-12-16T21:18:31Z Date: Mon, 16 Dec 2024 21:18:30 GMT Connection: close
2024-12-16 21:18:31 UTC	87	IN	Data Raw: 7b 22 65 72 72 6f 72 73 22 3a 5b 7b 22 6d 65 73 73 61 67 65 22 3a 22 41 20 71 75 65 72 79 20 69 73 20 72 65 71 75 69 72 65 64 2e 22 2c 22 65 78 74 65 6e 73 69 6f 6e 73 22 3a 7b 22 63 6f 64 65 22 3a 22 45 58 45 43 55 54 49 4f 4e 5f 45 52 52 4f 52 22 7d 7d 5d 7d Data Ascii: {"errors":[{"message":"A query is required.","extensions":{"code":"EXECUTION_ERROR"}}]}

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:34 UTC	2846	OUT	POST /personal/stella_pabon_ustabuca_edu_co/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%27&RootFolder=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe&TryNewExperienceSingle=TRUE HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive Content-Length: 201 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" X-Service-Worker-Prefetch-And-Coalesce: true sec-ch-ua-mobile: ?0 Authorization: Bearer User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 CollectSPPerfMetrics: SPSQLQueryCount Content-Type: application/json;odata=verbose accept: application/json;odata=verbose X-SP-REQUESTRESOURCES: listUrl=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments X-ServiceWorker-Strategy: CacheFirst sec-ch-ua-platform: "Windows" Origin: https://mailustabucaedu-my.sharepoint.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?ga=1&id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:34 UTC	201	OUT	Data Raw: 7b 22 70 61 72 61 6d 65 74 65 72 73 22 3a 7b 22 5f 5f 6d 65 74 61 64 61 74 61 22 3a 7b 22 74 79 70 65 22 3a 22 53 50 2e 52 65 6e 64 65 72 4c 69 73 74 44 61 74 61 50 61 72 61 6d 65 74 65 72 73 22 7d 2c 22 52 65 6e 64 65 72 4f 70 74 69 6f 6e 73 22 3a 35 36 39 31 31 34 33 2c 22 41 6c 6c 6f 77 4d 75 6c 74 69 70 6c 65 56 61 6c 75 65 46 69 6c 74 65 72 46 6f 72 54 61 78 6f 6e 6f 6d 79 46 69 65 6c 64 73 22 3a 74 72 75 65 2c 22 41 64 64 52 65 71 75 69 72 65 64 46 69 65 6c 64 73 22 3a 74 72 75 65 2c 22 52 65 71 75 69 72 65 46 6f 6c 64 65 72 43 6f 6c 6f 72 69 6e 67 46 69 65 6c 64 73 22 3a 74 72 75 65 7d 7d Data Ascii: {"parameters":{"__metadata":{"type":"SP.RenderListDataParameters"},"RenderOptions":5691143,"AllowMultipleValueFilterForTaxonomyFields":true,"AddRequiredFields":true,"RequireFolderColoringFields":true}}
2024-12-16 21:18:35 UTC	3591	IN	HTTP/1.1 200 OK Cache-Control: private, max-age=0 Transfer-Encoding: chunked Content-Type: application/json; charset=utf-8 Expires: Sun, 01 Dec 2024 21:18:34 GMT Last-Modified: Mon, 16 Dec 2024 21:18:34 GMT Vary: Origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] Set-Cookie: CannotPreviewLists=1; expires=Tue, 17-Dec-2024 21:18:35 GMT; path=/personal/stella_pabon_ustabuca_edu_co/Documents; secure X-NetworkStatistics: 0,1051136,6564,30,4387915,0,1051136,7 X-SharePointHealthScore: 2 X-SP-SERVERSTATE: ReadOnly=0 DATASERVICEVERSION: 3.0 SPClientServiceRequestDuration: 165 SPRequestDuration: 165 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 32386ea1-e078-0000-51c1-37475637ad16 request-id: 32386ea1-e078-0000-51c1-37475637ad16 MS-CV: oW44MnjgAABRwTdHVjetFg.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 3C30608E10554A6EA57BA88E6400F5FF Ref B: EWR311000104023 Ref C: 2024-12-16T21:18:34Z Date: Mon, 16 Dec 2024 21:18:34 GMT Connection: close
2024-12-16 21:18:35 UTC	2645	IN	Data Raw: 61 34 65 0d 0a 7b 22 77 70 71 22 3a 22 22 2c 22 54 65 6d 70 6c 61 74 65 73 22 3a 7b 7d 2c 22 4c 69 73 74 44 61 74 61 22 3a 7b 20 22 52 6f 77 22 20 3a 20 0a 5b 5d 2c 22 46 69 72 73 74 52 6f 77 22 20 3a 20 31 2c 0d 0a 22 46 6f 6c 64 65 72 50 65 72 6d 69 73 73 69 6f 6e 73 22 20 3a 20 22 30 78 33 30 30 38 30 33 31 30 32 37 22 0d 0a 2c 22 4c 61 73 74 52 6f 77 22 20 3a 20 30 2c 0d 0a 22 52 6f 77 4c 69 6d 69 74 22 20 3a 20 33 30 0d 0a 2c 22 46 69 6c 74 65 72 4c 69 6e 6b 22 20 3a 20 22 3f 52 6f 6f 74 46 6f 6c 64 65 72 3d 25 32 46 70 65 72 73 6f 6e 61 6c 25 32 46 73 74 65 6c 6c 61 25 35 46 70 61 62 6f 6e 25 35 46 75 73 74 61 62 75 63 61 25 35 46 65 64 75 25 35 46 63 6f 25 32 46 44 6f 63 75 6d 65 6e 74 73 25 32 46 5a 69 70 25 32 46 41 6e 79 44 65 73 6b 25 32 45 65 Data Ascii: a4e{"wpq":"","Templates":{},"ListData":{ "Row" : [],"FirstRow" : 1,"FolderPermissions" : "0x3008031027","LastRow" : 0,"RowLimit" : 30,"FilterLink" : "?RootFolder=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Ee
2024-12-16 21:18:35 UTC	1721	IN	Data Raw: 36 62 32 0d 0a 22 7d 0a 2c 7b 22 4e 61 6d 65 22 3a 20 22 45 64 69 74 6f 72 22 2c 0a 22 46 69 65 6c 64 54 79 70 65 22 3a 20 22 55 73 65 72 22 2c 0a 22 52 65 61 6c 46 69 65 6c 64 4e 61 6d 65 22 3a 20 22 45 64 69 74 6f 72 22 2c 0a 22 44 69 73 70 6c 61 79 4e 61 6d 65 22 3a 20 22 4d 6f 64 69 66 69 63 61 64 6f 20 70 6f 72 22 2c 0a 22 49 44 22 3a 20 22 64 33 31 36 35 35 64 31 2d 31 64 35 62 2d 34 35 31 31 2d 39 35 61 31 2d 37 61 30 39 65 39 62 37 35 62 66 32 22 2c 0a 22 53 74 61 74 69 63 4e 61 6d 65 22 3a 20 22 45 64 69 74 6f 72 22 2c 0a 22 52 65 61 64 4f 6e 6c 79 22 3a 20 22 54 52 55 45 22 2c 0a 22 72 6f 6c 65 22 3a 20 22 55 73 65 72 22 2c 0a 22 61 72 69 61 4c 61 62 65 6c 22 3a 20 22 4d 6f 64 69 66 69 63 61 64 6f 20 70 6f 72 22 2c 0a 22 46 72 6f 6d 42 61 73 65 Data Ascii: 6b2"},{"Name": "Editor","FieldType": "User","RealFieldName": "Editor","DisplayName": "Modificado por","ID": "d31655d1-1d5b-4511-95a1-7a09e9b75bf2","StaticName": "Editor","ReadOnly": "TRUE","role": "User","ariaLabel": "Modificado por","FromBase
2024-12-16 21:18:35 UTC	4046	IN	Data Raw: 66 63 37 0d 0a 75 59 67 52 30 63 6e 56 6c 63 6d 45 77 61 43 35 6d 66 47 31 6c 62 57 4a 6c 63 6e 4e 6f 61 58 42 38 64 58 4a 75 4a 54 4e 68 63 33 42 76 4a 54 4e 68 59 57 35 76 62 69 4d 32 4f 57 4e 69 5a 54 51 33 59 54 63 32 4e 7a 51 30 5a 6a 4d 33 4e 7a 6b 35 5a 6a 6b 7a 4d 54 64 6d 5a 6d 4a 6c 59 7a 52 69 59 54 6c 6c 5a 6a 45 77 59 54 64 69 4e 57 4a 6b 4f 54 56 6c 4e 54 6c 68 4e 6a 68 6c 4d 7a 4a 6d 4d 6d 51 31 4d 44 4e 6d 59 32 4d 35 65 67 45 77 77 67 46 68 4d 43 4d 75 5a 6e 78 74 5a 57 31 69 5a 58 4a 7a 61 47 6c 77 66 48 56 79 62 69 55 7a 59 58 4e 77 62 79 55 7a 59 57 46 75 62 32 34 6a 4e 6a 6c 6a 59 6d 55 30 4e 32 45 33 4e 6a 63 30 4e 47 59 7a 4e 7a 63 35 4f 57 59 35 4d 7a 45 33 5a 6d 5a 69 5a 57 4d 30 59 6d 45 35 5a 57 59 78 4d 47 45 33 59 6a 56 69 5a Data Ascii: fc7uYgR0cnVlcmEwaC5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiM2OWNiZTQ3YTc2NzQ0ZjM3Nzk5ZjkzMTdmZmJlYzRiYTllZjEwYTdiNWJkOTVlNTlhNjhlMzJmMmQ1MDNmY2M5egEwwgFhMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZ
2024-12-16 21:18:35 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 2e 74 72 61 6e 73 66 6f 72 6d 55 72 6c 22 20 3a 20 22 7b 2e 6d 65 64 69 61 42 61 73 65 55 72 6c 7d 5c 75 30 30 32 66 74 72 61 6e 73 66 6f 72 6d 5c 75 30 30 32 66 7b 2e 6d 65 74 68 6f 64 7d 3f 70 72 6f 76 69 64 65 72 3d 73 70 6f 26 69 6e 70 75 74 46 6f 72 6d 61 74 3d 7b 2e 66 69 6c 65 54 79 70 65 7d 26 63 73 3d 7b 2e 63 61 6c 6c 65 72 53 74 61 63 6b 7d 26 64 6f 63 69 64 3d 7b 2e 73 70 49 74 65 6d 55 72 6c 7d 26 7b 2e 64 72 69 76 65 41 63 63 65 73 73 54 6f 6b 65 6e 7d 22 0d 0a 2c 20 22 2e 74 68 75 6d 62 6e 61 69 6c 55 72 6c 22 20 3a 20 22 7b 2e 6d 65 64 69 61 42 61 73 65 55 72 6c 7d 5c 75 30 30 32 66 74 72 61 6e 73 66 6f 72 6d 5c 75 30 30 32 66 74 68 75 6d 62 6e 61 69 6c 3f 70 72 6f 76 69 64 65 72 3d 73 70 6f 26 69 6e 70 75 74 46 6f 72 6d Data Ascii: 2000.transformUrl" : "{.mediaBaseUrl}\u002ftransform\u002f{.method}?provider=spo&inputFormat={.fileType}&cs={.callerStack}&docid={.spItemUrl}&{.driveAccessToken}", ".thumbnailUrl" : "{.mediaBaseUrl}\u002ftransform\u002fthumbnail?provider=spo&inputForm
2024-12-16 21:18:35 UTC	4154	IN	Data Raw: 31 30 33 32 0d 0a 74 72 75 65 2c 5c 22 73 69 74 65 53 75 62 73 63 72 69 70 74 69 6f 6e 49 64 5c 22 3a 5c 22 66 35 37 61 35 39 34 39 2d 33 37 33 38 2d 34 31 65 66 2d 61 38 36 65 2d 30 30 34 39 30 63 30 38 63 63 62 35 5c 22 2c 5c 22 74 65 6e 61 6e 74 44 69 73 70 6c 61 79 4e 61 6d 65 5c 22 3a 5c 22 55 6e 69 76 65 72 73 69 64 61 64 20 53 61 6e 74 6f 20 54 6f 6d c3 a1 73 20 42 75 63 61 72 61 6d 61 6e 67 61 5c 22 2c 5c 22 69 73 4d 75 6c 74 69 47 65 6f 54 65 6e 61 6e 74 5c 22 3a 66 61 6c 73 65 2c 5c 22 69 73 4d 75 6c 74 69 47 65 6f 4f 44 42 4d 6f 64 65 5c 22 3a 66 61 6c 73 65 2c 5c 22 77 65 62 44 6f 6d 61 69 6e 5c 22 3a 5c 22 73 68 61 72 65 70 6f 69 6e 74 2e 63 6f 6d 5c 22 2c 5c 22 69 73 53 50 4f 5c 22 3a 74 72 75 65 2c 5c 22 61 70 70 53 65 61 74 73 51 75 6f 74 Data Ascii: 1032true,\"siteSubscriptionId\":\"f57a5949-3738-41ef-a86e-00490c08ccb5\",\"tenantDisplayName\":\"Universidad Santo Toms Bucaramanga\",\"isMultiGeoTenant\":false,\"isMultiGeoODBMode\":false,\"webDomain\":\"sharepoint.com\",\"isSPO\":true,\"appSeatsQuot
2024-12-16 21:18:35 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 38 37 34 30 35 33 36 32 2c 2d 32 31 34 33 32 36 38 33 32 30 2c 31 31 31 34 38 38 30 2c 32 32 34 34 37 34 35 2c 35 33 36 39 30 35 37 32 39 2c 33 35 32 5d 2c 5c 22 45 43 53 45 78 70 46 65 61 74 75 72 65 73 5c 22 3a 5b 5c 22 4f 72 67 41 73 73 65 74 73 49 6e 42 43 50 61 67 65 43 6f 6e 74 65 78 74 5c 22 2c 5c 22 53 50 4f 43 6c 69 65 6e 74 43 61 6e 61 72 79 46 6c 69 67 68 74 5c 22 5d 2c 5c 22 65 78 70 65 72 69 6d 65 6e 74 44 61 74 61 5c 22 3a 5c 22 41 41 41 43 41 42 49 41 49 42 45 41 41 41 49 41 49 41 49 6e 63 53 41 42 45 42 41 51 59 58 63 43 45 41 41 58 49 68 41 41 49 41 41 53 45 41 41 67 45 48 41 42 41 51 42 79 49 41 49 52 41 42 49 68 41 41 41 43 41 42 41 41 41 47 41 67 41 41 41 67 49 42 45 69 4a 79 41 41 45 41 41 42 45 41 63 41 41 43 45 43 Data Ascii: 200087405362,-2143268320,1114880,2244745,536905729,352],\"ECSExpFeatures\":[\"OrgAssetsInBCPageContext\",\"SPOClientCanaryFlight\"],\"experimentData\":\"AAACABIAIBEAAAIAIAIncSABEBAQYXcCEAAXIhAAIAASEAAgEHABAQByIAIRABIhAAACABAAAGAgAAAgIBEiJyAAEAABEAcAACEC
2024-12-16 21:18:35 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 43 31 32 32 33 32 39 5c 22 3a 74 72 75 65 2c 5c 22 36 39 43 42 41 35 30 35 2d 43 46 43 43 2d 34 35 36 34 2d 42 34 33 44 2d 32 33 31 35 43 45 36 32 44 41 30 33 5c 22 3a 74 72 75 65 2c 5c 22 31 39 33 41 38 41 32 36 2d 30 34 31 33 2d 31 31 45 44 2d 42 39 33 39 2d 30 32 34 32 41 43 31 32 30 30 30 32 5c 22 3a 74 72 75 65 2c 5c 22 45 41 35 36 36 38 35 43 2d 32 38 32 44 2d 34 41 33 31 2d 39 31 38 38 2d 43 46 45 41 39 42 35 39 33 32 39 45 5c 22 3a 74 72 75 65 2c 5c 22 30 41 36 38 38 30 46 39 2d 33 36 44 34 2d 34 39 39 34 2d 42 36 39 33 2d 45 43 44 35 44 41 36 46 31 41 43 36 5c 22 3a 74 72 75 65 2c 5c 22 36 30 45 45 33 35 45 45 2d 33 45 37 34 2d 34 45 34 44 2d 42 35 31 41 2d 30 45 46 42 33 38 31 32 37 30 30 33 5c 22 3a 74 72 75 65 2c 5c 22 41 33 Data Ascii: 2000C122329\":true,\"69CBA505-CFCC-4564-B43D-2315CE62DA03\":true,\"193A8A26-0413-11ED-B939-0242AC120002\":true,\"EA56685C-282D-4A31-9188-CFEA9B59329E\":true,\"0A6880F9-36D4-4994-B693-ECD5DA6F1AC6\":true,\"60EE35EE-3E74-4E4D-B51A-0EFB38127003\":true,\"A3
2024-12-16 21:18:35 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 43 43 38 5c 22 3a 74 72 75 65 2c 5c 22 32 30 45 41 37 38 45 30 2d 34 39 35 39 2d 34 37 38 43 2d 42 38 34 38 2d 38 46 41 39 37 32 42 39 38 39 44 34 5c 22 3a 74 72 75 65 2c 5c 22 34 30 35 31 42 42 37 43 2d 33 34 39 32 2d 30 39 36 32 2d 39 37 37 35 2d 42 45 46 42 32 30 42 42 45 36 46 31 5c 22 3a 74 72 75 65 2c 5c 22 37 31 46 44 34 38 30 46 2d 36 41 38 44 2d 34 44 37 44 2d 38 42 43 31 2d 44 36 41 37 41 31 41 38 38 42 33 38 5c 22 3a 74 72 75 65 2c 5c 22 35 43 42 30 39 36 44 33 2d 32 33 45 33 2d 34 46 39 42 2d 42 41 43 46 2d 39 39 33 32 36 39 38 35 37 42 42 44 5c 22 3a 74 72 75 65 2c 5c 22 30 42 34 41 42 43 46 44 2d 35 38 37 37 2d 34 42 45 32 2d 42 46 35 31 2d 45 42 36 30 42 42 30 39 46 37 38 46 5c 22 3a 74 72 75 65 2c 5c 22 43 35 45 46 32 42 Data Ascii: 2000CC8\":true,\"20EA78E0-4959-478C-B848-8FA972B989D4\":true,\"4051BB7C-3492-0962-9775-BEFB20BBE6F1\":true,\"71FD480F-6A8D-4D7D-8BC1-D6A7A1A88B38\":true,\"5CB096D3-23E3-4F9B-BACF-993269857BBD\":true,\"0B4ABCFD-5877-4BE2-BF51-EB60BB09F78F\":true,\"C5EF2B
2024-12-16 21:18:35 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 22 3a 74 72 75 65 2c 5c 22 42 39 30 44 41 35 46 39 2d 42 41 37 35 2d 34 42 43 43 2d 41 33 45 30 2d 39 46 39 41 42 45 30 36 46 46 35 39 5c 22 3a 74 72 75 65 2c 5c 22 32 46 34 44 39 30 43 42 2d 33 44 38 30 2d 34 43 32 35 2d 42 39 37 39 2d 38 35 33 39 34 43 45 39 39 42 30 42 5c 22 3a 74 72 75 65 2c 5c 22 38 32 42 42 39 44 35 31 2d 44 34 45 32 2d 34 42 32 42 2d 39 31 32 43 2d 34 30 39 35 43 34 32 39 35 35 42 36 5c 22 3a 74 72 75 65 2c 5c 22 44 33 33 42 36 45 36 45 2d 44 43 46 43 2d 34 39 30 46 2d 39 37 41 31 2d 32 42 45 41 34 39 43 35 37 30 34 32 5c 22 3a 74 72 75 65 2c 5c 22 43 42 32 33 46 36 38 41 2d 38 41 37 32 2d 34 41 30 34 2d 39 33 44 30 2d 37 30 36 44 44 38 31 41 36 41 35 33 5c 22 3a 74 72 75 65 2c 5c 22 33 41 42 32 45 35 42 31 2d 41 Data Ascii: 2000":true,\"B90DA5F9-BA75-4BCC-A3E0-9F9ABE06FF59\":true,\"2F4D90CB-3D80-4C25-B979-85394CE99B0B\":true,\"82BB9D51-D4E2-4B2B-912C-4095C42955B6\":true,\"D33B6E6E-DCFC-490F-97A1-2BEA49C57042\":true,\"CB23F68A-8A72-4A04-93D0-706DD81A6A53\":true,\"3AB2E5B1-A

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:37 UTC	2113	OUT	GET /personal/stella_pabon_ustabuca_edu_co/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%27&RootFolder=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe&TryNewExperienceSingle=TRUE HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:37 UTC	3463	IN	HTTP/1.1 405 Method Not Allowed Cache-Control: private, max-age=0 Transfer-Encoding: chunked Content-Type: application/xml;charset=utf-8 Expires: Sun, 01 Dec 2024 21:18:37 GMT Last-Modified: Mon, 16 Dec 2024 21:18:37 GMT Vary: Origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,1051136,0,36,1569481,0,650727,7 X-SharePointHealthScore: 3 X-SP-SERVERSTATE: ReadOnly=0 DATASERVICEVERSION: 3.0 SPClientServiceRequestDuration: 20 SPRequestDuration: 20 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 33386ea1-b02a-0000-5773-0f9319427b7c request-id: 33386ea1-b02a-0000-5773-0f9319427b7c MS-CV: oW44MyqwAABXcw+TGUJ7fA.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5d&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: C5D147850EEF4A219D8B1F96CE984BDF Ref B: EWR311000108011 Ref C: 2024-12-16T21:18:37Z Date: Mon, 16 Dec 2024 21:18:37 GMT Connection: close
2024-12-16 21:18:37 UTC	454	IN	Data Raw: 31 62 66 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 6d 3a 65 72 72 6f 72 20 78 6d 6c 6e 73 3a 6d 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 61 64 6f 2f 32 30 30 37 2f 30 38 2f 64 61 74 61 73 65 72 76 69 63 65 73 2f 6d 65 74 61 64 61 74 61 22 3e 3c 6d 3a 63 6f 64 65 3e 2d 31 2c 20 4d 69 63 72 6f 73 6f 66 74 2e 53 68 61 72 65 50 6f 69 6e 74 2e 43 6c 69 65 6e 74 2e 43 6c 69 65 6e 74 53 65 72 76 69 63 65 45 78 63 65 70 74 69 6f 6e 3c 2f 6d 3a 63 6f 64 65 3e 3c 6d 3a 6d 65 73 73 61 67 65 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 73 2d 45 53 22 3e 45 6c 20 6d c3 a9 74 6f 64 6f 20 48 54 54 50 20 27 47 45 54 27 20 6e 6f 20 73 65 20 70 75 65 Data Ascii: 1bf<?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code>-1, Microsoft.SharePoint.Client.ClientServiceException</m:code><m:message xml:lang="es-ES">El mtodo HTTP 'GET' no se pue
2024-12-16 21:18:37 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://mailustabucaedu-my.sharepoint.com/:u:/g/personal/stella_pabon_ustabuca_edu_co/EWCk8BqICKBBrExz32n-PvYBCVoLK4PToNCGKPT0vElGYg?e=w0tQWE

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

C:\Users\user\Downloads\1549404d-188e-455a-9048-dc28113dbe04.tmp

C:\Users\user\Downloads\26b4d6e4-33a7-4780-8196-aeb99b2ba549.tmp

C:\Users\user\Downloads\AnyDesk.exe (1).zip (copy)

C:\Users\user\Downloads\AnyDesk.exe (1).zip.crdownload (copy)

C:\Users\user\Downloads\AnyDesk.exe.zip (copy)

C:\Users\user\Downloads\AnyDesk.exe.zip.crdownload (copy)

C:\Users\user\Downloads\Unconfirmed 949493.crdownload

C:\Users\user\Downloads\f7d462d4-4ecc-41fe-a5de-1499edfbcbbe.tmp

Chrome Cache Entry: 1000

Chrome Cache Entry: 1001

Chrome Cache Entry: 1002

Chrome Cache Entry: 1003

Chrome Cache Entry: 1004

Chrome Cache Entry: 1005

Chrome Cache Entry: 1006

Chrome Cache Entry: 1007

Chrome Cache Entry: 1008

Windows Analysis Report
https://mailustabucaedu-my.sharepoint.com/:u:/g/personal/stella_pabon_ustabuca_edu_co/EWCk8BqICKBBrExz32n-PvYBCVoLK4PToNCGKPT0vElGYg?e=w0tQWE

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:39 UTC	2947	OUT	POST /personal/stella_pabon_ustabuca_edu_co/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%27&TryNewExperienceSingle=TRUE HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive Content-Length: 821 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" x-ms-cc: t ScenarioType: AUO sec-ch-ua-mobile: ?0 Authorization: Bearer User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 CollectSPPerfMetrics: SPSQLQueryCount Content-Type: application/json;odata=verbose accept: application/json;odata=verbose X-ClientService-ClientTag: ODB Web X-SP-REQUESTRESOURCES: listUrl=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments X-ServiceWorker-Strategy: CacheFirst x-requestdigest: 0x29A93D023DAE36CEBEF3D42E0F318FE8DAB60437A331512B9F3EBCFA7D18C078DC2860F897FBCC02CB92E625C964FBA17C4BE11E681396FB213668F085951622,16 Dec 2024 21:18:23 -0000 sec-ch-ua-platform: "Windows" Origin: https://mailustabucaedu-my.sharepoint.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?ga=1&id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:39 UTC	821	OUT	Data Raw: 7b 22 70 61 72 61 6d 65 74 65 72 73 22 3a 7b 22 5f 5f 6d 65 74 61 64 61 74 61 22 3a 7b 22 74 79 70 65 22 3a 22 53 50 2e 52 65 6e 64 65 72 4c 69 73 74 44 61 74 61 50 61 72 61 6d 65 74 65 72 73 22 7d 2c 22 52 65 6e 64 65 72 4f 70 74 69 6f 6e 73 22 3a 31 30 35 32 36 37 39 2c 22 56 69 65 77 58 6d 6c 22 3a 22 3c 56 69 65 77 20 3e 3c 51 75 65 72 79 3e 3c 2f 51 75 65 72 79 3e 3c 56 69 65 77 46 69 65 6c 64 73 3e 3c 46 69 65 6c 64 52 65 66 20 4e 61 6d 65 3d 5c 22 44 6f 63 49 63 6f 6e 5c 22 2f 3e 3c 46 69 65 6c 64 52 65 66 20 4e 61 6d 65 3d 5c 22 4c 69 6e 6b 46 69 6c 65 6e 61 6d 65 5c 22 2f 3e 3c 46 69 65 6c 64 52 65 66 20 4e 61 6d 65 3d 5c 22 4d 6f 64 69 66 69 65 64 5c 22 2f 3e 3c 46 69 65 6c 64 52 65 66 20 4e 61 6d 65 3d 5c 22 45 64 69 74 6f 72 5c 22 2f 3e 3c 46 Data Ascii: {"parameters":{"__metadata":{"type":"SP.RenderListDataParameters"},"RenderOptions":1052679,"ViewXml":"<View ><Query></Query><ViewFields><FieldRef Name=\"DocIcon\"/><FieldRef Name=\"LinkFilename\"/><FieldRef Name=\"Modified\"/><FieldRef Name=\"Editor\"/><F
2024-12-16 21:18:40 UTC	3451	IN	HTTP/1.1 200 OK Cache-Control: private, max-age=0 Transfer-Encoding: chunked Content-Type: application/json; charset=utf-8 Expires: Sun, 01 Dec 2024 21:18:39 GMT Last-Modified: Mon, 16 Dec 2024 21:18:39 GMT Vary: Origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,1051136,56,13,5829213,0,1051136,7 X-SharePointHealthScore: 2 X-SP-SERVERSTATE: ReadOnly=0 DATASERVICEVERSION: 3.0 SPClientServiceRequestDuration: 53 SPRequestDuration: 54 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 33386ea1-00a8-0000-51c1-388780680fd5 request-id: 33386ea1-00a8-0000-51c1-388780680fd5 MS-CV: oW44M6gAAABRwTiHgGgP1Q.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 3B5EF99095EB4B02BE4AD785BE3D3928 Ref B: EWR311000103031 Ref C: 2024-12-16T21:18:39Z Date: Mon, 16 Dec 2024 21:18:39 GMT Connection: close
2024-12-16 21:18:40 UTC	720	IN	Data Raw: 32 63 39 0d 0a 7b 22 77 70 71 22 3a 22 22 2c 22 54 65 6d 70 6c 61 74 65 73 22 3a 7b 7d 2c 22 4c 69 73 74 44 61 74 61 22 3a 7b 20 22 52 6f 77 22 20 3a 20 0a 5b 5d 2c 22 46 69 72 73 74 52 6f 77 22 20 3a 20 31 2c 0d 0a 22 46 6f 6c 64 65 72 50 65 72 6d 69 73 73 69 6f 6e 73 22 20 3a 20 22 30 78 33 30 30 38 30 31 31 30 30 30 22 0d 0a 2c 22 4c 61 73 74 52 6f 77 22 20 3a 20 30 2c 0d 0a 22 52 6f 77 4c 69 6d 69 74 22 20 3a 20 31 0d 0a 2c 22 46 69 6c 74 65 72 4c 69 6e 6b 22 20 3a 20 22 3f 22 0a 2c 22 46 6f 72 63 65 4e 6f 48 69 65 72 61 72 63 68 79 22 20 3a 20 22 31 22 0a 2c 22 48 69 65 72 61 72 63 68 79 48 61 73 49 6e 64 65 6e 74 69 6f 6e 22 20 3a 20 22 22 0a 2c 22 43 75 72 72 65 6e 74 46 6f 6c 64 65 72 50 72 69 6e 63 69 70 61 6c 43 6f 75 6e 74 22 20 3a 20 22 30 22 Data Ascii: 2c9{"wpq":"","Templates":{},"ListData":{ "Row" : [],"FirstRow" : 1,"FolderPermissions" : "0x3008011000","LastRow" : 0,"RowLimit" : 1,"FilterLink" : "?","ForceNoHierarchy" : "1","HierarchyHasIndention" : "","CurrentFolderPrincipalCount" : "0"
2024-12-16 21:18:40 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 72 73 50 61 6e 65 22 3a 20 22 46 41 4c 53 45 22 2c 0a 22 53 68 6f 77 49 6e 46 69 6c 74 65 72 73 50 61 6e 65 22 3a 20 22 41 75 74 6f 22 7d 0a 2c 7b 22 4e 61 6d 65 22 3a 20 22 4c 69 6e 6b 46 69 6c 65 6e 61 6d 65 22 2c 0a 22 46 69 65 6c 64 54 79 70 65 22 3a 20 22 43 6f 6d 70 75 74 65 64 22 2c 0a 22 52 65 61 6c 46 69 65 6c 64 4e 61 6d 65 22 3a 20 22 46 69 6c 65 4c 65 61 66 52 65 66 22 2c 0a 22 44 69 73 70 6c 61 79 4e 61 6d 65 22 3a 20 22 4e 6f 6d 62 72 65 22 2c 0a 22 49 44 22 3a 20 22 35 63 63 36 64 63 37 39 2d 33 37 31 30 2d 34 33 37 34 2d 62 34 33 33 2d 36 31 63 62 34 61 36 38 36 63 31 32 22 2c 0a 22 53 74 61 74 69 63 4e 61 6d 65 22 3a 20 22 4c 69 6e 6b 46 69 6c 65 6e 61 6d 65 22 2c 0a 22 43 6c 61 73 73 49 6e 66 6f 22 3a 20 22 4d 65 6e 75 Data Ascii: 2000rsPane": "FALSE","ShowInFiltersPane": "Auto"},{"Name": "LinkFilename","FieldType": "Computed","RealFieldName": "FileLeafRef","DisplayName": "Nombre","ID": "5cc6dc79-3710-4374-b433-61cb4a686c12","StaticName": "LinkFilename","ClassInfo": "Menu
2024-12-16 21:18:40 UTC	4152	IN	Data Raw: 31 30 33 30 0d 0a 76 62 57 46 70 62 48 56 7a 64 47 46 69 64 57 4e 68 5a 57 52 31 4c 57 31 35 4c 6e 4e 6f 59 58 4a 6c 63 47 39 70 62 6e 51 75 59 32 39 74 51 47 59 31 4e 32 45 31 4f 54 51 35 4c 54 4d 33 4d 7a 67 74 4e 44 46 6c 5a 69 31 68 4f 44 5a 6c 4c 54 41 77 4e 44 6b 77 59 7a 41 34 59 32 4e 69 4e 53 49 73 49 6d 56 34 63 43 49 36 49 6a 45 33 4d 7a 51 30 4d 44 51 30 4d 44 41 69 66 51 2e 43 69 4d 4b 43 58 4e 6f 59 58 4a 70 62 6d 64 70 5a 42 49 57 61 6c 6c 6d 54 6a 56 45 4d 55 55 31 61 33 56 78 65 57 68 4a 56 45 56 7a 55 45 6b 30 51 51 6f 49 43 67 4e 7a 64 48 41 53 41 58 51 4b 43 67 6f 45 63 32 35 70 5a 42 49 43 4d 7a 4d 53 42 67 6a 61 35 7a 6f 51 41 52 6f 4d 4f 43 34 30 4e 69 34 78 4d 6a 4d 75 4d 54 67 35 49 68 52 74 61 57 4e 79 62 33 4e 76 5a 6e 51 75 63 Data Ascii: 1030vbWFpbHVzdGFidWNhZWR1LW15LnNoYXJlcG9pbnQuY29tQGY1N2E1OTQ5LTM3MzgtNDFlZi1hODZlLTAwNDkwYzA4Y2NiNSIsImV4cCI6IjE3MzQ0MDQ0MDAifQ.CiMKCXNoYXJpbmdpZBIWallmTjVEMUU1a3VxeWhJVEVzUEk0QQoICgNzdHASAXQKCgoEc25pZBICMzMSBgja5zoQARoMOC40Ni4xMjMuMTg5IhRtaWNyb3NvZnQuc
2024-12-16 21:18:40 UTC	4264	IN	Data Raw: 31 30 61 30 0d 0a 73 22 0d 0a 2c 20 22 2e 6d 65 64 69 61 42 61 73 65 55 72 6c 53 65 63 6f 6e 64 61 72 79 22 20 3a 20 22 68 74 74 70 73 3a 5c 75 30 30 32 66 5c 75 30 30 32 66 73 6f 75 74 68 63 65 6e 74 72 61 6c 75 73 31 2d 6d 65 64 69 61 70 2e 73 76 63 2e 6d 73 22 0d 0a 2c 20 22 2e 70 75 73 68 43 68 61 6e 6e 65 6c 42 61 73 65 55 72 6c 22 20 3a 20 22 68 74 74 70 73 3a 5c 75 30 30 32 66 5c 75 30 30 32 66 65 61 73 74 75 73 30 2e 70 75 73 68 6e 70 2e 73 76 63 2e 6d 73 22 0d 0a 2c 20 22 2e 63 61 6c 6c 65 72 53 74 61 63 6b 22 20 3a 20 22 66 46 4e 51 54 77 22 0d 0a 2c 20 22 2e 63 6f 72 72 65 6c 61 74 69 6f 6e 49 64 22 20 3a 20 22 33 33 33 38 36 65 61 31 2d 30 30 61 38 2d 30 30 30 30 2d 35 31 63 31 2d 33 38 38 37 38 30 36 38 30 66 64 35 22 0d 0a 2c 20 22 2e 74 72 Data Ascii: 10a0s", ".mediaBaseUrlSecondary" : "https:\u002f\u002fsouthcentralus1-mediap.svc.ms", ".pushChannelBaseUrl" : "https:\u002f\u002feastus0.pushnp.svc.ms", ".callerStack" : "fFNQTw", ".correlationId" : "33386ea1-00a8-0000-51c1-388780680fd5", ".tr
2024-12-16 21:18:40 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:41 UTC	2017	OUT	GET /personal/stella_pabon_ustabuca_edu_co/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%27&TryNewExperienceSingle=TRUE HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:42 UTC	3475	IN	HTTP/1.1 405 Method Not Allowed Cache-Control: private, max-age=0 Transfer-Encoding: chunked Content-Type: application/xml;charset=utf-8 Expires: Sun, 01 Dec 2024 21:18:42 GMT Last-Modified: Mon, 16 Dec 2024 21:18:42 GMT Vary: Origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 4,8409600,1436,7729,3468911,8409600,8409600,7 X-SharePointHealthScore: 2 X-SP-SERVERSTATE: ReadOnly=0 DATASERVICEVERSION: 3.0 SPClientServiceRequestDuration: 32 SPRequestDuration: 33 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 34386ea1-103b-0000-51c1-38fc60f251c9 request-id: 34386ea1-103b-0000-51c1-38fc60f251c9 MS-CV: oW44NDsQAABRwTj8YPJRyQ.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 74559C5EBB8C4DE2A0C8BCC1B0B045B7 Ref B: EWR311000103021 Ref C: 2024-12-16T21:18:42Z Date: Mon, 16 Dec 2024 21:18:41 GMT Connection: close
2024-12-16 21:18:42 UTC	454	IN	Data Raw: 31 62 66 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 6d 3a 65 72 72 6f 72 20 78 6d 6c 6e 73 3a 6d 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 61 64 6f 2f 32 30 30 37 2f 30 38 2f 64 61 74 61 73 65 72 76 69 63 65 73 2f 6d 65 74 61 64 61 74 61 22 3e 3c 6d 3a 63 6f 64 65 3e 2d 31 2c 20 4d 69 63 72 6f 73 6f 66 74 2e 53 68 61 72 65 50 6f 69 6e 74 2e 43 6c 69 65 6e 74 2e 43 6c 69 65 6e 74 53 65 72 76 69 63 65 45 78 63 65 70 74 69 6f 6e 3c 2f 6d 3a 63 6f 64 65 3e 3c 6d 3a 6d 65 73 73 61 67 65 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 73 2d 45 53 22 3e 45 6c 20 6d c3 a9 74 6f 64 6f 20 48 54 54 50 20 27 47 45 54 27 20 6e 6f 20 73 65 20 70 75 65 Data Ascii: 1bf<?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code>-1, Microsoft.SharePoint.Client.ClientServiceException</m:code><m:message xml:lang="es-ES">El mtodo HTTP 'GET' no se pue
2024-12-16 21:18:42 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:43 UTC	2384	OUT	GET /personal/stella_pabon_ustabuca_edu_co/_layouts/15/serviceworkerproxy.aspx?serviceWorkerUrl=https%3A%2F%2Fres-1.cdn.office.net%2Ffiles%2Fodsp-web-prod_2024-11-29.005%2Fodspwebworkers%2Fes%2Fspartanlistpostpltworker.js HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: worker Referer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?ga=1&id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip%2FAnyDesk%2Eexe Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:43 UTC	3278	IN	HTTP/1.1 200 OK Cache-Control: private Content-Length: 303 Content-Type: text/javascript; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,525568,0,0,82323,0,89811,7 X-SharePointHealthScore: 3 Service-Worker-Allowed: / X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 34386ea1-b088-0000-51c1-39b8790db904 request-id: 34386ea1-b088-0000-51c1-39b8790db904 MS-CV: oW44NIiwAABRwTm4eQ25BA.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5d&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; SPRequestDuration: 27 SPIisLatency: 1 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: AB19E5DE2A044566B3E8306D512BA434 Ref B: EWR311000108017 Ref C: 2024-12-16T21:18:43Z Date: Mon, 16 Dec 2024 21:18:42 GMT Connection: close
2024-12-16 21:18:43 UTC	303	IN	Data Raw: 0d 0a 09 09 76 61 72 20 73 65 72 76 69 63 65 57 6f 72 6b 65 72 55 72 6c 20 3d 20 22 68 74 74 70 73 3a 5c 75 30 30 32 66 5c 75 30 30 32 66 72 65 73 2d 31 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 5c 75 30 30 32 66 66 69 6c 65 73 5c 75 30 30 32 66 6f 64 73 70 2d 77 65 62 2d 70 72 6f 64 5f 32 30 32 34 2d 31 31 2d 32 39 2e 30 30 35 5c 75 30 30 32 66 6f 64 73 70 77 65 62 77 6f 72 6b 65 72 73 5c 75 30 30 32 66 65 73 5c 75 30 30 32 66 73 70 61 72 74 61 6e 6c 69 73 74 70 6f 73 74 70 6c 74 77 6f 72 6b 65 72 2e 6a 73 22 3b 0d 0a 09 09 69 66 20 28 73 65 72 76 69 63 65 57 6f 72 6b 65 72 55 72 6c 29 20 7b 0d 0a 09 09 09 69 6d 70 6f 72 74 53 63 72 69 70 74 73 28 73 65 72 76 69 63 65 57 6f 72 6b 65 72 55 72 6c 29 3b 0d 0a 09 09 7d 20 65 6c 73 65 20 7b 0d 0a 09 09 09 Data Ascii: var serviceWorkerUrl = "https:\u002f\u002fres-1.cdn.office.net\u002ffiles\u002fodsp-web-prod_2024-11-29.005\u002fodspwebworkers\u002fes\u002fspartanlistpostpltworker.js";if (serviceWorkerUrl) {importScripts(serviceWorkerUrl);} else {

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:45 UTC	2030	OUT	GET /personal/stella_pabon_ustabuca_edu_co/_layouts/15/serviceworkerproxy.aspx?serviceWorkerUrl=https%3A%2F%2Fres-1.cdn.office.net%2Ffiles%2Fodsp-web-prod_2024-11-29.005%2Fodspwebworkers%2Fes%2Fspartanlistpostpltworker.js HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:45 UTC	3283	IN	HTTP/1.1 200 OK Cache-Control: private Content-Length: 303 Content-Type: text/javascript; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,1051136,0,15,1008178,0,789130,7 X-SharePointHealthScore: 2 Service-Worker-Allowed: / X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 35386ea1-5011-0000-51c1-337111b681bd request-id: 35386ea1-5011-0000-51c1-337111b681bd MS-CV: oW44NRFQAABRwTNxEbaBvQ.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; SPRequestDuration: 46 SPIisLatency: 1 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 07EE6EA772104CD7A1E3E5C4346E9B10 Ref B: EWR311000104017 Ref C: 2024-12-16T21:18:45Z Date: Mon, 16 Dec 2024 21:18:44 GMT Connection: close
2024-12-16 21:18:45 UTC	303	IN	Data Raw: 0d 0a 09 09 76 61 72 20 73 65 72 76 69 63 65 57 6f 72 6b 65 72 55 72 6c 20 3d 20 22 68 74 74 70 73 3a 5c 75 30 30 32 66 5c 75 30 30 32 66 72 65 73 2d 31 2e 63 64 6e 2e 6f 66 66 69 63 65 2e 6e 65 74 5c 75 30 30 32 66 66 69 6c 65 73 5c 75 30 30 32 66 6f 64 73 70 2d 77 65 62 2d 70 72 6f 64 5f 32 30 32 34 2d 31 31 2d 32 39 2e 30 30 35 5c 75 30 30 32 66 6f 64 73 70 77 65 62 77 6f 72 6b 65 72 73 5c 75 30 30 32 66 65 73 5c 75 30 30 32 66 73 70 61 72 74 61 6e 6c 69 73 74 70 6f 73 74 70 6c 74 77 6f 72 6b 65 72 2e 6a 73 22 3b 0d 0a 09 09 69 66 20 28 73 65 72 76 69 63 65 57 6f 72 6b 65 72 55 72 6c 29 20 7b 0d 0a 09 09 09 69 6d 70 6f 72 74 53 63 72 69 70 74 73 28 73 65 72 76 69 63 65 57 6f 72 6b 65 72 55 72 6c 29 3b 0d 0a 09 09 7d 20 65 6c 73 65 20 7b 0d 0a 09 09 09 Data Ascii: var serviceWorkerUrl = "https:\u002f\u002fres-1.cdn.office.net\u002ffiles\u002fodsp-web-prod_2024-11-29.005\u002fodspwebworkers\u002fes\u002fspartanlistpostpltworker.js";if (serviceWorkerUrl) {importScripts(serviceWorkerUrl);} else {

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:48 UTC	2472	OUT	GET /personal/stella_pabon_ustabuca_edu_co/_api/v2.0/sites/%7Bc34dbdef-40e8-4638-b217-6db2cdf8fd5b%7D/lists/%7B74463084-87e5-4e57-b11b-9820afa05836%7D/items/delta?token=latest HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive X-RestrictedReadCapabilities: ForceCheckOut,RequiredColumn,ContentApproval,Irm,ExcludeFromOfflineClient,DocumentParser,DraftItemSecurity,ItemLevelPermissions User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/json;odata=verbose Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: empty Referer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/serviceworkerproxy.aspx?serviceWorkerUrl=https%3A%2F%2Fres-1.cdn.office.net%2Ffiles%2Fodsp-web-prod_2024-11-29.005%2Fodspwebworkers%2Fes%2Fspartanlistpostpltworker.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:48 UTC	3322	IN	HTTP/1.1 200 OK Cache-Control: no-cache, no-store Pragma: no-cache Content-Length: 753 Content-Type: application/json; odata.metadata=minimal Expires: -1 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,1051136,294,29,160671,0,1051136,7 X-SharePointHealthScore: 2 X-VroomVersion: 2.0 OData-Version: 4.0 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 35386ea1-40cd-0000-5d95-37fc2bffe8eb request-id: 35386ea1-40cd-0000-5d95-37fc2bffe8eb MS-CV: oW44Nc1AAABdlTf8K//o6w.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-EWR31r5d&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; SPRequestDuration: 48 SPIisLatency: 2 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: A839737795D54001B7E61B7D36C35474 Ref B: EWR311000108017 Ref C: 2024-12-16T21:18:48Z Date: Mon, 16 Dec 2024 21:18:47 GMT Connection: close
2024-12-16 21:18:48 UTC	753	IN	Data Raw: 7b 22 40 6f 64 61 74 61 2e 63 6f 6e 74 65 78 74 22 3a 22 68 74 74 70 73 3a 2f 2f 6d 61 69 6c 75 73 74 61 62 75 63 61 65 64 75 2d 6d 79 2e 73 68 61 72 65 70 6f 69 6e 74 2e 63 6f 6d 2f 70 65 72 73 6f 6e 61 6c 2f 73 74 65 6c 6c 61 5f 70 61 62 6f 6e 5f 75 73 74 61 62 75 63 61 5f 65 64 75 5f 63 6f 2f 5f 61 70 69 2f 76 32 2e 30 2f 24 6d 65 74 61 64 61 74 61 23 73 69 74 65 73 28 27 25 37 42 63 33 34 64 62 64 65 66 2d 34 30 65 38 2d 34 36 33 38 2d 62 32 31 37 2d 36 64 62 32 63 64 66 38 66 64 35 62 25 37 44 27 29 2f 6c 69 73 74 73 28 27 25 37 42 37 34 34 36 33 30 38 34 2d 38 37 65 35 2d 34 65 35 37 2d 62 31 31 62 2d 39 38 32 30 61 66 61 30 35 38 33 36 25 37 44 27 29 2f 69 74 65 6d 73 28 66 69 65 6c 64 73 28 29 29 22 2c 22 40 6f 64 61 74 61 2e 64 65 6c 74 61 4c 69 Data Ascii: {"@odata.context":"https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_api/v2.0/$metadata#sites('%7Bc34dbdef-40e8-4638-b217-6db2cdf8fd5b%7D')/lists('%7B74463084-87e5-4e57-b11b-9820afa05836%7D')/items(fields())","@odata.deltaLi

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:48 UTC	2315	OUT	GET /personal/stella_pabon_ustabuca_edu_co/_api/v2.0/sites/root/lists/%7B74463084-87e5-4e57-b11b-9820afa05836%7D/subscriptions/socketIo?listItemIds= HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive Prefer: NotificationSession User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/json;odata=verbose Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: empty Referer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/serviceworkerproxy.aspx?serviceWorkerUrl=https%3A%2F%2Fres-1.cdn.office.net%2Ffiles%2Fodsp-web-prod_2024-11-29.005%2Fodspwebworkers%2Fes%2Fspartanlistpostpltworker.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:48 UTC	3281	IN	HTTP/1.1 403 Forbidden Cache-Control: no-cache, no-store Pragma: no-cache Content-Length: 59 Content-Type: application/json Expires: -1 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,1051136,6,6,2861773,0,624206,6 X-SharePointHealthScore: 2 X-VroomVersion: 2.0 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 35386ea1-b0cf-0000-5773-0aa73dc3aa7c request-id: 35386ea1-b0cf-0000-5773-0aa73dc3aa7c MS-CV: oW44Nc+wAABXcwqnPcOqfA.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; SPRequestDuration: 49 SPIisLatency: 1 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 31734CEB9F974BD687826191A3B8C80F Ref B: EWR311000103051 Ref C: 2024-12-16T21:18:48Z Date: Mon, 16 Dec 2024 21:18:48 GMT Connection: close
2024-12-16 21:18:48 UTC	59	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 7b 22 63 6f 64 65 22 3a 22 61 63 63 65 73 73 44 65 6e 69 65 64 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 41 63 63 65 73 73 20 64 65 6e 69 65 64 22 7d 7d Data Ascii: {"error":{"code":"accessDenied","message":"Access denied"}}

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:18:50 UTC	1984	OUT	GET /personal/stella_pabon_ustabuca_edu_co/_api/v2.0/sites/%7Bc34dbdef-40e8-4638-b217-6db2cdf8fd5b%7D/lists/%7B74463084-87e5-4e57-b11b-9820afa05836%7D/items/delta?token=latest HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:18:50 UTC	3318	IN	HTTP/1.1 200 OK Cache-Control: no-cache, no-store Pragma: no-cache Content-Length: 753 Content-Type: application/json; odata.metadata=minimal Expires: -1 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,525568,0,16,146460,0,256435,7 X-SharePointHealthScore: 1 X-VroomVersion: 2.0 OData-Version: 4.0 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 36386ea1-004d-0000-51c1-33a521cd98d3 request-id: 36386ea1-004d-0000-51c1-33a521cd98d3 MS-CV: oW44Nk0AAABRwTOlIc2Y0w.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-EWR31r5d&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; SPRequestDuration: 62 SPIisLatency: 1 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 36E40F4FAE5E4F2B9E5420E3DB89CF93 Ref B: EWR311000108023 Ref C: 2024-12-16T21:18:50Z Date: Mon, 16 Dec 2024 21:18:49 GMT Connection: close
2024-12-16 21:18:50 UTC	753	IN	Data Raw: 7b 22 40 6f 64 61 74 61 2e 63 6f 6e 74 65 78 74 22 3a 22 68 74 74 70 73 3a 2f 2f 6d 61 69 6c 75 73 74 61 62 75 63 61 65 64 75 2d 6d 79 2e 73 68 61 72 65 70 6f 69 6e 74 2e 63 6f 6d 2f 70 65 72 73 6f 6e 61 6c 2f 73 74 65 6c 6c 61 5f 70 61 62 6f 6e 5f 75 73 74 61 62 75 63 61 5f 65 64 75 5f 63 6f 2f 5f 61 70 69 2f 76 32 2e 30 2f 24 6d 65 74 61 64 61 74 61 23 73 69 74 65 73 28 27 25 37 42 63 33 34 64 62 64 65 66 2d 34 30 65 38 2d 34 36 33 38 2d 62 32 31 37 2d 36 64 62 32 63 64 66 38 66 64 35 62 25 37 44 27 29 2f 6c 69 73 74 73 28 27 25 37 42 37 34 34 36 33 30 38 34 2d 38 37 65 35 2d 34 65 35 37 2d 62 31 31 62 2d 39 38 32 30 61 66 61 30 35 38 33 36 25 37 44 27 29 2f 69 74 65 6d 73 28 66 69 65 6c 64 73 28 29 29 22 2c 22 40 6f 64 61 74 61 2e 64 65 6c 74 61 4c 69 Data Ascii: {"@odata.context":"https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_api/v2.0/$metadata#sites('%7Bc34dbdef-40e8-4638-b217-6db2cdf8fd5b%7D')/lists('%7B74463084-87e5-4e57-b11b-9820afa05836%7D')/items(fields())","@odata.deltaLi

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:19:00 UTC	2810	OUT	POST /personal/stella_pabon_ustabuca_edu_co/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%27&RootFolder=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip&View=803caba8-f355-4bf3-9ce8-08d9ebb2fec8&TryNewExperienceSingle=TRUE HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive Content-Length: 201 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 Authorization: Bearer User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/json;odata=verbose CollectSPPerfMetrics: SPSQLQueryCount accept: application/json;odata=verbose X-SP-REQUESTRESOURCES: listUrl=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments X-ServiceWorker-Strategy: CacheFirst sec-ch-ua-platform: "Windows" Origin: https://mailustabucaedu-my.sharepoint.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip&ga=1 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:19:00 UTC	201	OUT	Data Raw: 7b 22 70 61 72 61 6d 65 74 65 72 73 22 3a 7b 22 5f 5f 6d 65 74 61 64 61 74 61 22 3a 7b 22 74 79 70 65 22 3a 22 53 50 2e 52 65 6e 64 65 72 4c 69 73 74 44 61 74 61 50 61 72 61 6d 65 74 65 72 73 22 7d 2c 22 52 65 6e 64 65 72 4f 70 74 69 6f 6e 73 22 3a 31 34 39 36 38 33 39 2c 22 41 6c 6c 6f 77 4d 75 6c 74 69 70 6c 65 56 61 6c 75 65 46 69 6c 74 65 72 46 6f 72 54 61 78 6f 6e 6f 6d 79 46 69 65 6c 64 73 22 3a 74 72 75 65 2c 22 41 64 64 52 65 71 75 69 72 65 64 46 69 65 6c 64 73 22 3a 74 72 75 65 2c 22 52 65 71 75 69 72 65 46 6f 6c 64 65 72 43 6f 6c 6f 72 69 6e 67 46 69 65 6c 64 73 22 3a 74 72 75 65 7d 7d Data Ascii: {"parameters":{"__metadata":{"type":"SP.RenderListDataParameters"},"RenderOptions":1496839,"AllowMultipleValueFilterForTaxonomyFields":true,"AddRequiredFields":true,"RequireFolderColoringFields":true}}
2024-12-16 21:19:01 UTC	3588	IN	HTTP/1.1 200 OK Cache-Control: private, max-age=0 Transfer-Encoding: chunked Content-Type: application/json; charset=utf-8 Expires: Sun, 01 Dec 2024 21:19:01 GMT Last-Modified: Mon, 16 Dec 2024 21:19:01 GMT Vary: Origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] Set-Cookie: CannotPreviewLists=1; expires=Tue, 17-Dec-2024 21:19:01 GMT; path=/personal/stella_pabon_ustabuca_edu_co/Documents; secure X-NetworkStatistics: 0,1051136,0,31,1981064,0,1051136,7 X-SharePointHealthScore: 0 X-SP-SERVERSTATE: ReadOnly=0 DATASERVICEVERSION: 3.0 SPClientServiceRequestDuration: 173 SPRequestDuration: 173 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 38386ea1-90e7-0000-51c1-386aa90521a0 request-id: 38386ea1-90e7-0000-51c1-386aa90521a0 MS-CV: oW44OOeQAABRwThqqQUhoA.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: D0933746B03040368DE5BB2D795F3EDC Ref B: EWR311000103035 Ref C: 2024-12-16T21:19:01Z Date: Mon, 16 Dec 2024 21:19:00 GMT Connection: close
2024-12-16 21:19:01 UTC	583	IN	Data Raw: 32 34 30 0d 0a 7b 22 77 70 71 22 3a 22 22 2c 22 54 65 6d 70 6c 61 74 65 73 22 3a 7b 7d 2c 22 4c 69 73 74 44 61 74 61 22 3a 7b 20 22 52 6f 77 22 20 3a 20 0a 5b 7b 0d 0a 22 49 44 22 3a 20 22 33 32 22 2c 0d 0a 22 50 65 72 6d 4d 61 73 6b 22 3a 20 22 30 78 33 30 30 38 30 33 31 30 32 37 22 2c 0d 0a 22 46 53 4f 62 6a 54 79 70 65 22 3a 20 22 30 22 2c 0d 0a 22 48 54 4d 4c 5f 78 30 30 32 30 5f 46 69 6c 65 5f 78 30 30 32 30 5f 54 79 70 65 22 3a 20 22 22 2c 0d 0a 22 55 6e 69 71 75 65 49 64 22 3a 20 22 7b 31 41 46 30 41 34 36 30 2d 30 38 38 38 2d 34 31 41 30 2d 41 43 34 43 2d 37 33 44 46 36 39 46 45 33 45 46 36 7d 22 2c 0d 0a 22 50 72 6f 67 49 64 22 3a 20 22 22 2c 0d 0a 22 4e 6f 45 78 65 63 75 74 65 22 3a 20 22 30 22 2c 0d 0a 22 43 6f 6e 74 65 6e 74 54 79 70 65 49 64 Data Ascii: 240{"wpq":"","Templates":{},"ListData":{ "Row" : [{"ID": "32","PermMask": "0x3008031027","FSObjType": "0","HTML_x0020_File_x0020_Type": "","UniqueId": "{1AF0A460-0888-41A0-AC4C-73DF69FE3EF6}","ProgId": "","NoExecute": "0","ContentTypeId
2024-12-16 21:19:01 UTC	3783	IN	Data Raw: 65 63 30 0d 0a 63 65 6e 61 72 69 6f 49 64 73 22 3a 20 22 22 2c 0d 0a 22 46 69 6c 65 5f 78 30 30 32 30 5f 54 79 70 65 22 3a 20 22 65 78 65 22 2c 0d 0a 22 46 69 6c 65 5f 78 30 30 32 30 5f 54 79 70 65 2e 6d 61 70 61 70 70 22 3a 20 22 22 2c 0d 0a 22 48 54 4d 4c 5f 78 30 30 32 30 5f 46 69 6c 65 5f 78 30 30 32 30 5f 54 79 70 65 2e 46 69 6c 65 5f 78 30 30 32 30 5f 54 79 70 65 2e 6d 61 70 63 6f 6e 22 3a 20 22 22 2c 0d 0a 22 48 54 4d 4c 5f 78 30 30 32 30 5f 46 69 6c 65 5f 78 30 30 32 30 5f 54 79 70 65 2e 46 69 6c 65 5f 78 30 30 32 30 5f 54 79 70 65 2e 6d 61 70 69 63 6f 22 3a 20 22 22 2c 0d 0a 22 73 65 72 76 65 72 75 72 6c 2e 70 72 6f 67 69 64 22 3a 20 22 22 2c 0d 0a 22 53 65 72 76 65 72 52 65 64 69 72 65 63 74 65 64 45 6d 62 65 64 55 72 6c 22 3a 20 22 22 2c 0d 0a Data Ascii: ec0cenarioIds": "","File_x0020_Type": "exe","File_x0020_Type.mapapp": "","HTML_x0020_File_x0020_Type.File_x0020_Type.mapcon": "","HTML_x0020_File_x0020_Type.File_x0020_Type.mapico": "","serverurl.progid": "","ServerRedirectedEmbedUrl": "",
2024-12-16 21:19:01 UTC	4046	IN	Data Raw: 66 63 37 0d 0a 70 6c 61 79 4e 61 6d 65 22 3a 20 22 54 69 70 6f 22 2c 0a 22 49 44 22 3a 20 22 30 38 31 63 36 65 34 63 2d 35 63 31 34 2d 34 66 32 30 2d 62 32 33 65 2d 31 61 37 31 63 65 62 36 61 36 37 63 22 2c 0a 22 53 74 61 74 69 63 4e 61 6d 65 22 3a 20 22 44 6f 63 49 63 6f 6e 22 2c 0a 22 52 65 61 64 4f 6e 6c 79 22 3a 20 22 54 52 55 45 22 2c 0a 22 43 6c 61 73 73 49 6e 66 6f 22 3a 20 22 49 63 6f 6e 22 2c 0a 22 72 6f 6c 65 22 3a 20 22 43 6f 6d 70 75 74 65 64 22 2c 0a 22 61 72 69 61 4c 61 62 65 6c 22 3a 20 22 54 69 70 6f 22 2c 0a 22 46 72 6f 6d 42 61 73 65 54 79 70 65 22 3a 20 22 54 52 55 45 22 2c 0a 22 54 79 70 65 22 3a 20 22 43 6f 6d 70 75 74 65 64 22 2c 0a 22 41 6c 6c 6f 77 47 72 69 64 45 64 69 74 69 6e 67 22 3a 20 22 46 41 4c 53 45 22 2c 0a 22 43 6c 69 65 Data Ascii: fc7playName": "Tipo","ID": "081c6e4c-5c14-4f20-b23e-1a71ceb6a67c","StaticName": "DocIcon","ReadOnly": "TRUE","ClassInfo": "Icon","role": "Computed","ariaLabel": "Tipo","FromBaseType": "TRUE","Type": "Computed","AllowGridEditing": "FALSE","Clie
2024-12-16 21:19:01 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 63 63 65 73 73 54 6f 6b 65 6e 56 32 31 22 20 3a 20 22 61 63 63 65 73 73 5f 74 6f 6b 65 6e 3d 76 31 2e 65 79 4a 7a 61 58 52 6c 61 57 51 69 4f 69 4a 6a 4d 7a 52 6b 59 6d 52 6c 5a 69 30 30 4d 47 55 34 4c 54 51 32 4d 7a 67 74 59 6a 49 78 4e 79 30 32 5a 47 49 79 59 32 52 6d 4f 47 5a 6b 4e 57 49 69 4c 43 4a 68 64 57 51 69 4f 69 49 77 4d 44 41 77 4d 44 41 77 4d 79 30 77 4d 44 41 77 4c 54 42 6d 5a 6a 45 74 59 32 55 77 4d 43 30 77 4d 44 41 77 4d 44 41 77 4d 44 41 77 4d 44 41 76 62 57 46 70 62 48 56 7a 64 47 46 69 64 57 4e 68 5a 57 52 31 4c 57 31 35 4c 6e 4e 6f 59 58 4a 6c 63 47 39 70 62 6e 51 75 59 32 39 74 51 47 59 31 4e 32 45 31 4f 54 51 35 4c 54 4d 33 4d 7a 67 74 4e 44 46 6c 5a 69 31 68 4f 44 5a 6c 4c 54 41 77 4e 44 6b 77 59 7a 41 34 59 32 4e Data Ascii: 2000ccessTokenV21" : "access_token=v1.eyJzaXRlaWQiOiJjMzRkYmRlZi00MGU4LTQ2MzgtYjIxNy02ZGIyY2RmOGZkNWIiLCJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvbWFpbHVzdGFidWNhZWR1LW15LnNoYXJlcG9pbnQuY29tQGY1N2E1OTQ5LTM3MzgtNDFlZi1hODZlLTAwNDkwYzA4Y2N
2024-12-16 21:19:01 UTC	4154	IN	Data Raw: 31 30 33 32 0d 0a 42 37 34 34 36 33 30 38 34 25 32 44 38 37 45 35 25 32 44 34 45 35 37 25 32 44 42 31 31 42 25 32 44 39 38 32 30 41 46 41 30 35 38 33 36 25 37 44 22 2c 22 43 75 72 72 65 6e 74 55 73 65 72 49 64 22 3a 36 33 2c 22 43 75 72 72 65 6e 74 55 73 65 72 4e 61 6d 65 22 3a 22 43 6f 6c 61 62 6f 72 61 64 6f 72 20 69 6e 76 69 74 61 64 6f 22 2c 22 69 73 4d 6f 64 65 72 61 74 65 64 22 3a 66 61 6c 73 65 2c 22 45 6e 61 62 6c 65 52 65 71 75 65 73 74 53 69 67 6e 4f 66 66 22 3a 74 72 75 65 2c 22 69 73 46 6f 72 63 65 43 68 65 63 6b 6f 75 74 22 3a 66 61 6c 73 65 2c 22 45 6e 61 62 6c 65 4d 69 6e 6f 72 56 65 72 73 69 6f 6e 73 22 3a 66 61 6c 73 65 2c 22 76 65 72 45 6e 61 62 6c 65 64 22 3a 74 72 75 65 2c 22 72 65 63 75 72 73 69 76 65 56 69 65 77 22 3a 66 61 6c 73 65 Data Ascii: 1032B74463084%2D87E5%2D4E57%2DB11B%2D9820AFA05836%7D","CurrentUserId":63,"CurrentUserName":"Colaborador invitado","isModerated":false,"EnableRequestSignOff":true,"isForceCheckout":false,"EnableMinorVersions":false,"verEnabled":true,"recursiveView":false
2024-12-16 21:19:01 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 22 2c 5c 22 57 65 62 54 69 74 6c 65 43 75 72 72 65 6e 74 4c 43 49 44 5c 22 3a 33 30 38 32 2c 5c 22 77 65 62 54 65 6d 70 6c 61 74 65 5c 22 3a 5c 22 32 31 5c 22 2c 5c 22 77 65 62 54 65 6d 70 6c 61 74 65 43 6f 6e 66 69 67 75 72 61 74 69 6f 6e 5c 22 3a 5c 22 53 50 53 50 45 52 53 23 39 5c 22 2c 5c 22 77 65 62 44 65 73 63 72 69 70 74 69 6f 6e 5c 22 3a 5c 22 45 73 74 65 20 65 73 20 65 6c 20 65 73 70 61 63 69 6f 20 70 65 72 73 6f 6e 61 6c 20 64 65 20 53 54 45 4c 4c 41 20 50 41 42 4f 4e 20 46 4c 4f 52 45 5a 2e 20 50 75 65 64 65 20 75 74 69 6c 69 7a 61 72 20 65 73 74 65 20 65 73 70 61 63 69 6f 20 70 61 72 61 20 63 72 65 61 72 20 6c 69 73 74 61 73 20 79 20 62 69 62 6c 69 6f 74 65 63 61 73 20 64 65 20 64 6f 63 75 6d 65 6e 74 6f 73 20 70 61 72 61 20 Data Ascii: 2000",\"WebTitleCurrentLCID\":3082,\"webTemplate\":\"21\",\"webTemplateConfiguration\":\"SPSPERS#9\",\"webDescription\":\"Este es el espacio personal de STELLA PABON FLOREZ. Puede utilizar este espacio para crear listas y bibliotecas de documentos para
2024-12-16 21:19:01 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 44 32 36 46 44 34 46 30 35 42 42 5c 22 3a 74 72 75 65 2c 5c 22 36 45 36 44 42 46 44 38 2d 41 37 43 37 2d 34 42 34 31 2d 41 30 43 42 2d 41 34 36 46 46 37 39 45 34 33 33 44 5c 22 3a 74 72 75 65 2c 5c 22 37 42 37 36 46 31 44 31 2d 32 32 32 37 2d 34 46 46 38 2d 42 43 34 41 2d 33 33 44 36 42 33 45 46 31 38 30 43 5c 22 3a 74 72 75 65 2c 5c 22 37 31 46 43 43 36 36 39 2d 30 42 30 30 2d 34 44 43 36 2d 41 34 37 44 2d 43 38 46 37 32 30 46 44 41 32 31 37 5c 22 3a 74 72 75 65 2c 5c 22 44 35 36 42 42 45 33 32 2d 38 35 43 42 2d 34 36 39 46 2d 41 45 38 42 2d 39 41 45 38 42 44 35 33 42 38 36 38 5c 22 3a 74 72 75 65 2c 5c 22 41 42 33 30 37 33 32 31 2d 37 39 38 42 2d 34 42 34 43 2d 41 44 42 37 2d 35 43 38 45 43 31 35 41 30 35 45 35 5c 22 3a 74 72 75 65 2c Data Ascii: 2000D26FD4F05BB\":true,\"6E6DBFD8-A7C7-4B41-A0CB-A46FF79E433D\":true,\"7B76F1D1-2227-4FF8-BC4A-33D6B3EF180C\":true,\"71FCC669-0B00-4DC6-A47D-C8F720FDA217\":true,\"D56BBE32-85CB-469F-AE8B-9AE8BD53B868\":true,\"AB307321-798B-4B4C-ADB7-5C8EC15A05E5\":true,
2024-12-16 21:19:01 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 45 46 41 37 45 45 31 5c 22 3a 74 72 75 65 2c 5c 22 36 36 31 35 31 45 35 32 2d 41 30 46 30 2d 34 35 32 43 2d 39 30 32 43 2d 32 43 32 32 45 38 41 38 44 39 42 42 5c 22 3a 74 72 75 65 2c 5c 22 31 39 35 42 41 32 45 36 2d 31 35 32 39 2d 34 41 35 39 2d 41 46 34 36 2d 39 43 30 39 32 32 41 30 31 43 41 32 5c 22 3a 74 72 75 65 2c 5c 22 45 43 31 34 32 46 45 46 2d 31 35 36 31 2d 34 30 37 42 2d 41 34 33 30 2d 36 46 37 30 35 38 35 33 41 46 41 41 5c 22 3a 74 72 75 65 2c 5c 22 46 33 35 36 41 34 36 43 2d 36 38 30 44 2d 34 32 31 37 2d 38 30 42 32 2d 37 43 35 30 31 45 41 43 41 44 30 31 5c 22 3a 74 72 75 65 2c 5c 22 31 33 39 37 43 32 39 44 2d 38 32 42 39 2d 34 39 41 30 2d 41 43 37 33 2d 42 42 35 33 45 41 37 34 45 33 36 37 5c 22 3a 74 72 75 65 2c 5c 22 30 30 Data Ascii: 2000EFA7EE1\":true,\"66151E52-A0F0-452C-902C-2C22E8A8D9BB\":true,\"195BA2E6-1529-4A59-AF46-9C0922A01CA2\":true,\"EC142FEF-1561-407B-A430-6F705853AFAA\":true,\"F356A46C-680D-4217-80B2-7C501EACAD01\":true,\"1397C29D-82B9-49A0-AC73-BB53EA74E367\":true,\"00
2024-12-16 21:19:02 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 39 45 30 5c 22 3a 74 72 75 65 2c 5c 22 32 41 46 46 33 32 37 33 2d 30 42 35 43 2d 34 37 43 34 2d 41 45 34 36 2d 46 34 39 44 45 41 42 41 35 39 43 39 5c 22 3a 74 72 75 65 2c 5c 22 43 31 36 39 38 39 43 42 2d 44 31 39 32 2d 34 34 44 30 2d 41 34 44 30 2d 33 31 46 42 45 42 35 35 39 42 34 44 5c 22 3a 74 72 75 65 2c 5c 22 39 37 43 31 46 45 41 39 2d 35 35 30 33 2d 34 38 45 42 2d 38 43 43 35 2d 38 46 36 35 31 45 43 45 36 46 32 46 5c 22 3a 74 72 75 65 2c 5c 22 33 41 42 31 34 34 36 42 2d 35 32 46 37 2d 34 45 42 37 2d 41 33 41 45 2d 39 42 46 38 46 42 46 44 42 43 44 38 5c 22 3a 74 72 75 65 2c 5c 22 32 43 35 35 30 32 45 38 2d 39 42 46 30 2d 34 45 44 39 2d 41 44 37 36 2d 39 42 42 45 31 31 34 35 45 37 36 31 5c 22 3a 74 72 75 65 2c 5c 22 30 46 44 33 46 33 Data Ascii: 20009E0\":true,\"2AFF3273-0B5C-47C4-AE46-F49DEABA59C9\":true,\"C16989CB-D192-44D0-A4D0-31FBEB559B4D\":true,\"97C1FEA9-5503-48EB-8CC5-8F651ECE6F2F\":true,\"3AB1446B-52F7-4EB7-A3AE-9BF8FBFDBCD8\":true,\"2C5502E8-9BF0-4ED9-AD76-9BBE1145E761\":true,\"0FD3F3

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:19:00 UTC	2931	OUT	POST /personal/stella_pabon_ustabuca_edu_co/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%27&TryNewExperienceSingle=TRUE HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive Content-Length: 635 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" x-ms-cc: t ScenarioType: AUO sec-ch-ua-mobile: ?0 Authorization: Bearer User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 CollectSPPerfMetrics: SPSQLQueryCount Content-Type: application/json;odata=verbose accept: application/json;odata=verbose X-ClientService-ClientTag: ODB Web X-SP-REQUESTRESOURCES: listUrl=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments X-ServiceWorker-Strategy: CacheFirst x-requestdigest: 0x29A93D023DAE36CEBEF3D42E0F318FE8DAB60437A331512B9F3EBCFA7D18C078DC2860F897FBCC02CB92E625C964FBA17C4BE11E681396FB213668F085951622,16 Dec 2024 21:18:23 -0000 sec-ch-ua-platform: "Windows" Origin: https://mailustabucaedu-my.sharepoint.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://mailustabucaedu-my.sharepoint.com/personal/stella_pabon_ustabuca_edu_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%2FZip&ga=1 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:19:00 UTC	635	OUT	Data Raw: 7b 22 70 61 72 61 6d 65 74 65 72 73 22 3a 7b 22 5f 5f 6d 65 74 61 64 61 74 61 22 3a 7b 22 74 79 70 65 22 3a 22 53 50 2e 52 65 6e 64 65 72 4c 69 73 74 44 61 74 61 50 61 72 61 6d 65 74 65 72 73 22 7d 2c 22 52 65 6e 64 65 72 4f 70 74 69 6f 6e 73 22 3a 31 30 35 32 36 37 39 2c 22 56 69 65 77 58 6d 6c 22 3a 22 3c 56 69 65 77 20 53 63 6f 70 65 3d 5c 22 52 65 63 75 72 73 69 76 65 41 6c 6c 5c 22 3e 3c 51 75 65 72 79 3e 3c 57 68 65 72 65 3e 3c 45 71 3e 3c 46 69 65 6c 64 52 65 66 20 4e 61 6d 65 3d 5c 22 46 69 6c 65 52 65 66 5c 22 20 2f 3e 3c 56 61 6c 75 65 20 54 79 70 65 3d 5c 22 54 65 78 74 5c 22 3e 3c 21 5b 43 44 41 54 41 5b 2f 70 65 72 73 6f 6e 61 6c 2f 73 74 65 6c 6c 61 5f 70 61 62 6f 6e 5f 75 73 74 61 62 75 63 61 5f 65 64 75 5f 63 6f 2f 44 6f 63 75 6d 65 6e 74 Data Ascii: {"parameters":{"__metadata":{"type":"SP.RenderListDataParameters"},"RenderOptions":1052679,"ViewXml":"<View Scope=\"RecursiveAll\"><Query><Where><Eq><FieldRef Name=\"FileRef\" /><Value Type=\"Text\"><![CDATA[/personal/stella_pabon_ustabuca_edu_co/Document
2024-12-16 21:19:01 UTC	3454	IN	HTTP/1.1 200 OK Cache-Control: private, max-age=0 Transfer-Encoding: chunked Content-Type: application/json; charset=utf-8 Expires: Sun, 01 Dec 2024 21:19:01 GMT Last-Modified: Mon, 16 Dec 2024 21:19:01 GMT Vary: Origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,4204800,1047,79,2109901,0,3351774,8 X-SharePointHealthScore: 0 X-SP-SERVERSTATE: ReadOnly=0 DATASERVICEVERSION: 3.0 SPClientServiceRequestDuration: 99 SPRequestDuration: 100 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 38386ea1-b0e7-0000-51c1-3615e9445544 request-id: 38386ea1-b0e7-0000-51c1-3615e9445544 MS-CV: oW44OOewAABRwTYV6URVRA.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5d&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 9B04181BD0944616B8A559787225D711 Ref B: EWR311000107019 Ref C: 2024-12-16T21:19:01Z Date: Mon, 16 Dec 2024 21:19:00 GMT Connection: close
2024-12-16 21:19:01 UTC	710	IN	Data Raw: 32 62 66 0d 0a 7b 22 77 70 71 22 3a 22 22 2c 22 54 65 6d 70 6c 61 74 65 73 22 3a 7b 7d 2c 22 4c 69 73 74 44 61 74 61 22 3a 7b 20 22 52 6f 77 22 20 3a 20 0a 5b 5d 2c 22 46 69 72 73 74 52 6f 77 22 20 3a 20 31 2c 0d 0a 22 46 6f 6c 64 65 72 50 65 72 6d 69 73 73 69 6f 6e 73 22 20 3a 20 22 30 78 33 30 30 38 30 31 31 30 30 30 22 0d 0a 2c 22 4c 61 73 74 52 6f 77 22 20 3a 20 30 2c 0d 0a 22 52 6f 77 4c 69 6d 69 74 22 20 3a 20 31 0d 0a 2c 22 46 69 6c 74 65 72 4c 69 6e 6b 22 20 3a 20 22 3f 22 0a 2c 22 46 6f 72 63 65 4e 6f 48 69 65 72 61 72 63 68 79 22 20 3a 20 22 31 22 0a 2c 22 48 69 65 72 61 72 63 68 79 48 61 73 49 6e 64 65 6e 74 69 6f 6e 22 20 3a 20 22 22 0a 2c 22 43 75 72 72 65 6e 74 46 6f 6c 64 65 72 50 72 69 6e 63 69 70 61 6c 43 6f 75 6e 74 22 20 3a 20 22 30 22 Data Ascii: 2bf{"wpq":"","Templates":{},"ListData":{ "Row" : [],"FirstRow" : 1,"FolderPermissions" : "0x3008011000","LastRow" : 0,"RowLimit" : 1,"FilterLink" : "?","ForceNoHierarchy" : "1","HierarchyHasIndention" : "","CurrentFolderPrincipalCount" : "0"
2024-12-16 21:19:01 UTC	8200	IN	Data Raw: 32 30 30 30 0d 0a 30 30 30 30 30 30 22 2c 0a 22 50 69 6e 6e 65 64 54 6f 46 69 6c 74 65 72 73 50 61 6e 65 22 3a 20 22 46 41 4c 53 45 22 2c 0a 22 53 68 6f 77 49 6e 46 69 6c 74 65 72 73 50 61 6e 65 22 3a 20 22 41 75 74 6f 22 7d 0a 2c 7b 22 4e 61 6d 65 22 3a 20 22 46 69 6c 65 52 65 66 22 2c 0a 22 46 69 65 6c 64 54 79 70 65 22 3a 20 22 4c 6f 6f 6b 75 70 22 2c 0a 22 52 65 61 6c 46 69 65 6c 64 4e 61 6d 65 22 3a 20 22 46 69 6c 65 52 65 66 22 2c 0a 22 44 69 73 70 6c 61 79 4e 61 6d 65 22 3a 20 22 44 69 72 65 63 63 69 5c 75 30 30 66 33 6e 20 55 52 4c 22 2c 0a 22 49 44 22 3a 20 22 39 34 66 38 39 37 31 35 2d 65 30 39 37 2d 34 65 38 62 2d 62 61 37 39 2d 65 61 30 32 61 61 38 62 37 61 64 62 22 2c 0a 22 53 74 61 74 69 63 4e 61 6d 65 22 3a 20 22 46 69 6c 65 52 65 66 22 2c Data Ascii: 2000000000","PinnedToFiltersPane": "FALSE","ShowInFiltersPane": "Auto"},{"Name": "FileRef","FieldType": "Lookup","RealFieldName": "FileRef","DisplayName": "Direcci\u00f3n URL","ID": "94f89715-e097-4e8b-ba79-ea02aa8b7adb","StaticName": "FileRef",
2024-12-16 21:19:01 UTC	4159	IN	Data Raw: 31 30 33 37 0d 0a 45 30 5a 70 62 47 56 7a 4c 6c 4a 6c 59 57 52 58 63 6d 6c 30 5a 53 35 42 62 47 7a 49 41 51 45 2e 56 70 32 63 6d 5f 33 45 56 46 4c 51 5a 65 53 70 78 7a 53 31 5f 42 6a 61 4a 6d 77 72 30 7a 63 52 42 78 44 32 32 72 56 65 36 48 34 22 0d 0a 2c 20 22 2e 6d 65 64 69 61 42 61 73 65 55 72 6c 22 20 3a 20 22 68 74 74 70 73 3a 5c 75 30 30 32 66 5c 75 30 30 32 66 65 61 73 74 75 73 31 2d 6d 65 64 69 61 70 2e 73 76 63 2e 6d 73 22 0d 0a 2c 20 22 2e 6d 65 64 69 61 42 61 73 65 55 72 6c 53 65 63 6f 6e 64 61 72 79 22 20 3a 20 22 68 74 74 70 73 3a 5c 75 30 30 32 66 5c 75 30 30 32 66 73 6f 75 74 68 63 65 6e 74 72 61 6c 75 73 31 2d 6d 65 64 69 61 70 2e 73 76 63 2e 6d 73 22 0d 0a 2c 20 22 2e 70 75 73 68 43 68 61 6e 6e 65 6c 42 61 73 65 55 72 6c 22 20 3a 20 22 68 Data Ascii: 1037E0ZpbGVzLlJlYWRXcml0ZS5BbGzIAQE.Vp2cm_3EVFLQZeSpxzS1_BjaJmwr0zcRBxD22rVe6H4", ".mediaBaseUrl" : "https:\u002f\u002feastus1-mediap.svc.ms", ".mediaBaseUrlSecondary" : "https:\u002f\u002fsouthcentralus1-mediap.svc.ms", ".pushChannelBaseUrl" : "h
2024-12-16 21:19:01 UTC	248	IN	Data Raw: 66 32 0d 0a 6f 77 43 72 65 61 74 65 46 6f 6c 64 65 72 22 3a 74 72 75 65 2c 22 43 61 6e 53 68 61 72 65 4c 69 6e 6b 46 6f 72 4e 65 77 44 6f 63 75 6d 65 6e 74 22 3a 66 61 6c 73 65 2c 22 56 69 73 69 6f 44 72 61 77 69 6e 67 43 72 65 61 74 69 6f 6e 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 53 69 74 65 54 65 6d 70 6c 61 74 65 49 64 22 3a 32 31 2c 22 54 65 6e 61 6e 74 54 61 67 50 6f 6c 69 63 79 45 6e 61 62 6c 65 64 22 3a 74 72 75 65 2c 22 57 65 62 45 78 63 6c 75 64 65 46 72 6f 6d 4f 66 66 6c 69 6e 65 43 6c 69 65 6e 74 22 3a 66 61 6c 73 65 2c 22 45 78 63 6c 75 64 65 46 72 6f 6d 4f 66 66 6c 69 6e 65 4d 6f 64 65 22 3a 66 61 6c 73 65 2c 22 45 78 63 6c 75 64 65 46 72 6f 6d 4f 66 66 6c 69 6e 65 43 6c 69 65 6e 74 22 3a 66 61 6c 73 65 7d 0d 0a Data Ascii: f2owCreateFolder":true,"CanShareLinkForNewDocument":false,"VisioDrawingCreationEnabled":false,"SiteTemplateId":21,"TenantTagPolicyEnabled":true,"WebExcludeFromOfflineClient":false,"ExcludeFromOfflineMode":false,"ExcludeFromOfflineClient":false}
2024-12-16 21:19:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-12-16 21:19:03 UTC	2017	OUT	GET /personal/stella_pabon_ustabuca_edu_co/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fstella%5Fpabon%5Fustabuca%5Fedu%5Fco%2FDocuments%27&TryNewExperienceSingle=TRUE HTTP/1.1 Host: mailustabucaedu-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0VG1h [TRUNCATED]
2024-12-16 21:19:03 UTC	3465	IN	HTTP/1.1 405 Method Not Allowed Cache-Control: private, max-age=0 Transfer-Encoding: chunked Content-Type: application/xml;charset=utf-8 Expires: Sun, 01 Dec 2024 21:19:03 GMT Last-Modified: Mon, 16 Dec 2024 21:19:03 GMT Vary: Origin P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY5Y2JlNDdhNzY3NDRmMzc3OTlmOTMxN2ZmYmVjNGJhOWVmMTBhN2I1YmQ5NWU1OWE2OGUzMmYyZDUwM2ZjYzksMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjljYmU0N2E3Njc0NGYzNzc5OWY5MzE3ZmZiZWM0YmE5ZWYxMGE3YjViZDk1ZTU5YTY4ZTMyZjJkNTAzZmNjOSwxMzM3ODg1Nzc4NjAwMDAwMDAsMCwxMzM3ODk0Mzg4NjA4ODkwNTYsMC4wLjAuMCwyNTgsZjU3YTU5NDktMzczOC00MWVmLWE4NmUtMDA0OTBjMDhjY2I1LCwsM2VjNjA2OTMtNWQyMi00MmQzLWJkN2ItMzZlYjIwMmNkZjdiLDNlYzYwNjkzLTVkMjItNDJkMy1iZDdiLTM2ZWIyMDJjZGY3YixqWWZONUQxRTVrdXF5aElURXNQSTRBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwyMDE0MTAsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLDdGQWdTSzVqb3NiNjhxRkRtVGlFWlhFQnlhRSxrRlB0eC8xWUtLMUVwU1JiVGxraEVVTlVseHBxNGJQRWFQMjJJQzFHbDVkTHJXL0tQSTNaTVdMeTdZM1A2U3RoOE01OVdKY2VPM1pWZkNpV05FVjQ4N1FaS1ZVL3ZTQ0lKZjNsWXFpZGJnbFhYNC84cFdYK3htY3l1VktCelFnNTRTNlpIWDJLdWJWMDh4N1RkSzl6ZVRNa0VuQis3aFVqclR5TUhJY2grKzRQOFMraTNqNllZaDlRWjdMRUFCdGE3L0xFY051TEhORnBGMzJEaGswdTV0SDN0 [TRUNCATED] X-NetworkStatistics: 0,8409600,28,83,6623376,0,8409600,7 X-SharePointHealthScore: 0 X-SP-SERVERSTATE: ReadOnly=0 DATASERVICEVERSION: 3.0 SPClientServiceRequestDuration: 25 SPRequestDuration: 25 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: 39386ea1-906d-0000-51c1-3e18a10603cf request-id: 39386ea1-906d-0000-51c1-3e18a10603cf MS-CV: oW44OW2QAABRwT4YoQYDzw.0 Alt-Svc: h3=":443";ma=86400 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=f57a5949-3738-41ef-a86e-00490c08ccb5&destinationEndpoint=Edge-Prod-EWR31r5d&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25520 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 9B41A8298090439495417A6C5AC26627 Ref B: EWR311000108029 Ref C: 2024-12-16T21:19:03Z Date: Mon, 16 Dec 2024 21:19:03 GMT Connection: close
2024-12-16 21:19:03 UTC	454	IN	Data Raw: 31 62 66 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 6d 3a 65 72 72 6f 72 20 78 6d 6c 6e 73 3a 6d 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 61 64 6f 2f 32 30 30 37 2f 30 38 2f 64 61 74 61 73 65 72 76 69 63 65 73 2f 6d 65 74 61 64 61 74 61 22 3e 3c 6d 3a 63 6f 64 65 3e 2d 31 2c 20 4d 69 63 72 6f 73 6f 66 74 2e 53 68 61 72 65 50 6f 69 6e 74 2e 43 6c 69 65 6e 74 2e 43 6c 69 65 6e 74 53 65 72 76 69 63 65 45 78 63 65 70 74 69 6f 6e 3c 2f 6d 3a 63 6f 64 65 3e 3c 6d 3a 6d 65 73 73 61 67 65 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 73 2d 45 53 22 3e 45 6c 20 6d c3 a9 74 6f 64 6f 20 48 54 54 50 20 27 47 45 54 27 20 6e 6f 20 73 65 20 70 75 65 Data Ascii: 1bf<?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code>-1, Microsoft.SharePoint.Client.ClientServiceException</m:code><m:message xml:lang="es-ES">El mtodo HTTP 'GET' no se pue
2024-12-16 21:19:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0