Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
https://cityofsolanabeach-my.sharepoint.com/:b:/r/personal/lyim_cosb_org/Documents/Microsoft Teams Chat Files/04212025141353-0001.pdf?csf=1&web=1

Overview

General Information

Sample URL:https://cityofsolanabeach-my.sharepoint.com/:b:/r/personal/lyim_cosb_org/Documents/Microsoft Teams Chat Files/04212025141353-0001.pdf?csf=1&web=1
Analysis ID:1672189
Infos:

Detection

Score:1
Range:0 - 100
Confidence:80%

Signatures

Detected suspicious crossdomain redirect
HTML body contains low number of good links
HTML title does not match URL

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • chrome.exe (PID: 2880 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 5960 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2156,i,11171481201563504429,16075537620969772834,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2196 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 6736 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cityofsolanabeach-my.sharepoint.com/:b:/r/personal/lyim_cosb_org/Documents/Microsoft%20Teams%20Chat%20Files/04212025141353-0001.pdf?csf=1&web=1" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • Phishing
  • Compliance
  • Networking
  • System Summary

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5dHTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d&sso_reload=trueHTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5dHTTP Parser: Title: Redirecting does not match URL
Source: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d&sso_reload=trueHTTP Parser: Title: Sign in to your account does not match URL
Source: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d&sso_reload=trueHTTP Parser: <input type="password" .../> found
Source: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5dHTTP Parser: No favicon
Source: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5dHTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d&sso_reload=trueHTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d&sso_reload=trueHTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d&sso_reload=trueHTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5dHTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 142.250.69.4:443 -> 192.168.2.6:49697 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.136.10:443 -> 192.168.2.6:49699 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.136.10:443 -> 192.168.2.6:49698 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.62.129:443 -> 192.168.2.6:49702 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.222.3.228:443 -> 192.168.2.6:49707 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.62.226.176:443 -> 192.168.2.6:49721 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.62.226.164:443 -> 192.168.2.6:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.151.7:443 -> 192.168.2.6:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.155.3:443 -> 192.168.2.6:49739 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: cityofsolanabeach-my.sharepoint.com to https://login.microsoftonline.com:443/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5fid=00000003%2d0000%2d0ff1%2dce00%2d000000000000&response%5fmode=form%5fpost&response%5ftype=code%20id%5ftoken&resource=00000003%2d0000%2d0ff1%2dce00%2d000000000000&scope=openid&nonce=4d0a58e010049c5cec6e7ae0acefb6a5009b22e318b5c6e6%2dff696de58c6764e2936e0fa2eefada13a0cfc230de9e59fbf12fa3b1cfa8a6ff&redirect%5furi=https%3a%2f%2fcityofsolanabeach%2dmy%2esharepoint%2ecom%2f%5fforms%2fdefault%2easpx&state=od0w&claims=%7b%22id%5ftoken%22%3a%7b%22xms%5fcc%22%3a%7b%22values%22%3a%5b%22cp1%22%5d%7d%7d%7d&wsucxt=1&cobrandid=11bd8083%2d87e0%2d41b5%2dbb78%2d0bc43c8a8e8a&client%2drequest%2did=bc5597a1%2db053%2d8000%2dae3e%2d1a732b3d6f5d
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.215
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /:b:/r/personal/lyim_cosb_org/Documents/Microsoft%20Teams%20Chat%20Files/04212025141353-0001.pdf?csf=1&web=1 HTTP/1.1Host: cityofsolanabeach-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /personal/lyim_cosb_org/Documents/Microsoft%20Teams%20Chat%20Files/04212025141353-0001.pdf?csf=1&web=1&CID=905aaab5-842f-4e16-8c21-78919e2e4804 HTTP/1.1Host: cityofsolanabeach-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /personal/lyim_cosb_org/_layouts/15/Authenticate.aspx?Source=%2Fpersonal%2Flyim%5Fcosb%5Forg%2FDocuments%2FMicrosoft%20Teams%20Chat%20Files%2F04212025141353%2D0001%2Epdf%3Fcsf%3D1%26web%3D1%26CID%3D905aaab5%2D842f%2D4e16%2D8c21%2D78919e2e4804 HTTP/1.1Host: cityofsolanabeach-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /_forms/default.aspx?ReturnUrl=%2fpersonal%2flyim_cosb_org%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fpersonal%252Flyim%255Fcosb%255Forg%252FDocuments%252FMicrosoft%2520Teams%2520Chat%2520Files%252F04212025141353%252D0001%252Epdf%253Fcsf%253D1%2526web%253D1%2526CID%253D905aaab5%252D842f%252D4e16%252D8c21%252D78919e2e4804&Source=cookie HTTP/1.1Host: cityofsolanabeach-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: RpsContextCookie=U291cmNlPSUyRnBlcnNvbmFsJTJGbHlpbSU1RmNvc2IlNUZvcmclMkZEb2N1bWVudHMlMkZNaWNyb3NvZnQlMjBUZWFtcyUyMENoYXQlMjBGaWxlcyUyRjA0MjEyMDI1MTQxMzUzJTJEMDAwMSUyRXBkZiUzRmNzZiUzRDElMjZ3ZWIlM0QxJTI2Q0lEJTNEOTA1YWFhYjUlMkQ4NDJmJTJENGUxNiUyRDhjMjElMkQ3ODkxOWUyZTQ4MDQ=
Source: global trafficHTTP traffic detected: GET /83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d HTTP/1.1Host: login.microsoftonline.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d&sso_reload=true HTTP/1.1Host: login.microsoftonline.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: esctx-FXV4sYLFtI=AQABCQEAAABVrSpeuWamRam2jAF1XRQExuOyBdSO3BZdUl3-qQBUY0gA84xA_yrP87XH6lgt0aPc0Gv7AwWZ7xCy41cbo3h1pxbU9mQYLrqAyuvkUB0EC0Q4hh64537Fti7zqKEHamb4i_2jRmrkU9kKIy0wfXybJKNJmv4DClugCy7fzSE7uiAA; fpc=AuIFpnMgGx9Nnk-AJEH4ucE; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEAl7MPZaLYFwPz5nRmVLRFyBwOl27ZF39HLqwV-vgLrgLwNnr7CsFuKtya5u8wYx2Yg1UmVJMsgxnJ6rI5eCoX-GkK3qcxP9xxc5xl8zowY-KfTqEh3oFkrYYTySO4PijQ6Bs0Og_U18j02V35uXCv2DX1WpKZAzBYqx9YL9XpYYgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: login.microsoftonline.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: esctx-FXV4sYLFtI=AQABCQEAAABVrSpeuWamRam2jAF1XRQExuOyBdSO3BZdUl3-qQBUY0gA84xA_yrP87XH6lgt0aPc0Gv7AwWZ7xCy41cbo3h1pxbU9mQYLrqAyuvkUB0EC0Q4hh64537Fti7zqKEHamb4i_2jRmrkU9kKIy0wfXybJKNJmv4DClugCy7fzSE7uiAA; fpc=AuIFpnMgGx9Nnk-AJEH4ucE; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEAl7MPZaLYFwPz5nRmVLRFyBwOl27ZF39HLqwV-vgLrgLwNnr7CsFuKtya5u8wYx2Yg1UmVJMsgxnJ6rI5eCoX-GkK3qcxP9xxc5xl8zowY-KfTqEh3oFkrYYTySO4PijQ6Bs0Og_U18j02V35uXCv2DX1WpKZAzBYqx9YL9XpYYgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
Source: global trafficHTTP traffic detected: GET /dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/favicon?ts=638477616223106700 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/favicon?ts=638477616223106700 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/illustration?ts=638477616232014667 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/bannerlogo?ts=638477648718392351 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /83bece33-c444-450f-bc7d-e2db906db4bb/winauth/ssoprobe?client-request-id=bc5597a1-b053-8000-ae3e-1a732b3d6f5d&_=1745420749193 HTTP/1.1Host: autologon.microsoftazuread-sso.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/bannerlogo?ts=638477648718392351 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/illustration?ts=638477616232014667 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /common/instrumentation/dssostatus HTTP/1.1Host: login.microsoftonline.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: esctx-FXV4sYLFtI=AQABCQEAAABVrSpeuWamRam2jAF1XRQExuOyBdSO3BZdUl3-qQBUY0gA84xA_yrP87XH6lgt0aPc0Gv7AwWZ7xCy41cbo3h1pxbU9mQYLrqAyuvkUB0EC0Q4hh64537Fti7zqKEHamb4i_2jRmrkU9kKIy0wfXybJKNJmv4DClugCy7fzSE7uiAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.AUUAM86-g0TED0W8feLbkG20uwMAAAAAAPEPzgAAAAAAAABFAABFAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEvFmW9LkO-CuueIHcx3n9NLH8YK9HczFS2kEKHUeDqi9cwvjJVOxuXTHgooQwEXjYPJuMXalvXd5nYyu3Ln0o_5PbJQVHOIwUjS06M1YsRBogAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEU6xihjuwEEDCEUitnDWQxdK-BQL47zqqe_-Xk0a4miA9mjWb-dlm6JXscc9tQsU1WaSaTncnDLlRutBD1f1hwheix8IDmZHczG3-kN1CgkUXVVfdWpEeTeFuqRe7ioiaQhj1M25GLqUSe2J8BAIW9Fa0-o9nAo8Wkdbi4HizMs4gAA; esctx-pRB8z4dIEDo=AQABCQEAAABVrSpeuWamRam2jAF1XRQEwjBWZW8QVbRoTrWyqUyGVD7exB2b4R_ippuqoD6HO7DiseG0VmsrSL6JO7cEb-hCxLErr1x4u8Jdwn8yRXadLXSHR8Sld1AoZ6_elFdEBLHa3mL0gJgo0lwMBm8qyO7T4gBA38xSP8H5GWyYYj5KsiAA; fpc=AuIFpnMgGx9Nnk-AJEH4ucF79WTGAQAAAMj4mt8OAAAA; MicrosoftApplicationsTelemetryDeviceId=3c31e842-8150-4f63-b3e7-f3790430292d; brcap=0; ai_session=zjBSvXJzJPf6JrK3pmhDlQ|1745420750769|1745420750769
Source: global trafficHTTP traffic detected: GET /common/GetCredentialType?mkt=en-US HTTP/1.1Host: login.microsoftonline.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: esctx-FXV4sYLFtI=AQABCQEAAABVrSpeuWamRam2jAF1XRQExuOyBdSO3BZdUl3-qQBUY0gA84xA_yrP87XH6lgt0aPc0Gv7AwWZ7xCy41cbo3h1pxbU9mQYLrqAyuvkUB0EC0Q4hh64537Fti7zqKEHamb4i_2jRmrkU9kKIy0wfXybJKNJmv4DClugCy7fzSE7uiAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.AUUAM86-g0TED0W8feLbkG20uwMAAAAAAPEPzgAAAAAAAABFAABFAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEvFmW9LkO-CuueIHcx3n9NLH8YK9HczFS2kEKHUeDqi9cwvjJVOxuXTHgooQwEXjYPJuMXalvXd5nYyu3Ln0o_5PbJQVHOIwUjS06M1YsRBogAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEU6xihjuwEEDCEUitnDWQxdK-BQL47zqqe_-Xk0a4miA9mjWb-dlm6JXscc9tQsU1WaSaTncnDLlRutBD1f1hwheix8IDmZHczG3-kN1CgkUXVVfdWpEeTeFuqRe7ioiaQhj1M25GLqUSe2J8BAIW9Fa0-o9nAo8Wkdbi4HizMs4gAA; esctx-pRB8z4dIEDo=AQABCQEAAABVrSpeuWamRam2jAF1XRQEwjBWZW8QVbRoTrWyqUyGVD7exB2b4R_ippuqoD6HO7DiseG0VmsrSL6JO7cEb-hCxLErr1x4u8Jdwn8yRXadLXSHR8Sld1AoZ6_elFdEBLHa3mL0gJgo0lwMBm8qyO7T4gBA38xSP8H5GWyYYj5KsiAA; fpc=AuIFpnMgGx9Nnk-AJEH4ucF79WTGAQAAAMj4mt8OAAAA; MicrosoftApplicationsTelemetryDeviceId=3c31e842-8150-4f63-b3e7-f3790430292d; brcap=0; ai_session=zjBSvXJzJPf6JrK3pmhDlQ|1745420750769|1745420750769; MSFPC=GUID=d9890915ece248369b87dc3e57a3b40f&HASH=d989&LV=202504&V=4&LU=1745420755484
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: cityofsolanabeach-my.sharepoint.com
Source: global trafficDNS traffic detected: DNS query: login.microsoftonline.com
Source: global trafficDNS traffic detected: DNS query: identity.nel.measure.office.net
Source: global trafficDNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global trafficDNS traffic detected: DNS query: aadcdn.msauthimages.net
Source: global trafficDNS traffic detected: DNS query: autologon.microsoftazuread-sso.com
Source: unknownHTTP traffic detected: POST /api/report?catId=GW+estsfd+wst HTTP/1.1Host: identity.nel.measure.office.netConnection: keep-aliveContent-Length: 1134Content-Type: application/reports+jsonOrigin: https://login.microsoftonline.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateSet-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponlyStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffP3P: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 8df307ee-b62b-4836-bc4e-b1bbdedd7a00x-ms-ests-server: 2.1.20540.5 - WUS3 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.PReferrer-Policy: strict-origin-when-cross-originContent-Security-Policy-Report-Only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-4vGyWf2RRXKIuiLvn77zOw' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-AllX-XSS-Protection: 0Date: Wed, 23 Apr 2025 15:05:45 GMTConnection: closeContent-Length: 0
Source: chromecache_76.3.dr, chromecache_88.3.drString found in binary or memory: http://ns.attribution.com/ads/1.0/
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49697
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49697 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49680
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49680 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 142.250.69.4:443 -> 192.168.2.6:49697 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.136.10:443 -> 192.168.2.6:49699 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.136.10:443 -> 192.168.2.6:49698 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.62.129:443 -> 192.168.2.6:49702 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.222.3.228:443 -> 192.168.2.6:49707 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.62.226.176:443 -> 192.168.2.6:49721 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.62.226.164:443 -> 192.168.2.6:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.151.7:443 -> 192.168.2.6:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.155.3:443 -> 192.168.2.6:49739 version: TLS 1.2
Source: classification engineClassification label: clean1.win@24/37@20/9
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2156,i,11171481201563504429,16075537620969772834,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2196 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cityofsolanabeach-my.sharepoint.com/:b:/r/personal/lyim_cosb_org/Documents/Microsoft%20Teams%20Chat%20Files/04212025141353-0001.pdf?csf=1&web=1"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2156,i,11171481201563504429,16075537620969772834,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2196 /prefetch:3Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1672189 URL: https://cityofsolanabeach-m... Startdate: 23/04/2025 Architecture: WINDOWS Score: 1 5 chrome.exe 2 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.6, 138, 443, 49680 unknown unknown 5->13 10 chrome.exe 5->10         started        process4 dnsIp5 15 a1894.dscb.akamai.net 23.222.3.228, 443, 49707, 49711 TISCALI-IT United States 10->15 17 dual-spo-0005.spo-msedge.net 13.107.136.10, 443, 49698, 49699 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 10->17 19 26 other IPs or domains 10->19

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://cityofsolanabeach-my.sharepoint.com/:b:/r/personal/lyim_cosb_org/Documents/Microsoft%20Teams%20Chat%20Files/04212025141353-0001.pdf?csf=1&web=10%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://cityofsolanabeach-my.sharepoint.com/personal/lyim_cosb_org/Documents/Microsoft%20Teams%20Chat%20Files/04212025141353-0001.pdf?csf=1&web=1&CID=905aaab5-842f-4e16-8c21-78919e2e48040%Avira URL Cloudsafe
https://cityofsolanabeach-my.sharepoint.com/personal/lyim_cosb_org/_layouts/15/Authenticate.aspx?Source=%2Fpersonal%2Flyim%5Fcosb%5Forg%2FDocuments%2FMicrosoft%20Teams%20Chat%20Files%2F04212025141353%2D0001%2Epdf%3Fcsf%3D1%26web%3D1%26CID%3D905aaab5%2D842f%2D4e16%2D8c21%2D78919e2e48040%Avira URL Cloudsafe
https://cityofsolanabeach-my.sharepoint.com/_forms/default.aspx?ReturnUrl=%2fpersonal%2flyim_cosb_org%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fpersonal%252Flyim%255Fcosb%255Forg%252FDocuments%252FMicrosoft%2520Teams%2520Chat%2520Files%252F04212025141353%252D0001%252Epdf%253Fcsf%253D1%2526web%253D1%2526CID%253D905aaab5%252D842f%252D4e16%252D8c21%252D78919e2e4804&Source=cookie0%Avira URL Cloudsafe

Domains and IPs

Download Network PCAP: filteredfull

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
dual-spo-0005.spo-msedge.net
13.107.136.10
truefalse
    		high
    e329293.dscd.akamaiedge.net
    		23.62.226.164
    		truefalse
      		high
      www.google.com
      		142.250.69.4
      		truefalse
        		high
        s-part-0043.t-0009.t-msedge.net
        		13.107.246.71
        		truefalse
          		high
          a1894.dscb.akamai.net
          		23.222.3.228
          		truefalse
            		high
            www.tm.a.prd.aadg.trafficmanager.net
            		40.126.62.129
            		truefalse
              		high
              autologon.microsoftazuread-sso.com
              		20.190.151.7
              		truefalse
                		high
                aadcdn.msauthimages.net
                		unknown
                		unknownfalse
                  		high
                  cityofsolanabeach-my.sharepoint.com
                  		unknown
                  		unknownfalse
                    		unknown
                    identity.nel.measure.office.net
                    		unknown
                    		unknownfalse
                      		high
                      aadcdn.msftauth.net
                      		unknown
                      		unknownfalse
                        		high
                        login.microsoftonline.com
                        		unknown
                        		unknownfalse
                          		high

                          Contacted URLs

                          NameMaliciousAntivirus DetectionReputation
                          https://aadcdn.msauthimages.net/dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/favicon?ts=638477616223106700false
                            		high
                            https://login.microsoftonline.com/common/GetCredentialType?mkt=en-USfalse
                              		high
                              https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d&sso_reload=truefalse
                                		high
                                https://aadcdn.msauthimages.net/dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/bannerlogo?ts=638477648718392351false
                                  		high
                                  https://cityofsolanabeach-my.sharepoint.com/:b:/r/personal/lyim_cosb_org/Documents/Microsoft%20Teams%20Chat%20Files/04212025141353-0001.pdf?csf=1&web=1false
                                    		unknown
                                    https://cityofsolanabeach-my.sharepoint.com/personal/lyim_cosb_org/_layouts/15/Authenticate.aspx?Source=%2Fpersonal%2Flyim%5Fcosb%5Forg%2FDocuments%2FMicrosoft%20Teams%20Chat%20Files%2F04212025141353%2D0001%2Epdf%3Fcsf%3D1%26web%3D1%26CID%3D905aaab5%2D842f%2D4e16%2D8c21%2D78919e2e4804false
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://login.microsoftonline.com/favicon.icofalse
                                      		high
                                      https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+estfalse
                                        		high
                                        https://login.microsoftonline.com/common/instrumentation/dssostatusfalse
                                          		high
                                          https://cityofsolanabeach-my.sharepoint.com/personal/lyim_cosb_org/Documents/Microsoft%20Teams%20Chat%20Files/04212025141353-0001.pdf?csf=1&web=1&CID=905aaab5-842f-4e16-8c21-78919e2e4804false
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://cityofsolanabeach-my.sharepoint.com/_forms/default.aspx?ReturnUrl=%2fpersonal%2flyim_cosb_org%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fpersonal%252Flyim%255Fcosb%255Forg%252FDocuments%252FMicrosoft%2520Teams%2520Chat%2520Files%252F04212025141353%252D0001%252Epdf%253Fcsf%253D1%2526web%253D1%2526CID%253D905aaab5%252D842f%252D4e16%252D8c21%252D78919e2e4804&Source=cookiefalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://aadcdn.msauthimages.net/dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/illustration?ts=638477616232014667false
                                            		high
                                            https://autologon.microsoftazuread-sso.com/83bece33-c444-450f-bc7d-e2db906db4bb/winauth/ssoprobe?client-request-id=bc5597a1-b053-8000-ae3e-1a732b3d6f5d&_=1745420749193false
                                              		high
                                              https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5dfalse
                                                		high
                                                https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wstfalse
                                                  		high
                                                  NameSourceMaliciousAntivirus DetectionReputation
                                                  http://ns.attribution.com/ads/1.0/chromecache_76.3.dr, chromecache_88.3.drfalse
                                                    		high

                                                    World Map of Contacted IPs

                                                    • No. of IPs < 25%
                                                    • 25% < No. of IPs < 50%
                                                    • 50% < No. of IPs < 75%
                                                    • 75% < No. of IPs

                                                    Public IPs

                                                    IPDomainCountryFlagASNASN NameMalicious
                                                    142.250.69.4
                                                    		www.google.comUnited States
                                                    		15169GOOGLEUSfalse
                                                    13.107.136.10
                                                    		dual-spo-0005.spo-msedge.netUnited States
                                                    		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                    23.62.226.176
                                                    		unknownUnited States
                                                    		20940AKAMAI-ASN1EUfalse
                                                    23.62.226.164
                                                    		e329293.dscd.akamaiedge.netUnited States
                                                    		20940AKAMAI-ASN1EUfalse
                                                    23.222.3.228
                                                    		a1894.dscb.akamai.netUnited States
                                                    		8612TISCALI-ITfalse
                                                    20.190.151.7
                                                    		autologon.microsoftazuread-sso.comUnited States
                                                    		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                    20.190.155.3
                                                    		unknownUnited States
                                                    		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                    40.126.62.129
                                                    		www.tm.a.prd.aadg.trafficmanager.netUnited States
                                                    		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse

                                                    Private

                                                    IP
                                                    192.168.2.6

                                                    General Information

                                                    Joe Sandbox version:42.0.0 Malachite
                                                    Analysis ID:1672189
                                                    Start date and time:2025-04-23 17:04:33 +02:00
                                                    Joe Sandbox product:CloudBasic
                                                    Overall analysis duration:0h 3m 12s
                                                    Hypervisor based Inspection enabled:false
                                                    Report type:full
                                                    Cookbook file name:browseurl.jbs
                                                    Sample URL:https://cityofsolanabeach-my.sharepoint.com/:b:/r/personal/lyim_cosb_org/Documents/Microsoft Teams Chat Files/04212025141353-0001.pdf?csf=1&web=1
                                                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                    Number of analysed new started processes analysed:17
                                                    Number of new started drivers analysed:0
                                                    Number of existing processes analysed:0
                                                    Number of existing drivers analysed:0
                                                    Number of injected processes analysed:0
                                                    Technologies:
                                                    • HCA enabled
                                                    • EGA enabled
                                                    • AMSI enabled
                                                    Analysis Mode:default
                                                    Analysis stop reason:Timeout
                                                    Detection:CLEAN
                                                    Classification:clean1.win@24/37@20/9
                                                    EGA Information:Failed
                                                    HCA Information:
                                                    • Successful, ratio: 100%
                                                    • Number of executed functions: 0
                                                    • Number of non-executed functions: 0
                                                    • Exclude process from analysis (whitelisted): MpCmdRun.exe, sppsvc.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe, TextInputHost.exe
                                                    • Excluded IPs from analysis (whitelisted): 192.178.49.195, 142.250.68.238, 192.178.49.174, 142.250.101.84, 142.250.69.14, 20.190.190.194, 23.220.73.19, 192.178.49.170, 142.250.69.10, 142.250.68.234, 192.178.49.202, 13.89.179.14, 51.105.71.137, 20.190.190.130, 40.126.62.132, 20.190.190.129, 20.190.190.131, 40.126.62.130, 20.190.190.195, 20.190.190.196, 184.29.183.29, 13.107.246.71, 4.245.163.56
                                                    • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, www.tm.lg.prod.aadmsa.akadns.net, clientservices.googleapis.com, browser.events.data.trafficmanager.net, onedscolprduks03.uksouth.cloudapp.azure.com, clients2.google.com, redirector.gvt1.com, login.live.com, update.googleapis.com, c.pki.goog, prdv4a.aadg.msidentity.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, aadcdnoriginwus2.azureedge.net, www.tm.v4.a.prd.aadg.trafficmanager.net, ctldl.windowsupdate.com, aadcdn.msauth.net, firstparty-azurefd-prod.trafficmanager.net, login.msa.msidentity.com, fe3cr.delivery.mp.microsoft.com, browser.events.data.microsoft.com, edgedl.me.gvt1.com, aadcdnoriginwus2.afd.azureedge.net, onedscolprdcus18.centralus.cloudapp.azure.com, clients.l.google.com, www.tm.lg.prod.aadmsa.trafficmanager.net
                                                    • Not all processes where analyzed, report is missing behavior information
                                                    • Report size getting too big, too many NtOpenFile calls found.
                                                    • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                    • VT rate limit hit for: https://cityofsolanabeach-my.sharepoint.com/:b:/r/personal/lyim_cosb_org/Documents/Microsoft%20Teams%20Chat%20Files/04212025141353-0001.pdf?csf=1&amp;web=1

                                                    Simulations

                                                    Behavior and APIs

                                                    No simulations

                                                    Joe Sandbox View / Context

                                                    IPs

                                                    No context

                                                    Domains

                                                    No context

                                                    ASNs

                                                    No context

                                                    JA3 Fingerprints

                                                    No context

                                                    Dropped Files

                                                    No context

                                                    Created / dropped Files

                                                    Chrome Cache Entry: 70

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                                    Category:downloaded
                                                    Size (bytes):3141
                                                    Entropy (8bit):7.92865776552074
                                                    Encrypted:false
                                                    SSDEEP:96:2A7BWaJRUzY13FG8bq4maycmjPKFEVw/ajdNv:R7Dwk13FHu4mawjkEVw6d1
                                                    MD5:A463C08EE9D86F624AE18D97C4F88740
                                                    SHA1:C8D9D492218A34018A3D829E7D656CC2E0A2CA8C
                                                    SHA-256:9277F7934C16E90DA006AEC2D3751E16A18CE320AF6A4B8E53997F20CEDC43ED
                                                    SHA-512:565B13D7CE43950608A717A4026AD852FF0186E819B7A1CF1B7BE7CB069D960C11C2D31D72F118802F0799708368DB8B33CFB205EE5329569B7526FCB5A06D15
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://aadcdn.msauthimages.net/dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/favicon?ts=638477616223106700
                                                    Preview:.PNG........IHDR... ... .....szz.....pHYs...#...#.x.?v....IDATX....w\.y..{...}.2...%K.e...ll6c.........BI{BC1.....==m......iB.P...cc0>..ml.eY..k..I..F3.U.;...NH..........~.....#.. .P,B.P$.+P(.H...'.....17..a.k...3.C.s%.BQ.j..K... ....Sv...z....,f...D..V.A....a*._%.d..-..E.G.s..}v.|..*.e29.........s.e5...9..V.'b)O..}Q.~Q.4.m.s.H)...$.K..C.aT........S.S.9....?28..[.....%..3.....,r....l.A..Y.V....b........Z'I....bQ.".......d..?<..c..|..cc......`.i..K.j..GS....<.L9.s....s.(..$.......Cs?Y.Z..:............d-.|....=.X...io............6{.F>.$.N}.f(..l/gt..,.@0.....M2...edQ.>q.w.M.T...@.P.,...$.H........l.5..........RH.-.....H[.[4...e_..<4x...M."........Z...N..1.......A..`8..f..@..6...'.z+..+J..~..../.l.......n.K^ell.....4B.D.P....v..2N..x<Z......+........>.^Ws..cc?,.U.......&...)......,c..-M+8r.$.....k.b2.J3J...'5.......Z... .u5SV.0gz'Y...7o....$R..4.........}...2..@.P..@"...'.=..KK..U.3...f..of<|?..OB1...X.,.uPT...z.....4.C.....Y.z.L{..U523..f.q:...

                                                    Chrome Cache Entry: 71

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 190152
                                                    Category:downloaded
                                                    Size (bytes):61052
                                                    Entropy (8bit):7.996159932827634
                                                    Encrypted:true
                                                    SSDEEP:1536:HQaq1Q7XOos5ZBIp+1Zr52IGmCJijm1qAxTe9wzf:fq1HoUBIpU5TG7JSmwuTe+b
                                                    MD5:C1E82BF71ADD622AD0F3BF8572F634FC
                                                    SHA1:6CA863D4CAB96669202548D301693B3F5F80B0D5
                                                    SHA-256:BA48AF15D297DB450DC4870242482145ADDB2D18375A4871C490429E2DC5464A
                                                    SHA-512:820A7F8A0C8EA33A8FE1E90CDC35F45DC1E143E836B0D8EA047E1E312F8CAEC72CDEE4E7DB54760A4D749CD0ACFE103A27E39A9A56EB2D704E448A67B0D0C079
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
                                                    Preview:...........iw.F.0.....'W...4)/qH#..D.L.EK...................().}.{..@.z........Qz.,..Ox.....i4..S.&.p......9..W....);a.].a....Y......Y<,.n..."`Is....5....P..|.-..x1.F...@...yRlG.O..5.Q.|.gy.c.^....r.EC.....xd.oL..$./..|3.......r^.j.}...M... )x.D.....%.....B..t....vZ....2L......px.G.1.*.lZYh...$.....,.../.a..;Q...._..#.....e.T.:trA_.0.:.f...........(I.x?.S...<7...o..0.`r.x.+.2..o+...4/..vzY7.C'.....!.r..4n....]P.+a..........._.8,..G>...{.4B....o.9.....r......X3..U.....'.0.@...lrX....r.W\e...].}....(.l......=........3....S..........^=D..[.zw6..e...<WQ.w.(.X..S....>.^.....^B..O-.(..U.R;h..v.......4.Dc .?..z....r.._.Y......M.a.?,...?..U.....OF.w\h$.Q..5....Q.Oj ....5U..8..Y......gYZM....y..OrY.z]B..y..;o.....oT.r...H..{K...Y&Q.......*..W....N4.......].0m..m........E.bc..~..e.. .nzS.i3^......).,Y}.=1H...... V...g.)....X..G...C....@o,.i.~...as...ehEH....u9l.2...y\J.?.(.I.q%..F#..D../>pr$...,...m.6..:,<s..~S.fl;k.'<..}z.Y.

                                                    Chrome Cache Entry: 72

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 20x20, segment length 16, baseline, precision 8, 1920x1080, components 3
                                                    Category:downloaded
                                                    Size (bytes):298891
                                                    Entropy (8bit):7.983655598697523
                                                    Encrypted:false
                                                    SSDEEP:6144:XEME4SvMEfIe5YWUmB1+zWgs7JlG4dLeffm5WrGhJrMNySPl+X:XEM8vMMIe5YRI1+psHashxKyElW
                                                    MD5:740C91DB22D4A15EB5B4D477970E0076
                                                    SHA1:119331584ED0B883404C703DE27FC595CAEDF629
                                                    SHA-256:0E45E278C7EE9794AE0708EAA2A09A0EAB546371E013B1D0BC5C72C3836E0B58
                                                    SHA-512:A0434C6FC71755134C9DCA04DBCA6C3BD0DF480D3B5FB8E58E8E7CCAA3EA14A848D7893A4A365A2103750AC28371BFDF6C3D78F5952DDDF67CCB474AEF3156A8
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://aadcdn.msauthimages.net/dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/illustration?ts=638477616232014667
                                                    Preview:......JFIF..............ICC_PROFILE............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6...C........................................................ "..".......C.......................................................................8...."........................................V........................!.1A.."Qaq.....2B...#R.$3br.....%CSc....45s.&DTd...t....6..................................<.......................!1.A."Q2aq....#3....B.R.4..C$br.S..............?...Q...@W.#.......\Sc`.\zQ..+.........P).Tp...sJ(......X..2v...;....\......1...p.c.K.J@..j 3..\zS.qE...... .!..P1...JP7.....(

                                                    Chrome Cache Entry: 73

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 20x20, segment length 16, baseline, precision 8, 1920x1080, components 3
                                                    Category:dropped
                                                    Size (bytes):298891
                                                    Entropy (8bit):7.983655598697523
                                                    Encrypted:false
                                                    SSDEEP:6144:XEME4SvMEfIe5YWUmB1+zWgs7JlG4dLeffm5WrGhJrMNySPl+X:XEM8vMMIe5YRI1+psHashxKyElW
                                                    MD5:740C91DB22D4A15EB5B4D477970E0076
                                                    SHA1:119331584ED0B883404C703DE27FC595CAEDF629
                                                    SHA-256:0E45E278C7EE9794AE0708EAA2A09A0EAB546371E013B1D0BC5C72C3836E0B58
                                                    SHA-512:A0434C6FC71755134C9DCA04DBCA6C3BD0DF480D3B5FB8E58E8E7CCAA3EA14A848D7893A4A365A2103750AC28371BFDF6C3D78F5952DDDF67CCB474AEF3156A8
                                                    Malicious:false
                                                    Reputation:low
                                                    Preview:......JFIF..............ICC_PROFILE............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6...C........................................................ "..".......C.......................................................................8...."........................................V........................!.1A.."Qaq.....2B...#R.$3br.....%CSc....45s.&DTd...t....6..................................<.......................!1.A."Q2aq....#3....B.R.4..C$br.S..............?...Q...@W.#.......\Sc`.\zQ..+.........P).Tp...sJ(......X..2v...;....\......1...p.c.K.J@..j 3..\zS.qE...... .!..P1...JP7.....(

                                                    Chrome Cache Entry: 74

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113769
                                                    Category:downloaded
                                                    Size (bytes):35168
                                                    Entropy (8bit):7.993219152622706
                                                    Encrypted:true
                                                    SSDEEP:768:j6PfHtcQsNe72gH9i6EndaklFS0VBrXFm4soWu7VOYpRf0WL/:5xoCgH9i6EFFhrXFmUW4JpRc+/
                                                    MD5:E9745F803E3FBA8FA0CC8C1E6E4506C6
                                                    SHA1:87E8B2D2F29CB42BAD597390234F66745642D080
                                                    SHA-256:D5496BC436AAD08CCA3F391A3CA8D7DAFC076B081567511A8B1358F860DA8003
                                                    SHA-512:C74C91DD85D312ED34E2275E13AC778E186581BF43F70B379C3B370755AF46EDA4EE0FE1C52997385848084C90CE2466AB3E7F71D9A2EBE1B6BB85AD0FB66AD6
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4f75990aeef30238698e.js
                                                    Preview:...........kC.H.0......e....0.pX..Iv3..\f..0YY.m..e$.K..o...j..g.3.lpW.......[..Y.?k.Y.......8~.a..../_.;]{.............v...0..q.Dk.w...h-....Z<..l.fA..k3.7..dm....b..-...(,.$...4...f...e...AV..z.mA....O.9........k..h-.......<Z[.GQ.v3....Oq..y:..(..k.$_...._..h-...q..S.ck.=.T......Sq@.:.A.c.(....SDq..Ac.t..m.$Lc....Z...K...O<....f9..p...0Z..3.<...$YK.x.F......v....nm..s$...&..dQ4.......n-.-.......E.XD..-5~...f.....t...-_.....fsg...8kZ..|.{{....p+Lg.t9I..P./ap......o9Wx.._{....k..,...............................7.|..t...Ax.7..b..v..v.m-...~v...:{...r..._........,...A........:..x.>.y..u.....N..f...).......<?._.f..C.....%..@..~....`P../.Q4..IQ.' ...e)'.q..Y:...%.z..x..k.z.../....@.D.r?......GP....`..o.'..~1.....&.HJ.`.@.}mV../8.b.m..guo.H_.7Qv.....dQ.....-.NE......G:.U'.....~.1.....H.k...O..dk.d.|.7..x\/..i^.Y..Q_/.`..i.&...-.......P...yEv....,....'.^...X.......YK.".....l.r.ax.....<...1!..4GQ.M_.....L..F..51.!.....].....y...(...=O5?.nT...~

                                                    Chrome Cache Entry: 75

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
                                                    Category:downloaded
                                                    Size (bytes):621
                                                    Entropy (8bit):7.673946009263606
                                                    Encrypted:false
                                                    SSDEEP:12:Xp7fmqfW/e4YC2L0E5DZLB62y/+6lbPa1Gotq8mdd2Xmy2QLBwxD+QkCfBJ:Xp6qf2SCk3LBpy/rtPa1GKq8mOX5jLcD
                                                    MD5:4761405717E938D7E7400BB15715DB1E
                                                    SHA1:76FED7C229D353A27DB3257F5927C1EAF0AB8DE9
                                                    SHA-256:F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
                                                    SHA-512:E8DAC6F81EB4EBA2722E9F34DAF9B99548E5C40CCA93791FBEDA3DEBD8D6E401975FC1A75986C0E7262AFA1B9D1475E1008A89B92C8A7BEC84D8A917F221B4A2
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
                                                    Preview:..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x*...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E.."....*...x.@..?u......../....8...

                                                    Chrome Cache Entry: 76

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:PNG image data, 245 x 40, 8-bit/color RGBA, non-interlaced
                                                    Category:dropped
                                                    Size (bytes):8493
                                                    Entropy (8bit):7.832206813025165
                                                    Encrypted:false
                                                    SSDEEP:192:wOjc9ZZpp1DcFSulLYt73tAOcpDWYV1lF21a:wOjc9ZPjcFbl8t73tAOcpVLk1a
                                                    MD5:4868B0039AF43B23846E507CD5BF091F
                                                    SHA1:BEBADF5CCA77E4DDED52417DD2B23996A136EF40
                                                    SHA-256:F92379476A0202662CF6B1B00493C3C71D60B6F260D7509BED83B76D77CBE5E8
                                                    SHA-512:B8181EF211400DD0C915EA5219A363E1ABCAF5D0EE8FFE472C7B49EA476B5D75C4EAC46F82AB0E1B50CC1E1FB9455BCCBC12B5DB9AC3F6EC7B701CB18C2734C7
                                                    Malicious:false
                                                    Reputation:low
                                                    Preview:.PNG........IHDR.......(.....&.......pHYs..........+.....:tEXtComment.xr:d:DAF8CxUD-H4:2,j:933788885418800052,t:24020619=.`.....iTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x='adobe:ns:meta/'>. <rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'>.. <rdf:Description rdf:about=''. xmlns:dc='http://purl.org/dc/elements/1.1/'>. <dc:title>. <rdf:Alt>. <rdf:li xml:lang='x-default'>SSO Banner Logo - Option - 2</rdf:li>. </rdf:Alt>. </dc:title>. </rdf:Description>.. <rdf:Description rdf:about=''. xmlns:Attrib='http://ns.attribution.com/ads/1.0/'>. <Attrib:Ads>. <rdf:Seq>. <rdf:li rdf:parseType='Resource'>. <Attrib:Created>2024-02-06</Attrib:Created>. <Attrib:ExtId>b4445d17-d82e-4c15-822f-23bfc20e2301</Attrib:ExtId>. <Attrib:FbId>525265914179580</Attrib:FbId>. <Attrib:TouchType>2</Attrib:TouchType>. </rdf:li>. </rdf:Seq>. </Attrib:Ads>.

                                                    Chrome Cache Entry: 77

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                                    Category:dropped
                                                    Size (bytes):3141
                                                    Entropy (8bit):7.92865776552074
                                                    Encrypted:false
                                                    SSDEEP:96:2A7BWaJRUzY13FG8bq4maycmjPKFEVw/ajdNv:R7Dwk13FHu4mawjkEVw6d1
                                                    MD5:A463C08EE9D86F624AE18D97C4F88740
                                                    SHA1:C8D9D492218A34018A3D829E7D656CC2E0A2CA8C
                                                    SHA-256:9277F7934C16E90DA006AEC2D3751E16A18CE320AF6A4B8E53997F20CEDC43ED
                                                    SHA-512:565B13D7CE43950608A717A4026AD852FF0186E819B7A1CF1B7BE7CB069D960C11C2D31D72F118802F0799708368DB8B33CFB205EE5329569B7526FCB5A06D15
                                                    Malicious:false
                                                    Reputation:low
                                                    Preview:.PNG........IHDR... ... .....szz.....pHYs...#...#.x.?v....IDATX....w\.y..{...}.2...%K.e...ll6c.........BI{BC1.....==m......iB.P...cc0>..ml.eY..k..I..F3.U.;...NH..........~.....#.. .P,B.P$.+P(.H...'.....17..a.k...3.C.s%.BQ.j..K... ....Sv...z....,f...D..V.A....a*._%.d..-..E.G.s..}v.|..*.e29.........s.e5...9..V.'b)O..}Q.~Q.4.m.s.H)...$.K..C.aT........S.S.9....?28..[.....%..3.....,r....l.A..Y.V....b........Z'I....bQ.".......d..?<..c..|..cc......`.i..K.j..GS....<.L9.s....s.(..$.......Cs?Y.Z..:............d-.|....=.X...io............6{.F>.$.N}.f(..l/gt..,.@0.....M2...edQ.>q.w.M.T...@.P.,...$.H........l.5..........RH.-.....H[.[4...e_..<4x...M."........Z...N..1.......A..`8..f..@..6...'.z+..+J..~..../.l.......n.K^ell.....4B.D.P....v..2N..x<Z......+........>.^Ws..cc?,.U.......&...)......,c..-M+8r.$.....k.b2.J3J...'5.......Z... .u5SV.0gz'Y...7o....$R..4.........}...2..@.P..@"...'.=..KK..U.3...f..of<|?..OB1...X.,.uPT...z.....4.C.....Y.z.L{..U523..f.q:...

                                                    Chrome Cache Entry: 78

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 142588
                                                    Category:downloaded
                                                    Size (bytes):49982
                                                    Entropy (8bit):7.995657643114965
                                                    Encrypted:true
                                                    SSDEEP:1536:Jxgptniucdklf46I3reB9kaGX2VDj/vlzQ4Orr:JehcdSPIbK9ggnnlzor
                                                    MD5:47B6359A09BBEE6AA41B82E06C5A6105
                                                    SHA1:7049BB7A20217A9153F9AED16A0A6B6DF27B1038
                                                    SHA-256:EACBD5A1C958B4A2859D1D59FCDF028EDB6DD7567109218A83AA4E263A253A35
                                                    SHA-512:16CAC5CD306721D5A117CA06CC42BBB38680697E811479F51C315A3967F5716ED9AC2A01A049BDBA027984312F268E2711E359936ED748394100A11953B231FC
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_9810YxmrLqOR1rQ4anyNMg2.js
                                                    Preview:...........m[.8.0........OL....;w.....6.ff.X.'V......4.r~........=........,..JU.......T~.l..?..E...r..r.....r.o....^.......(..q...?.......*aP......h.Fn".....|wR.G.C%...i.~..$.L.8.BC1..*U...*gn.<W...:./.6.....(.>..}R.......xT..^.XTf.'...?.....(..qR..H...x...OX.7..X$.q.%..ze....>._......{P.:....~.M...X&.&.u..ie..|.*IXy.g..Y....x{..;..U.M.f....f,.Gl.dR..<...bl{E|..@<y..En.(W...s."!.D.X.<AE....a....Y..'.t*&8.T.....".J.K......Rm5.;...F...$........Q......C.G_.s...../1.8b\....ZP9..\?P.:........)`_.... .......6..#lXU.s.\I....Q..*..Y..\5n,.~.7V.4..su........N\...._.7...........T.....)..L..S}.c_...\_......Y}:...._1-|p..l@..[q.......*....?&.0Z_.Aw:3.RsV...qR5..Bv./..7...b.G,..jt...HfQP..:.).a...&9s.N....d.=_,:...B..@...+{.Mx.8k.,m.Q.B.......j....}.2bdEkE.G.a..5...1....G ...T...~....uV6.....i.=...A*U.!.+."3c...D.&!*q.9L....8..&`>.....v....6aT\.U.S.q"+!.....Xi.@D2.....g..t\.nw.-..L..S.B@QZ.N>.\-...[...pD....sro//..H...i......}.U.....M.yJ........./.

                                                    Chrome Cache Entry: 79

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:ASCII text, with no line terminators
                                                    Category:downloaded
                                                    Size (bytes):100
                                                    Entropy (8bit):5.3198199098356485
                                                    Encrypted:false
                                                    SSDEEP:3:uWz2iczBrhTDcP2y5sSA2NDo+qBVcdk:u9iczB9TDcPT5sd+qT
                                                    MD5:4AB62CA3344E42C653AB16F4C8F6133D
                                                    SHA1:40F54836B799B36683BC956C7728E467AA0916D3
                                                    SHA-256:B94592789F21844A2F11D4AF834E7B5C2115ECD4E95EA836D9D5461B801BEE59
                                                    SHA-512:49CE64752C5DA0DAD14A423F6F44B43A878BB0B1FC7889046CCE23A3F62701B4D876134DB533257B588228CD36A373B30B1EBFBBFD647267091C8A0C8377BAEE
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIgCYICaXLWAdtdEgUN0VtRUhIFDVd69_0hdwoVzR0JmnI=?alt=proto
                                                    Preview:CkkKDQ3RW1FSGgQIVhgCIAEKOA1Xevf9GgQISxgCKisIClInCh1AISMuKiQtXyslJj8vXj0pKCw6O348JyJcXT5bfRABGP////8P

                                                    Chrome Cache Entry: 80

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
                                                    Category:dropped
                                                    Size (bytes):621
                                                    Entropy (8bit):7.673946009263606
                                                    Encrypted:false
                                                    SSDEEP:12:Xp7fmqfW/e4YC2L0E5DZLB62y/+6lbPa1Gotq8mdd2Xmy2QLBwxD+QkCfBJ:Xp6qf2SCk3LBpy/rtPa1GKq8mOX5jLcD
                                                    MD5:4761405717E938D7E7400BB15715DB1E
                                                    SHA1:76FED7C229D353A27DB3257F5927C1EAF0AB8DE9
                                                    SHA-256:F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
                                                    SHA-512:E8DAC6F81EB4EBA2722E9F34DAF9B99548E5C40CCA93791FBEDA3DEBD8D6E401975FC1A75986C0E7262AFA1B9D1475E1008A89B92C8A7BEC84D8A917F221B4A2
                                                    Malicious:false
                                                    Reputation:low
                                                    Preview:..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x*...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E.."....*...x.@..?u......../....8...

                                                    Chrome Cache Entry: 81

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:GIF image data, version 89a, 352 x 3
                                                    Category:dropped
                                                    Size (bytes):3620
                                                    Entropy (8bit):6.867828878374734
                                                    Encrypted:false
                                                    SSDEEP:48:ZumKaT5ezv47j2/ZiRDlq16x8XvEUcg777shHdpHVGJqFd:Eal647jPDlL8XvEUcg77kVGyd
                                                    MD5:B540A8E518037192E32C4FE58BF2DBAB
                                                    SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                                    SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                                    SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                                    Malicious:false
                                                    Reputation:low
                                                    Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...

                                                    Chrome Cache Entry: 82

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:GIF image data, version 89a, 352 x 3
                                                    Category:dropped
                                                    Size (bytes):2672
                                                    Entropy (8bit):6.640973516071413
                                                    Encrypted:false
                                                    SSDEEP:48:ZaOdwduTYPpS9pZy9vDNi1miicsvrJkafMiS+MGQ09DU/X9/4Xp6m5Z9SQcq:4CIuTYPpSTc9vcPZX9/2gzQ/
                                                    MD5:166DE53471265253AB3A456DEFE6DA23
                                                    SHA1:17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D
                                                    SHA-256:A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
                                                    SHA-512:80978C1D262BC225A8BA1758DF546E27B5BE8D84CBCF7E6044910E5E05E04AFFEFEC3C0DA0818145EB8A917E1A8D90F4BAC833B64A1F6DE97AD3D5FC80A02308
                                                    Malicious:false
                                                    Reputation:low
                                                    Preview:GIF89a`............!..NETSCAPE2.0.....!.......,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....0.............<....[.\K8j.tr.g..!.......,....3............^;.*..\UK.]\.%.V.c...!.......,....7........`....lo...[.a..*Rw~i...!.......,....;........h.....l.G-.[K.,_XA]..'g..!.......,....?........i.....g....Z.}..)..u...F..!.......,....C...............P.,nt^.i....Xq...i..!.......,....F...........{^b....n.y..i...\C.-...!.......,....H..............R...o....h.xV!.z#...!.......,"...L.............r.jY..w~aP(.......[i...!.......,(...N.............r....w.aP.j.'.)Y..S..!.......,....H.........`......hew..9`.%z.xVeS..!.......,5...A.........`...\m.Vmtzw.}.d.%...Q..!.......,9...=.........h......3S..s.-W8m...Q..!.......,A...5.........h.....N...:..!..U..!.......,H.............h....M.x...f.i.4..!.......,O...'.........i...tp......(..!.......,X.............j...@.x....!.......,].............j..L..3em..!.......,e.............`......!.......,n..............{i..!..

                                                    Chrome Cache Entry: 83

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:JSON data
                                                    Category:dropped
                                                    Size (bytes):72
                                                    Entropy (8bit):4.241202481433726
                                                    Encrypted:false
                                                    SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                                    MD5:9E576E34B18E986347909C29AE6A82C6
                                                    SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                    SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                    SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                    Malicious:false
                                                    Reputation:low
                                                    Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                    Chrome Cache Entry: 84

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 15755
                                                    Category:downloaded
                                                    Size (bytes):5530
                                                    Entropy (8bit):7.965763129428666
                                                    Encrypted:false
                                                    SSDEEP:96:UzTA4WkWIkrRoWazVTkL+vB0MlBhgW5ACO8KgdNO:UMrRoWWTkwXBhT5ACRdE
                                                    MD5:8D162C09666E7217D67FAD4C3B7FA2CD
                                                    SHA1:5AC1FEA2497E32765E59B9C2A2417A860F625338
                                                    SHA-256:FDF9BD773E6F06D60CEB7382D8A724E221802D7776281D0EB338DDC7756BFB7E
                                                    SHA-512:F5E559F593FB8C2B3FEFC7C1750ED0C9CE6FFDC597ADD81B6EE72740C9C47F810E136750E0A51B2A5F3BEDE0463665889CCBB1F0C7F68EA6E25C75E3FC5C752C
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_268b957e4bf672b8fe6b.js
                                                    Preview:...........[}w.F...?.b.(..c;m....8zI.....&9:H.$b..A......3 ..d...$...s..}....i.....G...{.e[..\7.+.}.>\.:.......7.6....9p...(.D..a..Q.\hS...n...h.....I...S...H.h...^3...+7I.Z......?.C..F..?OR-.R..57.$../...,.x..O..D...I$.Q.%|..;l"f._.in.5.Sm.%.D.ai]......QHp...{@8....8........5Q....+dD.:.Z.i.h.Q_......6.r../..o6L..c.....A.E.O4.,A.k.!.....8qCby.....'.Oy.20.....Oc."O.4..(.y@w+....[..h.W.....B3^...98z}ptl..I...><...d6.....f... }x..y..v/?.|.j...]...@kFS......q.*..%.....nH.h}h.......o..z..{>.....P.T.-....V<..........~.G.pH.28..0..\\.#.W&..86Y...|<.7...fC'....p.P..<.l.D.f<.w..R...\..T..n......<.y.b.vF..h...b..l......\....cq.S.u......'&...E..s.d..-).I.M]..0.;.....;~6K'....$.G....;.8..<_.;.@.]...;.}..[.cWDJ6z..l..H..'8~..6vj5........Q...I..X.Ww..vB.....{v..$...].......d..cAO#.G...0(.....Y..G.6k.%z.S..6....Qw...`H....)1.5.......M...}C..z...3...d.;5..(.!.....}.Y.!..0..n.a.`..'D..@../.N.|w.OcH.];Z...k.....1g.4.f..t.'...........8i..<!...6M...p..w.

                                                    Chrome Cache Entry: 85

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113424
                                                    Category:downloaded
                                                    Size (bytes):20410
                                                    Entropy (8bit):7.980582012022051
                                                    Encrypted:false
                                                    SSDEEP:384:8RvmaMFysnOXZ2m9zM+udO6GGUpeAU02oDGnN5EsQwWUQGTS8r2k:8pmm7ZFM+ObGGUIjN5PJV3Tp
                                                    MD5:3BA4D76A17ADD0A6C34EE696F28C8541
                                                    SHA1:5E8A4B8334539A7EAB798A7799F6E232016CB263
                                                    SHA-256:17D6FF63DD857A72F37292B5906B40DC087EA27D7B1DEFCFA6DD1BA82AEA0B59
                                                    SHA-512:8DA16A9759BB68A6B408F9F274B882ABB3EE7BA19F888448E495B721094BDB2CE5664E9A26BAE306A00491235EB94C143E53F618CCD6D50307C3C7F2EF1B4455
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css
                                                    Preview:...........}k..6..w...R..J.H=GSI..x.9...}T*.....)Q..f<...~.F.h..x..{+.-.....h..n....</v.ev......W.,.bU..rW.I...0x...C..2...6]..W_......../x.........~.z.}.|.#x......Ag*O.|XgU...4 .^'U...mP.A.].Z.U.!..Y.......:.ve.?.!..d.N...xJ...mR......0.@p...lKr/...E.-. .....|l.4.o.i.......L.iF..T{.n....2....VEY.y=..=..T+V./.b....\....7.sH.w{.h.....!.."F.k.!.......d...mS.rh.&G.../..h&..RE"!.A/.......A....L...8.q.M...t[...R...>.6;R..^.Vu..9.[F........>A.:HT}w]......2........p......'T.^]}.^..yJ>.<..pq..h.|..j....j.x..-...c...f...=".)..U.X'.M..l.]ZVtl\.I..}.0.~B0Y'.N...E.4.Xd..e...a.........."..9+d.&..l.$E..R.u.g.Q..w&...~I. .y..D.4;..'.."-.....b...)k.n.M...,3J.z_..&2f.h;.&.R.y..P..X.....\P....*.r...B.$........<....H5.M.."'#.6mQl..mQ5.=.\...O.....^..jM..u*.F..Oh.lNI..j..T..u...I..._........{.\...{..._|..={O..z..>......x..5Q.D7?{...^...^.......o.=.z......v......z.C...Gtw...0!..M@....^...^.x..G....W...{...)..y.<c3...^>{......7._..'d__...;R.

                                                    Chrome Cache Entry: 86

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:GIF image data, version 89a, 352 x 3
                                                    Category:downloaded
                                                    Size (bytes):2672
                                                    Entropy (8bit):6.640973516071413
                                                    Encrypted:false
                                                    SSDEEP:48:ZaOdwduTYPpS9pZy9vDNi1miicsvrJkafMiS+MGQ09DU/X9/4Xp6m5Z9SQcq:4CIuTYPpSTc9vcPZX9/2gzQ/
                                                    MD5:166DE53471265253AB3A456DEFE6DA23
                                                    SHA1:17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D
                                                    SHA-256:A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
                                                    SHA-512:80978C1D262BC225A8BA1758DF546E27B5BE8D84CBCF7E6044910E5E05E04AFFEFEC3C0DA0818145EB8A917E1A8D90F4BAC833B64A1F6DE97AD3D5FC80A02308
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
                                                    Preview:GIF89a`............!..NETSCAPE2.0.....!.......,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....0.............<....[.\K8j.tr.g..!.......,....3............^;.*..\UK.]\.%.V.c...!.......,....7........`....lo...[.a..*Rw~i...!.......,....;........h.....l.G-.[K.,_XA]..'g..!.......,....?........i.....g....Z.}..)..u...F..!.......,....C...............P.,nt^.i....Xq...i..!.......,....F...........{^b....n.y..i...\C.-...!.......,....H..............R...o....h.xV!.z#...!.......,"...L.............r.jY..w~aP(.......[i...!.......,(...N.............r....w.aP.j.'.)Y..S..!.......,....H.........`......hew..9`.%z.xVeS..!.......,5...A.........`...\m.Vmtzw.}.d.%...Q..!.......,9...=.........h......3S..s.-W8m...Q..!.......,A...5.........h.....N...:..!..U..!.......,H.............h....M.x...f.i.4..!.......,O...'.........i...tp......(..!.......,X.............j...@.x....!.......,].............j..L..3em..!.......,e.............`......!.......,n..............{i..!..

                                                    Chrome Cache Entry: 87

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:GIF image data, version 89a, 352 x 3
                                                    Category:downloaded
                                                    Size (bytes):3620
                                                    Entropy (8bit):6.867828878374734
                                                    Encrypted:false
                                                    SSDEEP:48:ZumKaT5ezv47j2/ZiRDlq16x8XvEUcg777shHdpHVGJqFd:Eal647jPDlL8XvEUcg77kVGyd
                                                    MD5:B540A8E518037192E32C4FE58BF2DBAB
                                                    SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                                    SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                                    SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
                                                    Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...

                                                    Chrome Cache Entry: 88

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:PNG image data, 245 x 40, 8-bit/color RGBA, non-interlaced
                                                    Category:downloaded
                                                    Size (bytes):8493
                                                    Entropy (8bit):7.832206813025165
                                                    Encrypted:false
                                                    SSDEEP:192:wOjc9ZZpp1DcFSulLYt73tAOcpDWYV1lF21a:wOjc9ZPjcFbl8t73tAOcpVLk1a
                                                    MD5:4868B0039AF43B23846E507CD5BF091F
                                                    SHA1:BEBADF5CCA77E4DDED52417DD2B23996A136EF40
                                                    SHA-256:F92379476A0202662CF6B1B00493C3C71D60B6F260D7509BED83B76D77CBE5E8
                                                    SHA-512:B8181EF211400DD0C915EA5219A363E1ABCAF5D0EE8FFE472C7B49EA476B5D75C4EAC46F82AB0E1B50CC1E1FB9455BCCBC12B5DB9AC3F6EC7B701CB18C2734C7
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://aadcdn.msauthimages.net/dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/bannerlogo?ts=638477648718392351
                                                    Preview:.PNG........IHDR.......(.....&.......pHYs..........+.....:tEXtComment.xr:d:DAF8CxUD-H4:2,j:933788885418800052,t:24020619=.`.....iTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x='adobe:ns:meta/'>. <rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'>.. <rdf:Description rdf:about=''. xmlns:dc='http://purl.org/dc/elements/1.1/'>. <dc:title>. <rdf:Alt>. <rdf:li xml:lang='x-default'>SSO Banner Logo - Option - 2</rdf:li>. </rdf:Alt>. </dc:title>. </rdf:Description>.. <rdf:Description rdf:about=''. xmlns:Attrib='http://ns.attribution.com/ads/1.0/'>. <Attrib:Ads>. <rdf:Seq>. <rdf:li rdf:parseType='Resource'>. <Attrib:Created>2024-02-06</Attrib:Created>. <Attrib:ExtId>b4445d17-d82e-4c15-822f-23bfc20e2301</Attrib:ExtId>. <Attrib:FbId>525265914179580</Attrib:FbId>. <Attrib:TouchType>2</Attrib:TouchType>. </rdf:li>. </rdf:Seq>. </Attrib:Ads>.

                                                    Chrome Cache Entry: 89

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 406986
                                                    Category:downloaded
                                                    Size (bytes):116364
                                                    Entropy (8bit):7.997236503670438
                                                    Encrypted:true
                                                    SSDEEP:3072:7EoTCjm+KsUvGOonzI627JoxMrHDGqMzn4:/Cy+KNvGVns6+MijGTT4
                                                    MD5:991F65CE1AA4809A6ED028BD54B3D1E3
                                                    SHA1:18B2197389C0AE376309E3A5D03CC1C039337685
                                                    SHA-256:3C2C2CFEA40049D60B0BCEA06AE9A3558D0D264B318F06DD180A920774EC6365
                                                    SHA-512:32F2D67286A4A813A3FBC60DA16923D5B210237D39F331244A4ADDB52A9AF66A606E38CE64D219F78A8FBDC20756B42382B136210DE75FF4FE2ED39C154E27F9
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_41f36656d3c0bb04c90c.js
                                                    Preview:...........k{.H.(.}.......c....8=.Ib......#Ca.....K..o..ZU%...q..9...ct).....S..*?U.6..rqyt~Y9}W..........Z.xzy..x.z.Q.w9......^...U.........<..G....=wZ.....Oxe.._.0.*S/..k>..*&T..*gn.?TN....6.....a0...I\......)....$......7.T>x.0..q\...{..H...|.....2..x"..\`IYkD..#*....FP....a.^.].'0h.&.....ie..|.*qPy....l<..S.y.E..>.....a...3..-vq:..P<..dE.....C.h.P..]..\5.......3.<N.^?T...:B#c....|...T.........(...Q.l7[...V.e.W.8.G.....O...0.m...f.F...7..h.......F..b...Yr.=...f.....?......S.}U..g.......t..../...G.......~.+...)y.X\...<.&.........`.v.....`^....c4c.Yh=.a.wB.m.......i..~v-..O..nY....A....5...v...t..FSw...Q/n...c.9Y{.-..>a..7h..o..ec...O...)~..8...j-M..nD....9......f5..'Q#...L.'......fZW."Q[.<.nx..O...LU.;..a.m..&.k.$...;.=L...yv....,.f<Hb{.w.@.8...8F.D.>.04.[K6v.i..2.#?..&.;-.].....1.X0w.H6mZ..A...t..e-.\...MC6.xt`..cu...@_...v....;z'.mV.T/o.i....-...K......\..Sn>B......%x..%......W.|......~.6.%...+.:..x5..s5P.-..!.G...ZT.i...;.&

                                                    Chrome Cache Entry: 90

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 458162
                                                    Category:downloaded
                                                    Size (bytes):123813
                                                    Entropy (8bit):7.997272902803686
                                                    Encrypted:true
                                                    SSDEEP:3072:QYE0G/R2nRVfTY+8Tt5AGS+gAGJp2skI2MXZbyjGyTI6WHUfQ4:dGKVbY+M5wBk/MXyTXWHUfN
                                                    MD5:F2E6245867C5AF0FAAEE372B5DE23FD0
                                                    SHA1:B91FD1E78A320C7E38F210FBED1202AD72E8B585
                                                    SHA-256:7C03B62F0AB11829315130E5D2AE240FC93694C13A6CC231B342163ACAA26E5F
                                                    SHA-512:7DF5E3DF7E3DC269659702F54CDF3CDAFA3BD9B19C10952655753AF8B3B1899A33438D5B986F69EBF156910A1B6E8178BFA8CCD80402021E0970A5AB78F46946
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_JXiTFACSOROsZgtGRJo1aA2.js
                                                    Preview:............W.0...+...L2.......'..;{......h6...!.sl...9..WU.l9q..9.w.u.....T*U.J..?.._..K......{u]....?...K.......u.w...`.....?...)+...3....0*...F.0r...f.o.;..8.g...Q.'s..4......4|.....+]:Q.Z._V.P?.....@i7.........xT..>.........>..}7..p..".2.......oB/9.+.,)..(y......)j....bL...'...4P..........e.`.ZU:.V.........p!z....&%..,.v0=....-...f.'..tZ..<*..b.{.... ...&.. .es0q.$bl.D..1*:z-..9t.F..X...9...R..~...J.?.0.U..K.a....aVx.C..c....<,FU7.}...d...u....}..pp..g...q\Y....zP:.g....U..s......%....Z.'.........x...2.,..RP..+..O. _....n.;=.?.....w../au.I.p...U|;......WM.f?...9.>8..9.....S../;._..un...].:_..e..V*:...C.@..[.*.Ue.'Pe..&wv..T..ow.........?..\)WVb..r.;.....a........mpW.X.........B.....I...}j.....(...1.e.D.~.....;F..:..P.=......(r^........N1.F....@..W%y.....t..'Q....Y.5.$.O..x@.l.4.a.b*.f..3.2.B...DL}4Y.:.u........`?....W`Z".S.S..}= .:......i.@E"1T.....`\.a....J:].....R....=R..y...*......s<;....~NXr2%...|.v&...5..*....D.(9...

                                                    Chrome Cache Entry: 91

                                                    Download File
                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 58614
                                                    Category:downloaded
                                                    Size (bytes):16613
                                                    Entropy (8bit):7.9866455594821195
                                                    Encrypted:false
                                                    SSDEEP:384:gWZV40Gho404SknzQoXUtxIcbeFNi3/yjDzSqjQ:gcK0gN00zQtTWFNigDzs
                                                    MD5:B1D7EB152073179B8EDBD1A627E382F5
                                                    SHA1:34AFCAE9ABF3C4C5246B8C2352A9DFD1947ACAA5
                                                    SHA-256:128CDCDD66F32D837236088A91C9A2FDD7A049CE4F92E9000D856012CE28DBB4
                                                    SHA-512:56F2A005ABD11BC6C2C3F049DA3479DFCAC96E72AAFA66E95040FE0525C72C0E00DA93EFBDEEF71B5AA02316183EB1C1C41FCE3DD43D6495697A1623B085857E
                                                    Malicious:false
                                                    Reputation:low
                                                    URL:https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_cwzkvppibgumnhupu2wjoa2.js
                                                    Preview:...........}Ms#.......f....O..1..3.!....RH2....~......Q.x7...}..'.}..?e#...QU]....Vo.....].U............^..{..w!x..=z....{..._..%.i..q........j<.w...7..."pgbV.C..kYU`..X....'t....<p........x...!..4mx..Q,:.....?&.p.....Q/.............=.m.Q.z.M...=..3'...."....L...{".?..k..../.E8...T.,FqXt.6.].tu6.....w.W..7i..s.Z,&c.)n.[.pcQp...4..`....4X.q..^...E.M.p|qoBh..B+..<q..Pgb.j....\.!...q..Q.k....>.}z'`~....E<.{.B4..w..x~...F.-.........>T..b.,...S.O.z...<.......=.N..S.GB.......m......J.\9........W.2.A)h.V..:t..t.O.J.).CO......K.w&..4?.d..r..4.7.8(L. ..-......:.J.y....%n..<..n....-....Oo_>a....-.i.............{O...1.M....V>..=N..(.4.K.t../.1....\F..`._Bz......u..[,...].3.0.3.....L|..*.a!.!.t.....[x..Xv:.QTp....ZE.u.`...s..o\.....)..a0..5....oN..{h..l)..QL.d.X.E.]...%$.H.|...wWo..........BwPpg...W/|..\X..F.[5.e.[ .o........S.3/..3@n.......=P A.B6...{{.g.=...L...tl.rJ..X.J,...;.}7..O/......Z........)...,`l...7 ...C....QQ.3(..{...Z2...qs....x.....

                                                    Static File Info

                                                    No static file info

                                                    Network Behavior

                                                    Download Network PCAP: filteredfull

                                                    Network Port Distribution

                                                    • Total Packets: 329
                                                    • 443 (HTTPS)
                                                    • 53 (DNS)
                                                    TimestampSource PortDest PortSource IPDest IP
                                                    Apr 23, 2025 17:05:26.041878939 CEST49672443192.168.2.6204.79.197.203
                                                    Apr 23, 2025 17:05:26.353506088 CEST49672443192.168.2.6204.79.197.203
                                                    Apr 23, 2025 17:05:26.962892056 CEST49672443192.168.2.6204.79.197.203
                                                    Apr 23, 2025 17:05:28.166028023 CEST49672443192.168.2.6204.79.197.203
                                                    Apr 23, 2025 17:05:30.603549957 CEST49672443192.168.2.6204.79.197.203
                                                    Apr 23, 2025 17:05:34.622417927 CEST49678443192.168.2.620.42.65.91
                                                    Apr 23, 2025 17:05:35.088773012 CEST49678443192.168.2.620.42.65.91
                                                    Apr 23, 2025 17:05:35.494990110 CEST49672443192.168.2.6204.79.197.203
                                                    Apr 23, 2025 17:05:35.885648012 CEST49678443192.168.2.620.42.65.91
                                                    Apr 23, 2025 17:05:37.090171099 CEST49678443192.168.2.620.42.65.91
                                                    Apr 23, 2025 17:05:38.393615007 CEST49697443192.168.2.6142.250.69.4
                                                    Apr 23, 2025 17:05:38.393667936 CEST44349697142.250.69.4192.168.2.6
                                                    Apr 23, 2025 17:05:38.393755913 CEST49697443192.168.2.6142.250.69.4
                                                    Apr 23, 2025 17:05:38.393903971 CEST49697443192.168.2.6142.250.69.4
                                                    Apr 23, 2025 17:05:38.393913984 CEST44349697142.250.69.4192.168.2.6
                                                    Apr 23, 2025 17:05:38.714342117 CEST44349697142.250.69.4192.168.2.6
                                                    Apr 23, 2025 17:05:38.714407921 CEST49697443192.168.2.6142.250.69.4
                                                    Apr 23, 2025 17:05:38.719006062 CEST49697443192.168.2.6142.250.69.4
                                                    Apr 23, 2025 17:05:38.719018936 CEST44349697142.250.69.4192.168.2.6
                                                    Apr 23, 2025 17:05:38.719254017 CEST44349697142.250.69.4192.168.2.6
                                                    Apr 23, 2025 17:05:38.766057014 CEST49697443192.168.2.6142.250.69.4
                                                    Apr 23, 2025 17:05:39.218873024 CEST49698443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:39.218914986 CEST4434969813.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:39.219212055 CEST49698443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:39.219290972 CEST49699443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:39.219336033 CEST4434969913.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:39.219567060 CEST49698443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:39.219579935 CEST4434969813.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:39.219588995 CEST49699443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:39.219778061 CEST49699443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:39.219799042 CEST4434969913.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:39.497380972 CEST49678443192.168.2.620.42.65.91
                                                    Apr 23, 2025 17:05:39.657804012 CEST4434969913.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:39.657875061 CEST49699443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:39.658999920 CEST49699443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:39.659015894 CEST4434969913.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:39.659255981 CEST4434969913.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:39.659604073 CEST49699443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:39.660190105 CEST4434969813.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:39.660257101 CEST49698443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:39.661180973 CEST49698443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:39.661190033 CEST4434969813.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:39.661434889 CEST4434969813.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:39.700270891 CEST4434969913.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:39.715661049 CEST49698443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:40.020994902 CEST4434969913.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:40.021083117 CEST4434969913.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:40.021217108 CEST49699443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:40.021573067 CEST49699443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:40.021586895 CEST4434969913.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:40.023838043 CEST49698443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:40.068263054 CEST4434969813.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:40.400582075 CEST4434969813.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:40.400664091 CEST4434969813.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:40.400793076 CEST49698443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:40.401815891 CEST49698443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:40.401833057 CEST4434969813.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:40.415335894 CEST49700443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:40.415373087 CEST4434970013.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:40.415442944 CEST49700443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:40.415584087 CEST49700443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:40.415595055 CEST4434970013.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:40.846729040 CEST4434970013.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:40.847337008 CEST49700443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:40.847362041 CEST4434970013.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:40.847959042 CEST49700443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:40.847965002 CEST4434970013.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:41.173589945 CEST4434970013.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:41.173665047 CEST4434970013.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:41.173801899 CEST49700443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:41.262702942 CEST49700443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:41.262728930 CEST4434970013.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:41.268570900 CEST49701443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:41.268615007 CEST4434970113.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:41.268666029 CEST49701443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:41.269222975 CEST49701443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:41.269237041 CEST4434970113.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:41.700951099 CEST4434970113.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:41.701244116 CEST49701443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:41.701267004 CEST4434970113.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:41.701607943 CEST49701443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:41.701615095 CEST4434970113.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:42.081073046 CEST4434970113.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:42.081093073 CEST4434970113.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:42.081106901 CEST4434970113.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:42.081173897 CEST49701443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:42.081190109 CEST4434970113.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:42.081214905 CEST4434970113.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:42.081263065 CEST49701443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:42.083568096 CEST49701443192.168.2.613.107.136.10
                                                    Apr 23, 2025 17:05:42.083581924 CEST4434970113.107.136.10192.168.2.6
                                                    Apr 23, 2025 17:05:42.225943089 CEST49702443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:42.225967884 CEST4434970240.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:42.226063967 CEST49702443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:42.226233959 CEST49702443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:42.226241112 CEST4434970240.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:42.660249949 CEST4434970240.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:42.660468102 CEST49702443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:42.661710024 CEST49702443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:42.661721945 CEST4434970240.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:42.661961079 CEST4434970240.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:42.662231922 CEST49702443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:42.704282999 CEST4434970240.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:43.140980959 CEST4434970240.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:43.141006947 CEST4434970240.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:43.141025066 CEST4434970240.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:43.141066074 CEST49702443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:43.141092062 CEST4434970240.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:43.141113043 CEST49702443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:43.141119957 CEST4434970240.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:43.141155005 CEST49702443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:43.141160965 CEST4434970240.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:43.141176939 CEST4434970240.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:43.141196012 CEST49702443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:43.141216993 CEST49702443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:43.143268108 CEST49702443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:43.143284082 CEST4434970240.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:44.310239077 CEST49678443192.168.2.620.42.65.91
                                                    Apr 23, 2025 17:05:44.477049112 CEST49704443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:44.477108955 CEST4434970440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:44.477169991 CEST49704443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:44.477334023 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:44.477366924 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:44.477581024 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:44.477790117 CEST49704443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:44.477807045 CEST4434970440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:44.477946997 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:44.477966070 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:44.907907963 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:44.908191919 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:44.908243895 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:44.908498049 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:44.908505917 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:44.912523985 CEST4434970440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:44.912857056 CEST49704443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:44.912892103 CEST4434970440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:44.913058996 CEST49704443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:44.913064003 CEST4434970440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.106651068 CEST49672443192.168.2.6204.79.197.203
                                                    Apr 23, 2025 17:05:45.192372084 CEST4434970440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.192457914 CEST4434970440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.192523003 CEST49704443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:45.195813894 CEST49704443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:45.195828915 CEST4434970440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.337241888 CEST49707443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:45.337285042 CEST4434970723.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:45.337393045 CEST49707443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:45.337606907 CEST49707443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:45.337620974 CEST4434970723.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:45.426920891 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.426948071 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.426961899 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.426981926 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.427006960 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:45.427035093 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.427051067 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.427062035 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:45.427077055 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.427100897 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:45.427108049 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.427135944 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:45.427154064 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:45.427226067 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.427258968 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.427283049 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:45.427289963 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.427311897 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.427328110 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:45.427339077 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:45.427366972 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:45.428826094 CEST49705443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:45.428838015 CEST4434970540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:45.639313936 CEST4434970723.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:45.639398098 CEST49707443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:45.640588045 CEST49707443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:45.640602112 CEST4434970723.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:45.640990019 CEST4434970723.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:45.641334057 CEST49707443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:45.684290886 CEST4434970723.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:45.911614895 CEST4434970723.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:45.911736965 CEST4434970723.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:45.911876917 CEST49707443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:45.912117958 CEST49707443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:45.912137985 CEST4434970723.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:45.913269997 CEST49711443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:45.913311005 CEST4434971123.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:45.913444996 CEST49711443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:45.913587093 CEST49711443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:45.913604021 CEST4434971123.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:46.211764097 CEST4434971123.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:46.258215904 CEST49711443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:46.334609985 CEST49711443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:46.334630013 CEST4434971123.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:46.334891081 CEST49711443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:46.334898949 CEST4434971123.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:46.334914923 CEST49711443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:46.334922075 CEST4434971123.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:46.586179018 CEST4434971123.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:46.586272955 CEST4434971123.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:46.586323977 CEST49711443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:46.586611986 CEST49711443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:05:46.586623907 CEST4434971123.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:05:47.965822935 CEST49721443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:47.965848923 CEST4434972123.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:47.965918064 CEST49721443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:47.966296911 CEST49721443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:47.966308117 CEST4434972123.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:48.254904032 CEST4434972123.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:48.255044937 CEST49721443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:48.256086111 CEST49721443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:48.256091118 CEST4434972123.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:48.256371975 CEST4434972123.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:48.256843090 CEST49721443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:48.300280094 CEST4434972123.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:48.608347893 CEST4434972123.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:48.608398914 CEST4434972123.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:48.608459949 CEST4434972123.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:48.608490944 CEST49721443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:48.608520985 CEST49721443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:48.616761923 CEST49721443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:48.616780996 CEST4434972123.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:48.698126078 CEST44349697142.250.69.4192.168.2.6
                                                    Apr 23, 2025 17:05:48.698194981 CEST44349697142.250.69.4192.168.2.6
                                                    Apr 23, 2025 17:05:48.698316097 CEST49697443192.168.2.6142.250.69.4
                                                    Apr 23, 2025 17:05:48.740700006 CEST49697443192.168.2.6142.250.69.4
                                                    Apr 23, 2025 17:05:48.740710020 CEST44349697142.250.69.4192.168.2.6
                                                    Apr 23, 2025 17:05:48.913311005 CEST49724443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:48.913347960 CEST4434972423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:48.913428068 CEST49724443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:48.913625956 CEST49724443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:48.913639069 CEST4434972423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:49.199805021 CEST4434972423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:49.199904919 CEST49724443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:49.202620983 CEST49724443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:49.202629089 CEST4434972423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:49.202867031 CEST4434972423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:49.203305006 CEST49724443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:49.248276949 CEST4434972423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:49.484730959 CEST4434972423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:49.484757900 CEST4434972423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:49.484802961 CEST49724443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:49.484817982 CEST4434972423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:49.485126972 CEST49724443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:49.485162973 CEST4434972423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:49.485224962 CEST4434972423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:49.485261917 CEST49724443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:49.486319065 CEST49724443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:49.486335993 CEST4434972423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:49.861285925 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:49.861313105 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:49.861373901 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:49.862648010 CEST49729443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:49.862684011 CEST4434972923.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:49.862834930 CEST49729443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:49.878495932 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:49.878513098 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:49.878581047 CEST49729443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:49.878599882 CEST4434972923.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.144692898 CEST49732443192.168.2.620.190.151.7
                                                    Apr 23, 2025 17:05:50.144746065 CEST4434973220.190.151.7192.168.2.6
                                                    Apr 23, 2025 17:05:50.144849062 CEST49732443192.168.2.620.190.151.7
                                                    Apr 23, 2025 17:05:50.146358013 CEST49732443192.168.2.620.190.151.7
                                                    Apr 23, 2025 17:05:50.146374941 CEST4434973220.190.151.7192.168.2.6
                                                    Apr 23, 2025 17:05:50.164671898 CEST4434972923.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.164679050 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.164866924 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.164892912 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.164971113 CEST49729443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.164999008 CEST4434972923.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.165201902 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.165209055 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.165261030 CEST49729443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.165266991 CEST4434972923.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.487875938 CEST4434972923.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.487917900 CEST4434972923.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.487996101 CEST49729443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.488032103 CEST4434972923.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.488527060 CEST4434972923.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.488603115 CEST49729443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.488881111 CEST49729443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.488893986 CEST4434972923.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.492084980 CEST49733443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:50.492117882 CEST4434973323.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:50.492219925 CEST49733443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:50.492348909 CEST49733443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:50.492361069 CEST4434973323.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:50.509113073 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.521578074 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.521596909 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.521660089 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.521682024 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.521729946 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.665728092 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.665749073 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.665807009 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.665823936 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.665895939 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.678112984 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.678198099 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.715193033 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.715219021 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.715307951 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.715325117 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.715348005 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.715367079 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.740638018 CEST4434973220.190.151.7192.168.2.6
                                                    Apr 23, 2025 17:05:50.740719080 CEST49732443192.168.2.620.190.151.7
                                                    Apr 23, 2025 17:05:50.741842031 CEST49732443192.168.2.620.190.151.7
                                                    Apr 23, 2025 17:05:50.741858006 CEST4434973220.190.151.7192.168.2.6
                                                    Apr 23, 2025 17:05:50.742094040 CEST4434973220.190.151.7192.168.2.6
                                                    Apr 23, 2025 17:05:50.742362022 CEST49732443192.168.2.620.190.151.7
                                                    Apr 23, 2025 17:05:50.752233982 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.752268076 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.752315044 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.752329111 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.752367020 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.777075052 CEST4434973323.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:50.777287006 CEST49733443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:50.777318001 CEST4434973323.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:50.777667046 CEST49733443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:50.777672052 CEST4434973323.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:50.784288883 CEST4434973220.190.151.7192.168.2.6
                                                    Apr 23, 2025 17:05:50.798429966 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.798512936 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.831268072 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.831296921 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.831366062 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.831393957 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.831434965 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.836179972 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.836236954 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.868995905 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.869024992 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.869075060 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.869086981 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.869111061 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.898092985 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.898121119 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.898164034 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.898186922 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.898206949 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.906775951 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.906832933 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.906845093 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.930089951 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.930108070 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.930166960 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.930179119 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.949246883 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.949270964 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.949347973 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.949362993 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.957231998 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.957287073 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.957298994 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.974154949 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.974172115 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.974260092 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.974272966 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.976682901 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.976742029 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.976752996 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.976984978 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.993259907 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.993277073 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.993340015 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:50.993350029 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:50.993401051 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.008066893 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.008095980 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.008173943 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.008192062 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.008229971 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.010392904 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.010479927 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.025770903 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.025791883 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.025847912 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.025861025 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.025913954 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.039475918 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.039494991 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.039546013 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.039557934 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.039753914 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.046248913 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.046310902 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.059204102 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.059227943 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.059282064 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.059293985 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.059324026 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.063376904 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.063438892 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.065557957 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.065618992 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.065625906 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.065747023 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.066346884 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.066361904 CEST4434972823.62.226.176192.168.2.6
                                                    Apr 23, 2025 17:05:51.066373110 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.066401005 CEST49728443192.168.2.623.62.226.176
                                                    Apr 23, 2025 17:05:51.066745996 CEST4434973323.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.066891909 CEST4434973323.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.066946983 CEST49733443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.066966057 CEST4434973323.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.067888975 CEST4434973323.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.067994118 CEST49733443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.072911978 CEST49733443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.072935104 CEST4434973323.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.117995024 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.118027925 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.118132114 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.118366957 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.118379116 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.177462101 CEST4434973220.190.151.7192.168.2.6
                                                    Apr 23, 2025 17:05:51.177541971 CEST4434973220.190.151.7192.168.2.6
                                                    Apr 23, 2025 17:05:51.177565098 CEST49732443192.168.2.620.190.151.7
                                                    Apr 23, 2025 17:05:51.177654982 CEST49732443192.168.2.620.190.151.7
                                                    Apr 23, 2025 17:05:51.407001972 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.461462975 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.556613922 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.556638002 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.560803890 CEST49732443192.168.2.620.190.151.7
                                                    Apr 23, 2025 17:05:51.560834885 CEST4434973220.190.151.7192.168.2.6
                                                    Apr 23, 2025 17:05:51.561376095 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.561382055 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.567145109 CEST49735443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:51.567176104 CEST4434973540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:51.567244053 CEST49735443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:51.567476988 CEST49735443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:51.567490101 CEST4434973540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:51.826369047 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.838963032 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.838973045 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.838996887 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.839010000 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.839020967 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.839059114 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.839076996 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.839090109 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.839137077 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.990618944 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.990660906 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.990690947 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.990705013 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:51.990736008 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.990756035 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:51.996809959 CEST4434973540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:51.997191906 CEST49735443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:51.997205019 CEST4434973540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:51.997699022 CEST49735443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:51.997708082 CEST4434973540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:51.997814894 CEST49735443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:51.997817993 CEST4434973540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:52.002948046 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.003012896 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.040194035 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.040214062 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.040263891 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.040271044 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.040306091 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.040323973 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.117889881 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.117913961 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.117954016 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.117960930 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.117993116 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.118011951 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.138041019 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.138108015 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.172035933 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.172060013 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.172094107 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.172106981 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.172142982 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.172162056 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.177841902 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.177897930 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.212207079 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.212233067 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.212275982 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.212286949 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.212316036 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.240246058 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.240274906 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.240308046 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.240315914 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.240355968 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.250240088 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.250293970 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.250302076 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.270133972 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.270153046 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.270200968 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.270217896 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.270243883 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.287728071 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.287749052 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.287801027 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.287808895 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.287858009 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.289963007 CEST4434973540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:52.290015936 CEST49735443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:52.290021896 CEST4434973540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:52.290030956 CEST4434973540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:52.290065050 CEST49735443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:52.296173096 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.296278000 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.312227964 CEST49735443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:05:52.312247992 CEST4434973540.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:05:52.313146114 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.313164949 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.313220024 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.313227892 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.318738937 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.318788052 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.318808079 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.318850994 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.335628986 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.335659981 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.335701942 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.335726976 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.335741997 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.335768938 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.352282047 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.352322102 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.352344990 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.352369070 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.352391005 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.352402925 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.354984045 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.355043888 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.373505116 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.373523951 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.373564005 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.373574018 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.373601913 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.373620033 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.388586998 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.388607025 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.388664961 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.388672113 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.388712883 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.395879030 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.395941973 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.409750938 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.409770012 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.409809113 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.409816980 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.409846067 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.411669970 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.411722898 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.415139914 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.415194035 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.415199041 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.415213108 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.415266037 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.415709972 CEST49734443192.168.2.623.62.226.164
                                                    Apr 23, 2025 17:05:52.415718079 CEST4434973423.62.226.164192.168.2.6
                                                    Apr 23, 2025 17:05:52.459192038 CEST49739443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:05:52.459222078 CEST4434973920.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:05:52.459287882 CEST49739443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:05:52.459414005 CEST49739443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:05:52.459424973 CEST4434973920.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:05:53.030148029 CEST4434973920.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:05:53.030339003 CEST49739443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:05:53.034871101 CEST49739443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:05:53.034874916 CEST4434973920.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:05:53.035119057 CEST4434973920.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:05:53.038738012 CEST49739443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:05:53.038768053 CEST4434973920.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:05:53.428555965 CEST4434973920.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:05:53.428627014 CEST4434973920.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:05:53.428675890 CEST49739443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:05:53.428704977 CEST49739443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:05:53.430212975 CEST49739443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:05:53.430224895 CEST4434973920.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:05:53.916331053 CEST49678443192.168.2.620.42.65.91
                                                    Apr 23, 2025 17:06:01.847278118 CEST49744443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:06:01.847320080 CEST4434974440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:06:01.847440958 CEST49744443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:06:01.848129988 CEST49744443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:06:01.848140955 CEST4434974440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:06:02.278289080 CEST4434974440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:06:02.278568983 CEST49744443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:06:02.278610945 CEST4434974440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:06:02.278750896 CEST49744443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:06:02.278750896 CEST49744443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:06:02.278768063 CEST4434974440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:06:02.278780937 CEST4434974440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:06:02.851514101 CEST4434974440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:06:02.851623058 CEST4434974440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:06:02.851663113 CEST49744443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:06:02.851701975 CEST49744443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:06:02.853144884 CEST49744443192.168.2.640.126.62.129
                                                    Apr 23, 2025 17:06:02.853159904 CEST4434974440.126.62.129192.168.2.6
                                                    Apr 23, 2025 17:06:02.857830048 CEST49745443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:06:02.857872963 CEST4434974520.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:06:02.857956886 CEST49745443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:06:02.858108997 CEST49745443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:06:02.858130932 CEST4434974520.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:06:03.431580067 CEST4434974520.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:06:03.431895971 CEST49745443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:06:03.431936979 CEST4434974520.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:06:03.432126999 CEST49745443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:06:03.432133913 CEST4434974520.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:06:03.812911034 CEST4434974520.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:06:03.812985897 CEST4434974520.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:06:03.813036919 CEST49745443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:06:03.813076973 CEST49745443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:06:03.901104927 CEST49745443192.168.2.620.190.155.3
                                                    Apr 23, 2025 17:06:03.901139021 CEST4434974520.190.155.3192.168.2.6
                                                    Apr 23, 2025 17:06:38.308196068 CEST49750443192.168.2.6142.250.69.4
                                                    Apr 23, 2025 17:06:38.308237076 CEST44349750142.250.69.4192.168.2.6
                                                    Apr 23, 2025 17:06:38.308346987 CEST49750443192.168.2.6142.250.69.4
                                                    Apr 23, 2025 17:06:38.308500051 CEST49750443192.168.2.6142.250.69.4
                                                    Apr 23, 2025 17:06:38.308512926 CEST44349750142.250.69.4192.168.2.6
                                                    Apr 23, 2025 17:06:38.625051022 CEST44349750142.250.69.4192.168.2.6
                                                    Apr 23, 2025 17:06:38.625556946 CEST49750443192.168.2.6142.250.69.4
                                                    Apr 23, 2025 17:06:38.625575066 CEST44349750142.250.69.4192.168.2.6
                                                    Apr 23, 2025 17:06:44.847462893 CEST443496802.23.227.215192.168.2.6
                                                    Apr 23, 2025 17:06:44.847491026 CEST443496802.23.227.215192.168.2.6
                                                    Apr 23, 2025 17:06:44.847624063 CEST49680443192.168.2.62.23.227.215
                                                    Apr 23, 2025 17:06:45.201514959 CEST49753443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:06:45.201549053 CEST4434975323.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:45.201644897 CEST49753443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:06:45.201841116 CEST49753443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:06:45.201853991 CEST4434975323.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:45.500227928 CEST4434975323.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:45.500582933 CEST49753443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:06:45.500618935 CEST4434975323.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:45.500760078 CEST49753443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:06:45.500765085 CEST4434975323.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:45.779858112 CEST4434975323.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:45.779926062 CEST4434975323.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:45.780015945 CEST49753443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:06:45.780376911 CEST49753443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:06:45.780399084 CEST4434975323.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:45.923083067 CEST49754443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:06:45.923130035 CEST4434975423.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:45.923199892 CEST49754443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:06:45.923451900 CEST49754443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:06:45.923460007 CEST4434975423.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:46.214828968 CEST4434975423.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:46.215414047 CEST49754443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:06:46.215441942 CEST4434975423.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:46.215646029 CEST49754443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:06:46.215651989 CEST4434975423.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:46.530776024 CEST4434975423.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:46.530843019 CEST4434975423.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:46.530911922 CEST49754443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:06:46.531223059 CEST49754443192.168.2.623.222.3.228
                                                    Apr 23, 2025 17:06:46.531240940 CEST4434975423.222.3.228192.168.2.6
                                                    Apr 23, 2025 17:06:48.607789993 CEST44349750142.250.69.4192.168.2.6
                                                    Apr 23, 2025 17:06:48.607856989 CEST44349750142.250.69.4192.168.2.6
                                                    Apr 23, 2025 17:06:48.608002901 CEST49750443192.168.2.6142.250.69.4
                                                    Apr 23, 2025 17:06:48.732237101 CEST49750443192.168.2.6142.250.69.4
                                                    Apr 23, 2025 17:06:48.732275009 CEST44349750142.250.69.4192.168.2.6
                                                    TimestampSource PortDest PortSource IPDest IP
                                                    Apr 23, 2025 17:05:33.970694065 CEST53643771.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:34.025554895 CEST53633851.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:35.177546024 CEST53508801.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:38.251785040 CEST5286953192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:38.251971960 CEST5402653192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:38.392307997 CEST53540261.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:38.392546892 CEST53528691.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:38.930099964 CEST6386753192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:38.930316925 CEST5712253192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:39.197592020 CEST53571221.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:39.215308905 CEST53638671.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:42.084456921 CEST5858853192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:42.084640026 CEST5528353192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:42.225059032 CEST53552831.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:42.225078106 CEST53585881.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:45.194510937 CEST5213053192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:45.195055008 CEST4984353192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:45.335443974 CEST53498431.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:45.336668015 CEST53521301.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:45.466144085 CEST5720653192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:45.466574907 CEST5236053192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:45.606674910 CEST53523601.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:45.606690884 CEST53572061.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:47.822587013 CEST6470153192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:47.823210001 CEST5868953192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:47.963954926 CEST53586891.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:47.965260029 CEST53647011.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:48.748114109 CEST5731753192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:48.748435020 CEST6548653192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:48.888359070 CEST53573171.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:48.899955988 CEST53654861.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:50.001142025 CEST5386053192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:50.001441002 CEST5628653192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:50.143068075 CEST53538601.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:50.143181086 CEST53562861.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:52.139440060 CEST53574441.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:52.212532043 CEST53540051.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:52.316907883 CEST5296053192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:52.317065954 CEST6428753192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:05:52.458271027 CEST53529601.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:05:52.458697081 CEST53642871.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:06:11.231991053 CEST53538331.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:06:32.705305099 CEST138138192.168.2.6192.168.2.255
                                                    Apr 23, 2025 17:06:33.654983997 CEST53522241.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:06:34.289028883 CEST53608851.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:06:36.934031963 CEST53528381.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:06:45.781249046 CEST6264953192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:06:45.781430960 CEST5521253192.168.2.61.1.1.1
                                                    Apr 23, 2025 17:06:45.921874046 CEST53552121.1.1.1192.168.2.6
                                                    Apr 23, 2025 17:06:45.922168016 CEST53626491.1.1.1192.168.2.6

                                                    DNS Queries

                                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                    Apr 23, 2025 17:05:38.251785040 CEST192.168.2.61.1.1.10x156eStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:38.251971960 CEST192.168.2.61.1.1.10x29b2Standard query (0)www.google.com65IN (0x0001)false
                                                    Apr 23, 2025 17:05:38.930099964 CEST192.168.2.61.1.1.10x2655Standard query (0)cityofsolanabeach-my.sharepoint.comA (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:38.930316925 CEST192.168.2.61.1.1.10xc911Standard query (0)cityofsolanabeach-my.sharepoint.com65IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.084456921 CEST192.168.2.61.1.1.10xd610Standard query (0)login.microsoftonline.comA (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.084640026 CEST192.168.2.61.1.1.10xc7b3Standard query (0)login.microsoftonline.com65IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.194510937 CEST192.168.2.61.1.1.10xb8faStandard query (0)identity.nel.measure.office.netA (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.195055008 CEST192.168.2.61.1.1.10xfedStandard query (0)identity.nel.measure.office.net65IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.466144085 CEST192.168.2.61.1.1.10x214eStandard query (0)aadcdn.msftauth.netA (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.466574907 CEST192.168.2.61.1.1.10x76aaStandard query (0)aadcdn.msftauth.net65IN (0x0001)false
                                                    Apr 23, 2025 17:05:47.822587013 CEST192.168.2.61.1.1.10x950dStandard query (0)aadcdn.msauthimages.netA (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:47.823210001 CEST192.168.2.61.1.1.10x4b69Standard query (0)aadcdn.msauthimages.net65IN (0x0001)false
                                                    Apr 23, 2025 17:05:48.748114109 CEST192.168.2.61.1.1.10x4270Standard query (0)aadcdn.msauthimages.netA (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:48.748435020 CEST192.168.2.61.1.1.10x3d7Standard query (0)aadcdn.msauthimages.net65IN (0x0001)false
                                                    Apr 23, 2025 17:05:50.001142025 CEST192.168.2.61.1.1.10xc8cbStandard query (0)autologon.microsoftazuread-sso.comA (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:50.001441002 CEST192.168.2.61.1.1.10xad71Standard query (0)autologon.microsoftazuread-sso.com65IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.316907883 CEST192.168.2.61.1.1.10x94d7Standard query (0)login.microsoftonline.comA (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.317065954 CEST192.168.2.61.1.1.10x3ab4Standard query (0)login.microsoftonline.com65IN (0x0001)false
                                                    Apr 23, 2025 17:06:45.781249046 CEST192.168.2.61.1.1.10xe91Standard query (0)identity.nel.measure.office.netA (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:06:45.781430960 CEST192.168.2.61.1.1.10xde95Standard query (0)identity.nel.measure.office.net65IN (0x0001)false

                                                    DNS Answers

                                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                    Apr 23, 2025 17:05:38.392307997 CEST1.1.1.1192.168.2.60x29b2No error (0)www.google.com65IN (0x0001)false
                                                    Apr 23, 2025 17:05:38.392546892 CEST1.1.1.1192.168.2.60x156eNo error (0)www.google.com142.250.69.4A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:39.197592020 CEST1.1.1.1192.168.2.60xc911No error (0)cityofsolanabeach-my.sharepoint.comcityofsolanabeach.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:39.197592020 CEST1.1.1.1192.168.2.60xc911No error (0)cityofsolanabeach.sharepoint.com4172-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:39.197592020 CEST1.1.1.1192.168.2.60xc911No error (0)4172-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com192342-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:39.197592020 CEST1.1.1.1192.168.2.60xc911No error (0)192342-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com192342-ipv4v6e.farm.dprodmgd105.sharepointonline.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:39.197592020 CEST1.1.1.1192.168.2.60xc911No error (0)192342-ipv4v6e.farm.dprodmgd105.sharepointonline.com.akadns.net192342-ipv4v6.farm.dprodmgd105.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:39.215308905 CEST1.1.1.1192.168.2.60x2655No error (0)cityofsolanabeach-my.sharepoint.comcityofsolanabeach.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:39.215308905 CEST1.1.1.1192.168.2.60x2655No error (0)cityofsolanabeach.sharepoint.com4172-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:39.215308905 CEST1.1.1.1192.168.2.60x2655No error (0)4172-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com192342-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:39.215308905 CEST1.1.1.1192.168.2.60x2655No error (0)192342-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com192342-ipv4v6e.farm.dprodmgd105.sharepointonline.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:39.215308905 CEST1.1.1.1192.168.2.60x2655No error (0)192342-ipv4v6e.farm.dprodmgd105.sharepointonline.com.akadns.net192342-ipv4v6.farm.dprodmgd105.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:39.215308905 CEST1.1.1.1192.168.2.60x2655No error (0)192342-ipv4v6.farm.dprodmgd105.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.netdual-spo-0005.spo-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:39.215308905 CEST1.1.1.1192.168.2.60x2655No error (0)dual-spo-0005.spo-msedge.net13.107.136.10A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:39.215308905 CEST1.1.1.1192.168.2.60x2655No error (0)dual-spo-0005.spo-msedge.net13.107.138.10A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.225059032 CEST1.1.1.1192.168.2.60xc7b3No error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.225059032 CEST1.1.1.1192.168.2.60xc7b3No error (0)login.mso.msidentity.comak.privatelink.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.225059032 CEST1.1.1.1192.168.2.60xc7b3No error (0)ak.privatelink.msidentity.comwww.tm.a.prd.aadg.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.225078106 CEST1.1.1.1192.168.2.60xd610No error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.225078106 CEST1.1.1.1192.168.2.60xd610No error (0)login.mso.msidentity.comak.privatelink.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.225078106 CEST1.1.1.1192.168.2.60xd610No error (0)ak.privatelink.msidentity.comwww.tm.a.prd.aadg.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.225078106 CEST1.1.1.1192.168.2.60xd610No error (0)www.tm.a.prd.aadg.trafficmanager.net40.126.62.129A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.225078106 CEST1.1.1.1192.168.2.60xd610No error (0)www.tm.a.prd.aadg.trafficmanager.net20.190.190.130A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.225078106 CEST1.1.1.1192.168.2.60xd610No error (0)www.tm.a.prd.aadg.trafficmanager.net20.190.190.195A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.225078106 CEST1.1.1.1192.168.2.60xd610No error (0)www.tm.a.prd.aadg.trafficmanager.net40.126.62.130A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.225078106 CEST1.1.1.1192.168.2.60xd610No error (0)www.tm.a.prd.aadg.trafficmanager.net20.190.190.131A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.225078106 CEST1.1.1.1192.168.2.60xd610No error (0)www.tm.a.prd.aadg.trafficmanager.net20.190.190.196A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.225078106 CEST1.1.1.1192.168.2.60xd610No error (0)www.tm.a.prd.aadg.trafficmanager.net20.190.190.129A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:42.225078106 CEST1.1.1.1192.168.2.60xd610No error (0)www.tm.a.prd.aadg.trafficmanager.net40.126.62.132A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:43.358403921 CEST1.1.1.1192.168.2.60xe91bNo error (0)shed.dual-low.s-part-0043.t-0009.t-msedge.nets-part-0043.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:43.358403921 CEST1.1.1.1192.168.2.60xe91bNo error (0)s-part-0043.t-0009.t-msedge.net13.107.246.71A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.335443974 CEST1.1.1.1192.168.2.60xfedNo error (0)identity.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.335443974 CEST1.1.1.1192.168.2.60xfedNo error (0)nel.measure.office.net.edgesuite.neta1894.dscb.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.336668015 CEST1.1.1.1192.168.2.60xb8faNo error (0)identity.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.336668015 CEST1.1.1.1192.168.2.60xb8faNo error (0)nel.measure.office.net.edgesuite.neta1894.dscb.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.336668015 CEST1.1.1.1192.168.2.60xb8faNo error (0)a1894.dscb.akamai.net23.222.3.228A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.336668015 CEST1.1.1.1192.168.2.60xb8faNo error (0)a1894.dscb.akamai.net23.222.3.232A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.606674910 CEST1.1.1.1192.168.2.60x76aaNo error (0)aadcdn.msftauth.netwww.tm.aadcdn.msftauth.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.606674910 CEST1.1.1.1192.168.2.60x76aaNo error (0)www.tm.aadcdn.msftauth.akadns.netaadcdn.msftauth.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.606674910 CEST1.1.1.1192.168.2.60x76aaNo error (0)aadcdn.msftauth.edgekey.nete329293.dscd.akamaiedge.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.606690884 CEST1.1.1.1192.168.2.60x214eNo error (0)aadcdn.msftauth.netwww.tm.aadcdn.msftauth.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.606690884 CEST1.1.1.1192.168.2.60x214eNo error (0)www.tm.aadcdn.msftauth.trafficmanager.netaadcdn.msftauth.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.606690884 CEST1.1.1.1192.168.2.60x214eNo error (0)aadcdn.msftauth.edgekey.nete329293.dscd.akamaiedge.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.606690884 CEST1.1.1.1192.168.2.60x214eNo error (0)e329293.dscd.akamaiedge.net23.62.226.164A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:45.606690884 CEST1.1.1.1192.168.2.60x214eNo error (0)e329293.dscd.akamaiedge.net23.62.226.176A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:47.963954926 CEST1.1.1.1192.168.2.60x4b69No error (0)aadcdn.msauthimages.netwww.tm.aadmsodsxstore01prod.msauthimages.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:47.963954926 CEST1.1.1.1192.168.2.60x4b69No error (0)www.tm.aadmsodsxstore01prod.msauthimages.trafficmanager.netaadmsodsxstore01prod.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:47.963954926 CEST1.1.1.1192.168.2.60x4b69No error (0)aadmsodsxstore01prod.edgekey.nete329293.dscd.akamaiedge.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:47.965260029 CEST1.1.1.1192.168.2.60x950dNo error (0)aadcdn.msauthimages.netwww.tm.aadmsodsxstore01prod.msauthimages.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:47.965260029 CEST1.1.1.1192.168.2.60x950dNo error (0)www.tm.aadmsodsxstore01prod.msauthimages.trafficmanager.netaadmsodsxstore01prod.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:47.965260029 CEST1.1.1.1192.168.2.60x950dNo error (0)aadmsodsxstore01prod.edgekey.nete329293.dscd.akamaiedge.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:47.965260029 CEST1.1.1.1192.168.2.60x950dNo error (0)e329293.dscd.akamaiedge.net23.62.226.176A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:47.965260029 CEST1.1.1.1192.168.2.60x950dNo error (0)e329293.dscd.akamaiedge.net23.62.226.164A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:48.888359070 CEST1.1.1.1192.168.2.60x4270No error (0)aadcdn.msauthimages.netwww.tm.aadmsodsxstore01prod.msauthimages.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:48.888359070 CEST1.1.1.1192.168.2.60x4270No error (0)www.tm.aadmsodsxstore01prod.msauthimages.trafficmanager.netaadmsodsxstore01prod.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:48.888359070 CEST1.1.1.1192.168.2.60x4270No error (0)aadmsodsxstore01prod.edgekey.nete329293.dscd.akamaiedge.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:48.888359070 CEST1.1.1.1192.168.2.60x4270No error (0)e329293.dscd.akamaiedge.net23.62.226.164A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:48.888359070 CEST1.1.1.1192.168.2.60x4270No error (0)e329293.dscd.akamaiedge.net23.62.226.176A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:48.899955988 CEST1.1.1.1192.168.2.60x3d7No error (0)aadcdn.msauthimages.netwww.tm.aadmsodsxstore01prod.msauthimages.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:48.899955988 CEST1.1.1.1192.168.2.60x3d7No error (0)www.tm.aadmsodsxstore01prod.msauthimages.trafficmanager.netaadmsodsxstore01prod.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:48.899955988 CEST1.1.1.1192.168.2.60x3d7No error (0)aadmsodsxstore01prod.edgekey.nete329293.dscd.akamaiedge.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:50.046646118 CEST1.1.1.1192.168.2.60xcee2No error (0)shed.dual-low.s-part-0043.t-0009.t-msedge.nets-part-0043.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:50.046646118 CEST1.1.1.1192.168.2.60xcee2No error (0)s-part-0043.t-0009.t-msedge.net13.107.246.71A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:50.143068075 CEST1.1.1.1192.168.2.60xc8cbNo error (0)autologon.microsoftazuread-sso.com20.190.151.7A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:50.143068075 CEST1.1.1.1192.168.2.60xc8cbNo error (0)autologon.microsoftazuread-sso.com20.190.151.133A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:50.143068075 CEST1.1.1.1192.168.2.60xc8cbNo error (0)autologon.microsoftazuread-sso.com20.190.151.132A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:50.143068075 CEST1.1.1.1192.168.2.60xc8cbNo error (0)autologon.microsoftazuread-sso.com20.190.151.68A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:50.143068075 CEST1.1.1.1192.168.2.60xc8cbNo error (0)autologon.microsoftazuread-sso.com20.190.151.6A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:50.143068075 CEST1.1.1.1192.168.2.60xc8cbNo error (0)autologon.microsoftazuread-sso.com20.190.151.134A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:50.143068075 CEST1.1.1.1192.168.2.60xc8cbNo error (0)autologon.microsoftazuread-sso.com20.190.151.69A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:50.143068075 CEST1.1.1.1192.168.2.60xc8cbNo error (0)autologon.microsoftazuread-sso.com20.190.151.67A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.458271027 CEST1.1.1.1192.168.2.60x94d7No error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.458271027 CEST1.1.1.1192.168.2.60x94d7No error (0)login.mso.msidentity.comak.privatelink.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.458271027 CEST1.1.1.1192.168.2.60x94d7No error (0)ak.privatelink.msidentity.comwww.tm.a.prd.aadg.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.458271027 CEST1.1.1.1192.168.2.60x94d7No error (0)www.tm.a.prd.aadg.trafficmanager.net20.190.155.3A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.458271027 CEST1.1.1.1192.168.2.60x94d7No error (0)www.tm.a.prd.aadg.trafficmanager.net20.190.155.131A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.458271027 CEST1.1.1.1192.168.2.60x94d7No error (0)www.tm.a.prd.aadg.trafficmanager.net40.126.27.128A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.458271027 CEST1.1.1.1192.168.2.60x94d7No error (0)www.tm.a.prd.aadg.trafficmanager.net20.190.155.1A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.458271027 CEST1.1.1.1192.168.2.60x94d7No error (0)www.tm.a.prd.aadg.trafficmanager.net40.126.27.66A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.458271027 CEST1.1.1.1192.168.2.60x94d7No error (0)www.tm.a.prd.aadg.trafficmanager.net20.190.155.65A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.458271027 CEST1.1.1.1192.168.2.60x94d7No error (0)www.tm.a.prd.aadg.trafficmanager.net20.190.155.66A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.458271027 CEST1.1.1.1192.168.2.60x94d7No error (0)www.tm.a.prd.aadg.trafficmanager.net20.190.155.16A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.458697081 CEST1.1.1.1192.168.2.60x3ab4No error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.458697081 CEST1.1.1.1192.168.2.60x3ab4No error (0)login.mso.msidentity.comak.privatelink.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:05:52.458697081 CEST1.1.1.1192.168.2.60x3ab4No error (0)ak.privatelink.msidentity.comwww.tm.a.prd.aadg.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:06:45.921874046 CEST1.1.1.1192.168.2.60xde95No error (0)identity.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:06:45.921874046 CEST1.1.1.1192.168.2.60xde95No error (0)nel.measure.office.net.edgesuite.neta1894.dscb.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:06:45.922168016 CEST1.1.1.1192.168.2.60xe91No error (0)identity.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:06:45.922168016 CEST1.1.1.1192.168.2.60xe91No error (0)nel.measure.office.net.edgesuite.neta1894.dscb.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                    Apr 23, 2025 17:06:45.922168016 CEST1.1.1.1192.168.2.60xe91No error (0)a1894.dscb.akamai.net23.222.3.228A (IP address)IN (0x0001)false
                                                    Apr 23, 2025 17:06:45.922168016 CEST1.1.1.1192.168.2.60xe91No error (0)a1894.dscb.akamai.net23.222.3.232A (IP address)IN (0x0001)false

                                                    HTTP Request Dependency Graph

                                                    • cityofsolanabeach-my.sharepoint.com
                                                    • login.microsoftonline.com
                                                      • aadcdn.msauthimages.net
                                                      • autologon.microsoftazuread-sso.com
                                                    • identity.nel.measure.office.net

                                                    HTTPS Proxied Packets

                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    0192.168.2.64969913.107.136.104435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:39 UTC792OUTGET /:b:/r/personal/lyim_cosb_org/Documents/Microsoft%20Teams%20Chat%20Files/04212025141353-0001.pdf?csf=1&web=1 HTTP/1.1
                                                    Host: cityofsolanabeach-my.sharepoint.com
                                                    Connection: keep-alive
                                                    sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                    sec-ch-ua-mobile: ?0
                                                    sec-ch-ua-platform: "Windows"
                                                    Upgrade-Insecure-Requests: 1
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                    Sec-Fetch-Site: none
                                                    Sec-Fetch-Mode: navigate
                                                    Sec-Fetch-User: ?1
                                                    Sec-Fetch-Dest: document
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:05:40 UTC1016INHTTP/1.1 301 Moved Permanently
                                                    Content-Type: text/plain
                                                    Location: https://cityofsolanabeach-my.sharepoint.com/personal/lyim_cosb_org/Documents/Microsoft%20Teams%20Chat%20Files/04212025141353-0001.pdf?csf=1&web=1&CID=905aaab5-842f-4e16-8c21-78919e2e4804
                                                    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                    X-NetworkStatistics: 0,4194720,0,87,1049132,1766319,1766319,18503
                                                    SPRequestGuid: bb5597a1-60d5-8000-ae3e-17d443e9b629
                                                    request-id: bb5597a1-60d5-8000-ae3e-17d443e9b629
                                                    MS-CV: oZdVu9VgAICuPhfUQ+m2KQ.0
                                                    Strict-Transport-Security: max-age=31536000
                                                    IsOCDI: 0
                                                    SPRequestDuration: 6
                                                    SPIisLatency: 2
                                                    X-Powered-By: ASP.NET
                                                    MicrosoftSharePointTeamServices: 16.0.0.26002
                                                    X-Content-Type-Options: nosniff
                                                    X-MS-InvokeApp: 1; RequireReadOnly
                                                    X-Cache: CONFIG_NOCACHE
                                                    X-MSEdge-Ref: Ref A: 0396293600804FD5B3E8FCBDDFEB2812 Ref B: PHX31EDGE0511 Ref C: 2025-04-23T15:05:39Z
                                                    Date: Wed, 23 Apr 2025 15:05:39 GMT
                                                    Connection: close
                                                    Content-Length: 0


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    1192.168.2.64969813.107.136.104435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:40 UTC827OUTGET /personal/lyim_cosb_org/Documents/Microsoft%20Teams%20Chat%20Files/04212025141353-0001.pdf?csf=1&web=1&CID=905aaab5-842f-4e16-8c21-78919e2e4804 HTTP/1.1
                                                    Host: cityofsolanabeach-my.sharepoint.com
                                                    Connection: keep-alive
                                                    Upgrade-Insecure-Requests: 1
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                    Sec-Fetch-Site: none
                                                    Sec-Fetch-Mode: navigate
                                                    Sec-Fetch-User: ?1
                                                    Sec-Fetch-Dest: document
                                                    sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                    sec-ch-ua-mobile: ?0
                                                    sec-ch-ua-platform: "Windows"
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:05:40 UTC1244INHTTP/1.1 302 Found
                                                    Content-Length: 402
                                                    Content-Type: text/html; charset=utf-8
                                                    Location: https://cityofsolanabeach-my.sharepoint.com/personal/lyim_cosb_org/_layouts/15/Authenticate.aspx?Source=%2Fpersonal%2Flyim%5Fcosb%5Forg%2FDocuments%2FMicrosoft%20Teams%20Chat%20Files%2F04212025141353%2D0001%2Epdf%3Fcsf%3D1%26web%3D1%26CID%3D905aaab5%2D842f%2D4e16%2D8c21%2D78919e2e4804
                                                    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                    X-NetworkStatistics: 0,4194720,17989,224,330466,2064587,2064587,22179
                                                    X-SharePointHealthScore: 1
                                                    IsOCDI: 0
                                                    X-DataBoundary: NONE
                                                    X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
                                                    X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/
                                                    SPRequestGuid: bb5597a1-b0e0-8000-ae3e-1559ed679315
                                                    request-id: bb5597a1-b0e0-8000-ae3e-1559ed679315
                                                    MS-CV: oZdVu+CwAICuPhVZ7WeTFQ.0
                                                    X-Powered-By: ASP.NET
                                                    MicrosoftSharePointTeamServices: 16.0.0.26002
                                                    X-Content-Type-Options: nosniff
                                                    X-MS-InvokeApp: 1; RequireReadOnly
                                                    X-Cache: CONFIG_NOCACHE
                                                    X-MSEdge-Ref: Ref A: 11A96ED929C2489D81D2E7DE5FC84A04 Ref B: PHX31EDGE0520 Ref C: 2025-04-23T15:05:40Z
                                                    Date: Wed, 23 Apr 2025 15:05:40 GMT
                                                    Connection: close
                                                    2025-04-23 15:05:40 UTC402INData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 69 74 79 6f 66 73 6f 6c 61 6e 61 62 65 61 63 68 2d 6d 79 2e 73 68 61 72 65 70 6f 69 6e 74 2e 63 6f 6d 2f 70 65 72 73 6f 6e 61 6c 2f 6c 79 69 6d 5f 63 6f 73 62 5f 6f 72 67 2f 5f 6c 61 79 6f 75 74 73 2f 31 35 2f 41 75 74 68 65 6e 74 69 63 61 74 65 2e 61 73 70 78 3f 53 6f 75 72 63 65 3d 25 32 46 70 65 72 73 6f 6e 61 6c 25 32 46 6c 79 69 6d 25 35 46 63 6f 73 62 25 35 46 6f 72 67 25 32 46 44 6f 63 75 6d 65 6e 74 73 25 32 46 4d 69 63 72 6f 73 6f 66 74 25 32 30 54 65 61 6d 73 25 32 30 43 68
                                                    Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="https://cityofsolanabeach-my.sharepoint.com/personal/lyim_cosb_org/_layouts/15/Authenticate.aspx?Source=%2Fpersonal%2Flyim%5Fcosb%5Forg%2FDocuments%2FMicrosoft%20Teams%20Ch


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    2192.168.2.64970013.107.136.104435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:40 UTC926OUTGET /personal/lyim_cosb_org/_layouts/15/Authenticate.aspx?Source=%2Fpersonal%2Flyim%5Fcosb%5Forg%2FDocuments%2FMicrosoft%20Teams%20Chat%20Files%2F04212025141353%2D0001%2Epdf%3Fcsf%3D1%26web%3D1%26CID%3D905aaab5%2D842f%2D4e16%2D8c21%2D78919e2e4804 HTTP/1.1
                                                    Host: cityofsolanabeach-my.sharepoint.com
                                                    Connection: keep-alive
                                                    Upgrade-Insecure-Requests: 1
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                    Sec-Fetch-Site: none
                                                    Sec-Fetch-Mode: navigate
                                                    Sec-Fetch-User: ?1
                                                    Sec-Fetch-Dest: document
                                                    sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                    sec-ch-ua-mobile: ?0
                                                    sec-ch-ua-platform: "Windows"
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:05:41 UTC1805INHTTP/1.1 302 Found
                                                    Cache-Control: private
                                                    Content-Length: 466
                                                    Content-Type: text/html; charset=utf-8
                                                    Location: /_forms/default.aspx?ReturnUrl=%2fpersonal%2flyim_cosb_org%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fpersonal%252Flyim%255Fcosb%255Forg%252FDocuments%252FMicrosoft%2520Teams%2520Chat%2520Files%252F04212025141353%252D0001%252Epdf%253Fcsf%253D1%2526web%253D1%2526CID%253D905aaab5%252D842f%252D4e16%252D8c21%252D78919e2e4804&Source=cookie
                                                    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                    Set-Cookie: RpsContextCookie=U291cmNlPSUyRnBlcnNvbmFsJTJGbHlpbSU1RmNvc2IlNUZvcmclMkZEb2N1bWVudHMlMkZNaWNyb3NvZnQlMjBUZWFtcyUyMENoYXQlMjBGaWxlcyUyRjA0MjEyMDI1MTQxMzUzJTJEMDAwMSUyRXBkZiUzRmNzZiUzRDElMjZ3ZWIlM0QxJTI2Q0lEJTNEOTA1YWFhYjUlMkQ4NDJmJTJENGUxNiUyRDhjMjElMkQ3ODkxOWUyZTQ4MDQ=; expires=Wed, 23-Apr-2025 15:15:41 GMT; path=/; SameSite=None; secure; HttpOnly
                                                    X-NetworkStatistics: 0,4194720,1200,202,1351161,1051136,1051136,20945
                                                    X-SharePointHealthScore: 2
                                                    X-AspNet-Version: 4.0.30319
                                                    IsOCDI: 0
                                                    X-DataBoundary: NONE
                                                    X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
                                                    X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/
                                                    SPRequestGuid: bc5597a1-501c-8000-ae3e-1bea34e63820
                                                    request-id: bc5597a1-501c-8000-ae3e-1bea34e63820
                                                    MS-CV: oZdVvBxQAICuPhvqNOY4IA.0
                                                    Strict-Transport-Security: max-age=31536000
                                                    SPRequestDuration: 14
                                                    SPIisLatency: 1
                                                    X-Powered-By: ASP.NET
                                                    MicrosoftSharePointTeamServices: 16.0.0.26002
                                                    X-Content-Type-Options: nosniff
                                                    X-MS-InvokeApp: 1; RequireReadOnly
                                                    X-Cache: CONFIG_NOCACHE
                                                    X-MSEdge-Ref: Ref A: EF384DF258954F748A75FF702BBEBDA8 Ref B: PHX31EDGE0612 Ref C: 2025-04-23T15:05:41Z
                                                    Date: Wed, 23 Apr 2025 15:05:40 GMT
                                                    Connection: close
                                                    2025-04-23 15:05:41 UTC466INData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 2f 5f 66 6f 72 6d 73 2f 64 65 66 61 75 6c 74 2e 61 73 70 78 3f 52 65 74 75 72 6e 55 72 6c 3d 25 32 66 70 65 72 73 6f 6e 61 6c 25 32 66 6c 79 69 6d 5f 63 6f 73 62 5f 6f 72 67 25 32 66 5f 6c 61 79 6f 75 74 73 25 32 66 31 35 25 32 66 41 75 74 68 65 6e 74 69 63 61 74 65 2e 61 73 70 78 25 33 66 53 6f 75 72 63 65 25 33 64 25 32 35 32 46 70 65 72 73 6f 6e 61 6c 25 32 35 32 46 6c 79 69 6d 25 32 35 35 46 63 6f 73 62 25 32 35 35 46 6f 72 67 25 32 35 32 46 44 6f 63 75 6d 65 6e 74 73 25 32 35 32 46 4d 69 63 72 6f 73 6f 66
                                                    Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="/_forms/default.aspx?ReturnUrl=%2fpersonal%2flyim_cosb_org%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fpersonal%252Flyim%255Fcosb%255Forg%252FDocuments%252FMicrosof


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    3192.168.2.64970113.107.136.104435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:41 UTC1308OUTGET /_forms/default.aspx?ReturnUrl=%2fpersonal%2flyim_cosb_org%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fpersonal%252Flyim%255Fcosb%255Forg%252FDocuments%252FMicrosoft%2520Teams%2520Chat%2520Files%252F04212025141353%252D0001%252Epdf%253Fcsf%253D1%2526web%253D1%2526CID%253D905aaab5%252D842f%252D4e16%252D8c21%252D78919e2e4804&Source=cookie HTTP/1.1
                                                    Host: cityofsolanabeach-my.sharepoint.com
                                                    Connection: keep-alive
                                                    Upgrade-Insecure-Requests: 1
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                    Sec-Fetch-Site: none
                                                    Sec-Fetch-Mode: navigate
                                                    Sec-Fetch-User: ?1
                                                    Sec-Fetch-Dest: document
                                                    sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                    sec-ch-ua-mobile: ?0
                                                    sec-ch-ua-platform: "Windows"
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    Cookie: RpsContextCookie=U291cmNlPSUyRnBlcnNvbmFsJTJGbHlpbSU1RmNvc2IlNUZvcmclMkZEb2N1bWVudHMlMkZNaWNyb3NvZnQlMjBUZWFtcyUyMENoYXQlMjBGaWxlcyUyRjA0MjEyMDI1MTQxMzUzJTJEMDAwMSUyRXBkZiUzRmNzZiUzRDElMjZ3ZWIlM0QxJTI2Q0lEJTNEOTA1YWFhYjUlMkQ4NDJmJTJENGUxNiUyRDhjMjElMkQ3ODkxOWUyZTQ4MDQ=
                                                    2025-04-23 15:05:42 UTC3781INHTTP/1.1 302 Found
                                                    Cache-Control: no-cache, no-store
                                                    Pragma: no-cache
                                                    Content-Length: 893
                                                    Content-Type: text/html; charset=utf-8
                                                    Expires: -1
                                                    Location: https://login.microsoftonline.com:443/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d
                                                    P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                    Set-Cookie: nSGt-4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6=gYEwODBDMUNGQzNGOUZFMDFERTA2NkRDMUJBQzJGMjIyRjM4Q0ZFMjE0MjNDMzZGNUREMDREMEE1OEUwMTAwNDlDNUNFQzZFN0FFMEFDRUZCNkE1MDA5QjIyRTMxOEI1QzZFNhIxMzM4OTg5NDU4MTk2Mjg3NDQjY2l0eW9mc29sYW5hYmVhY2gtbXkuc2hhcmVwb2ludC5jb22W84Evx1hA1DSt/BgkXtrZYtX7rxPjAyd7RfqBJA47RS+TvV4hORiysUnWzFudiGgJhE7ZierIIw82Oza57z4EioHbsn9FqVTJQ9CZHH0FjvjaOKuZpnCi+uPJKxZD0+uiJwLDXuFMa36nzaBOhwYmSp3uuxT3M5AksxcCAyQKSKCQ2lNo2b8K9TKc5fC5tQImjXyJiXEScwfkL7tp4XM28YTSPbfqlEQTjnUxU+fuP6Cbr7OtQlKcbtu0Y+d9PqJaEdvkDQt8enlPTwIwSBjHisiN9bctIQD0qmyEXyz/G+H44WoICC6nZ6CAmm1iq2dg8eLZBMtvDrDZhf8IhkIimwAAAA==; expires=Wed, 23-Apr-2025 15:09:41 GMT; path=/; SameSite=None; secure; HttpOnly
                                                    Set-Cookie: nSGt-4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; SameSite=None; Partitioned; secure; HttpOnly
                                                    Set-Cookie: RpsContextCookie=U291cmNlPSUyRnBlcnNvbmFsJTJGbHlpbSU1RmNvc2IlNUZvcmclMkZEb2N1bWVudHMlMkZNaWNyb3NvZnQlMjBUZWFtcyUyMENoYXQlMjBGaWxlcyUyRjA0MjEyMDI1MTQxMzUzJTJEMDAwMSUyRXBkZiUzRmNzZiUzRDElMjZ3ZWIlM0QxJTI2Q0lEJTNEOTA1YWFhYjUlMkQ4NDJmJTJENGUxNiUyRDhjMjElMkQ3ODkxOWUyZTQ4MDQmUHJldmlvdXNSZXF1ZXN0Q29ycmVsYXRpb25JZD1iYzU1OTdhMSUyRGIwNTMlMkQ4MDAwJTJEYWUzZSUyRDFhNzMyYjNkNmY1ZCZSZXR1cm5Vcmw9JTJGcGVyc29uYWwlMkZseWltJTVGY29zYiU1Rm9yZyUyRiU1RmxheW91dHMlMkYxNSUyRkF1dGhlbnRpY2F0ZSUyRWFzcHglM0ZTb3VyY2UlM0QlMjUyRnBlcnNvbmFsJTI1MkZseWltJTI1NUZjb3NiJTI1NUZvcmclMjUyRkRvY3VtZW50cyUyNTJGTWljcm9zb2Z0JTI1MjBUZWFtcyUyNTIwQ2hhdCUyNTIwRmlsZXMlMjUyRjA0MjEyMDI1MTQxMzUzJTI1MkQwMDAxJTI1MkVwZGYlMjUzRmNzZiUyNTNEMSUyNTI2d2ViJTI1M0QxJTI1MjZDSUQlMjUzRDkwNWFhYWI1JTI1MkQ4NDJmJTI1MkQ0ZTE2JTI1MkQ4YzIxJTI1MkQ3ODkxOWUyZTQ4MDQ=; expires=Wed, 23-Apr-2025 15:15:41 GMT; path=/; SameSite=None; secure; HttpOnly
                                                    Set-Cookie: RpsContextCookie=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; SameSite=None; Partitioned; secure; HttpOnly
                                                    X-NetworkStatistics: 0,4194720,0,20,424349,138606,138606,18233
                                                    X-SharePointHealthScore: 0
                                                    X-AspNet-Version: 4.0.30319
                                                    IsOCDI: 0
                                                    X-DataBoundary: NONE
                                                    X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
                                                    X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/
                                                    SPRequestGuid: bc5597a1-b053-8000-ae3e-1a732b3d6f5d
                                                    request-id: bc5597a1-b053-8000-ae3e-1a732b3d6f5d
                                                    MS-CV: oZdVvFOwAICuPhpzKz1vXQ.0
                                                    Strict-Transport-Security: max-age=31536000
                                                    SPRequestDuration: 44
                                                    SPIisLatency: 0
                                                    Include-Referred-Token-Binding-ID: true
                                                    X-Powered-By: ASP.NET
                                                    MicrosoftSharePointTeamServices: 16.0.0.26002
                                                    X-Content-Type-Options: nosniff
                                                    X-MS-InvokeApp: 1; RequireReadOnly
                                                    X-Cache: CONFIG_NOCACHE
                                                    X-MSEdge-Ref: Ref A: 97438F0B3069443E988EC3C7941A2D34 Ref B: PHX31EDGE0608 Ref C: 2025-04-23T15:05:41Z
                                                    Date: Wed, 23 Apr 2025 15:05:41 GMT
                                                    Connection: close
                                                    2025-04-23 15:05:42 UTC364INData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6c 6f 67 69 6e 2e 6d 69 63 72 6f 73 6f 66 74 6f 6e 6c 69 6e 65 2e 63 6f 6d 3a 34 34 33 2f 38 33 62 65 63 65 33 33 2d 63 34 34 34 2d 34 35 30 66 2d 62 63 37 64 2d 65 32 64 62 39 30 36 64 62 34 62 62 2f 6f 61 75 74 68 32 2f 61 75 74 68 6f 72 69 7a 65 3f 63 6c 69 65 6e 74 25 35 46 69 64 3d 30 30 30 30 30 30 30 33 25 32 44 30 30 30 30 25 32 44 30 66 66 31 25 32 44 63 65 30 30 25 32 44 30 30 30 30 30 30 30 30 30 30 30 30 26 61 6d 70 3b 72 65 73 70 6f 6e 73 65 25 35 46 6d 6f 64 65 3d 66 6f 72
                                                    Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="https://login.microsoftonline.com:443/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&amp;response%5Fmode=for
                                                    2025-04-23 15:05:42 UTC529INData Raw: 73 63 6f 70 65 3d 6f 70 65 6e 69 64 26 61 6d 70 3b 6e 6f 6e 63 65 3d 34 44 30 41 35 38 45 30 31 30 30 34 39 43 35 43 45 43 36 45 37 41 45 30 41 43 45 46 42 36 41 35 30 30 39 42 32 32 45 33 31 38 42 35 43 36 45 36 25 32 44 46 46 36 39 36 44 45 35 38 43 36 37 36 34 45 32 39 33 36 45 30 46 41 32 45 45 46 41 44 41 31 33 41 30 43 46 43 32 33 30 44 45 39 45 35 39 46 42 46 31 32 46 41 33 42 31 43 46 41 38 41 36 46 46 26 61 6d 70 3b 72 65 64 69 72 65 63 74 25 35 46 75 72 69 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 63 69 74 79 6f 66 73 6f 6c 61 6e 61 62 65 61 63 68 25 32 44 6d 79 25 32 45 73 68 61 72 65 70 6f 69 6e 74 25 32 45 63 6f 6d 25 32 46 25 35 46 66 6f 72 6d 73 25 32 46 64 65 66 61 75 6c 74 25 32 45 61 73 70 78 26 61 6d 70 3b 73 74 61 74 65 3d 4f 44 30
                                                    Data Ascii: scope=openid&amp;nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&amp;redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&amp;state=OD0


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    4192.168.2.64970240.126.62.1294435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:42 UTC1369OUTGET /83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d HTTP/1.1
                                                    Host: login.microsoftonline.com
                                                    Connection: keep-alive
                                                    Upgrade-Insecure-Requests: 1
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                    Sec-Fetch-Site: none
                                                    Sec-Fetch-Mode: navigate
                                                    Sec-Fetch-User: ?1
                                                    Sec-Fetch-Dest: document
                                                    sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                    sec-ch-ua-mobile: ?0
                                                    sec-ch-ua-platform: "Windows"
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:05:43 UTC2208INHTTP/1.1 200 OK
                                                    Cache-Control: no-store, no-cache
                                                    Pragma: no-cache
                                                    Content-Type: text/html; charset=utf-8
                                                    Expires: -1
                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                    X-Content-Type-Options: nosniff
                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                    x-ms-request-id: fb86bcaf-efe7-476d-85c8-b4376b860e00
                                                    x-ms-ests-server: 2.1.20540.5 - NCUS ProdSlices
                                                    report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
                                                    nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                    x-ms-srs: 1.P
                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                    Content-Security-Policy-Report-Only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-JLPvbgI5g8d5cIaLKAhIgg' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
                                                    X-XSS-Protection: 0
                                                    Set-Cookie: esctx-FXV4sYLFtI=AQABCQEAAABVrSpeuWamRam2jAF1XRQExuOyBdSO3BZdUl3-qQBUY0gA84xA_yrP87XH6lgt0aPc0Gv7AwWZ7xCy41cbo3h1pxbU9mQYLrqAyuvkUB0EC0Q4hh64537Fti7zqKEHamb4i_2jRmrkU9kKIy0wfXybJKNJmv4DClugCy7fzSE7uiAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
                                                    Set-Cookie: fpc=AuIFpnMgGx9Nnk-AJEH4ucE; expires=Fri, 23-May-2025 15:05:42 GMT; path=/; secure; HttpOnly; SameSite=None
                                                    Set-Cookie: esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEAl7MPZaLYFwPz5nRmVLRFyBwOl27ZF39HLqwV-vgLrgLwNnr7CsFuKtya5u8wYx2Yg1UmVJMsgxnJ6rI5eCoX-GkK3qcxP9xxc5xl8zowY-KfTqEh3oFkrYYTySO4PijQ6Bs0Og_U18j02V35uXCv2DX1WpKZAzBYqx9YL9XpYYgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
                                                    Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
                                                    Set-Cookie: stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
                                                    Date: Wed, 23 Apr 2025 15:05:42 GMT
                                                    Connection: close
                                                    Content-Length: 21184
                                                    2025-04-23 15:05:43 UTC14176INData Raw: 0d 0a 0d 0a 3c 21 2d 2d 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 20 2d 2d 3e 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e
                                                    Data Ascii: ... Copyright (C) Microsoft Corporation. All rights reserved. --><!DOCTYPE html><html><head> <title>Redirecting</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta http-equiv="X-UA-Compatible" conten
                                                    2025-04-23 15:05:43 UTC7008INData Raw: 4c 6f 61 64 28 29 20 66 61 69 6c 65 64 20 64 65 73 70 69 74 65 20 69 6e 69 74 69 61 6c 20 6c 6f 61 64 20 73 75 63 63 65 73 73 2e 20 5b 27 22 2b 6e 2b 22 27 5d 22 7d 73 26 26 28 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 22 2f 65 72 72 6f 72 2e 61 73 70 78 3f 65 72 72 3d 35 30 34 22 29 7d 29 7d 2c 63 2e 4f 6e 45 72 72 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 65 2e 73 72 63 7c 7c 65 2e 68 72 65 66 7c 7c 22 22 2c 6f 3d 69 28 29 2c 73 3d 61 28 29 3b 69 66 28 21 65 29 7b 74 68 72 6f 77 22 54 68 65 20 74 61 72 67 65 74 20 65 6c 65 6d 65 6e 74 20 6d 75 73 74 20 62 65 20 70 72 6f 76 69 64 65 64 20 61 6e 64 20 63 61 6e 6e 6f 74 20 62 65 20 6e 75 6c 6c 2e 22 7d 72 28 22 5b 24 4c 6f 61 64 65 72 5d 3a 20 46 61 69
                                                    Data Ascii: Load() failed despite initial load success. ['"+n+"']"}s&&(document.location.href="/error.aspx?err=504")})},c.OnError=function(e,t){var n=e.src||e.href||"",o=i(),s=a();if(!e){throw"The target element must be provided and cannot be null."}r("[$Loader]: Fai


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    5192.168.2.64970540.126.62.1294435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:44 UTC2660OUTGET /83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d&sso_reload=true HTTP/1.1
                                                    Host: login.microsoftonline.com
                                                    Connection: keep-alive
                                                    sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                    sec-ch-ua-mobile: ?0
                                                    sec-ch-ua-platform: "Windows"
                                                    Upgrade-Insecure-Requests: 1
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                    Sec-Fetch-Site: same-origin
                                                    Sec-Fetch-Mode: navigate
                                                    Sec-Fetch-Dest: document
                                                    Referer: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    Cookie: esctx-FXV4sYLFtI=AQABCQEAAABVrSpeuWamRam2jAF1XRQExuOyBdSO3BZdUl3-qQBUY0gA84xA_yrP87XH6lgt0aPc0Gv7AwWZ7xCy41cbo3h1pxbU9mQYLrqAyuvkUB0EC0Q4hh64537Fti7zqKEHamb4i_2jRmrkU9kKIy0wfXybJKNJmv4DClugCy7fzSE7uiAA; fpc=AuIFpnMgGx9Nnk-AJEH4ucE; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEAl7MPZaLYFwPz5nRmVLRFyBwOl27ZF39HLqwV-vgLrgLwNnr7CsFuKtya5u8wYx2Yg1UmVJMsgxnJ6rI5eCoX-GkK3qcxP9xxc5xl8zowY-KfTqEh3oFkrYYTySO4PijQ6Bs0Og_U18j02V35uXCv2DX1WpKZAzBYqx9YL9XpYYgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
                                                    2025-04-23 15:05:45 UTC2833INHTTP/1.1 200 OK
                                                    Cache-Control: no-store, no-cache
                                                    Pragma: no-cache
                                                    Content-Type: text/html; charset=utf-8
                                                    Expires: -1
                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                    X-Content-Type-Options: nosniff
                                                    X-Frame-Options: DENY
                                                    Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin
                                                    Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch
                                                    Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
                                                    X-DNS-Prefetch-Control: on
                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                    x-ms-request-id: 4bf5714a-86ea-4910-9e72-a05070ef6e00
                                                    x-ms-ests-server: 2.1.20540.5 - NCUS ProdSlices
                                                    report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
                                                    nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                    x-ms-srs: 1.P
                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                    Content-Security-Policy-Report-Only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-N5ZkPBSM0oOEnI-Gi5AU7w' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
                                                    X-XSS-Protection: 0
                                                    Set-Cookie: buid=1.AUUAM86-g0TED0W8feLbkG20uwMAAAAAAPEPzgAAAAAAAABFAABFAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEvFmW9LkO-CuueIHcx3n9NLH8YK9HczFS2kEKHUeDqi9cwvjJVOxuXTHgooQwEXjYPJuMXalvXd5nYyu3Ln0o_5PbJQVHOIwUjS06M1YsRBogAA; expires=Fri, 23-May-2025 15:05:45 GMT; path=/; secure; HttpOnly; SameSite=None
                                                    Set-Cookie: esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEU6xihjuwEEDCEUitnDWQxdK-BQL47zqqe_-Xk0a4miA9mjWb-dlm6JXscc9tQsU1WaSaTncnDLlRutBD1f1hwheix8IDmZHczG3-kN1CgkUXVVfdWpEeTeFuqRe7ioiaQhj1M25GLqUSe2J8BAIW9Fa0-o9nAo8Wkdbi4HizMs4gAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
                                                    Set-Cookie: esctx-pRB8z4dIEDo=AQABCQEAAABVrSpeuWamRam2jAF1XRQEwjBWZW8QVbRoTrWyqUyGVD7exB2b4R_ippuqoD6HO7DiseG0VmsrSL6JO7cEb-hCxLErr1x4u8Jdwn8yRXadLXSHR8Sld1AoZ6_elFdEBLHa3mL0gJgo0lwMBm8qyO7T4gBA38xSP8H5GWyYYj5KsiAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
                                                    Set-Cookie: fpc=AuIFpnMgGx9Nnk-AJEH4ucF79WTGAQAAAMj4mt8OAAAA; expires=Fri, 23-May-2025 15:05:45 GMT; path=/; secure; HttpOnly; SameSite=None
                                                    Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
                                                    Date: Wed, 23 Apr 2025 15:05:44 GMT
                                                    Connection: close
                                                    Content-Length: 45744
                                                    2025-04-23 15:05:45 UTC13551INData Raw: 0d 0a 0d 0a 3c 21 2d 2d 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 20 2d 2d 3e 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 63 6c 61 73 73 3d 22 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 53 69 67 6e 20 69 6e 20 74 6f 20 79 6f 75 72 20 61 63 63 6f 75 6e 74 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 20 20 20 20
                                                    Data Ascii: ... Copyright (C) Microsoft Corporation. All rights reserved. --><!DOCTYPE html><html dir="ltr" class="" lang="en"><head> <title>Sign in to your account</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
                                                    2025-04-23 15:05:45 UTC16384INData Raw: 78 42 47 71 43 32 75 32 62 36 6f 4e 4f 56 33 59 58 46 2d 38 48 58 64 30 46 31 43 42 77 74 75 37 58 59 43 32 65 33 4d 30 7a 52 37 30 35 7a 5f 77 42 30 5c 75 30 30 32 36 65 73 74 73 66 65 64 3d 31 5c 75 30 30 32 36 75 61 69 64 3d 62 63 35 35 39 37 61 31 62 30 35 33 38 30 30 30 61 65 33 65 31 61 37 33 32 62 33 64 36 66 35 64 5c 75 30 30 32 36 63 6f 62 72 61 6e 64 69 64 3d 31 31 62 64 38 30 38 33 2d 38 37 65 30 2d 34 31 62 35 2d 62 62 37 38 2d 30 62 63 34 33 63 38 61 38 65 38 61 5c 75 30 30 32 36 66 63 69 3d 30 30 30 30 30 30 30 33 2d 30 30 30 30 2d 30 66 66 31 2d 63 65 30 30 2d 30 30 30 30 30 30 30 30 30 30 30 30 5c 75 30 30 32 36 77 73 75 63 78 74 3d 31 22 2c 22 75 72 6c 44 65 76 69 63 65 46 69 6e 67 65 72 70 72 69 6e 74 69 6e 67 22 3a 22 22 2c 22 75 72 6c
                                                    Data Ascii: xBGqC2u2b6oNOV3YXF-8HXd0F1CBwtu7XYC2e3M0zR705z_wB0\u0026estsfed=1\u0026uaid=bc5597a1b0538000ae3e1a732b3d6f5d\u0026cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a\u0026fci=00000003-0000-0ff1-ce00-000000000000\u0026wsucxt=1","urlDeviceFingerprinting":"","url
                                                    2025-04-23 15:05:45 UTC15809INData Raw: 74 72 79 22 3a 7b 22 74 79 70 65 22 3a 22 43 68 72 6f 6d 65 53 73 6f 54 65 6c 65 6d 65 74 72 79 22 2c 22 6e 6f 6e 63 65 22 3a 22 41 77 41 42 44 77 45 41 41 41 41 44 41 4f 7a 5f 42 51 44 30 5f 33 50 32 59 64 36 71 63 62 72 6c 67 63 35 74 32 70 58 6e 4f 53 48 61 31 6e 56 75 2d 4a 6e 56 78 76 31 6d 49 49 4c 73 44 73 75 6b 52 52 55 6e 48 73 4e 73 38 77 42 31 64 79 47 6d 49 77 4b 75 51 65 65 38 59 6b 6d 51 79 6e 31 46 4a 33 59 64 7a 70 74 6a 37 30 39 73 48 66 64 63 46 5f 69 63 41 36 54 78 6c 75 61 64 39 6e 59 68 49 41 41 22 2c 22 72 65 70 6f 72 74 53 74 61 74 65 73 22 3a 5b 5d 7d 2c 22 72 65 64 69 72 65 63 74 45 6e 64 53 74 61 74 65 73 22 3a 5b 22 65 6e 64 22 5d 2c 22 63 6f 6f 6b 69 65 4e 61 6d 65 73 22 3a 7b 22 61 61 64 53 73 6f 22 3a 22 41 41 44 53 53 4f 22
                                                    Data Ascii: try":{"type":"ChromeSsoTelemetry","nonce":"AwABDwEAAAADAOz_BQD0_3P2Yd6qcbrlgc5t2pXnOSHa1nVu-JnVxv1mIILsDsukRRUnHsNs8wB1dyGmIwKuQee8YkmQyn1FJ3Ydzptj709sHfdcF_icA6Txluad9nYhIAA","reportStates":[]},"redirectEndStates":["end"],"cookieNames":{"aadSso":"AADSSO"


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    6192.168.2.64970440.126.62.1294435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:44 UTC1856OUTGET /favicon.ico HTTP/1.1
                                                    Host: login.microsoftonline.com
                                                    Connection: keep-alive
                                                    sec-ch-ua-platform: "Windows"
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                    sec-ch-ua-mobile: ?0
                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                    Sec-Fetch-Site: same-origin
                                                    Sec-Fetch-Mode: no-cors
                                                    Sec-Fetch-Dest: image
                                                    Referer: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    Cookie: esctx-FXV4sYLFtI=AQABCQEAAABVrSpeuWamRam2jAF1XRQExuOyBdSO3BZdUl3-qQBUY0gA84xA_yrP87XH6lgt0aPc0Gv7AwWZ7xCy41cbo3h1pxbU9mQYLrqAyuvkUB0EC0Q4hh64537Fti7zqKEHamb4i_2jRmrkU9kKIy0wfXybJKNJmv4DClugCy7fzSE7uiAA; fpc=AuIFpnMgGx9Nnk-AJEH4ucE; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEAl7MPZaLYFwPz5nRmVLRFyBwOl27ZF39HLqwV-vgLrgLwNnr7CsFuKtya5u8wYx2Yg1UmVJMsgxnJ6rI5eCoX-GkK3qcxP9xxc5xl8zowY-KfTqEh3oFkrYYTySO4PijQ6Bs0Og_U18j02V35uXCv2DX1WpKZAzBYqx9YL9XpYYgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
                                                    2025-04-23 15:05:45 UTC1336INHTTP/1.1 404 Not Found
                                                    Cache-Control: private
                                                    Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                    X-Content-Type-Options: nosniff
                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                    x-ms-request-id: 8df307ee-b62b-4836-bc4e-b1bbdedd7a00
                                                    x-ms-ests-server: 2.1.20540.5 - WUS3 ProdSlices
                                                    report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
                                                    nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                    x-ms-srs: 1.P
                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                    Content-Security-Policy-Report-Only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-4vGyWf2RRXKIuiLvn77zOw' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
                                                    X-XSS-Protection: 0
                                                    Date: Wed, 23 Apr 2025 15:05:45 GMT
                                                    Connection: close
                                                    Content-Length: 0


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    7192.168.2.64970723.222.3.2284435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:45 UTC441OUTOPTIONS /api/report?catId=GW+estsfd+wst HTTP/1.1
                                                    Host: identity.nel.measure.office.net
                                                    Connection: keep-alive
                                                    Origin: https://login.microsoftonline.com
                                                    Access-Control-Request-Method: POST
                                                    Access-Control-Request-Headers: content-type
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:05:45 UTC319INHTTP/1.1 200 OK
                                                    Content-Type: text/html
                                                    Content-Length: 7
                                                    Date: Wed, 23 Apr 2025 15:05:45 GMT
                                                    Connection: close
                                                    Access-Control-Allow-Headers: content-type
                                                    Access-Control-Allow-Credentials: false
                                                    Access-Control-Allow-Methods: *
                                                    Access-Control-Allow-Methods: GET, OPTIONS, POST
                                                    Access-Control-Allow-Origin: *
                                                    2025-04-23 15:05:45 UTC7INData Raw: 4f 50 54 49 4f 4e 53
                                                    Data Ascii: OPTIONS


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    8192.168.2.64971123.222.3.2284435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:46 UTC417OUTPOST /api/report?catId=GW+estsfd+wst HTTP/1.1
                                                    Host: identity.nel.measure.office.net
                                                    Connection: keep-alive
                                                    Content-Length: 1134
                                                    Content-Type: application/reports+json
                                                    Origin: https://login.microsoftonline.com
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:05:46 UTC1134OUTData Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 37 31 35 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 6c 6f 67 69 6e 2e 6d 69 63 72 6f 73 6f 66 74 6f 6e 6c 69 6e 65 2e 63 6f 6d 2f 38 33 62 65 63 65 33 33 2d 63 34 34 34 2d 34 35 30 66 2d 62 63 37 64 2d 65 32 64 62 39 30 36 64 62 34 62 62 2f 6f 61 75 74 68 32 2f 61 75 74 68 6f 72 69 7a 65 3f 63 6c 69 65 6e 74 25 35 46 69 64 3d 30 30 30 30 30 30 30 33 25 32 44 30 30 30 30 25 32 44 30 66 66 31 25 32 44 63 65 30 30 25 32 44 30 30 30 30 30 30 30 30 30 30 30 30 26 72 65
                                                    Data Ascii: [{"age":0,"body":{"elapsed_time":715,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&re
                                                    2025-04-23 15:05:46 UTC399INHTTP/1.1 429 Too Many Requests
                                                    Content-Length: 0
                                                    x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
                                                    Request-Context: appId=cid-v1:20c536d6-d891-4743-bdc8-f66a2e341114
                                                    Date: Wed, 23 Apr 2025 15:05:46 GMT
                                                    Connection: close
                                                    Access-Control-Allow-Credentials: false
                                                    Access-Control-Allow-Methods: *
                                                    Access-Control-Allow-Methods: GET, OPTIONS, POST
                                                    Access-Control-Allow-Origin: *


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    9192.168.2.64972123.62.226.1764435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:48 UTC737OUTGET /dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/favicon?ts=638477616223106700 HTTP/1.1
                                                    Host: aadcdn.msauthimages.net
                                                    Connection: keep-alive
                                                    sec-ch-ua-platform: "Windows"
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                    sec-ch-ua-mobile: ?0
                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                    Sec-Fetch-Site: cross-site
                                                    Sec-Fetch-Mode: no-cors
                                                    Sec-Fetch-Dest: image
                                                    Sec-Fetch-Storage-Access: active
                                                    Referer: https://login.microsoftonline.com/
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:05:48 UTC710INHTTP/1.1 200 OK
                                                    Content-Length: 3141
                                                    Content-Type: image/*
                                                    Content-MD5: pGPAjunYb2JK4Y2XxPiHQA==
                                                    Last-Modified: Wed, 03 Apr 2024 17:20:22 GMT
                                                    ETag: 0x8DC54025808B83B
                                                    x-ms-request-id: d4acdbb1-801e-004f-02a1-6732b6000000
                                                    x-ms-version: 2009-09-19
                                                    x-ms-lease-status: unlocked
                                                    x-ms-blob-type: BlockBlob
                                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                    Access-Control-Allow-Origin: *
                                                    Cache-Control: public, max-age=79946
                                                    Date: Wed, 23 Apr 2025 15:05:48 GMT
                                                    Connection: close
                                                    X-Content-Type-Options: nosniff
                                                    Akamai-GRN: 0.846d3e17.1745420748.99b27c8
                                                    2025-04-23 15:05:48 UTC3141INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 09 70 48 59 73 00 00 2e 23 00 00 2e 23 01 78 a5 3f 76 00 00 0b f7 49 44 41 54 58 85 8d 97 f9 77 5c f5 79 87 9f 7b e7 ce cc 9d 7d d5 32 92 c6 da 25 4b 96 65 1b c9 18 6c 6c 36 63 8c b1 c3 da 04 0a 9c a6 81 42 49 7b 42 43 31 a4 81 04 d2 c4 3d 3d 6d e8 09 f4 d4 1c 0a 69 42 08 50 c0 04 b0 63 63 30 3e b6 91 6d 6c 83 65 59 b6 16 6b 9d 19 49 a3 91 46 33 9a 55 9a 3b db ed 0f 4e 48 81 d0 e6 fd 07 9e e7 fd fc f0 7e bf 1f c1 1f 88 23 8a 00 20 08 50 2c 42 be 50 24 97 2b 50 28 a8 48 92 88 d5 ac 27 96 c8 e0 9b 88 31 37 bf d0 61 d2 6b 96 cf c7 33 8d 43 a3 73 25 b9 42 51 d2 6a 84 d8 ba 4b ab fd aa 20 f4 1b 0d ba 53 76 ab 1c f7 7a ac a4 17 b3 2c 66 f2 e8 b4 1a 44 8d
                                                    Data Ascii: PNGIHDR szzpHYs.#.#x?vIDATXw\y{}2%Kell6cBI{BC1==miBPcc0>mleYkIF3U;NH~# P,BP$+P(H'17ak3Cs%BQjK Svz,fD


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    10192.168.2.64972423.62.226.1644435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:49 UTC491OUTGET /dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/favicon?ts=638477616223106700 HTTP/1.1
                                                    Host: aadcdn.msauthimages.net
                                                    Connection: keep-alive
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept: */*
                                                    Sec-Fetch-Site: none
                                                    Sec-Fetch-Mode: cors
                                                    Sec-Fetch-Dest: empty
                                                    Sec-Fetch-Storage-Access: active
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:05:49 UTC710INHTTP/1.1 200 OK
                                                    Content-Length: 3141
                                                    Content-Type: image/*
                                                    Content-MD5: pGPAjunYb2JK4Y2XxPiHQA==
                                                    Last-Modified: Wed, 03 Apr 2024 17:20:22 GMT
                                                    ETag: 0x8DC54025808B83B
                                                    x-ms-request-id: d4acdbb1-801e-004f-02a1-6732b6000000
                                                    x-ms-version: 2009-09-19
                                                    x-ms-lease-status: unlocked
                                                    x-ms-blob-type: BlockBlob
                                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                    Access-Control-Allow-Origin: *
                                                    Cache-Control: public, max-age=79945
                                                    Date: Wed, 23 Apr 2025 15:05:49 GMT
                                                    Connection: close
                                                    X-Content-Type-Options: nosniff
                                                    Akamai-GRN: 0.846d3e17.1745420749.99b45ed
                                                    2025-04-23 15:05:49 UTC3141INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 09 70 48 59 73 00 00 2e 23 00 00 2e 23 01 78 a5 3f 76 00 00 0b f7 49 44 41 54 58 85 8d 97 f9 77 5c f5 79 87 9f 7b e7 ce cc 9d 7d d5 32 92 c6 da 25 4b 96 65 1b c9 18 6c 6c 36 63 8c b1 c3 da 04 0a 9c a6 81 42 49 7b 42 43 31 a4 81 04 d2 c4 3d 3d 6d e8 09 f4 d4 1c 0a 69 42 08 50 c0 04 b0 63 63 30 3e b6 91 6d 6c 83 65 59 b6 16 6b 9d 19 49 a3 91 46 33 9a 55 9a 3b db ed 0f 4e 48 81 d0 e6 fd 07 9e e7 fd fc f0 7e bf 1f c1 1f 88 23 8a 00 20 08 50 2c 42 be 50 24 97 2b 50 28 a8 48 92 88 d5 ac 27 96 c8 e0 9b 88 31 37 bf d0 61 d2 6b 96 cf c7 33 8d 43 a3 73 25 b9 42 51 d2 6a 84 d8 ba 4b ab fd aa 20 f4 1b 0d ba 53 76 ab 1c f7 7a ac a4 17 b3 2c 66 f2 e8 b4 1a 44 8d
                                                    Data Ascii: PNGIHDR szzpHYs.#.#x?vIDATXw\y{}2%Kell6cBI{BC1==miBPcc0>mleYkIF3U;NH~# P,BP$+P(H'17ak3Cs%BQjK Svz,fD


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    11192.168.2.64972823.62.226.1764435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:50 UTC742OUTGET /dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/illustration?ts=638477616232014667 HTTP/1.1
                                                    Host: aadcdn.msauthimages.net
                                                    Connection: keep-alive
                                                    sec-ch-ua-platform: "Windows"
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                    sec-ch-ua-mobile: ?0
                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                    Sec-Fetch-Site: cross-site
                                                    Sec-Fetch-Mode: no-cors
                                                    Sec-Fetch-Dest: image
                                                    Sec-Fetch-Storage-Access: active
                                                    Referer: https://login.microsoftonline.com/
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:05:50 UTC713INHTTP/1.1 200 OK
                                                    Content-Length: 298891
                                                    Content-Type: image/*
                                                    Content-MD5: dAyR2yLUoV61tNR3lw4Adg==
                                                    Last-Modified: Wed, 03 Apr 2024 17:20:23 GMT
                                                    ETag: 0x8DC540258B82F6C
                                                    x-ms-request-id: 94d4a787-e01e-0049-4aa1-670109000000
                                                    x-ms-version: 2009-09-19
                                                    x-ms-lease-status: unlocked
                                                    x-ms-blob-type: BlockBlob
                                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                    Access-Control-Allow-Origin: *
                                                    Cache-Control: public, max-age=79979
                                                    Date: Wed, 23 Apr 2025 15:05:50 GMT
                                                    Connection: close
                                                    X-Content-Type-Options: nosniff
                                                    Akamai-GRN: 0.906d3e17.1745420750.cafba93c
                                                    2025-04-23 15:05:50 UTC16384INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 14 00 14 00 00 ff e2 01 d8 49 43 43 5f 50 52 4f 46 49 4c 45 00 01 01 00 00 01 c8 00 00 00 00 04 30 00 00 6d 6e 74 72 52 47 42 20 58 59 5a 20 07 e0 00 01 00 01 00 00 00 00 00 00 61 63 73 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 f6 d6 00 01 00 00 00 00 d3 2d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09 64 65 73 63 00 00 00 f0 00 00 00 24 72 58 59 5a 00 00 01 14 00 00 00 14 67 58 59 5a 00 00 01 28 00 00 00 14 62 58 59 5a 00 00 01 3c 00 00 00 14 77 74 70 74 00 00 01 50 00 00 00 14 72 54 52 43 00 00 01 64 00 00 00 28 67 54 52 43 00 00 01 64 00 00 00 28 62
                                                    Data Ascii: JFIFICC_PROFILE0mntrRGB XYZ acsp-desc$rXYZgXYZ(bXYZ<wtptPrTRCd(gTRCd(b
                                                    2025-04-23 15:05:50 UTC16384INData Raw: 90 8a a0 a1 a2 29 0a e2 9d c5 76 9a 5b 05 0d 11 49 a6 9d c7 a5 76 9c 52 6c 69 0d 69 a1 d3 4f 62 93 4d 2b 1a 43 25 7a d2 15 a7 88 a1 d3 d6 8b 18 c9 4a 4d 3e 94 f1 5c d0 e2 8b 01 ad 14 38 c7 ad 3c 45 06 28 4f d4 91 ad 3b d2 69 a7 74 d7 15 cd 16 3a 19 c5 21 5a 7b 4d 21 5a 56 3a 1b d2 29 34 e3 a1 a7 31 5c 77 c5 26 c0 68 8a 42 29 c2 29 0a ed 4a c6 35 8a 42 b4 ee 9a 42 28 b0 19 c5 21 5a 7b 14 9a 41 34 ac 74 47 65 a0 22 a4 b2 79 53 45 69 a9 12 d3 43 25 68 0a ed 52 0a d0 b2 e2 8b 0d 24 72 31 40 45 48 2b 4d 95 aa b2 58 c9 18 a1 23 7d e9 d6 5d f6 a1 22 81 0d 91 40 45 3c 57 9d 01 18 a0 63 64 50 15 e9 4e 91 9a 12 b4 03 19 22 84 8a 77 06 93 4d 30 88 d1 4c 50 95 34 f9 1b 50 b0 a5 66 8d 0c 11 48 45 38 41 39 a4 ee e9 36 89 a1 92 28 7d 29 e2 94 05 48 a5 62 69 80 45 01 da
                                                    Data Ascii: )v[IvRliiObM+C%zJM>\8<E(O;it:!Z{M!ZV:)41\w&hB))J5BB(!Z{A4tGe"ySEiC%hR$r1@EH+MX#}]"@E<WcdPN"wM0LP4PfHE8A96(})HbiE
                                                    2025-04-23 15:05:50 UTC5515INData Raw: 4a 05 3d 42 04 0a 5c 51 85 a5 c5 2d 40 08 19 a5 c5 10 14 58 a5 60 00 14 40 52 e3 7a 20 28 b1 82 07 2a 50 33 45 8a 50 29 a6 2b 04 2d 16 9a 5c 51 63 6a 35 00 21 69 71 45 8a 5c 6d 4e c4 0e 29 71 45 8a 20 b4 b5 0e 80 d3 4b a6 8f 14 a0 53 b0 07 1b 52 81 45 a6 94 0a 56 00 81 44 05 2e 91 d2 88 2d 1a 80 10 0d 2e 28 82 e6 97 4d 16 00 e2 94 0a 2c 66 94 0a 35 00 98 a5 c5 2e 29 71 4b 50 09 8c 51 0a e0 29 69 6a 03 a9 45 20 14 a0 50 d8 0b 9a 20 d9 a1 a5 14 99 49 87 4b 48 3a 57 1a 45 58 b5 d5 d4 43 1d 69 30 bb 13 14 b4 4a 9a 8e c7 6f 5a e2 b8 3b d1 63 06 97 14 b5 d8 cd 02 47 57 52 e0 8a 4a 45 33 ab a9 71 5d 8a 76 49 c2 96 86 8a 80 3a 96 92 94 50 01 66 ba 92 96 90 ce c5 2e 37 ae a2 1c a9 d8 50 98 ae 02 8c 0a 5c 0a 56 3a 00 0a 5c 51 e2 b8 50 14 08 5a 5c 51 62 94 0a 56 56
                                                    Data Ascii: J=B\Q-@X`@Rz (*P3EP)+-\Qcj5!iqE\mN)qE KSREVD.-.(M,f5.)qKPQ)ijE P IKH:WEXCi0JoZ;cGWRJE3q]vI:Pf.7P\V:\QPZ\QbVV
                                                    2025-04-23 15:05:50 UTC16384INData Raw: ff 00 76 b8 e3 f6 47 55 5b bf dc e9 7f 68 e0 f4 2b 2d e6 27 63 9d ea 7c 7e b4 e2 db a2 72 14 e6 90 06 d5 e9 f4 dd 26 6c 4b cc ce 2c dd 46 29 bf 2a 1a 60 3a 8a 6d 97 06 9f 2a 0d 0b 0c 8a ec 8e ae e7 3b 6b b0 ce 2b 88 a2 23 14 98 ab b1 09 8a 51 b5 77 4a ec d1 62 0b 20 d7 66 86 ba 80 b1 4d 25 71 a4 eb 4e c4 2d 26 69 70 31 48 06 4d 2d 42 a1 33 4b 82 68 c2 e0 6f 5d 51 2c 94 5a 85 88 14 9e b4 12 3a a5 11 34 c4 89 a8 d7 1e 7e a6 69 54 4e 9c 58 23 fe 42 2d c2 31 c6 68 e4 60 06 49 15 14 c1 e2 c8 38 a7 08 18 c3 1c d7 24 7a cc a9 34 ce 89 74 d8 ef 60 5a f2 35 db 15 c6 78 d9 73 9a 8d 32 28 e4 37 a1 28 48 d8 57 37 df f3 26 cd fe e9 89 a4 38 fc 40 44 30 05 44 97 8d 00 3d 69 24 80 b1 a8 52 d9 16 e6 31 5c f3 eb 32 c9 db 66 f0 e9 b1 a5 54 49 5e 39 ab 6e ef df 45 fa e4 1d
                                                    Data Ascii: vGU[h+-'c|~r&lK,F)*`:m*;k+#QwJb fM%qN-&ip1HM-B3Kho]Q,Z:4~iTNX#B-1h`I8$z4t`Z5xs2(7(HW7&8@D0D=i$R1\2fTI^9nE
                                                    2025-04-23 15:05:50 UTC16384INData Raw: e5 d5 39 24 9c 56 df 5f b9 e9 fc 52 1e cd bc d0 ab dc 89 9d db 0c f6 a4 0c 03 eb ca a6 f1 0e cf 70 58 b8 3c a9 c2 dc 4f 36 c4 b3 1c b0 f3 e9 5e 5f 6f c5 0a c2 ca 8b a5 f9 0f 33 56 9d 9b e3 33 c5 7f 0a ac 8c 19 db 4b 93 f8 86 7e b5 ca fa 29 ed 53 75 1d f9 e4 bf be 41 4b 53 8a 65 3d c4 1a 2e 99 43 1d 60 f2 03 6a 22 08 6e 5a b3 f0 cd 69 7b 43 c3 d1 2e 4c f0 90 dd e7 df c7 35 f2 cf b6 b1 b7 f7 13 29 29 18 55 c1 e8 6b d6 c6 f5 24 ce 1c f0 d1 26 3c e4 b0 01 b6 5c f2 a8 b2 dc 22 ec 9c b9 60 54 4d 12 90 4b 49 93 e6 29 96 ca b1 cb 16 23 95 6a bd c7 3b 92 16 e6 71 8c 00 77 aa f7 19 19 2c 70 4e 69 f6 21 c0 27 95 34 f1 aa e7 0c 4e 7c ea 99 9f 23 0c 11 79 03 9a 1f bc 37 d8 73 a7 b0 79 8a e1 be d8 38 f4 15 20 a2 20 66 07 4e f8 c0 da 9c 11 16 4f 0f 33 e6 29 f8 21 2c a4
                                                    Data Ascii: 9$V_RpX<O6^_o3V3K~)SuAKSe=.C`j"nZi{C.L5))Uk$&<\"`TMKI)#j;qw,pNi!'4N|#y7sy8 fNO3)!,
                                                    2025-04-23 15:05:50 UTC7952INData Raw: 70 23 31 a3 32 06 3c c1 9b 3b fc 73 4e 5c 59 4e 58 14 78 9f cc 16 70 01 f3 03 04 54 69 b8 4c a1 19 e6 bf 3a 48 fb bd da b7 fd 95 a2 dd ee 44 93 ec 77 77 32 b0 53 3a e9 3d 33 be 3d b9 ae 65 66 6d e6 57 8f 9e 92 c3 73 d3 91 a8 dd db cc 8d 1a 03 a0 72 6e ed f3 ff 00 e6 ff 00 8d 36 9c 3a e1 9d f4 4f 34 48 39 01 03 e4 9f 3c 95 ad 12 33 64 a9 ad 4c a4 46 a2 32 3f 11 76 c5 24 76 b2 34 60 99 54 28 e6 15 81 1f 3a 65 2c ee 08 60 6e ee b0 0e cc ea 47 ff 00 a3 a3 92 19 91 b1 a8 b1 03 62 37 c9 f6 68 aa 10 eb a4 71 02 e6 65 4d b7 60 ca bf 4a 8a f7 90 c4 85 9a f5 64 00 ee 43 06 23 d3 6c ed ee a7 a0 8a e3 1e 26 66 27 70 a0 82 01 fe c5 3e 2c a5 64 c4 92 32 b7 f4 48 db e0 82 92 92 13 4c 81 2f 16 b4 8c 81 25 c9 19 18 2b 86 db d4 8e 9e dc 52 99 d5 80 2b 78 00 27 61 a4 6f 53
                                                    Data Ascii: p#12<;sN\YNXxpTiL:HDww2S:=3=efmWsrn6:O4H9<3dLF2?v$v4`T(:e,`nGb7hqeM`JdC#l&f'p>,d2HL/%+R+x'aoS
                                                    2025-04-23 15:05:50 UTC16384INData Raw: 83 6d 24 e7 eb 81 f3 a6 5a 24 44 57 64 91 58 8c ec ab 26 3e 0c 6a 75 6d b8 f4 24 52 3f 0f bc 24 e3 8f 71 61 91 91 ab 47 cb 27 23 dd 55 f7 3c 12 fe e2 32 3f d2 0e 3b b9 ce 51 86 07 c1 ab 51 24 a8 c0 0f b4 c8 99 e4 0c 04 03 f1 da ab ee a7 11 b0 d5 79 a4 81 b1 31 64 1f 83 0a a8 b7 d9 89 c5 19 c9 38 2c d6 e8 80 76 93 8e 96 53 80 7e d0 c3 1e ec e2 ba 5e cd 3d f4 7b f6 8f 8b 89 01 c9 2f 2e 75 7b 79 d5 e1 9a ea 52 56 26 12 90 35 69 5b 52 0f bf 39 a8 33 b5 d4 4d aa 48 64 46 eb b8 41 ed e9 5a 25 27 dc 86 a3 7c 10 a5 ec 9c 01 15 ae 2f 2e 27 c7 ef 3b 7d 45 2c b6 9c 25 95 23 9e de 49 19 76 5d 72 16 38 f6 b0 06 aa a5 ed a7 ed 9e 08 f8 82 6a 4d c8 d2 bf 9b 0c 9f 65 3c dd b8 8c c6 90 ca 2e 55 9b 60 eb 02 ed ed 25 8d 3f 0e 7d f7 16 bc 63 17 dc 1b 81 dd be 86 e1 53 12 36
                                                    Data Ascii: m$Z$DWdX&>jum$R?$qaG'#U<2?;QQ$y1d8,vS~^={/.u{yRV&5i[R93MHdFAZ%'|/.';}E,%#Iv]r8jMe<.U`%?}cS6
                                                    2025-04-23 15:05:50 UTC2917INData Raw: a3 5d f1 0b 14 4c a5 c5 ba 93 cc 99 30 a7 dd 9c 55 28 c8 9d df 00 3c dc 49 24 cf d8 65 5c 8c e1 99 06 3d bb 51 99 2f 25 03 52 cd 13 79 a3 21 1f 31 4d 45 c6 62 01 94 5d 40 31 b9 d1 16 40 f8 0a 19 3b 41 6d 03 05 ef 12 47 71 ab 48 07 53 0f 7e 29 f0 25 19 32 56 8b cd 19 13 4e cc bc 89 d1 fc 3f 2a 69 be d8 f1 1f da b6 79 12 a1 73 f4 aa 8e 23 da f5 82 1d 2a 96 f6 e4 9c 29 b9 b8 54 df fa bc eb 2f 77 fa 45 16 92 3c 3f 6f 81 49 3b 95 b7 77 fa 9a d6 18 e5 2e 02 70 71 56 cd bc 69 71 29 d1 24 ce db ec 0c 4a c3 fb d4 fa 70 6d 0a c7 01 b3 fd 75 03 e0 6b cf e1 fd 2b f0 c8 a1 65 96 f4 4b 20 eb dc ba 83 f3 3f 4a cf f1 3f d2 e5 b4 92 a8 82 20 80 8c f7 8b 8f a6 37 f8 d6 91 e9 b2 bd a8 c9 ca 2b 77 23 d6 e4 e1 90 ca 7f 6d 0a e7 97 85 9b 7f 6e 4d 0c 1c 2e ca d1 b3 1d b8 1f d5
                                                    Data Ascii: ]L0U(<I$e\=Q/%Ry!1MEb]@1@;AmGqHS~)%2VN?*iys#*)T/wE<?oI;w.pqViq)$Jpmuk+eK ?J? 7+w#mnM.
                                                    2025-04-23 15:05:50 UTC16384INData Raw: 96 c4 79 38 e1 8e 55 d7 67 62 8c 0f 56 60 de ef bb 56 f6 fc 6e f4 6a 6b 79 14 21 c6 34 9c 80 31 d7 1f e3 55 92 5b f1 b9 1c bc ae 34 8e 6c 62 0a 31 e8 41 c5 4e 8e fa 5b 45 60 f7 ea e0 0f b9 85 53 f2 39 a1 24 09 92 bf 59 dd dc a8 56 68 f5 a0 ce 9c 36 fe bc aa be 79 6e dd d4 3d 8c 67 c3 b3 02 13 03 cf 2c 33 52 5b 8c cf 2a 88 a2 56 d4 3e e9 11 ab fe 67 e9 4e 43 2f 14 89 bf 69 39 88 67 ee 8d 0b ab e2 a6 87 b1 4b 71 a8 ee ef 38 7c 5a 23 8d e4 c6 e3 bc 97 58 ff 00 a4 54 88 4f 12 e2 03 bc 32 ac 05 77 38 52 b8 f6 16 23 e9 4f df 5d dd 77 49 dd f7 0f 10 e6 a2 52 d9 3e ba 7f 85 56 43 7f 14 f2 30 72 b6 d2 47 8c 01 03 48 ad ec d4 09 a4 a3 b5 83 6a cb 78 6c ae 25 0b df dd 28 2b cf f6 87 27 1c be e9 02 a4 cf 17 74 80 34 89 93 b8 7c 31 cf bc 1d fe 35 4a d7 f6 cf 72 91 8e
                                                    Data Ascii: y8UgbV`Vnjky!41U[4lb1AN[E`S9$YVh6yn=g,3R[*V>gNC/i9gKq8|Z#XTO2w8R#O]wIR>VC0rGHjxl%(+'t4|15Jr
                                                    2025-04-23 15:05:50 UTC16384INData Raw: f1 2b b1 e5 a7 39 fa d3 32 70 5b 74 c8 4b 6b a4 c9 e6 ba 70 69 51 6d ee 33 37 15 e0 80 00 38 7c 64 f2 c3 10 3e 5b d2 c5 c5 78 52 00 7e c0 8a 01 fc 38 38 f5 dc 53 d1 70 e4 57 ff 00 d2 5c bf 90 79 57 7a 59 b8 75 cb 38 36 f6 27 4f 5e f6 4f e0 d4 a9 22 49 4d c7 ad 42 28 b4 82 1c 7e f3 30 fc 85 33 37 1d 90 67 37 06 31 8c 86 8d 0e de fc 7e 55 22 3e 19 24 8a ba e2 b1 4c 73 e6 c4 7b f1 53 57 87 46 63 c2 c9 0a 37 46 ee 80 fa 8a 5b 22 cc dc 5d a3 9d 2e 44 6b 2d f4 ba b9 e4 7d 39 1a 9b 71 c6 ee a4 c2 98 af d4 1d c6 e0 e7 e2 4d 58 b3 25 98 28 25 86 56 f3 09 a4 0f 78 1b d3 09 73 6a 64 3d fd c0 00 9c e9 6e f4 0c fb a9 fb c2 fb 01 6d 73 7c d8 95 6d 6f b7 d8 b3 1e 7f 4a 93 37 12 e3 2c 31 f6 5d 23 a3 3e 01 3f 1a b2 8a 3b 72 84 a9 8c e7 91 49 1b 3f 36 fa d3 52 4c d6 ad 98
                                                    Data Ascii: +92p[tKkpiQm378|d>[xR~88SpW\yWzYu86'O^O"IMB(~037g71~U">$Ls{SWFc7F["].Dk-}9qMX%(%Vxsjd=nms|moJ7,1]#>?;rI?6RL


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    12192.168.2.64972923.62.226.1764435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:50 UTC740OUTGET /dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/bannerlogo?ts=638477648718392351 HTTP/1.1
                                                    Host: aadcdn.msauthimages.net
                                                    Connection: keep-alive
                                                    sec-ch-ua-platform: "Windows"
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                    sec-ch-ua-mobile: ?0
                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                    Sec-Fetch-Site: cross-site
                                                    Sec-Fetch-Mode: no-cors
                                                    Sec-Fetch-Dest: image
                                                    Sec-Fetch-Storage-Access: active
                                                    Referer: https://login.microsoftonline.com/
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:05:50 UTC710INHTTP/1.1 200 OK
                                                    Content-Length: 8493
                                                    Content-Type: image/*
                                                    Content-MD5: SGiwA5r0OyOEblB81b8JHw==
                                                    Last-Modified: Wed, 03 Apr 2024 18:14:32 GMT
                                                    ETag: 0x8DC5409E8FEAA61
                                                    x-ms-request-id: 45fdbfcf-301e-004a-3ef3-68e06d000000
                                                    x-ms-version: 2009-09-19
                                                    x-ms-lease-status: unlocked
                                                    x-ms-blob-type: BlockBlob
                                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                    Access-Control-Allow-Origin: *
                                                    Cache-Control: public, max-age=29828
                                                    Date: Wed, 23 Apr 2025 15:05:50 GMT
                                                    Connection: close
                                                    X-Content-Type-Options: nosniff
                                                    Akamai-GRN: 0.846d3e17.1745420750.99b6317
                                                    2025-04-23 15:05:50 UTC8493INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 f5 00 00 00 28 08 06 00 00 00 26 11 bc 94 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 00 3a 74 45 58 74 43 6f 6d 6d 65 6e 74 00 78 72 3a 64 3a 44 41 46 38 43 78 55 44 2d 48 34 3a 32 2c 6a 3a 39 33 33 37 38 38 38 38 35 34 31 38 38 30 30 30 35 32 2c 74 3a 32 34 30 32 30 36 31 39 3d d5 60 ed 00 00 04 f2 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 27 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 27 3e 0a 20 20 20 20 20 20 20 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e
                                                    Data Ascii: PNGIHDR(&pHYs+:tEXtCommentxr:d:DAF8CxUD-H4:2,j:933788885418800052,t:24020619=`iTXtXML:com.adobe.xmp<x:xmpmeta xmlns:x='adobe:ns:meta/'> <rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syn


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    13192.168.2.64973220.190.151.74435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:50 UTC768OUTGET /83bece33-c444-450f-bc7d-e2db906db4bb/winauth/ssoprobe?client-request-id=bc5597a1-b053-8000-ae3e-1a732b3d6f5d&_=1745420749193 HTTP/1.1
                                                    Host: autologon.microsoftazuread-sso.com
                                                    Connection: keep-alive
                                                    sec-ch-ua-platform: "Windows"
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                    sec-ch-ua-mobile: ?0
                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                    Sec-Fetch-Site: cross-site
                                                    Sec-Fetch-Mode: no-cors
                                                    Sec-Fetch-Dest: image
                                                    Sec-Fetch-Storage-Access: active
                                                    Referer: https://login.microsoftonline.com/
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:05:51 UTC1733INHTTP/1.1 401 Unauthorized
                                                    Cache-Control: no-store, no-cache
                                                    Pragma: no-cache
                                                    Content-Type: image/png; charset=utf-8
                                                    Expires: -1
                                                    Vary: Origin
                                                    X-Content-Type-Options: nosniff
                                                    Access-Control-Allow-Origin: https://login.microsoftonline.com
                                                    Access-Control-Allow-Credentials: true
                                                    Access-Control-Allow-Methods: GET, OPTIONS
                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                    x-ms-request-id: dc497041-2547-4f79-949b-fd1c1b317500
                                                    x-ms-ests-server: 2.1.20540.5 - WUS3 ProdSlices
                                                    report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
                                                    nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                    Content-Security-Policy-Report-Only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-a9xqsOw8o-dS2YKYPei4yg' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
                                                    X-XSS-Protection: 0
                                                    WWW-Authenticate: Negotiate
                                                    Set-Cookie: fpc=AhsOvyJ6qWFDoleX1wU32vQ; expires=Fri, 23-May-2025 15:05:51 GMT; path=/; secure; HttpOnly; SameSite=None
                                                    Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
                                                    Set-Cookie: stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
                                                    Date: Wed, 23 Apr 2025 15:05:50 GMT
                                                    Connection: close
                                                    Content-Length: 12
                                                    2025-04-23 15:05:51 UTC12INData Raw: 55 6e 61 75 74 68 6f 72 69 7a 65 64
                                                    Data Ascii: Unauthorized


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    14192.168.2.64973323.62.226.1644435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:50 UTC494OUTGET /dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/bannerlogo?ts=638477648718392351 HTTP/1.1
                                                    Host: aadcdn.msauthimages.net
                                                    Connection: keep-alive
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept: */*
                                                    Sec-Fetch-Site: none
                                                    Sec-Fetch-Mode: cors
                                                    Sec-Fetch-Dest: empty
                                                    Sec-Fetch-Storage-Access: active
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:05:51 UTC711INHTTP/1.1 200 OK
                                                    Content-Length: 8493
                                                    Content-Type: image/*
                                                    Content-MD5: SGiwA5r0OyOEblB81b8JHw==
                                                    Last-Modified: Wed, 03 Apr 2024 18:14:32 GMT
                                                    ETag: 0x8DC5409E8FEAA61
                                                    x-ms-request-id: 45fdbfcf-301e-004a-3ef3-68e06d000000
                                                    x-ms-version: 2009-09-19
                                                    x-ms-lease-status: unlocked
                                                    x-ms-blob-type: BlockBlob
                                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                    Access-Control-Allow-Origin: *
                                                    Cache-Control: public, max-age=29797
                                                    Date: Wed, 23 Apr 2025 15:05:50 GMT
                                                    Connection: close
                                                    X-Content-Type-Options: nosniff
                                                    Akamai-GRN: 0.906d3e17.1745420750.cafbc018
                                                    2025-04-23 15:05:51 UTC8493INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 f5 00 00 00 28 08 06 00 00 00 26 11 bc 94 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 00 3a 74 45 58 74 43 6f 6d 6d 65 6e 74 00 78 72 3a 64 3a 44 41 46 38 43 78 55 44 2d 48 34 3a 32 2c 6a 3a 39 33 33 37 38 38 38 38 35 34 31 38 38 30 30 30 35 32 2c 74 3a 32 34 30 32 30 36 31 39 3d d5 60 ed 00 00 04 f2 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 27 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 27 3e 0a 20 20 20 20 20 20 20 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e
                                                    Data Ascii: PNGIHDR(&pHYs+:tEXtCommentxr:d:DAF8CxUD-H4:2,j:933788885418800052,t:24020619=`iTXtXML:com.adobe.xmp<x:xmpmeta xmlns:x='adobe:ns:meta/'> <rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syn


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    15192.168.2.64973423.62.226.1644435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:51 UTC496OUTGET /dbd5a2dd-uy07ptllz8mdw7abaacimks8-p9pcmn-qsct0uoe6aw/logintenantbranding/0/illustration?ts=638477616232014667 HTTP/1.1
                                                    Host: aadcdn.msauthimages.net
                                                    Connection: keep-alive
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept: */*
                                                    Sec-Fetch-Site: none
                                                    Sec-Fetch-Mode: cors
                                                    Sec-Fetch-Dest: empty
                                                    Sec-Fetch-Storage-Access: active
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:05:51 UTC712INHTTP/1.1 200 OK
                                                    Content-Length: 298891
                                                    Content-Type: image/*
                                                    Content-MD5: dAyR2yLUoV61tNR3lw4Adg==
                                                    Last-Modified: Wed, 03 Apr 2024 17:20:23 GMT
                                                    ETag: 0x8DC540258B82F6C
                                                    x-ms-request-id: 94d4a787-e01e-0049-4aa1-670109000000
                                                    x-ms-version: 2009-09-19
                                                    x-ms-lease-status: unlocked
                                                    x-ms-blob-type: BlockBlob
                                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                    Access-Control-Allow-Origin: *
                                                    Cache-Control: public, max-age=80032
                                                    Date: Wed, 23 Apr 2025 15:05:51 GMT
                                                    Connection: close
                                                    X-Content-Type-Options: nosniff
                                                    Akamai-GRN: 0.846d3e17.1745420751.99b87b0
                                                    2025-04-23 15:05:51 UTC16384INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 14 00 14 00 00 ff e2 01 d8 49 43 43 5f 50 52 4f 46 49 4c 45 00 01 01 00 00 01 c8 00 00 00 00 04 30 00 00 6d 6e 74 72 52 47 42 20 58 59 5a 20 07 e0 00 01 00 01 00 00 00 00 00 00 61 63 73 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 f6 d6 00 01 00 00 00 00 d3 2d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09 64 65 73 63 00 00 00 f0 00 00 00 24 72 58 59 5a 00 00 01 14 00 00 00 14 67 58 59 5a 00 00 01 28 00 00 00 14 62 58 59 5a 00 00 01 3c 00 00 00 14 77 74 70 74 00 00 01 50 00 00 00 14 72 54 52 43 00 00 01 64 00 00 00 28 67 54 52 43 00 00 01 64 00 00 00 28 62
                                                    Data Ascii: JFIFICC_PROFILE0mntrRGB XYZ acsp-desc$rXYZgXYZ(bXYZ<wtptPrTRCd(gTRCd(b
                                                    2025-04-23 15:05:51 UTC16384INData Raw: 90 8a a0 a1 a2 29 0a e2 9d c5 76 9a 5b 05 0d 11 49 a6 9d c7 a5 76 9c 52 6c 69 0d 69 a1 d3 4f 62 93 4d 2b 1a 43 25 7a d2 15 a7 88 a1 d3 d6 8b 18 c9 4a 4d 3e 94 f1 5c d0 e2 8b 01 ad 14 38 c7 ad 3c 45 06 28 4f d4 91 ad 3b d2 69 a7 74 d7 15 cd 16 3a 19 c5 21 5a 7b 4d 21 5a 56 3a 1b d2 29 34 e3 a1 a7 31 5c 77 c5 26 c0 68 8a 42 29 c2 29 0a ed 4a c6 35 8a 42 b4 ee 9a 42 28 b0 19 c5 21 5a 7b 14 9a 41 34 ac 74 47 65 a0 22 a4 b2 79 53 45 69 a9 12 d3 43 25 68 0a ed 52 0a d0 b2 e2 8b 0d 24 72 31 40 45 48 2b 4d 95 aa b2 58 c9 18 a1 23 7d e9 d6 5d f6 a1 22 81 0d 91 40 45 3c 57 9d 01 18 a0 63 64 50 15 e9 4e 91 9a 12 b4 03 19 22 84 8a 77 06 93 4d 30 88 d1 4c 50 95 34 f9 1b 50 b0 a5 66 8d 0c 11 48 45 38 41 39 a4 ee e9 36 89 a1 92 28 7d 29 e2 94 05 48 a5 62 69 80 45 01 da
                                                    Data Ascii: )v[IvRliiObM+C%zJM>\8<E(O;it:!Z{M!ZV:)41\w&hB))J5BB(!Z{A4tGe"ySEiC%hR$r1@EH+MX#}]"@E<WcdPN"wM0LP4PfHE8A96(})HbiE
                                                    2025-04-23 15:05:51 UTC5515INData Raw: 4a 05 3d 42 04 0a 5c 51 85 a5 c5 2d 40 08 19 a5 c5 10 14 58 a5 60 00 14 40 52 e3 7a 20 28 b1 82 07 2a 50 33 45 8a 50 29 a6 2b 04 2d 16 9a 5c 51 63 6a 35 00 21 69 71 45 8a 5c 6d 4e c4 0e 29 71 45 8a 20 b4 b5 0e 80 d3 4b a6 8f 14 a0 53 b0 07 1b 52 81 45 a6 94 0a 56 00 81 44 05 2e 91 d2 88 2d 1a 80 10 0d 2e 28 82 e6 97 4d 16 00 e2 94 0a 2c 66 94 0a 35 00 98 a5 c5 2e 29 71 4b 50 09 8c 51 0a e0 29 69 6a 03 a9 45 20 14 a0 50 d8 0b 9a 20 d9 a1 a5 14 99 49 87 4b 48 3a 57 1a 45 58 b5 d5 d4 43 1d 69 30 bb 13 14 b4 4a 9a 8e c7 6f 5a e2 b8 3b d1 63 06 97 14 b5 d8 cd 02 47 57 52 e0 8a 4a 45 33 ab a9 71 5d 8a 76 49 c2 96 86 8a 80 3a 96 92 94 50 01 66 ba 92 96 90 ce c5 2e 37 ae a2 1c a9 d8 50 98 ae 02 8c 0a 5c 0a 56 3a 00 0a 5c 51 e2 b8 50 14 08 5a 5c 51 62 94 0a 56 56
                                                    Data Ascii: J=B\Q-@X`@Rz (*P3EP)+-\Qcj5!iqE\mN)qE KSREVD.-.(M,f5.)qKPQ)ijE P IKH:WEXCi0JoZ;cGWRJE3q]vI:Pf.7P\V:\QPZ\QbVV
                                                    2025-04-23 15:05:52 UTC16384INData Raw: ff 00 76 b8 e3 f6 47 55 5b bf dc e9 7f 68 e0 f4 2b 2d e6 27 63 9d ea 7c 7e b4 e2 db a2 72 14 e6 90 06 d5 e9 f4 dd 26 6c 4b cc ce 2c dd 46 29 bf 2a 1a 60 3a 8a 6d 97 06 9f 2a 0d 0b 0c 8a ec 8e ae e7 3b 6b b0 ce 2b 88 a2 23 14 98 ab b1 09 8a 51 b5 77 4a ec d1 62 0b 20 d7 66 86 ba 80 b1 4d 25 71 a4 eb 4e c4 2d 26 69 70 31 48 06 4d 2d 42 a1 33 4b 82 68 c2 e0 6f 5d 51 2c 94 5a 85 88 14 9e b4 12 3a a5 11 34 c4 89 a8 d7 1e 7e a6 69 54 4e 9c 58 23 fe 42 2d c2 31 c6 68 e4 60 06 49 15 14 c1 e2 c8 38 a7 08 18 c3 1c d7 24 7a cc a9 34 ce 89 74 d8 ef 60 5a f2 35 db 15 c6 78 d9 73 9a 8d 32 28 e4 37 a1 28 48 d8 57 37 df f3 26 cd fe e9 89 a4 38 fc 40 44 30 05 44 97 8d 00 3d 69 24 80 b1 a8 52 d9 16 e6 31 5c f3 eb 32 c9 db 66 f0 e9 b1 a5 54 49 5e 39 ab 6e ef df 45 fa e4 1d
                                                    Data Ascii: vGU[h+-'c|~r&lK,F)*`:m*;k+#QwJb fM%qN-&ip1HM-B3Kho]Q,Z:4~iTNX#B-1h`I8$z4t`Z5xs2(7(HW7&8@D0D=i$R1\2fTI^9nE
                                                    2025-04-23 15:05:52 UTC16384INData Raw: e5 d5 39 24 9c 56 df 5f b9 e9 fc 52 1e cd bc d0 ab dc 89 9d db 0c f6 a4 0c 03 eb ca a6 f1 0e cf 70 58 b8 3c a9 c2 dc 4f 36 c4 b3 1c b0 f3 e9 5e 5f 6f c5 0a c2 ca 8b a5 f9 0f 33 56 9d 9b e3 33 c5 7f 0a ac 8c 19 db 4b 93 f8 86 7e b5 ca fa 29 ed 53 75 1d f9 e4 bf be 41 4b 53 8a 65 3d c4 1a 2e 99 43 1d 60 f2 03 6a 22 08 6e 5a b3 f0 cd 69 7b 43 c3 d1 2e 4c f0 90 dd e7 df c7 35 f2 cf b6 b1 b7 f7 13 29 29 18 55 c1 e8 6b d6 c6 f5 24 ce 1c f0 d1 26 3c e4 b0 01 b6 5c f2 a8 b2 dc 22 ec 9c b9 60 54 4d 12 90 4b 49 93 e6 29 96 ca b1 cb 16 23 95 6a bd c7 3b 92 16 e6 71 8c 00 77 aa f7 19 19 2c 70 4e 69 f6 21 c0 27 95 34 f1 aa e7 0c 4e 7c ea 99 9f 23 0c 11 79 03 9a 1f bc 37 d8 73 a7 b0 79 8a e1 be d8 38 f4 15 20 a2 20 66 07 4e f8 c0 da 9c 11 16 4f 0f 33 e6 29 f8 21 2c a4
                                                    Data Ascii: 9$V_RpX<O6^_o3V3K~)SuAKSe=.C`j"nZi{C.L5))Uk$&<\"`TMKI)#j;qw,pNi!'4N|#y7sy8 fNO3)!,
                                                    2025-04-23 15:05:52 UTC7952INData Raw: 70 23 31 a3 32 06 3c c1 9b 3b fc 73 4e 5c 59 4e 58 14 78 9f cc 16 70 01 f3 03 04 54 69 b8 4c a1 19 e6 bf 3a 48 fb bd da b7 fd 95 a2 dd ee 44 93 ec 77 77 32 b0 53 3a e9 3d 33 be 3d b9 ae 65 66 6d e6 57 8f 9e 92 c3 73 d3 91 a8 dd db cc 8d 1a 03 a0 72 6e ed f3 ff 00 e6 ff 00 8d 36 9c 3a e1 9d f4 4f 34 48 39 01 03 e4 9f 3c 95 ad 12 33 64 a9 ad 4c a4 46 a2 32 3f 11 76 c5 24 76 b2 34 60 99 54 28 e6 15 81 1f 3a 65 2c ee 08 60 6e ee b0 0e cc ea 47 ff 00 a3 a3 92 19 91 b1 a8 b1 03 62 37 c9 f6 68 aa 10 eb a4 71 02 e6 65 4d b7 60 ca bf 4a 8a f7 90 c4 85 9a f5 64 00 ee 43 06 23 d3 6c ed ee a7 a0 8a e3 1e 26 66 27 70 a0 82 01 fe c5 3e 2c a5 64 c4 92 32 b7 f4 48 db e0 82 92 92 13 4c 81 2f 16 b4 8c 81 25 c9 19 18 2b 86 db d4 8e 9e dc 52 99 d5 80 2b 78 00 27 61 a4 6f 53
                                                    Data Ascii: p#12<;sN\YNXxpTiL:HDww2S:=3=efmWsrn6:O4H9<3dLF2?v$v4`T(:e,`nGb7hqeM`JdC#l&f'p>,d2HL/%+R+x'aoS
                                                    2025-04-23 15:05:52 UTC16384INData Raw: 83 6d 24 e7 eb 81 f3 a6 5a 24 44 57 64 91 58 8c ec ab 26 3e 0c 6a 75 6d b8 f4 24 52 3f 0f bc 24 e3 8f 71 61 91 91 ab 47 cb 27 23 dd 55 f7 3c 12 fe e2 32 3f d2 0e 3b b9 ce 51 86 07 c1 ab 51 24 a8 c0 0f b4 c8 99 e4 0c 04 03 f1 da ab ee a7 11 b0 d5 79 a4 81 b1 31 64 1f 83 0a a8 b7 d9 89 c5 19 c9 38 2c d6 e8 80 76 93 8e 96 53 80 7e d0 c3 1e ec e2 ba 5e cd 3d f4 7b f6 8f 8b 89 01 c9 2f 2e 75 7b 79 d5 e1 9a ea 52 56 26 12 90 35 69 5b 52 0f bf 39 a8 33 b5 d4 4d aa 48 64 46 eb b8 41 ed e9 5a 25 27 dc 86 a3 7c 10 a5 ec 9c 01 15 ae 2f 2e 27 c7 ef 3b 7d 45 2c b6 9c 25 95 23 9e de 49 19 76 5d 72 16 38 f6 b0 06 aa a5 ed a7 ed 9e 08 f8 82 6a 4d c8 d2 bf 9b 0c 9f 65 3c dd b8 8c c6 90 ca 2e 55 9b 60 eb 02 ed ed 25 8d 3f 0e 7d f7 16 bc 63 17 dc 1b 81 dd be 86 e1 53 12 36
                                                    Data Ascii: m$Z$DWdX&>jum$R?$qaG'#U<2?;QQ$y1d8,vS~^={/.u{yRV&5i[R93MHdFAZ%'|/.';}E,%#Iv]r8jMe<.U`%?}cS6
                                                    2025-04-23 15:05:52 UTC2917INData Raw: a3 5d f1 0b 14 4c a5 c5 ba 93 cc 99 30 a7 dd 9c 55 28 c8 9d df 00 3c dc 49 24 cf d8 65 5c 8c e1 99 06 3d bb 51 99 2f 25 03 52 cd 13 79 a3 21 1f 31 4d 45 c6 62 01 94 5d 40 31 b9 d1 16 40 f8 0a 19 3b 41 6d 03 05 ef 12 47 71 ab 48 07 53 0f 7e 29 f0 25 19 32 56 8b cd 19 13 4e cc bc 89 d1 fc 3f 2a 69 be d8 f1 1f da b6 79 12 a1 73 f4 aa 8e 23 da f5 82 1d 2a 96 f6 e4 9c 29 b9 b8 54 df fa bc eb 2f 77 fa 45 16 92 3c 3f 6f 81 49 3b 95 b7 77 fa 9a d6 18 e5 2e 02 70 71 56 cd bc 69 71 29 d1 24 ce db ec 0c 4a c3 fb d4 fa 70 6d 0a c7 01 b3 fd 75 03 e0 6b cf e1 fd 2b f0 c8 a1 65 96 f4 4b 20 eb dc ba 83 f3 3f 4a cf f1 3f d2 e5 b4 92 a8 82 20 80 8c f7 8b 8f a6 37 f8 d6 91 e9 b2 bd a8 c9 ca 2b 77 23 d6 e4 e1 90 ca 7f 6d 0a e7 97 85 9b 7f 6e 4d 0c 1c 2e ca d1 b3 1d b8 1f d5
                                                    Data Ascii: ]L0U(<I$e\=Q/%Ry!1MEb]@1@;AmGqHS~)%2VN?*iys#*)T/wE<?oI;w.pqViq)$Jpmuk+eK ?J? 7+w#mnM.
                                                    2025-04-23 15:05:52 UTC16384INData Raw: 96 c4 79 38 e1 8e 55 d7 67 62 8c 0f 56 60 de ef bb 56 f6 fc 6e f4 6a 6b 79 14 21 c6 34 9c 80 31 d7 1f e3 55 92 5b f1 b9 1c bc ae 34 8e 6c 62 0a 31 e8 41 c5 4e 8e fa 5b 45 60 f7 ea e0 0f b9 85 53 f2 39 a1 24 09 92 bf 59 dd dc a8 56 68 f5 a0 ce 9c 36 fe bc aa be 79 6e dd d4 3d 8c 67 c3 b3 02 13 03 cf 2c 33 52 5b 8c cf 2a 88 a2 56 d4 3e e9 11 ab fe 67 e9 4e 43 2f 14 89 bf 69 39 88 67 ee 8d 0b ab e2 a6 87 b1 4b 71 a8 ee ef 38 7c 5a 23 8d e4 c6 e3 bc 97 58 ff 00 a4 54 88 4f 12 e2 03 bc 32 ac 05 77 38 52 b8 f6 16 23 e9 4f df 5d dd 77 49 dd f7 0f 10 e6 a2 52 d9 3e ba 7f 85 56 43 7f 14 f2 30 72 b6 d2 47 8c 01 03 48 ad ec d4 09 a4 a3 b5 83 6a cb 78 6c ae 25 0b df dd 28 2b cf f6 87 27 1c be e9 02 a4 cf 17 74 80 34 89 93 b8 7c 31 cf bc 1d fe 35 4a d7 f6 cf 72 91 8e
                                                    Data Ascii: y8UgbV`Vnjky!41U[4lb1AN[E`S9$YVh6yn=g,3R[*V>gNC/i9gKq8|Z#XTO2w8R#O]wIR>VC0rGHjxl%(+'t4|15Jr
                                                    2025-04-23 15:05:52 UTC16384INData Raw: f1 2b b1 e5 a7 39 fa d3 32 70 5b 74 c8 4b 6b a4 c9 e6 ba 70 69 51 6d ee 33 37 15 e0 80 00 38 7c 64 f2 c3 10 3e 5b d2 c5 c5 78 52 00 7e c0 8a 01 fc 38 38 f5 dc 53 d1 70 e4 57 ff 00 d2 5c bf 90 79 57 7a 59 b8 75 cb 38 36 f6 27 4f 5e f6 4f e0 d4 a9 22 49 4d c7 ad 42 28 b4 82 1c 7e f3 30 fc 85 33 37 1d 90 67 37 06 31 8c 86 8d 0e de fc 7e 55 22 3e 19 24 8a ba e2 b1 4c 73 e6 c4 7b f1 53 57 87 46 63 c2 c9 0a 37 46 ee 80 fa 8a 5b 22 cc dc 5d a3 9d 2e 44 6b 2d f4 ba b9 e4 7d 39 1a 9b 71 c6 ee a4 c2 98 af d4 1d c6 e0 e7 e2 4d 58 b3 25 98 28 25 86 56 f3 09 a4 0f 78 1b d3 09 73 6a 64 3d fd c0 00 9c e9 6e f4 0c fb a9 fb c2 fb 01 6d 73 7c d8 95 6d 6f b7 d8 b3 1e 7f 4a 93 37 12 e3 2c 31 f6 5d 23 a3 3e 01 3f 1a b2 8a 3b 72 84 a9 8c e7 91 49 1b 3f 36 fa d3 52 4c d6 ad 98
                                                    Data Ascii: +92p[tKkpiQm378|d>[xR~88SpW\yWzYu86'O^O"IMB(~037g71~U">$Ls{SWFc7F["].Dk-}9qMX%(%Vxsjd=nms|moJ7,1]#>?;rI?6RL


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    16192.168.2.64973540.126.62.1294435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:51 UTC2866OUTPOST /common/instrumentation/dssostatus HTTP/1.1
                                                    Host: login.microsoftonline.com
                                                    Connection: keep-alive
                                                    Content-Length: 67
                                                    sec-ch-ua-platform: "Windows"
                                                    hpgid: 1104
                                                    sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                    hpgact: 1800
                                                    canary: PAQABDgEAAABVrSpeuWamRam2jAF1XRQE_ExkzHaU4KRyBuu2iJNCcuQAM5W14NY88SyCJOgJelyJJmJqObFfQgDsVjcVKjo0ocuS64hEiaMBFYWXUJMnR4v5cN2WvgcuBUhA8C5rb0jAelwpAlMeUuZ4crxM4AiIKt_mTwH3kktzGSHZs1rXko15JwZFWY7sNWATii6DjOx9ZROSi18v8XlgC_N41NkokbPLP2MRUQTVI20PltWnoyAA
                                                    sec-ch-ua-mobile: ?0
                                                    client-request-id: bc5597a1-b053-8000-ae3e-1a732b3d6f5d
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept: application/json
                                                    hpgrequestid: 4bf5714a-86ea-4910-9e72-a05070ef6e00
                                                    Content-type: application/json; charset=UTF-8
                                                    Origin: https://login.microsoftonline.com
                                                    Sec-Fetch-Site: same-origin
                                                    Sec-Fetch-Mode: cors
                                                    Sec-Fetch-Dest: empty
                                                    Referer: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d&sso_reload=true
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    Cookie: esctx-FXV4sYLFtI=AQABCQEAAABVrSpeuWamRam2jAF1XRQExuOyBdSO3BZdUl3-qQBUY0gA84xA_yrP87XH6lgt0aPc0Gv7AwWZ7xCy41cbo3h1pxbU9mQYLrqAyuvkUB0EC0Q4hh64537Fti7zqKEHamb4i_2jRmrkU9kKIy0wfXybJKNJmv4DClugCy7fzSE7uiAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.AUUAM86-g0TED0W8feLbkG20uwMAAAAAAPEPzgAAAAAAAABFAABFAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEvFmW9LkO-CuueIHcx3n9NLH8YK9HczFS2kEKHUeDqi9cwvjJVOxuXTHgooQwEXjYPJuMXalvXd5nYyu3Ln0o_5PbJQVHOIwUjS06M1YsRBogAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEU6xihjuwEEDCEUitnDWQxdK-BQL47zqqe_-Xk0a4miA9mjWb-dlm6JXscc9tQsU1WaSaTncnDLlRutBD1f1hwheix8IDmZHczG3-kN1CgkUXVVfdWpEeTeFuqRe7ioiaQhj1M25GLqUSe2J8BAIW9Fa0-o9nAo8Wkdbi4HizMs4gAA; esctx-pRB8z4dIEDo=AQABCQEAAABVrSpeuWamRam2jAF1XRQEwjBWZW8QVbRoTrWyqUyGVD7exB2b4R_ippuqoD6HO7DiseG0VmsrSL6JO7cEb-hCxLErr1x4u8Jdwn8yRXadLXSHR8Sld1AoZ6_elFdEBLHa3mL0gJgo0lwMBm8qyO7T4gBA38xSP8H5GWyYYj5KsiAA; fpc=AuIFpnMgGx9Nnk-AJEH4ucF79WTGAQAAAMj4mt8OAAAA; MicrosoftApplicationsTelemetryDeviceId=3c31e [TRUNCATED]
                                                    2025-04-23 15:05:51 UTC67OUTData Raw: 7b 22 72 65 73 75 6c 74 43 6f 64 65 22 3a 32 2c 22 73 73 6f 44 65 6c 61 79 22 3a 30 2c 22 6c 6f 67 22 3a 22 50 72 6f 62 65 20 69 6d 61 67 65 20 65 72 72 6f 72 20 65 76 65 6e 74 20 66 69 72 65 64 22 7d
                                                    Data Ascii: {"resultCode":2,"ssoDelay":0,"log":"Probe image error event fired"}
                                                    2025-04-23 15:05:52 UTC1778INHTTP/1.1 200 OK
                                                    Cache-Control: no-store, no-cache
                                                    Pragma: no-cache
                                                    Content-Type: application/json; charset=utf-8
                                                    Expires: -1
                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                    X-Content-Type-Options: nosniff
                                                    Access-Control-Allow-Origin: https://autologon.microsoftazuread-sso.com/
                                                    Access-Control-Allow-Credentials: true
                                                    Access-Control-Allow-Methods: POST, OPTIONS
                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                    client-request-id: bc5597a1-b053-8000-ae3e-1a732b3d6f5d
                                                    x-ms-request-id: 162b6fbc-4240-443f-a2ad-8efea7980f00
                                                    x-ms-ests-server: 2.1.20540.5 - WUS3 ProdSlices
                                                    report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
                                                    nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                    x-ms-srs: 1.P
                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                    Content-Security-Policy-Report-Only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-cU9gvvN4UQK2ewKf4e8lIQ' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
                                                    X-XSS-Protection: 0
                                                    Set-Cookie: fpc=AuIFpnMgGx9Nnk-AJEH4ucF79WTGAQAAAMj4mt8OAAAA; expires=Fri, 23-May-2025 15:05:52 GMT; path=/; secure; HttpOnly; SameSite=None
                                                    Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
                                                    Date: Wed, 23 Apr 2025 15:05:51 GMT
                                                    Connection: close
                                                    Content-Length: 265
                                                    2025-04-23 15:05:52 UTC265INData Raw: 7b 22 61 70 69 43 61 6e 61 72 79 22 3a 22 50 41 51 41 42 44 67 45 41 41 41 42 56 72 53 70 65 75 57 61 6d 52 61 6d 32 6a 41 46 31 58 52 51 45 30 44 5f 46 44 77 67 58 4c 68 74 43 32 32 2d 4c 77 52 57 5a 71 6d 59 76 47 61 47 39 38 6a 63 51 6b 64 52 76 67 52 68 70 35 6d 62 30 72 6e 69 49 6f 77 66 6d 6c 37 72 4d 34 77 62 4f 71 52 42 37 6c 4e 56 7a 55 77 4e 7a 62 55 52 52 6b 6d 6d 48 7a 4c 37 4e 2d 41 46 32 67 68 47 68 51 75 56 72 79 4c 47 76 43 79 69 6d 6d 30 33 58 53 70 44 68 56 79 6b 49 6a 64 6b 34 39 39 57 47 65 76 7a 2d 78 79 4d 4e 5a 74 66 4b 5a 54 47 31 36 51 76 63 61 46 31 6c 38 58 35 53 56 43 37 68 47 4e 5f 41 75 54 63 65 4f 66 51 44 33 56 37 74 6b 64 72 77 54 51 39 59 64 78 67 53 78 64 5f 68 78 56 57 68 6d 52 67 75 33 71 66 4a 52 49 6d 62 47 34 51 58
                                                    Data Ascii: {"apiCanary":"PAQABDgEAAABVrSpeuWamRam2jAF1XRQE0D_FDwgXLhtC22-LwRWZqmYvGaG98jcQkdRvgRhp5mb0rniIowfml7rM4wbOqRB7lNVzUwNzbURRkmmHzL7N-AF2ghGhQuVryLGvCyimm03XSpDhVykIjdk499WGevz-xyMNZtfKZTG16QvcaF1l8X5SVC7hGN_AuTceOfQD3V7tkdrwTQ9YdxgSxd_hxVWhmRgu3qfJRImbG4QX


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    17192.168.2.64973920.190.155.34435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:05:53 UTC1551OUTGET /common/instrumentation/dssostatus HTTP/1.1
                                                    Host: login.microsoftonline.com
                                                    Connection: keep-alive
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept: */*
                                                    Sec-Fetch-Site: none
                                                    Sec-Fetch-Mode: cors
                                                    Sec-Fetch-Dest: empty
                                                    Sec-Fetch-Storage-Access: active
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    Cookie: esctx-FXV4sYLFtI=AQABCQEAAABVrSpeuWamRam2jAF1XRQExuOyBdSO3BZdUl3-qQBUY0gA84xA_yrP87XH6lgt0aPc0Gv7AwWZ7xCy41cbo3h1pxbU9mQYLrqAyuvkUB0EC0Q4hh64537Fti7zqKEHamb4i_2jRmrkU9kKIy0wfXybJKNJmv4DClugCy7fzSE7uiAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.AUUAM86-g0TED0W8feLbkG20uwMAAAAAAPEPzgAAAAAAAABFAABFAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEvFmW9LkO-CuueIHcx3n9NLH8YK9HczFS2kEKHUeDqi9cwvjJVOxuXTHgooQwEXjYPJuMXalvXd5nYyu3Ln0o_5PbJQVHOIwUjS06M1YsRBogAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEU6xihjuwEEDCEUitnDWQxdK-BQL47zqqe_-Xk0a4miA9mjWb-dlm6JXscc9tQsU1WaSaTncnDLlRutBD1f1hwheix8IDmZHczG3-kN1CgkUXVVfdWpEeTeFuqRe7ioiaQhj1M25GLqUSe2J8BAIW9Fa0-o9nAo8Wkdbi4HizMs4gAA; esctx-pRB8z4dIEDo=AQABCQEAAABVrSpeuWamRam2jAF1XRQEwjBWZW8QVbRoTrWyqUyGVD7exB2b4R_ippuqoD6HO7DiseG0VmsrSL6JO7cEb-hCxLErr1x4u8Jdwn8yRXadLXSHR8Sld1AoZ6_elFdEBLHa3mL0gJgo0lwMBm8qyO7T4gBA38xSP8H5GWyYYj5KsiAA; fpc=AuIFpnMgGx9Nnk-AJEH4ucF79WTGAQAAAMj4mt8OAAAA; MicrosoftApplicationsTelemetryDeviceId=3c31e [TRUNCATED]
                                                    2025-04-23 15:05:53 UTC1739INHTTP/1.1 200 OK
                                                    Cache-Control: no-store, no-cache
                                                    Pragma: no-cache
                                                    Content-Type: application/json; charset=utf-8
                                                    Expires: -1
                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                    X-Content-Type-Options: nosniff
                                                    Access-Control-Allow-Origin: https://autologon.microsoftazuread-sso.com/
                                                    Access-Control-Allow-Credentials: true
                                                    Access-Control-Allow-Methods: POST, OPTIONS
                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                    x-ms-request-id: 9ca251ad-3d92-49e3-b0ab-35362a408100
                                                    x-ms-ests-server: 2.1.20540.5 - EUS ProdSlices
                                                    x-ms-httpver: 1.1
                                                    report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dms"}]}
                                                    nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                    x-ms-srs: 1.P
                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                    Content-Security-Policy-Report-Only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-l95cx2536kdqICk9V0mRsA' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
                                                    X-XSS-Protection: 0
                                                    Set-Cookie: fpc=AuIFpnMgGx9Nnk-AJEH4ucF79WTGAQAAAMj4mt8OAAAA; expires=Fri, 23-May-2025 15:05:53 GMT; path=/; secure; HttpOnly; SameSite=None
                                                    Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
                                                    Date: Wed, 23 Apr 2025 15:05:53 GMT
                                                    Connection: close
                                                    Content-Length: 164
                                                    2025-04-23 15:05:53 UTC164INData Raw: 7b 22 65 72 72 6f 72 22 3a 7b 22 63 6f 64 65 22 3a 36 31 30 30 2c 22 73 74 73 45 72 72 6f 72 22 3a 22 41 41 44 53 54 53 39 30 30 35 36 31 22 2c 22 63 6f 72 72 65 6c 61 74 69 6f 6e 49 64 22 3a 22 36 36 31 31 35 65 39 66 2d 31 63 64 66 2d 34 30 62 61 2d 39 35 31 33 2d 37 31 30 64 37 66 64 36 34 65 35 33 22 2c 22 74 69 6d 65 73 74 61 6d 70 22 3a 22 32 30 32 35 2d 30 34 2d 32 33 20 31 35 3a 30 35 3a 35 33 5a 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 41 41 44 53 54 53 39 30 30 35 36 31 22 7d 7d
                                                    Data Ascii: {"error":{"code":6100,"stsError":"AADSTS900561","correlationId":"66115e9f-1cdf-40ba-9513-710d7fd64e53","timestamp":"2025-04-23 15:05:53Z","message":"AADSTS900561"}}


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    18192.168.2.64974440.126.62.1294435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:06:02 UTC3018OUTPOST /common/GetCredentialType?mkt=en-US HTTP/1.1
                                                    Host: login.microsoftonline.com
                                                    Connection: keep-alive
                                                    Content-Length: 1754
                                                    sec-ch-ua-platform: "Windows"
                                                    hpgid: 1104
                                                    sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                                    hpgact: 1800
                                                    canary: PAQABDgEAAABVrSpeuWamRam2jAF1XRQE_ExkzHaU4KRyBuu2iJNCcuQAM5W14NY88SyCJOgJelyJJmJqObFfQgDsVjcVKjo0ocuS64hEiaMBFYWXUJMnR4v5cN2WvgcuBUhA8C5rb0jAelwpAlMeUuZ4crxM4AiIKt_mTwH3kktzGSHZs1rXko15JwZFWY7sNWATii6DjOx9ZROSi18v8XlgC_N41NkokbPLP2MRUQTVI20PltWnoyAA
                                                    sec-ch-ua-mobile: ?0
                                                    client-request-id: bc5597a1-b053-8000-ae3e-1a732b3d6f5d
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept: application/json
                                                    hpgrequestid: 4bf5714a-86ea-4910-9e72-a05070ef6e00
                                                    Content-type: application/json; charset=UTF-8
                                                    Origin: https://login.microsoftonline.com
                                                    Sec-Fetch-Site: same-origin
                                                    Sec-Fetch-Mode: cors
                                                    Sec-Fetch-Dest: empty
                                                    Referer: https://login.microsoftonline.com/83bece33-c444-450f-bc7d-e2db906db4bb/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=4D0A58E010049C5CEC6E7AE0ACEFB6A5009B22E318B5C6E6%2DFF696DE58C6764E2936E0FA2EEFADA13A0CFC230DE9E59FBF12FA3B1CFA8A6FF&redirect%5Furi=https%3A%2F%2Fcityofsolanabeach%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bc5597a1%2Db053%2D8000%2Dae3e%2D1a732b3d6f5d&sso_reload=true
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    Cookie: esctx-FXV4sYLFtI=AQABCQEAAABVrSpeuWamRam2jAF1XRQExuOyBdSO3BZdUl3-qQBUY0gA84xA_yrP87XH6lgt0aPc0Gv7AwWZ7xCy41cbo3h1pxbU9mQYLrqAyuvkUB0EC0Q4hh64537Fti7zqKEHamb4i_2jRmrkU9kKIy0wfXybJKNJmv4DClugCy7fzSE7uiAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.AUUAM86-g0TED0W8feLbkG20uwMAAAAAAPEPzgAAAAAAAABFAABFAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEvFmW9LkO-CuueIHcx3n9NLH8YK9HczFS2kEKHUeDqi9cwvjJVOxuXTHgooQwEXjYPJuMXalvXd5nYyu3Ln0o_5PbJQVHOIwUjS06M1YsRBogAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEU6xihjuwEEDCEUitnDWQxdK-BQL47zqqe_-Xk0a4miA9mjWb-dlm6JXscc9tQsU1WaSaTncnDLlRutBD1f1hwheix8IDmZHczG3-kN1CgkUXVVfdWpEeTeFuqRe7ioiaQhj1M25GLqUSe2J8BAIW9Fa0-o9nAo8Wkdbi4HizMs4gAA; esctx-pRB8z4dIEDo=AQABCQEAAABVrSpeuWamRam2jAF1XRQEwjBWZW8QVbRoTrWyqUyGVD7exB2b4R_ippuqoD6HO7DiseG0VmsrSL6JO7cEb-hCxLErr1x4u8Jdwn8yRXadLXSHR8Sld1AoZ6_elFdEBLHa3mL0gJgo0lwMBm8qyO7T4gBA38xSP8H5GWyYYj5KsiAA; fpc=AuIFpnMgGx9Nnk-AJEH4ucF79WTGAQAAAMj4mt8OAAAA; MicrosoftApplicationsTelemetryDeviceId=3c31e [TRUNCATED]
                                                    2025-04-23 15:06:02 UTC1754OUTData Raw: 7b 22 75 73 65 72 6e 61 6d 65 22 3a 22 30 37 6e 73 6b 7a 40 71 73 6a 63 6b 2e 63 6f 22 2c 22 69 73 4f 74 68 65 72 49 64 70 53 75 70 70 6f 72 74 65 64 22 3a 74 72 75 65 2c 22 63 68 65 63 6b 50 68 6f 6e 65 73 22 3a 66 61 6c 73 65 2c 22 69 73 52 65 6d 6f 74 65 4e 47 43 53 75 70 70 6f 72 74 65 64 22 3a 74 72 75 65 2c 22 69 73 43 6f 6f 6b 69 65 42 61 6e 6e 65 72 53 68 6f 77 6e 22 3a 66 61 6c 73 65 2c 22 69 73 46 69 64 6f 53 75 70 70 6f 72 74 65 64 22 3a 74 72 75 65 2c 22 6f 72 69 67 69 6e 61 6c 52 65 71 75 65 73 74 22 3a 22 72 51 51 49 41 52 41 41 70 56 45 5f 61 4e 52 67 48 45 32 61 61 2d 79 64 72 54 30 37 69 5a 4f 45 54 71 32 35 2d 5f 4c 5f 79 30 47 56 58 4f 34 4c 32 69 68 58 37 52 39 74 70 52 7a 4a 6c 79 39 65 37 4f 56 50 4c 37 6e 61 61 79 6d 49 6f 44 68 32
                                                    Data Ascii: {"username":"07nskz@qsjck.co","isOtherIdpSupported":true,"checkPhones":false,"isRemoteNGCSupported":true,"isCookieBannerShown":false,"isFidoSupported":true,"originalRequest":"rQQIARAApVE_aNRgHE2aa-ydrT07iZOETq25-_L_y0GVXO4L2ihX7R9tpRzJly9e7OVPL7naaymIoDh2
                                                    2025-04-23 15:06:02 UTC1619INHTTP/1.1 200 OK
                                                    Cache-Control: no-store, no-cache
                                                    Pragma: no-cache
                                                    Content-Type: application/json; charset=utf-8
                                                    Expires: -1
                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                    X-Content-Type-Options: nosniff
                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                    client-request-id: bc5597a1-b053-8000-ae3e-1a732b3d6f5d
                                                    x-ms-request-id: b96ac114-a31e-43dc-8f98-2d1701226a00
                                                    x-ms-ests-server: 2.1.20540.5 - EUS ProdSlices
                                                    report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
                                                    nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                    x-ms-srs: 1.P
                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                    Content-Security-Policy-Report-Only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-2cqPqKCopaw12OhaHnJ3vg' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
                                                    X-XSS-Protection: 0
                                                    Set-Cookie: fpc=AuIFpnMgGx9Nnk-AJEH4ucF79WTGAQAAAMj4mt8OAAAA; expires=Fri, 23-May-2025 15:06:02 GMT; path=/; secure; HttpOnly; SameSite=None
                                                    Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
                                                    Date: Wed, 23 Apr 2025 15:06:02 GMT
                                                    Connection: close
                                                    Content-Length: 1265
                                                    2025-04-23 15:06:02 UTC1265INData Raw: 7b 22 55 73 65 72 6e 61 6d 65 22 3a 22 30 37 6e 73 6b 7a 40 71 73 6a 63 6b 2e 63 6f 22 2c 22 44 69 73 70 6c 61 79 22 3a 22 30 37 6e 73 6b 7a 40 71 73 6a 63 6b 2e 63 6f 22 2c 22 49 66 45 78 69 73 74 73 52 65 73 75 6c 74 22 3a 31 2c 22 49 73 55 6e 6d 61 6e 61 67 65 64 22 3a 66 61 6c 73 65 2c 22 54 68 72 6f 74 74 6c 65 53 74 61 74 75 73 22 3a 31 2c 22 43 72 65 64 65 6e 74 69 61 6c 73 22 3a 7b 22 50 72 65 66 43 72 65 64 65 6e 74 69 61 6c 22 3a 31 2c 22 48 61 73 50 61 73 73 77 6f 72 64 22 3a 74 72 75 65 2c 22 52 65 6d 6f 74 65 4e 67 63 50 61 72 61 6d 73 22 3a 6e 75 6c 6c 2c 22 46 69 64 6f 50 61 72 61 6d 73 22 3a 6e 75 6c 6c 2c 22 51 72 43 6f 64 65 50 69 6e 50 61 72 61 6d 73 22 3a 6e 75 6c 6c 2c 22 53 61 73 50 61 72 61 6d 73 22 3a 6e 75 6c 6c 2c 22 43 65 72 74
                                                    Data Ascii: {"Username":"07nskz@qsjck.co","Display":"07nskz@qsjck.co","IfExistsResult":1,"IsUnmanaged":false,"ThrottleStatus":1,"Credentials":{"PrefCredential":1,"HasPassword":true,"RemoteNgcParams":null,"FidoParams":null,"QrCodePinParams":null,"SasParams":null,"Cert


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    19192.168.2.64974520.190.155.34435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:06:03 UTC1638OUTGET /common/GetCredentialType?mkt=en-US HTTP/1.1
                                                    Host: login.microsoftonline.com
                                                    Connection: keep-alive
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept: */*
                                                    Sec-Fetch-Site: none
                                                    Sec-Fetch-Mode: cors
                                                    Sec-Fetch-Dest: empty
                                                    Sec-Fetch-Storage-Access: active
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    Cookie: esctx-FXV4sYLFtI=AQABCQEAAABVrSpeuWamRam2jAF1XRQExuOyBdSO3BZdUl3-qQBUY0gA84xA_yrP87XH6lgt0aPc0Gv7AwWZ7xCy41cbo3h1pxbU9mQYLrqAyuvkUB0EC0Q4hh64537Fti7zqKEHamb4i_2jRmrkU9kKIy0wfXybJKNJmv4DClugCy7fzSE7uiAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1; buid=1.AUUAM86-g0TED0W8feLbkG20uwMAAAAAAPEPzgAAAAAAAABFAABFAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEvFmW9LkO-CuueIHcx3n9NLH8YK9HczFS2kEKHUeDqi9cwvjJVOxuXTHgooQwEXjYPJuMXalvXd5nYyu3Ln0o_5PbJQVHOIwUjS06M1YsRBogAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEU6xihjuwEEDCEUitnDWQxdK-BQL47zqqe_-Xk0a4miA9mjWb-dlm6JXscc9tQsU1WaSaTncnDLlRutBD1f1hwheix8IDmZHczG3-kN1CgkUXVVfdWpEeTeFuqRe7ioiaQhj1M25GLqUSe2J8BAIW9Fa0-o9nAo8Wkdbi4HizMs4gAA; esctx-pRB8z4dIEDo=AQABCQEAAABVrSpeuWamRam2jAF1XRQEwjBWZW8QVbRoTrWyqUyGVD7exB2b4R_ippuqoD6HO7DiseG0VmsrSL6JO7cEb-hCxLErr1x4u8Jdwn8yRXadLXSHR8Sld1AoZ6_elFdEBLHa3mL0gJgo0lwMBm8qyO7T4gBA38xSP8H5GWyYYj5KsiAA; fpc=AuIFpnMgGx9Nnk-AJEH4ucF79WTGAQAAAMj4mt8OAAAA; MicrosoftApplicationsTelemetryDeviceId=3c31e [TRUNCATED]
                                                    2025-04-23 15:06:03 UTC1581INHTTP/1.1 200 OK
                                                    Cache-Control: no-store, no-cache
                                                    Pragma: no-cache
                                                    Content-Type: application/json; charset=utf-8
                                                    Expires: -1
                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                    X-Content-Type-Options: nosniff
                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                    x-ms-request-id: f2b825f7-9451-49b8-9af5-f36bcd128700
                                                    x-ms-ests-server: 2.1.20540.5 - NCUS ProdSlices
                                                    x-ms-httpver: 1.1
                                                    report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dms"}]}
                                                    nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                                    x-ms-srs: 1.P
                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                    Content-Security-Policy-Report-Only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-g2efgjr_QVFKEbio26Px_w' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
                                                    X-XSS-Protection: 0
                                                    Set-Cookie: fpc=AuIFpnMgGx9Nnk-AJEH4ucF79WTGAQAAAMj4mt8OAAAA; expires=Fri, 23-May-2025 15:06:03 GMT; path=/; secure; HttpOnly; SameSite=None
                                                    Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
                                                    Date: Wed, 23 Apr 2025 15:06:02 GMT
                                                    Connection: close
                                                    Content-Length: 164
                                                    2025-04-23 15:06:03 UTC164INData Raw: 7b 22 65 72 72 6f 72 22 3a 7b 22 63 6f 64 65 22 3a 36 31 30 30 2c 22 73 74 73 45 72 72 6f 72 22 3a 22 41 41 44 53 54 53 39 30 30 35 36 31 22 2c 22 63 6f 72 72 65 6c 61 74 69 6f 6e 49 64 22 3a 22 30 38 30 38 62 64 33 62 2d 36 61 31 32 2d 34 35 38 30 2d 38 65 66 35 2d 33 31 35 37 64 35 64 30 37 61 39 34 22 2c 22 74 69 6d 65 73 74 61 6d 70 22 3a 22 32 30 32 35 2d 30 34 2d 32 33 20 31 35 3a 30 36 3a 30 33 5a 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 41 41 44 53 54 53 39 30 30 35 36 31 22 7d 7d
                                                    Data Ascii: {"error":{"code":6100,"stsError":"AADSTS900561","correlationId":"0808bd3b-6a12-4580-8ef5-3157d5d07a94","timestamp":"2025-04-23 15:06:03Z","message":"AADSTS900561"}}


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    20192.168.2.64975323.222.3.2284435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:06:45 UTC450OUTOPTIONS /api/report?catId=GW+estsfd+est HTTP/1.1
                                                    Host: identity.nel.measure.office.net
                                                    Connection: keep-alive
                                                    Origin: https://autologon.microsoftazuread-sso.com
                                                    Access-Control-Request-Method: POST
                                                    Access-Control-Request-Headers: content-type
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:06:45 UTC319INHTTP/1.1 200 OK
                                                    Content-Type: text/html
                                                    Content-Length: 7
                                                    Date: Wed, 23 Apr 2025 15:06:45 GMT
                                                    Connection: close
                                                    Access-Control-Allow-Headers: content-type
                                                    Access-Control-Allow-Credentials: false
                                                    Access-Control-Allow-Methods: *
                                                    Access-Control-Allow-Methods: GET, OPTIONS, POST
                                                    Access-Control-Allow-Origin: *
                                                    2025-04-23 15:06:45 UTC7INData Raw: 4f 50 54 49 4f 4e 53
                                                    Data Ascii: OPTIONS


                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                    21192.168.2.64975423.222.3.2284435960C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    TimestampBytes transferredDirectionData
                                                    2025-04-23 15:06:46 UTC425OUTPOST /api/report?catId=GW+estsfd+est HTTP/1.1
                                                    Host: identity.nel.measure.office.net
                                                    Connection: keep-alive
                                                    Content-Length: 566
                                                    Content-Type: application/reports+json
                                                    Origin: https://autologon.microsoftazuread-sso.com
                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                    Accept-Language: en-US,en;q=0.9
                                                    2025-04-23 15:06:46 UTC566OUTData Raw: 5b 7b 22 61 67 65 22 3a 35 33 36 34 34 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 31 35 35 35 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 6c 6f 67 69 6e 2e 6d 69 63 72 6f 73 6f 66 74 6f 6e 6c 69 6e 65 2e 63 6f 6d 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 32 30 2e 31 39 30 2e 31 35 31 2e 37 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 31 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d
                                                    Data Ascii: [{"age":53644,"body":{"elapsed_time":1555,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://login.microsoftonline.com/","sampling_fraction":1.0,"server_ip":"20.190.151.7","status_code":401,"type":"http.error"},"type":"network-
                                                    2025-04-23 15:06:46 UTC399INHTTP/1.1 429 Too Many Requests
                                                    Content-Length: 0
                                                    x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
                                                    Request-Context: appId=cid-v1:43ccb73c-0dfb-456b-9d4c-ddf7f5584002
                                                    Date: Wed, 23 Apr 2025 15:06:46 GMT
                                                    Connection: close
                                                    Access-Control-Allow-Credentials: false
                                                    Access-Control-Allow-Methods: *
                                                    Access-Control-Allow-Methods: GET, OPTIONS, POST
                                                    Access-Control-Allow-Origin: *


                                                    Statistics

                                                    CPU Usage

                                                    020406080s020406080100

                                                    Click to jump to process

                                                    Memory Usage

                                                    020406080s0.0050100MB

                                                    Click to jump to process

                                                    Behavior

                                                    Click to jump to process

                                                    System Behavior

                                                    General

                                                    Target ID:2
                                                    Start time:11:05:27
                                                    Start date:23/04/2025
                                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    Wow64 process (32bit):false
                                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                                    Imagebase:0x7ff63b000000
                                                    File size:3'388'000 bytes
                                                    MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                                                    Has elevated privileges:true
                                                    Has administrator privileges:true
                                                    Programmed in:C, C++ or other language
                                                    Reputation:low
                                                    Has exited:false
                                                    Show Windows behavior

                                                    File Activities

                                                    There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                    Show Windows behavior

                                                    COM Activities

                                                    Show Windows behavior

                                                    Process Activities

                                                    There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                    Show Windows behavior

                                                    Memory Activities

                                                    There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                    There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                    Show Windows behavior

                                                    Process Token Activities


                                                    General

                                                    Target ID:3
                                                    Start time:11:05:32
                                                    Start date:23/04/2025
                                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    Wow64 process (32bit):false
                                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2156,i,11171481201563504429,16075537620969772834,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2196 /prefetch:3
                                                    Imagebase:0x7ff63b000000
                                                    File size:3'388'000 bytes
                                                    MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                                                    Has elevated privileges:true
                                                    Has administrator privileges:true
                                                    Programmed in:C, C++ or other language
                                                    Reputation:low
                                                    Has exited:false
                                                    Show Windows behavior

                                                    File Activities

                                                    There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                    Show Windows behavior

                                                    Memory Activities

                                                    There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                    General

                                                    Target ID:13
                                                    Start time:11:05:38
                                                    Start date:23/04/2025
                                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    Wow64 process (32bit):false
                                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cityofsolanabeach-my.sharepoint.com/:b:/r/personal/lyim_cosb_org/Documents/Microsoft%20Teams%20Chat%20Files/04212025141353-0001.pdf?csf=1&web=1"
                                                    Imagebase:0x7ff63b000000
                                                    File size:3'388'000 bytes
                                                    MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                                                    Has elevated privileges:true
                                                    Has administrator privileges:true
                                                    Programmed in:C, C++ or other language
                                                    Reputation:low
                                                    Has exited:true
                                                    There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                    There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                    Disassembly

                                                    No disassembly